Slashdot

theodp writes: In the just-published March 2022 issue Communications of the ACM, former CACM Editor-in-Chief Moshe Y. Vardi takes tech companies -- and their officers and technical leaders -- to task over the societal risk posed by surveillance capitalism in "ACM, Ethics, and Corporate Behavior." Vardi writes: "Surveillance capitalism is perfectly legal, and enormously profitable, but it is unethical, many people believe, including me. After all, the ACM Code of Professional Ethics starts with 'Computing professionals' actions change the world. To act responsibly, they should reflect upon the wider impacts of their work, consistently supporting the public good.' It would be extremely difficult to argue that surveillance capitalism supports the public good." "The biggest problem that computing faces today is not that AI technology is unethical -- though machine bias is a serious issue -- but that AI technology is used by large and powerful corporations to support a business model that is, arguably, unethical. Yet, with the exception of FAccT, I have seen practically no serious discussion in the ACM community of its relationship with surveillance-capitalism corporations. For example, the ACM Turing Award, ACM's highest award, is now accompanied by a prize of $1 million, supported by Google." "Furthermore, the issue is not just ACM's relationship with tech companies. We must also consider how we view officers and technical leaders in these companies. Seriously holding members of our community accountable for the decisions of the institutions they lead raises important questions. How do we apply the standard of 'have not committed any action that violates the ACM Code of Ethics and ACM's Core Values' to such people? It is time for us to have difficult and nuanced conversations on responsible computing, ethics, corporate behavior, and professional responsibility."Read more of this story at Slashdot.

In 2017, Bell Canada, TVA, Videotron, and Rogers teamed up in a lawsuit against the operator of TVAddons, the largest repository of Kodi add-ons. The legal action proved extremely controversial but now, after many twists and turns, the matter is now over. As part of a consent judgment (PDF), TVAddons' founder [Adam Lackman] has admitted liability and agreed to pay a cool US$19.5 million in damages. TorrentFreak reports: In a letter dated February 18, 2022, the media companies and Lackman told the Federal Court that they had resolved their differences by agreeing to a consent judgment. That was reviewed and issued by Justice Rochester, who laid out the agreed terms in her judgment handed down February 22, 2022. Lackman admits to communicating TV shows owned by the plaintiffs to the public, including by directly or indirectly participating in the "development, hosting, distribution or promotion of Kodi add-ons that provide users with unauthorized access" to the plaintiffs' TV shows, contrary to sections 3(1)(f) and 27(1) of the Copyright Act. The TVAddons founder further admits that he made the TV shows available to the public in a manner that provided access "from a place and at a time individually chosen by them" and induced and authorized users of the infringing add-ons to "initiate acts of infringement of the Plaintiffs' right to communicate the Plaintiffs Programs to the public by telecommunication," again by developing, hosting, distributing or promoting Kodi add-ons. The Federal Court issued a permanent injunction to restrain Lackman (and anyone acting with him, under his authority, or in association) from communicating the plaintiffs' content to the public in any way, including via the development or distribution of infringing add-ons such as the 'FreeTelly' and 'Indigo' tools. The terms of the injunction are lengthy and comprehensive, leaving no doubt that TVAddons and all related tools and services are now dead, with Lackman unable to do anything remotely similar in the future. "THIS COURT ORDERS the Defendant Mr. Lackman to pay the Plaintiffs the amount of twenty-five million dollars ($25,000,000) in the form of a lump sum for damages, profits, punitive and exemplary damages, and costs," Justice Rochester writes. The judgment is in Canadian dollars but for reference, that's currently around US$19.5 million. The judgment also authorizes the bailiffs and independent supervising solicitor (with the assistance of computer forensics experts) to transfer the evidence obtained during the search of June 2017 to the media companies. Exactly what data was seized is currently unclear but it is likely to be sensitive, particularly if the trove includes user data and/or information about Kodi add-on developers. Finally, it appears the media companies will also be taking control of "login credentials, accounts, domains, subdomains and servers" in order to bring this years-long battle to a conclusion. Adam Lackman announced his relief on Twitter, noting that "It wasn't the outcome I had hoped for, but an outcome nonetheless."Read more of this story at Slashdot.

Volvo has unleashed a big improvement in customer satisfaction after equipping its 1,500 service engineers with an Apple Watch to use during their day. What, on the face of it, seems a small change reflects extensive cultural change across the company, which is actively engaged in digital transformation across its business. Computerworld's Jonny Evans reports: Volvo has equipped its engineers (Personal Service Technicians) with an Apple Watch and iPhone (running the Volvo Service app) to help them work more efficiently than before. The company's primary focus is to improve customer service, as it recognizes that technicians are the main point of customer contact across the life of the Volvo they drive. So, how can an Apple Watch in a garage improve customer service? - In use, the engineer will receive a Notification when a customer arrives at the garage with their car.- The watch will show the customer's name, relevant notes, and car details.- During the repair, engineers can access information -- and once the repair is complete, they can directly call the customer to tell them.- They can also schedule and make a subsequent follow-up call. The benefit is that with all this information being made available through the Watch (and accompanying iPhone app), engineers don't need to use printed records, or access a PC to stay up to date. That's not only time-consuming, but learning how to use these systems takes up time. The company told me it took up to 6 months to train new recruits on the 15 different IT systems Volvo used before. Now, thanks to smart analysis and smart integration of legacy systems, what technicians need to know is always with them. The result is that paperwork doesn't disappear, technicians/engineers can stay focused, essential customer contact records aren't lost and engineers always have clarity and purpose. It all sounds so simple. It should sound simple. But it isn't simple. [...] The project is already generating positive results. The company told me that 80% of technicians who use the app have increased their total customer satisfaction scores. Volvo also cites a 30% increase in post-service follow up calls and emails to customers, thanks to the tech pushing complex processes out of the way. Digitalization Director Markus Lundstrom said: "With the Volvo Service app we're connecting people through technology. At one workshop, customers report a 37% improvement in the ability to access their Personal Service Technician." The company also reported a 40% decrease in paper printouts. Volvo is also seeing the technicians use their new kit to get other tasks done. "Some of our teams use the Walkie-Talkie feature to communicate with each other across the facility," they said.Read more of this story at Slashdot.

An anonymous reader quotes a report from TorrentFreak: In 2021, Reddit's users created nearly 5.8 billion posts, comments, private messages and chats across the platform, with 297,161,752 later being removed by moderators (around 175.8k), removed by site admins (108.6K), and the authors themselves (12.6K). Content can be removed for a variety of reasons. 'Content manipulation' is the largest category and encompasses spam, community interference (so-call 'brigading'), vote manipulation, and similar issues. For the purpose of this report, however, we'll home in on the copyright issues faced by Reddit during the last year and how the site responded to them. In common with the vast majority of large companies based in the US, Reddit has to follow the requirements of the DMCA which means that when it receives a valid copyright notice, it must comply by taking the identified content down. On the other hand, when submitters send notices that are incomplete or invalid in some other way, Reddit does not. "In 2021, Reddit received 177,450 copyright notices reporting 920,672 pieces of content. This represents an increase of 104% from 2020. We removed 665,898 pieces of content in response to these takedown notices," the company reveals in the latest edition of its transparency report. Under the DMCA, Reddit is also required to take "appropriate action" against so-called "repeat infringers", which in the company's case can involve the termination of not only user accounts but also entire subreddit communities, especially ones where "excessive amounts" of infringing content keep getting posted. "In 2021, Reddit permanently suspended 2,813 users and banned 2,625 subreddits for excessive copyright infringement," the company writes. These figures represent a substantial increase over those published for 2020. In that year, Reddit banned just 303 users and terminated 514 subreddits. Although overall copyright complaints are up 104% on the previous year, the site's termination policy doesn't appear to have changed significantly. "With around 297 million pieces of content removed by Reddit in 2021, the 665,898 pieces removed on copyright grounds represent a small fraction of the overall problem," concludes the report. "However, with user accounts and entire communities on the line, consequences can be great when errant users repeatedly and intentionally overstep the line."Read more of this story at Slashdot.

Samsung shipped an estimated 100 million smartphones with botched encryption, including models ranging from the 2017 Galaxy S8 on up to last year's Galaxy S21. Threatpost reports: Researchers at Tel Aviv University found what they called "severe" cryptographic design flaws that could have let attackers siphon the devices' hardware-based cryptographic keys: keys that unlock the treasure trove of security-critical data that's found in smartphones. What's more, cyber attackers could even exploit Samsung's cryptographic missteps -- since addressed in multiple CVEs -- to downgrade a device's security protocols. That would set up a phone to be vulnerable to future attacks: a practice known as IV (initialization vector) reuse attacks. IV reuse attacks screw with the encryption randomization that ensures that even if multiple messages with identical plaintext are encrypted, the generated corresponding ciphertexts will each be distinct. The design flaws primarily affect devices that use ARM's TrustZone technology: the hardware support provided by ARM-based Android smartphones (which are the majority) for a Trusted Execution Environment (TEE) to implement security-sensitive functions. TrustZone splits a phone into two portions, known as the Normal world (for running regular tasks, such as the Android OS) and the Secure world, which handles the security subsystem and where all sensitive resources reside. The Secure world is only accessible to trusted applications used for security-sensitive functions, including encryption. Matthew Green, associate professor of computer science at the Johns Hopkins Information Security Institute, explained on Twitter that Samsung incorporated "serious flaws" in the way its phones encrypt key material in TrustZone, calling it "embarrassingly bad." "They used a single key and allowed IV re-use," Green said. "So they could have derived a different key-wrapping key for each key they protect," he continued. "But instead Samsung basically doesn't. Then they allow the app-layer code to pick encryption IVs." The design decision allows for "trivial decryption," he said. Samsung responded to the academics' disclosure by issuing a patch for affected devices that addressed CVE-2021-25444: an IV reuse vulnerability in the Keymaster Trusted Application (TA) that runs in the TrustZone. Keymaster TA carries out cryptographic operations in the Secure world via hardware, including a cryptographic engine. The Keymaster TA uses blobs, which are keys "wrapped" (encrypted) via AES-GCM. The vulnerability allowed for decryption of custom key blobs. Then, in July 2021, the researchers revealed a downgrade attack -- one that lets attacker trigger IV reuse vulnerability with privileged process. Samsung issued another patch -- to address CVE-2021-25490 -- that remoged the legacy blob implementation from devices including Samsung's Galaxy S10, S20 and S21 phones.Read more of this story at Slashdot.

An anonymous reader quotes a report from the New York Times: Three men pleaded guilty on Wednesday in a plot to attack power grids in the United States, which they believed could lead to economic and civil unrest and create the opportunity for white leaders to rise, federal prosecutors said. The men, Christopher Brenner Cook, 20, of Columbus, Ohio; Jonathan Allen Frost, 24, of West Lafayette, Ind., and of Katy, Texas; and Jackson Matthew Sawall, 22, of Oshkosh, Wis., each pleaded guilty in U.S. District Court in Columbus on Wednesday to one count of conspiring to provide material support to terrorists. They will each face up to 15 years in prison when they are sentenced. A date has not been scheduled. In fall 2019, Mr. Frost and Mr. Cook met in an online chat group, and they began talking about the possibility of attacking a power grid, according to plea agreements. Within weeks, the two men began making efforts to recruit others and began sharing reading material that promoted white supremacy and neo-Nazism. By late 2019, Mr. Sawall, a friend of Mr. Cook's, also joined the efforts, prosecutors said. As part of their plot, each man focused on substations in different regions of the country, and how to attack the power grids with rifles, according to court documents. The three men discussed that by knocking out power across the country for an extended period, civil unrest would spread, a race war could break out and the next Great Depression could be induced, according to court documents. In February 2020, the three men met in Columbus for more talks about their plot, according to court documents. When they met, Mr. Frost gave Mr. Cook an AR-47, and the two men trained with the rifle at a shooting range, according to court documents. Mr. Frost also gave Mr. Cook and Mr. Sawall suicide necklaces that he had filled with fentanyl, which were to be ingested if they were caught by the police, according to court documents. While they were in Columbus, Mr. Sawall and Mr. Cook bought spray paint and used it to write the phrase "Join the Front" on a swastika flag under a bridge at a park, according to court documents. The men had more plans to spread propaganda while they were in Ohio until they encountered the police during a traffic stop, during which Mr. Sawall ingested his suicide necklace but survived, according to a plea agreement. The F.B.I. searched the homes of the three men in August 2020. Agents found multiple firearms, chemicals that could have been used to create an explosive device, and Nazi-related books and videos, according to court documents. Samuel Shamansky, a lawyer for Mr. Frost, said on Wednesday that Mr. Frost had "accepted complete responsibility for his reprehensible conduct." "He has completely disavowed the racist viewpoints previously embraced," Mr. Shamansky said. "Regrettably, Mr. Frost fell prey to the misinformation espoused on the internet and now recognizes how dangerous the medium can be. Moreover, Mr. Frost has committed himself toward rehabilitation and doing everything within his power to remedy his misdeeds."Read more of this story at Slashdot.

"Slashdot has always had an interest in the Chernobyl nuclear power plant, which CNN describes as 'the site of the world's worst nuclear disaster,'" writes Slashdot reader DevNull127. "Today, CNN is reporting that Chernobyl has been captured by Russian troops." From the report: Troops overran the plant on the first day of Russia's multi-pronged invasion of Ukraine, a spokesperson for the State Agency of Ukraine on Exclusion Zone Management, Yevgeniya Kuznetsov, told CNN. "When I came to the office today in the morning (in Kyiv), it turned out that the (Chernobyl nuclear power plant) management had left. So there was no one to give instructions or defend," she said. Earlier Thursday, Ukrainian President Volodymyr Zelensky warned that Russian forces were attempting to wrest control of the nuclear plant. "Russian occupation forces are trying to seize the Chernobyl (nuclear power plant). Our defenders are sacrificing their lives so that the tragedy of 1986 will not be repeated," Zelensky tweeted."This is a declaration of war against the whole of Europe." The Ukrainian Foreign Ministry echoed the President's warning, raising the specter of another nuclear disaster in the city. "In 1986, the world saw the biggest technological disaster in Chernobyl," the ministry tweeted. "If Russia continues the war, Chernobyl can happen again in 2022." "A map shows the power plant is nearly adjacent to the northern border of Ukraine -- so when Russian troops began their invasion, it was one of the first things they encountered," adds DevNull127. Latest Slashdot stories regarding Russia's invasion of Ukraine: Ukraine War Flashes Neon Warning Lights for Chips Companies Shut Ukraine Operations and Watch for Sanctions as Russia Attacks Russia Attacks Ukraine Twitter Accounts Sharing Video From Ukraine Are Being Suspended When They're Needed MostRead more of this story at Slashdot.

China announced powers to jail those found guilty of raising funds via token sales as it expands its crackdown on crypto. From a report: China's highest court amended its interpretation of the country's Criminal Law to make raising money from the public through "virtual currency" illegal, according to a statement today. The amendment comes into force from March 1. While China has banned crypto-based fundraising since 2017, this new amendment means Chinese courts can now officially issue sentences to criminals. Jail terms will vary from below three years to over ten years, depending on the amount raised.Read more of this story at Slashdot.

A swath of major American businesses -- from major banks to utility companies -- is preparing for possible cyberattacks against their computer networks as Russia on Thursday threatened "consequences" for nations that interfere with its invasion of Ukraine. From a report: Their concerns, echoed in C-suites and around Washington, follow recent warnings from the Biden administration that U.S. firms should harden their defenses against potential cyberattacks that could disrupt the nation's critical infrastructure. American officials say there are no current threats against the U.S. But they have nonetheless urged organizations to plan for worst-case scenarios and more aggressively monitor their computer networks for possible intrusions. "Right now, everybody needs to be at a heightened alert in the event this continues to escalate, and Russia tries to sway political opinion by causing damage in the United States and its Western allies," said David Kennedy, the chief executive officer of security firm TrustedSec. He said companies should be going through their computer infrastructure "with a fine-tooth comb" to ensure previous intrusions can't be used to cause future, more damaging, attacks. Major U.S. banks, for instance, fear aggressive cyberattacks if Washington imposes deeper financial sanctions on Russia, said two banking executives who spoke on condition of anonymity to discuss private conversations. CEOs of major financial firms and their cybersecurity experts recently met with Treasury officials as Russian threats of war intensified, according to the executives.Read more of this story at Slashdot.

The Justice Department's effort to prosecute cases of economic espionage had drifted from its stated mission and drawn fierce criticism for appearing to target researchers because of their ethnicity. From a report: The US Justice Department is ending its controversial China Initiative and will pivot to a new strategy to counter threats from nation states, it announced February 24. The program began under the Trump administration as an effort to root out economic espionage, but drew criticism for falling short of that stated goal while increasingly focusing on academics and researchers of Chinese descent. Assistant Attorney General Matthew Olsen, in an announcement made during a talk at the National Security Institute at George Mason University, said that after a review of the program, he has concluded that the China Initiative is "not the right approach" to countering national security threats. "Instead, the current threat landscape, demands a broader approach." "Make no mistake -- we will be relentless in defending our country from China," he said. "But our review convinced us that a new approach is needed to tackle the most severe threats." He emphasized his belief that the department's actions were driven by genuine national security concerns, but said that by grouping cases under the China Initiative, the DOJ helped create a perception that it treats people with ties to China differently. Instead, he announced a new strategy focused broadly on threats from hostile countries. Olsen began a review of the initiative in November, during which he said he heard concerns from the civil rights community about racial bias. He also said he heard concerns from the academic community that prosecutions of researchers for grant fraud and other charges has had a chilling effect. His National Security Division will take a "supervisory" approach to academic integrity and research security prosecutions, but that will not affect pending cases against academics scheduled to go to trial. "I am comfortable with them going forward," he said.Read more of this story at Slashdot.

Web3 is Going Great reports: The popular Tom's Hardware and PC Gamer websites both ran articles about a utility called "Nvidia RTX LHR v2 Unlocker", which claimed to increase the artificially-limited cryptocurrency mining performance of its RTX graphics cards. These graphics cards are shipped with performance-limiting software to reduce the GPUs' attractiveness to cryptocurrency miners, whose thirst for GPUs has made it difficult and expensive for gamers and various others to acquire the hardware. Unfortunately, both publications had to run a second article just a day later to warn their readers away from the software they had just advertised.Read more of this story at Slashdot.

Although Microsoft Edge has recently faced a lot of ridicule because the Redmond tech giant keeps adding what many consider as "bloat" in its web browser, it seems that the company is hell-bent on this path. Now, it appears that a Skype Meet Now panel is being added to Microsoft Edge. From a report: The integration was spotted by eagle-eyed Redditor and regular Neowin news tipster u/Leopeva64-2, who spotted the change in the latest Edge Canary build. Essentially, you now have a new toggle in the Appearance setting that adds a Skype Meet Now button to the Edge omnibar. Clicking on it in the omnibar opens a Skype Meet Now panel directly in Microsoft Edge.Read more of this story at Slashdot.

Having an asteroid slam into Earth was catastrophic for the dinosaurs, but the season of the strike may have substantially ramped up extinction rates for others species, research suggests. From a report: Scientists have found evidence that the devastating impact 66m years ago, which wiped out three-quarters of Earth's species and created the Chicxulub crater in modern-day Mexico, happened in the spring in the northern hemisphere. The timing means that many animals north of the equator would have been particularly vulnerable to the intense heatwave unleashed by the collision, having just emerged from the harsh months of winter. Other animals in the south may have fared better given that it was autumn, especially if they were hunkering down in burrows. The direct hit from the asteroid triggered an extreme global heatwave that proved lethal for many exposed animals. In the aftermath, temperatures are thought to have plummeted in a nuclear winter that drove many more species to extinction.Read more of this story at Slashdot.

Russia's invasion of Ukraine by land, air and sea risks reverberating across the global chip industry and exacerbating current supply-chain constraints. Reuters Breakingviews: Ukraine is a major producer of neon gas critical for lasers used in chipmaking and supplies more than 90% of U.S. semiconductor-grade neon, according to estimates from research firm Techcet. About 35% of palladium, a rare metal also used for semiconductors, is sourced from Russia. A full-scale conflict disrupting exports of these elements might hit players like Intel, which gets about 50% of its neon from Eastern Europe, according to JPMorgan. ASML, which supplies machines to semiconductor makers, sources less than 20% of the gases it uses from the crisis-hit countries.Read more of this story at Slashdot.

Sea ice around Antarctica has reached a record low in four decades of observations, a new analysis of satellite images shows. From a report: As of Tuesday, ice covered 750,000 square miles around the Antarctic coast, below the previous record low of 815,000 square miles in early March 2017, according to the analysis by the National Snow and Ice Data Center in Boulder, Colo. "It's really unprecedented," said Marilyn N. Raphael, a professor of geography at the University of California, Los Angeles, who studies Antarctic sea ice. Warmer ocean temperatures may have played a role, she said, "but there are other factors that we will be working on finding out in the next months." Antarctic sea ice extent is highly variable from year to year, but overall has increased very slightly, on average, since the late 1970s, when satellite observations began. By contrast, sea ice extent in the Arctic, which is warming about three times as fast as other regions, has decreased by more than 10 percent a decade over the same period. The two regions are very different. The Arctic Ocean covers high latitudes, including the North Pole itself, and is hemmed in by land masses. In the Southern Hemisphere, Antarctica covers the pole. The Southern Ocean, which surrounds the continent, begins at much lower latitudes and is open to the north. While rapid warming in the Arctic is largely responsible for the shrinking of sea ice there, the effect of climate change on Antarctic sea ice is far less clear. Edward Blanchard-Wrigglesworth, a climate scientist at the University of Washington, said that many scientists expect that global warming will eventually lead to declines in Antarctic sea ice. But right now, he said, "it's really hard to connect the two, especially in terms of single events like this one." Instead, a complex group of factors is at play when it come to Antarctic sea ice. Large-scale atmospheric patterns, often occurring far from the continent, as well as local ocean currents and winds can all increase or reduce sea-ice coverage.Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: A Chinese cybersecurity company accused the NSA of being behind a hacking tool used for ten years in a report published on Wednesday. The report from Pangu Lab delves into malware that its researchers first encountered in 2013 during an investigation into a hack against "a key domestic department." At the time, the researchers couldn't figure out who was behind the hack, but then, thanks to leaked NSA data about the hacking group Equation Group -- widely believed to be the NSA -- released by the mysterious group Shadow Brokers and by the German magazine Der Spiegel, they connected the dots and realized it was made by the NSA, according to the report. "The Equation Group is the world's leading cyber-attack group and is generally believed to be affiliated with the National Security Agency of the United States. Judging from the attack tools related to the organization, including Bvp47, Equation group is indeed a first-class hacking group," the report read, referring to the name of the tool the researchers found. "The tool is well-designed, powerful, and widely adapted. Its network attack capability equipped by 0day vulnerabilities was unstoppable, and its data acquisition under covert control was with little effort. The Equation Group is in a dominant position in national-level cyberspace confrontation." Further Reading: Anatomy of Top-Tier Suspected NSA Backdoor Code (The Register)Read more of this story at Slashdot.

"The availability of non-bank financial trading in cryptocurrency may allow Russia to avoid the worst of the sanctions coming after their invasion of Ukraine this week," writes Slashdot reader 14erCleaner, sharing a non-paywalled link to the New York Times article. From the report: On Tuesday, the Biden administration enacted fresh sanctions on Russia over the conflict in Ukraine, aiming to thwart its access to foreign capital. But Russian entities are preparing to blunt some of the worst effects by making deals with anyone around the world willing to work with them, experts said. And, they say, those entities can then use digital currencies to bypass the control points that governments rely on -- mainly transfers of money by banks -- to block deal execution. Sanctions are some of the most powerful tools the United States and European countries have to influence the behavior of nations they don't consider allies. The United States in particular is able to use sanctions as a diplomatic tool because the dollar is the world's reserve currency and used in payments worldwide. But American government officials are increasingly aware of the potential for cryptocurrencies to lessen the impact of sanctions and are stepping up their scrutiny of digital assets. Banks have to abide by "know your customer" rules, which include verifying their clients' identities. But exchanges and other platforms that facilitate the buying and selling of cryptocurrencies and digital assets are rarely as good at tracking their customers as banks are, even though they are supposed to follow the same rules. [...] Should it choose to evade sanctions, Russia has multiple cryptocurrency-related tools at its disposal, experts said. All it needs is to find ways to trade without touching the dollar. The Russian government is developing its own central bank digital currency, a so-called digital ruble that it hopes to use to trade directly with other countries willing to accept it without first converting it into dollars. Hacking techniques like ransomware could help Russian actors steal digital currencies and make up revenue lost to sanctions. And while cryptocurrency transactions are recorded on the underlying blockchain, making them transparent, new tools developed in Russia can help mask the origin of such transactions. That would allow businesses to trade with Russian entities without detection. In October 2020, representatives of Russia's central bank told a Moscow newspaper that the new "digital ruble" would make the country less dependent on the United States and better able to resist sanctions. It would let Russian entities conduct transactions outside the international banking system with any country willing to trade in digital currency. Russia could find willing partners in other nations targeted by U.S. sanctions, including Iran, that are also developing government-backed digital currencies. China, Russia's largest trading partner in both imports and exports according to the World Bank, has already launched its own central bank digital currency. The country's leader, Xi Jinping, recently described China's relationship with Russia as having "no limits."Read more of this story at Slashdot.

Bethesda on Tuesday announced that it will retire its Bethesda.net Launcher later this year and migrate fans' game libraries and wallets to Steam. As Polygon notes, the launcher has since 2016 "served as a place for players to purchase and launch games made by the publisher." From the report: Players' Bethesda.net accounts will remain active; some games may still require you to log in for save files, in-game cosmetics, or access to a mod library. While the process to transfer Bethesda games to Steam begins in early April, the launcher itself will no longer launch games in May. (Players will retain access to these games and can migrate them at any time; they simply won't be playable through the launcher.) Saves, cosmetics, in-game currencies, and progress in Fallout 76's seasonal model will be able to transfer over to Steam as well, with one exception: saves in Wolfenstein: Youngblood which are "currently unable to transfer." Bethesda's news post includes a more thorough FAQ, including a specific one for Fallout 76. As for the publisher's other large, live service game, the post states that "The Elder Scrolls Online is unaffected by this change."Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Waymo, the autonomous driving arm of Alphabet, was granted a win on Tuesday when a California court ruled it could keep certain details regarding its AV technology secret. The company filed a lawsuit against the California Department of Motor Vehicles in late January in order to keep some information about its autonomous vehicle deployment permit, as well as emails between the DMV and the company, redacted from a public record request, which was originally filed by an undisclosed third party. The ruling by the California Superior Court, Sacramento could set a precedent for broader trade secret protection, at least in the autonomous vehicle industry, involving public access to information that has to do with public safety, but which businesses claim contain trade secrets. In its lawsuit, Waymo argued being forced to reveal trade secrets would undermine its investments into automated driving technology and have a "chilling effect across the industry" where the DMV is no longer a safe space for companies to transparently share information about their tech. "We're pleased that the court reached the right decision in granting Waymo's request for a preliminary injunction, precluding the disclosure of competitively-sensitive trade secrets that Waymo had included in the permit application it submitted to the CA DMV," a Waymo spokesperson told TechCrunch. "We will continue to openly share safety and other data on our autonomous driving technology and operations, while recognizing that detailed technical information we share with regulators is not always appropriate for sharing with the public." [...] "These R&D efforts take many years and an enormous financial investment," reads Waymo's declaration shared with the court. "Waymo's AV development began as part of Google in 2009 before Waymo became its own company in 2016; therefore, Waymo's AVs have been in development for more than 12 years. Waymo has invested truly significant amounts researching and developing its AV products." It is difficult, however, to determine whether or not the information actually contains trade secrets without being able to see any of it. "The question is, can the company derive economic value purely from not sharing that information with others?" Matthew Wansley, former general counsel of nuTonomy (which Aptiv acquired) and a law professor at Yeshiva University's Cardozo School of Law in New York, told TechCrunch. [...] "I looked through the complaint that Waymo filed, and the categories of information they're talking about are pretty broad," said Wansley. "Are there trade secrets in that set of information that they sent? Probably, there are some. Does it include all of the information they sent? Almost certainly not. The only thing that would surprise me is if everything they're claiming is a trade secret is actually a trade secret. But without knowing the specific information that they share with regulators, it's just hard to know." And now the public will never know. In an effort to assuage any fears about its technology, the report notes that Waymo "has submitted a safety self-assessment to the U.S. Department of Transportation, and is publishing a law enforcement interaction guide and a detailed description of its safety methodologies."Read more of this story at Slashdot.

When Harry Stamper sets off a bomb to save planet Earth in the film Armageddon, his life flashes before his eyes. Now research has revealed tantalising clues that such recall may not be Hollywood hyperbole. From a report: An international team of scientists has reported an unexpected situation in which they recorded the brain activity of an 87-year-old patient as he died. The man had been admitted to a hospital emergency department after a fall that resulted in a bleed in the brain, and subsequently deteriorated. When doctors carried out an electroencephalography (EEG), they had discovered the patient had developed epilepsy. However, during the EEG recordings he had experienced a heart attack and died. The team says analysis of recordings of the 30 seconds before and after the man's heart stopped beating suggest that in his final moments he experienced changes in different types of brain waves, including alpha and gamma brain waves. The study suggests that interactions between different types of brain wave continue after the blood stops flowing in the brain. But, the researchers add, it also raises an intriguing possibility. "Given that cross-coupling between alpha and gamma activity is involved in cognitive processes and memory recall in healthy subjects, it is intriguing to speculate that such activity could support a last 'recall of life' that may take place in the near-death state," the team writes in the journal Frontiers in Ageing Neuroscience. However, the findings are based on the recordings from just one person, and the researchers urge caution, noting among other factors that traumatic brain injuries and white matter damage can affect brain waves, while activity of networks in the brain can be affected by anticonvulsant medication such as that given to the patient. Nonetheless, the researchers say the results could have important implications.Read more of this story at Slashdot.

Intel has acquired Linutronix, the German-based Linux consulting firm that is focused on embedded Linux and real-time computing. From a report: Intel's acquisition of Linutronix appears to be primarily focused as an acqui-hire with getting Linutronix's very talented staff at Intel. Among the prominent Linutronix engineers is their CTO Thomas Gleixner as a longtime kernel maintainer and important contributor on the x86 side, including with Linux's CPU security mitigations and perhaps most notably for the real-time (PREEMPT_RT) work.Read more of this story at Slashdot.

U.S. regulators are warning that 5G wireless operations could affect radio altimeters in most Boeing 737 aircraft and impact crew workload and airplane landings. From a report: The Federal Aviation Administration's directive affects Boeing's 737s, except its 200 and 200-c series, a Federal Register notice posted online on Wednesday said. It added that their "radio altimeters cannot be relied upon to perform their intended function if they experience interference from wireless broadband operations in the 3.7-3.98 GHz frequency band (5G C-Band)." The FAA said in the notice, scheduled to be formally published on Thursday, that regulators had determined that "during approach, landings, and go-arounds, as a result of this interference, certain airplane systems may not properly function". That would result in "increased lightcrew workload while on approach with the flight director, autothrottle, or autopilot engaged, which could result in reduced ability of the flight crew to maintain safe flight and landing of the airplane," it said.Read more of this story at Slashdot.

Facebook parent company Meta Platforms is building a digital voice assistant to help people interact hands-free with physical devices, such as the company's Portal video-calling device and, eventually, augmented-reality glasses. From a report: Chief Executive Officer Mark Zuckerberg said the company is building the assistant in preparation for the so-called metaverse, a more immersive version of the internet that will let people interact online through virtual and AR glasses. Digital assistants will need to "learn the way humans do" to help users navigate this new online world, Zuckerberg said during a presentation on Wednesday. "When we have glasses on our faces, that will be the first time an AI system will be able to really see the world from our perspective -- see what we see, hear what we hear and more," Zuckerberg added, saying he hopes to eventually build AI assistants that can "move between virtual and physical worlds." The AI assistant doesn't have a name, but Meta is calling the effort "Project CAIRaoke."Read more of this story at Slashdot.

Several Ukrainian government websites were offline Wednesday as a result of a mass distributed denial of service attack, Mykhailo Fedorov, head of Ukraine's Ministry of Digital Transformation, said in his Telegram channel. From a report: The attack, which also impacted some banks, began around 4 p.m. local time, according to Fedorov. He didn't say which banks were attacked or what the extent of the damage was. Websites for the Ukrainian Ministry of Foreign Affairs, Cabinet of Ministers and Rada, the country's parliament, were among those down as of Wednesday morning Eastern time. The government sites were offline as officials attempted to switch traffic elsewhere to minimize damage, he said. A DDoS attack is when a hacker floods a victim's network or server with traffic so that others are unable to access it.Read more of this story at Slashdot.

In a Google support forum post, Chrome's Support Manager Craig announced that mobile Chrome 100 will do away with the browser's data-saving feature -- the release is due to make its way to the stable channel on March 29, 2022. From a report: The mode will also stop working on previous versions of the browser from that day. Besides several improvements to Chrome over the years to reduce data usage and improve page load times, Google has also seen mobile data costs decrease in many countries. Thus, it believes the data saving mode is no longer relevant in today's world.Read more of this story at Slashdot.

Russian President Vladimir Putin can do a lot more damage in Ukraine and the United States is prepared to respond by withholding technology and resources if he does, deputy U.S. Deputy Treasury Secretary Wally Adeyemo said on Wednesday. From a report: Such measures were not announced on Tuesday as part of a round of sanctions unveiled by President Joe Biden to punish Putin for recognizing two breakaway regions of Ukraine as independent and deploying troops into the regions to "keep the peace." "President Putin clearly has the ability to do much more than he has done so far," Adeyemo said in an interview with CNBC. In response, the Biden administration could deprive Russia of a vast swath of low- and high-tech U.S. and foreign-made goods, from commercial electronics and computers to semiconductors and aircraft parts, people familiar with the matter have told Reuters. "The key thing that President Putin needs to consider is whether he wants to ensure that Russia's economy is able to grow, that he has the resources he needs to be able to project power in the future. If he chooses to invade, what we're telling him very directly, is that we're going to cut that off.Read more of this story at Slashdot.

There are big potential payouts ahead for controversial Activision Blizzard CEO Bobby Kotick, according to an extensive SEC filing about Microsoft's planned $69 billion acquisition of the company. From a report: Microsoft and Activision propose that Kotick could receive as much as $22 million in stock in July or later, if Activision's board sees improvement in company culture. Measured improvements would include the implementation of a zero-tolerance harassment plan and an increase in hiring women and non-binary people. Kotick took a pay cut in October in response to the company's scandals and said he was forgoing bonuses until the board saw improvement. The filing also indicates that the board may extend Kotick's contract by 12 months beyond its current March 2023 expiration. Kotick has not been expected to remain at the company long after the merger, a source told Axios' Ina Fried earlier this year. Should Kotick be fired without cause by Microsoft, he'll get a $15 million "golden parachute," according to the filing's compensation proposal. The filing reveals that Microsoft gaming executive Phil Spencer began talks with Kotick about a potential acquisition on Nov. 19, three days after a Wall Street Journal expose that said Kotick knew of sexual misconduct at the company for years.Read more of this story at Slashdot.

Intel launched the first wave of its 12th Gen Alder Lake chips at CES 2022 -- but only for its H-series lineup of chips, destined for the most powerful and power-hungry laptops. And now, it's rolling out the rest of its Alder Lake laptop lineup: the P-series and U-series models it briefly showed off in January, which are set to power the thinner, lighter, and cheaper laptops of 2022. From a report: In total, there are a whopping 20 chips fit for a wide range of hardware across the P-series, U-series (15W), and U-series (9W) categories, with the first laptops powered by the new processors set to arrive in March. Like their more powerful H-series cousins (and the Alder Lake desktop chips that Intel launched in late 2021 and at CES 2022), the new P-series and U-series chips have a lot more cores than 2020's 11th Gen models, with a hybrid architecture approach that combines performance and efficiency cores to maximize both power and battery life. And Intel is promising some big improvements focused around those boosted core counts, touting up to 70 percent better multi-thread performance than previous 11th Gen (and AMD) hardware. The company also says that it wins out in benchmarks against chips like Apple's M1 and M1 Pro (although not the M1 Max), and AMD's Ryzen R7 5800U in tasks like web browsing and photo editing.Read more of this story at Slashdot.

Activision Blizzard will delay a Call of Duty game that had been planned for next year, the first time the franchise will be without an annual mainline release in nearly two decades, Bloomberg News reported Wednesday, citing people familiar with the plan. From the report: The company is pushing off the release after a recent entry in the series failed to meet expectations, leading some executives to believe that they're introducing new versions too rapidly, said the people, who asked not to be identified because they weren't authorized to discuss the deliberations. The decision was not related to Activision's agreement to sell itself to Microsoft for $69 billion, the people said. Activision is working on other projects to fill the gap next year. A Call of Duty game set to come out this fall will receive a steady stream of additional content, and there will be a new, free-to-play online title next year, said the people. Treyarch, the Activision-owned studio working on the now-delayed game, will also help with the free-to-play title, the people said.Read more of this story at Slashdot.

If you're a Google Workspace user, the classic Hangouts messaging service will start to disappear next month as part of the transition to Google Chat. From a report: Google has announced that it'll make Google Chat its default chat application beginning March 22nd, meaning users will be redirected to Chat when they try to visit Hangouts in Gmail on the web, or try to use the old Hangouts mobile apps. The shift from Google Hangouts to Google Chat is the latest step in Google's constantly evolving messaging strategy, which generally gets more confusing the more you read about it. This particular migration kicked into gear in June 2020, and focusses on the messaging service integrated with Gmail. Google Chat should not be confused with GChat, the unofficial name for Google Talk, which was officially killed off in 2017 and replaced with -- you guessed it -- Hangouts.Read more of this story at Slashdot.

Activity on OpenSea, the world's largest marketplace for digital collectibles, likely dropped precipitously after a phishing attack that saw traders lose as much as an estimated $3 million. From a report: Trading in nonfungible tokens plummeted in recent days, according to data provider DappRadar. OpenSea's seven-day trading volume was down 37% as of Tuesday, DappRadar found. An unidentified hacker stole 254 tokens from OpenSea users by sending a malicious email asking to transfer their assets to a new contract. Around 17 traders signed the contract, which effectively acted as a blank check, giving the hacker access to all of the NFTs stored on their wallet. Some of those assets have since been sold, netting the perpetrator a hefty gain. Devin Finzer, OpenSea's chief executive officer, valued the total amount stolen at $1.7 million on Sunday, but researchers since have valued the pile at anywhere between $2 million and $3 million. Among the stolen NFTs included four Bored Apes, three of which were later sold on rival platform LooksRare for a combined $667,000, according to data from blockchain security service PeckShield.Read more of this story at Slashdot.

An anonymous reader quotes a report from ZDNet: Frontier, a national Internet Service Provider (ISP), is now bringing 2 Gbps broadband to all its fiber customers. While Frontier is best known for its rural DSL internet service, the company has been expanding its fiber network. Frontier's 2 Gbps service will be available to approximately 4 million customers in 19 states as part of its launch. This 2 Gbps service is symmetrical; this means you'll get 2 Gbps speeds both up and down. Frontier's not the only one that offers multi-Gbps speeds. AT&T, Google Fiber, Verizon Fios, Xfinity, and Ziply Fiber also offer this level of performance, but none of them offer it over their entire network like Frontier.Read more of this story at Slashdot.

UnknowingFool writes: Linux kernel developers have discussed on the kernel developers forum to remove ReiserFS from the kernel starting in 2022. ReiserFS was added as Linux's first journaling file system 21 years ago with SUSE using it as the default filesystem until 2006. However, since Hans Reiser was sent to jail 15 years ago for murder, there has not been much development or interest in it. Noting that there have been no user-spotted fixes since 2019, longtime kernel developer Matthew Wilcox also cited that ReiserFS was only block for some kernel changes he wished to implement. These days there are better alternatives like EXT4, Btrfs, XFS, and OpenZFS.Read more of this story at Slashdot.

Elon Musk said that Tesla is working to make Steam's library of video games work on its onboard vehicle computer. Electrek reports: As we previously reported, Tesla has a team of software engineers working on video games in Seattle and they recently started building a similar team in Austin. The automaker has been building a video game platform called Tesla Arcade inside its vehicles, and it has been working with video game studios to port games to it. Right now, it is mainly to create some added value to its ownership experience, but Tesla might have bigger plans for gaming inside its vehicles. In preparation for that, the automaker has been releasing more video games in its Tesla Arcade and it has indicated that it might turn it into a business. Now Musk announced on Twitter today that Tesla is working to make Steam's library of games work directly on Tesla's software instead of porting specific games: "We're working through the general case of making Steam games work on a Tesla vs specific titles. Former is obviously where we should be long-term." In the Twitter thread, Musk reiterated his goal to make Cyberpunk, a demanding game graphic-wise, work on the upcoming Cybertruck.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch, written by security editor Zack Whittaker: Consumer-grade spyware is often sold under the guise of child monitoring software, but also goes by the term "stalkerware" for its ability to track and monitor other people or spouses without their consent. Stalkerware apps are installed surreptitiously by someone with physical access to a person's phone and are hidden from home screens, but will silently and continually upload call records, text messages, photos, browsing history, precise location data and call recordings from the phone without the owner's knowledge. Many of these spyware apps are built for Android, since it's easier to plant a malicious app than on iPhones, which have tighter restrictions on what kind of apps can be installed and what data can be accessed. Last October, TechCrunch revealed a consumer-grade spyware security issue that's putting the private phone data, messages and locations of hundreds of thousands of people, including Americans, at risk. But in this case it's not just one spyware app exposing people's phone data. It's an entire fleet of Android spyware apps that share the same security vulnerability. On the front line of the operation is a collection of white-label Android spyware apps that continuously collect the contents of a person's phone, each with custom branding, and fronted by identical websites with U.S. corporate personas that offer cover by obfuscating links to its true operator. Behind the apps is a server infrastructure controlled by the operator, which is known to TechCrunch as a Vietnam-based company called 1Byte. TechCrunch found nine nearly identical spyware apps that presented with distinctly different branding, some with more obscure names than others: Copy9, MxSpy, TheTruthSpy, iSpyoo, SecondClone, TheSpyApp, ExactSpy, FoneTracker and GuestSpy. Other than their names, the spyware apps have practically identical features under the hood, and even the same user interface for setting up the spyware. Once installed, each app allows the person who planted the spyware access to a web dashboard for viewing the victim's phone data in real time -- their messages, contacts, location, photos and more. Much like the apps, each dashboard is a clone of the same web software. And, when TechCrunch analyzed the apps' network traffic, we found the apps all contact the same server infrastructure. But because the nine apps share the same code, web dashboards and the same infrastructure, they also share the same vulnerability. The vulnerability in question is known as an insecure direct object reference, or IDOR, a class of bug that exposes files or data on a server because of sub-par, or no, security controls in place. It's similar to needing a key to unlock your mailbox, but that key can also unlock every other mailbox in your neighborhood. IDORs are one of the most common kinds of vulnerability [...]. But shoddy coding didn't just expose the private phone data of ordinary people. The entire spyware infrastructure is riddled with bugs that reveal more details about the operation itself. It's how we came to learn that data on some 400,000 devices -- though perhaps more -- have been compromised by the operation. Shoddy coding also led to the exposure of personal information about its affiliates who bring in new paying customers, information that they presumably expected to be private; even the operators themselves. After emailing 1Byte with details of the security vulnerability, the email address was shut down along with "at least two of the branded spyware apps," according to TechCrunch. "That leaves us here. Without a fix, or intervention from the web host, TechCrunch cannot disclose more about the security vulnerability -- even if it's the result of bad actors themselves -- because of the risk it poses to the hundreds of thousands of people whose phones have been unknowingly compromised by this spyware." In a separate report, security editor Zack Whittaker explains how one can remove common consumer-grade spyware.Read more of this story at Slashdot.

Dubbed internally as "Project Tinman," executives at Peloton worked to conceal a build-up of rust on some exercise machines (Warning: source may be paywalled; alternative source) that were sent to customers instead of returned to the manufacturer. "The project was first revealed in FT Magazine last week but eight current and former Peloton employees across four US states have provided further details on the operation," reports the Financial Times. Here's an excerpt from the report: They described the plan as a nationwide effort to avoid yet another costly recall just months after the company's most tragic episode -- the death of a child due to the design of its treadmill. Internal documents seen by the FT showed that Tinman's "standard operating procedures" were for corrosion to be dealt with using a chemical solution called "rust converter," which conceals corrosion by reacting "with the rust to form a black layer." Employees said the scheme was called Tinman to avoid terms such as "rust" that executives decided were out of step with Peloton's quality brand. Insiders were also angered about enacting a plan that they argued cut across Peloton's supposed focus on its users, who are called "members" to evoke a sense that buyers are more than customers and part of a broader community. Tinman also put a spotlight on the company's quality control process versus meeting aggressive sales targets in the search for growth. Peloton said the issue affected at least 6,000 bikes and that 120 staff had undertaken "rigorous testing" on the devices to conclude the rust -- which it described as "cosmetic oxidation" -- had "no impact on a bike's performance, quality, durability, reliability, or the overall member experience."Read more of this story at Slashdot.

Microsoft has revealed it operates a planet-scale distributed scheduling service for AI workloads that it has modestly dubbed "Singularity." The Register reports: Described in a pre-press paper [PDF] co-authored by 26 Microsoft employees, Singularity's aim is described as helping the software giant control costs by driving high utilization for deep learning workloads. Singularity achieves that goal with what the paper describes as a "novel workload-aware scheduler that can transparently preempt and elastically scale deep learning workloads to drive high utilization without impacting their correctness or performance, across a global fleet of AI accelerators (e.g., GPUs, FPGAs)." The paper spends more time on the scheduler than on Singularity itself, but does offer some figures to depict the system's architecture. An analysis of Singularity's performance mentions a test run on Nvidia DGX-2 servers using a Xeon Platinum 8168 with two sockets of 20 cores each, eight V100 Model GPUs per server, 692GB of RAM, and networked over InfiniBand. With hundreds of thousands of GPUs in the Singularity fleet, plus FPGAs and possibly other accelerators, Microsoft has at least tens of thousands of such servers! The paper focuses on Singularity's scaling tech and schedulers, which it asserts are its secret sauce because they reduce cost and increase reliability. The software automatically decouples jobs from accelerator resources, which means when jobs scale up or down "we simply change the number of devices the workers are mapped to: this is completely transparent to the user, as the world-size (i.e. total number of workers) of the job remains the same regardless of the number of physical devices running the job." That's possible thanks to "a novel technique called replica splicing that makes it possible to time-slice multiple workers on the same device with negligible overhead, while enabling each worker to use the entire device memory." [...] "Singularity achieves a significant breakthrough in scheduling deep learning workloads, converting niche features such as elasticity into mainstream, always-on features that the scheduler can rely on for implementing stringent SLAs," the paper concludes.Read more of this story at Slashdot.

Protocol reports that Qualcomm will finally jump on the AV1 video codec bandwagon next year. Ars Technica reports: AV1 is the web's next open, royalty-free video codec, and widespread adoption will require hardware support from the world's chip vendors. Qualcomm's 2022 flagship SoC, the Snapdragon 8 Gen 1 chip, doesn't support AV1. Samsung's Exynos 2200 managed to ship the video codec this year in international versions of the Galaxy S22, while the MediaTek Dimensity 1000 SoC has been shipping in phones for over a year now with AV1 support. Apple is a founding member of the AV1 Alliance, but its devices also don't support the codec yet. The report says Qualcomm's "upcoming flagship Snapdragon mobile processor" -- model number "SM8550" -- will support AV1. That would probably be called the "Snapdragon 8 Gen 2" SoC, due out in 2023. Wide adoption of AV1 seems inevitable, though it is taking a while. The codec is a successor to Google's VP8 and VP9 codecs and is being built by the Alliance for Open Media. The alliance's lineup is a who's who of tech companies, with founding members like Amazon, Apple, ARM, Facebook, Google, Intel, Microsoft, Mozilla, Netflix, Nvidia, and Samsung. Netflix and Google's YouTube are both making AV1 support "a requirement" for future products that want to support either video service. That should motivate just about every hardware and software vendor out there to get the job done. Aside from being open source and royalty-free, the report notes that the newer AV1 codec also has the benefit of being 30% more efficient than H.265.Read more of this story at Slashdot.

Black carbon pollution from tourism and research activities in Antarctica is likely increasing snowmelt on the continent by an estimated 83 tonnes for each visitor, according to new research. From a report: Scientists have estimated that the black carbon produced by vessels, planes and diesel generators results in 23mm of additional snowmelt each summer in the most frequently visited areas of the ice-covered landmass. More than 74,000 tourists visited Antarctica in the 2019-2020 season, nearly double the figures from a decade ago. A team of researchers sampled the snow yearly between 2016 and 2020 at 28 sites spanning 2000km from Antarctica's northern tip to the Ellsworth Mountains. They focused primarily on the Antarctic peninsula, where about half of the research facilities on the continent are located and where an estimated 95% of Antarctic tourist trips are made. The team estimated that 53,000 tourists visited Antarctica annually between 2016 and 2020. Study co-author Dr Raul Cordero, of the University of Santiago Chile, said Antarctic snow was the cleanest on Earth, typically with baseline levels of black carbon around one part in a billion. "That is 1000 times less than what you would find in the Himalayas, and 100 times less than what you can find in the Andes or in the Rocky Mountains," he said.Read more of this story at Slashdot.

An anonymous reader quotes a report from Krebs on Security: Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers. But Missouri prosecutors now say they will not pursue charges following revelations that the data had been exposed since 2011 -- two years after responsibility for securing the state's IT systems was centralized within Parson's own Office of Administration. [...] On Monday, Feb. 21, The Post-Dispatch published the 158-page report (PDF), which concluded after 175 hours of investigation that [St. Louis Post-Dispatch reporter Josh Renaud] did nothing wrong and only accessed information that was publicly available. Emails later obtained by the Post-Dispatch showed that the FBI told state cybersecurity officials that there was "not an actual network intrusion" and the state database was "misconfigured." The emails also revealed the proposed message when education department leaders initially prepared to respond in October: "We are grateful to the member of the media who brought this to the state's attention," was the proposed quote attributed to the state's education commissioner before Parson began shooting the messenger. The Missouri Highway Patrol report includes an interview with Mallory McGowin, the chief communications officer for the state's Department of Elementary and Secondary Education (DESE). McGowin told police the website weakness actually exposed 576,000 teacher Social Security numbers, and the data would have been publicly exposed for a decade. McGowin also said the DESE's website was developed and maintained by the Office of Administration's Information Technology Services Division (ITSD) -- which the governor's office controls directly. "I asked Mrs. McGowin if I was correct in saying the website was for DESE but it was maintained by ITSD, and she indicated that was correct," the Highway Patrol investigator wrote. "I asked her if the ITSD was within the Office of Administration, or if DESE had their on-information technology section, and she indicated it was within the Office of Administration. She stated in 2009, policy was changed to move all information technology services to the Office of Administration." The report was a vindication for Renaud and for University of Missouri-St. Louis professor Shaji Khan, who helped the Post-Dispatch verify that the security flaw existed. Khan was also a target of Parson's vow to prosecute "the hackers." Khan's attorney Elad Gross told the publication his client was not being charged, and that "state officials committed all of the wrongdoing here." "They failed to follow basic security procedures for years, failed to protect teachers' Social Security numbers, and failed to take responsibility, instead choosing to instigate a baseless investigation into two Missourians who did the right thing and reported the problem," Gross told The Post-Dispatch. "We thank the Missouri State Highway Patrol and the Cole County Prosecutor's Office for their diligent work on a case that never should have been sent to them."Read more of this story at Slashdot.

Microsoft MVP Rudy Ooms has discovered that the built-in Windows data wiping functions leave user data behind in the latest versions of Windows 10 and Windows 11. "This error applies to both local and remote wiping of PCs running Windows 10 version 21H2 and Windows 11 version 21H2," reports Tom's Hardware. From the report: Ooms first discovered that there were problems with the disk wipe functionality provided by Microsoft when doing a remote wipe via Microsoft Intune system management. However, he has tested several Windows versions and both local and remote wiping over the weekend to compile the following summary table [embedded in the article]. At the bottom of the table you can see that both Wipe and Fresh Start options appear to work as expected in Windows 10 and 11 version 21H1, but are ineffectual in versions 21H2. Ooms installed and tested these four OSes, with local and remote wipe operations, then checked the results. The most common issue was the leaving behind of user data in a folder called Windows.old on the "wiped" or "fresh start" disk. This is despite Microsoft warning users ahead of the action that "This removes all personal and company data and settings from this device." In his blog post, Oooms notes that some users might feel assured that their personal data was always stored on a Bitlocker drive. However, when a device is wiped, Bitlocker is removed, and he discovered that the Windows.old folder contained previously encrypted data, now non-encrypted. It was also noted that OneDrive files, which had been marked as "Always Keep on this device" in Windows previously, remained in Windows.old too. Ooms has kindly put together a PowerShell Script to fix this security blunder by Microsoft. One needs to run the script ahead of wiping/resetting your old device. Hopefully Microsoft will step up and fix this faulty behavior in the coming weeks, so you don't need to remember to run third party scripts.Read more of this story at Slashdot.

Truth Social, a new social media platform backed by former President Donald Trump, sat at the top of Apple's free apps download charts as of Tuesday morning. CNBC reports: The platform unveiled a soft launch late Sunday, according to Reuters, with many users prompted to join a waitlist. Some who tried to sign up reported glitches when attempting to create an account, though such issues are common in early app releases. Truth Social has been delayed several times. The full launch was first planned for Feb. 21, but that date has been pushed back to March 31. The app is a product of the Trump Media & Technology Group, led by former Rep. Devin Nunes, R-Calif. The company has planned to go public via merger with the Digital World Acquisition Corp., a special purpose acquisition corporation, or SPAC, with a market cap of more than $3 billion. DWAC disclosed in December that two financial regulators had opened probes into communications with Trump's firm prior to the deal announcement. [...] The platform aims to distinguish itself through its content moderation philosophy, with the website calling it "America's 'Big Tent' social media platform that encourages an open, free, and honest global conversation without discriminating against political ideology." Even so, Nunes previously told Fox Business the company will have content moderation to ensure it remains a "family-friendly" space.Read more of this story at Slashdot.

An anonymous reader quotes a report from FedScoop: The Internal Revenue Service has committed to Login.gov as a user authentication tool after earlier this month agreeing to abandon the use of a commercial tool that featured third-party facial recognition technology. In a statement on Monday, the Treasury Department said it is working with the General Services Administration to achieve the "security standards and scale" required to adopt the platform. It comes after IRS earlier this month announced a plan to move away from using a third-party service for facial recognition to authenticate taxpayers creating new online accounts. It was forced to reject the technology following revelations that contractor ID.me uses powerful one-to-many facial recognition technology. "While this short-term solution is in place for this year's filing season, the IRS will work closely with partners across government to roll out login.gov as an authentication tool," IRS said. While Login.gov is not expected to be ready in time for use by taxpayers during the current tax season, users are now able to sign up for IRS online accounts without the use of any biometric data. Any previously collected biometric data will also be deleted over the next few weeks, according to IRS. Despite the move to Login.gov, taxpayers will still have the option to verify their identity automatically through ID.me's tool if they choose. New requirements are in place to ensure images provided are deleted for the account being created. The IRS said in a statement: "Taxpayers will have the option of verifying their identity during a live, virtual interview with agents; no biometric data -- including facial recognition -- will be required if taxpayers choose to authenticate their identity through a virtual interview."Read more of this story at Slashdot.

Facebook is under renewed scrutiny, accused of continuing to allow activists to incite ethnic massacres in Ethiopia's escalating war. From a report: Analysis by the Bureau of Investigative Journalism (TBIJ) and the Observer found Facebook is still letting users post content inciting violence through hate and misinformation. This is despite being aware it helps directly fuel tensions, prompting claims of inaction and indifference against the social media giant. The investigation tracked down relatives who have linked Facebook posts to the killings of loved ones. One senior member of Ethiopia's media accused the firm of "standing by and watching the country fall apart." The accusations arrive amid intensifying focus on Facebook's content moderation decisions, with it previously being accused of playing a role in the ethnic persecution of the Rohingya in Myanmar.Read more of this story at Slashdot.

For more than a year, the Centers for Disease Control and Prevention has collected data on hospitalizations for Covid-19 in the United States and broken it down by age, race and vaccination status. But it has not made most of the information public. From a report: When the C.D.C. published the first significant data on the effectiveness of boosters in adults younger than 65 two weeks ago, it left out the numbers for a huge portion of that population: 18- to 49-year-olds, the group least likely to benefit from extra shots, because the first two doses already left them well-protected. The agency recently debuted a dashboard of wastewater data on its website that will be updated daily and might provide early signals of an oncoming surge of Covid cases. Some states and localities had been sharing wastewater information with the agency since the start of the pandemic, but it had never before released those findings. Two full years into the pandemic, the agency leading the country's response to the public health emergency has published only a tiny fraction of the data it has collected, several people familiar with the data said. Much of the withheld information could help state and local health officials better target their efforts to bring the virus under control. Detailed, timely data on hospitalizations by age and race would help health officials identify and help the populations at highest risk. Information on hospitalizations and death by age and vaccination status would have helped inform whether healthy adults needed booster shots. And wastewater surveillance across the nation would spot outbreaks and emerging variants early.Read more of this story at Slashdot.

Hundreds of Salesforce employees globally are rebelling against plans by the U.S. enterprise software giant to enter the non-fungible token (NFT) market, according to internal documents seen by the Thomson Reuters Foundation. From a report: Salesforce told employees earlier this month it was exploring a series of NFT initiatives, including an "NFT Cloud" which could help companies around the world create and sell NFTs -- a kind of digital asset often linked to an image or piece of artwork, which is usually bought with cryptocurrencies. More than 400 employees have signed on to an open letter which was penned after the company's announcement, and is being shared in internal messaging channels. It is addressed to Salesforce's co-CEOs, and raises concerns about the environmental and economic impact of NFTs, calling them "unregulated, highly speculative financial assets."Read more of this story at Slashdot.

New submitter LZ_Mordan writes: David Heinemeier Hansson, the Ruby on Rails web development framework creator, took to Twitter on Monday to tell his followers that he was no longer a Bitcoin skeptic. "I still can't believe that this is the protest that would prove every Bitcoin crank a prophet. And for me to have to slice a piece of humble pie, and admit that I was wrong on crypto's fundamental necessity in Western democracies," Hansson wrote. In a blog post titled "I was wrong, we need crypto," the Danish programmer mentioned that he's been skeptical about Bitcoin and the crypto industry in general since the early 2010s. He noted that some of his biggest arguments against Bitcoin were the cryptocurrency's energy consumption, transaction fees, the lack of real decentralization, supposed fraud involving Tether (USDT) stablecoin and many others. But all these arguments do not provide enough reasons to disregard cryptocurrencies as a tool to support freedom and democracy in situations where countries like Canada impose martial law in response to peaceful protest movements, Hansson argued, stating: "It's clear to me now that I was too hasty to completely dismiss crypto on the basis of all the things wrong with it at the moment. Instead of appreciating the fundamental freedom to transact that it's currently our best shot at protecting."Read more of this story at Slashdot.

An anonymous reader shares a report: Last September, Amazon debuted a household robot named Astro that was supposed to usher in -- or at least point to -- a Jetsons-like future. Fifty-three minutes into a press conference otherwise focused on new Ring cameras, a thermostat and a giant Echo speaker with a wall screen, the three-wheeled robot rolled out on stage at the command of Amazon devices chief Dave Limp. With Astro looking on, Limp ticked off the gadget's attributes: advanced computer vision that lets the bot know where it is, home monitoring, media playback and the ability to summon emergency help for elders. Astro would eventually sell for about $1,450, but Limp said people lucky enough to score an invitation could get their hands on one for $1,000 -- or about the price of an iPhone 13 Pro -- and test it out at home. In a video presentation of the unveiling, Henrik Christensen, a computer science and robotics professor at the University of California at San Diego, said, "Astro is a huge step forward. The next question will be: 'When should I get one?'" A more apt question might have been: When can I get one? Six months later, Astro is tough to find. Hardly anyone is talking about the robot -- which is confounding because early adopters typically love to share their experiences online. A scan for Astro users on YouTube, Twitter and Instagram turned up just two people, who posted brief videos of the bot. Turns out Amazon has so far shipped at most a few hundred Astros, according to people familiar with the situation.Read more of this story at Slashdot.

AT&T's planned shutdown of its 3G network Tuesday has sparked fears that home security systems, medical alert monitors and a range of other devices will stop working. From a report: Carriers have previously retired networks, but this transition is proving more complicated because the pandemic hindered companies that rely on 3G services from making upgrades. Plus, there are just more devices to manage. AT&T, T-Mobile and Verizon are all planning to shut down their 3G networks this year to support new 5G services. AT&T, which first announced plans to sunset its 3G network in 2019, says less than 1% of its mobile data traffic runs on that network. The company has offered customers free and discounted 4G LTE phones to help them upgrade, totaling about 2 million replacements. What to watch: AT&T says phone coverage will not be affected, but it's not just phones that use the company's 3G network.Read more of this story at Slashdot.

A hacking group affiliated with the Chinese government is believed to have carried out a months-long attack against Taiwan's financial sector by leveraging a vulnerability in a security software solution used by roughly 80% of all local financial organizations. From a report: The attacks are believed to have started at the end of November 2021 and were still taking place this month, according to a report shared with The Record today by Taiwanese security firm CyCraft. The company attributed the intrusions -- which it tracked under the codename of Operation Cache Panda -- to a well-known Chinese cyber-espionage group known in the cybersecurity industry as APT10. The security firm told The Record in an interview earlier today that it couldn't share the name of the product exploited in the current attacks because of the ongoing law enforcement investigation and because of the efforts to have a patch released and installed across the local financial sector.Read more of this story at Slashdot.