Slashdot

From The New York Times:The key to "Eno" comes near the beginning of the film - at least, the beginning of the first version I saw. The musician Brian Eno, the documentary's subject, notes that the fun of the kind of art he makes is that it's a two-way street. "The audience's brain does the cooking and keeps seeing relationships," he says. Most movies are made up of juxtapositions of scenes, carefully selected and designed by the editor. But "Eno," directed by Gary Hustwit, turns that convention on its head. Writ large, it's a meditation on creativity. But every version of the movie you see is different, generated by a set of rules that dictate some things about the film, while leaving others to chance. (I've seen it twice, and maybe half the same material appeared across both films.) Eno, one of the most innovative and celebrated musicians and producers of his generation, has fiddled with randomness in his musical practice for decades, often propelled along by new technologies. He agreed to participate in "Eno" only if it, too, could be an example of what he and others have long called generative art... "Brain One", programmed by the artist Brendan Dawes, generates a new version of the film on the fly every time the algorithm is run. Dawes's system selects from a database of 30 hours of new interviews with Eno and 500 hours of film from his personal archive and, following a system of rules set down by the filmmakers with code, creating a new film. According to the filmmakers, there are 52 quintillion (that is, 52 billion billion) possible combinations, which means the chances of Brain One generating two exact copies of "Eno" are so small as to be functionally zero. "But the ambitions of Eno are greater than the film itself," writes the Verge, with director Hustwit hoping for a cinematic future exploring generative filmmaking with their software and hardware package. "We have a patent pending on the system, and we just launched a startup called Anamorph that is basically exploring this idea further with other filmmakers and studios and streamers." In an interview with the Verge, Hustwit points out that Brian Eno did the soundtrack for his previous film. "I was having these thoughts about, well, why can't showing a film be more performative? Why does it have to be this static thing every time?" The film just began a two-week run at Greenwich Village's nonprofit theatre Film Forum, and in the U.K. is appearing this week at 17 Picturehouse Cinemas across England and Scotland. Check this online schedule for upcoming dates this week in Nashville (Thursday), Austin (Friday), Dallas (Saturday) - with later dates this month including Toronto, San Francisco, and Los Angeles, and more cities in August.Read more of this story at Slashdot.

An anonymous reader shared this report from the Guardian:A team of researchers from the UK and US have found that pancreatic cancer is able to shut down molecules in one of the body's most important genes, helping the disease to grow and spread rapidly... Dr Maria Hatziapostolou, of Nottingham Trent University's John van Geest Cancer Research Centre, said: "This work, which has provided new understanding and knowledge of how the cancer behaves, will hopefully help pave the way for potential new treatments in the future...." For the study, published in the journal Gastro Hep Advances, the researchers analysed healthy as well as pancreatic cancer tissue samples. They found pancreatic cancers triggered a process known as DNA methylation, causing molecules in the normally beneficial HNF4A gene to switch off, allowing tumours to grow extremely quickly. The HNF4A gene is crucial to human health because it helps many of the body's organs to function properly. But the researchers discovered pancreatic cancer can covertly disable the gene's benefits. Hatziapostolou said: "Loss of HNF4A drives pancreatic cancer development and aggressiveness and we now know correlates with poor patient survival." Scientists from the University of Nottingham, Stanford University and the University of California and Cedars-Sinai medical centre, Los Angeles, were also involved in the project. The published study calls the targeted HNF4A gene is "a novel tumor suppressor in pancreatic cancer, regulating cancer growth and aggressiveness." And ultimately, according to the Guardian, pancreatic cancer "is the 12th most common cancer worldwide," according to the Guardian, "with more than half a million people diagnosed every year. It has the worst survival rates of all the most common forms of the disease." The researchers paper ends with this conclusion. "HNF4A silencing... drives pancreatic cancer development and aggressiveness leading to poor patient survival."Read more of this story at Slashdot.

"In a significant advancement for space technology, a team of UC Berkeley researchers, led by doctoral student Taylor Waddell, successfully launched a 3D printer into space," reports the university's student newspaper:As part of the Virgin Galactic 07 mission, the team sent a 3D printer named SpaceCAL to space to explore the potential of Computed Axial Lithography, or CAL, and additive manufacturing in space... During its 140-second flight in suborbital space, the SpaceCAL printer autonomously detected microgravity and printed four test parts: two space shuttles and two Benchies, or 3D-printed boats created to check the printer's accuracy, according to Sean Chu, a member of the team who worked on designing structures and mechanisms. Within the 140 seconds, the process involved multiple steps such as printing, post-washing, flushing with water and post-curing with light to fully solidify the parts. But that's just the beginning, says the university's engineering department:To date, CAL has shown that it can successfully print with more than 60 different materials on Earth, such as silicones, glass composites and biomaterials. According to Waddell, this versatility could come in handy for both the cabin and the crew... "CAL is also capable of repairing the crew. We can print dental replacements, skin grafts or lenses, or things personalized in emergency medicine for astronauts, which is very important in these missions, too." Someday, CAL may be used to print even more sophisticated parts, such as human organs. Lawrence Livermore National Lab has received a grant from NASA to test this technology on the International Space Station. "They're going to basically do bioprinting on the Space Station," said Waddell. "And the long, long-term goal is to print organs up in space with CAL, then bring them back down to Earth." Next, Waddell and his colleagues hope to begin work with NASA on developing and validating a single object that could support crew health and wellness, like a dental crown for an astronaut or a surgical wound closure tool... This project was made possible through a $1.4 million grant and engineering support provided by NASA. In addition, Virgin Galactic played a pivotal role in taking this project to the next level.Read more of this story at Slashdot.

"The latest version of the Linux kernel adds an array of improvements," writes the blog OMG Ubuntu, " including a new memory sealing system call, a speed boost for AES-XTS encryption on Intel and AMD CPUs, and expanding Rust language support within the kernel to RISC-V."Plus, like in all kernel releases, there's a glut of groundwork to offer "initial support" for upcoming CPUs, GPUs, NPUs, Wi-Fi, and other hardware (that most of us don't use yet, but require Linux support to be in place for when devices that use them filter out)... Linux 6.10 adds (after much gnashing) the mseal() system call to prevent changes being made to portions of the virtual address space. For now, this will mainly benefit Google Chrome, which plans to use it to harden its sandboxing. Work is underway by kernel contributors to allow other apps to benefit, though. A similarly initially-controversial change merged is a new memory-allocation profiling subsystem. This helps developers fine-tune memory usage and more readily identify memory leaks. An explainer from LWN summarizes it well. Elsewhere, Linux 6.10 offers encrypted interactions with trusted platform modules (TPM) in order to "make the kernel's use of the TPM reasonably robust in the face of external snooping and packet alteration attacks". The documentation for this feature explains: "for every in-kernel operation we use null primary salted HMAC to protect the integrity [and] we use parameter encryption to protect key sealing and parameter decryption to protect key unsealing and random number generation." Sticking with security, the Linux kernel's Landlock security module can now apply policies to ioctl() calls (Input/Output Control), restricting potential misuse and improving overall system security. On the networking side there's significant performance improvements to zero-copy send operations using io_uring, and the newly-added ability to "bundle" multiple buffers for send and receive operations also offers an uptick in performance... A couple of months ago Canonical announced Ubuntu support for the RISC-V Milk-V Mars single-board computer. Linux 6.10 mainlines support for the Milk-V Mars, which will make that effort a lot more viable (especially with the Ubuntu 24.10 kernel likely to be v6.10 or newer). Others RISC-V improvements abound in Linux 6.10, including support for the Rust language, boot image compression in BZ2, LZ4, LZMA, LZO, and Zstandard (instead of only Gzip); and newer AMD GPUs thanks to kernel-mode FPU support in RISC-V. Phoronix has their own rundown of Linux 6.10, plus a list of some of the highlights, which includes: The initial DRM Panic infrastructure The new Panthor DRM driver for newer Arm Mali graphics Better AMD ROCm/AMDKFD support for "small" Ryzen APUs and new additions for AMD Zen 5. AMD GPU display support on RISC-V hardware thanks to RISC-V kernel mode FPU More Intel Xe2 graphics preparations Better IO_uring zero-copy performance Faster AES-XTS disk/file encryption with modern Intel and AMD CPUs Continued online repair work for XFS Steam Deck IMU support TPM bus encryption and integrity protectionRead more of this story at Slashdot.

An anonymous reader shared this report from the Guardian:In March, after analysing 22,000 tasks in the UK economy, covering every type of job, a model created by the Institute for Public Policy Research predicted that 59% of tasks currently done by humans - particularly women and young people - could be affected by AI in the next three to five years. In the worst-case scenario, this would trigger a "jobs apocalypse" where eight million people lose their jobs in the UK alone.... Darrell West, author of The Future of Work: AI, Robots and Automation, says that just as policy innovations were needed in Thomas Paine's time to help people transition from an agrarian to an industrial economy, they are needed today, as we transition to an AI economy. "There's a risk that AI is going to take a lot of jobs," he says. "A basic income could help navigate that situation." AI's impact will be far-reaching, he predicts, affecting blue- and white-collar jobs. "It's not just going to be entry-level people who are affected. And so we need to think about what this means for the economy, what it means for society as a whole. What are people going to do if robots and AI take a lot of the jobs?" Nell Watson, a futurist who focuses on AI ethics, has a more pessimistic view. She believes we are witnessing the dawn of an age of "AI companies": corporate environments where very few - if any - humans are employed at all. Instead, at these companies, lots of different AI sub-personalities will work independently on different tasks, occasionally hiring humans for "bits and pieces of work". These AI companies have the potential to be "enormously more efficient than human businesses", driving almost everyone else out of business, "apart from a small selection of traditional old businesses that somehow stick in there because their traditional methods are appreciated"... As a result, she thinks it could be AI companies, not governments, that end up paying people a basic income. AI companies, meanwhile, will have no salaries to pay. "Because there are no human beings in the loop, the profits and dividends of this company could be given to the needy. This could be a way of generating support income in a way that doesn't need the state welfare. It's fully compatible with capitalism. It's just that the AI is doing it."Read more of this story at Slashdot.

Long-time Slashdot reader Geoffrey.landis writes: According to a new report from the United Nations, the world population is expected to grow to an estimated peak of 10.3 billion people in the mid-2080s, an increase over the current global population of 8.2 billion people. The estimated world population at the end of the century (2100) is now expected to be 6% less than estimates from a decade ago. However, calculating the number of future people is not a perfect science, with "many sources of uncertainty in estimating the global population," according to the U.S. Census Bureau. It estimated the world reached 8 billion people last September, while the U.N. timed the milestone nearly one year earlier.Read more of this story at Slashdot.

"Researchers are proposing a new way to battle the effects of climate change..." writes Science magazine: slowing the rising of sea levels with "glacial geoengineering". (That is, "building flexible barriers around them or drilling deep into them to slow their slippage into the sea.")Geoengineering proponents say it would be better to begin research now on how to staunch sea level rise at its source, rather than spending billions and billions of dollars to wall off coastal cities. "At some point you have to think, 'Well, is there anything else we can do?'" asks glaciologist John Moore of the University of Lapland, an author on the white paper, which was sponsored by the University of Chicago. One idea researched by Moore and covered in the report is to build buoyant "curtains," moored to the sea floor beyond the edge of ice shelves and glaciers, to block natural currents of warm water that erode ice sheets from below. (Especially in Antarctica, warming ocean water is a bigger threat to glaciers than warming air.) Early designs called for plastic, but natural fibers such as canvas and sisal are now being considered to avoid pollution concerns. According to the white paper, initial modeling studies show that curtain heights stretching only partway up from the sea floor off the coast of western Antarctica could reduce glacial melting by a factor of 10 in some locations. Another intervention some scientists are contemplating would slow the slippage of ice sheets by drilling holes to their bases and pumping out water or heat. Such massive engineering efforts would surely be some of the most expensive ever undertaken by humanity. At a workshop at the University of Chicago in October 2023, researchers suggested it might cost $88 billion to build 80 kilometers of curtains around Antarctic glaciers. Interventions would also require international political support, which some glaciologists view as an even bigger hurdle than the price tag. Twila Moon, a glaciologist at the U.S. National Snow and Ice Data Center, says such projects would require fleets of icebreakers, extensive shipping and supply chain needs, and significant personnel to construct, maintain, and guard the final structures - in ocean conditions she calls "eye-poppingly difficult." The projects could also incur unintended consequences, potentially disrupting ocean circulation patterns or endangering wildlife. Furthermore, it would take decades to find out whether the interventions were working. Even if the engineering and logistics were possible, that "does not answer the question of whether it should be pursued," says Moon, who opposes even preliminary studies on the concepts. "The report, which also stresses the importance of emissions reductions, takes pains to say it 'does not advocate for intervention; rather, it advocates for research into whether any interventions may be viable'..."Read more of this story at Slashdot.

As the number of autism diagnoses rises in America, a number of large employers "are taking steps to make workplaces more accessible and welcoming for neurodivergent employees," reports the New York Times - including Microsoft, Dell and Ford. [Alternate URL here.]The Centers for Disease Control and Prevention estimates that 1 in 36 8-year-olds in the United States has autism. That's up from 1 in 44 in 2018 and 1 in 150 in 2000, an increase that experts attribute, in part, to better screening. In addition, 2.2% of adults in the country, or 5.4 million people, are autistic, according to the CDC... Autism activists have praised companies that have become more accepting of remote work since the coronavirus pandemic. Workplaces with too much light and noise can overwhelm those who are autistic, leading to burnout, said Jessica Myszak, a clinical psychologist in Chicago who specializes in testing and evaluations for autism. Remote work "reduces the social demands and some of the environmental sensitivities" that autistic people struggle with, Myszak added. The article notes Microsoft's neurodiversity hiring program, which was established in 2015.The company's program was modeled after a venture created by the German software firm SAP, and has since been adopted in some form by companies including Dell and Ford. The initiative has brought in about 300 full-time neurodivergent employees to Microsoft, said Neil Barnett, the company's director for inclusive hiring and accessibility. "All they needed was this different, more inclusive process," Barnett said, "and once they got into the company, they flourished." [One job applicant] was given a job coach to help her with time management and prioritization. Microsoft also paired her with a mentor who showed her around the company's campus in Redmond. Perhaps more important, she works with managers who have received neurodiversity training. The Microsoft campus also has "focus rooms," where lights can be dimmed and the heights of desks can be changed to fit sensory preferences. Employees seated in the open office may also request to sit away from busy aisles or receive noise-canceling headphones.Read more of this story at Slashdot.

AT&T paid more than $300,000 to a member of the team that stole call records for tens of millions of customers, reports Wired - "to delete the data and provide a video demonstrating proof of deletion."The hacker, who is part of the notorious ShinyHunters hacking group that has stolen data from a number of victims through unsecured Snowflake cloud storage accounts, tells WIRED that AT&T paid the ransom in May. He provided the address for the cryptocurrency wallet that sent the currency to him, as well as the address that received it. WIRED confirmed, through an online blockchain tracking tool, that a payment transaction occurred on May 17 in the amount of 5.7 bitcoin... The hacker initially demanded $1 million from AT&T but ultimately agreed to a third of that. WIRED viewed the video that the hacker says he provided to AT&T as proof to the telecom that he had deleted its stolen data from his computer... AT&T is one of more than 150 companies that are believed to have had data stolen from poorly secured Snowflake accounts during a hacking spree that unfolded throughout April and May. It's been previously reported that the accounts were not secured with multi-factor authentication, so after the hackers obtained usernames and passwords for the accounts, and in some cases authorization tokens, they were able to access the storage accounts of companies and siphon their data. Ticketmaster, the banking firm Santander, LendingTree, and Advance Auto Parts were all among the victims publicly identified to date... The timeline suggests that if [John] Binns is responsible for the AT&T breach, he allegedly did it when he was likely already aware that he was under indictment for the T-Mobile hack and could face arrest for it.Read more of this story at Slashdot.

Thunderbird's annual Extended Support Release was revealed Friday, promising "significant" improvements to the overall user experience and "the speed at which we can deliver new features to you," according to the Thunderbird blog:We've devoted significant development time integrating Rust - a modern programming language originally created by Mozilla Research - into Thunderbird. Even though this is a seemingly invisible change, it is a major leap forward because it enhances our code quality and performance. This overhaul will allow us to share features between the desktop and future mobile versions of Thunderbird, and speed up our development process. It's a win for our developers and a win for you. More from the blog OMG Ubuntu:I'm also stoked to see that Thunderbird 128 makes 'newest first' the default sort order for messages in message list. While some prefer the old way, I always found it strange that the oldest mails were shown first - team reverse chronology, represent! They also cite "a number of OpenPGP improvements," plus a new preference option for displaying full names and email addresses of all recipients in the message list. (Plus, threaded-message views now display a "New Message" count.) Other new features in this release:A new and more attractive layout for Cards View (with adjustable heights) that "makes it easier to scan your email threads and glean information."The folder pane has better recall of message thread statesImproved theme compatibility. "Your Thunderbird should blend seamlessly with your desktop environment, matching the system's accent colors perfectly." (Especially beneficial on Ubuntu and Mint.)You can now customize the color of your account icon.The Thunderbird blog also mentions that "We plan to launch the first phase of built-in support for Exchange, as well as Mozilla Sync, in a future Nebula point release (e.g. Thunderbird 128.X)."Read more of this story at Slashdot.

Long-time Slashdot reader schwit1 shared this report from non-profit libertarian law firm, the Institute for Justice:U.S. District Judge Rita Lin has permanently enjoined the California Bureau of Security and Investigative Services from enforcing its private-investigator licensing requirement against anti-spam entrepreneur Jay Fink. The order declares that forcing Jay to get a license to run his business is so irrational that it violates the Due Process Clause of the Fourteenth Amendment... Jay's business stems from California's anti-spam act, which allows individuals to sue spammers. But to sue, they have to first compile evidence. To do that, recipients often have to wade through thousands of emails. For more than a decade, Jay has offered a solution: he and his team will scour a client's junk folder and catalog the messages that likely violate the law. But last summer, Jay's job - and Californians' ability to bring spammers to justice - came to a screeching halt when the state told him he was a criminal. A regulator told Jay he needed a license to read through emails that might be used as evidence in a lawsuit. And because Jay didn't have a private investigator license, the state shut him down. The state of California has since "agreed to jointly petition the court for an order that forever prohibits it from enforcing its licensure law against Jay," according to the article. Otherwise the anti-spam crusader would've had to endure thousands of hours of private investigator training...Read more of this story at Slashdot.

At the end of June, Apple's App Store rejected the Windows/retro PC emulator "UTM SE". But in a reversal Apple approved the app Saturday, reports the Verge. "We are happy to announce that UTM SE is available (for free) on iOS and visionOS App Store," the developer posted on X, "and coming soon to AltStore PAL." From the Verge:After Apple rejected the app in June, the developer said it wasn't going to keep trying because the app was "a subpar experience." Today, UTM thanked the AltStore team for helping it and credited another developer "whose QEMU TCTI implementation was pivotal for this JIT-less build." As with other emulators on the App Store, you can't do much with UTM SE out of the box. It doesn't come with any operating systems, though the app does link to UTM's site, which has guides for Windows XP through Windows 11 emulation, as well as downloads of pre-built virtual Linux machines. Mac OS 9.2.1 and DOS are listed in one screenshot from the UTM SE App Store page. Mac OS 9.2.1 and DOS are listed in one screenshot from the UTM SE App Store page.Read more of this story at Slashdot.

An anonymous reader shared this report from ScienceAlert:NASA's Parker Solar Probe, tasked with taking a close-up look at the Sun's outer corona, has just equalled the record for the fastest-moving human-made object ever.The previous record holder? The Parker Solar Probe, again.The probe was recorded traveling at 635,266 kilometers (394,736 miles) per hour on June 29, the second time it's reached that speed since it launched in 2018. We're talking around 500 times faster than the speed of sound here.It's on course to get even faster too, with a top speed of around 692,000 kph (430,000 mph) expected when it makes its closest approach to the Sun in 2025. It's the probe's 20th approach to the sun, according to the article, with the probe using Venus "to create a sort of gravity-powered slingshot," according to the article. (NASA has created a nice interactive 3D model of the probe...) Besides collecting particle samples in 2021, "The probe is eventually going to get nice and close to the swirling mass of ultra-hot plasma surrounding the Sun, and take a wealth of different measurements to help improve our scientific understanding of it."Read more of this story at Slashdot.

An anonymous reader shared this report from InfoWorld:Rust has leaped to its highest position ever in the monthly Tiobe index of language popularity, scaling to the 13th spot this month, with placement in the top 10 anticipated in an upcoming edition. Previously, Rust has never gone higher than 17th place in the Tiobe Programming Index. Tiobe CEO Paul Jansen attributed Rust's ascent in the just-released July index to a February 2024 U.S. White House report recommending Rust over C/C+ for safety reasons. He also credited the growing community and ecosystem support for the language. "Rust is finally moving up." The article adds that these rankings are based on "the number of skilled engineers worldwide, courses, and third-party vendors pertaining to languages, examining websites such as Google, Amazon, Wikipedia, and more than 20 others to determine the monthly numbers." Python C++ C Java C# JavaScript Go Visual Basic Fortran SQLInterestingly, Rust has just moved into the top ten on the rival rankings from the rival Pypl Popularity of Programming Language index (which according to the article "assesses how often languages are searched on in Google.") Python Java JavaScript C# C/C++ R PHP TypeScript Swift RustRead more of this story at Slashdot.

"A leading South Korean producer of electric vehicle batteries has declared itself in crisis," reports the Financial Times, "as its customers struggle with disappointing EV sales in Europe and the US."SK On, the world's fourth-largest EV battery maker behind Chinese giants CATL and BYD and South Korean rival LG Energy Solution, has recorded losses for 10 consecutive quarters since being spun off by its parent company in 2021. Its net debt has increased more than fivefold, from Won2.9tn ($2.1bn) to Won15.6tn over the same period, as western EV sales have fallen far short of its expectations. With losses snowballing, chief executive Lee Seok-hee announced a series of cost-cutting and working practice measures last Monday, describing them as a state of "emergency management". "We have our back against the wall," Lee wrote in a letter to employees. "We should all pull together." [...] Tim Bush, a Seoul-based battery analyst at UBS, said the South Korean battery makers had been "badly let down" by US car manufacturers, which he said had failed to produce EVs sufficiently attractive to mass market consumers to meet their own bullish sales projections. He noted that until as recently as last year, General Motors was forecasting it would sell 1 million EVs in 2025. It sold just 21,930 in the second quarter of this year. Bush tells the Financial Times that "the automakers didn't invest enough in producing high-quality affordable EVs." But he also tells the newspaper that a transition to EVs is still "inevitable". "As long as the wider SK Group continues to see SK On as a trophy asset and gives it the support it needs to weather the present storm, then its long-term future is likely to be assured." Thanks to long-time Slashdot reader schwit1 for sharing the article.Read more of this story at Slashdot.

"In the largest public sector trial of the four-day week in Britain, fewer refuse collectors quit," reports the Guardian, "and there were faster planning decisions, more rapid benefits processing and quicker call answering, independent research has found."South Cambridgeshire district council's controversial experiment with a shorter working week resulted in improvements in performance in 11 out of 24 areas, little or no change in 11 areas and worsening of performance in two areas, according to analysis of productivity before and during the 15-month trial by academics at the universities of Cambridge and Salford... The multi-year study of the trial involving about 450 desk staff plus refuse collectors found: - Staff turnover fell by 39%, helping save 371,500 in a year, mostly on agency staff costs.- Regular household planning applications were decided about a week and a half earlier.- Approximately 15% more major planning application decisions were completed within the correct timescale, compared with before.- The time taken to process changes to housing benefit and council tax benefit claims fell....Under the South Cambridgeshire trial, which began in January 2023 and ran to April 2024, staff were expected to carry out 100% of their work in 80% of the time for 100% of the pay. The full trial cut staff turnover by 39% and scores for employees' physical and mental health, motivation and commitment all improved, the study showed. "Coupled with the hundreds of thousands of pounds of taxpayer money that we have saved, improved recruitment and retention and positives around health and wellbeing, this brave and pioneering trial has clearly been a success," said John Williams, the lead council member for resources... Scores of private companies have already adopted the approach, with many finding it helps staff retention. Ryle said the South Cambridgeshire results "prove once and for all that a four-day week with no loss of pay absolutely can succeed in a local government setting". Thanks to long-time Slashdot reader AmiMoJo for sharing the article.Read more of this story at Slashdot.

ewhac (Slashdot reader #5,844) writes: Friday the hardware review site Gamers Nexus filed a YouTube video report alleging some serious claims: that PC component manufacturer MSI left their internal warranty and RMA processing web site accessible to the open Internet, with no authentication. Virtually the entire history of MSI warranty claims going back to at least 2017 were searchable and accessible for the browsing, including customer names, email addresses, phone numbers, and serial numbers of MSI devices. This event follows closely on the heels of a video report just a few days earlier alleging PC component manufacturer Zotac left their warranty/RMA and B2B records server open to indexing by Google. Gamers Nexus posted their reports after informing Zotac and MSI of their open servers and verifying they were no longer accessible. However, the data from MSI's server could have been fully scraped at this point, giving scammers a gold mine of data permitting them to impersonate MSI personnel and defraud customers. Anyone who's filed a warranty or RMA claim with MSI in the past seven years should exercise caution when receiving unsolicited emails or phone calls purporting to be from MSI.Read more of this story at Slashdot.

"Signal is finally tightening its desktop client's security," reports BleepingComputer - by changing the way it stores plain text encryption keys for the SQLite database where users' messages are stored:When BleepingComputer contacted Signal about the flaw in 2018, we never received a response. Instead, a Signal Support Manager responded to a user's concerns in the Signal forum, stating that the security of its database was never something it claimed to provide. "The database key was never intended to be a secret. At-rest encryption is not something that Signal Desktop is currently trying to provide or has ever claimed to provide," responded the Signal employee... [L]ast week, mobile security researchers Talal Haj Bakry and Tommy Mysk of Mysk Inc warned on X not to use Signal Desktop because of the same security weakness we reported on in 2018... In April, an independent developer, Tom Plant, created a request to merge code that uses Electron's SafeStorage API "...to opportunistically encrypt the key with platform APIs like DPAPI on Windows and Keychain on macOS," Plant explained in the merge request... When used, encryption keys are generated and stored using an operating system's cryptography system and secure key stores. For example, on Macs, the encryption key would be stored in the Keychain, and on Linux, it would use the windows manager's secret store, such as kwallet, kwallet5, kwallet6, and gnome-libsecret... While the solution would provide additional security for all Signal desktop users, the request lay dormant until last week's X drama. Two days ago, a Signal developer finally replied that they implemented support for Electron's safeStorage, which would be available soon in an upcoming Beta version. While the new safeStorage implementation is tested, Signal also included a fallback mechanism that allows the program to decrypt the database using the legacy database decryption key... Signal says that the legacy key will be removed once the new feature is tested. "To be fair to Signal, encrypting local databases without a user-supplied password is a problem for all applications..." the article acknowledges. "However, as a company that prides itself on its security and privacy, it was strange that the organization dismissed the issue and did not attempt to provide a solution..."Read more of this story at Slashdot.

clovis (Slashdot reader #4,684) writes: Joe Engle received his astronaut wings in a ceremony on July 15, 1965, for his flight in the hypersonic aircraft, reaching an altitude of 50 miles above the Earth. At 32, he was the youngest man to become an astronaut. Later, he entered the Apollo program and eventually commanded the STS-2 flight of the Space Shuttle. Here is an interview from 2004. I thought it was interesting that they used the F-104 as the chase plane and for training because the flight characteristics were so similar, which says a lot about the F-104. Anyway, the X-15 project was a big deal for us science/geek types back when I was a kid. I wonder if it's something today's generation is even aware of.Read more of this story at Slashdot.

Slashdot reader joshuark shared this report from BetaNews:Check Point Research has identified a critical zero-day spoofing attack exploiting Microsoft Internet Explorer on modern Windows 10/11 systems, despite the browser's retirement. Identified as CVE-2024-38112, this vulnerability allows attackers to execute remote code by tricking users into opening malicious Internet Shortcut (.url) files. This attack method has been active for over a year and could potentially impact millions... Attackers use a sophisticated trick to mask the malicious .hta extension, making use of the outdated security of Internet Explorer to compromise systems running updated Windows operating systems. From Check Point Research:Even though IE has been proclaimed "retired and out-of-support," technically speaking, IE is still part of the Windows OS and is "not inherently unsafe, as IE is still serviced for security vulnerabilities, and there should be no known exploitable security vulnerabilities," according to our communications with Microsoft.Read more of this story at Slashdot.

TechSpot writes:Users of the Linksys Velop Pro 6E and 7 mesh routers should change their passwords and Wi-Fi network names through an external web browser. The two models transmit critical information to outside servers in an insecure manner upon initial installation. New patches have emerged since the issue was discovered, but Linksys hasn't publicly responded to the matter, and it is unclear if the latest firmware leaves sensitive data exposed to interception. The issue was discovered by Testaankoop, the Belgian equivalent of the Consumers' Association. And they warned Linksys back in November, according to the tech news site Stack Diary. (The practice could leave passwords and other information vulnerable to Man-in-the-Middle attacks.)Testaankoop suspects the security issue might stem from third-party software used in the Linksys firmware. However, they emphasize that this does not excuse the vulnerability. Thanks to long-time Slashdot reader schwit1 for sharing the news.Read more of this story at Slashdot.

MuckRock is a U.S.-based 501(c)(3) non-profit collaborative news site to "request, analyze and share government documents," according to its web site. And long-time Slashdot reader schwit1 shared their report about a lecture by Admiral Grace Hopper:In a vault at the National Security Agency lies a historical treasure: two AMPEX 1-inch open reel tapes containing a landmark lecture by Admiral Grace Hopper, a giant in the field of computer science. Titled 'Future Possibilities: Data, Hardware, Software, and People,' this lecture, recorded on August 19, 1982, at the NSA's Fort Meade headquarters, and stored in the video archives of the National Cryptographic School, offers a rare glimpse into the mind of a pioneer who shaped the very fabric of technology. Yet this invaluable artifact remains inaccessible, trapped in an obsolete format that the NSA will not release, stating that the agency is unable to play it back. "NSA is not required to find or obtain new technology (outdated or current) in order to process a request," states the official response from the agency. But MuckRock adds that on June 25, "responding to a follow-up request, the NSA at least provided an image of the tape labels," leading MuckRock to complain that the NSA "is well-positioned to locate, borrow and use a working VTR machine to access Admiral Hopper's lectures... The NSA, with its history of navigating complex technological landscapes and decrypting matters of national significance, does not typically shy away from a challenge."The challenge of accessing these recordings is not just technical, but touches on broader issues around preserving technological heritage.... It is our shared obligation to safeguard such pivotal elements of our nationa(TM)s history, ensuring they remain within reach of future generations. While the stewardship of these recordings may extend beyond the NSAa(TM)s typical purview, they are undeniably a part of Americaa(TM)s national heritage.Read more of this story at Slashdot.

Slashdot reader Kirschey writes: The U.S. Customs and Border Protection determined that the redesigned Apple Watch models do not violate AliveCor's electrocardiogram patents, allowing them to be imported. This decision comes before a consolidated hearing at the Federal Circuit Court regarding the same patents. From the decision:We find that Apple Inc. ("Apple") has met its burden to show that certain redesigned wearable devices ("articles at issue") do not infringe one or more of claims 12, 13, and 19-23 of U.S. Patent No. 10,638,941 ("the '941 Patent") and claims 1, 3, 5, 8-10, 12, 15, and 16 of U.S. Patent No. 10,595,731 ("the '731 Patent). Thus, CBP's position is that the articles at issue are not subject to the limited exclusion order that the U.S. International Trade Commission ("Commission" or "ITC") issued in Investigation No. 337-TA-1266 ("the underlying investigation" or "the 1266 investigation"), pursuant to Section 337 of the Tariff Act of 1930, as amended, 19 U.S.C. 1337 ("Section 337").Read more of this story at Slashdot.

A report from TechSpot:For home videographers and data hoarders who still rely on optical discs for archiving, some bad news just dropped: Sony is winding down production of recordable Blu-ray media... In an interview Sony gave to AV Watch recently, the company admitted it's going to "gradually end development and production" of recordable Blu-rays and other optical disc formats at its Tagajo City plants in Miyagi Prefecture, Japan. Essentially, 25GB BD-REs, 50GB BD-RE DLs, 100GB BD-RE XLs, or 128GB BD-R XLs will soon not be available to consumers. Professional discs for video production and optical archives for data storage are also being discontinued. Sony says it's pulling the plug because the cold storage market never really took off like they hoped, and the overall storage media business has been operating in the red for years... It's not all bad news, though. The commercial Blu-ray discs you buy movies and games on will still be produced, so there's no need to panic about the death of physical media just yet. Share your thoughts and reactions in the comments. (Long-time Slashdot reader storkus wonders if it's possible there are still other companies, possibly Chinese, that are still making the disks?)Read more of this story at Slashdot.

"Intel's problems with unstable 13th-gen and 14th-gen high-end CPUs appear to run deeper than we thought," writes TechRadar, "and a new YouTube video diving into these gremlins will do little to calm any fears that buyers of Raptor Lake Core i9 processors (and its subsequent refresh) have." Level1Techs is the YouTuber in question, who has explored several avenues in an effort to make more sense of the crashing issues with these Intel processors that are affecting some PC gamers and making their lives a misery - more so in some cases than others. Data taken from game developer crash logs - from two different games - clearly indicates a high prevalence of crashes with the mentioned more recent Intel Core i9 chips (13900K and 14900K). In fact, for one particular type of error (decompression, a commonly performed operation in games), there was a total of 1,584 that occurred in the databases Level1Techs sifted through, and an alarming 1,431 of those happened with a 13900K or 14900K. Yes - that's 90% of those decompression errors hitting just two specific CPUs. As for other processors, the third most prevalent was an old Intel Core i7 9750H (Coffee Lake laptop CPU) - which had a grand total of 11 instances. All AMD processors in total had just 4 occurrences of decompression errors in these game databases. "In case you were thinking that AMD chips might be really underrepresented here, hence that very low figure, well, they're not - 30% of the CPUs in the database were from Team Red..." "The YouTuber also brings up another point here: namely that data centers are noticing these issues with Core i9s." More details at Digital Trends... And long-time Slashdot reader UnknowingFool wrote a summary of the video's claims here.Read more of this story at Slashdot.

An anonymous reader quotes a report from DefenseScoop: A group of NATO countries are set to begin implementing a new project aimed at improving the alliance's ability to quickly share intelligence gathered by space-based assets operated by both member nations and the commercial sector. Seventeen NATO members signed a memorandum of understanding for the Alliance Persistence Surveillance from Space (APSS) program as part of the annual NATO summit being held in Washington this week, the alliance announced Tuesday. Members will now move into a five-year implementation phase of the project, during which allies will contribute more than $1 billion "to leverage commercial and national space assets, and to expand advanced exploitation capacities," according to a press release. The United States is one of the nations signed onto the initiative, as well as Belgium, Canada, Denmark, Finland, France, Germany, Greece, Hungary, Italy, Luxembourg, the Netherlands, Norway, Poland, Romania, Sweden and Turkey, according to a NATO source. The transatlantic organization created APSS last year with the intent to establish a "virtual constellation" -- dubbed Aquila -- comprising both national and commercial space systems, sensors and data that can be used by NATO's command structure and other allies. The project is considered "the largest multinational investment in space-based capabilities" in the alliance's history, and is set to increase NATO's ability "to monitor activities on the ground and at sea with unprecedented accuracy and timeliness," a press release stated. Participating nations will be able to use their own space systems, provide tools for intelligence collection and analysis, or purchase space-based data gathered by commercial constellations. "Integrating and exploiting data from space effectively has been a growing challenge over time," a NATO press release stated. "By leveraging latest technologies from industry, APSS will help advance NATO's innovation agenda and offer a new platform to engage with the growing space industry." The APSS project is part of the larger implementation of NATO's overarching space policy adopted in 2019, which officially recognized space as a new operational domain. Since then, the alliance has worked to bolster its presence in space -- including the establishment of a NATO Space Centre in 2020 and approval of an official Space Branch within the Allied Command Transformation in June.Read more of this story at Slashdot.

Researchers from Cornell University have developed a novel urine collection and filtration system for spacesuits, designed to improve hygiene and comfort for astronauts during long spacewalks. This new system, inspired by the 'stillsuits' from the Dune franchise, recycles urine into potable water using a vacuum-based external catheter and a forward-reverse osmosis unit. It's expected to be tested for use in upcoming NASA moon and Mars missions. Phys.Org reports: [Researchers] have now designed a urine collection device, including an undergarment made of multiple layers of flexible fabric. This connects to a collection cup (with a different shape and size for women and men) of molded silicone, to fit around the genitalia. The inner face of the collection cup is lined with polyester microfiber or a nylon-spandex blend, to draw urine away from the body and towards the inner cup's inner face, from where it is sucked by a vacuum pump. A RFID tag, linked to an absorbent hydrogel, reacts to moisture by activating the pump. Once collected, the urine is diverted to the urine filtration system, where it gets recycled with an efficiency of 87% through a two-step, integrated forward and reverse osmosis filtration system. This uses a concentration gradient to remove water from urine, plus a pump to separate water from salt. The purified water is then enriched in electrolytes and pumped into the in-suit drink bag, again available for consumption. Collecting and purifying 500ml of urine takes only five minutes. The system, which integrates control pumps, sensors, and a liquid-crystal display screen, is powered by a 20.5V battery with a capacity of 40 amp-hours. Its total size is 38 by 23 by 23 cm, with a weight of approximately eight kilograms: sufficiently compact and light to be carried on the back of a spacesuit. Now that the prototype is available, the new design can be tested under simulated conditions, and subsequently during real spacewalks. The design has been published in the journal Frontiers in Space Technology.Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: Constellation Energy is in talks with the Pennsylvania governor's office and state lawmakers to help fund a possible restart of part of its Three Mile Island power facility, the site of a nuclear meltdown in the 1970s, three sources familiar with the discussions said on Tuesday. The conversations, which two sources described as "beyond preliminary," signal that Constellation is advancing plans to revive part of the southern Pennsylvania nuclear generation site, which operated from 1974 to 2019. The nuclear unit Constellation is considering restarting is separate from the one that melted down. The sources said that a shut Michigan nuclear plant, which was recently awarded a $1.5 billion conditional loan to restart from the administration of U.S. President Joe Biden, could serve as a private-public sector blueprint for Three Mile Island. The sources asked not to be named due to the sensitivity of the discussions. "Though we have determined it would be technically feasible to restart the unit, we have not made any decision on a restart as there are many economic, commercial, operational and regulatory considerations remaining," Constellation spokesperson Dave Snyder said in an email. Snyder did not comment on the specifics of discussions about reopening the Pennsylvania site. Last month, Constellation told Reuters that it had cleared an engineering study of Three Mile Island, though it was unknown if the Baltimore, Maryland-based energy company would move forward with plans to reopen the site. Constellation also said that given the current premium placed on nuclear energy, acquiring other sites was generally off the table and the company would instead look to expand its existing fleet. The Three Mile Island unit that could be restarted is different to the site's unit 2, which experienced a partial meltdown in 1979 in the most famous commercial nuclear accident in U.S. history. The report notes that "no U.S. nuclear power plant has been reopened after shutting." A restart will not only be costly, but it will be challenged over safety and environmental concerns.Read more of this story at Slashdot.

OpenAI is close to a breakthrough with a new project called "Strawberry," which aims to enhance its AI models with advanced reasoning abilities. Reuters reports: Teams inside OpenAI are working on Strawberry, according to a copy of a recent internal OpenAI document seen by Reuters in May. Reuters could not ascertain the precise date of the document, which details a plan for how OpenAI intends to use Strawberry to perform research. The source described the plan to Reuters as a work in progress. The news agency could not establish how close Strawberry is to being publicly available. How Strawberry works is a tightly kept secret even within OpenAI, the person said. The document describes a project that uses Strawberry models with the aim of enabling the company's AI to not just generate answers to queries but to plan ahead enough to navigate the internet autonomously and reliably to perform what OpenAI terms "deep research," according to the source. This is something that has eluded AI models to date, according to interviews with more than a dozen AI researchers. Asked about Strawberry and the details reported in this story, an OpenAI company spokesperson said in a statement: "We want our AI models to see and understand the world more like we do. Continuous research into new AI capabilities is a common practice in the industry, with a shared belief that these systems will improve in reasoning over time." On Tuesday at an internal all-hands meeting, OpenAI showed a demo of a research project that it claimed had new human-like reasoning skills, according to Bloomberg, opens new tab. An OpenAI spokesperson confirmed the meeting but declined to give details of the contents. Reuters could not determine if the project demonstrated was Strawberry. OpenAI hopes the innovation will improve its AI models' reasoning capabilities dramatically, the person familiar with it said, adding that Strawberry involves a specialized way of processing an AI model after it has been pre-trained on very large datasets. Researchers Reuters interviewed say that reasoning is key to AI achieving human or super-human-level intelligence.Read more of this story at Slashdot.

A 2023 red team exercise by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) at an unnamed federal agency exposed critical security failings, including unpatched vulnerabilities, inadequate incident response, and weak credential management, leading to a full domain compromise. According to The Register's Connor Jones, the agency failed to detect or remediate malicious activity for five months. From the report: According to the agency's account of the exercise, the red team was able to gain initial access by exploiting an unpatched vulnerability (CVE-2022-21587 - 9.8) in the target agency's Oracle Solaris enclave, leading to what it said was a full compromise. It's worth noting that CVE-2022-21587, an unauthenticated remote code execution (RCE) bug carrying a near-maximum 9.8 CVSS rating, was added to CISA's known exploited vulnerability (KEV) catalog in February 2023. The initial intrusion by CISA's red team was made on January 25, 2023. "After gaining access, the team promptly informed the organization's trusted agents of the unpatched device, but the organization took over two weeks to apply the available patch," CISA's report reads. "Additionally, the organization did not perform a thorough investigation of the affected servers, which would have turned up IOCs and should have led to a full incident response. About two weeks after the team obtained access, exploit code was released publicly into a popular open source exploitation framework. CISA identified that the vulnerability was exploited by an unknown third party. CISA added this CVE to its Known Exploited Vulnerabilities Catalog on February 2, 2023." [...] After gaining access to the Solaris enclave, the red team discovered they couldn't pivot into the Windows part of the network because missing credentials blocked their path, despite enjoying months of access to sensitive web apps and databases. Undeterred, CISA managed to make its way into the Windows network after carrying out phishing attacks on unidentified members of the target agency, one of which was successful. It said real adversaries may have instead used prolonged password-praying attacks rather than phishing at this stage, given that several service accounts were identified as having weak passwords. After gaining that access, the red team injected a persistent RAT and later discovered unsecured admin credentials, which essentially meant it was game over for the agency being assessed. "None of the accessed servers had any noticeable additional protections or network access restrictions despite their sensitivity and critical functions in the network," CISA said. CISA described this as a "full domain compromise" that gave the attackers access to tier zero assets -- the most highly privileged systems. "The team found a password file left from a previous employee on an open, administrative IT share, which contained plaintext usernames and passwords for several privileged service accounts," the report reads. "With the harvested Lightweight Directory Access Protocol (LDAP) information, the team identified one of the accounts had system center operations manager (SCOM) administrator privileges and domain administrator privileges for the parent domain. "They identified another account that also had administrative permissions for most servers in the domain. The passwords for both accounts had not been updated in over eight years and were not enrolled in the organization's identity management (IDM)." From here, the red team realized the victim organization had trust relationships with multiple external FCEB organizations, which CISA's team then pivoted into using the access they already had. The team "kerberoasted" one partner organization. Kerberoasting is an attack on the Kerberos authentication protocol typically used in Windows networks to authenticate users and devices. However, it wasn't able to move laterally with the account due to low privileges, so it instead used those credentials to exploit a second trusted partner organization. Kerberoasting yielded a more privileged account at the second external org, the password for which was crackable. CISA said that due to network ownership, legal agreements, and/or vendor opacity, these kinds of cross-organizational attacks are rarely tested during assessments. However, SILENTSHIELD assessments are able to be carried out following new-ish powers afforded to CISA by the FY21 National Defense Authorization Act (NDAA), the same powers that also allow CISA's Federal Attack Surface Testing (FAST) pentesting program to operate. It's crucial that these avenues are able to be explored in such exercises because they're routes into systems adversaries will have no reservations about exploring in a real-world scenario. For the first five months of the assessment, the target FCEB agency failed to detect or remediate any of the SILENTSHIELD activity, raising concerns over its ability to spot genuine malicious activity. CISA said the findings demonstrated the need for agencies to apply defense-in-depth principles. The cybersecurity agency recommended network segmentation and a Secure-by-Design commitment.Read more of this story at Slashdot.

Mark Tyson reports via Tom's Hardware: The German Navy is searching for a new storage system to replace the aging 8-inch (20cm) floppy disks which are vital to the running of its Brandenburg class F123 frigates. According to an official tender document, the ideal answer to the German Navy's problems would be a drop-in floppy disk replacement based upon a storage emulation system, reports Golem.de. Germany's Brandenburg class F123 frigates were commissioned in the mid 1990s, so it is understandable that floppy disks were seen as a handy removable storage medium. These drives are part of the frigates' data acquisition system and, thus "central to controlling basic ship functions such as propulsion and power generation," according to the source report. The F123s are specialized in submarine hunting, and they are also being upgraded in terms of the weapon systems and weapon control systems. Swedish company Saab is the general contractor for the F123 modernizations. It won't be trivial to replace three decades old computer hardware seamlessly, while retaining the full functionality of the existing floppies. However, we note that other companies have wrestled similar problems in recent years. Moreover, there are plenty of emulator enthusiasts using technologies for floppy emulation solutions like Gotek drives which can emulate a variety of floppy drive standards and formats. There are other workable solutions already out there, but it all depends on who the German Navy chooses to deliver the project.Read more of this story at Slashdot.

Southwest Airlines has signed a deal with Archer Aviation to develop plans for an on-demand eVTOL (electric vertical takeoff and landing) service in California. The Verge reports: The service will operate using Archer's battery-powered, four-passenger, tilt-rotor Midnight aircraft, which are designed to take off and land vertically from a landing strip like a helicopter. As part of the deal, the aircraft will get access to 14 California airports where Southwest operates. [...] Archer claims that trips that normally take 60-90 minutes by car can be done in 10-20 minutes in the company's air taxis. Archer came out of stealth in spring 2020 after having poached key talent from Wisk and Airbus' Vahana project. (That fact spurred a lawsuit from Wisk for alleged trade secret theft, which was finally settled last year.) The company has a $1 billion order from United Airlines for its eVTOL aircraft and a deal to mass-produce its eVTOL craft with global automaker Stellantis. Archer recently received a Part 135 air carrier certification from the Federal Aviation Administration, which the company will need to operate an on-demand air taxi service. Archer has said it plans on launching before the end of 2025. [...] As part of the deal, Archer will work with Southwest and its partners on the development of an air taxi network across California. That includes the unions of Southwest employees, like the Southwest Airlines Pilots Association.Read more of this story at Slashdot.

An anonymous reader quotes a report from 404 Media: John Binns, a U.S. citizen who has been incarcerated in Turkey, is linked to the massive data breach of metadata belonging to nearly all of AT&T's customers that the telecommunications giant announced on Friday, three sources independently told 404 Media. [...] As 404 Media reported in January, Binns has already been indicted for allegedly breaking into T-Mobile in 2021 and selling stolen data on more than 40 million people. Now, he is allegedly connected to the latest breach against AT&T, which the company said it detected in April. The AT&T data was lifted from a Snowflake instance, a data warehousing tool, AT&T told 404 Media. Snowflake has been at the center of a series of massive and high profile breaches, including Ticketmaster and Santander. In a blog post published in June which covered a threat actor targeting Snowflake instances, cybersecurity company Mandiant said the threat actor, which it dubs UNC5537, "comprises members based in North America, and collaborates with an additional member in Turkey." In its breach announcement, AT&T said authorities had already apprehended one of the people involved in the breach. Binns was recently arrested and detained in Turkey, The Desk reported in May. That report, which is the last public information about his whereabouts, says he was detained following an extradition request from the U.S. Before he was arrested, Binns told 404 Media in January that he had "reasons to not be concerned" about being extradited.Read more of this story at Slashdot.

Amazon's AI chatbot Rufus is now live for all U.S. customers. Engadget's Lawrence Bonk reports: So what does it do? It's an Amazon chatbot so it helps with shopping. You can ask for lists of recommended products and ask what specific products do and stuff like that. I've tooled around with it a bit this morning and it seems fine, though a bit boring. I will say that I cross-referenced some of the recommended products with the web version and Rufus does not automatically list promoted items, at least for now. It spit out a seemingly random list of well-reviewed products on several occasions. That's fine by me, though I'm not about to buy something based on the word of a one-day old chatbot. You can also ask specific questions about products, but the answers seem to be pulled directly from the descriptions. As any regular Amazon customer knows, some of these descriptions are accurate and others aren't. The chatbot is tied to your personal account, so it can answer questions about upcoming deliveries and the like. Amazon says that the bot has been trained on its product catalog, along with customer reviews, community Q&As and public information found throughout the web. However, it hasn't disclosed what websites it pulled that public information from and to what end. It didn't even confirm that these were retail-adjacent websites. You can try Rufus by updating to the latest version of the Amazon Shopping app. It'll be available in the bottom navigation bar with a typical AI icon consisting of bubbles and sparkles/stars.Read more of this story at Slashdot.

Jowi Morales reports via Tom's Hardware: There's a vast difference between hardware and software developers, which opens up pitfalls for those trying to coordinate the two teams. Arm and x86 researchers encountered it years ago -- and Linus Torvalds, the creator of Linux, fears RISC-V development may fall into the same chasm again. "Even when you do hardware design in a more open manner, hardware people are different enough from software people [that] there's a fairly big gulf between the Verilog and even the kernel, much less higher up the stack where you are working in what [is] so far away from the hardware that you really have no idea how the hardware works," he said (video here). "So, it's really hard to kind of work across this very wide gulf of things and I suspect the hardware designers, some of them have some overlap, but they will learn by doing mistakes -- all the same mistakes that have been done before." [...] "They'll have all the same issues we have on the Arm side and that x86 had before them," he says. "It will take a few generations for them to say, 'Oh, we didn't think about that,' because they have new people involved." But even if RISC-V development is still expected to make many mistakes, he also said it will be much easier to develop the hardware now. Linus says, "It took a few decades to really get to the point where Arm and x86 are competing on fairly equal ground because there was al this software that was fairly PC-centric and that has passed. That will make it easier for new architectures like RISC-V to then come in."Read more of this story at Slashdot.

An anonymous reader quotes a report from Reuters: SpaceX's workhorse Falcon 9 rocket was grounded by the U.S. Federal Aviation Administration (FAA) on Friday after one broke apart in space and doomed its payload of Starlink satellites, the first failure in more than seven years of a rocket relied upon by the global space industry. Roughly an hour after Falcon 9 lifted off from the Vandenberg Space Force Base in California on Thursday night, the rocket's second stage failed to reignite and deployed its 20 Starlink satellites on a shallow orbital path where they will soon reenter and burn up in Earth's atmosphere. The attempt to reignite the engine "resulted in an engine RUD for reasons currently unknown," SpaceX CEO Elon Musk wrote early on Friday on his social media platform X, using an industry acronym for Rapid Unscheduled Disassembly that usually means explosion.The Falcon 9 will be grounded until SpaceX investigates the cause of the failure, fixes the rocket and receives the agency's approval, the FAA said in a statement. That process could take several weeks or months, depending on the complexity of the failure and SpaceX's plan to fix it. Musk said SpaceX was updating the software of the Starlink satellites to force their on-board thrusters to fire harder than usual to avoid a fiery atmospheric re-entry. "Unlike a Star Trek episode, this will probably not work, but it's worth a shot," Musk said. The satellites' altitude is so shallow that Earth's gravity is pulling them 3 miles (5 km) closer toward the atmosphere with each orbit, SpaceX later said, confirming they would inevitably "re-enter Earth's atmosphere and fully demise." SpaceX said the second stage's failure occurred after engineers detected a leak of liquid oxygen, a propellant. The mishap occurred on Falcon 9's 354th mission. It was the first Falcon 9 failure since 2016, when a rocket exploded on a launch pad in Florida and destroyed its customer payload, an Israeli communications satellite. The failure "breaks a success streak of more than 300 straight missions," notes Reuters. "We knew this incredible run had to come to an end at some point," Tom Mueller, SpaceX's former vice president of propulsion who designed Falcon 9's engines. "... The team will fix the problem and start the cycle again."Read more of this story at Slashdot.

Samsung unveiled new wearable devices at its Unpacked event earlier this week, drawing comparisons to Apple's offerings. The Galaxy Watch Ultra, set for release on July 24, bears striking similarities to Apple's Watch Ultra 2 launched last September. Both feature titanium cases, orange-accented buttons, and specialized bands. Samsung's version, priced at $650, undercuts Apple's $800 model. Business Insider adds: But the strategy has its downsides. If you spot someone wearing Galaxy Watch Ultra, there's a good chance you'd mistake it for Apple's model -- which doesn't help Samsung differentiate itself. In a statement to Business Insider, Samsung said that the design choices for its new smartwatch were "made to ensure comfort, usability, and durability in a variety of use cases." It didn't mention what went into naming the device. The similarities extend to Samsung's new earbuds. The Galaxy Buds 3 Pro and the Galaxy Buds 3 -- also announced at Unpacked -- got a revamp that steps away from previous designs to make Samsung's Bluetooth earbuds shaped more like Apple AirPods. The Galaxy Buds 2 Pro are stemless and come in light purple, but their successor only comes in silver or white. Similar to the AirPods Pro, Galaxy Buds 3 Pro owners will be able to control their earbuds with gestures.Read more of this story at Slashdot.

Scientists say "a reservoir of disease" is being created after discovering bacteria that naturally occur in rivers are becoming resistant to antibiotics due to the impact of sewage. From a report: Researchers at the University of Suffolk said bacterial strains found on the non-tidal section of the River Deben in Suffolk had acquired resistance by exchanging DNA with antibiotic resistant E. coli. Some bacteria have become resistant to the antibiotic carbapenem, which is used as the last line of defence in fighting infections already resistant to traditional antibiotics. Dr Nick Tucker, a microbiologist leading the research, described the discovery as "particularly worrying." "Organisms that are currently low risk are being mixed with pathogenic organisms from sewage," he said. "We're needlessly adding pathogenic and virulence genes to bacteria found in the environment, and that could be creating a reservoir of disease." The team has been working closely with citizen scientists from the Deben Climate Centre, who have been taking water samples for two years.They have also been working with scientists at the government's CEFAS laboratories, who have helped identify the new strains that are being screened for their resistance to six of the most commonly-used antibiotics. The River Deben rises in Debenham, Suffolk, before flowing through Woodbridge and down to the North Sea.Read more of this story at Slashdot.

India's antitrust watchdog has concluded that Apple abused its dominant position in the iOS app store market, according to a confidential report seen by Reuters, marking a significant development in the country's scrutiny of tech giants. The Competition Commission of India, which initiated an investigation into Apple in 2021, has determined that the company engaged in "abusive conduct and practices" by compelling developers to utilize its proprietary in-app purchase system, Reuters added. The report asserts that Apple wields "significant influence" over the distribution of digital products to consumers through its iOS platform and App Store, characterizing the tech giant as an "unavoidable trading partner" for app developers who have little choice but to comply with Apple's terms.Read more of this story at Slashdot.

The Conversation: Reading and writing articles published in academic journals and presented at conferences is a central part of being a researcher. When researchers write a scholarly article, they must cite the work of peers to provide context, detail sources of inspiration and explain differences in approaches and results. A positive citation by other researchers is a key measure of visibility for a researcher's own work. But what happens when this citation system is manipulated? A recent Journal of the Association for Information Science and Technology article by our team of academic sleuths -- which includes information scientists, a computer scientist and a mathematician -- has revealed an insidious method to artificially inflate citation counts through metadata manipulations: sneaked references. People are becoming more aware of scientific publications and how they work, including their potential flaws. Just last year more than 10,000 scientific articles were retracted. The issues around citation gaming and the harm it causes the scientific community, including damaging its credibility, are well documented. Citations of scientific work abide by a standardized referencing system: Each reference explicitly mentions at least the title, authors' names, publication year, journal or conference name, and page numbers of the cited publication. These details are stored as metadata, not visible in the article's text directly, but assigned to a digital object identifier, or DOI -- a unique identifier for each scientific publication. References in a scientific publication allow authors to justify methodological choices or present the results of past studies, highlighting the iterative and collaborative nature of science. However, we found through a chance encounter that some unscrupulous actors have added extra references, invisible in the text but present in the articles' metadata, when they submitted the articles to scientific databases. The result? Citation counts for certain researchers or journals have skyrocketed, even though these references were not cited by the authors in their articles.Read more of this story at Slashdot.

A group of astronomers want to change the definition of a planet. Their new proposed definition wouldn't bring Pluto back into the planetary fold, but it could reclassify thousands of celestial bodies across the universe. From a report: The International Astronomical Union's (IAU) current definition of a planet, established in 2006, includes only celestial bodies that are nearly round, are gravitationally dominant and orbit our Sun. This Sun-centric definition excludes all of the bodies we've discovered outside our solar system, even if they may fit all other parameters. They are instead considered exoplanets. Those behind the new proposal critiqued the IAU's definition in an upcoming paper in the Planetary Science Journal, arguing it's vague, not quantitative and unnecessarily exclusionary. Their new proposal would instead classify planets based on their mass, considering a planet to be any celestial body that:1. orbits one or more stars, brown dwarfs or stellar remnants and,is more massive than 10AA kilograms (kg) and,is less massive than 13 Jupiter masses (2.5 X 10^28Akg).Read more of this story at Slashdot.

An anonymous reader shares a report: It's been tried before, more than once, but if it comes as a stock feature, maybe people will actually start to use the feature. Google's Pixel 9 range of fondleslabs is coming soon, and the company has already announced an event, Made by Google, for August 13th at 1000 Pacific Time (that's 1700 UTC, and 1800 for Brits.) The new devices are very likely to run Android 15 -- whose first developer preview appeared in February. Android Police reports that one of the less obvious features of the beta may continue to final release and could become more apparent: the desktop mode that can be activated in Android 14 QPR3 Beta 2.1. Having a desktop mode in Android isn't of itself a new thing. Samsung has offered its Dex feature since the Galaxy S8, and various vultures ventured Dex-wards in 2017 and again in 2018. The snag was that you needed a special dock to try it. Android 10 gained a hidden desktop mode in its developer features, but it wasn't easy to find. These days, though, the baseline is rather closer. Monitors with USB C connections are quite ordinary now, with ordinary prices to match, unlike, say, their prices five years ago. You can even get affordable portable ones.Read more of this story at Slashdot.

In a new analysis, research firm Bernstein challenges the conventional wisdom surrounding Apple's iPhone sales fluctuations, arguing that perceived market share shifts between Apple and Android devices are largely illusory. The report, which Bernstein sent to its clients, contends that the majority of iPhone buyers are existing users upgrading their devices, rather than switchers from Android platforms. Bernstein posits that year-to-year changes in iPhone unit sales are predominantly driven by Apple's upgrade rates within its established user base. This dynamic creates the appearance of significant market share gains or losses, particularly in China, where consumers are highly sensitive to new features. The analyst notes that upgrade cycles in China tend to be more pronounced than in other markets, leading to exaggerated perceptions of market share volatility. He suggests that the company's struggles in the region are more likely attributed to poor upgrade rates within its existing customer base rather than a mass exodus to competitors like Huawei.Read more of this story at Slashdot.

An anonymous reader shares a report: The vast majority of the massive, metallic towers the city commissioned to help low-income neighborhoods access high-speed 5G internet still lack cell signal equipment -- more than two years after hundreds of the structures began sprouting across the five boroughs. Just two of the nearly 200 Link5G towers installed by tech firm CityBridge since 2022 have been fitted with 5G equipment, company officials said. Delayed installations and cooling enthusiasm around 5G technology have discouraged carriers like Verizon from using the towers to build out their networks, experts say. The firm only has an agreement with a single telecommunications carrier to deliver high-speed internet, stymieing its efforts to boost mobile connectivity citywide. The 32-foot-tall structures, which resemble giant tampon applicators emerging from the sidewalk, offer the same services as the LinkNYC electronic billboards that popped up around the city in 2016. Those were also installed by CityBridge. Both the original Link kiosks and the 5G towers provide free limited-range Wi-Fi, charging outlets and a tablet to connect users to city services. Data shared by the company shows that 16 million people have used the internet at kiosks since 2016, and the attached tablets are used to call for city services thousands of times each month. But unlike the LinkNYC kiosks, each new tower is topped with a 12-foot-tall cylindrical mesh chamber containing five empty shelves reserved for companies like Verizon and T-Mobile to store the equipment they use to transmit high-speed 5G internet service to paying customers.Read more of this story at Slashdot.

Indonesia said it is beginning to recover data that had been encrypted in a major ransomware attack last month which affected more than 160 government agencies. From a report: The attackers identified as Brain Cipher asked for $8 million in ransom to unlock the data before later apologising and releasing the decryption key for free, according to Singapore-based cybersecurity firm StealthMole. The attack has disrupted multiple government services including immigration and operations at major airports. Indonesian officials have acknowledged that the bulk of the data had not been backed up. Chief Security Minister Hadi Tjahjanto said in a statement late on Thursday that data for 30 public services overseen by 12 ministries had been recovered using a "decryption strategy" without elaborating.Read more of this story at Slashdot.

U.S. phone giant AT&T confirmed Friday it will begin notifying millions of consumers about a fresh data breach that allowed cybercriminals to steal the phone records of "nearly all" of its customers. TechCrunch: In a statement, AT&T said that the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages -- such as who contacted who by phone or text -- during a six-month period between May 1, 2022 and October 31, 2022. AT&T said some of the stolen data includes more recent records from January 2, 2023 for a smaller but unspecified number of customers. The stolen data also includes call records of customers with phone service from other cell carriers that rely on AT&T's network, the company said. [...] In all, the phone giant said it will notify around 110 million AT&T customers of the data breach, company spokesperson Andrea Huguely told TechCrunch.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: A data breach at the phone surveillance operation mSpy has exposed millions of its customers who bought access to the phone spyware app over the past decade, as well as the Ukrainian company behind it. Unknown attackers stole millions of customer support tickets, including personal information, emails to support, and attachments, including personal documents, from mSpy in May 2024. While hacks of spyware purveyors are becoming increasingly common, they remain notable because of the highly sensitive personal information often included in the data, in this case about the customers who use the service. The hack encompassed customer service records dating back to 2014, which were stolen from the spyware maker's Zendesk-powered customer support system. mSpy is a phone surveillance app that promotes itself as a way to track children or monitor employees. Like most spyware, it is also widely used to monitor people without their consent. These kinds of apps are also known as "stalkerware" because people in romantic relationships often use them to surveil their partner without consent or permission. The mSpy app allows whoever planted the spyware, typically someone who previously had physical access to a victim's phone, to remotely view the phone's contents in real-time. As is common with phone spyware, mSpy's customer records include emails from people seeking help to surreptitiously track the phones of their partners, relatives, or children, according to TechCrunch's review of the data, which we independently obtained. Some of those emails and messages include requests for customer support from several senior-ranking U.S. military personnel, a serving U.S. federal appeals court judge, a U.S. government department's watchdog, and an Arkansas county sheriff's office seeking a free license to trial the app. Even after amassing several million customer service tickets, the leaked Zendesk data is thought to represent only the portion of mSpy's overall customer base who reached out for customer support. The number of mSpy customers is likely to be far higher. mSpy's owners, a Ukraine-based company called Brainstack, have yet to publicly disclose the breach. You can visit Have I Been Pwned to see if your email address was involved in a breach.Read more of this story at Slashdot.

Aryan Kapoor, a high schooler from JRD Propulsion, successfully developed a model rocket with SpaceX-style vertical landing capabilities. The three-year effort was made possible by a thrust-vector control and clever landing gear design. Hackaday reports: He started in 2021 with none of the basic skills needed to pull off something like this, but it seems like he quickly learned the ropes. His development program was comprehensive, with static test vehicles, a low-altitude hopper, and extensive testing of the key technology: thrust-vector control. His rocket uses two solid-propellant motors stacked on top of each other, one for ascent and one for descent and landing. They both live in a 3D printed gimbal mount with two servos that give the stack plus and minus seven degrees of thrust vectoring in two dimensions, which is controlled by a custom flight computer with a barometric altimeter and an inertial measurement unit. The landing gear is also clever, using rubber bands to absorb landing forces and syringes as dampers. You can watch the first successful test flight and landing on YouTube.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: The amount of wind and solar power under construction in China is now nearly twice as much as the rest of the world combined, a report has found. Research published on Thursday by Global Energy Monitor (GEM), an NGO, found that China has 180 gigawatts (GW) of utility-scale solar power under construction and 15GW of wind power. That brings the total of wind and solar power under construction to 339GW, well ahead of the 40GW under construction in the US. The researchers only looked at solar farms with a capacity of 20MW or more, which feed directly into the grid. That means that the total volume of solar power in China could be much higher, as small scale solar farms account for about 40% of China's solar capacity. Between March 2023 and March 2024, China installed more solar than it had in the previous three years combined, and more than the rest of the world combined for 2023, the GEM analysts found. China is on track to reach 1,200GW of installed wind and solar capacity by the end of 2024, six years ahead of the government's target. "The unabated wave of construction guarantees that China will continue leading in wind and solar installation in the near future, far ahead of the rest of the world," the report said. Earlier analysis suggests that China will need to install between 1,600GW and 1,800GW of wind and solar energy by 2030 to meet its target of producing 25% of all energy from non-fossil sources. Between 2020 and 2023, only 30% of the growth in energy consumption was met by renewable sources, compared with the target of 50%.Read more of this story at Slashdot.

Today, Amazon announced that it reached its 100% renewable energy goal seven years ahead of schedule. However, as Fast Company's Adele Peters reports, "a group of Amazon employees argues that the company's math is misleading." From the report: A report (PDF) from the group, Amazon Employees for Climate Justice, argues that only 22% of the company's data centers in the U.S. actually run on clean power. The employees looked at where each data center was located and the mix of power on the regional grids -- how much was coming from coal, gas, or oil versus solar or wind. Amazon, like many other companies, buys renewable energy credits (RECs) for a certain amount of clean power that's produced by a solar plant or wind farm. In theory, RECs are supposed to push new renewable energy to get built. In reality, that doesn't always happen. The employee research found that 68% of Amazon's RECs are unbundled, meaning that they didn't fund new renewable infrastructure, but gave credit for renewables that already existed or were already going to be built. As new data centers are built, they can mean that fossil-fuel-dependent grids end up building new fossil fuel power plants. "Dominion Energy, which is the utility in Virginia, is expanding because of demand, and Amazon is obviously one of their largest customers," says Eliza Pan, a representative from Amazon Employees for Climate Justice and a former Amazon employee. "Dominion's expansion is not renewable expansion. It's more fossil fuels." Amazon also doesn't buy credits that are specifically tied to the grids powering their data centers. The company might purchase RECs from Canada or Arizona, for example, to offset electricity used in Virginia. The credits also aren't tied to the time that the energy was used; data centers run all day and night, but most renewable energy is only available some of the time. The employee group argues that the company should follow the approach that Google takes. Google aims to use carbon-free energy, 24/7, on every grid where it operates.Read more of this story at Slashdot.