Slashdot

Intel has spent much of 2021 announcing plans for its future: a new IDM 2.0 strategy, new naming schemes for its process nodes, and new desktop GPUs. At Intel's Architecture Day 2021, we finally got a preview of how some of those changes are coming together in new chips, starting with the upcoming Alder Lake lineup later this year. From a report: As the company has been teasing since last year's Architecture Day, Alder Lake will feature Intel's latest hybrid architecture: instead of simply offering the next generation of powerful Intel CPU cores, it'll offer a mix of both performance and efficiency x86 cores, both of which Intel previewed as part of its announcements. Additionally, Alder Lake will be the first chip released on Intel's newly renamed Intel 7 technology node (not to be confused with Intel 4, which was previously known as Intel's delayed 7nm node, and will be available to consumers sometime in 2023 under the codename "Meteor Lake"). Intel 7 still uses similar technology to the company's current 10nm tech, instead of the bigger leap in manufacturing processes planned for Intel 4. The new x86 performance core -- codenamed "Golden Cove" -- is the successor to the Willow Cove cores that are currently found in the company's 11th Gen Tiger Lake processors. Intel claims that it's the most powerful CPU core its ever built, but the company only offered a comparison to its Cypress Cove cores (the version of its 10nm architecture that Intel ported to its 14nm process), not the more advanced Willow Cove cores. Meanwhile, the company's new x86 Efficient core (codenamed "Gracemont") aims to be "the world's most efficient x86 CPU core" while still offering higher IPC than the company's Skylake chips. Intel claims that for single-thread cases, one of its new efficient cores hits 40 percent more performance at the same power (or similar performance while using 40 percent of the power) of a Skylake core, improvements that double when comparing four Efficient cores running four threads to two Skylake cores running four threads.Read more of this story at Slashdot.

Nvidia CEO Jensen Huang has admitted for the first time that the company's planned acquisition of British chip designer Arm may take longer than the initially-scheduled 18 months. From a report: The acquisition, which would bring together two of the most powerful chip companies in the world, is facing scrutiny from regulators in the US, UK, and China. "Our discussions with regulators are taking longer than initially thought, so it's pushing out the timetable," Huang told The Financial Times. "It's not one particular delay," he added. "But we're confident in the deal, we're confident regulators should recognize the benefits of the acquisition." Huang was previously unwavering in his prediction that the acquisition would be completed by March next year. The agreement between Nvidia and Arm's current owner SoftBank gives the US chip designer until the end of 2022 to clear the purchase with regulators. The opposition to the deal is varied and speaks to Arm's global importance.Read more of this story at Slashdot.

An anonymous reader quotes a report from ScienceAlert: Mini brains grown in a lab from stem cells have spontaneously developed rudimentary eye structures scientists report in a fascinating new paper. On tiny, human-derived brain organoids grown in dishes, two bilaterally symmetrical optic cups were seen to grow, mirroring the development of eye structures in human embryos. This incredible result will help us to better understand the process of eye differentiation and development, as well as eye diseases. Brain organoids are not true brains, as you might be thinking of them. They are small, three-dimensional structures grown from induced pluripotent stem cells -- cells harvested from adult humans and reverse engineered into stem cells, that have the potential to grow into many different types of tissue. In this case, these stem cells are coaxed to grow into blobs of brain tissue, without anything resembling thoughts, emotions, or consciousness. Such 'mini brains' are used for research purposes where using actual living brains would be impossible, or at the very least, ethically tricky -- testing drug responses, for example, or observing cell development under certain adverse conditions. Previous work in the development of organoids showed evidence of retinal cells, but these did not develop optic structures, so the team changed their protocols. They didn't attempt to force the development of purely neural cells at the early stages of neural differentiation, and added retinol acetate to the culture medium as an aid to eye development. Their carefully tended baby brains formed optic cups as early as 30 days into development, with the structures clearly visible at 50 days. This is consistent with the timing of eye development in the human embryo, which means these organoids could be useful for studying the intricacies of this process. There are other implications, too. The optic cups contained different retinal cell types, which organized into neural networks that responded to light, and even contained lens and corneal tissue. Finally, the structures displayed retinal connectivity to regions of the brain tissue. The research has been published in the journal Cell Stem Cell.Read more of this story at Slashdot.

The Freedom of the Press Foundation is calling Apple's plan to scan photos on user devices to detect known child sexual abuse material (CSAM) a "dangerous precedent" that "could be misused when Apple and its partners come under outside pressure from governments or other powerful actors." They join the EFF, whistleblower Edward Snowden, and many other privacy and human rights advocates in condemning the move. Advocacy Director Parker Higgins writes: Very broadly speaking, the privacy invasions come from situations where "false positives" are generated -- that is to say, an image or a device or a user is flagged even though there are no sexual abuse images present. These kinds of false positives could happen if the matching database has been tampered with or expanded to include images that do not depict child abuse, or if an adversary could trick Apple's algorithm into erroneously matching an existing image. (Apple, for its part, has said that an accidental false positive -- where an innocent image is flagged as child abuse material for no reason -- is extremely unlikely, which is probably true.) The false positive problem most directly touches on press freedom issues when considering that first category, with adversaries that can change the contents of the database that Apple devices are checking files against. An organization that could add leaked copies of its internal records, for example, could find devices that held that data -- including, potentially, whistleblowers and journalists who worked on a given story. This could also reveal the extent of a leak if it is not yet known. Governments that could include images critical of its policies or officials could find dissidents that are exchanging those files.[...]Journalists, in particular, have increasingly relied on the strong privacy protections that Apple has provided even when other large tech companies have not. Apple famously refused to redesign its software to open the phone of an alleged terrorist -- not because they wanted to shield the content on a criminal's phone, but because they worried about the precedent it would set for other people who rely on Apple's technology for protection. How is this situation any different? No backdoor for law enforcement will be safe enough to keep bad actors from continuing to push it open just a little bit further. The privacy risks from this system are too extreme to tolerate. Apple may have had noble intentions with this announced system, but good intentions are not enough to save a plan that is rotten at its core.Read more of this story at Slashdot.

sciencehabit shares a report from Science Magazine: Almost 20 years before SARS-CoV-2, a related and even more lethal coronavirus sowed panic, killing nearly 10% of the 8000 people who became infected. But the 2003 outbreak of severe acute respiratory syndrome (SARS) may have left some survivors with a gift. Former SARS patients who have been vaccinated against COVID-19 appear able to fend off all variants of SARS-CoV-2 in circulation, as well as ones that may soon emerge, a new study suggests. Their formidable antibodies may even protect against coronaviruses in other species that have yet to make the jump into humans -- and may hold clues to how to make a so-called pancoronavirus vaccine that could forestall future outbreaks. A team led by emerging disease specialist Linfa Wang from Duke-NUS Medical School in Singapore identified eight SARS survivors who recently received two shots of a messenger RNA COVID-19 vaccine. In the test tube, antibodies sieved from their blood potently "neutralized" an early strain of SARS-CoV-2 as well as SARS-CoV, the virus that caused SARS, Wang and colleagues report today in The New England Journal of Medicine. The team further found these neutralizing antibodies worked well against the Alpha, Beta, and Delta variants of SARS-CoV-2 and stymied five related coronaviruses found in bats and pangolins that potentially could infect humans.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Atlantic: Alexa used to be a name primarily given to human babies. Now it's mainly for robots. Seven years ago, Amazon released Alexa, its voice assistant, and as the number of devices answering to that name has skyrocketed, its popularity with American parents has plummeted. In fact, it has suffered one of the sharpest declines of any popular name in recent years. "Alexa stands alone as a name that was steadily popular -- not a one-year celebrity wonder, not a fading past favorite -- that was pushed off the popularity cliff," Laura Wattenberg, the founder of the naming-trends website Namerology, told me. At first, the number of baby Alexas spiked following the voice assistant's rollout in late 2014 -- perhaps parents heard the name in the news and liked it -- but it has since crashed. Likely, parents began to realize that having the name could be a nuisance, or worse, could become associated with subservience, because people are always giving orders to their virtual Alexas. This up-and-down pattern reminded Wattenberg of what happens with babies named after hurricanes, when "the news coverage and attention causes the name to briefly shoot up, and then the aftermath, when the name is constantly referred to as a disaster, kind of kills it off." Basically, Amazon's impact on the name Alexa resembles that of a natural disaster. The data on baby names released by the Social Security Administration don't indicate why parents pick or avoid particular names, but Alexa's trajectory mirrors the adoption of smart speakers in the U.S. Bret Kinsella, the founder of Voicebot.ai, a site that covers and analyzes data on the voice-assistant industry, told me that consumer uptake surged three years after Alexa's release, in 2017. And the number of baby Alexas plunged below its pre-Amazon baseline in 2018 -- that may be when many parents started to understand the ubiquity of the name. (Now more than 90 million American adults are estimated to have a smart speaker in their household.) "The voice assistant's debut in the United Kingdom (in 2016) and in Canada (in 2017) were also followed by drop-offs in baby Alexas," the report adds. "Amazon did not exactly ruin the life of every Alexa, but the consequences of its decision seven years ago are far-reaching -- roughly 127,000 American baby girls were named Alexa in the past 50 years, and more than 75,000 of them are younger than 18. Amazon didn't take their perfectly good name out of malice, but regardless, it's not giving it back."Read more of this story at Slashdot.

NicknamesAreStupid writes: As a follow-up to [last week's story about a large homeless encampment growing on the site Apple earmarked for its North San Jose campus], Apple appears to be using the promise of building affordable homes as a part of moving the current homeless encampment out. [According to Patently Apple, "Apple is preparing construction activities at its huge north San Jose office campus, a move that could bring thousands of jobs to the mixed-use tech hub." The company says it "would spend millions to reach out to and relocate residents of a homeless encampment that has formed on the company's land." Specific plans and details have yet to be released.] This raises the question: will companies revert to a new form of "company town" used by the coal and oil companies during the 20th century? Instead of villages in remote locations, will tech companies build urban islands of homes for employees, effectively subsidizing their housing in a manner similar to subsidized healthcare of the mid-twentieth century? Of course, the catch is that if you leave the company, you lose your home.Read more of this story at Slashdot.

The world's largest chipmaker Taiwan Semiconductor Manufacturing Company (TSMC) has overtaken Chinese tech behemoth Tencent to become Asia's most valuable firm. CNBC reports: It comes as Beijing's regulatory crackdown on the country's tech sector in the past few months has slammed the valuations of Chinese tech giants Tencent and Alibaba. TSMC, a major supplier to Apple, overtook Tencent earlier in August. The Taiwanese chipmaker is now sitting at the top spot by market capitalization -- among Asia firms -- at more than $538 billion, according to data from Refinitiv Eikon as of Wednesday morning during Asia hours. Tencent sat in second place, with a market capitalization of more than $536 billion while Alibaba was a distant third at about $472 billion. The market capitalizations of both Tencent and Alibaba were hit again on Tuesday -- losing more than $20 billion each -- after China's market regulator issued draft rules aimed at stopping unfair competition on the internet. [...] Chipmaker TSMC, on the other hand, has gotten a boost as the world faces a global semiconductor shortage driven by supply chain disruptions due to the pandemic, along with a surge in demand from industries such as automobiles and data centers. Responding to the shortage, TSMC said earlier this year it plans to invest $100 billion over the next three years to increase capacity.Read more of this story at Slashdot.

More owners of the first-generation Nest Hub are receiving the update to Google's Fuchsia operating system as it expands beyond the Preview program. 9to5Google reports: Back in May, Google formally released Fuchsia, its effort to develop a "not Linux" operating system from scratch, which has been years in the making. The first device to receive the new OS was Google's 2018 smart display, the Nest Hub -- not to be confused with the second generation Nest Hub with sleep tracking released earlier this year -- taking it permanently off of the existing Linux based "Cast OS" without negatively affecting the UI or experience. At the time, the rollout of Fuchsia was limited to a select few devices that were enrolled in the "Preview program" available to all devices via the Google Home app. Over time, the number of Nest Hubs running Fuchsia was expanded, with Google no doubt watching carefully for any issues with the upgrade. Late last week, Google updated a support page to reflect that the Nest Hub has received a new firmware update for both the Preview program and all other devices. Specifically, the first-gen Nest Hub is now receiving firmware version 1.52.260996. Google confirmed to us that this update does indeed include the upgrade to Fuchsia. All goes well, this means in a matter of days, all first-gen Nest Hub devices in households around the world should be running Fuchsia.Read more of this story at Slashdot.

An anonymous reader quotes a report from Deadline: Three former Netflix software engineers are among those who have been charged by the U.S. Securities and Exchange Commission for alleged insider trading. In a complaint (PDF) filed in federal court in Seattle, the regulatory agency says the engineers and two associates generated more than $3 million in profits from a "long-running scheme." The cornerstone of the setup, according to the complaint, was confidential information they obtained about Netflix subscriber growth. Subscriber numbers at Netflix or, more recently, Disney and other companies, have been central to Wall Street's embrace or rejection of stocks in recent years. The SEC's complaint, Sung Mo "Jay" Jun was at the center of a long-running scheme to illegally trade on non-public information concerning the growth in Netflix's subscriber base. The complaint alleges that Sung Mo Jun, while employed at Netflix in 2016 and 2017, repeatedly tipped this information to his brother, Joon Mo Jun, and his close friend, Junwoo Chon, who both used it to trade in advance of multiple Netflix earnings announcements. After Sung Mo Jun left Netflix in 2017, the complaint says, he obtained confidential Netflix subscriber growth information from another Netflix insider, Ayden Lee. Sung Mo Jun allegedly traded himself and tipped Joon Jun and Chon in advance of Netflix earnings announcements from 2017 to 2019. The SEC alleges that Sung Mo Jun's former Netflix colleague Jae Hyeon Bae, another Netflix engineer, tipped Joon Jun based on Netflix's subscriber growth information in advance of Netflix's July 2019 earnings announcement. The SEC said its market abuse unit uncovered the trading ring by using data analysis tools to identify the traders' suspicious run of success. "We allege that a Netflix employee and his close associates engaged in a long-running, multimillion dollar scheme to profit from valuable, misappropriated company information," Erin E. Schneider, director of the SEC's San Francisco office, said in a press release. "The charges announced today hold each of the participants accountable for their roles in the scheme." The defendants allegedly tried to evade detection by using encrypted messaging applications and paying cash kickbacks," added Joseph Sansone, Chief of the SEC's market abuse unit. Sung Mo Jun, Joon Jun, Chon, and Lee have consented to the entry of judgments, the SEC said. If approved by the court, the judgments would permanently enjoin each from violating the charged provisions, with civil penalties to be decided later by the court. Sung Mo Jun also agreed to an officer and director bar. Bae consented to the entry of a final judgment, also subject to court approval, and imposing a civil penalty of $72,875.Read more of this story at Slashdot.

Apple censors references to Chinese politicians, dissidents and other topics in its engraving service, a report alleges. The BBC reports: Citizen Lab said it had investigated filters set up for customers who wanted something engraved on a new iPhone, iPad or other Apple device. And Apple had a broad list of censored words, not just in mainland China but also in Hong Kong and Taiwan. Apple said its systems "ensure local laws and customs are respected." "As with everything at Apple, the process for engraving is led by our values," chief privacy officer Jane Horvath wrote in a letter (PDF) provided to CitizenLab in advance of the publication of its report. And the engraving service tried not to allow trademarked phrases, alongside those that "are vulgar or culturally insensitive, could be construed as inciting violence, or would be considered illegal according to local laws, rules, and regulations." [CitizenLab's] new report found more than 1,100 filtered keywords, across six different regions, mainly relating to offensive content, such as racist or sexual words. But it alleges the rules are applied inconsistently and are much wider for China. "Within mainland China, we found that Apple censors political content, including broad references to Chinese leadership and China's political system, names of dissidents and independent news organizations, and general terms relating to religions, democracy, and human rights," it says. The report also alleges that censorship "bleeds" into both the Hong Kong and Taiwan markets. It found: 1,045 keywords blocked in mainland China; 542 in Hong Kong; and 397 in Taiwan. In contrast, Japan, Canada and the US had between 170 and 260 filtered words.Read more of this story at Slashdot.

In a statement to CRN, Intel said it was "winding down" RealSense and transferring the talent and computer vision tech to efforts that "better support" its core chip businesses. Engadget reports: Questions surfaced about the fate of RealSense after the team's leader, Sagi Ben Moshe, said he was leaving Intel two weeks ago. RealSense aimed to make computer vision more flexible and accessible. A company or researcher could buy cameras to aid everything from robot navigation through to facial recognition, and there was even a developer-focused phone. It was never a truly mainstream product, though, and ASI VP Kent Tibbils told CRN that there were few customers buying RealSense cameras in any significant quantities. It wasn't really a money-making division, even if the work helped Intel's other teams. For Intel, there's likely a simpler answer: it wants to cut ballast. CEO Pat Gelsinger wants Intel to reclaim the chipmaking crown, and that means concentrating its resources on design and manufacturing capabilities. No matter how successful RealSense is, it's a potential distraction from Intel's latest strategy.Read more of this story at Slashdot.

An anonymous reader quotes a report from The New York Times: Facebook's mission is to "bring the world closer together." Increasingly, that's about not just connecting friends and family to share messages, but also serving as a platform for people's financial lives. Some $100 billion in payments have been enabled by Facebook over the past year, said David Marcus, who runs the company's financial services unit. But that's just the start of the social network's ambitions in the finance industry, Mr. Marcus writes in a new memo about the country's "broken" payments system, reported in the DealBook newsletter. At the center of Facebook's push into payments is Novi, a digital wallet intended for users to move money around the world quickly and cheaply (free, in many cases). The company had a plan to pair it with a "stablecoin" cryptocurrency called Libra, but that was shelved amid regulatory scrutiny, and now the scaled-back project, known as Diem, is overseen by an outside nonprofit group seeking the necessary government approvals. In recounting some of Facebook's setbacks in trying to break into the crypto payments industry, Mr. Marcus describes the tech giant, the subject of antitrust inquiries around the world, as an underdog. Facebook faces unfair resistance in the financial industry, he wrote. "I've heard multiple conversations about how this proposal would be so great if only Facebook wasn't involved," he said. "I understand and accept the need for extra scrutiny due to our scale." But Mr. Marcus describes Facebook as a "challenger in the payments industry," with no specific plan yet to monetize use of the Novi wallet, which won't charge for person-to-person payments, even across borders. He added that allowing users to pay with dollars, euros and other fiat currencies via the Novi wallet would bring a lot of value. "So why not just do that and call it a day?" he wrote. "Well, we might." But before deciding on that, he doesn't want to "waste our shot" at incorporating stablecoins into an "open, interoperable protocol" for online payments. "To have the maximum impact, building a closed system using fiat only wasn't going to cut it," he said in the memo. Mr. Marcus believes that a well-designed stablecoin pegged to a fiat currency, backed one to one in cash reserves, could offer strong consumer protections. It would also provide quicker access to funds than traditional bank accounts. "We will continue to persevere and demonstrate we can be a trusted player in this industry," he wrote, adding that the Novi wallet has licenses or approvals in nearly every U.S. state and that the Diem stablecoin project "has addressed every legitimate concern." Facebook's digital wallet is ready to come to market, Mr. Marcus said, and "we deserve a fair shot." To judge by Facebook's difficulties getting to this point, regulators remain to be convinced.Read more of this story at Slashdot.

T-Mobile has confirmed that millions of current and former customers had their information stolen in a data breach, following reports of a hack over the weekend. From a report: In a statement, T-Mobile, which has more than 100 million customers, said its preliminary analysis shows 7.8 million current postpaid T-Mobile customers had information taken in the data breach. The carrier said that some personal data was also taken, including customer names, dates of birth, Social Security numbers and driver's license information for a "subset" of current and former postpay customers and prospective T-Mobile customers. The company also said that 40 million records of former and prospective customers was taken, but that "no phone numbers, account numbers, PINs, passwords, or financial information were compromised." But the company warned that approximately 850,000 active T-Mobile customer names, phone numbers and account PINs were in fact compromised, and that customer names, phone numbers and account PINs were exposed.Read more of this story at Slashdot.

An anonymous reader writes: Apple's NeuralHash algorithm (PDF) -- the one it's using for client-side scanning on the iPhone -- has been reverse-engineered. Turns out it was already in iOS 14.3, and someone noticed: Early tests show that it can tolerate image resizing and compression, but not cropping or rotations. We also have the first collision: two images that hash to the same value. The next step is to generate innocuous images that NeuralHash classifies as prohibited content. This was a bad idea from the start, and Apple never seemed to consider the adversarial context of the system as a whole, and not just the cryptography.Read more of this story at Slashdot.

Since early in the pandemic, soaring demand for consumer electronics led to persistent chip shortages. Some recent signs suggest the situation may finally be starting to change. From a report: An executive at the memory chip maker Micron Technology said last week at an investor conference that demand for consumer PCs is slowing and that some of its customers have more chips lying around. A day later, Morgan Stanley downgraded several chip stocks in a note titled "Winter is Coming." The analysts said PC inventory is rising and that the smartphone market is likely to experience similar deterioration. An old investor maxim says technology companies tend to handily outperform during cyclical upswings while the reverse is true on the downside. Well, the industry is beginning to fall short of estimates. Global PC shipments grew by 13% in the second quarter, according to research firm IDC. That was below Evercore ISI's expectation of 18% and a big deceleration from the 55% rise in the first quarter. Furthermore, wireless router manufacturer Netgear Inc. gave disappointing guidance last month, adding that sales were worse-than-expected in its consumer networking category. Still, it's probably too soon to declare an end. Outbreaks of the delta variant and the long-term efficacy of vaccines make predictions even harder than usual. Some chip analysts have said reports of weakness are primarily seasonal and that sales will pick up through next year. Shortages also vary by part. So even if you can walk into a store and find plenty of laptops, you'll still struggle to get a new car or a video game console. In some cases, chip delivery times are longer than 20 weeks, the longest wait in at least four years. But as I wrote last month, the pandemic rush to computers and printers won't repeat itself. Once a worker or student buys a laptop, they don't need another one for several years. Retailers are offering extensive discounts on nearly every PC-related category, with the exception of graphics cards. (It's still a good time to be in the games business.) The waning demand for PCs will likely last for at least several more quarters.Read more of this story at Slashdot.

Apple has released a new version of iCloud for Windows, numbered 12.5. The update adds the ability to access and manage passwords saved in iCloud from a Windows machine, a feature that users have long requested. From a report: Apple has been gradually adding more support for iCloud passwords on non-Apple platforms with mixed results. The company released a Chrome extension that synced iCloud passwords with Chrome. But like this new iCloud Passwords app, it did the bare minimum and not much else. Still, this addition is welcome for users who primarily live in the Apple ecosystem (and thus use Apple's iCloud password locker) but who sometimes have to use Windows. For example, some folks use an iPhone or a Mac most of the time but have a Windows PC that is only used to play games that can't be played on the Mac.Read more of this story at Slashdot.

Microsoft's upcoming release of Windows 11 will make it even harder to switch default browsers and ignores browser defaults in new areas of the operating system. While Microsoft is making many positive changes to the Windows 11 UI, the default apps experience is a step back and browser competitors like Mozilla, Opera, and Vivaldi are concerned. From a report: In Windows 11, Microsoft has changed the way you set default apps. Like Windows 10, there's a prompt that appears when you install a new browser and open a web link for the first time. It's the only opportunity to easily switch browsers, though. Unless you tick "always use this app," the default will never be changed. It's incredibly easy to forget to toggle the "always use this app" option, and simply launch the browser you want from this prompt and never see this default choice again when you click web links. If you do forget to set your default browser at first launch, the experience for switching defaults is now very confusing compared to Windows 10. Chrome and many other rival browsers will often prompt users to set them as default and will throw Windows users into the default apps part of settings to enable this. Microsoft has changed the way default apps are assigned in Windows 11, which means you now have to set defaults by file or link type instead of a single switch. In the case of Chrome, that means changing the default file type for HTM, HTML, PDF, SHTML, SVG, WEBP, XHT, XHTML, FTP, HTTP, and HTTPS. Firefox's statement: We have been increasingly worried about the trend on Windows. Since Windows 10, users have had to take additional and unnecessary steps to set and retain their default browser settings. These barriers are confusing at best and seem designed to undermine a user's choice for a non-Microsoft browser.Read more of this story at Slashdot.

A flaw in software made by BlackBerry has left two hundred million cars, along with critical hospital and factory equipment, vulnerable to hackers -- and the company opted to keep it secret for months. Politico: On Tuesday, BlackBerry announced that old but still widely used versions of one of its flagship products, an operating system called QNX, contain a vulnerability that could let hackers cripple devices that use it. But other companies affected by the same flaw, dubbed BadAlloc, went public with that news in May. Two people familiar with discussions between BlackBerry and federal cybersecurity officials, including one government employee, say the company initially denied that BadAlloc impacted its products at all and later resisted making a public announcement, even though it couldn't identify all of the customers using the software. The back-and-forth between BlackBerry and the government highlights a major difficulty in fending off cyberattacks on increasingly internet-connected devices ranging from robotic vacuum cleaners to wastewater-plant management systems. When companies such as BlackBerry sell their software to equipment manufacturers, they rarely provide detailed records of the code that goes into the software -- leaving hardware makers, their customers and the government in the dark about where the biggest risks lie. BlackBerry may be best known for making old-school smartphones beloved for their manual keyboards, but in recent years it has become a major supplier of software for industrial equipment, including QNX, which powers everything from factory machinery and medical devices to rail equipment and components on the International Space Station.Read more of this story at Slashdot.

Thousands of Afghans struggling to ensure the physical safety of their families after the Taliban took control of the country have an additional worry: that biometric databases and their own digital history can be used to track and target them. From a report: U.N. Secretary-General Antonio Guterres has warned of "chilling" curbs on human rights and violations against women and girls, and Amnesty International on Monday said thousands of Afghans - including academics, journalists and activists - were "at serious risk of Taliban reprisals." After years of a push to digitise databases in the country, and introduce digital identity cards and biometrics for voting, activists warn these technologies can be used to target and attack vulnerable groups. "We understand that the Taliban is now likely to have access to various biometric databases and equipment in Afghanistan," the Human Rights First group wrote on Twitter on Monday. "This technology is likely to include access to a database with fingerprints and iris scans, and include facial recognition technology," the group added. The U.S.-based advocacy group quickly published a Farsi-language version of its guide on how to delete digital history - that it had produced last year for activists in Hong Kong - and also put together a manual on how to evade biometrics. Tips to bypass facial recognition include looking down, wearing things to obscure facial features, or applying many layers of makeup, the guide said, although fingerprint and iris scans were difficult to bypass.Read more of this story at Slashdot.

Samsung has confirmed that it will stop showing ads in default apps including Samsung Weather, Samsung Pay, and Samsung Theme. From a report: It follows comments made by its mobile chief TM Roh in an internal town hall meeting reported by Yonhap. "Samsung has made a decision to cease the advertisement on proprietary apps including Samsung Weather, Samsung Pay, and Samsung Theme," the company said in a statement given to The Verge. "The update will be ready by later this year." "Our priority is to deliver innovative mobile experiences for our consumers based on their needs and wants," the company said. "We value feedback from our users and continue our commitment to provide them with the best possible experience from our Galaxy products and services."Read more of this story at Slashdot.

An anonymous reader quotes a report from The Record: Scripps Health, a California-based nonprofit healthcare provider that runs five hospitals and 19 outpatient facilities, said it expects to lose an estimated $106.8 million following a ransomware attack that hit the organization in May 2021. The bulk of the losses, representing $91.6 million, came from lost revenues during the four weeks the organization needed to recover from the May ransomware attack. Scripps also lost $21.1 million in costs associated with response and recovery. While the company said it recovered $5.9 million through its insurance policy, the healthcare provider said it expects to lose an estimated $106.8 million by the end of the year. The losses stemming from the ransomware attack do not include potential losses due to litigation. Following the attack, several patient groups also filed class-action lawsuits against the organization for failing to protect their data after the organization revealed that the hackers also stole data on roughly 150,000 patients before they encrypted the healthcare provider's servers. The attack, while it did not get the same national coverage in the US as the ones on Colonial Pipeline, JBS Foods, and Kaseya, was one of the most impactful of the year, with Scripps being unable to access its web portal, patient medical records, and provide some patient services for four weeks, during which time staff had to redirect patients to other hospitals, which eventually resulted in the $91.6 million in lost revenue.Read more of this story at Slashdot.

EtherRock, an early NFT project consisting of 100 discrete images of the same cartoon rock, each tinted a slightly different color, is seeing the price of its NFTs soar after crypto-savvy media personality Gary Vaynerchuk tweeted about them a couple of weeks ago. According to Motherboard, "the lowest listed price for a single EtherRock is now 95.2 ETH, or about $300,000. And of the 761 total EtherRock transactions, 581 have happened within the last two weeks. The current highest price paid for an EtherRock is 96 ETH." From the report: The anonymous developer behind EtherRock is still actively maintaining the project. "I was a complete amateur when I built it," they said in an interview with Motherboard. "It was originally intended as a) a joke and b) an exercise for me to learn [the Ethereum coding language] Solidity." They said they would've "spent a lot more effort" on the NFTs had they known they were going to get this expensive. You could be forgiven for thinking it's "stupid" to spend hundreds of thousands of dollars on tokens tied to royalty-free clip art, but EtherRock owners figure they'll get the last laugh. Prominent token-holders include Bitcoin advocate Meltem Demirors and former BitMEX executive Arthur Hayes (the latter of whom is still facing federal prosecution for allegedly violating the Bank Secrecy Act). "Rocks are about flexing," she said. "There are only 100 rocks, and people who try to pretend they own one get called out quickly. Because the data is all public domain, you can see when a rock is moved to a new wallet address."Read more of this story at Slashdot.

The asteroid credited with the extinction of the dinosaurs 66 million years ago is likely to have originated from the outer half of the solar system's main asteroid belt, according to new research by Southwest Research Institute (SwRI). Space.com reports: Known as the Chicxulub impactor, this large object has an estimated width of 6 miles (9.6 kilometers) and produced a crater in Mexico's Yucatan peninsula that spans 90 miles (145 kilometers). After its sudden contact with Earth, the asteroid wiped out not only the dinosaurs, but around 75 percent of the planet's animal species. It is widely accepted that this explosive force created was responsible for the mass extinction that ended the Mesozoic era. Researchers used computer models to analyse how asteroids are pulled from their orbit in different areas of the asteroid belt and drawn towards planets. The observations of 130,000 model asteroids, along with data and behaviour seen in other known impactors, found that objects are 10 times more likely to reach Earth from the outer asteroid belt than previously thought. Prior to crashing into Earth, the extinction-causing asteroid orbited the sun with others, in the main asteroid belt. This concentrated band lies between planets Mars and Jupiter, with its contents usually kept in place by the forces of gravity. Before this study was released, scientists thought that very few of Earth's impactors escaped from the belt's outer half. But, researchers at SwRI discovered that "escape hatches" could be created by thermal forces, which pull more distant asteroids out of orbit and in the direction of Earth. The objects found in these outermost parts of the asteroid belt include many carbonaceous chondrite impactors. These are dark, porous and carbon-containing rocks which can also be found on Earth. Leading up to this research, other scientists have attempted to learn more about the object that doomed the dinosaurs. This included examinations of 66-million-year-old rocks. By doing this, geologists discovered that the Chicxulub asteroid had a similar composition to today's carbonaceous chondrites. By looking at wide timescales of the Chicxulub asteroid, the scientists could predict that a 6-mile asteroid is likely to come into contact with Earth once every 250 million years. Their model showed almost 50 percent of these significant impactors to be of the same carbonaceous chondrite composition. Details of the new study will be published in the November 2021 issue of the journal Icarus.Read more of this story at Slashdot.

An anonymous reader quotes a report from The New York Times: Scientists have come tantalizingly close to reproducing the power of the sun -- albeit only in a speck of hydrogen for a fraction of a second. Researchers at Lawrence Livermore National Laboratory reported on Tuesday that by using 192 gigantic lasers to annihilate a pellet of hydrogen, they were able to ignite a burst of more than 10 quadrillion watts of fusion power -- energy released when hydrogen atoms are fused into helium, the same process that occurs within stars. Indeed, Mark Herrmann, Livermore's deputy program director for fundamental weapons physics, compared the fusion reaction to the 170 quadrillion watts of sunshine that bathe Earth's surface. "This about 10 percent of that," Dr. Herrmann said. And all of the fusion energy emanated from a hot spot about as wide as a human hair, he said. But the burst -- essentially a miniature hydrogen bomb -- lasted only 100-trillionths of a second. Still, that spurred a burst of optimism for fusion scientists who have long hoped that fusion could someday provide a boundless, clean energy source for humanity. The success also signified a moment of redemption for Livermore's football-stadium-size laser apparatus, which is named the National Ignition Facility, or N.I.F. Despite an investment of billions of dollars -- construction started in 1997 and operations began in 2009 -- the apparatus initially generated hardly any fusion at all. In 2014, Livermore scientists finally reported success, but the energy produced then was minuscule -- the equivalent of what a 60-watt light bulb consumes in five minutes. On Aug. 8, the burst of energy was much greater -- 70 percent as much as the energy of laser light hitting the hydrogen target. That is still a losing proposition as an energy source, consuming more power than it produces. But scientists are confident that further jumps in energy output were possible with fine-tuning of the experiment.Read more of this story at Slashdot.

A new paper (PDF) published by Microsoft's research department proposes to tackle piracy with a blockchain-based bounty system titled "Argus." The system allows volunteers to report piracy in exchange for a reward. It uses the Ethereum blockchain and is transparent, practical, and secure, while limiting abusive reports and errors. TorrentFreak reports: Argus is a transparent system built on the Ethereum blockchain that allows people to anonymously report piracy in exchange for a bounty. Pirated content is traced back to the source through a unique watermark that corresponds with a secret code. When a pirated copy is reported, the status of the source (licensee) is changed to "accused." The system provides an appeal option, but if that fails, the accused status changes to "guilty." Argus is an open system but there are various safeguards to prevent abuse. Reporting the same pirated work multiple times under different aliases is useless, for example, as that will only reduce the reward. The system relies on several checks to ensure that the system is open, while avoiding false accusations at the same time. And according to the researchers, the costs of utilizing the blockchain are relatively low. "We effectively optimize several cryptographic operations so that the cost for a piracy reporting is reduced to an equivalent cost of sending about 14 ETH-transfer transactions to run on the public Ethereum network, which would otherwise correspond to thousands of transactions. "With the security and practicality of Argus, we hope real-world anti-piracy campaigns will be truly effective by shifting to a fully transparent incentive mechanism," the researchers add. Whether Microsoft has any plans to test the system in the wild is unknown. It theoretically works with various media types including images, audio and software. That said, it's unclear how effective it will be. The researchers "assume" that the watermarking technology deployed is tamper-free, which isn't always the case today. The paper and the Argus system will be presented at the upcoming 40th International Symposium on Reliable Distributed Systems, which will be held virtually at the end of September.Read more of this story at Slashdot.

IKEA, the world's biggest furniture brand, is branching out into selling renewable energy to households, starting with home market Sweden in September. Reuters reports: Ingka Group, the owner of most IKEA stores worldwide, said households would be able to buy affordable renewable electricity from solar and wind parks, and track their usage through an app. Ingka's partner Svea Solar, which produces solar panels for IKEA, will buy the electricity on the Nordic power exchange Nord Pool and resell it without surcharge. Households will pay a fixed monthly fee plus a variable rate. IKEA, which also sells solar panels for households in 11 markets, said those buyers would be able to track their own production in the app and sell back surplus electricity. Jonas Carlehed, head of sustainability at IKEA Sweden, told Reuters he hoped to roll out the new renewable energy offer as well as IKEA's solar panel offering to all markets.Read more of this story at Slashdot.

Google's next midrange smartphone is the Pixel 5a, featuring a slightly bigger display than last year's Pixel 4a, a considerably larger battery and IP67 water and dust resistance. It's priced at $449, which is $100 more than the Pixel 4a, and is expected to be the last Google phone to include a charger in the box (sorry Pixel 6 fans). Ars Technica reports: Part of the reason for the price increase is that the Pixel 5a is a bigger phone, with a 6.34-inch display and 73.7 mm width compared to the Pixel 4a's 5.8-inch display and 69.4 mm width. Another big change is the addition of IP67 dust and water resistance, which means the phone should survive submersion in 3 feet of water (1 meter) for 30 minutes. As with the Pixel 5, the Pixel 5a's body is metal coated in plastic instead of the pure plastic body of the Pixel 4a. We didn't see the appeal of this construction in the Pixel 5, but the new phone is presumably stronger now. As usual, we're getting a no-frills design that takes care of the basics. On the front, there's a slim-bezel OLED display and a hole-punch camera in the top right, while there are two cameras (main and wide-angle) and a capacitive fingerprint reader on the back. Specs include a Snapdragon 765G (that's a 7 nm chip with two Cortex A76 cores and six Cortex A55 cores), 6GB of RAM, 128GB of storage, and the biggest battery of any Pixel: 4680 mAh. The main camera is 12.2 MP and looks like the same Sony IMX363 sensor that Google has used for the past four years. There's a 16 MP wide-angle and an 8 MP front camera. Oh yeah, the headphone jack is sticking around for at least one more year. If there's a disappointment with the Pixel 5a, it's the 60 Hz display, which is looking pretty slow in a world where 90 Hz and 120 Hz are often the norm. Another important note is that the Pixel 5a will get three years of major updates and three years of security updates. It's currently available for preorder now and starts shipping on August 26.Read more of this story at Slashdot.

An anonymous reader quotes a report from BleepingComputer: Security researchers are sounding the alarm on a critical vulnerability affecting tens of millions of devices worldwide connected via ThroughTek's Kalay IoT cloud platform. The security issue impacts products from various manufacturers providing video and surveillance solutions as well as home automation IoT systems that use the Kalay network for easy connectin and communication with a corresponding app. A remote attacker could leverage the bug to gain access to the live audio and video streams, or to take control of the vulnerable device. Researchers at Mandiant's Red Team discovered the vulnerability at the end of 2020 and worked with the U.S. Cybersecurity and Infrastructure Security Agency and ThroughTek to coordinate the disclosure and create mitigation options. Tracked as CVE-2021-28372, the issue is a device impersonation vulnerability that received a severity score of 9.6 out of 10. It affects the Kalay protocol that is implemented as a software development kit (SDK) that is built into mobile and desktop applications. Mandiant's Jake Valletta, Erik Barzdukas, and Dillon Franke looked at ThroughTek's Kalay protocol and found that registering a device on the Kalay network required only the device's unique identifier (UID). Following this lead, the researchers discovered that a Kalay client, such as a mobile app, usually receives the UID from a web API hosted by the vendor of the IoT device. An attacker with the UID of a target system could register on the Kalay network a device they control and receive all client connection attempts. This would allow them to obtain the login credentials that provide remote access to the victim device audio-video data. The researchers say that this type of access combined with vulnerabilities in device-implemented RPC (remote procedure call) interface can lead to complete device compromise. By the latest data from ThroughTek, its Kalay platform has more than 83 million active devices and manages over 1 billion connections every month. The best way to protect yourself from this vulnerability is to keep your device software and applications updated to the latest version, as well as create complex, unique login passwords. The report also recommends you avoid connecting to IoT devices from an untrusted network.Read more of this story at Slashdot.

ByteDance, TikTok's parent company, has joined the Open Invention Network (OIN), the world's largest non-aggression consortium that protects Linux and related open-source software and the companies behind them from patent attacks and patent trolls. ZDNet reports: The OIN recently broadened its scope from core Linux programs and adjacent open-source code by expanding its Linux System Definition to other patents such as the Android Open Source Project (AOSP) and the Extended File Allocation Table exFAT file system. By becoming a licensee and community member of OIN, ByteDance will be sharing its other patents to Helo, Resso, and the Chinese specific programs Toutiao, Douyin, and Xigua. Why is ByteDance doing this? Because, like many other companies, including Microsoft, they consider "Linux and adjacent open source software as key elements for our business," said Lynn Wu, ByteDance's Chief IP Counsel. Wu continued, "ByteDance's participation in the OIN community shows our consistent commitment to shared innovation. We will continue to support it with patent non-aggression in core Linux and other important open-source software technologies." ByteDance may also have joined because its biggest fellow Chinese rival, Kuaishou, recently joined the OIN. In recent years, many Chinese firms, such as hardware giant Inspur, have joined forces with the OIN.Read more of this story at Slashdot.

Amazon has eclipsed Walmart to become the world's largest retail seller outside China, according to corporate and industry data, a milestone in the shift from brick-and-mortar to online shopping that has changed how people buy everything from Teddy Grahams to teddy bears. From a report: Propelled in part by surging demand during the pandemic, people spent more than $610 billion on Amazon over the 12 months ending in June, according to Wall Street estimates compiled by the financial research firm FactSet. Walmart on Tuesday posted sales of $566 billion for the 12 months ending in July. Alibaba, the giant online Chinese retailer, is the world's top seller. Neither Amazon nor Walmart is a dominant player in China. In racing past Walmart, Amazon has dethroned one of the most successful -- and feared -- companies of recent decades. Walmart perfected a thriving big-box model of retailing that squeezed every possible penny out of its costs, which drove down prices and vanquished competitors. But even with all of that efficiency and power, the quest to dominate today's retail environment is being won on the internet. And no company has taken better advantage of that than Amazon. Indeed, the company's delivery (many items land on doorsteps in a day or two) and wide selection first drew customers to online shopping, and it has kept them buying more there ever since. It has also made Jeff Bezos, the company's founder, one of the richest people in the world.Read more of this story at Slashdot.

CES 2022 will be a hybrid event with in-person and digital components. However, in order to attend the event in person, the Consumer Technology Association (CTA) says you'll need to provide proof of vaccination against COVID-19. The Verge reports: As far as those who are not vaccinated, whether by their own choice or because they live somewhere without access to vaccines, the CTA says it's "assessing the acceptance of proof of a positive antibody test as an alternative requirement." It's also unknown how this will apply to events happening beyond the show floor and keynote ballrooms, or outside the CTA's umbrella entirely. We expect to hear more details about all of this long before the CES 2022 media days start on January 3rd, or when the show floor opens on January 5th. Here's an excerpt from the CTA's announcement: The Consumer Technology Association (CTA) today announced that CES 2022, the world's most influential technology event, will require in-person attendees to provide proof of COVID-19 vaccination. CES 2022 will take place in Las Vegas on January 5-8, 2022. For those who may be unable to travel to Las Vegas, CTA will again create a digital event that will run in parallel with the in-person program. Digital audiences will have the opportunity to share the spirit of the in-person event.[...]CTA is also assessing the acceptance of proof of a positive antibody test as an alternative requirement and will share more details on this later. Safety, security and health are a priority at CES, and we will follow state and local guidelines and recommendations by the CDC. CTA will continue to monitor and evaluate the situation and will announce additional or modified protocols closer to the show.Read more of this story at Slashdot.

An anonymous reader quotes a report from PCMag: Boston Dynamics taught its robots to dance last year, now one of them can complete a parkour course. The robot company, which is owned by Hyundai, has released two new videos today. The first shows off how well the Atlas robot can perform parkour, while the second video takes us behind the scenes and explains how Atlas works. It's actually the first time Atlas has managed to complete the complex obstacle course flawlessly, and Boston wants to celebrate that. After the dancing video last year, we all expect Boston's robots to do amazing things now, and the parkour video doesn't disappoint. But what it doesn't show is all the hard work, missteps, and problems that need fixing in order to make these demonstrations possible. That's what the second video reveals, and it's the first time I've seen these robots breakdown and leak fluids. There's a hardware team, a software team, technicians, and operations staff required to make this whole operation work. Each Atlas requires three onboard computers in order to process the sensor data and run the algorithms allowing this 5ft, 190lbs robot to move with 28-degrees of freedom without falling over (very often). And even though we're asking these robots to do the same actions as humans, it's a very different challenge.Read more of this story at Slashdot.

An anonymous reader writes: In an award-winning paper last week, academics said they discovered a way to abuse the TCP protocol, firewalls, and other network middleboxes to launch giant distributed denial of service (DDoS) attacks against any target on the internet. Authored by computer scientists from the University of Maryland and the University of Colorado Boulder, the research is the first of its kind to describe a method to carry out DDoS reflective amplification attacks via the TCP protocol, previously thought to be unusable for such operations. Making matters worse, researchers said the amplification factor for these TCP-based attacks is also far larger than UDP protocols, making TCP protocol abuse one of the most dangerous forms of carrying out a DDoS attack known to date and very likely to be abused in the future.Read more of this story at Slashdot.

the_insult_dog writes: Some 10 years after the final Microsoft Silverlight release, some developers still fear being 'Silverlighted,' or seeing a development product in which they have invested heavily be abandoned by Microsoft. Microsoft will tell you that official support for Silverlight will end in less than two months, on Oct. 12, 2021. Anyone in the industry will tell you it effectively died around 2011 when the last version, Silverlight 5, was made available for download. Speculation about its demise arose around the same time.Read more of this story at Slashdot.

OneHundredAndTen writes: Pi is now known to 62.8 trillion decimal digits. Motherboard adds: Researchers in Switzerland broke the world record for the most accurate value of pi over the weekend, the team announced on Monday. They calculated the first 62.8 trillion digits, surpassing the former record by 12.8 trillion decimal points. Calculation first started in late April at the Competence Center for Data Analysis, Visualization and Simulation (DAViS) at the University of Applied Sciences in Graubünden, Switzerland. The calculated data was then backed up onto the high-performance computer where a Y-cruncher wrote it into the hexadecimal notation. It was then converted into the decimal system and verified by a mathematical algorithmRead more of this story at Slashdot.

For years, a mysterious figure has been stealing books before their release. Is it espionage? Revenge? Or a complete waste of time? Vulture: On the spectrum of cyberattacks, this one wasn't very complex. There was no malicious software or actual hacking involved. Some of the earliest victims used Gmail accounts for work, which were easy and free to spoof. Registering an alternate domain and setting up an email server was only slightly more involved, and the possibilities were endless: t's became f's (@wwnorfon.com), q's replaced g's (@wylieaqency.com), r's and n's cornbined to make m's (@penguinrandornhouse.com). The domains suggested someone who liked to play with words as much as code. Books became bocks, unless the company was Dutch, in which case boek was Anglicized to book. What did seem sophisticated was the thief's knowledge of the business. The culprit wrote like someone in publishing, abbreviating to "MS" for manuscript and "WEL" for world English-language rights, while exchanging insider chatter, telling one victim that a publisher was pitching a book as a comp to Pachinko and expressing surprise to another that a novel had recently sold for a shocking amount. The thief sent messages in the wake of announcements on Publishers Marketplace, a subscription website that tracks deals, but they also asked about books that the thief's marks didn't even know existed. The mimicry wasn't always perfect -- an assistant at the talent agency WME realized her boss was being impersonated because she would never say "please" or "thank you" -- but the impression was good enough. What's more, the thief seemed to have a strong grasp of the rarefied world of international publishing. The first emails, in the fall of 2016, traveled almost exclusively among the small group of people who handle the flow of manuscripts between countries, including a foreign-rights manager in Greece, an editor in Spain, and an agent selling international writers in the Chinese market. In the attempted "Millennium" heist, only a few dozen people in the world knew the book was being shared with foreign publishers and that Mork and Altrov Berg controlled access to it.Read more of this story at Slashdot.

A new paper suggests Saturn's core is more like a fluid than a solid, and makes up more of the planet's interior than we thought. From a report: With its massive rings stretching out 175,000 miles in diameter, Saturn is a one-of-a-kind planet in the solar system. Turns out its insides are pretty unique as well. A new study published in Nature Astronomy on Monday suggests the sixth planet from the sun has a "fuzzy" core that jiggles around. It's quite a surprising find. "The conventional picture for Saturn or Jupiter's interior structure is that of a compact core of rocky or icy material, surrounded by a lower-density envelope of hydrogen and helium," says Christopher Mankovich, a planetary scientist at Caltech and coauthor of the new study, along with his colleague Jim Fuller. What Mankovich and Fuller glimpsed "is essentially a blurred-out version of that conventional structure." Instead of seeing a tidy boundary dividing the heavier rocks and ice from the lighter elements, they found that the core is oscillating so that there is no single, clear separation. This diffuse core extends out to about 60% of Saturn's radius -- a huge leap from the 10 to 20% of a planet's radius that a traditional core would occupy. One of the wildest aspects of the study is that the findings did not come from measuring the core directly -- something we've never been able to do. Instead, Mankovich and Fuller turned to seismographic data on Saturn's rings first collected by NASA's Cassini mission, which explored the Saturnian system from 2004 to 2017. "Saturn essentially rings like a bell at all times," says Mankovich. As the core wobbles, it creates gravitational perturbations that affect the surrounding rings, creating subtle "waves" that can be measured. When the planet's core was oscillating, Cassini was able to study Saturn's C ring (the second block of rings from the planet) and measure the small yet consistent gravitational "ringing" caused by the core. Mankovich and Fuller looked at the data and created a model for Saturn's structure that would explain these seismographic waves -- and the result is a fuzzy interior. "This study is the only direct evidence for a diffuse core structure in a fluid planet to date," says Mankovich.Read more of this story at Slashdot.

Google is the latest manufacturer to bid farewell to the in-box charging brick, saying it expects the Pixel 5A will be the last phone to include one. That means the Pixel 6 and Pixel 6 Pro won't include one when they arrive this fall. From a report: The company says that most people already have a USB-C charging brick, so there's no longer a need to include one with its phones. Apple and Samsung made similar arguments when they announced they would no longer be offering an in-box charger. That may be true, but it's likely that the cost savings of not including a charger played a big role in those decisions.Read more of this story at Slashdot.

A security researcher has discovered a web attack framework developed by a suspected Chinese government hacking group and used to exploit vulnerabilities in 58 popular websites to collect data on possible Chinese dissidents. From a report: Fifty-seven of the sites are popular Chinese portals, while the last is the site for US newspaper, the New York Times. In addition, the tool also abused legitimate browser features in attempts to collect user keystrokes, a large swath of operating system details, geolocation data, and even webcam snapshots of a target's face -- although many of these capabilities weren't as silent as the exploits targeting third-party websites, since they also tended to trigger a browser notification prompt. Named Tetris, the tool was found secretly uploaded on two websites with a Chinese readership. "The sites both appear to be independent newsblogs," said a security researcher going online under the pseudonym of Imp0rtp3, who analyzed the Tetris attack framework for the first time in a blog post earlier this month. "Both [sites] are focused on China, one site [is focused on China's] actions against Taiwan and Hong-Kong written in Chinese and still updated and the other about general atrocities done by the Chinese government, written in Swedish and last updated [in] 2016," the researcher said. According to Imp0rtp3, users who landed on these two websites were first greeted by Jetriz, the first of Tetris' two components, which would gather and read basic information about a visitor's browser.Read more of this story at Slashdot.

A security researcher has discovered a web attack framework developed by a suspected Chinese government hacking group and used to exploit vulnerabilities in 58 popular websites to collect data on possible Chinese dissidents. From a report: Fifty-seven of the sites are popular Chinese portals, while the last is the site for US newspaper, the New York Times. In addition, the tool also abused legitimate browser features in attempts to collect user keystrokes, a large swath of operating system details, geolocation data, and even webcam snapshots of a target's face -- although many of these capabilities weren't as silent as the exploits targeting third-party websites, since they also tended to trigger a browser notification prompt. Named Tetris, the tool was found secretly uploaded on two websites with a Chinese readership. "The sites both appear to be independent newsblogs," said a security researcher going online under the pseudonym of Imp0rtp3, who analyzed the Tetris attack framework for the first time in a blog post earlier this month. "Both [sites] are focused on China, one site [is focused on China's] actions against Taiwan and Hong-Kong written in Chinese and still updated and the other about general atrocities done by the Chinese government, written in Swedish and last updated [in] 2016," the researcher said. According to Imp0rtp3, users who landed on these two websites were first greeted by Jetriz, the first of Tetris' two components, which would gather and read basic information about a visitor's browser.Read more of this story at Slashdot.

phalse phace writes: Chinese regulators on Tuesday issued a lengthy set of draft regulations for the internet sector, banning unfair competition and restricting the use of user data, the latest move in a crackdown on the country's powerful tech companies. According to a document published on China's State Administration for Market Regulation (SAMR) website, business operators should not use data, algorithms or other technical means to hijack traffic or influence users' choices. They may also not use technical means to illegally capture or use other business operators' data. The regulator also said firms cannot use technological means to maliciously impose incompatible barriers to other legal internet products and services. It added that in cases involving violations, third-party institutions may be hired to audit data. The proposed regulations come after SAMR imposed various restrictions and punishments on tech giants in an effort to restrict anti-competitive or monopolistic behaviour.Read more of this story at Slashdot.

UnknowingFool writes: Gigabyte announced it will replace PSU models GP-P850GM and GP-P750GM that fail after HardwareBusters and Gamer's Nexus both showed their PSUs fail catastrophically in small explosions. Gigabyte however downplayed the risk by misstating the failed PSUs only exploded after prolonged extreme conditions and that the problem had been corrected last year. Both HardwareBusters and GamerNexus contest multiple points from Gigabyte. Both stated that their units failed quickly under moderate to light loads. In the case of Gamer's Nexus they obtained some units as late as May 2021. This issue was first reported in November 2020, when Hardware Busters evaluated a GP-P750GM model and found it exploded during testing. After many Newegg customers reported multiple issues with two Gigabyte models, Gamer's Nexus purchased or obtained units from customers over the course of several months in the spring. Their testing found 5 out of 10 units failed quickly during OPP (Over Power Protection) testing. A normal OPP scenario should have had the PSU shut down to protect itself. Instead, some of the units exploded. A further complication arose when Newegg customers tried to return failed units. Many of the PSUs were bought in Newegg Shuffle bundles with GPUs, and customers would have to return both the GPU and the PSU. Considering the GPU shortage, most Newegg customers complained about this requirement.Read more of this story at Slashdot.

Associated Press: U.S. health experts are expected to recommend COVID-19 booster shots for all Americans eight months after they get their second dose of the vaccine, to ensure longer-lasting protection as the delta variant spreads across the country. Federal health officials have been looking at whether extra shots for the vaccinated would be needed as early as this fall, reviewing case numbers in the U.S. as well as the situation in other countries such as Israel, where preliminary studies suggest the vaccine's protection against serious illness dropped among those vaccinated in January. An announcement on the U.S. booster recommendation is expected as soon as this week, according to two people familiar with the matter who spoke to The Associated Press on the condition of anonymity to discuss internal deliberations. Doses would only begin to be administered widely once the Food and Drug Administration formally approves the vaccines, which are being dispensed for now under what is known as emergency use authorization. Full approval of the Pfizer shot is expected in the coming weeks.Read more of this story at Slashdot.

There is a corner of LinkedIn free from humble brags, self-promotion, thought leadership and strict decorum. You just need to connect with a zoomer. Although LinkedIn is not a popular online hangout for Generation Z, some of their most viral posts are parodies of LinkedIn itself. From a report: Shiv Sharma graduated from the University of Southern California last year, according to his LinkedIn. A few months ago, he updated his profile listing himself as the assistant chef at the fictional restaurant from Sponge Bob Square Pants. "I have accepted an offer to work for The Krusty Krab Restaurant as part of their Entry Level Chef Program in Bikini Bottom," he wrote. The post garnered more than 5,000 reactions and dozens of comments. Harry Tong is a software development intern at a tech company. But, according to a popular post on his profile: "I am officially the CEO of a BILLION dollar company," he wrote. "For my series Z, my mom invested $10 for 0.000001% of my company, giving it a $1 billion valuation." This subculture of subversion on LinkedIn has inspired countless TikTok videos, a Twitter account called @LinkedinFlex and a devoted Reddit community called LinkedInLunatics. The memes reflect the weariness people feel toward the site -- "primarily a place for bragging," said Jake Zhang, a Toronto-based college student. "People tell stories about how their entire lives have built up to this one moment of getting a job or a promotion, or experts claim they'll change your life with a piece of advice," Tong said. "And I'm just here to poke at the facade a little bit." Most young people treat LinkedIn as a "purely transactional job hunting tool" to be used sparingly, said AJ Wilcox, founder of B2Linked, an advertising agency that specializes in the Microsoft Corp.-owned professional networking site. Maintaining a profile is a "necessary evil," Zhang said. "Everyone I know creates an account due to school or peer pressure," Zhang said. "We use it because there's no alternative for job hunting. But with all the toxic content and bragging, no one I know really likes it." Which is what makes the parodies on LinkedIn so interesting. Most people wouldn't put a joke on their resume. The posts are a byproduct of a generation that lives fearlessly on the internet, eager to entertain and call out any whiff of inauthenticity.Read more of this story at Slashdot.

Hamburg's state government has been formally warned against using Zoom over data protection concerns. From a report: The German state's data protection agency (DPA) took the step of issuing a public warning yesterday, writing in a press release that the Senate Chancellory's use of the popular videoconferencing tool violates the European Union's General Data Protection Regulation (GDPR) since user data is transferred to the US for processing. The DPA's concern follows a landmark ruling (Schrems II) by Europe's top court last summer which invalidated a flagship data transfer arrangement between the EU and the US (Privacy Shield), finding US surveillance law to be incompatible with EU privacy rights. The fallout from Schrems II has been slow to manifest -- beyond an instant blanket of legal uncertainty. However a number of European DPAs are now investigating the use of US-based digital services because of the data transfer issue, and in some instances publicly warning against the use of mainstream US tools like Facebook and Zoom because user data cannot be adequately safeguarded when it's taken over the pond. German agencies are among the most proactive in this respect. But the EU's data protection supervisor is also investigating the bloc's use of cloud services from US giants Amazon and Microsoft over the same data transfer concern.Read more of this story at Slashdot.

An anonymous reader quotes a report from MacRumors: Apple is planning to hold multiple events this fall, which will collectively include the launch of new iPhones, Apple Watches, updated AirPods, revamped iPad mini, and the redesigned MacBook Pros, according to respected Bloomberg journalist Mark Gurman. In his latest weekly Power On newsletter, Gurman says that much like last year, Apple will hold multiple events this coming fall, with the first likely being in September for the iPhone 13. Last year, due to the global health crisis and production constraints, the iPhone 12 lineup was not announced until October. The 2020 September event, rather than focusing on new iPhones, showcased new Apple Watches, iPads, and services. This year, Apple is expected to return to its tradition of announcing its flagship yearly iPhone update in September, according to multiple reports. In today's newsletter, Gurman reiterated his reporting from earlier last week, setting expectations for the iPhone 13 to include updates to the camera focused towards professional users, more advanced displays, and a smaller notch. Alongside the new iPhones, Gurman, as previously reported, says that Apple can be expected to launch the third-generation AirPods featuring an updated design, an updated iPad mini with a larger display, thinner borders, and improved performance, as well as the Apple Watch Series 7 with flatter and improved displays, and performance. As for the highly anticipated MacBook Pros featuring mini-LED displays, updated designs, and the M1X Apple silicon chip, Gurman says they will be available by the time the current 16-inch MacBook Pro, powered by Intel, will celebrate its second anniversary. The 16-inch MacBook Pro was last updated in November of 2019. The first event of the fall in September will likely include the new iPhones, Apple Watches, and AirPods, while the new iPads and possible updates to some of the company's services could be reserved for a second event, with the final event of the season being focused on Apple silicon Macs.Read more of this story at Slashdot.

phalse phace shares a report from The Associated Press: U.S. officials on Monday declared the first-ever water shortage from a river that serves 40 million people in the West, triggering cuts to some Arizona farmers next year amid a gripping drought. Water levels at the largest reservoir on the Colorado River -- Lake Mead -- have fallen to record lows, underscoring the acute water challenges for a region facing a growing population and a drought that is being worsened by hotter, drier weather brought on by climate change. Federal officials said Monday's declaration makes clear that conditions have intensified faster than scientists predicted in 2019, when some states in the Colorado River basin agreed to give up shares of water to maintain levels at Lake Mead. Water levels at Lake Mead and Lake Powell, the river's two largest reservoirs, have been falling for years and faster than experts predicted. Scorching temperatures and less melting snow in the spring have reduced the amount of water flowing from the Rocky Mountains, where the river originates before it snakes 1,450 miles (2,334 kilometers) southwest and into the Gulf of California. Water stored in Lake Mead and Lake Powell is divvied up through legal agreements among the seven Colorado River basin states, the federal government, Mexico and others. The agreements determine how much water each gets, when cuts are triggered and the order in which the parties have to sacrifice some of their supply. Under a 2019 drought contingency plan, Arizona, Nevada, California and Mexico agreed to give up shares of their water to maintain water levels at Lake Mead. The voluntary measures weren't enough to prevent the shortage declaration.Read more of this story at Slashdot.

Audi's latest concept car, the skysphere, will be able to drive itself, the company claims. But the real hook is that, as it changes from human driving to self-driving, the body of the skysphere expands by 10 inches from end-to-end. CNN reports: The concept car's long hood extends forward and the steering wheel and pedals fold away. The driver's side of the dashboard, really a glass display panel, and the gear selector also pull away, creating a more comfortable space for the driver to relax. All this is possible because the skysphere is an electric car powered by a motor that's mounted behind the seats. That means there's not much under the hood to get in the way as the front end moves forward and backward. In its self-driving mode, the skysphere acts like a touring car, an elegant two seater designed for fast comfortable long distance travel. A longer wheelbase -- the distance between the front and back wheels -- is good for road trips because it can give the car a more stable feel on the highway. And without a steering wheel or pedals, the driver can stretch out, relax and enjoy the scenery. In regular human driving mode, it's more like a sports car. The much shorter wheelbase can give the car a quicker, more responsive driving feel. The car also lowers on its suspension almost a half inch closer to the ground. When put in its sports car mode, a steering wheel unfolds from underneath the dashboard and a set of pedals moves into position in the driver's footwell. This shape-shifting is Audi's attempt to answer a conundrum facing automotive designers. Their advocates say self-driving vehicles can, theoretically, be safer than human drivers, and offer opportunities to rethink what a car can and should be. But among the challenges they face is consumer adoption from people who actually enjoy driving. And Audi, which boasts about the power and performance of its cars, considers those people to be among its core customers. So this car offers them a comforting compromise.Read more of this story at Slashdot.

An anonymous reader quotes a report from Interesting Engineering: The Manatee Energy Storage Center -- the world's largest solar-powered battery storage facility -- is now 75% finished with 100 of 132 total containers already installed, reveals a press release from Florida Power and Light Company (FPL). The battery is housed in Manatee County as the name indicates and is expected to be fully operational by the end of the year. When completed, the system will have a 409-MW capacity with the ability to deliver 900 MWh of energy. This is enough electricity to power 329,000 homes for more than two hours. The battery will serve to replace FPL's coal plants. The battery will store energy in order to bring electricity to homes even when the sun's not shining (at night and on cloudy days) meaning other more polluting power sources will not be required. Although customers are bound to see some financial benefits the main gains will be environmental. According to FPL, each battery module is capable of storing an amount of solar energy equivalent to roughly 2,000 iPhone batteries. The complete battery system will be equivalent to 100 million iPhone batteries and the energy storage containers will be organized across a 40-acre plot of land (the equivalent of 30 football fields). The battery will have a lifespan of 40 years.Read more of this story at Slashdot.