Slashdot

storagedude writes: Alan Paller, founder of the cybersecurity training SANS Technology Institute, has launched an initiative aimed at finding and developing cybersecurity talent at the community college and high school level — through a game developed by their CTO James Lyne. A similar game was already the basis of a UK government program that has reached 250,000 students, and Paller hopes the U.S. will adopt a similar model to help ease the chronic shortage of cybersecurity talent. And Paller's own Cyber Talent Institute (or CTI) has already reached 29,000 students, largely through state-level partnerships. But playing the game isn't the same as becoming a career-ready cybersecurity pro. By tapping high schools and community colleges, the group hopes to "discover and train a diverse new generation of 25,000 cyber stars by the year 2025," Paller told eSecurity Planet. "SANS is an organization that finds people who are already in the field and makes them better. What CTI is doing is going down a step in the pipeline, to the students, to find the talent earlier, so that we don't lose them. Because the way the education system works, only a few people seem to go into cybersecurity. We wanted to change that. "You did an article earlier this month about looking in different places for talent, looking for people who are already working. That's the purpose of CTI. To reach out to students. It's to go beyond the pipeline that we automatically come into cybersecurity through math, computer science, and networking and open the funnel much wider. Find people who have not already found technology, but who have three characteristics that seem to make superstars — tenacity, curiosity, and love of learning new things. They don't mind being faced with new problems. They like them. And what the game does is find those people. So CTI is just moving to earlier in the pipeline."Read more of this story at Slashdot.

"Thanks to a breakthrough in RNA manipulation, crop scientists have developed new potato and rice varieties with higher yields and increased drought tolerance," reports UPI:By inserting a gene responsible for production of a protein called FTO, scientists produced bigger rice and potato plants with more expansive root systems. In experiments, the plants' longer roots improved their drought resistance. Test results — detailed Thursday in the journal Nature Biotechnology — showed the RNA-manipulated plants also improved their rate of photosynthesis, boost yields by as much as 50 percent... In the lab, the manipulated rice plants grew at three times their normal rate. In the field, the rice plants increased their mass by 50 percent. They also sprouted longer roots, increased their photosynthesis rate and produced larger yields. When they repeated the experiments with potato plants, the researchers got similar results, suggesting the new gene manipulation method could be used to bolster a variety of crops. The researchers hope this could help crops survive climate change, and even prevent forests from being cleared for food production, according to the article. And one of the study's co-authors adds "This really provides the possibility of engineering plants to potentially improve the ecosystem as global warming proceeds."Read more of this story at Slashdot.

Comic-Con went virtual again in 2020. (San Diego businesses will miss the chance to profit from the 100,000 visitors the convention usually attracted.) And NPR reports the convention has gotten smaller in other ways:Both Marvel Studios and DC are staying away; as it did last year, DC is again directing its resources towards its own event, DC FanDome, set for mid-October. But fans of shows like Doctor Who, Dexter and Comic-Con stalwart The Walking Dead will have lots to look forward to. Rotten Tomatoes and The Verge have gathered up the trailers that did premier. Some of the highlights: Blade Runner: Black Lotus , an upcoming anime television series set to premiere in late 2021 on Crunchyroll and Adult Swim (co-producing it with Alcon Television Group).The upcoming remake of Dune J.J. Abrams' new four-part Showtime documentary about UFOs.Season 2 of Star Trek: Lower Decks and the new Star Trek: Prodigy, a CGI-animated series about a group of aliens who escape captivity onboard the Enterprise.But interestingly, one of the more visibile presenters was: NASA. Current and former NASA officials made appearances on several different panels, according to Space.com, including one on modern space law, U.N. treaty-making, and how it all stacks up against the portrayal we get in our various future-space franchises. And NASA also touted its virtual simulation platform Ed-Tech, "where students can have access to the same tools that professionals use and in the case of space are given the opportunity to solve real problems related to missions to our Moon, Mars, and beyond... from piloting to terra-forming to creating habitats and spacecraft." There was also a panel of four NASA engineers titled "No Tow Trucks Beyond Mars," on "how we go boldly where thereâ(TM)s no one around to fix it. Hear stories from the trenches of the heartbreaks, close calls, and adventures of real-life landing (and flying!) on Mars and our round-table discussion of what Netflix got right in their movie Stowaway." Sunday's panels will include an astronomer, an astrobiologist, and a geologist/paleontologist discussing "The Science of Star Wars" with the concept designer for Star Wars episodes 7-9, Rogue One, and Solo.Read more of this story at Slashdot.

A comprehensive new analysis published in Nature "calculates that the frequency of climate-related nuclear plant outages is almost eight times higher than it was in the 1990s," reports Ars Technica. "The analysis also estimates that the global nuclear fleet will lose up to 1.4 percent — about 36 TWh — of its energy production in the next 40 years and up to 2.4 percent, or 61 TWh, by 2081-2100."The author analyzed publicly available databases from the International Atomic Energy Agency to identify all climate-linked shutdowns (partial and complete) of the world's 408 operational reactors. Unplanned outages are generally very well documented, and available data made it possible to calculate trends in the frequency of outages that were linked to environmental causes over the past 30 years. The author also used more detailed data from the last decade (2010-2019) to provide one of the first analyses of which types of climate events have had the most impact on nuclear power. While the paper doesn't directly link the reported events to climate change, the findings do show an overall increase in the number of outages due to a range of climate events. The two main categories of climate disruptions broke down into thermal disruptions (heat, drought, and wildfire) and storms (including hurricanes, typhoons, lightning, and flooding). In the case of heat and drought, the main problem is the lack of cool-enough water — or in the case of drought, enough water at all — to cool the reactor. However, there were also a number of outages due to ecological responses to warmer weather; for example, larger than usual jellyfish populations have blocked the intake pipes on some reactors. Storms and wildfires, on the other hand, caused a range of problems, including structural damage, precautionary preemptive shutdowns, reduced operations, and employee evacuations. In the timeframe of 2010 to 2019, the leading causes of outages were hurricanes and typhoons in most parts of the world, although heat was still the leading factor in Western Europe (France in particular). While these represented the most frequent causes, the analysis also showed that droughts were the source of the longest disruptions and thus the largest power losses. The author calculated that the average frequency of climate-linked outages went from 0.2 outages per year in the 1990s to 1.5 outages in the timeframe of 2010 to 2019. A retrospective analysis further showed that, for every 1 degree C rise in temperature (above the average temperature between 1951 and 1980), the energy output of the global fleet fell about 0.5 percent.Read more of this story at Slashdot.

A cloud company's CTO argues on CTO that the "hypocrite commits" controversy "is symptomatic, on every side, of related trends that threaten the entire extended open-source ecosystem and its users."That ecosystem has long wrestled with problems of scale, complexity and free and open-source software's (FOSS) increasingly critical importance to every kind of human undertaking. Let's look at that complex of problems: - The biggest open-source projects now present big targets. - Their complexity and pace have grown beyond the scale where traditional "commons" approaches or even more evolved governance models can cope. - They are evolving to commodify each other. For example, it's becoming increasingly hard to state, categorically, whether "Linux" or "Kubernetes" should be treated as the "operating system" for distributed applications. For-profit organizations have taken note of this and have begun reorganizing around "full-stack" portfolios and narratives. - In so doing, some for-profit organizations have begun distorting traditional patterns of FOSS participation. Many experiments are underway. Meanwhile, funding, headcount commitments to FOSS and other metrics seem in decline. - OSS projects and ecosystems are adapting in diverse ways, sometimes making it difficult for for-profit organizations to feel at home or see benefit from participation. Meanwhile, the threat landscape keeps evolving: - Attackers are bigger, smarter, faster and more patient, leading to long games, supply-chain subversion and so on. - Attacks are more financially, economically and politically profitable than ever. - Users are more vulnerable, exposed to more vectors than ever before. - The increasing use of public clouds creates new layers of technical and organizational monocultures that may enable and justify attacks. - Complex commercial off-the-shelf solutions assembled partly or wholly from open-source software create elaborate attack surfaces whose components (and interactions) are accessible and well understood by bad actors. - Software componentization enables new kinds of supply-chain attacks.Meanwhile, all this is happening as organizations seek to shed nonstrategic expertise, shift capital expenditures to operating expenses and evolve to depend on cloud vendors and other entities to do the hard work of security. The net result is that projects of the scale and utter criticality of the Linux kernel aren't prepared to contend with game-changing, hyperscale threat models. Among other things, the article ultimately calls for a reevaluation of project governance/organization and funding "with an eye toward mitigating complete reliance on the human factor, as well as incentivizing for-profit companies to contribute their expertise and other resources." (With whatever culture changes this may require.) It also suggests "simplifying the stack" (and verifying its components), while pushing "appropriate" responsibility for security up to the application layer. Slashdot reader joshuark argues this would be not so much the end of Open Source as "more turning the page to the next chapter in open-source: the issues of contributing, reviewing, and integrating into an open-source code base."Read more of this story at Slashdot.

"Amazon is tired of ringing doorbells," reports the Associated Press. "The online shopping giant is pushing landlords around the country — sometimes with financial incentives — to give its drivers the ability to unlock apartment-building doors themselves with a mobile device."The service, dubbed Key for Business, is pitched as a way to cut down on stolen packages by making it easy to leave them in lobbies and not outside. Amazon benefits because it enables delivery workers to make their rounds faster. And fewer stolen packages reduce costs and could give Amazon an edge over competitors. Those who have installed the device say it reduces the constant buzzing by delivery people and is a safer alternative to giving out codes to scores of delivery people. But the Amazon program, first announced in 2018, may stir security and privacy concerns as it gains traction. The company said that it does background checks on delivery people and that they can unlock doors only when they have a package in hand to scan. But tenants may not know that Amazon drivers have access to their building's front doors, since Amazon leaves it up to the building to notify them... Amazon didn't respond to questions about potential hacking. The company has already installed the device in thousands of U.S. apartment buildings but declined to give a specific number... Amazon salespeople have been fanning out to cities across the country to knock on doors, make cold calls or approach building managers on the street to urge them to install the device. The company has even partnered with local locksmiths to push it on building managers while they fix locks. Amazon installs the device for free and sometimes throws in a $100 Amazon gift card to whoever lets them in.Read more of this story at Slashdot.

The New York Times' On Tech newsletter shares a thought-provoking story:This week, a top official in the Roman Catholic Church's American hierarchy resigned after a news site said that it had data from his cellphone that appeared to show the administrator using the L.G.B.T.Q. dating app Grindr and regularly going to gay bars. Journalists had access to data on the movements and digital trails of his mobile phone for parts of three years and were able to retrace where he went. I know that people will have complex feelings about this matter. Some of you may believe that it's acceptable to use any means necessary to determine when a public figure is breaking his promises, including when it's a priest who may have broken his vow of celibacy. To me, though, this isn't about one man. This is about a structural failure that allows real-time data on Americans' movements to exist in the first place and to be used without our knowledge or true consent. This case shows the tangible consequences of practices by America's vast and largely unregulated data-harvesting industries. The reality in the United States is that there are few legal or other restrictions to prevent companies from compiling the precise locations of where we roam and selling that information to anyone. This data is in the hands of companies that we deal with daily, like Facebook and Google, and also with information-for-hire middlemen that we never directly interact with. This data is often packaged in bulk and is anonymous in theory, but it can often be traced back to individuals, as the tale of the Catholic official shows... Losing control of our data was not inevitable. It was a choice — or rather a failure over years by individuals, governments and corporations to think through the consequences of the digital age. We can now choose a different path. "Data brokers are the problem," writes the EFF, arguing that the incident "shows once again how easy it is for anyone to take advantage of data brokers' stores to cause real harm."This is not the first time Grindr has been in the spotlight for sharing user information with third-party data brokers... But Grindr is just one of countless apps engaging in this exact kind of data sharing. The real problem is the many data brokers and ad tech companies that amass and sell this sensitive data without anything resembling real users' consent. Apps and data brokers claim they are only sharing so-called "anonymized" data. But that's simply not possible. Data brokers sell rich profiles with more than enough information to link sensitive data to real people, even if the brokers don't include a legal name. In particular, there's no such thing as "anonymous" location data. Data points like one's home or workplace are identifiers themselves, and a malicious observer can connect movements to these and other destinations. Another piece of the puzzle is the ad ID, another so-called "anonymous" label that identifies a device. Apps share ad IDs with third parties, and an entire industry of "identity resolution" companies can readily link ad IDs to real people at scale. All of this underlines just how harmful a collection of mundane-seeming data points can become in the wrong hands... That's why the U.S. needs comprehensive data privacy regulation more than ever. This kind of abuse is not inevitable, and it must not become the norm.Read more of this story at Slashdot.

"U.S. health officials said Thursday they now have evidence of an untreatable fungus spreading in two hospitals and a nursing home," reports the Associated Press:The "superbug" outbreaks were reported in a Washington, D.C, nursing home and at two Dallas-area hospitals, the Centers for Disease Control and Prevention reported. A handful of the patients had invasive fungal infections that were impervious to all three major classes of medications. "This is really the first time we've started seeing clustering of resistance" in which patients seemed to be getting the infections from each other, said the CDC's Dr. Meghan Lyman... Health officials have sounded alarms for years about the superbug after seeing infections in which commonly used drugs had little effect. In 2019, doctors diagnosed three cases in New York that were also resistant to a class of drugs, called echinocandins, that were considered a last line of defense. In those cases, there was no evidence the infections had spread from patient to patient — scientists concluded the resistance to the drugs formed during treatment. The new cases did spread, the CDC concluded.... Those cases were seen from January to April. Of the five people who were fully resistant to treatment, three died — both Texas patients and one in Washington. Lyman said both are ongoing outbreaks and that additional infections have been identified since April. But those added numbers were not reported. The fungus, Candida auris, "is a harmful form of yeast that is considered dangerous to hospital and nursing home patients with serious medical problems," they add — and it's spread through contaminated surfaces or contact with patients. Newsweek points out that while it's only recently appeared in America, "infections have occurred in over 30 countries worldwide."Read more of this story at Slashdot.

Long-time Slashdot reader Ammalgam writes: If you're planning to install Windows 11, you should make sure you download it from official sources. This is because, people who are using pirated or fake methods to get Windows 11 are also downloading malware along with it, according to Kaspersky. The particular file referenced is called 86307_windows 11 build 21996.1 x64 + activator.exe. While it sounds like it includes Windows 11 build 21996.1, and an installer that will automatically activate Windows for you there are some red flags. First, it's only 1.75GB, so while people who want to install Windows 11 might think that's a large file that could be Windows, a real Windows 11 ISO is about 4.87GB... "The 1.75 GB file looks legitimate. But most of this space consists of one DLL file that contains a lot of useless information," explains Mint. And Kaspersky adds that "it even comes with a license agreement (which few people read) calling it a 'download manager for 86307_windows 11 build 21996.1 x64 + activator' and noting that it would also install some sponsored software. If you accept the agreement, a variety of malicious programs will be installed on your machine."Read more of this story at Slashdot.

"Hackers working for the Chinese government compromised more than a dozen U.S. pipeline operators nearly a decade ago, the Biden administration revealed Tuesday while also issuing first-of-its-kind cybersecurity requirements on the pipeline industry," reports the Wall Street Journal.The disclosure of previously classified information about the aggressive Chinese hacking campaign, though dated, underscored the severity of foreign cyber threats to the nation's infrastructure, current and former officials said. In some cases, the hackers possessed the ability to physically damage or disrupt compromised pipelines, a new cybersecurity alert said, though it doesn't appear they did so. Previously, senior administration officials had warned that China, Russia and others were capable of such cyber intrusions. But rarely has so much information been released about a specific and apparently successful campaign. Chinese state-sponsored hackers between 2011 and 2013 had targeted nearly two dozen U.S. oil and natural gas pipeline operators with the specific goal of "holding U.S. pipeline infrastructure at risk," the Federal Bureau of Investigation and the Department of Homeland Security said in Tuesday's joint alert. Of the known targets, 13 were successfully compromised and an additional eight suffered an "unknown depth of intrusion," which officials couldn't fully assess because the victims lacked complete computer log data, the alert said. Another three targets were described as "near misses" of the Chinese campaign, which relied heavily on spear phishing attacks. Newsweek adds that the same day the U.S. Department of Homeland Security "announced new requirements for U.S. pipeline operators to bolster cybersecurity following a May ransomware attack that disrupted gas delivery across the East Coast."In a statement, DHS said it would require operators of federally designated critical pipelines to implement "specific mitigation measures" to prevent ransomware attacks and other cyber intrusions. Operators must also implement contingency plans and conduct what the department calls a "cybersecurity architecture design review."Read more of this story at Slashdot.

A post on Mozilla's security blog calls FTP "by now one of the oldest protocols still in use" — and it's suffering from "a number of serious security issues."The biggest security risk is that FTP transfers data in cleartext, allowing attackers to steal, spoof and even modify the data transmitted. To date, many malware distribution campaigns launch their attacks by compromising FTP servers and downloading malware on an end user's device using the FTP protocol. Aligning with our intent to deprecate non-secure HTTP and increase the percentage of secure connections, we, as well as other major web browsers, decided to discontinue support of the FTP protocol. Removing FTP brings us closer to a fully-secure web which is on a path to becoming HTTPS only and any modern automated upgrading mechanisms such as HSTS or also Firefox's HTTPS-Only Mode, which automatically upgrade any connection to become secure and encrypted do not apply to FTP. The FTP protocol itself has been disabled by default since version 88 and now the time has come to end an era and discontinue the support for this outdated and insecure protocol — Firefox 90 will no longer support the FTP protocol.Read more of this story at Slashdot.

In April of 2020, Jeff Bezos announced Amazon would spend their next quarter focusing on people instead of profits, remembers the New York Times:At the end of July 2020, Amazon announced quarterly results. Rather than earning zero, as Mr. Bezos had predicted, it notched an operating profit of $5.8 billion — a record for the company. The months since have established new records. Amazon's margins, which measure the profit on every dollar of sales, are the highest in the history of the company, which is based in Seattle... Amazon's pandemic triumph was echoed all over the world of technology companies. Even as 609,000 Americans have died and the Delta variant surges, as corporate bankruptcies hit a peak for the decade, as restaurants, airlines, gyms, conferences, museums, department stores, hotels, movie theaters and amusement parks shut down and as millions of workers found themselves unemployed, the tech industry flourished. The combined stock market valuation of Apple, Alphabet, Nvidia, Tesla, Microsoft, Amazon and Facebook increased by about 70 percent to more than $10 trillion. That is roughly the size of the entire U.S. stock market in 2002. Apple alone has enough cash in its coffers to give $600 to every person in the United States. And in the next week, the big tech companies are expected to report earnings that will eclipse all previous windfalls. Silicon Valley, still the world headquarters for tech start-ups, has never seen so much loot. More Valley companies went public in 2020 than in 2019, and they raised twice as much money when they did. Forbes calculates there are now 365 billionaires whose fortunes derive from tech, up from 241 before the virus. No single industry has ever had such power over American life, dominating how we communicate, shop, learn about the world and seek distraction and joy. What will Silicon Valley do with this power? Who if anyone might restrain tech, and how much support will they have...? The biggest, and perhaps the only, threat to tech now is from government... Beyond the threat of misuse of tech lurks an even darker possibility: a misplaced confidence in the ability of one loosely regulated sector to run so much of the world.Read more of this story at Slashdot.

Threatpost reports on "another vast software supply-chain attack" that was "found lurking in the npm open-source code repository...a credentials-stealing code bomb" that used the password-recovery tools in Google's Chrome web browser.Researchers caught the malware filching credentials from Chrome on Windows systems. The password-stealer is multifunctional: It also listens for incoming commands from the attacker's command-and-control (C2) server and can upload files, record from a victim's screen and camera, and execute shell commands... ReversingLabs researchers, who published their findings in a Wednesday post, said that during an analysis of the code repository, they found an interesting embedded Windows executable file: a credential-stealing threat. Labeled "Win32.Infostealer.Heuristics", it showed up in two packages: nodejs_net_server and temptesttempfile. At least for now, the first, main threat is nodejs_net_server. Some details: nodejs_net_server: A package with 12 published versions and a total of more than 1,300 downloads since it was first published in February 2019...finally upgrading it last December with a script to download the password-stealer, which the developer hosts on a personal website. It was subsequently tweaked to run TeamViewer.exe instead, "probably because the author didn't want to have such an obvious connection between the malware and their website," researchers theorized... ReversingLabs contacted the npm security team on July 2 to give them a heads-up about the nodejs_net_server and tempdownloadtempfile packages and circled back once again last week, on Thursday, since the team still hadn't removed the packages from the repository. When Threatpost reached out to npm Inc., which maintains the repository, a GitHub spokesperson sent this statement: "Both packages were removed following our investigation...."Read more of this story at Slashdot.

"Are you old enough to remember when laptops had removable batteries?" asks CNET. "Frustrated by mainstream laptops with memory soldered to the motherboard and therefore not upgradable?" "The 13.5-inch Framework Laptop taps into that nostalgia, addressing one of the biggest drawbacks in modern laptops as part of the right-to-repair movement. It was designed from the ground up to be as customizable, upgradable and repairable as technologically possible... and boy does it deliver."It features four expansion card slots, slide-in modules that snap into USB-C connectors, socketed storage and RAM, a replaceable mainboard module with fixed CPU and fan, battery, screen, keyboard and more. It's a design that makes the parts easy to access, all while delivering solid performance at competitive prices and without sacrificing aesthetics. The laptop's in preorder now for the U.S. and Canada, slated to ship in small batches depending upon the configuration. Core i7-based systems are expected to go out in August, while Core i5 systems won't be available until September. Prices for the Framework Laptop start at $999 for the prefab Core i5-1135G7 model with 8GB RAM and 256GB SSD, $1,399 for the Core i7-1165G7 Performance model with 16GB RAM and 512GB storage or a vPro Core i7-1185G7 Professional model with 32GB RAM and 1TB storage. Framework expects to expand into new regions by the end of the year; $999 converts to roughly £730 or AU$1,360... The DIY model adds Linux to the list of operating systems you can install, and doesn't restrict Windows Pro to the vPro model... With the Framework, in addition to the ports you can swap out the mainboard, touchpad, keyboard, speakers, battery... anything you can think of. Don't feel like doing it yourself? Framework is publishing all the information necessary for a repair shop or IT department to not just swap parts, but to perform repairs... Nothing is buried under other parts, so everything's easy to get to. Each Framework part has a QR code and short URL to take you to all the info you'll need about it and the labels on the standard parts (memory and SSD) are easy to read. Or, as Engadget puts it, the laptop is "designed, from the get-go, to be modular and repairable by every one of its users."Created by Nirav Patel, formerly of Oculus, the machine aims to demonstrate that there is a better, more sustainable way of doing things. It shouldn't be that, if your tech fails, you either have to buy a new model, or let the manufacturer's in-house repair teams charge $700 for a job that should've cost $50. After all, if we're going to survive climate change, we need to treat our tech more sustainably and keep as much as possible out of the landfill... The Framework laptop is equipped with a 1080p, 60fps webcam with an 80-degree field of view, and it's one of the best built-in webcams I've seen. PCWorld calls it "the ultimate Right to Repair laptop."Read more of this story at Slashdot.

"Fans of Japanese video games couldn't believe their ears as Olympic athletes paraded into Tokyo's National Stadium during the opening ceremony for the 2020 Games on Friday..." reports the Huffington Post.During the Parade of Nations section of the ceremony, "The orchestra was playing tunes from some of their favorite games."In a celebration of Japanese popular culture that is appreciated worldwide, the entry parade was set to tunes from games developed by Sega, Capcom and Square Enix. It kicked off with "Overture: Roto's Theme" from Dragon Quest. Next up was "Victory Fanfare" from Final Fantasy. The parade featured more tunes from Monster Hunter, Soulcaliber and Sonic the Hedgehog. According to Classic FM, the music from Kingdom Hearts was composed by Yoko Shimomura, who is responsible for the music for some of the biggest video games ever made. Fans were delighted to hear her work being incorporated into the ceremony. While the list didn't feature widely recognized tunes from cultural juggernauts like Mario Bros. or The Legend of Zelda, the music helped give a sense of atmosphere to the ceremony, which was held in almost an empty stadium due to coronavirus restrictions. There's even an elaborate doodle at Google.com commemorating the Opening Ceremonies with an anime animation that leads to a multi-level 1980s-style videogame in which Lucky the cat competes in various sporting events. (Though the Huffington Post notes that in the real world, about 1,000 people sat in the 68,000-capacity stadium.) The Washington Post reports the Japanese public "overwhelmingly opposed hosting the Olympics as a new wave of the pandemic hit the country." But unfortunately, host city Tokyo signed a contract agreeing the event could only be cancelled by the International Olympic Committee, and now "There's the possibility — once utterly remote — that Japanese voters could kick Prime Minister Yoshihide Suga out of power in parliamentary elections later this year."Read more of this story at Slashdot.

An anonymous reader quotes a report from GameSpot: Amazon [...] is now bricking high-end graphics cards with a beta for its MMO, New World, according to players. Amazon has now responded to downplay the incident but says it plans to implement a frame rate cap on the game's menus. According to users on Twitter and Reddit, New World has been frying extremely high-end graphics cards, namely Nvidia's RTX 3090. It's worth noting that while the RTX 3090 has an MSRP of $1,500, it's often selling for much more due to scarcity and scalpers, so players could easily be losing upwards of $2,000 if their card stops working. Specifically, it seems that one model of the RTX 3090 is being consistently fried by New World. On Reddit, a lengthy thread of over 600 posts includes multiple users claiming that their EVGA 3090 graphics cards are now little more than expensive paperweights after playing the New World beta. The "red light of death," an indicator that something is disastrously wrong with your EVGA 3090, doesn't pop up consistently for players though. Some report their screen going black after a cutscene in the game while others have said that simply using the brightness calibration screen was enough to brick their card. Amazon Games says a patch is on the way to prevent further issues. "Hundreds of thousands of people played in the New World Closed Beta yesterday, with millions of total hours played. We've received a few reports of players using high-performance graphics cards experiencing hardware failure when playing New World," said Amazon Games in an official statement. "New World makes standard DirectX calls as provided by the Windows API. We have seen no indication of widespread issues with 3090s, either in the beta or during our many months of alpha testing. The New World Closed Beta is safe to play. In order to further reassure players, we will implement a patch today that caps frames per second on our menu screen. We're grateful for the support New World is receiving from players around the world, and will keep listening to their feedback throughout Beta and beyond." New World is currently set to launch for PC on August 31.Read more of this story at Slashdot.

fahrbot-bot shares a report from Live Science: Human society is on track for a collapse in the next two decades if there isn't a serious shift in global priorities, according to a new reassessment of a 1970s report, Vice reported. In that report -- published in the bestselling book "The Limits to Growth" (1972) -- a team of MIT scientists argued that industrial civilization was bound to collapse if corporations and governments continued to pursue continuous economic growth, no matter the costs. The researchers forecasted 12 possible scenarios for the future, most of which predicted a point where natural resources would become so scarce that further economic growth would become impossible, and personal welfare would plummet. The report's most infamous scenario -- the Business as Usual (BAU) scenario -- predicted that the world's economic growth would peak around the 2040s, then take a sharp downturn, along with the global population, food availability and natural resources. This imminent "collapse" wouldn't be the end of the human race, but rather a societal turning point that would see standards of living drop around the world for decades, the team wrote. So, what's the outlook for society now, nearly half a century after the MIT researchers shared their prognostications? Gaya Herrington, a sustainability and dynamic system analysis researcher at the consulting firm KPMG, decided to find out. [...] Herrington found that the current state of the world -- measured through 10 different variables, including population, fertility rates, pollution levels, food production and industrial output -- aligned extremely closely with two of the scenarios proposed in 1972, namely the BAU scenario and one called Comprehensive Technology (CT), in which technological advancements help reduce pollution and increase food supplies, even as natural resources run out. While the CT scenario results in less of a shock to the global population and personal welfare, the lack of natural resources still leads to a point where economic growth sharply declines -- in other words, a sudden collapse of industrial society. "The good news is that it's not too late to avoid both of these scenarios and put society on track for an alternative -- the Stabilized World (SW) scenario," the report notes. "This path begins as the BAU and CT routes do, with population, pollution and economic growth rising in tandem while natural resources decline. The difference comes when humans decide to deliberately limit economic growth on their own, before a lack of resources forces them to." "The SW scenario assumes that in addition to the technological solutions, global societal priorities change," Herrington wrote. "A change in values and policies translates into, amongst other things, low desired family size, perfect birth control availability, and a deliberate choice to limit industrial output and prioritize health and education services." After this shift of values occurs, industrial growth and global population begin to level out. "Food availability continues to rise to meet the needs of the global population; pollution declines and all but disappears; and the depletion of natural resources begins to level out, too," adds Live Science. "Societal collapse is avoided entirely."Read more of this story at Slashdot.

U.S. Rep. Earl Blumenauer (D-Oregon) plans to introduce legislation called the Securing Protections Against Carbon Emissions (SPACE) Tax Act, which would impose new excise taxes on space tourism trips. Space.com reports: "Space exploration isn't a tax-free holiday for the wealthy. Just as normal Americans pay taxes when they buy airline tickets, billionaires who fly into space to produce nothing of scientific value should do the same, and then some," Blumenauer said in a statement issued by his office. "I'm not opposed to this type of space innovation," added Blumenauer, a senior member of the House of Representatives' Ways and Means Committee. "However, things that are done purely for tourism or entertainment, and that don't have a scientific purpose, should in turn support the public good." The proposed new tax would likely be levied on a per-passenger basis, as is done with commercial aviation, the statement said. "Exemptions would be made available for NASA spaceflights for scientific research purposes," the statement reads. "In the case of flights where some passengers are working on behalf of NASA for scientific research purposes and others are not, the launch excise tax shall be the pro rata share of the non-NASA researchers." There would be two taxation tiers, one for suborbital flights and another for missions that reach orbit. The statement did not reveal how much the tax would be in either case or if the collected revenue would be earmarked for any specific purpose. Such a purpose could be the fight against climate change, if the proposed act's full name is any guide. Blumenauer is concerned about the potential carbon footprint of the space tourism industry once it gets fully up and running, the statement said.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Do you ever forget things, like a doctor's appointment or a lunch date? Do you sometimes struggle to think of the right word for something common? Do you ever feel more anxious or irritable than you typically do? Do you ever feel overwhelmed when trying to make a decision? If you answered "no, never" to all of those questions, there's a possibility that you may not actually be human. Nevertheless, you should still talk to a doctor about additional cognitive screenings to check if you have Alzheimer's disease. At least, that's the takeaway from a six-question quiz provided in part by Biogen, the maker of an unproven, $56,000 Alzheimer's drug. The six questions include the four above, plus questions about whether you ever lose your train of thought or ever get lost on your way to or around a familiar place. The questions not only bring up common issues that perfectly healthy people might face from time to time, but the answers any quiz-taker provides are also completely irrelevant. No matter how you answer -- even if you say you never experience any of those issues -- the quiz will always prompt you to talk with your doctor about cognitive screening. The results page even uses your zip code to provide a link to find an Alzheimer's specialist near you. Biogen says the quiz website is part of a "disease awareness educational program." But it appears to be part of an aggressive strategy to sell the company's new Alzheimer's drug, Aduhelm, which has an intensely controversial history, to say the least. What's the controversial history you may ask? According to Ars, the drug "flunked out of two identical Phase III clinical trials in 2019." A panel of expert advisors for the FDA overwhelmingly voted against approval, yet it still was approved by the FDA on June 7. It also has a list price of $56,000 for a year's supply. The report goes on to say that the company is basically making up the statistic that "about 1 in 12 Americans 50 years and older" has mild cognitive impairment due to Alzheimer's. Experts say they know of no evidence to back up that statistic and it appears to be a significant overestimate. Furthermore, two medical experts from Georgetown University said the company's quiz website "appears designed to ratchet up anxiety in anyone juggling multiple responsibilities or who gets distracted during small talk." They added: "Convincing perfectly normal people they should see a specialist, be tested for amyloid plaque, and, if present, assume they have early Alzheimer's is a great strategy for increasing Aduhelm prescriptions... [It] could lead to millions of prescriptions -- and billions of dollars in profit -- for an ineffective and expensive drug."Read more of this story at Slashdot.

Criminals have hacked into a Gumtree-style website used for buying and selling firearms, making off with a 111,000-entry database containing partial information from a CRM product used by gun shops across the UK. The Register reports: The Guntrader breach earlier this week saw the theft of a SQL database powering both the Guntrader.uk buy-and-sell website and its electronic gun shop register product, comprising about 111,000 users and dating between 2016 and 17 July this year. The database contains names, mobile phone numbers, email addresses, user geolocation data, and more including bcrypt-hashed passwords. It is a severe breach of privacy not only for Guntrader but for its users: members of the UK's licensed firearms community. Guntrader spokesman Simon Baseley told The Register that Guntrader.uk had emailed all the users affected by the breach on July 21 and issued a further update yesterday. Guntrader is roughly similar to Gumtree: users post ads along with their contact details on the website so potential purchasers can get in touch. Gun shops (known in the UK as "registered firearms dealers" or RFDs) can also use Guntrader's integrated gun register product, which is advertised as offering "end-to-end encryption" and "daily backups", making it (so Guntrader claims) "the most safe and secure gun register system on today's market." [British firearms laws say every transfer of a firearm (sale, drop-off for repair, gift, loan, and so on) must be recorded, with the vast majority of these also being mandatory to report to the police when they happen...] The categories of data in the stolen database are: Latitude and longitude data; First name and last name; Police force that issued an RFD's certificate; Phone numbers; Fax numbers; bcrypt-hashed passwords; Postcode; Postal addresses; and User's IP addresses. Logs of payments were also included, with Coalfire's Barratt explaining that while no credit card numbers were included, something that looks like a SHA-256 hashed string was included in the payment data tables. Other payment information was limited to prices for rifles and shotguns advertised through the site. The Register recommends you check if your data is included in the hack by visiting Have I Been Pwned. If you are affected and you used the same password on Guntrader that you used on other websites, you should change it as soon as possible.Read more of this story at Slashdot.

Facebook shared some details about its experimental Passthrough API to enable new kinds of mixed reality apps for Oculus Quest 2. UploadVR reports: The feature may also serve as the foundation for the company's long-term efforts in augmented reality, effectively turning Quest 2 into a $299 AR developer kit. When asked if the feature is coming to the original Oculus Quest, a Facebook representative replied "today, this is only available for Quest 2." The new feature will be available to Unity developers in an upcoming software development kit release "with support for other development platforms coming in the future." Facebook says apps using the API "cannot access, view, or store images or videos of your physical environment from the Oculus Quest 2 sensors" and raw images from the four on-board cameras "are processed on-device." The following capabilities will be available with the passthrough API, according to Facebook: "Composition: You can composite Passthrough layers with other VR layers via existing blending techniques like hole punching and alpha blending. Styling: You'll be able to apply styles and tint to layers from a predefined list, including applying a color overlay to the feed, rendering edges, customizing opacity, and posterizing. Custom Geometry: You can render Passthrough images to a custom mesh instead of relying on the default style mesh -- for example, to project Passthrough on a planar surface."Read more of this story at Slashdot.

New Federal Aviation Administration (FAA) rules say astronaut hopefuls must be part of the flight crew and make contributions to space flight safety. That means Jeff Bezos and Sir Richard Branson may not yet be astronauts in the eyes of the US government. The BBC reports: These are the first changes since the FAA wings program began in 2004. The Commercial Astronaut Wings program updates were announced on Tuesday -- the same day that Amazon's Mr Bezos flew aboard a Blue Origin rocket to the edge of space. To qualify as commercial astronauts, space-goers must travel 50 miles (80km) above the Earth's surface, which both Mr Bezos and Mr Branson accomplished. But altitude aside, the agency says would-be astronauts must have also "demonstrated activities during flight that were essential to public safety, or contributed to human space flight safety." What exactly counts as such is determined by FAA officials. In a statement, the FAA said that these changes brought the wings scheme more in line with its role to protect public safety during commercial space flights. On July 11, Sir Richard flew on-board Virgin Galactic's SpaceShipTwo to the edge of space as a test before allowing customers aboard next year. Mr Bezos and the three other crew members who flew on Blue Origin's spacecraft may have less claim to the coveted title. Ahead of the launch, Blue Origin CEO Bob Smith said that "there's really nothing for a crew member to do" on the autonomous vehicle. Those wishing for commercial wings need to be nominated for them as well. An FAA spokesperson told CNN they are not currently reviewing any submissions. There are two other ways to earn astronaut wings in the US - through the military or Nasa. However, a glimmer of hope remains for Sir Richard, Mr Bezos and any future stargazers hoping to be recognized as astronauts. The new order notes that honorary awards can be given based on merit -- at the discretion of the FAA's associate administrator. Astronaut wings were first awarded to astronauts Alan Shepard Jr and Virgil Grissom in the early 1960s for their participation in the Mercury Seven program.Read more of this story at Slashdot.

An anonymous reader quotes a report from Bloomberg: During the depths of the U.S. coronavirus pandemic, cars sat idly in driveways, city streets were deserted, onetime commuters worked from bed -- and it was much, much easier to find a parking spot. All of which was devastating news for the small cadre of tech startups dedicated to helping people find and reserve places to park. For SpotHero, which makes an app that helps drivers locate parking spaces, business was down 90% in April 2020 compared with February. The company laid off half its employees. "It was a really hard time for us," Chief Executive Officer Mark Lawrence says. Now, at last, drivers are back, and so is the familiar American pastime of hunting for a parking spot. In the U.S., traffic was up 55% in April from a year earlier, according to the Federal Highway Administration. And although urban roads were slower to refill than their suburban counterparts, traffic in such cities as Chicago, Los Angeles, New York, and Washington, D.C., finally touched pre-pandemic levels again in June, according to Inrix, which analyzes mobility data. The result has been a wave of new customers for SpotHero and companies like it. SpotHero bookings started to come back in January, then accelerated. "It was slowly, then suddenly," Lawrence says. Now the startup is profitable for the first time in 10 years, he says, thanks in part to a surge in car ownership spurred by people avoiding public transit. At FlashParking, which makes two spot-finding apps and helps event companies and garages coordinate availability, demand is higher than it was before the pandemic in some cities. Meanwhile, SpotAngels, which uses crowd input to create maps of nearby open spaces, says monthly revenue since its previous high in February 2020 had tripled by May 2021. "It's interesting to see how dark it was, and can get," SpotHero's Lawrence says, "and then have such optimism now." Before the pandemic, the industry was in crisis, says Eran Ben-Joseph, a professor of urban planning at the Massachusetts Institute of Technology and author of ReThinking a Lot: The Design and Culture of Parking. The rise of such ride-sharing services as Uber and Lyft had meant that many parking garages at stadiums and the like were forced to retrofit their spaces for other uses, such as mini-distribution centers for packages. Post-pandemic, though, parking companies are benefiting from a renewed love of personal space. "I do think right now there's a little bit of a psychological issue with taking public transit or taking Uber," Ben-Joseph says. He also thinks parking apps in particular may be benefiting from the lack of desire to touch kiosk screens or hand over cash to an attendant.Read more of this story at Slashdot.

In a post titled "What Wear OS 3 means for you," Google provides a few more details about its upcoming Wear OS update plans, which will be the first major Wear OS update since Wear OS 2 in 2018. Unfortunately, as Ars Technica points out, the list of devices receiving the new update are limited to some of Mobvoi's TicWatch devices and Fossil Group's new generation of devices launching later this year. Older Wear OS devices featuring the Wear 3100 SoC, which makes up almost all the current Wear OS devices, will not support the new update. From the report: We still have next to no information about Wear OS 3, but there are a few tidbits in the upgrade announcement indicating that things will be very different. One line in the announcement lays out the requirement for a mandatory factory reset for any Wear 4100 devices upgrading from Wear OS 2 to version 3. Wear OS 3 is apparently so different that user data can't be ported over, and all local data will need to be wiped. We've certainly heard Google and Samsung talk about how Wear OS 3 will combine the "best of Wear OS and Tizen," indicating that even the base OS might be rebuilt. Google also vaguely tells 4100 upgraders that "in some limited cases, the user experience will also be impacted." Is this a reference to the 4100 performance or the app selection and features compared to Wear OS 2? It's hard to say. Because Wear OS 3 will be so different, Google says it won't force the upgrade on 4100 users: "We expect that for these reasons, some of you will prefer to keep your current Wear OS experience. Therefore, we will offer the system upgrade on an opt-in basis for eligible devices. We will provide more details in advance of the update so you can make an informed decision. We expect our partners to be able to roll out the system update starting in mid to second half of 2022." The Samsung Watch with Wear OS 3 is expected to ship sometime in August 2021, so the partner time of "2H 2022" -- potentially a year after Samsung's release -- is surprisingly late. Android has typically been very good at letting partners get early access to code, so (at least the ones that care) can be ready for launch, but this suggests Samsung is getting a huge head start. Google's message that upcoming Fossil watches, launching later this year, will be "eligible for upgrade" to Wear OS 3 also suggests that we might see Wear OS 2 devices launch from other companies after Samsung launches Wear OS 3 next month.Read more of this story at Slashdot.

The CEO of NSO Group, whose spyware tools have reportedly been used to target journalists and activists, says that people who aren't criminals shouldn't be afraid of being surveilled AppleInsider reports: Shalev Hulio, 39, recently spoke to Forbes after investigations indicated that NSO Group's Pegasus spyware was used by authoritarian governments to hack and surveil the mobile devices of world leaders, high-profile journalists, and activists. NSO Group says that it sells its tools to governments to help them catch serious criminals like terrorists or gangsters. However, Hulio admitted that it can't control what governments ultimately do with the tools. "We are selling our products to governments. We have no way to monitor what those governments do," he said. Hulio did note that NSO Group has mechanisms in place to detect when abuse happens so that the company can "shut them down." He says that NSO Group has "done it before and will continue to do so. On the other hand, he said that NSO Group shouldn't be responsible for government misuse. Additionally, Hulio said that the average smartphone has nothing to worry about. While NSO Group's spyware can break into the latest iPhones running up-to-date software, often without any action from the user, it's only aimed at criminals. "The people that are not criminals, not the Bin Ladens of the world -- there's nothing to be afraid of. They can absolutely trust on the security and privacy of their Google and Apple devices," Hulio said.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: SpaceX can keep launching broadband satellites despite a lawsuit filed by Viasat, a federal appeals court ruled Tuesday. Viasat sued the Federal Communications Commission in May and asked judges for a stay that would halt SpaceX's ongoing launches of low Earth orbit (LEO) satellites that power Starlink Internet service. To get a stay, Viasat had to show that it is likely to win its lawsuit alleging that the FCC improperly approved the satellite launches. A three-judge panel at the US Court of Appeals for the District of Columbia Circuit was not persuaded, saying in a short order that "Viasat has not satisfied the stringent requirements for a stay pending court review." The judges did grant a motion to expedite the appeal, however, so the case should move faster than normal.Read more of this story at Slashdot.

You can now block people in Google Drive. From a report: A notification pops up on your phone: "Click here for hot XXX action!" It's Google Drive again. Someone shared a document containing that title, and now your phone is begging you to look at it. Even if you ban Google Drive from generating phone notifications, you'll still get emails. If you block the emails, you'll have to see the spam when you click on the "shared" section of Google Drive. The problem is that Drive document sharing was built with no spam-management tools. Anyone who gets a hold of your email is considered to be an important sharer of valid documents, and there has been nothing you can do about it -- until now. Google officially acknowledged the problem back in 2019, and the company said it was making spam controls "a priority." Now, more than two years later, Google is finally rolling out the most basic of spam tools to Google Drive sharing -- you can block individual email addresses! The company announced this feature in May, but the tool is rolling out to users over the next 15 days. Soon, once the spam arrives in your Google Drive, you'll be able to click the menu button next to the item and choose "block user." Drive sharing works just like email spam. Anyone can share a drive file with you if they know your address. Documents that have been shared with you still automatically show up in your Drive collection without your consent. There's no way to turn off sharing, to limit sharing to approved users, or to limit it to existing contacts. It's a free-for-all.Read more of this story at Slashdot.

The extremes of floods and fires are not going away, but adaptation can lessen their impact. Economist (paywalled): If temperatures rise by 3C above pre-industrial levels in the coming decades -- as they might even if everyone manages to honour today's firm pledges -- large parts of the tropics risk becoming too hot for outdoor work. Coral reefs and the livelihoods that depend on them will vanish and the Amazon rainforest will become a ghost of itself. Severe harvest failures will be commonplace. Ice sheets in Antarctica and Greenland will shrink past the point of no return, promising sea rises measured not in millimetres, as today's are, but in metres. Six years ago, in Paris, the countries of the world committed themselves to avoiding the worst of that nightmare by eliminating net greenhouse-gas emissions quickly enough to hold the temperature rise below 2C. Their progress towards that end remains woefully inadequate. Yet even if their efforts increased dramatically enough to meet the 2C goal, it would not stop forests from burning today; prairies would still dry out tomorrow, rivers break their banks and mountain glaciers disappear. Cutting emissions is thus not enough. The world also urgently needs to invest in adapting to the changing climate. The good news is that adaptation makes political sense. People can clearly see the need for it. When a country invests in flood defences it benefits its own citizens above all others -- there is no free-rider problem, as there could be for emissions reduction. Nor does all the money come from the public purse; companies and private individuals can see the need for adaptation and act on it. When they do not do so, insurance companies can open their eyes to the risks they are running. Some adaptation is fairly easily set in place. Systems for warning Germans of coming floods will surely now improve. But other problems require much larger public investment, like that which has been put into water-management in the Netherlands. Rich countries can afford such things. Poor countries and poor people need help, which is why the Paris climate agreement calls for annual transfers of $100bn from rich to poor. The rich countries have not yet lived up to their side of this. On July 20th John Kerry, President Joe Biden's special envoy on climate change, reiterated America's pledge to triple its support to $1.5bn for adaptation in poorer countries by 2024, part of a broader move to increase investment in adaptation and mitigation in developing countries. More such efforts are vital.Read more of this story at Slashdot.

Could a flexible processor stuck on your produce track the freshness of your cantaloupe? That's the idea behind the latest processor from UK computer chip designer Arm, which says such a device could be manufactured for pennies by printing circuits directly onto paper, cardboard or cloth. From a report: The technology could give trillions of everyday items such as clothes and food containers the ability to collect, process and transmit data across the internet -- something that could be as convenient for retailers as it is concerning for privacy advocates. In recent decades, processors have reduced in size and price to the point that they are now commonly used in everything from televisions to washing machines and watches. But almost all chips manufactured today are rigid devices created on silicon wafers in highly specialised and costly factories where dozens of complex chemical and mechanical processes take up to eight weeks from start to finish. Now, Arm has developed a 32-bit processor called PlasticARM with circuits and components that are printed onto a plastic substrate, just as a printer deposits ink on paper. James Myers at Arm says the processor can run a variety of programs, although it currently uses read-only memory so is only able to execute the code it was built with. Future versions will use fully programmable and flexible memory.Read more of this story at Slashdot.

A four-year-old startup says it has built an inexpensive battery that can discharge power for days using one of the most common elements on Earth: iron. From a report: Form Energy's batteries are far too heavy for electric cars. But it says they will be capable of solving one of the most elusive problems facing renewable energy: cheaply storing large amounts of electricity to power grids when the sun isn't shining and wind isn't blowing. The work of the Somerville, Mass., company has long been shrouded in secrecy and nondisclosure agreements. It recently shared its progress with The Wall Street Journal, saying it wants to make regulators and utilities aware that if all continues to go according to plan, its iron-air batteries will be capable of affordable, long-duration power storage by 2025. Its backers include Breakthrough Energy Ventures, a climate investment fund whose investors include Microsoft co-founder Bill Gates and Amazon founder Jeff Bezos. Form recently initiated a $200 million funding round, led by a strategic investment from steelmaking giant ArcelorMittal one of the world's leading iron-ore producers. Form is preparing to soon be in production of the "kind of battery you need to fully retire thermal assets like coal and natural gas" power plants, said the company's chief executive, Mateo Jaramillo, who developed Tesla's Powerwall battery and worked on some of its earliest automotive powertrains. On a recent tour of Form's windowless laboratory, Mr. Jaramillo gestured to barrels filled with low-cost iron pellets as its key advantage in the rapidly evolving battery space. Its prototype battery, nicknamed Big Jim, is filled with 18,000 pebble-size gray pieces of iron, an abundant, nontoxic and nonflammable mineral. For a lithium-ion battery cell, the workhorse of electric vehicles and today's grid-scale batteries, the nickel, cobalt, lithium and manganese minerals used currently cost between $50 and $80 per kilowatt-hour of storage, according to analysts. Using iron, Form believes it will spend less than $6 per kilowatt-hour of storage on materials for each cell. Packaging the cells together into a full battery system will raise the price to less than $20 per kilowatt-hour, a level at which academics have said renewables plus storage could fully replace traditional fossil-fuel-burning power plants. A battery capable of cheaply discharging power for days has been a holy grail in the energy industry, due to the problem that it solves and the potential market it creates.Read more of this story at Slashdot.

Ed Zitron, CEO of national Media Relations and Public Relations company EZPR, writes about Clubhouse -- a one-year-old social audio app that is valued at $4 billion and is backed by several high-profile investors including A16z and Tiger Global and whose popularity appears to be on a decline: Yes, Clubhouse's vanity metrics say that people are creating "500,000 rooms a day," and they've launched a DM feature, but seriously -- I am asking you, dear reader, do you know a single soul who has spent more than a few minutes on Clubhouse in the last 3 months? If you do, do they spend regular time on the app? [...] Clubhouse is the elephant in the room in venture, and I believe there is a conscious attempt to not discuss it for fear that it proves that the entire conversation around it was hot air. When everyone desperately rushed to say that it was the next big thing, I asked repeatedly what exactly about it was going to be big, or change things. The answer mostly came down to the idea that we don't know what the future looks like, and that people were on the waitlist - which is no longer an excuse. Nick Bilton at Vanity Fair was a rare case of dissent, making a clear warning that this was very much a pandemic app and nothing more -- but many people in venture and tech do not seem to want to discuss it as anything other than "a big social network." The Information questioned whether Clubhouse was the next Foursquare -- a promising company with tons of press that ultimately didn't reach the giddy heights it was "meant to" -- but for the most part, people have remained either indifferent or positive about it. The fact this isn't regularly discussed is both a bad sign for the app and also a sign, in my opinion, of an industry-wide embarrassment. So many people rushed to join Clubhouse, or discuss what's big on Clubhouse, or how Clubhouse was the beginning of a "social audio revolution" because they were afraid they'd miss out on the next TikTok, and I'd argue that the press did a woeful job at actually questioning the format. It feels as if there was an unquestioning conflation between an app being important and an app raising a bunch of money, and though one can say that the simple act of raising makes something important, it's irresponsible and embarrassing to run a single article on Clubhouse without questioning the format itself.Read more of this story at Slashdot.

"Software research is a train wreck," says Hillel Wayne, a Chicago-based software consultant who specialises in formal methods, instancing the received wisdom that bugs are way more expensive to fix once software is deployed. Wayne did some research, noting that "if you Google 'cost of a software bug' you will get tons of articles that say 'bugs found in requirements are 100x cheaper than bugs found in implementations.' They all use this chart from the 'IBM Systems Sciences Institute'... There's one tiny problem with the IBM Systems Sciences Institute study: it doesn't exist." The Register: Laurent Bossavit, an Agile methodology expert and technical advisor at software consultancy CodeWorks in Paris, has dedicated some time to this matter, and has a post on GitHub called "Degrees of intellectual dishonesty". Bossavit referenced a successful 1987 book by Roger S Pressman called Software Engineering: a Practitioner's Approach, which states: "To illustrate the cost impact of early error detection, we consider a series of relative costs that are based on actual cost data collected for large software projects [IBM81]." The reference to [IBM81] notes that the information comes from "course notes" at the IBM Systems Sciences Institute. Bossavit discovered, though, that many other publications have referenced Pressman's book as the authoritative source for this research, disguising its tentative nature. Bossavit took the time to investigate the existence of the IBM Systems Science Institute, concluding that it was "an internal training program for employees." No data was available to support the figures in the chart, which shows a neat 100x the cost of fixing a bug once software is in maintenance. "The original project data, if any exist, are not more recent than 1981, and probably older; and could be as old as 1967," said Bossavit, who also described "wanting to crawl into a hole when I encounter bullshit masquerading as empirical support for a claim, such as 'defects cost more to fix the later you fix them'."Read more of this story at Slashdot.

New submitter Goatbot writes: Another day another telco failure. Freedom Mobile repeatedly reassigned a customer's phone number. From the report: A Toronto-area woman says Freedom Mobile is still assigning her cell number to other people, even though she took the number with her when she moved to a new provider last year. Tsahai Carter, 22, made the switch last August. Since then, she says, on three separate occasions she's received phone calls and text messages intended for other people who'd been assigned the same number by Freedom Mobile. Carter, who lives north of Toronto in Markham, Ont., has also fielded phone calls from frustrated customers, wondering why someone else is getting their calls and messages. "They're getting mad at me for taking over their phone number, when really I had nothing to do with it," said Carter. "So it's a bit stressful." This isn't the first time Freedom Mobile customers have complained about a mix-up in phone numbers. In 2019, CBC reported on another customer who'd been given a number by Freedom Mobile that was still in use by someone else: a man who'd ported the number with him when he moved from Freedom to Fido.Read more of this story at Slashdot.

Alphabet's Google will now show its search engine users more information about why it found the results they are shown, the company said on Thursday. From a report: It said people googling queries will now be able to click into details such as how their result matched certain search terms, in order to better decide if the information is relevant.Read more of this story at Slashdot.

After years of warning from researchers, journalists, and even governments, someone used highly sensitive location data from a smartphone app to track and publicly harass a specific person. From a report: In this case, Catholic Substack publication The Pillar said it used location data ultimately tied to Grindr to trace the movements of a priest, and then outed him publicly as potentially gay without his consent. The Washington Post reported on Tuesday that the outing led to his resignation. The news starkly demonstrates not only the inherent power of location data, but how the chance to wield that power has trickled down from corporations and intelligence agencies to essentially any sort of disgruntled, unscrupulous, or dangerous individual. A growing market of data brokers that collect and sell data from countless apps has made it so that anyone with a bit of cash and effort can figure out which phone in a so-called anonymized dataset belongs to a target, and abuse that information. "Experts have warned for years that data collected by advertising companies from Americans' phones could be used to track them and reveal the most personal details of their lives. Unfortunately, they were right," Senator Ron Wyden told Motherboard in a statement, responding to the incidentRead more of this story at Slashdot.

The nation's big TV companies are calling for a new yardstick. From a report: A trade organization representing Disney, ViacomCBS, NBCUniversal, Fox Corp. and other media giants is calling for the organization that signs off on Nielsen's methodology for measuring TV viewership to yank accreditation, an aggressive maneuver in an era when media outlets and the advertisers who support them are scrambling to figure out how to count viewer eyeballs across an increasingly unwieldy array of new entertainment venues, digital behaviors and screens. The trade group, the VAB, on Wednesday sent a ten-page letter to the Media Rating Council urging the group to pull its backing of Nielsen's ratings, citing Nielsen's diminished ability to count viewership during the coronavirus pandemic. "Nielsen's COVID-period conduct as a ratings service violated at least five minimum standards," the VAB said in its letter, "with the damage done to their largest subscriber clients still creating material negative impact into July 2021."Read more of this story at Slashdot.

Many websites -- including banking pages, brokerages, and gaming services -- have been affected by what looks to be a major internet outage. From a report: As website owners and companies that run services that provide the backbone of the web scramble to solve the issue, consumers have been left unable to access services like Ally Bank, Fidelity, Sony's PlayStation Network, Airbnb, and more. Several airline sites are also having issues: Delta, British Airways, and Southwest's sites are all having major issues. At the moment, it's unclear what's causing the outage, though DownDetector reports that both AWS and Akamai, a pair of content delivery networks that host much of the internet, are both experiencing issues. Akamai's status page reports that the company is currently investigating an issue with its DNS service. Cloudflare's CEO has chimed in to say that its service isn't to blame.Read more of this story at Slashdot.

Last year the artificial intelligence group DeepMind cracked a mystery that has flummoxed scientists for decades: stripping bare the structure of proteins, the building blocks of life. Now, having amassed a database of nearly all human protein structures, the company is making the resource available online free for researchers to use. From a report: The key to understanding our basic biological machinery is its architecture. The chains of amino acids that comprise proteins twist and turn to make the most confounding of 3D shapes. It is this elaborate form that explains protein function; from enzymes that are crucial to metabolism to antibodies that fight infectious attacks. Despite years of onerous and expensive lab work that began in the 1950s, scientists have only decoded the structure of a fraction of human proteins. DeepMind's AI program, AlphaFold, has predicted the structure of nearly all 20,000 proteins expressed by humans. In an independent benchmark test that compared predictions to known structures, the system was able to predict the shape of a protein to a good standard 95% of time. DeepMind, which has partnered with the European Molecular Biology Laboratory's European Bioinformatics Institute (EMBL-EBI), hopes the database will help researchers to analyse how life works at an atomic scale by unpacking the apparatus that drives some diseases, make strides in the field of personalised medicine, create more nutritious crops and develop "green enzymes" that can break down plastic.Read more of this story at Slashdot.

A new video investigation by the Wall Street Journal finds the key to TikTok's success in how the short-video sharing app monitors viewing times. From a report: TikTok is known for the fiendishly effective way that it selects streams of videos tailored to each user's taste. The algorithm behind this personalization is the company's prize asset -- and, like those that power Google and Facebook, it's a secret. WSJ created a batch of individualized dummy accounts to throw at TikTok and test how it homed in on each fake persona's traits. TikTok responds most sensitively to a single signal -- how long a user lingers over a video. It starts by showing new users very popular items, and sees which catch their eyes.Read more of this story at Slashdot.

Chinese regulators are considering serious, perhaps unprecedented, penalties for Didi Global after its controversial initial public offering last month, Bloomberg News reported Thursday, citing people familiar with the matter. From a report: Regulators see the ride-hailing giant's decision to go public despite pushback from the Cyberspace Administration of China as a challenge to Beijing's authority, the people said, asking not to be named because the matter is private. Officials from the CAC, the Ministry of Public Security, the Ministry of State Security, the Ministry of Natural Resources, along with tax, transport and antitrust regulators, began an investigation on-site at the company's offices, the cyberspace watchdog said in a statement. Regulators are weighing a range of potential punishments, including a fine, suspension of certain operations or the introduction of a state-owned investor, the people said. Also possible is a forced delisting or withdrawal of Didi's U.S. shares, although it's unclear how such an option would play out. Deliberations are at a preliminary phase and the outcomes are far from certain. Beijing is likely to impose harsher sanctions on Didi than on Alibaba Group Holding, which swallowed a record $2.8 billion fine after a months-long antitrust investigation and agreed to initiate measures to protect merchants and customers, the people said. "It's hard to guess what the penalty will be, but I'm sure it will be substantial," said Minxin Pei, a professor of government at Claremont McKenna College in California.Read more of this story at Slashdot.

The maker of powerful spy software allegedly used to hack the phones of innocent people says blaming the company is like "criticising a car manufacturer when a drunk driver crashes." From a report: NSO Group is facing international criticism, after reporters obtained a list of alleged potential targets for spyware, including activists, politicians and journalists. Investigations have begun as the list, of 50,000 phone numbers, contained a small number of hacked phones. Pegasus infects iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones and cameras. NSO Group has said the software is intended for use against criminals and terrorists and made available to only military, law enforcement and intelligence agencies from countries with good human-rights records. But a consortium of news organisations, led by French media outlet Forbidden Stories, has published dozens of stories based around the list, including allegations French President Emmanuel Macron's number was on it and may have been targeted.Read more of this story at Slashdot.

An anonymous reader quotes a report from CNN: A federal judge forced a US Capitol rioter to unlock his laptop Wednesday after prosecutors argued that it likely contained footage of the January 6 insurrection from his helmet-worn camera. The judge granted the Justice Department's request to place Capitol riot defendant Guy Reffitt in front of his laptop so they could use facial recognition to unlock the device. The maneuver happened after the hearing ended and Reffitt's lawyer confirmed to CNN that the laptop was unlocked. Investigators seized the laptop and other devices earlier this year pursuant to a search warrant. Reffitt has been in jail since his arrest in January. His case received national attention after his son spoke publicly about how Reffitt had threatened to kill family members if they turned him into the FBI. The case became an example of how former President Donald Trump's lies tore some families apart -- Reffitt's son and daughter testified against him in court or before the grand jury. He pleaded not guilty to five federal crimes, including bringing a handgun to the Capitol grounds during the insurrection and obstructing justice by allegedly threatening his family. The felony gun charge was added last month, and undercuts false claims from Trump and prominent Republican lawmakers that the rioters weren't armed and that they had "no guns whatsoever." The case raised intriguing constitutional questions about the right against self-incrimination, but Judge Dabney Friedrich agreed with prosecutors that the unlocking was within the law. "As the court here noted, requiring a defendant to expose his face to unlock a computer can be lawful, and is not far removed from other procedures that are now routinely approved by courts, with proper justification: standing in a lineup, submitting a handwriting or voice exemplar, or submitting a blood or DNA sample," CNN senior legal analyst Elie Honig said in an email. Honig said judges try to strike a balance "between respecting a defendant's privacy and other rights on the one hand, and enabling prosecutors to obtain potentially crucial evidence with minimal intrusion on the defendant's rights, on the other." The "potentially crucial evidence" here may include footage of the handgun that Reffitt brought to the Capitol or comments he made about his intentions that day.Read more of this story at Slashdot.

UnknowingFool shares a report from CBS News: After being down for a month due to a computer issue, Hubble was brought back up last week. NASA released images captured by Hubble over the weekend including a rare observance of two galaxies that are colliding. The other interesting image is that of a spiral galaxy with three arms, as most spiral galaxies have an even number of arms. "I'm thrilled to see that Hubble has its eye back on the universe, once again capturing the kind of images that have intrigued and inspired us for decades," NASA administrator Bill Nelson said in a statement. "This is a moment to celebrate the success of a team truly dedicated to the mission. Through their efforts, Hubble will continue its 32nd year of discovery, and we will continue to learn from the observatory's transformational vision."Read more of this story at Slashdot.

Mobileye, the company that specializes in chips for vision-based autonomous vehicles, is now testing its AVs in New York City -- a difficult and rare move given the state's restrictions around such testing. The Verge reports: The announcement was made by Amnon Shashua, president and CEO of the Intel-owned company, at an event in the city on Tuesday. Shashua said the company is currently testing two autonomous vehicles in New York City, but plans to increase that number to seven "in the next few months." New York City has some of the most dangerous, congested, and poorly managed streets in the world. They are also chock-full of construction workers, pedestrians, bicyclists, and double- and sometimes even triple-parked cars. In theory, this would make it very difficult for an autonomous vehicle to navigate, given that AVs typically rely on good weather, clear signage, and less aggressive driving from other road users for safe operation. But Shashua said this was part of the challenge in deciding where to test Mobileye's vehicles. "I think for a human it's very, very challenging to drive in New York City," Shashua said, "not to mention for a robotic car." While other states have become hot beds for AV testing, New York has been a bit of a ghost town. Part of the reason could be the state's strict rules, which include mandating that safety drivers keep their hands on the wheel at all times and requiring state police escort at all times to be paid for by the testing company. A spokesperson for Mobileye says the company has obtained a permit from the state to test its vehicles on public roads and is currently the only AV testing permit holder in the state. The spokesperson also said that police escorts were no longer required.Read more of this story at Slashdot.

China has unveiled its new maglev train that's being touted as the fastest ground vehicle in the world with a maximum speed of 372 mph (600 kph). USA Today reports: The train uses electro-magnetic force, making it "float" so there is no contact between the rail and the body, Reuters reported. The debut of the super fast train could cut down time for people traveling from Beijing to Shanghai to only 2.5 hours. That's a distance of 754 miles and currently a 4.5-hour train ride on one of China's bullet trains. China's newest train is expected to be ready for commercial use within the next decade.Read more of this story at Slashdot.

An anonymous reader quotes a report from CoinDesk: Mastercard has named the first stablecoin and a handful of partner companies that will help cryptocurrency holders spend their digital assets at merchants that accept the payment giant's cards. In the pilot announced Tuesday, Circle's USDC will serve as a bridge between the cryptocurrency in consumers' digital wallets and the fiat currency paid to merchants. USDC is a digital token that almost always trades at $1 because the issuer promises to redeem it 1-for-1 with greenbacks at any time. While it might sound like adding an extra step, swapping a cryptocurrency for a stablecoin and then exchanging the stablecoin for dollars can be quicker or simpler than going directly from crypto to fiat. For example, some cryptos cannot be easily traded on an exchange for dollars but can be for USDC. Adding this way station will assist cryptocurrency firms that want to offer Mastercard-branded products to their customers, the company said. "Today not all crypto companies have the foundational infrastructure to convert cryptocurrency to traditional fiat currency, and we're making it easier," said Raj Dhamodharan, Mastercard's executive vice president of digital asset and blockchain products, in a press release. The announcement, five months after Mastercard said it planned to bring select stablecoins into its network, was framed as a step toward that eventual goal.Read more of this story at Slashdot.

Proposed changes to EU law would force companies that transfer Bitcoin or other crypto-assets to collect details on the recipient and sender. The BBC reports: The proposals would make crypto-assets more traceable, the EU Commission said, and would help stop money-laundering and the financing of terrorism. The new rules would also prohibit providing anonymous crypto-asset wallets. The Commission argued that crypto-asset transfers should be subject to the same anti-money-laundering rules as wire transfers. "Given that virtual assets transfers are subject to similar money-laundering and terrorist-financing risks as wire funds transfers... it therefore appears logical to use the same legislative instrument to address these common issues," the Commission wrote. While some crypto-asset service providers are already covered by anti-money-laundering rules, the new proposals would "extend these rules to the entire crypto-sector, obliging all service providers to conduct due diligence on their customers," the Commission explained. Under the proposals, a company transferring crypto-assets for a customer would be obliged to include their name, address, date of birth and account number, and the name of the recipient. To become law the proposals will need the agreement of member states and the European Parliament. The proposals could take two years to become law.Read more of this story at Slashdot.

Qualys has discovered a new systemd security bug that enables any unprivileged user to cause a denial of service via a kernel panic. Slashdot reader inode_buddha shares the news via ZDNet's Steven J. Vaughan-Nichols: As Bharat Jogi, Qualys's senior manager of Vulnerabilities and Signatures, wrote, "Given the breadth of the attack surface for this vulnerability, Qualys recommends users apply patches for this vulnerability immediately." You can say that again. Systemd is used in almost all modern Linux distributions. This particular security hole arrived in the systemd code in April 2015. It works by enabling attackers to misuse the alloca() function in a way that would result in memory corruption. This, in turn, allows a hacker to crash systemd and hence the entire operating system. Practically speaking, this can be done by a local attacker mounting a filesystem on a very long path. This causes too much memory space to be used in the systemd stack, which results in a system crash. That's the bad news. The good news is that Red Hat Product Security and systemd's developers have immediately patched the hole.Read more of this story at Slashdot.

LG will reportedly start selling iPhones and iPads in its South Korean stores this August -- mere months after the company quit making Android devices. Android Authority reports: According to MacRumors, the Herald Economic Daily claims LG has struck a deal with Apple to sell the iPhone and iPad in 400 stores across South Korea starting in August. LG may have to overcome some hurdles to make this happen. The company reportedly signed a "win-win" agreement with the country's National Mobile Communication Distribution Association that bars it from selling a direct competitor's phones in its stores. That deal was made in 2018, however, or well before LG signaled that it would quit making phones and tablets. LG is supposedly planning to renegotiate the agreement once it officially sells the iPhone and iPad in its shops. The deal unsurprisingly wouldn't include Macs, as systems like the MacBook Air compete directly with the Gram series and other LG computers where the iPhone and iPad are relatively safe.Read more of this story at Slashdot.

A video game developer is abandoning the Denuvo DRM platform for its upcoming game's PC version, blaming Denuvo-related performance issues for the decision. An anonymous reader shares an article written by Ars Technica's Sam Machkovech: Amplitude Studios, a French studio known for PC-exclusive 4X strategy games, had previously announced that its next game, Humankind, would ship with a Denuvo implementation in August 2021. This prompted a post titled "The day Amplitude broke my heart" on Amplitude's official forum, with a fan declaring their love of prior Amplitude strategy games and then expressing their disappointment that Humankind had a Denuvo tag on its Steam page. After pointing to their disagreement with Denuvo's practices, including the block of offline-only gameplay, the fan offered a reasonably levelheaded plea: "To be fair, I totally understand why Denuvo was chosen (probably by [Amplitude studio owner] Sega). I understand how important it is for sales to protect the game around release, but PLEASE Amplitude, PLEASE consider to remove Denuvo after some months!" This request lines up with other game publishers' decisions to remove Denuvo protections after a PC game's launch window has passed. Amplitude co-founder and CCO Romain de Waubert de Genlis replied to the thread on Thursday, July 15, with a surprising announcement: the fan wouldn't have to wait "some months" to see Denuvo removed. Instead, Humankind will launch on August 17 with no Denuvo implementation to speak of. On his company's forum, de Genlis admits that business considerations played into Amplitude's original decision: "We've been one of the most wishlisted games on Steam this year, so we know we're going to be targeted by pirates, more so than any of our previous games," he writes. "If Denuvo can hold off a cracked version, even just for a few days, that can already really help us to protect our launch." But ultimately, his teammates felt they couldn't justify its inclusion after running into issues. While de Genlis admits that there's a chance his team could have added Denuvo to the game without impacting PC performance, tests during the game's June closed beta showed the performance hit was too great—and that it's "not something we can fix before release. So, we are taking it out." In other words: when left with the choice between delaying the game to optimize a Denuvo implementation and to launch the game without Denuvo at all, Amplitude opted for the latter. "Our priority is always the best possible experience for the players who buy our games and support us," de Genlis writes. "Denuvo should never impact player performance, and we don't want to sacrifice quality for you guys." After this, the topic's creator edited the thread title to read, "The day Amplitude broke my heart (and how they reassembled it)."Read more of this story at Slashdot.