Slashdot

Computer programs that automate online tasks, called bots, have aligned with the coronavirus pandemic and low inventories of hot products to create a perfect storm of holiday disappointment -- or opportunity, depending on your perspective. From a report: On Black Friday, when it launched a deal on the console, Walmart.com says it blocked more than 20 million bot attempts in the sale's first 30 minutes. Target says it's constantly tracking and blocking bots, focusing on high-demand products such as the PS5. One British retailer called Very said it canceled at least 1,000 game console orders after it realized they were placed by bots. Using shopping bots to buy these products is perfectly legal in the United States, despite flustering retailers and stoking annoyance for customers like Coleman. Some bot operators are modern scalpers, in it to make money by forcing Santa to pay market prices. Others are computer-savvy shoppers now turning to bots out of desperation to fill their own gift lists. Shopping bots aren't new, but their use is growing fast. Deployed by people who buy and resell tickets, high-end sneakers and designer fashion, they're now expanding into other categories where demand outstrips supply -- including grocery delivery slots at the height of the pandemic. Imperva, a cybersecurity firm, says that among its clients, "bad bots" accounted for 24.1 percent of all traffic in 2019 -- up from 20.4 percent in 2018. Bots are only one part of the PS5 crunch -- there have even been daring heists. But stopping the use of bots is easier said than done in an Internet economy that connects so many different interests: companies that want to make highly sought-after products and early adopters who will do anything to get them.Read more of this story at Slashdot.

Makers of cars and electronic devices from TVs to smartphones are sounding alarm bells about a global shortage of chips, which is causing manufacturing delays as consumer demand bounces back from the coronavirus crisis. From a report: The problem has several causes, industry executives and analysts say, including bulk-buying by U.S. sanctions-hit Chinese tech giant Huawei Technologies, a fire at a chip plant in Japan, coronavirus lockdowns in Southeast Asia, and a strike in France. More fundamentally, however, there has been under-investment in 8-inch chip manufacturing plants owned mostly by Asian firms, which means they have struggled to ramp up production as demand for 5G phones, laptops and cars picked up faster than expected. "For the whole electronics industry, we've been experiencing a shortage of components," said Donny Zhang, CEO of Shenzhen-based sourcing company Sand and Wave, who said he faced delays in obtaining a microcontroller unit that was key to a smart headphone product he was working on. "We were originally planning to complete production in one month, but now it looks like we'll need to do it in two." A source at a Japanese electronics component supplier said it was seeing shortages of WiFi and Bluetooth chips and was expecting delays of more than 10 weeks.Read more of this story at Slashdot.

Google won European Union approval for its $2.1 billion takeover of health tracker Fitbit, days after regulators proposed tougher rules to curb powerful technology firms' push into new services. From a report: The European Commission said Google's pledge to maintain access for rival health and fitness apps and device makers for 10 years removed its concerns about the U.S. tech giant's move into health data and devices. Smaller rivals previously complained that the company's promises might not go far enough to stop Google shutting off access in future to rival products or services. "The commitments will determine how Google can use the data collected for ad purposes, how interoperability between competing wearables and Android will be safeguarded and how users can continue to share health and fitness data, if they choose to," Margrethe Vestager, the EU's antitrust chief, said in a statement Thursday. Approval comes in a harsh climate when Google and others are facing mounting scrutiny of acquisitions that help them push into new areas. Google announced its plans to buy Fitbit in November 2019, describing the bid for the smartwatch maker as a boost to its lagging hardware business.Read more of this story at Slashdot.

In Huntsville, Alabama, there is a room with green walls and a green ceiling. Dangling down the center is a fishing line attached to a motor mounted to the ceiling, which moves a procession of guns tied to the translucent line. From a report: The staff at Arcarithm bought each of the 10 best-selling firearm models in the U.S.: Rugers, Glocks, Sig Sauers. Pistols and long guns are dangled from the line. The motor rotates them around the room, helping a camera mounted to a mobile platform photograph them from multiple angles. "It's just like a movie set," said Arcarithm president and CEO Randy E. Riley. This process creates about 5,000 images of each gun floating ethereally. Arcarithm's computer programmers then replace the green backdrop with different environments, like fields, forests, and city streets. They add rain or snow or fog or sun. A program then randomly distorts the images. The result is 30,000 to 50,000 images of the same gun, from multiple angles, in different synthetic settings and of varying degrees of visibility. The point of creating this vast portfolio of digital gun art is to feed an algorithm made to detect a firearm as soon as a security camera catches it being drawn by synthetically creating tens of thousands of ways each gun may appear. Arcarithm is one of several companies developing automated active shooter detection technology in the hopes of selling it to schools, hotels, entertainment venues and the owners of any location that could be the site of one of America's 15,000 annual gun murders and 29,000 gun injuries. Among the other sellers are Omnilert, a longtime vendor of safety notification software, and newcomers ZeroEyes, Defendry, and Athena Securities. Some cities employ a surveillance system of acoustic sensors to instantly detect gunshots. These companies promise to do one better and save precious minutes by alerting police or security personnel before the first shot is fired.Read more of this story at Slashdot.

Alphabet's Google waived a 1.1 billion-pound loan ($1.5 billion) to DeepMind in 2019 after the U.K.-based artificial intelligence lab continued to ramp up the scale of its research and development. From a report: Revenue jumped 158% in 2019, DeepMind said in a financial filing this week. Sales were 265.5 million pounds, up from 102.8 million pounds a year earlier. Its losses also widened, increasing 1.4% to 476.6 million pounds. DeepMind's parent has agreed to continue funding the company for at least a year after the report's approval. Alphabet's Google Ireland unit waived repayments and interest from the loan to help cover DeepMind's losses. Google acquired DeepMind in 2014 in a 400 million-pound acquisition that gave the Silicon Valley search giant access to cutting edge AI research. DeepMind Chief Executive Officer Demis Hassabis's goal is to produce general-purpose intelligence that can solve an array of problems. It develops products used by its parent company -- like its system for making data centers more energy efficient and a program to improve the accuracy of travel times on Google Maps -- as well as AI with broader applications.Read more of this story at Slashdot.

Last week, some Goodreads users received a disappointing message: The popular book tracking website is disabling access to its API for users who haven't used the product in more than 30 days. The company says it "plans to retire these tools" altogether and that, as of December 8, it will no longer issue new keys. It's unclear when or if Goodreads will close off its API to active users. From a report: "When I found out, I was pretty upset," says Karen Ellett, a software developer in South Carolina who uses the Goodreads API to power a private tool that tracks book series. The tool, which she had hoped to eventually release for other people to use, keeps track of new releases in book series she reads, which is a function Goodreads doesn't currently offer. When a new book gets added to the series, Ellett's tool updates automatically, so she doesn't have to go looking for it on her own when she's ready to dive back into the series. Since she's read 172 books this year, it's not easy for her to mentally juggle all the new additions she wants to get to on her own. "I've put so many hours into developing this tool not just for myself, but with an eye towards it being utilized by other people. I'd say I was probably about 70 to 80% done, and now there's just no point," she says. As Goodreads is a stagnant product that has barely improved its functionality and features since it was acquired by Amazon in 2013, thousands of readers with basic coding skills use the Goodreads API to power their own better features and tools. On a thread about the change for Goodreads Developers, one user says the Discord book recommendations bot he was in the process of building suddenly stopped working. Another says his tool, which analyzes statistics related to the authors on a Goodreads user's "read" list, will be shut down, nullifying countless hours of work he put into the feature. Ellett still uses the API daily, so her access to the API hasn't been shut down -- yet. She heard about it from a friend who forwarded the email to her. Many Goodreads API users complain that the communication from Goodreads has been terrible, with people only hearing about the change from intermittent users whose access was suddenly terminated.Read more of this story at Slashdot.

Facebook is stepping up its campaign against Apple's privacy changes with a second full-page newspaper ad today. This new ad claims Apple's iOS 14 privacy changes "will change the internet as we know it," and force websites and blogs "to start charging you subscription fees" or add in-app purchases due to a lack of personalized ads. From a report: It follows a similar full-page newspaper ad in the The Wall Street Journal, New York Times, and the Washington Post yesterday. Apple is planning to make changes to iOS 14 early next year that will require developers to ask for permission to gather data and track users across mobile apps and websites on an iPhone or iPad. Apple revealed how iOS 14 users will be prompted to opt into tracking in apps this week, noting that developers like Facebook can explain to users why they should allow tracking within the prompt. These changes will impact Facebook's lucrative ad business, but the social networking giant is framing them as something far larger that could impact small businesses. Unsurprisingly, Apple doesn't agree. "We believe that this is a simple matter of standing up for our users," said an Apple spokesperson in response to Facebook's first full-page newspaper ad yesterday. "Users should know when their data is being collected and shared across other apps and websites -- and they should have the choice to allow that or not."Read more of this story at Slashdot.

Book publishing in 2020 was a story of how much an industry can change and how much it can, or wants to, remain the same. From a report: "A lot of what has happened this year -- if it were a novel, I would say that it had a little too much plot," said Simon & Schuster CEO Jonathan Karp. Three narratives ran through the book world for much of the year: an industry pressed to acknowledge that the status quo was unacceptable, an industry offering comfort and enlightenment during traumatic times, and an industry ever more consolidated around the power of Penguin Random House and Amazon.com. To its benefit and to its dismay, publishing was drawn into the events of the moment. The pandemic halted and threatened to wipe out a decade of growth for independent bookstores, forced the postponement of countless new releases and led to countless others being forgotten. The annual national convention, BookExpo, was called off and may be gone permanently after show organizers Reed Exhibitions announced they were "retiring" it. The industry had long regarded itself as a facilitator of open expression and high ideals, but in 2020 debates over diversity and #MeToo highlighted blind spots about race and gender and challenged the reputations of everyone from poetry publishers to Oprah Winfrey, from book critics to the late editor of Ernest Hemingway. Employees themselves helped take the lead: They staged protests in support of Black Lives Matters and walked off the job at Hachette Book Group after the publisher announced it had acquired Woody Allen's memoir, which Hachette soon dropped. Through it all, books managed to sell, keeping a steady pace at a time when film and theater, among other industries, faced dire questions about their future.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Daily Beast: In his final weeks in office before Joe Biden's inauguration, President Donald Trump is weighing granting clemency to Ross Ulbricht, the founder and former administrator of the world's most famous darknet drug market, Silk Road, The Daily Beast has learned. According to three people familiar with the matter, the White House counsel's office has had documents related to Ulbricht's case under review, and Trump was recently made aware of the situation and the pleas of the Silk Road founder's allies. Two of these sources say the president has at times privately expressed some sympathy for Ulbricht's situation and has been considering his name, among others, for his next round of commutations and pardons before the Jan. 20 inauguration of his 2020 Democratic opponent. It is unclear if Trump has arrived at a final decision yet, but Ulbricht has gained some influential backers in the president's political and social orbit. Behind the scenes, he has the support of some presidential advisers, as well as criminal justice reform advocates with close ties to the administration and Trump family, including Alice Johnson, according to people with knowledge of the matter. "I've had documents forwarded to my contacts in the White House as early as February," activist Weldon Angelos, a former music producer and ex-federal inmate, said in a brief interview on Tuesday evening. "In the beginning of the year, [Ulbricht's] family had reached out to us for our support, and my organization and I have endorsed his full commutation, and I am hopeful that President Trump will commute his sentence in its entirety. This case has perhaps more support than I've seen in any case of this kind."Read more of this story at Slashdot.

schwit1 shares a report from Ars Technica: Since that time, according to The Planetary Society's Casey Dreier, NASA has spent $23.7 billion developing the Orion spacecraft. This does not include primary costs for the vehicle's Service Module, which provides power and propulsion, as it is being provided by the European Space Agency. For this money, NASA has gotten a bare-bones version of Orion that flew during the Exploration Flight Test-1 mission in 2014. The agency has also gotten the construction of an Orion capsule -- which also does not have a full life support system -- that will be used during the uncrewed Artemis I mission due to be flown in 12 to 24 months. So over its lifetime, and for $23.7 billion, the Orion program has produced: - Development of Orion spacecraft- Exploration Flight Test-1 basic vehicle- The Orion capsule to be used for another test flight- Work on capsules for subsequent missions Obviously, that is not nothing. But it is far from a lot, even for a big government program. To see how efficiently this money could theoretically have been spent, let's use an extreme example. SpaceX is generally considered one of the most efficient space companies. Founded in 2002, the company has received funding from NASA, the Department of Defense, and private investors. Over its history, we can reliably estimate that SpaceX has expended a total of $16 billion to $20 billion on all of its spaceflight endeavors. Consider what that money has bought: - Development of Falcon 1, Falcon 9, and Falcon Heavy rockets- Development of Cargo Dragon, Crew Dragon, and Cargo Dragon 2 spacecraft- Development of Merlin, Kestrel, and Raptor rocket engines- Build-out of launch sites at Vandenberg (twice), Kwajalein Atoll, Cape Canaveral, and Kennedy Space Center- 105 successful launches to orbit- 20 missions to supply International Space Station, two crewed flights- Development of vertical take off, vertical landing, rapid reuse for first stages- Starship and Super Heavy rocket development program- Starlink Internet program (with 955 satellites on orbit, SpaceX is largest satellite operator in the world) To sum up, SpaceX delivered all of that for billions of dollars less than what NASA has spent on the Orion program since its inception.Read more of this story at Slashdot.

Connecticut-based company LiquidPiston is developing a portable generator for the US Army that uses its X-Engine, a fresh and extremely powerful take on the rotary engine that'll deliver as much power as the Army's current-gen-set at one-fifth the size. New Atlas reports: We've written a few times before about the fascinating LiquidPiston rotary engine. It's not a Wankel -- indeed, it's closer to an inside-out Wankel -- and with only two moving parts, it's able to deliver extraordinary power density at up to 1.5 horsepower per pound (0.45 kg). According to co-founder and CEO Alec Schkolnik, the X Engine design combines the high compression ratio and direct injection of a diesel engine with the constant volume combustion process of an Otto cycle engine and the over-expansion abilities of an Atkinson cycle engine, while solving the lubrication and sealing issues of the Wankel rotary engine and delivering huge power and efficiency. Check out the design being used in a go-kart and an unmanned aircraft in the video below. LiquidPiston demonstrated the technology for the US Army by building a Compact Artillery Power System (CAPS) generator unit designed to power the digital fire control system on an M777 Howitzer artillery piece. It replaced a generator that needed a truck to move it around with something 20 percent the size: a 41-lb (18.6-kg), 1.5-cubic foot (28.3-L) box about the size of a gaming PC that can easily be carried by two men. Smartly designed to work in conjunction with a battery in a hybrid system, the 2-kW CAPS generator impressed the Army enough that LiquidPiston has been awarded a Small Business Innovation Research contract to develop it further as a 2-5 kW Small Tactical Generator for a range of military use cases, running on diesel with compression ignition.Read more of this story at Slashdot.

On December 15, the United States Air Force successfully flew an AI copilot on a U-2 spy plane in California, marking the first time AI has controlled a U.S. military system. Dr. Will Roper, the Assistant Secretary of the Air Force for Acquisition, Technology and Logistics, reveals how he and his team made history: With call sign ARTUu, we trained uZero -- a world-leading computer program that dominates chess, Go, and even video games without prior knowledge of their rules -- to operate a U-2 spy plane. Though lacking those lively beeps and squeaks, ARTUu surpassed its motion picture namesake in one distinctive feature: it was the mission commander, the final decision authority on the human-machine team. And given the high stakes of global AI, surpassing science fiction must become our military norm. Our demo flew a reconnaissance mission during a simulated missile strike at Beale Air Force Base on Tuesday. ARTUu searched for enemy launchers while our pilot searched for threatening aircraft, both sharing the U-2's radar. With no pilot override, ARTUu made final calls on devoting the radar to missile hunting versus self-protection. Luke Skywalker certainly never took such orders from his X-Wing sidekick! The fact ARTUu was in command was less about any particular mission than how completely our military must embrace AI to maintain the battlefield decision advantage. Unlike Han Solo's "never-tell-me-the-odds" snub of C-3PO's asteroid field survival rate (approximately 3,720 to 1), our warfighters need to know the odds in dizzyingly-complex combat scenarios. Teaming with trusted AI across all facets of conflict -- even occasionally putting it in charge -- could tip those odds in our favor. But to trust AI, software design is key. Like a breaker box for code, the U-2 gave ARTUu complete radar control while "switching off" access to other subsystems. Had the scenario been navigating an asteroid field -- or more likely field of enemy radars -- those "on-off" switches could adjust. The design allows operators to choose what AI won't do to accept the operational risk of what it will. Creating this software breaker box -- instead of Pandora's -- has been an Air Force journey of more than a few parsecs...Read more of this story at Slashdot.

An anonymous reader quotes a report from Fast Company: For just $25, Amazon wants to make you a custom T-shirt. And a virtual body double. This week, the company unveiled a brand called "Made for You" that creates made-to-measure clothes. The initial product, a T-shirt, can be personalized to your taste and measurements, and more products are coming. This is Amazon's latest bid to make itself a fashion destination, and if the company chooses to double down on this made-to-measure technology, it could have significant impacts throughout the industry. It took me five minutes to design a pink, long-sleeved cotton T-shirt. The process began with creating a virtual body double, which involves inputting details -- such as my height, weight, and skin tone -- then taking two photos on my phone using the 3D body scanner in the app. (Amazon has been incorporating body scanners into a number of its products lately, from its fitness band to its smart mirror.) The final 3D representation that appeared on the app looked uncannily like me. In the final step, I chose the color, sleeve length, and neckline of the tee. Then boom! I added it to my cart, and the custom shirt is set to arrive on Christmas Eve.Read more of this story at Slashdot.

Elon Musk's tunneling venture, The Boring Company, is planning a massive citywide expansion of the currently modest underground transportation system it's building in Las Vegas. The Verge reports: The startup now wants to build a 10-mile sub-surface "loop" that serves the famous Las Vegas Strip of casino hotels and reaches the city's downtown area as well as McCarran International Airport, all with Tesla vehicles. The Boring Company also wants to build an additional loop that connects properties owned by Caesars Entertainment. The proposed new tunnels would make it possible to go from the Las Vegas Convention Center to Mandalay Bay in just three minutes, as opposed to 30 minutes by surface roads during peak traffic hours, the company claims. The plans, first reported by the Las Vegas Review-Journal, were detailed in proposals submitted to Clark County officials on Monday. The Boring Company's expansion push comes just days after the Las Vegas Convention and Visitors Authority (LVCVA) finished buying the Las Vegas Monorail, which filed for bankruptcy in September after shutting down in March. Following the acquisition, the LVCVA killed a noncompete agreement that had previously kept The Boring Company from digging any tunnels that served the same areas reached by the monorail. The monorail is not expected to reopen until at least May 2021.Read more of this story at Slashdot.

As many as 3 million people have been infected by Chrome and Edge browser extensions that steal personal data and redirect users to ad or phishing sites, a security firm said on Wednesday. Ars Technica reports: In all, researchers from Prague-based Avast said they found 28 extensions for the Google Chrome and Microsoft Edge browsers that contained malware. The add-ons billed themselves as a way to download pictures, videos, or other content from sites including Facebook, Instagram, Vimeo, and Spotify. At the time this post went live, some, but not all, of the malicious extensions remained available for download from Google and Microsoft. Avast researchers found malicious code in the JavaScript-based extensions that allows them to download malware onto an infected computer. In a post, the researchers wrote: "Users have also reported that these extensions are manipulating their internet experience and redirecting them to other websites. Anytime a user clicks on a link, the extensions send information about the click to the attacker's control server, which can optionally send a command to redirect the victim from the real link target to a new hijacked URL before later redirecting them to the actual website they wanted to visit. User's privacy is compromised by this procedure since a log of all clicks is being sent to these third party intermediary websites. The actors also exfiltrate and collect the user's birth dates, email addresses, and device information, including first sign in time, last login time, name of the device, operating system, used browser and its version, even IP addresses (which could be used to find the approximate geographical location history of the user)." The researchers don't yet know if the extensions came with the malicious code preinstalled or if the developers waited for the extensions to gain a critical mass of users and only then pushed a malicious update. It's also possible that legitimate developers created the add-ons and then unknowingly sold them to someone who intended to use them maliciously. [...] The list Avast provides in its blog post includes links to download locations for both Chrome and Edge. Anyone who has downloaded one of these add-ons should remove it immediately and run a virus scan.Read more of this story at Slashdot.

An anonymous reader quotes a report from Android Police: Today, Google and Qualcomm announced what seemed like a big improvement to updates for Android smartphones. The headlines (ours included! We were confused, too) largely read as though Android phones with Qualcomm chipsets would now receive "four years" of Android updates, an additional year on top of what manufacturers like Google and now Samsung have offered on their top-tier smartphones. Except, that's not actually what it said. After confirming with both Google and Qualcomm (and chatting with AP alumnus Ron Amadeo), I received confirmation of what I suspected was the point of confusion about today's news, and that, in fact, very little is changing if you have a Google Pixel or high-end Samsung smartphone. Currently, Google and Samsung both offer three major OS updates on their well-known smartphones. Today's announcement from Google and Qualcomm does not add to that figure. Instead, the announcement merely makes policy what has long been an optional extra for smartphone OEMs who work with Qualcomm, and does not actually "extend" the lifespan of Qualcomm's highest-end chipsets in a meaningful way. If you're confused, I empathize. But Qualcomm and Google kind of hid the ball on this one in a way that was really, really easy to miss, and which most people (including me) didn't spot at first glance. Here's what's actually changing: — Qualcomm will support three major Android OS updates for its entire portfolio of smartphone chips going forward, starting with the Snapdragon 888 — Smartphone OEMs will likely be able to now offer four full years of Android security updates going forward (based on our reading of the announcement) That's it! So, where does all that "four years" and "four Android OS versions" business come from? It's really just a very generous marketing explanation of what was already the policy for Google's Pixel phones (and, again, now many of Samsung's), and it's a tad misleading. Right now, Google's Pixel phones get three years of Android OS and security updates from the time they are released. That means around 36 months of security patches and three major platform updates. Under the new system from Qualcomm, that could be extended to 48 months of security patches, but it would still be just three major platform updates. Neither Google nor Qualcomm is promising more major platform updates for high-end Android smartphones, they're only saying that all Android smartphones with Qualcomm's chips from the newly-announced Snapdragon 888 forward will be eligible for three major platform updates and, as far as we can tell, four years of security updates. As for the four versions business, Google's own slide from today's announcement makes clear that this includes the version of Android the phone shipped with. As in, your phone will, over its lifetime, run four versions of Android: the one it came with, and three subsequent platform updates.Read more of this story at Slashdot.

Six Scottish National Party (SNP) politicians have put forward a motion for consideration in the UK parliament to prohibit the resale of games consoles and PC components at prices "greatly above" MSRP, and the resale of goods purchased using automated bots to be made illegal in these fair isles. PC Gamer reports: A motion on the "Resale of gaming consoles and computer components purchases by automated bots" has been tabled with UK Parliament, and it aims to outlaw resellers' usage of automated bots and make it difficult to sell in-demand tech at prices far exceeding the manufacturer's recommend retail price. The motion has no set date for debate in the Commons, and is what is known as an 'Early Day Motion.' These don't often receive much love in Parliament, often due to the sheer number of Early Day Motions going at any one time, but they are used to highlight specific issues present in society. That's hardly indicative of sweeping change in the near-future, but it's better than nothing.Read more of this story at Slashdot.

This week, Google acquired a company called Neverware that allows users to turn their old PCs and Macs into a Chromebook with its CloudReady software. Now, Google is planning to make CloudReady into an official Chrome OS release. Engadget reports: When that happens, Neverware says its existing users will be able to seamlessly upgrade to the updated software. Moreover, once that transition is complete, Google will support CloudReady in the same way that it currently does Chrome OS. In the immediate future, Neverware says it's business as usual. The Home Edition of CloudReady isn't changing, and the company says it's committed to supporting its existing education and enterprise customers. Moreover, there's no plan to change pricing at the moment, and Google will honor any current multi-year licenses. Not only does this acquisition make a lot of sense from Google's perspective, but it's hard to see a downside for CloudReady users. The fact the operating system wasn't officially supported by Google was one of the few downsides to the software. It meant you couldn't install Android apps on CloudReady devices, even though it's based on Chromium OS. With this acquisition, support for Android apps becomes much more likely. Direct support from Google will also make the software more appealing to schools and businesses since they can get help directly from the company if they have any technical issues.Read more of this story at Slashdot.

An anonymous reader quotes a report from the BBC: A nine-year-old girl who died following an asthma attack has become the first person in the UK to have air pollution listed as a cause of death. Ella Adoo-Kissi-Debrah, who lived near the South Circular Road in Lewisham, south-east London, died in 2013. Southwark Coroner's Court found that air pollution "made a material contribution" to Ella's death. Prof Gavin Shaddick, a government adviser on air pollution, called it "a landmark decision." At the conclusion of the two-week inquest, coroner Philip Barlow said Ella had been exposed to "excessive" levels of pollution. The inquest heard that in the three years before her death, she had multiple seizures and was admitted to hospital 27 times. Delivering a narrative verdict, Mr Barlow said levels of nitrogen dioxide (NO2) near Ella's home exceeded World Health Organization and European Union guidelines. He added: "There was a recognized failure to reduce the levels of nitrogen dioxide, which possibly contributed to her death. There was also a lack of information given to Ella's mother that possibly contributed to her death." Giving his conclusion over almost an hour, the coroner said: "I will conclude that Ella died of asthma, contributed to by exposure to excessive air pollution."Read more of this story at Slashdot.

Texas Attorney General Ken Paxton announced Wednesday that he will soon file a multistate antitrust lawsuit against Google and its advertising business, alleging that the company has stifled competition and enjoys "monopolistic power." From a report: In a tweet, Paxton said the lawsuit will be filed on Wednesday. "This goliath of a company is using its power to manipulate the market, destroy competition and harm you, the consumer," Paxton said in a video accompanying the tweet. The text of the complaint was not immediately available. But a court record shows that nine other states are participating in the suit, including Kentucky, South Dakota, Arkansas, Idaho, Indiana, Mississippi, Missouri, North Dakota and Utah. The lawsuit marks the second antitrust suit by government officials to hit Google in the US this year. The Justice Department took the search giant to court over similar allegations in October. Eleven states joined the suit at the time. It also follows a lawsuit by more than 40 attorneys general against Facebook alleging it has abused a monopoly in social media.Read more of this story at Slashdot.

Google's cloud gaming service now supports the iPhone and iPad. As expected, the company is using a web app to access the service. From a report: Google also says that you need to update to iOS 14.3, the latest iOS update that was released earlier this week. If you want to try it out with a free or paid Stadia account, you can head over to stadia.google.com from your iOS device. Log in to your Google account, add a shortcut to your home screen and open the web app. After that, you can launch a game and start playing. Most games will require a gamepad, so you might want to pair a gamepad with your iPhone or iPad as well. Apple's iOS supports Xbox One and PlayStation 4 controllers using Bluetooth as well as controllers specifically designed for iOS. You can also play with the Stadia controller, but it's optional. If you just want to check your inventory quickly, Stadia on iOS also supports touch controls.Read more of this story at Slashdot.

Hmmmmmm writes: Nestled among the mountains in southwest China, the world's largest radio telescope signals Beijing's ambitions as a global centre for scientific research. The Five-hundred-metre Aperture Spherical Telescope (FAST) -- the only significant instrument of its kind after the collapse of another telescope in Puerto Rico this month -- is about to open its doors for foreign astronomers to use, hoping to attract the world's top scientific talent. The world's second-largest radio telescope, at the Arecibo Observatory in Puerto Rico, was destroyed when its suspended 900-tonne receiver platform came loose and plunged 140 metres (450 feet) onto the radio dish below. Wang Qiming, chief inspector of FAST's operations and development centre, told AFP during a rare visit by the foreign press last week that he had visited Arecibo. "We drew a lot of inspiration from its structure, which we gradually improved to build our telescope."Read more of this story at Slashdot.

Facebook told employees this week that it's developing a tool to summarize news articles so users won't have to read them. It also laid out early plans for a neural sensor to detect people's thoughts and translate them into action. From a report: [...] He [Facebook Chief Technology Officer Mike Schroepfer] also detailed a neural sensor to read commandments from people's brains. Having acquired neural interface startup CTRL-labs in 2019, Facebook demonstrated its progress in the field with a sensor that takes "neural signals coming from my brain, down my spinal cord along my arm, to my wrist" and allows a user to make a physical action. Schroepfer noted that it could be used for typing, holding a virtual object, or controlling a character in a video game. "We all get the privilege of seeing the future because we are making it," he said. Still, Facebook's chief technology officer seemed to anticipate any criticisms of the products -- or past failures -- by touting safety measures. "We have to build responsibly to earn trust and the right to continue to grow," he said. "It's imperative that we get this right so that people around the world get all these amazing technologies ... without experiencing the downsides."Read more of this story at Slashdot.

Facebook said it would assist the company behind popular videogame "Fortnite" in its high-profile legal battle with Apple, as the social-media giant ramps up its own counterattack against what it says are the iPhone maker's self-serving measures cloaked in the interest of privacy. From a report: Facebook has been feuding with Apple for months on issues ranging from prices for paid apps to privacy rule changes. As part of a pledge to assist challenges to what it called Apple's anticompetitive behavior, Facebook plans to provide supporting materials and documents to Epic Games Inc. The "Fortnite" parent sued Apple earlier this year, claiming the tech giant's App Store operates like a monopoly. Facebook said it isn't joining the lawsuit but helping with discovery as the case heads to trial next year.Read more of this story at Slashdot.

Nigeria's telecommunications regulator ordered mobile-phone users to link their devices to their national identity numbers, raising the prospect of millions of lines being blocked. From a report: Subscribers have until Dec. 31 to comply with the requirement, the Nigerian Communications Commission said in a statement Tuesday on its website. Failure to do so will result in their phone lines being cut off in January, it said. Africa's largest economy had about 196 million active phone lines as of June 2020, NCC data shows. At the same time, only 41.5 million Nigerians had the required identity numbers, according to information on the website of the National Identity Management Commission, which is in charge of registrations. MTN Group's local unit is the biggest wireless operator in the West African country. Airtel Africa, which listed in Lagos and London last year, vies with local operator Globacom to be the country's second-biggest carrier.Read more of this story at Slashdot.

Dutch prosecutors have found a hacker did successfully log in to Donald Trump's Twitter account byguessing his password -- "MAGA2020!" From a report: But they will not be punishing Victor Gevers, who was acting "ethically." Mr Gevers shared what he said were screenshots of the inside of Mr Trump's account on 22 October, during the final stages of the US presidential election. But at the time, the White House denied it had been hacked and Twitter said it had no evidence of it. Mr Gevers said he was very happy with the outcome. "This is not just about my work but all volunteers who look for vulnerabilities in the internet," he said. The well respected cyber-security researcher said he had been conducting a semi-regular sweep of the Twitter accounts of high-profile US election candidates, on 16 October, when he had guessed President Trump's password.Read more of this story at Slashdot.

Australia's Competition and Consumer Commission (ACCC) is suing Facebook over its use, in 2016 and 2017, of the Onavo VPN app to spy on users for commercial purposes. From a report: The ACCC's case accuses Facebook of false, misleading or deceptive conduct toward thousands of Australian consumers, after it had promoted the Onavo Protect app -- saying it would keep users personal activity data private, protected and secret and not use it for any other purpose, when it was being used to gather data to help Facebook's business. "Through Onavo Protect, Facebook was collecting and using the very detailed and valuable personal activity data of thousands of Australian consumers for its own commercial purposes, which we believe is completely contrary to the promise of protection, secrecy and privacy that was central to Facebook's promotion of this app," said ACCC chair Rod Sims in a statement. "Consumers often use VPN services because they care about their online privacy, and that is what this Facebook product claimed to offer. In fact, Onavo Protect channelled significant volumes of their personal activity data straight back to Facebook."Read more of this story at Slashdot.

A group of major U.S. news publishers have joined the Coalition for App Fairness (CAF), the advocacy group pushing for increased regulation over app stores and fair treatment for all developers. The publisher trade association now joining CAF is Digital Content Next, a representative for the AP, The New York Times, NPR, ESPN, Vox, The Washington Post, Meredith, Bloomberg, NBCU, The Financial Times, and many others. The organization is now the 50th member for CAF and the first to represent the news and media business in the U.S. From a report: It joins other media organizations who are already CAF members, including the European Publishers Council, News Media Europe, GESTE, and Schibsted, as well as CAF founding members like Basecamp, Blix, Blockchain.com, Deezer, Epic Games, Match Group, Prepear, Protonmail, Skydemon, Spotify, and Tile, plus a growing number of smaller developers. DCN's members, combined, reach an audience over over 223 million unique visitors and 100% of the U.S. online population, it says. Its publishers provide access to content on a subscription-based model that, according to its statements, Apple "severely impacts" by serving as an intermediary.Read more of this story at Slashdot.

Facebook attacked Apple in a series of full-page newspaper ads Wednesday, claiming the iPhone maker's anticipated mobile software changes around data gathering and targeted advertising are bad for small businesses. From a report: The ads, slated to run in the New York Times, Wall Street Journal and Washington Post, carry the headline "We're standing up to Apple for small businesses everywhere." They home in on upcoming changes to Apple's iOS 14 operating system that will curb the ability of companies like Facebook to gather data about mobile users and ply them with advertising. Facebook previously told investors that Apple's changes, scheduled to go live early next year, will lead to significant headwinds because most of its advertisers are small businesses. Apple has pushed back, accusing Facebook in November of showing a "disregard for user privacy." "While limiting how personalized ads can be used does impact larger companies like us, these changes will be devastating to small businesses," Facebook claims. The social giant, citing its own data, says ads that disregard personalized targeting generate 60% fewer sales than ads that do target consumers. The newspaper ads are the latest in what has become a vicious and public battle between two of the world's most valuable companies.Read more of this story at Slashdot.

Bitcoin breached the $20,000 level for the first time in history Wednesday, as crypto enthusiasts pointed to increased demand from institutional investors for the red-hot digital currency. From a report: The world's most-valuable virtual currency traded 4% higher to a price of around $20,327, according to market data from Coin Metrics, taking its year-to-date gains to more than 180%. Bitcoin has been on a tear this year. Analysts say it's gotten a boost from big-name investors such as Paul Tudor Jones and Stanley Druckenmiller moving their own assets into the cryptocurrency, while tech firms such as Square and MicroStrategy have also sought to flock into bitcoin.Read more of this story at Slashdot.

TikTok routes the personal data of job applicants through servers in China, and only discloses this to candidates in certain countries, Business Insider has discovered. From a report: US job candidates, notably, are not told their data will be routed through China. Some of the personal information TikTok says it collects about applicants is potentially highly sensitive, with the firm's own policies stating that it collects medical data; sex and race data; marital status; geolocation data, among many other categories. The revelation is an embarrassment for TikTok, which has spent much of 2020 maintaining that it is separate to its Chinese owner ByteDance, and fending off unproven insinuations by President Trump that it funnels user data to China. After being approached by Business Insider, TikTok said it would no longer store job applicant data in China.Read more of this story at Slashdot.

samleecole shares a report from Motherbard: Forty victims of sex trafficking operation Girls Do Porn have filed a lawsuit against Mindgeek, Pornhub's parent company, for a litany of accusations, including knowingly benefiting from Girls Do Porn videos on Pornhub and failing to moderate the images circulating rampantly on its network of tube sites. >In total, the lawsuit is demanding more than $40 million in damages -- at least $1 million per plaintiff -- as well as the money Mindgeek earned from hosting and promoting their videos and legal fees. "As a proximate result of MindGeek's knowing financial benefit and participation in GirlsDoPorn's sex trafficking venture, Plaintiffs have suffered damages, including, but not limited to, severe emotional distress, significant trauma, attempted suicide, and social and familial ostracization," the complaint states. Filed with the United States District Court for the Southern District of California on December 15 by attorneys Brian Holm and John O'Brien, the 43-page complaint details the suffering of these alleged victims of Girls Do Porn, and claims that each of the 40 plaintiffs became suicidal because of the harassment they endured when their videos spread non-consensually across the internet, including across Mindgeek's network of porn sites. Girls Do Porn was a sex trafficking operation that forced and coerced dozens of women as young as 18 into sex on camera, and lied to them about where and how the videos would be distributed. The women were told by everyone involved, from cast and crew to the owner, that the videos would not appear online. After filming, their videos were uploaded to Girls Do Porn's own site, as well as Pornhub, where the Girls Do Porn monetized its videos as a Pornhub "content partner." Pornhub also promoted Girls Do Porn as a content partner even after women in Girls Do Porn videos came forward about abuse and sued it. Last week, following a report from The New York Times about allegations of child sexual abuse imagery on the site, Pornhub changed its police to only allow verified uploads and downloads. Soon after, Mastercard and Visa stopped processing payments for Pornhub.Read more of this story at Slashdot.

SolarWinds has removed a list of high-profile clients from its website in the wake of a massive breach, "suggesting the company may be trying to obscure its clients in an effort to protect them from bad publicity," reports The Verge. From the report: The list of vulnerable companies is much smaller than SolarWinds' overall client list, so simply appearing on the list doesn't mean a company has been affected. SolarWinds claims that only 33,000 companies use the Orion product, compared to its total client base of 330,000. Out of that 33,000, the company estimates that fewer than 18,000 were directly impacted by a malicious update, and the list of directly targeted companies is likely even smaller. Still, there is much about the attack that remains unknown, and it is possible that additional compromises have yet to be discovered. SolarWinds' overall client list includes a broad range of sensitive organizations. Before its removal, the page boasted a broad range of clients, including more than 425 of the companies listed on the Fortune 500 as well as the top 10 telecom operators in the United States. In an article on Monday, The New York Times cited a number of organizations as vulnerable that are not cited on the public client page, including Boeing and Los Alamos National Laboratory. Other organizations have been cagey about their own exposure, even within the federal government. Several news outlets have reported that the breach affected the Department of Homeland Security, but the department has not made any official statement regarding its exposure.Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: While it doesn't appear to be completely down like it was yesterday morning, we're hearing many reports from Gmail users that the email service is having major issues right now. Some users are reporting that Gmail is particularly slow, while others are reporting constant error messages. One TechCrunch writer, meanwhile, noticed that emails he was sending to Gmail accounts appeared to immediately bounce, with Gmail's server responding with an error reading "550-5.1.1 The email account that you tried to reach does not exist." Google confirms the issues on its services dashboard, writing at 1:30 PM Pacific that they're impacting a "significant" number of users: "We're aware of a problem with Gmail affecting a significant subset of users. The affected users are able to access Gmail, but are seeing error messages, high latency, and/or other unexpected behavior." In a second update at 2:30 PM, Google says its teams are "continuing to investigate this issue"; as of 3:30 PM, the company says it expects the issues to be fixed by 4:00 PM while noting that time may change. Google says the problems have been resolved, although encrypted email service ProtonMail tweets that the email bouncing issue is widespread, with many emails sent to Gmail users bouncing permanently.Read more of this story at Slashdot.

Intel became the latest tech company to report diversity statistics Tuesday, sharing a mixed bag of annual numbers that included small gains in some areas, relatively flat numbers of Black employees and a decline in female representation in the U.S. Axios reports: Women made up a bit more than a quarter of Intel's employee headcount, seeing a tiny drop in the U.S. compared to last year and a similarly minuscule increase over the same period for Intel's total global workforce. The percentage of underrepresented minorities in the U.S. workforce ticked up by a fraction of a percentage point, coming in at just over 16%. African American representation was flat at 4.9%. "It may be slower than we would like but at least the conversation is on the table," Intel's interim chief diversity and inclusion officer Dawn Jones told Axios. Intel's inability to significantly boost the diversity of its workforce is far from unique in the industry. Intel wants to set up an industry-wide effort that would work to help standardize ways of measuring different diversity statistics from one company to another.Read more of this story at Slashdot.

Twitter has announced that it'll be shutting down Periscope as a service, with the company set to discontinue the Periscope applications by March 2021. The Verge reports: Twitter will, however, continue to offer live video streaming through its integrated Twitter Live feature within the main Twitter app. "The Periscope app is in an unsustainable maintenance-mode state, and has been for a while," the company explained in a blog post. "Over the past couple of years, we've seen declining usage and know that the cost to support the app will only continue to go up over time." While Periscope won't be fully shut down until March, the company is already blocking any new account signups starting in the latest update to the apps, which is rolling out today. Users will have the chance to download an archive of both their Periscope videos and their data before the app is shuttered next year. Additionally, the Periscope website will remain active to serve as a "read-only archive of public broadcasts." Periscope will also be "relaxing our requirements" for users to apply to become "Super Broadcasters," the company's term for select users who are given the opportunity to cash out tips given to them by followers. Broadcasters will have until April 30th, 2021, to finish cashing out their tips.Read more of this story at Slashdot.

An anonymous reader quotes a report from The Conversation: When wildfires swept through the hills near Santa Cruz, California, in 2020, they released toxic chemicals into the water supplies of at least two communities. One sample found benzene, a carcinogen, at 40 times the state's drinking water standard. Our testing has now confirmed a source of these chemicals, and it's clear that wildfires aren't the only blazes that put drinking water systems at risk. In a new study, we heated plastic water pipes commonly used in buildings and water systems to test how they would respond to nearby fires. The results, released Dec. 14, show how easily wildfires could trigger widespread drinking water contamination. They also show the risks when only part of a building catches fire and the rest remains in use. In some of our tests, heat exposure caused more than 100 chemicals to leach from the damaged plastics. To determine if plastic pipes could be responsible for drinking water contamination after wildfires, we exposed commonly available plastic pipes to heat. The temperatures were similar to the heat from a wildfire that radiates toward buildings but isn't enough to cause the pipes to catch fire. We tested several popular plastic drinking water pipes, including high-density polyethylene (HDPE), crosslinked polyethylene (PEX), polyvinyl chloride (PVC) and chlorinated polyvinylchloride (CPVC). Benzene and other chemicals were generated inside the plastic pipes just by heating. After the plastics cooled, these chemicals then leached into the water. It happened at temperatures as low as 392 degrees Fahrenheit. Fires can exceed 1,400 degrees. While researchers previously discovered that plastics could release benzene and other chemicals into the air during heating, this new study shows heat-damaged plastics can directly leach dozens of toxic chemicals into water. What can be done about the contamination? The report says a community can stop water contamination if they can quickly isolate the damaged pipes. Rinsing heat-damaged pipes can also work, but some plastic pipes require more than 100 days of nonstop water rinsing to be safe to use. If that's the case, the pipes may need to be replaced instead. "Water companies can install network isolation valves and backflow prevention devices, to prevent contaminated water moving from a damaged building into the utility pipe network," the report adds. "Insurance companies can use pricing to encourage property owners and cities to install fire-resistant metal pipes instead of plastic. Rules for keeping vegetation away from meter boxes and buildings can also lessen the chance heat reaches plastic water system components."Read more of this story at Slashdot.

Rival French and Russian disinformation campaigns have sought to deceive and influence Internet users in the Central African Republic ahead of an election later this month, Facebook said on Tuesday. Reuters reports: Facebook said it was the first time it had seen foreign influence operations directly engage on its platforms, with fake accounts denouncing each other as "fake news." The company said it had suspended three networks totaling almost 500 accounts and pages for so-called "coordinated inauthentic behavior." One network was linked to "individuals associated with French military," it said, while the other two had connections to "individuals associated with past activity by the Russian Internet Research Agency" as well as Russian businessman Evgeny Prigozhin. France and Russia are both keen to assert influence in Africa. Paris has ties with many French-speaking African countries, which it sees as vital to preventing the spread of violent Islamisation, and Moscow is jockeying for position in a lucrative market. Facebook said the two campaigns largely focused on the Central African Republic (CAR), which votes on Dec. 27, but also targeted users in 13 other African countries including Algeria, Cameroon, Libya and Sudan. Ben Nimmo, head of investigations at social media analytics firm Graphika, said both campaigns used fake accounts to pose as local people, sometimes sharing doctored photos. [...] But neither side built a significant audience in CAR, he added. "They looked like two troll teams arm wrestling, with nobody else really paying attention."Read more of this story at Slashdot.

Starting in 2021, Walmart will use fully autonomous box trucks to make deliveries in Arkansas without any safety drivers in the vehicles. The Verge reports: The big-box retailer has been working with a startup called Gatik on a delivery pilot for 18 months. Gatik, which is based in Palo Alto and Toronto, outfitted several multitemperature box trucks with sensors and software to enable autonomous driving. Since last year, those trucks have been operating on a two-mile route between a "dark store" (a store that stocks items for fulfillment but isn't open to the public) and a nearby Neighborhood Market in Bentonville, Arkansas. Since then, the vehicles have racked up 70,000 miles in autonomous mode with a safety driver. Next year, the companies intend to start incorporating fully autonomous trucks into those deliveries. And they plan on expanding to a second location in Louisiana, where trucks with safety drivers will begin delivering items from a "live" Walmart Supercenter to a designated pickup location where customers can retrieve their orders. Those routes, which will begin next year, will be longer than the Arkansas operation -- 20-miles between New Orleans and Metairie, Louisiana.Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: A Republican US senator from West Virginia has asked the government to block broadband funding earmarked for Frontier Communications, saying that the ISP is not capable of delivering gigabit-speed Internet service to all required locations. Sen. Shelley Moore Capito (R-W.Va.) outlined her concerns in a letter to Federal Communications Commission Chairman Ajit Pai last week. Capito told Pai that Frontier has mismanaged previous government funding and seems to lack both the technological capabilities and financial ability to deliver on its new obligations. Frontier, which filed for bankruptcy in April, is one of 180 ISPs that won funding in the FCC's Rural Digital Opportunity Fund (RDOF) reverse-auction results announced last week. Frontier is due to receive $370.9 million over 10 years to bring broadband to 127,188 homes and businesses in eight states. Frontier's biggest payout is in West Virginia, where it is due to receive $247.6 million over 10 years to expand its broadband network to 79,391 locations. Frontier won over two-thirds of the funding that the FCC allocated to West Virginia despite failing to hit FCC deadlines for a previous round of subsidized broadband deployment in West Virginia and other states. Under the previous funding allocated in 2015 via the FCC's Connect America Fund, Frontier was originally required to meet the build deadlines by the end of 2020. Frontier told Ars today that it will now meet that deadline "by the end of 2021." Capito urged Pai to block Frontier's new funding by rejecting the ISP's long-form application, which must be completed by winning bidders in order to receive the allocated money. "The stakes are simply too high to provide nearly $250 million to a company that does not have the capability to deliver on the commitments made to the FCC," she wrote. Under FCC rules, winning bidders must deploy broadband to 40 percent of required locations in each state within three calendar years, to 60 percent within four years, 80 percent within five years, and 100 percent within six years. Because Frontier won funding in the gigabit tier, it is required to offer download speeds of 1Gbps and upload speeds of 500Mbps along with monthly usage allowances of at least 2TB.Read more of this story at Slashdot.

An anonymous reader quotes a report from ZDNet: Microsoft and a coalition of tech companies have intervened today to seize and sinkhole a domain that played a central role in the SolarWinds hack, ZDNet has learned from sources familiar with the matter. The domain in question is avsvmcloud[.]com, which served as command and control (C&C) server for malware delivered to around 18,000 SolarWinds customers via a trojanized update for the company's Orion app. SolarWinds Orion updates versions 2019.4 through 2020.2.1, released between March 2020 and June 2020, contained a strain of malware named SUNBURST (also known as Solorigate). Once installed on a computer, the malware would sit dormant for 12 to 14 days and then ping a subdomain of avsvmcloud[.]com. According to analysis from security firm FireEye, the C&C domain would reply with a DNS response that contained a CNAME field with information on another domain from where the SUNBURST malware would obtain further instructions and additional payloads to execute on an infected company's network. Earlier today, a coalition of tech companies seized and sinkholed avsvmcloud[.]com, transferring the domain into Microsoft's possession. Sources familiar with today's actions described the takedown as "protective work" done to prevent the threat actor behind the SolarWinds hack from delivering new orders to infected computers.Read more of this story at Slashdot.

Microsoft is rolling out an update today that brings native support for Apple's M1 chip to the Windows productivity suite. "The apps getting the updates are Word, Excel, Outlook, PowerPoint, and OneNote," reports The Verge. "Notably absent, however, is Teams." From the report: The updates are making the apps universal ones -- meaning these versions will run on both Intel and Apple Silicon Macs, so any upcoming updates or features will be coming at the same time for both platforms. [...] Office users who have automatic updates turned on should have the new versions sometime today, and anyone else can update it through the Mac App Store or Microsoft's AutoUpdate software (depending on if you downloaded Office through the App Store or directly from Microsoft). Outlook users will get not only native Apple Silicon support, but support for iCloud accounts as well, allowing them to sync their email, contacts, and calendars to the app if they use Apple's service to store them. Teams isn't included in today's rollout of updates, but Microsoft says they're working on it. No timeline is available, though.Read more of this story at Slashdot.

Academics from an Israeli university have published new research today detailing a technique to convert a RAM card into an impromptu wireless emitter and transmit sensitive data from inside a non-networked air-gapped computer that has no Wi-Fi card. From a report: Named AIR-FI, the technique is the work of Mordechai Guri, the head of R&D at the Ben-Gurion University of the Negev, in Israel. Over the last half-decade, Guri has led tens of research projects that investigated stealing data through unconventional methods from air-gapped systems. [...] At the core of the AIR-FI technique is the fact that any electronic component generates electromagnetic waves as electric current passes through. Since Wi-Fi signals are radio waves and radio is basically electromagnetic waves, Guri argues that malicious code planted on an air-gapped system by attackers could manipulate the electrical current inside the RAM card in order to generate electromagnetic waves with the frequency consistent with the normal Wi-Fi signal spectrum (2,400 GHz). In his research paper, titled "AIR-FI: Generating Covert WiFi Signals from Air-Gapped Computers," Guri shows that perfectly timed read-write operations to a computer's RAM card can make the card's memory bus emit electromagnetic waves consistent with a weak Wi-Fi signal. This signal can then be picked up by anything with a Wi-Fi antenna in the proximity of an air-gapped system, such as smartphones, laptops, IoT devices, smartwatches, and more. Guri says he tested the technique with different air-gapped computer rigs where the Wi-Fi card was removed and was able to leak data at speeds of up to 100 b/s to devices up to several meters away.Read more of this story at Slashdot.

When large companies like Netflix or Amazon want to test the resilience of their systems, they use chaos engineering tools designed to help them simulate worst-case scenarios and find potential issues before they even happen. Today at AWS re:Invent, Amazon CTO Werner Vogels introduced the company's Chaos Engineering as a Service offering called AWS Fault Injection Simulator. From a report: The name may lack a certain marketing panache, but Vogels said that the service is designed to help bring this capability to all companies. "We believe that chaos engineering is for everyone, not just shops running at Amazon or Netflix scale. And that's why today I'm excited to pre-announce a new service built to simplify the process of running chaos experiments in the cloud," Vogels said. As he explained, the goal of chaos engineering is to understand how your application responds to issues by injecting failures into your application, usually running these experiments against production systems. AWS Fault Injection Simulator offers a fully managed service to run these experiments on applications running on AWS hardware.Read more of this story at Slashdot.

An anonymous reader shares a report: On an earnings call two months ago, SolarWinds Chief Executive Kevin Thompson touted how far the company had gone during his 11 years at the helm. There was not a database or an IT deployment model out there to which his Austin, Texas-based company did not provide some level of monitoring or management, he told analysts on the Oct. 27 call. "We don't think anyone else in the market is really even close in terms of the breadth of coverage we have," he said. "We manage everyone's network gear." Now that dominance has become a liability -- an example of how the workhorse software that helps glue organizations together can turn toxic when it is subverted by sophisticated hackers. On Monday, SolarWinds confirmed that Orion -- its flagship network management software -- had served as the unwitting conduit for a sprawling international cyberespionage operation. The hackers inserted malicious code into Orion software updates pushed out to nearly 18,000 customers. [...] Cybersecurity experts across government and private industry are still struggling to understand the scope of the damage, which some are already calling one of the most consequential breaches in recent memory. [...] Experts are reviewing their notes to find old examples of substandard security at the company. Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds' update server by using the password "solarwinds123" "This could have been done by any attacker, easily," Kumar said. Others -- including Kyle Hanslovan, the cofounder of Maryland-based cybersecurity company Huntress -- noticed that, even days after SolarWinds realized their software had been compromised, the malicious updates were still available for download.Read more of this story at Slashdot.

High-frequency traders are using an experimental type of cable to speed up their systems by billionths of a second, the latest move in a technological arms race to execute stock trades as quickly as possible. From a report: The cable, called hollow-core fiber, is a next-generation version of the fiber-optic cable used to deliver broadband internet to homes and businesses. Made of glass, such cables carry data encoded as beams of light. But instead of being solid, hollow-core fiber is empty inside, with dozens of parallel, air-filled channels narrower than a human hair. Because light travels nearly 50% faster through air than glass, it takes about one-third less time to send data through hollow-core fiber than through the same length of standard fiber. The difference is often just a minuscule fraction of a second. But in high-frequency trading, that can make the difference between profits and losses. HFT firms use sophisticated algorithms and ultrafast data networks to execute rapid-fire trades in stocks, options and futures. Many are secretive about their trading strategies and technology. Hollow-core fiber is the latest in a series of advances that fast traders have used to try to outrace their competition. A decade ago, a company called Spread Networks spent about $300 million to lay fiber-optic cable in a straight line from Chicago to New York, so traders could send data back and forth along the route in just 13 milliseconds, or thousandths of a second. Within a few years the link was superseded by microwave networks that reduced transmission times along the route to less than nine milliseconds. HFT firms have also used lasers to zip data between the data centers of the New York Stock Exchange and Nasdaq, and they have embedded their algorithms in superfast computer chips. Now, faced with the limits of physics and technology, traders are left fighting over nanoseconds. "The time increments of these improvements have gotten markedly smaller," said Michael Persico, chief executive of Anova Financial Networks, a technology provider that runs communications networks used by HFT firms. High-frequency trading is controversial, with critics saying that some ultrafast strategies amount to an invisible tax on investors. Industry representatives say such criticism is unfounded.Read more of this story at Slashdot.

The U.S. Food and Drug Administration on Tuesday authorized the first coronavirus test that people will be able to buy at a local store without a prescription and use for immediate results at home to find out if they're positive or negative. From a report: The test will cost about $30 and be available by January, according to the Australian company that makes it, Ellume. The FDA had previously authorized other tests that let people avoid long lines by collecting a sample themselves at home. But those tests require people to send the sample to a lab and wait for the results. Another recently authorized test doesn't have to be sent off to a lab, but it requires a prescription to get it.The new test is the first that people will be able to buy without a prescription at a local store and do entirely at home on their own. It takes about five minutes to collect the sample and produces results within 15 minutes. "Today's authorization is a major milestone in diagnostic testing for COVID-19," FDA Commissioner Stephen Hahn said in a statement announcing the authorization.Read more of this story at Slashdot.

Facebook will shift all its users in the United Kingdom into user agreements with the corporate headquarters in California, moving them out of their current relationship with Facebook's Irish unit and out of reach of Europe's privacy laws. From a report: The change takes effect next year and follows a similar move announced in February by Google here. Those companies and others have European head offices in Dublin, and the UK's exit from the EU will change its legal relationship with Ireland, which remains in the Union. Initially, sources briefed on the matter told Reuters about the move. Facebook later confirmed it. "Like other companies, Facebook has had to make changes to respond to Brexit and will be transferring legal responsibilities and obligations for UK users from Facebook Ireland to Facebook. There will be no change to the privacy controls or the services Facebook offers to people in the UK," the company's UK arm said.Read more of this story at Slashdot.

IT software provider SolarWinds downplayed a recent security breach in documents filed with the US Securities and Exchange Commission on Monday. From a report: SolarWinds disclosed on Sunday that a nation-state hacker group breached its network and inserted malware in updates for Orion, a software application for IT inventory management and monitoring. Orion app versions 2019.4 through 2020.2.1, released between March 2020 and June 2020, were tainted with malware, SolarWinds said in a security advisory. The trojanized Orion update allowed attackers to deploy additional and highly stealthy malware on the networks of SolarWinds customers. But while initial news reports on Sunday suggested that all of SolarWinds' customers were impacted, in SEC documents filed today, SolarWinds said that of its 300,000 total customers, only 33,000 were using Orion, a software platform for IT inventory management and monitoring, and that fewer than 18,000 are believed to have installed the malware-laced update. The company said it notified all its 33,000 Orion customers on Sunday, even if they didn't install the trojanized Orion update, with information about the hack and mitigation steps they could take.Read more of this story at Slashdot.

The Food and Drug Administration has approved genetically engineered pigs for use in food and medical products. The pigs, developed by medical company Revivicor, could be used in the production of drugs, to provide organs and tissues for transplants, and to produce meat that's safe to eat for people with meat allergies. From a report: "Today's first-ever approval of an animal biotechnology product for both food and as a potential source for biomedical use represents a tremendous milestone for scientific innovation," said FDA Commissioner Stephen M. Hahn in a press release. The pigs are called GalSafe pigs because they lack a molecule called alpha-gal sugar, which can trigger allergic reactions. Alpha-gal sugar is found in many mammals, but not usually in humans. Alpha-gal syndrome (AGS), which causes a serious meat allergy, can happen after a bite from a lone star or deer tick. Though it hasn't been tested specifically for people with AGS yet, the FDA has determined GalSafe pork products are safe for the general population to eat. In addition to their potential for safer consumption, there are several potential medical uses for GalSafe pigs. They could be used to make drugs like heparin, a common blood-thinner derived from animal tissue, safer for people with AGS.Read more of this story at Slashdot.