[Most Recent Entries] [Calendar View]
Thursday, October 5th, 2023
| Time | Event |
| 12:02a | Linux Tries To Dump Windows' Notoriously Insecure RNDIS Protocol An anonymous reader quotes a report from ZDNet: Microsoft's proprietary protocol, Remote Network Driver Interface Specification (RNDIS), started with a good idea. It would enable hardware vendors to add networking support to USB devices without having to build them from scratch. There was only one little problem. RNDIS has no security to speak of. As Greg Kroah-Hartman, the Linux Foundation fellow responsible for stable Linux kernel releases, wrote in November 2022 on the Linux Kernel Mailing List (LKML), "The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all RNDIS drivers to prevent anyone from using them again." He added, in another message, "The protocol was never designed to be used with untrusted devices. It was created, and we implemented support for it, when we trusted USB devices that we plugged into our systems, AND we trusted the systems we plugged our USB devices into." That's no longer the case. Kroah-Hartman concluded, "Today, with untrusted hosts and devices, it's time just to retire this protocol. As I mentioned in the patch comments, Android disabled this many years ago in their devices, with no loss of functionality." [...] But now, sick and tired of having a built-in Windows security exploit in Linux, Kroah-Hartman has decided that enough was enough. He's disabled all the RNDIS protocol drivers in Linux's Git repository. That means that while the RNDIS code is still in the Linux kernel, if you try to build Linux using this new patch, all your RNDIS drivers will be broken and won't build. This is one step short of purging RNDIS from Linux. 
Read more of this story at Slashdot. |
| 12:45a | Researchers Say Current AI Watermarks Are Trivial To Remove Researchers from the University of Maryland (UMD) were able to easily evade the current methods of AI watermarking during testing and found it even easier to add fake emblems to images that weren't generated by AI. "But beyond testing how easy it is to evade watermarks, one UMD team notably developed a watermark that is near impossible to remove from content without completely compromising the intellectual property," reports Engadget. "This application makes it possible to detect when products are stolen." From the report: In a similar collaborative research effort (PDF) between the University of California, Santa Barbara and Carnegie Mellon University, researchers found that through simulated attacks, watermarks were easily removable. The paper discerns that there are two distinct methods for eliminating watermarks through these attacks: destructive and constructive approaches. When it comes to destructive attacks, the bad actors can treat watermarks like it's a part of the image. Tweaking things like the brightness, contrast or using JPEG compression, or even simply rotating an image can remove a watermark. However, the catch here is that while these methods do get rid of the watermark, they also mess with the image quality, making it noticeably worse. In a constructive attack, watermark removal is a bit more sensitive and uses techniques like the good old Gaussian blur. Although watermarking AI-generated content needs to improve before it can successfully navigate simulated tests similar to those featured in these research studies, it's easy to envision a scenario where digital watermarking becomes a competitive race against hackers. Until a new standard is developed, we can only hope for the best when it comes to new tools like Google's SynthID, an identification tool for generative art, which will continue to get workshopped by developers until it hits the mainstream. Further reading: Researchers Tested AI Watermarks -- and Broke All of Them
Read more of this story at Slashdot. |
| 1:25a | Kidnapped By a Runaway Electric Car Long-time Slashdot reader RockDoctor writes: Regardless of their other potential benefits, modern cars, and modern electric cars in particular, involve complex networks of computer code, hardware, and servo systems cooperating (?) to deliver services to the user, like acceleration, steering and braking. Slashdot nerderati know better than most that such complex networks can never show unexpected, non-designed behavior, due to the infallibility of hardware, program coders and system designers... Yeah. Right. "I'll have some of what he's been smoking!" That's Musk-grade optimism. On Sunday evening, a middle-aged driver in a "brand new" vehicle found it would not decelerate below 30mph (50kmph). He retained steering control, and avoided crashing until police vehicles "boxed in" his vehicle and helped him exit into a police van (most have sliding side doors) from the moving vehicle. The police then "carried out a controlled halt" on the unmanned vehicle, stopping it from driving away with the van's brakes until a roadside assistance technician arrived 3 hours later and managed to shut it down. "[W]hen the [technician] got to me [...] later, he plugged in the car to do a diagnostic check and there was pages of faults," said the "kidnapped" driver from Glasgow. "He said he had never seen anything like it and decided he was not willing to turn the engine on to see what was wrong." By inference, the vehicle did not have a mechanical brake ("hand brake": English; "parking brake": American), which should have been able to keep the vehicle halted regardless of the motor's actions (even if a "clutch" did get burned out). From the only time I've been inside an electric car, I can't say if that is normal; it's certainly something I'll look for if I ever rent another. Had the failure happened at 10 a.m. in the morning, not 10 p.m. in the evening, the body count could have been ... substantial. A dumb question, stemming from my only use of an electric car: do they have a weight sensor under the driver's seat that locks-out the main motor unless there is (say) 30kg in the driver's seat? Most have some such sensors -- they trigger the "seatbelt not fastened" alarm or silence it for empty seats -- but whether they can override the drive system ... ?
Read more of this story at Slashdot. |
| 2:02a | USFWS Is Creating a Frozen Library of Biodiversity To Help Endangered Species Kiley Price writes via Inside Climate News: In a new initiative announced on Tuesday, the U.S. Fish & Wildlife Service is working with the nonprofit Revive & Restore and other partners to create a "genetic library" of the country's endangered species -- before it's too late. Through a process called biobanking, FWS field staff are gathering biological samples such as blood, tissues and reproductive cells from animals to be cryogenically preserved at extremely low temperatures (at least -256 degrees Fahrenheit) and stored at a USDA facility in Colorado. The samples will also be genetically sequenced and this information will be uploaded to a publicly available database called GenBank, where researchers can study them and compare their genomes to other members of their species.
Read more of this story at Slashdot. |
| 3:30a | 3D Printer Uses Magnets To Break Speed Limits An anonymous reader quotes a report from Tom's Hardware: Resin printer company Peopoly created quite a buzz with the unveiling of a prototype beltless FDM 3D printer, the Magneto X, at the East Coast RepRap Festival. The new printer is a desk top machine with a huge 400 x 300 x 300 mm build volume and print speeds up to 800mm/s. It borrows a design feature seen on CNC machines: magnetic linear motors. Normally, 3D printers move their components with rotating stepper motors attached to gears and pulleys. The linear motor can be thought of as a flat, unrolled motor with the "rotor" attached to the moving component -- the tool head -- and the stator forming a track along one axis. Dubbed the "MagXY" system, the tool head seems to levitate across the gantry without obvious means. It has a top print speed of 800 mm/s with a max acceleration of 22,000 mm/s, which would make it faster than modern Core XY printers from Bambu Lab. Peopoly is using and supporting both Klipper firmware and OrcaSlicer, which founder Mark Peng said greatly helped speed up their development time. [...] Peopoly is leaning hard into the Open Source community. Not only have they become backers of Klipper firmware, they are also using -- and supporting -- Open Source OcraSlicer. The Magneto X's nozzles are compatible with the popular E3D's V6 volcano which suggests the machine will be open to modification by users. Peopoly also states its machine can be used without joining a cloud-based system and promises customer data will not be collected.
Read more of this story at Slashdot. |
| 7:00a | A New Satellite Outshines Some of the Brightest Stars in the Sky Becky Ferreira writes via the New York Times: Last November, a satellite in low-Earth orbit unfurled into an expansive array that extends across nearly 700 square feet, about the size of a studio apartment. The satellite, BlueWalker 3, has since become one of the brightest objects in the sky, outshining some of the most radiant stars in the Milky Way, according to a study published on Monday in Nature -- and it is just the first of dozens of similar satellites that are in development by AST SpaceMobile, a company that aims to keep smartphones connected from orbit. "The issue is not necessarily that one satellite," said Siegfried Eggl, an astrophysicist at the University of Illinois, Urbana-Champaign and an author of the new study, "but that it is a predecessor or prototype of a constellation, so there's going to be a lot of those out there eventually." Initially launched in September 2022, BlueWalker 3 is the forerunner of AST SpaceMobile's BlueBird satellites, which aim to serve as a network of orbital cell towers with the goal "to democratize access to knowledge and information regardless of where people live and work," a spokesperson for AST SpaceMobile said. Last month, BlueWalker 3 successfully relayed its first 5G connection to a smartphone in a cellular coverage gap on Earth. AST SpaceMobile is one of many companies racing to capture the surging demand for global broadband connectivity. "At the moment, there are 18 constellations that we know are planned all over the world," Dr. Eggl said. "The total number of satellites is a stunning half a million that people are planning to put up there. This is 100 times more than we already have." AST SpaceMobile made BlueWalker 3's array so large in order to beam strong cellular coverage directly to phones on Earth. The satellite is made of many small antennas that can connect existing smartphones, which is an approach that distinguishes the company from Starlink and other planned constellations that currently rely on ground antennas or dishes. [...] AST SpaceMobile said that it was working with astronomers on techniques to reduce disruptions. It also contrasted the number in its constellation with the tens of thousands planned by other companies. The spokesperson said it could "provide substantial global coverage with around 90 satellites." Though BlueBird satellites would be far fewer in number, they are at least 64 times as big and bright as a Starlink satellite. The SpaceX orbiters are also brightest in the days after their deployment, but they become much fainter once they settle into their target orbits. Astronomers expect that the BlueBird satellites will remain bright in the sky throughout most of their lifetime. As a consequence, one of these satellites could interfere with data captured by astronomical observatories.
Read more of this story at Slashdot. |
| 10:00a | Underground Thermal Energy Networks Are Becoming Crucial To the US's Energy Future An anonymous reader quotes a report from MIT Technology Review: Thirteen US states are now implementing underground thermal energy networks to reduce buildings' carbon emissions as part of a nationwide push to adopt cleaner energy sources. Thermal energy networks use pipe loops that connect multiple buildings and provide heating and cooling through water-source heat pumps. Geothermal heat is commonly used in these networks, but it is also possible to bring in waste heat from other buildings through the sewer system. When installed, these networks can provide efficient, fossil fuel-free heating and cooling to commercial and residential buildings. Thanks to legislative backing and widespread support from utility companies and labor unions they're likely to become an increasingly significant part of the future energy mix in the US. "Heat is the largest source of waste energy and it's an untapped resource," says Zeyneb Magavi, co-executive director at clean energy nonprofit HEET (Home Energy Efficiency Team). "Once we have a thermal energy network, we can tap into that resource by moving it to where we need it." While the projects are still at the planning and regulatory stage in most of the 13 states, construction is already underway in some. [...] The advantages of thermal energy networks extend beyond reducing carbon emissions. Scaling them up from a few buildings to a community or utility level can also help make the grid more resilient and efficient. Magavi says every time a "loop" of thermal energy network is added to the grid, its ability to predict and manage power flow becomes more accurate. This interconnectedness helps the system become more resilient in high-stress situations.
Read more of this story at Slashdot. |
| 1:00p | Men Overran a Job Fair For Women In Tech "Every year the Grace Hopper Celebration, a conference and career fair aimed at non-males, brings women in the tech industry together," writes long-time Slashdot reader piojo. "This year, a large number of men showed up. The women were not pleased." Wired reports: AnitaB.org, the nonprofit that runs the conference, said there was "an increase in participation of self-identifying males" at this year's event. The nonprofit says it believes allyship from men is important and noted it cannot ban men from attending due to federal nondiscrimination protections in the US. Organizers expressed frustration. Past iterations of the conference have "always felt safe and loving and embracing," said Bo Young Lee, president of advisory at AnitaB.org, in a LinkedIn post. "And this year, I must admit, I didn't feel this way." Cullen White, AnitaB.org's chief impact officer, said in a video posted to X, formerly Twitter, that some registrants had lied about their gender identity when signing up, and men were now taking up space and time with recruiters that should go to women. "All of those are limited resources to which you have no right," White said. [...] During the conference, videos posted to TikTok showed a sea of men waiting in line to enter the conference or speak with recruiters in the expo hall. Men and women are seen running into the expo as a staffer yells for them to slow down. Avni Barman, the founder of female-talent focused media platform Gen She, says she immediately noticed "tons" more men and a more chaotic scene this time compared to previous years. According to Layoffs.fyi, tech companies around the world laid off more than 400,000 workers in 2022 and 2023. "As job cuts bite, all prospective tech workers have become more desperate for opportunities," reports Wired.
Read more of this story at Slashdot. |
| 2:05p | Apple Considered, Rejected Switch To DuckDuckGo From Google Apple held talks with DuckDuckGo to replace Alphabet's Google as the default search engine for the private mode on Apple's Safari browser, but ultimately rejected the idea. From a report: The details of those talks -- and Apple's discussions about buying Microsoft's Bing search engine in 2018 and 2020 -- were revealed late Wednesday in transcripts unsealed by the judge overseeing the US government's antitrust trial against Google. US District Judge Amit Mehta ruled Wednesday that he would unseal the testimony of DuckDuckGo Chief Executive Officer Gabriel Weinberg and Apple executive John Giannandrea, both of whom testified in the Washington trial in closed sessions. Weinberg testified that DuckDuckGo had about 20 meetings and phone calls with Apple executives, including the head of Safari, in 2018 and 2019 about becoming the default search engine for private browsing mode. In private mode, Safari doesn't track websites that a user visits or keep a history of what a person has accessed. "We were talking about it, I thought they would launch it," Weinberg said, noting that Apple had integrated several of DuckDuckGo's other privacy technologies into Safari. "Multiple times we've gotten integrations all the way through the finish line. Really, almost everything we've pitched except for search." But Giannandrea, who joined Apple as the head of search in 2018, said that to his knowledge Apple hadn't considered switching to DuckDuckGo. In a February 2019 email to other Apple executives, Giannandrea said it was "probably a bad idea" to switch to DuckDuckGo for private browsing in Safari. "The motivating factor for setting DuckDuckGo as the default for private browsing was an assumption" that it would be more private, Giannandrea testified. Because DuckDuckGo relies on Bing for its search information, it also likely provides Microsoft some user information, he said, which led him to believe that DuckDuckGo's "marketing about privacy is somewhat incongruent with the details."
Read more of this story at Slashdot. |
| 2:41p | Amazon and Microsoft's Cloud Dominance Referred for UK Competition Probe Britain's anti-competition regulators have been tasked with investigating Microsoft and Amazon's dominance of the cloud computing market. From a report: Media watchdog Ofcom on Thursday referred its inquiry for further investigation to the Competition and Markets Authority, kickstarting the process. Ofcom said that it had identified features which make it more difficult for U.K. businesses to switch cloud providers, or use multiple cloud services, and that it is "particularly concerned" about the position of market leaders Amazon and Microsoft. "Some UK businesses have told us they're concerned about it being too difficult to switch or mix and match cloud provider, and it's not clear that competition is working well," Fergal Farragher, Ofcom's director responsible for the market study, said in a statement Thursday. "So, we're referring the market to the CMA for further scrutiny, to make sure business customers continue to benefit from cloud services." Ofcom is concerned that so-called "hyperscalers" like Amazon Web Services and Microsoft Azure are limiting competition in the cloud computing market. These are companies that allow businesses of all stripes to carry out critical computing tasks -- like storage and management of data, delivery of content, analytics and intelligence -- over the internet, rather than through servers stored on site, or "on premise."
Read more of this story at Slashdot. |
| 3:20p | Sony's High-Bitrate Movie Service is Now Available on PS5 and PS4 Sony is bringing its own movie streaming service to PlayStation consoles beginning today. From a report: Previously known as Bravia Core, the service is being rebranded to Sony Pictures Core as it arrives on the PS5 and PS4. "Once you sign up for Sony Pictures Core, you will be able to buy or rent up to 2,000 movies straight from your console," Sony's Evan Stern wrote in a blog post. "At launch, this will include blockbuster hits such as Spider-Man: Across the Spider-Verse, Spider-Man: No Way Home, Uncharted, The Equalizer, No Hard Feelings, Bullet Train, and Ghostbusters: Afterlife, among others." Now, you can rent or buy those movies in any number of places. If you're wondering why you'd want to use Sony's service, the answer is video fidelity. As noted on the Bravia Core website, it includes what the company calls Pure Stream, "which can stream HDR movies at up to 80Mbps -- similar to 4K UHD Blu-ray -- on a wide range of content." That is a significantly higher bitrate than anything Netflix, Amazon Prime Video, Max, Vudu, or other streamers will give you. So, if you're a stickler for picture quality and have the right TV for it, you should notice greater detail when using Pure Stream. In addition to all that, Sony also claims it has the largest collection of IMAX Enhanced films of any streaming service.
Read more of this story at Slashdot. |
| 4:00p | UN Report Urges Global End To Fossil Fuel Exploration by 2030 Fossil fuel exploration should cease globally by 2030 and funding to rescue poor countries from the impacts of the climate crisis should reach $200bn to $400bn a year by the same date, according to proposals in a UN report before the next climate summit. The Guardian: Countries were still "way off track" to meet the goals of the 2015 Paris climate agreement, the report found, and much more action would be needed to make it possible to limit global heating to 1.5C above preindustrial levels. The UN's synthesis report on the global stocktake, published on Wednesday, will form the basis for discussions at the Cop28 conference in Dubai, which begins at the end of November. The global stocktake is a process mandated under the Paris agreement, intended to check every five years on countries' progress on meeting their emissions-cutting goals. Simon Stiell, the UN's climate chief, said the report offered a range of actions for governments to consider. "[These are] clear targets which provide a north star for the action that is required by countries," he said. Greenhouse gas emissions are still rising but there is broad agreement they must peak by 2025 at the latest if there is to be a chance of limiting temperature rises to 1.5C. "This is a major opportunity being presented for the course correction that is so urgently called for," Stiell said. "[The report] lays out elements that can be incorporated into a response." But while most countries agreed on the need to change direction, he said, there was "significant divergence" on how to achieve the changes needed.
Read more of this story at Slashdot. |
| 4:40p | 4chan Uses Bing To Flood the Internet With Racist Images samleecole writes: 4chan users are coordinating a posting campaign where they use Microsoft Bing's AI text-to-image generator to create racist images that they can then post across the internet. The news shows how users are able to manipulate free to access, easy to use AI tools to quickly flood the internet with racist garbage, even when those tools are allegedly strictly moderated. "We're making propaganda for fun. Join us, it's comfy," the 4chan thread instructs. "MAKE, EDIT, SHARE." A visual guide hosted on Imgur that's linked in that post instructs users to use AI image generators, edit them to add captions that make them seem like political campaigns, and post them to social media sites, specifically Telegram, Twitter, and Instagram. 404 Media has also seen these images shared on a TikTok account that has since been removed. People being racist is not a technological problem. But we should pay attention to the fact that technology is "to borrow a programming concept" 10x'ing racist posters, allowing them to create more sophisticated content more quickly in a way we have not seen online before. Perhaps more importantly, they are doing so with tools that are allegedly "safe" and moderated so strictly, to a point where they will not generate completely harmless images of Julius Caesar. This means we are currently getting the worst of both worlds from Bing, an AI tool that will refuse to generate a nipple but is supercharging 4chan racists.
Read more of this story at Slashdot. |
| 5:20p | Epic Games To Update Unreal Engine Pricing for Devs Outside Game Industry A week after laying off almost 900 employees, Epic Games has said that it's increasing the price to use Unreal Engine -- just not for the game development community. From a report: The news came from Epic Games CEO Tim Sweeney himself in a presentation at Unreal Fest 2023. In a video captured by Fortnite Creative developer Immature, Sweeney explains that developers using Unreal Engine in the film, TV, automotive, and other industries can expect to start paying a per-seat licensing fee. He claimed that the pricing model will not be "unusually expensive or unusually inexpensive," and that its pricing structure will be similar to subscription services like Maya or Photoshop. Sweeney said he wanted to announce these changes now in the name of "transparency." He also shed some light on the business decisions that led to the company making unexpectedly significant business shifts in the last week. Apparently Epic Games began running into "financial problems" about 10 weeks ago, meaning that the company was facing some sort of financial downturn from late July through September. Evidently, all of Epic Games' business had been "heavily funded by Fortnite" in the last six years, and different parts of the company became "disconnected" from their revenue streams. It adds some context to previous comments made by Sweeney about the impact of declined Fortnite revenue -- if the company's signature game had started to not turn a profit, other parts of Epic Games may not have easily been able to make up for declining revenue.
Read more of this story at Slashdot. |
| 6:00p | AI Beats Human Sleuth at Finding Problematic Images in Research Papers An algorithm that takes just seconds to scan a paper for duplicated images racks up more suspicious images than a person. Nature: Scientific-image sleuth Sholto David blogs about image manipulation in research papers, a pastime that has exposed him to many accounts of scientific fraud. But other scientists "are still a little bit in the dark about the extent of the problem," David says. He decided he needed some data. The independent biologist in Pontypridd, UK, spent the best part of several months poring over hundreds of papers in one journal, looking for any with duplicated images. Then he ran the same papers through an artificial-intelligence (AI) tool. Working at two to three times David's speed, the software found almost all of the 63 suspect papers that he had identified -- and 41 that he'd missed. David described the exercise last month in a preprint, one of the first published comparisons of human versus machine for finding doctored images. The findings come as academic publishers reckon with the problem of image manipulation in scientific papers. In a 2016 study, renowned image-forensics specialist Elisabeth Bik, based in San Francisco, California, and her colleagues reported that almost 4% of papers she had visually scanned in 40 biomedical-science journals contained inappropriately duplicated images. Not all image manipulation is done with nefarious intent. Authors might tinker with images by accident, for aesthetic reasons or to make a figure more understandable. But journals and others would like to catch images with alterations that cross the line, whatever the authors' motivation. And now they are turning to AI for help. Some 200 universities, publishers and scientific societies already rely on Imagetwin, the tool that David used for his study. The software compares images in a paper with more than 25 million images from other publications -- the largest such database in the image-integrity world, according to Imagetwin's developers. Bik has been using Imagetwin regularly to supplement her own skills and calls it her "standard tool," although she emphasizes that the AI has weaknesses as well as strengths -- for instance, it can miss duplications in images with low contrast.
Read more of this story at Slashdot. |
| 6:40p | Tech-Backed Code.org Picks 'Creativity With AI' As Theme For 2023 Hour of Code theodp writes: With Microsoft President Satya Nadella testifying in the Google antitrust trial that the tech titans are engaged in a Generative AI Gold Rush, it's no surprise to learn that tech giant-backed and advised nonprofit Code.org has chosen "Creativity with AI" as the theme for this December's Hour of Code, the annual global event that aims to whet K-12 schoolchildren's appetite for rigorous computer science. "We're taking Hour of Code to new heights with 'Hour of Code: Creativity with AI'," explained Code.org. "Whether it's coding new apps and algorithms, generating unique art, or crafting choreography to get us dancing, AI is opening up fresh opportunities for digital expression that expand our understanding of creativity. What's new? Did you catch that reference to 'dancing'? That's right: Code.org's Dance Party [a 'CS lesson' developed in partnership with the 'childhood to career' Amazon Future Engineer program] will be better than ever this year! Coming soon, this Hour of Code activity will use generative AI to help students add awesome backgrounds and visuals to the dance parties they build with code."
Read more of this story at Slashdot. |
| 7:20p | September Broke the Global Heat Record by a 'Gobsmackingly Bananas' Margin The global average temperature for September broke records by such an absurd margin that climate experts are struggling to describe the phenomenon. From a report: "This month was -- in my professional opinion as a climate scientist -- absolutely gobsmackingly bananas," Zeke Hausfather, a researcher with Berkeley Earth, said on the social media platforms Bluesky and X. The numbers are stark. September 2023 beat the previous record for the month, set in 2020, by 0.5C (0.9F), according to data sets maintained by the Japan Meteorological Agency and the EU's Copernicus Climate Change Service. The temperature anomaly for the month was roughly 1.7C above pre-industrial levels, which is above the symbolic 1.5C mark set as the stretch goal in the Paris Agreement. "We've never really seen a jump anything quite of this magnitude," Hausfather said. "Half a degree C is analogous to slightly less than half of all the warming we've seen from pre-industrial [temperatures]." Carbon dioxide emissions from burning fossil fuels are the main driver of rising temperatures. The global average temperature this year has also seen a boost from El Nino, a natural climate shift in the Pacific. Other factors may also be pushing temperatures up incrementally, such as a decline in cooling aerosol pollution from ships. Hausfather said next September may be unlikely to have all the same compounding factors, and consequently may be not as extreme. But either way, he described September 2023 as a "sneak peek" of what the back-to-school month may feel like in a decade as climate change pushes temperatures higher.
Read more of this story at Slashdot. |
| 8:00p | Low Demand For Travis Scott Creates Liquidity Crisis In Ticket Reselling Economy samleecole writes: Tickets for rapper Travis Scott's upcoming tour sold out fast. Check StubHub right now, however, and you can find thousands of tickets to "sold out" shows in many cities for between $10 and $20, far below the face value for his cheapest tickets at $61.50 before fees when they first went on sale. In ticket reseller lingo, Scott's tour is a "bloodbath," the result of overzealous brokers and noobs "overbuying" tickets based on a miscalculation of the likely value of his tickets on the secondary market. Many brokers now stand to lose a lot of money on Scott's shows. At least part of this buying frenzy was fueled by a bet placed by PFS Buyers Club, a credit card maxing site I wrote about earlier this week that has recently pivoted from buying rare coins to buying concert tickets. PFS told its members to buy as many tickets to Scott's shows as possible, according to emails viewed by 404 Media. PFS itself stands to lose more than $1 million on Travis Scott alone when all is said and done, it told members. The entire situation, which has become a complicated mess, sheds light on a little-known segment of the ticket broker industry, where resellers partner with credit card "buyers clubs" to obtain tickets. The fiasco also highlights the risks associated with ticket reselling and shows how Ticketmaster profits from the secondary market, helping it sell out artists even before their ability to sell out venues is guaranteed, and passing that risk on to resellers.
Read more of this story at Slashdot. |
| 8:40p | Lockheed CEO Pitches Pentagon on Subscription Software A parallel acquisition system -- buying needed apps by monthly or yearly subscription to meet changing mission requirements -- could improve deterrence by complicating an enemy's war planning, Lockheed Martin's top executive suggested Wednesday. From a report: Jim Taiclet, Lockheed's CEO, said the idea behind this approach is similar to allowing a customer to buy a 5G phone in Seoul and have it operate with new applications as needed in Washington. Although "digital insertion" in this manner "hasn't caught on yet" inside the Pentagon, across the tech industry or the broad industrial base, Taiclet said it has the potential "to move that deterrence goal post every three to six months." Traditionally, the Defense Department and defense industry think in big contracts for platforms that take years to design, build and manufacture and service. Taiclet, however, sees large defense contractors such as Lockheed Martin as a bridge from the subscription-based tech sector to the big-contract Pentagon acquisition process. "We have to get our expertise together." He added this approach "is starting to get some traction" among large investors in the tech sector.
Read more of this story at Slashdot. |
| 9:20p | Microsoft Won't Say If Its Products Were Exploited By Spyware Zero-Days Microsoft has released patches to fix zero-day vulnerabilities in two popular open source libraries that affect several Microsoft products, including Skype, Teams and its Edge browser. But Microsoft won't say if those zero-days were exploited to target its products, or if the company knows either way. From a report: The two vulnerabilities -- known as zero-days because developers had no advance notice to fix the bugs -- were discovered last month, and both bugs have been actively exploited to target individuals with spyware, according to researchers at Google and Citizen Lab. The bugs were discovered in two common open source libraries, webp and libvpx, which are widely integrated into browsers, apps and phones to process images and videos. The ubiquity of these libraries coupled with a warning from security researchers that the bugs were abused to plant spyware prompted a rush by tech companies, phone makers and app developers to update the vulnerable libraries in their products. In a brief statement Monday, Microsoft said it had rolled out fixes addressing the two vulnerabilities in the webp and libvpx libraries which it had integrated into its products, and acknowledged that exploits exist for both vulnerabilities. When reached for comment, a Microsoft spokesperson declined to say if its products had been exploited in the wild, or if the company has the ability to know. Security researchers at Citizen Lab said in early September that they had discovered evidence that NSO Group customers, using the company's Pegasus spyware, had exploited a vulnerability found in the software of an up-to-date and fully patched iPhone.
Read more of this story at Slashdot. |
| 10:00p | Hundreds of US Schools Hit By Potentially Organized Swatting Hoaxes, Report Says An anonymous reader quotes a report from Ars Technica: Within the past year, there have been approximately five times more school shooting hoaxes called in to police than actual school shootings reported in 2023. Where data from Everytown showed "at least 103 incidents of gunfire on school grounds" in 2023, The Washington Post recently uncovered what seems to be a coordinated campaign of active shooter hoaxes causing "swattings" -- where police respond with extreme force to fake crimes -- at more than 500 schools nationwide over the past year. In just one day in February, "more than 30 schools were targeted," The Post reported. The Post "examined police reports, emergency call recordings, body-camera footage, or call logs in connection with incidents in 24 states," which seemed to reveal a "distinct pattern" potentially linking swatting hoaxes nationwide. A man who "speaks with a heavy accent" -- and possibly uses a device or app to alter his voice in real time -- relies on a virtual private network (VPN) to mask his IP address, then places the hoax calls on non-emergency lines using free Internet-calling services. He frequently pretends to be a teacher hiding from the fake shooter on campus and sometimes falsely reports student shootings. To some law enforcement officials, the voice sounds too similar from call to call to be chalked up to coincidence. The Post stitched together audio that shows why many authorities believe these hoax calls might be coming from the same caller, whose motivations are currently unknown. It's possible the hoax calls are being orchestrated by one person with a hostile compulsion or by one or several perpetrators advertising swatting services available for hire online. [...] According to The Post, the FBI has been investigating this string of school shooting hoaxes, but it's unclear how far that investigation has gotten -- mostly because tracing the hoax calls has perplexed many law enforcement agencies nationwide. Tracing calls is difficult partly because many VPN providers outside the US don't always cooperate with law enforcement, and some of the most popular free Internet-calling services only require an email address to sign up. However, The Post reported that it has increasingly become clear to law enforcement that one particular Internet-calling service appears to be the most popular choice for hoax callers reporting school shootings: TextNow. One police captain in Lousiana, Shannon Mack -- who is described as specializing in "cases involving Internet-based phone services -- told The Post that "nine times out of 10," hoax calls she has investigated have come from a TextNow number.
Read more of this story at Slashdot. |
| 10:40p | Lenovo PC Boss: 80% of Our Devices To Be Repairable By 2025 Paul Kunert writes via The Register: Talking on stage at the Canalys EMEA Forum 2023, Luca Rossi, senior vice resident at Lenovo and president of its Intelligent Devices Group, said the company has committed to a net zero emission policy by 2050, and analyzing the components used in its hardware is part of the equation. "On repairability, we have a plan that by 2025 more than 80 percent of the repair parts will be repaired again so that they they enter into the circular economy to reduce the impact to the environment." He added: "More than 80 percent of our devices will be able to be repaired at the customer, by the customer or by the channel and we are enabling this with a design for serviceability kind of approach." This means that "batteries, SSD, many things, will not any longer be sealed into the product but will be available for the customer to be to repaired on site and then save a lot of waste."
Read more of this story at Slashdot. |
| 11:20p | Hyundai, Kia To Adopt Tesla EV-Charging Standard From 2024 In US Hyundai and Kia said on Thursday that they will adopt Tesla's electric vehicle charging technology in the United States. Reuters reports: Joining their global peers, including Ford Motor, General Motors and Nissan in adopting Tesla's North American Charging Standard (NACS), Hyundai's and Kia's moves take the Elon Musk-led company's superchargers closer to becoming the industry standard at the expense of the rival Combined Charging System (CCS). Hyundai and Kia's new EVs will come with a NACS port, starting in the fourth quarter of 2024 in the United States, the companies said. However, in Canada, Hyundai EVs equipped with the NACS port would be available in the first half of 2025, while Kia's EVs with the technology by the end of 2024. The move gives Hyundai and Kia EVs with NACS ports access to more than 12,000 Tesla Superchargers across the United States, Canada, and Mexico, the companies said. The South Korean automakers also said that they would offer adapters to owners of existing and future Hyundai and Kia EVs with the current CCS giving them access to Tesla's Supercharging Network in the first quarter of 2025.
Read more of this story at Slashdot. |
| << Previous Day |
2023/10/05 [Calendar] |
Next Day >> |