[Most Recent Entries] [Calendar View]
Friday, March 1st, 2024
| Time | Event |
| 12:02a | Self-Pay Gas Station Pumps Break Across NZ As Software Can't Handle Leap Day An anonymous reader quotes a report from Ars Technica: Today is Leap Day, meaning that for the first time in four years, it's February 29. That's normally a quirky, astronomical factoid (or a very special birthday for some). But that unique calendar date broke gas station payment systems across New Zealand for much of the day. As reported by numerous international outlets, self-serve pumps in New Zealand were unable to accept card payments due to a problem with the gas pumps' payment processing software. The New Zealand Herald reported that the outage lasted "more than 10 hours." This effectively shuttered some gas stations, while others had to rely on in-store payments. The outage affected suppliers, including Allied Petroleum, BP, Gull, Waitomo, and Z Energy, and has reportedly been fixed. In-house payment solutions, such as BP fuel cards and the Waitomo app, reportedly still worked during the outage. A representative for Petroleum, when prompted via Facebook to "maybe remember Leap Day in four years' time," responded: "We'll add it to our Outlook reminders :(" 
Read more of this story at Slashdot. |
| 12:45a | The FBI Is Using Push Notifications To Catch Sexual Predators According to the Washington Post (paywalled), the FBI is using mobile push notification data to unmask people suspected of serious crimes, such as pedophilia, terrorism, and murder. Gizmodo reports: The Post did a little digging into court records and found evidence of at least 130 search warrants filed by the feds for push notification data in cases spanning 14 states. In those cases, FBI officials asked tech companies like Google, Apple, and Facebook to fork over data related to a suspect's mobile notifications, then used the data to implicate the suspect in criminal behavior linked to a particular app, even though many of those apps were supposedly anonymous communication platforms, like Wickr. How exactly is this possible? Push notifications, which are provided by a mobile operating system provider, include embedded metadata that can be examined to understand the use of the mobile apps on a particular phone. Apps come laced with a quiet identifier, a "push token," which is stored on the corporate servers of a company like Apple or another phone manufacturer after a user signs up to use a particular app. Those tokens can later be used to identify the person using the app, based on the information associated with the device on which the app was downloaded. Even turning off push notifications on your device doesn't necessarily disable this feature, experts contend. [...] If finding new ways to catch pedophiles and terrorists doesn't seem like the worst thing in the world, the Post article highlights the voices of critics who fear that this kind of mobile data could be used to track people who have not committed serious crimes -- like political activists or women seeking abortions in states where the procedure has been restricted.
Read more of this story at Slashdot. |
| 1:25a | Court Orders Maker of Pegasus Spyware To Hand Over Code To WhatsApp Stephanie Kirchgaessner reports via The Guardian: NSO Group, the maker of one the world's most sophisticated cyber weapons, has been ordered by a US court to hand its code for Pegasus and other spyware products to WhatsApp as part of the company's ongoing litigation. The decision by Judge Phyllis Hamilton is a major legal victory for WhatsApp, the Meta-owned communication app which has been embroiled in a lawsuit against NSO since 2019, when it alleged that the Israeli company's spyware had been used against 1,400 WhatsApp users over a two-week period. NSO's Pegasus code, and code for other surveillance products it sells, is seen as a closely and highly sought state secret. NSO is closely regulated by the Israeli ministry of defense, which must review and approve the sale of all licences to foreign governments. In reaching her decision, Hamilton considered a plea by NSO to excuse it of all its discovery obligations in the case due to "various US and Israeli restrictions." Ultimately, however, she sided with WhatsApp in ordering the company to produce"all relevant spyware" for a period of one year before and after the two weeks in which WhatsApp users were allegedly attacked: from 29 April 2018 to 10 May 2020. NSO must also give WhatsApp information "concerning the full functionality of the relevant spyware." Hamilton did, however, decide in NSO's favor on a different matter: the company will not be forced at this time to divulge the names of its clients or information regarding its server architecture.
Read more of this story at Slashdot. |
| 2:02a | Calendar Meeting Links Used To Spread Mac Malware Hackers targeting individuals in the cryptocurrency sector are using a sophisticated phishing scheme that begins with a malicious link on Calendly. "The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call," reports Krebs on Security. "But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems." From the report: A search in Google for a string of text from that script turns up a December 2023 blog post from cryptocurrency security firm SlowMist about phishing attacks on Telegram from North Korean state-sponsored hackers. "When the project team clicks the link, they encounter a region access restriction," SlowMist wrote. "At this point, the North Korean hackers coax the team into downloading and running a 'location-modifying' malicious script. Once the project team complies, their computer comes under the control of the hackers, leading to the theft of funds." SlowMist says the North Korean phishing scams used the "Add Custom Link" feature of the Calendly meeting scheduling system on event pages to insert malicious links and initiate phishing attacks. "Since Calendly integrates well with the daily work routines of most project teams, these malicious links do not easily raise suspicion," the blog post explains. "Consequently, the project teams may inadvertently click on these malicious links, download, and execute malicious code." SlowMist said the malware downloaded by the malicious link in their case comes from a North Korean hacking group dubbed BlueNoroff, which Kaspersky Labs says is a subgroup of the Lazarus hacking group. "A financially motivated threat actor closely connected with Lazarus that targets banks, casinos, fin-tech companies, POST software and cryptocurrency businesses, and ATMs," Kaspersky wrote of BlueNoroff in Dec. 2023.
Read more of this story at Slashdot. |
| 3:30a | ExxonMobil Is Suing Investors Who Want Faster Climate Action An anonymous reader quotes a report from NPR: ExxonMobil faces dozens of lawsuits from states and localities alleging the company lied for decades about its role in climate change and the dangers of burning fossil fuels. But now, ExxonMobil is going on the offensive with a lawsuit targeting investors who want the company to slash pollution that's raising global temperatures. Investors in publicly-traded companies like ExxonMobil try to shape corporate policies by filing shareholder proposals that are voted on at annual meetings. ExxonMobil says it's fed up with a pair of investor groups that it claims are abusing the system by filing similar proposals year after year in an effort to micromanage its business. ExxonMobil's lawsuit points to growing tensions between companies and activist investors calling for corporations to do more to shrink their climate impact and prepare for a hotter world. Interest groups on both sides of the case say it could unleash a wave of corporate litigation against climate activists. It is happening at a time when global temperatures continue to rise, and corporate analysts say most companies aren't on track to meet targets they set to reduce their heat-trapping emissions. "Exxon is really upping the ante here in a big way by bringing this case," says Josh Zinner, chief executive of an investor coalition called the Interfaith Center on Corporate Accountability, whose members include a defendant in the ExxonMobil case. "Other companies could use this tactic not just to block resolutions," Zinner says, "but to intimidate their shareholders from even bringing these [climate] issues to the table." ExxonMobil said in an email that it is suing the investor groups Arjuna Capital and Follow This because the U.S. Securities and Exchange Commission (SEC) isn't enforcing rules governing when investors can resubmit shareholder proposals. A court is the "the right place to get clarity on SEC rules," ExxonMobil said, adding that the case "is not about climate change." Other corporations are watching ExxonMobil's case, says Charles Crain, a vice president at the National Association of Manufacturers, which represents ExxonMobil and other industrial companies. "If companies are decreasingly able to get the SEC to allow them to exclude proposals that are obviously politically motivated, then the next question is, well, can the courts succeed where the SEC has failed -- or, more accurately, not even tried?," Crain says. "The shareholder proposal from Arjuna and Follow This called for ExxonMobil to cut emissions faster from its own operations and from its supply chain, including the pollution that's created when customers burn its oil and natural gas," notes NPR. "That indirect pollution, known as Scope 3 emissions, accounts for 90% of ExxonMobil's carbon footprint." "ExxonMobil says it is committed to cutting emissions from its operations. But the idea that activist investors like Arjuna and Follow This can quickly push the company out of the oil and gas business with new climate policies is 'simplistic and against the interests of the vast majority of ExxonMobil shareholders,' the company said in a court filing in Texas." The company added that while shareholders are entitled to submit proposals, they don't have "an unlimited right to put forth any proposal to do anything." "Their intent is to advance their agenda rather than creating long-term value for shareholders," ExxonMobil said of Arjuna and Follow This.
Read more of this story at Slashdot. |
| 7:00a | AI-Generated Articles Prompt Wikipedia To Downgrade CNET's Reliability Rating Wikipedia has downgraded tech website CNET's reliability rating following extensive discussions among its editors regarding the impact of AI-generated content on the site's trustworthiness. "The decision reflects concerns over the reliability of articles found on the tech news outlet after it began publishing AI-generated stories in 2022," adds Ars Technica. Futurism first reported the news. From the report: Wikipedia maintains a page called "Reliable sources/Perennial sources" that includes a chart featuring news publications and their reliability ratings as viewed from Wikipedia's perspective. Shortly after the CNET news broke in January 2023, Wikipedia editors began a discussion thread on the Reliable Sources project page about the publication. "CNET, usually regarded as an ordinary tech RS [reliable source], has started experimentally running AI-generated articles, which are riddled with errors," wrote a Wikipedia editor named David Gerard. "So far the experiment is not going down well, as it shouldn't. I haven't found any yet, but any of these articles that make it into a Wikipedia article need to be removed." After other editors agreed in the discussion, they began the process of downgrading CNET's reliability rating. As of this writing, Wikipedia's Perennial Sources list currently features three entries for CNET broken into three time periods: (1) before October 2020, when Wikipedia considered CNET a "generally reliable" source; (2) between October 2020 and present, when Wikipedia notes that the site was acquired by Red Ventures in October 2020, "leading to a deterioration in editorial standards" and saying there is no consensus about reliability; and (3) between November 2022 and January 2023, when Wikipedia considers CNET "generally unreliable" because the site began using an AI tool "to rapidly generate articles riddled with factual inaccuracies and affiliate links." Futurism reports that the issue with CNET's AI-generated content also sparked a broader debate within the Wikipedia community about the reliability of sources owned by Red Ventures, such as Bankrate and CreditCards.com. Those sites published AI-generated content around the same period of time as CNET. The editors also criticized Red Ventures for not being forthcoming about where and how AI was being implemented, further eroding trust in the company's publications. This lack of transparency was a key factor in the decision to downgrade CNET's reliability rating. A CNET spokesperson said in a statement: "CNET is the world's largest provider of unbiased tech-focused news and advice. We have been trusted for nearly 30 years because of our rigorous editorial and product review standards. It is important to clarify that CNET is not actively using AI to create new content. While we have no specific plans to restart, any future initiatives would follow our public AI policy."
Read more of this story at Slashdot. |
| 10:00a | Government Watchdog Hacked US Federal Agency To Stress-Test Its Cloud Security In a series of tests using fake data, a U.S. government watchdog was able to steal more than 1GB of seemingly sensitive personal data from the cloud systems of the U.S. Department of the Interior. The experiment is detailed in a new report by the Department of the Interior's Office of the Inspector General (OIG), published last week. TechCrunch reports: The goal of the report was to test the security of the Department of the Interior's cloud infrastructure, as well as its "data loss prevention solution," software that is supposed to protect the department's most sensitive data from malicious hackers. The tests were conducted between March 2022 and June 2023, the OIG wrote in the report. The Department of the Interior manages the country's federal land, national parks and a budget of billions of dollars, and hosts a significant amount of data in the cloud. According to the report, in order to test whether the Department of the Interior's cloud infrastructure was secure, the OIG used an online tool called Mockaroo to create fake personal data that "would appear valid to the Department's security tools." The OIG team then used a virtual machine inside the Department's cloud environment to imitate "a sophisticated threat actor" inside of its network, and subsequently used "well-known and widely documented techniques to exfiltrate data." "We used the virtual machine as-is and did not install any tools, software, or malware that would make it easier to exfiltrate data from the subject system," the report read. The OIG said it conducted more than 100 tests in a week, monitoring the government department's "computer logs and incident tracking systems in real time," and none of its tests were detected nor prevented by the department's cybersecurity defenses. "Our tests succeeded because the Department failed to implement security measures capable of either preventing or detecting well-known and widely used techniques employed by malicious actors to steal sensitive data," said the OIG's report. "In the years that the system has been hosted in a cloud, the Department has never conducted regular required tests of the system's controls for protecting sensitive data from unauthorized access." That's the bad news: The weaknesses in the Department's systems and practices "put sensitive [personal information] for tens of thousands of Federal employees at risk of unauthorized access," read the report. The OIG also admitted that it may be impossible to stop "a well-resourced adversary" from breaking in, but with some improvements, it may be possible to stop that adversary from exfiltrating the sensitive data.
Read more of this story at Slashdot. |
| 1:00p | How the Pentagon Learned To Use Targeted Ads To Find Its Targets An anonymous reader quotes an excerpt from a Wired article: In 2019, a government contractor and technologist named Mike Yeagley began making the rounds in Washington, DC. He had a blunt warning for anyone in the country's national security establishment who would listen: The US government had a Grindr problem. A popular dating and hookup app, Grindr relied on the GPS capabilities of modern smartphones to connect potential partners in the same city, neighborhood, or even building. The app can show how far away a potential partner is in real time, down to the foot. But to Yeagley, Grindr was something else: one of the tens of thousands of carelessly designed mobile phone apps that leaked massive amounts of data into the opaque world of online advertisers. That data, Yeagley knew, was easily accessible by anyone with a little technical know-how. So Yeagley -- a technology consultant then in his late forties who had worked in and around government projects nearly his entire career -- made a PowerPoint presentation and went out to demonstrate precisely how that data was a serious national security risk. As he would explain in a succession of bland government conference rooms, Yeagley was able to access the geolocation data on Grindr users through a hidden but ubiquitous entry point: the digital advertising exchanges that serve up the little digital banner ads along the top of Grindr and nearly every other ad-supported mobile app and website. This was possible because of the way online ad space is sold, through near-instantaneous auctions in a process called real-time bidding. Those auctions were rife with surveillance potential. You know that ad that seems to follow you around the internet? It's tracking you in more ways than one. In some cases, it's making your precise location available in near-real time to both advertisers and people like Mike Yeagley, who specialized in obtaining unique data sets for government agencies. Working with Grindr data, Yeagley began drawing geofences -- creating virtual boundaries in geographical data sets -- around buildings belonging to government agencies that do national security work. That allowed Yeagley to see what phones were in certain buildings at certain times, and where they went afterwards. He was looking for phones belonging to Grindr users who spent their daytime hours at government office buildings. If the device spent most workdays at the Pentagon, the FBI headquarters, or the National Geospatial-Intelligence Agency building at Fort Belvoir, for example, there was a good chance its owner worked for one of those agencies. Then he started looking at the movement of those phones through the Grindr data. When they weren't at their offices, where did they go? A small number of them had lingered at highway rest stops in the DC area at the same time and in proximity to other Grindr users -- sometimes during the workday and sometimes while in transit between government facilities. For other Grindr users, he could infer where they lived, see where they traveled, even guess at whom they were dating. Intelligence agencies have a long and unfortunate history of trying to root out LGBTQ Americans from their workforce, but this wasn't Yeagley's intent. He didn't want anyone to get in trouble. No disciplinary actions were taken against any employee of the federal government based on Yeagley's presentation. His aim was to show that buried in the seemingly innocuous technical data that comes off every cell phone in the world is a rich story -- one that people might prefer to keep quiet. Or at the very least, not broadcast to the whole world. And that each of these intelligence and national security agencies had employees who were recklessly, if obliviously, broadcasting intimate details of their lives to anyone who knew where to look. As Yeagley showed, all that information was available for sale, for cheap. And it wasn't just Grindr, but rather any app that had access to a user's precise location -- other dating apps, weather apps, games. Yeagley chose Grindr because it happened to generate a particularly rich set of data and its user base might be uniquely vulnerable. The report goes into great detail about how intelligence and data analysis techniques, notably through a program called Locomotive developed by PlanetRisk, enabled the tracking of mobile devices associated with Russian President Vladimir Putin's entourage. By analyzing commercial adtech data, including precise geolocation information collected from mobile advertising bid requests, analysts were able to monitor the movements of phones that frequently accompanied Putin, indicating the locations and movements of his security personnel, aides, and support staff. This capability underscored the surveillance potential of commercially available data, providing insights into the activities and security arrangements of high-profile individuals without directly compromising their personal devices.
Read more of this story at Slashdot. |
| 2:01p | Elon Musk Sues OpenAI and Sam Altman Elon Musk has sued OpenAI, its co-founders Sam Altman and Greg Brockman and affiliated entities, alleging the ChatGPT makers have breached their original contractual agreements by pursuing profits instead of the non-profit's founding mission to develop AI that benefits humanity. TechCrunch: Musk, a co-founder and early backer of OpenAI, claims Altman and Brockman convinced him to help found and bankroll the startup in 2015 with promises it would be a non-profit focused on countering the competitive threat from Google. The founding agreement required OpenAI to make its technology "freely available" to the public, the lawsuit alleges. The lawsuit, filed in a court in San Francisco late Thursday, says that OpenAI, the world's most valuable AI startup, has shifted to a for-profit model focused on commercializing its AGI research after partnering with Microsoft, the world's most valuable company that has invested about $13 billion into the startup. "In reality, however, OpenAI, Inc. has been transformed into a closed-source de facto subsidiary of the largest technology company in the world: Microsoft. Under its new board, it is not just developing but is actually refining an AGI to maximize profits for Microsoft, rather than for the benefit of humanity," the lawsuit adds. "This was a stark betrayal of the Founding Agreement."
Read more of this story at Slashdot. |
| 2:41p | Google Pulls Popular Indian Apps From Store Over Fees Violation An anonymous reader shares a report: Google pulled more than a dozen popular Indian apps including recruitment platform Naukri, matrimony service Shaadi, audio storytelling platforms Kuku FM and Stage and real-estate manager 99acres from Play Store on Friday after warning that it will be taking actions against developers who have persistently not complied with its billing policies, escalating a three-year dispute in what is the company's largest market by users. Google said that 10 companies in the country, including "many well-established" names it did not disclose, had avoided paying fees despite benefiting from the platform. The Android-maker, owned by Alphabet, said a small group of developers in India had more than three years to prepare and comply with Play Store's payments policy but opted against it. These firms continue to comply with payment policies of other app stores, Google said. Some Android apps of matrimony platforms Shaadi, Matrimony.com and Bharat Matrimony were pulled from the Play Store Friday. Info Edge's Naukri and 99acres, audio storytelling apps Kuku FM and Stage, Alt Balaji's Altt, dating service Quack Quack were also axed from the store. Murugavel Janakiraman, chief executive of Bharat Matrimony, said Google had pulled about 10 of the Indian firm's apps from the store. Bharat Matrimony is evaluating legal options, he told TechCrunch, adding that he believes Google has violated an Indian antitrust watchdog's order in its removal of the apps today. It's a "dark day for the India internet," he added. Lal Chand Bisu, co-founder and chief executive of Kuku FM lambasted at Google, saying the Android-maker had turned "the most evil" partner to do business with and the Indian startup ecosystem was "completely" in its control.
Read more of this story at Slashdot. |
| 3:20p | Google is Blocking RCS on Rooted Android Devices Google is cracking down on rooted Android devices, blocking multiple people from using the RCS message feature in Google Messages. From a report: Users with rooted phones -- a process that unlocks privileged access to the Android operating system, like jailbreaking iPhones -- have made several reports on the Google Messages support page, Reddit, and XDA's web forum over the last few months, finding they're suddenly unable to send or receive RCS messages. One example from Reddit user u/joefuf shows that RCS messages would simply vanish after hitting the send button. Several reports also mention that Google Messages gave no indication that RCS chat was no longer working, and was still showing as connected and working in Google Messages. In a statement sent to the Verge where we asked if Google is blocking rooted devices from using RCS, Google communications manager Ivy Hunt said the company is "ensuring that message-issuing/receiving devices are following the operating measures defined by the RCS standard" in a bid to prevent spam and abuse on Google Messages. In other words, yes, Google is blocking RCS on rooted devices.
Read more of this story at Slashdot. |
| 4:00p | Number of Government Agencies Have Concerns About 'Sideloading' on iPhone, Apple Says A number of government agencies in the European Union and elsewhere have voiced concerns about security risks as Apple opens up its iPhones and iPads to rival app stores to comply with EU tech rules, Apple said on Friday. From a report: Under the Digital Markets Act, from March 7 Apple will be required to offer alternative app stores on iPhones and allow developers to opt out of using its in-app payment system, which charges fees of up to 30%. The U.S. tech giant, which on Jan. 24 detailed the changes to bring its App Store in line with the EU rules, said "sideloading" has sparked concerns from both EU and non-EU government agencies and users.
Read more of this story at Slashdot. |
| 4:41p | HP Wants You To Pay Up To $36/Month To Rent a Printer That It Monitors HP launched a subscription service this week that rents people a printer, allots them a specific amount of printed pages, and sends them ink for a monthly fee. From a report: HP is framing its service as a way to simplify printing for families and small businesses, but the deal also comes with monitoring and a years-long commitment. Prices range from $6.99 per month for a plan that includes an HP Envy printer (the current model is the 6020e) and 20 printed pages. The priciest plan includes an HP OfficeJet Pro rental and 700 printed pages for $35.99 per month. HP says it will provide subscribers with ink deliveries when they're running low and 24/7 support via phone or chat (although it's dubious how much you want to rely on HP support). Support doesn't include on or offsite repairs or part replacements. The subscription's terms of service (TOS) note that the service doesn't cover damage or failure caused by, unsurprisingly, "use of non-HP media supplies and other products" or if you use your printer more than what your plan calls for. HP calls this an All-In-Plan; if you subscribe, the tech company will be all in on your printing activities. One of the most perturbing aspects of the subscription plan is that it requires subscribers to keep their printers connected to the Internet. HP seeks two-year subscriber commitments, charging up to $270 plus taxes if canceled early.
Read more of this story at Slashdot. |
| 5:21p | Apple Backtracks on Removing EU Home Screen Web Apps in iOS 17.4 Apple is reversing its previous decision to remove support for Home Screen web apps in iOS 17.4 for EU users. Apple's statement: Previously, Apple announced plans to remove the Home Screen web apps capability in the EU as part of our efforts to comply with the DMA. The need to remove the capability was informed by the complex security and privacy concerns associated with web apps to support alternative browser engines that would require building a new integration architecture that does not currently exist in iOS. We have received requests to continue to offer support for Home Screen web apps in iOS, therefore we will continue to offer the existing Home Screen web apps capability in the EU. This support means Home Screen web apps continue to be built directly on WebKit and its security architecture, and align with the security and privacy model for native apps on iOS. Developers and users who may have been impacted by the removal of Home Screen web apps in the beta release of iOS in the EU can expect the return of the existing functionality for Home Screen web apps with the availability of iOS 17.4 in early March.
Read more of this story at Slashdot. |
| 6:01p | Russia Acknowledges Continuing Air Leak From Its Segment of Space Station Russian space officials have acknowledged a continuing air leak from the Russian segment of the International Space Station, but said it poses no danger to its crew. From a report: The Roscosmos state corporation said that specialists were monitoring the leak and the crew "regularly conducts work to locate and fix possible spots of the leak." It said in a statement carried by Russian news agencies: "There is no threat to the crew or the station itself." Joel Montalbano, Nasa's station project manager, had noted on Wednesday that the leak in the Russian segment has increased but emphasised that it remained small and posed no threat to the crew's safety or vehicle operations. As the space outpost is ageing, the crew has to spend more time to repair and maintain it, Roscosmos said. Russian space officials first reported a leak in the Zvezda module in August 2020 and later that year Russian crew members located what they believed was its source and tried to fix it. In November 2021, another potentially leaky spot was found in a different part of the Russian section of the station. Roscosmos and Nasa have said the leak posed no danger to the crew and did not affect operations on the station. There have been other glitches. In October, coolant leaked from an external backup radiator for Russia's new science lab, Nauka, although its main thermal control system was working normally and space officials said the crew and the station were not in danger.
Read more of this story at Slashdot. |
| 6:40p | Nikon and NASA Are Putting a Mirrorless Camera on the Moon Nikon is working with NASA to make a mirrorless camera that astronauts will use during the agency's incoming Artemis III mission to document their return to the Moon. From a report: On Thursday, NASA announced that it had entered a Space Act agreement with Nikon to develop the Handheld Universal Lunar Camera (HULC), a camera system designed to capture imagery in low light and survive the harsh lunar environment. The crewed Artemis III mission -- which will launch "no earlier than September 2026" -- aims to explore the lunar south pole, a region of the Moon that contains water ice within permanently shadowed craters. That makes it an area of scientific interest, but the extreme lighting and temperature conditions pose particular technical challenges for operating equipment within the lunar south pole region. Nikon's full-frame Z9 flagship has already been used in thermal, vacuum, and radiation testing before the agreement, with a modified version of the camera forming the base of the HULC system alongside Nikkor lenses. The HULC design also implements thermal blankets designed by NASA to protect the camera from dust and extreme temperatures and modified electrical components to minimize potential issues caused by radiation. A custom grip with modified buttons has been used to make it easier for suited crew members to operate the camera system while wearing gloves.
Read more of this story at Slashdot. |
| 7:20p | The Business of Winding Down Startups is Booming Startup wind-down services are seeing rapid growth as failed startups look for help shutting down. Pitchbook: On the phone with a founder who recently wound down his seed-stage software startup, I asked him what his plan was next. Having laid off all of his employees in autumn of last year, he was the last man standing: tasked with the thankless job of shutting down the company, returning capital, and dealing with tax documents. To handle the bureaucracy, the founder used Sunset, one of the companies that sprung up last year to respond to the burgeoning industry of failed startups. In a sign of the times, such wind-down startups are growing rapidly. Sunset saw 9x quarter-over-quarter revenue growth and a 65% monthly customer growth rate between November 2023 and January 2024. Competitor SimpleClosure, which closed a $4 million seed round this month led by Infinity Ventures, has passed the $1 million mark in annualized revenue and also recorded a monthly growth rate of over 50% in the same period. Since its public launch in September, the startup's revenue has increased more than 14x. Even larger startups are interested in the additional help. "We've now had multiple companies that have become customers that have raised tens of millions [in venture funding]," said Dori Yona, co-founder and CEO of SimpleClosure. In early February, equity management platform Carta joined the bandwagon: CEO Henry Ward announced in a blog post a new startup shutdown service, Carta Conclusions. "[T]he work of dissolving a company is exceptionally unpleasant. It is also, by definition, zero-value to the founder, the company, and the world," Ward wrote. Carta's entrance could disrupt its competitors, given its existing relationships with a large customer base of startups and access to internal startup data on cap table management, which could help it to accurately target prospects. Founders never want to think about the possibility of failure, but the vast majority of startups never make it to a successful liquidity event.
Read more of this story at Slashdot. |
| 8:01p | Carbon Emissions Reached Record High in 2023, IEA Says Energy-related emissions of carbon dioxide hit a record high in 2023, the International Energy Agency (IEA) said in a report on Friday. The IEA analysis showed that it rose by 410 million tonnes, or 1.1%, in 2023 to 37.4 billion tonnes. From a report: "Far from falling rapidly -- as is required to meet the global climate goals set out in the Paris Agreement -- CO2 emissions reached a new record high," the IEA said. However, the Paris-based watchdog also found clean energy including wind and solar energy, as well as electric vehicles, had helped to offset the impact of the continued burning of coal and oil growth, which was 1.3% in 2022. The reopening of China's economy after the COVID-19 pandemic and a recovery in the aviation sector contributed to an overall rise, the IEA said in its report. Severe droughts last year in China, the United States, India, and other countries hampered hydropower production. It accounted for around 40% of the rise in emissions or 170 million tonnes of CO2. "Without this effect, emissions from the global electricity sector would have fallen in 2023," the IEA said. Carbon dioxide emissions from coal accounted for the remaining increase. The IEA analysis showed that 2023 was the first year in which at least half of electricity generation in industrialized countries came from low-emission sources such as renewable energy and nuclear power. Energy-related emissions in the United States fell by 4.1%, and 9% in the European Union, driven by a surge in renewable power generation.
Read more of this story at Slashdot. |
| 8:41p | Worldwide Obesity Tops 1 Billion Rates of obesity in the U.S. and around the world have more than doubled over the past three decades, according to a new study in The Lancet. From a report: More than 1 billion people worldwide now have obesity, a sign of worsening nutrition that's also raising the risk of leading causes of death and disease such as high blood pressure, cancer and diabetes. The global rate of obesity more than doubled among women, from 8.8% to 18.5%, and nearly tripled in men, from 4.8% to 14.0%, between 1990 and 2022, according to research that pulls from over 3,600 studies. The obesity rate among children and adolescents increased by roughly four times, from 1.7% to 6.9% in girls and 2.1% to 9.3% in boys. Just over 4 in 10 adults and 2 in 5 kids in the U.S. are obese. The U.S. now has the world's 10th-highest male obesity rate and 36th-highest female obesity rate. In 1990, the U.S. had the world's 17th-highest male obesity rate and the 41st-highest female obesity rate.
Read more of this story at Slashdot. |
| 9:22p | Stack Overflow To Charge LLM Developers For Access To Its Coding Content Stack Overflow has launched an API that will require all AI models trained on its coding question-and-answer content to attribute sources linking back to its posts. And it will cost money to use the site's content. From a report: "All products based on models that consume public Stack Overflow data are required to provide attribution back to the highest relevance posts that influenced the summary given by the model," it confirmed in a statement. The Overflow API is designed to act as a knowledge database to help developers build more accurate and helpful code-generation models. Google announced it was using the service to access relevant information from Stack Overflow via the API and integrate the data with its latest Gemini models, and for its cloud storage console.
Read more of this story at Slashdot. |
| 10:02p | A Leaky Database Spilled 2FA Codes For the World's Tech Giants An anonymous reader quotes a report from TechCrunch: A technology company that routes millions of SMS text messages across the world has secured an exposed database that was spilling one-time security codes that may have granted users' access to their Facebook, Google and TikTok accounts. The Asian technology and internet company YX International manufactures cellular networking equipment and provides SMS text message routing services. SMS routing helps to get time-critical text messages to their proper destination across various regional cell networks and providers, such as a user receiving an SMS security code or link for logging in to online services. YX International claims to send 5 million SMS text messages daily. But the technology company left one of its internal databases exposed to the internet without a password, allowing anyone to access the sensitive data inside using only a web browser, just with knowledge of the database's public IP address. Anurag Sen, a good-faith security researcher and expert in discovering sensitive but inadvertently exposed datasets leaking to the internet, found the database. Sen said it was not apparent who the database belonged to, nor who to report the leak to, so Sen shared details of the exposed database with TechCrunch to help identify its owner and report the security lapse. Sen told TechCrunch that the exposed database included the contents of text messages sent to users, including one-time passcodes and password reset links for some of the world's largest tech and online companies, including Facebook and WhatsApp, Google, TikTok, and others. The database had monthly logs dating back to July 2023 and was growing in size by the minute. In the exposed database, TechCrunch found sets of internal email addresses and corresponding passwords associated with YX International, and alerted the company to the spilling database. The database went offline a short time later.
Read more of this story at Slashdot. |
| 10:40p | Police Now Need Warrant For IP Addresses, Canada's Top Court Rules The Supreme Court of Canada ruled today that police must now have a warrant or court order to obtain a person or organization's IP address. CBC News reports: The top court was asked to consider whether an IP address alone, without any of the personal information attached to it, was protected by an expectation of privacy under the Charter. In a five-four split decision, the court said a reasonable expectation of privacy is attached to the numbers making up a person's IP address, and just getting those numbers alone constitutes a search. Writing for the majority, Justice Andromache Karakatsanis wrote that an IP address is "the crucial link between an internet user and their online activity." "Thus, the subject matter of this search was the information these IP addresses could reveal about specific internet users including, ultimately, their identity." Writing for the four dissenting judges, Justice Suzanne Cote disagreed with that central point, saying there should be no expectation of privacy around an IP address alone. [...] In the Supreme Court majority decision, Karakatsanis said that only considering the information associated with an IP address to be protected by the Charter and not the IP address itself "reflects piecemeal reasoning" that ignores the broad purpose of the Charter. The ruling said the privacy interests cannot be limited to what the IP address can reveal on its own "without consideration of what it can reveal in combination with other available information, particularly from third-party websites." It went on to say that because an IP address unlocks a user's identity, it comes with a reasonable expectation of privacy and is therefore protected by the Charter. "If [the Charter] is to meaningfully protect the online privacy of Canadians in today's overwhelmingly digital world, it must protect their IP addresses," the ruling said. Justice Cote, writing on behalf of justices Richard Wagner, Malcolm Rowe and Michelle O'Bonsawin, acknowledged that IP addresses "are not sought for their own sake" but are "sought for the information they reveal." "However, the evidentiary record in this case establishes that an IP address, on its own, reveals only limited information," she wrote. Cote said the biographical personal information the law was designed to protect are not revealed through having access to an IP address. Police must use that IP address to access personal information that is held by an ISP or a website that tracks customers' IP addresses to determine their habits. "On its own, an IP address does not even reveal browsing habits," Cote wrote. "What it reveals is a user's ISP -- hardly a more private piece of information than electricity usage or heat emissions." Cote said placing a reasonable expectation of privacy on an IP address alone upsets the careful balance the Supreme Court has struck between Canadians' privacy interests and the needs of law enforcement. "It would be inconsistent with a functional approach to defining the subject matter of the search to effectively hold that any step taken in an investigation engages a reasonable expectation of privacy," the dissenting opinion said.
Read more of this story at Slashdot. |
| 11:20p | Hands Up If You Want To Volunteer For Layoffs, IBM Tells Staff Paul Kunert writes in an exclusive report for The Register: IBM is asking staff who want to take voluntary redundancy to raise their hand as it embarks on a new round of global job cuts, though roles in Europe and within a handful of departments are expected to shoulder the brunt. The Resource Action, as Big Blue likes to euphemistically refer to layoffs, shouldn't be a massive surprise to anyone with more than a passing interest in IBM as it was signaled last month in a Q4 earnings call. Insiders told us this latest process is not considered to be financial but "transformative," although IBM was quite clear in January when CFO James Kavanaugh discussed achieving "$3 billion annual run rate in savings by the end of 2024." This is a third bigger than the initial ambition. The Reg understands that 80 percent of the reduction target is aimed at Enterprise Operations & Support (EO&S) and Q2C missions, Finance & Operations (including Procurement, CIO, HR, Marketing & Comms and Global Real Estate). The European Works Council, one IBMer told us, has informed staff that circa 50 percent of IBM's reduction goal will impact staffing levels across the European continent. As if often the preferred route, IBM is seeking employees that are happy to take voluntary redundancy, rather than ditching someone that doesn't want to leave. The sources we spoke to did not reveal the total population in scope for redundancies or the numbers of volunteers being sought. IBM did not confirm the numbers either. [...] Slovakia, we're told, is to feel the tightest squeeze with around a third of IBM's cuts in Europe landing on its International (shared services) Center in Bratislava; the Center in Hungary that supports EO&S/ Q2C, as well as the Finance function in Bulgaria are also going to absorb what our sources described as the most dramatic staff reductions.
Read more of this story at Slashdot. |
| << Previous Day |
2024/03/01 [Calendar] |
Next Day >> |