An anonymous reader quotes a report from Ars Technica: With redesigned engine components, Blue Origin’s New Shepard rocket took off from West Texas and flew to the edge of space on Tuesday with a package of scientific research and technology demonstration experiments. This was the first flight of Blue Origin’s 60-foot-tall (18-meter) New Shepard rocket since September 12, 2022, when an engine failure destroyed the booster and triggered an in-flight abort for the vehicle’s pressurized capsule. There were no passengers aboard for that mission, and the capsule safely separated from the failed booster and parachuted to a controlled landing.

The flight on Tuesday also didn’t carry people. Instead, Blue Origin, Jeff Bezos’s space company, lofted 33 payloads from NASA, research institutions, and commercial companies. Some of these payloads were flown again on Tuesday’s launch after failing to reach space on the failed New Shepard mission last year. Among these payloads were an experiment to demonstrate hydrogen fuel cell technology in microgravity and an investigation studying the strength of planetary soils under different gravity conditions. Blue Origin’s capsule, mounted on top of the rocket, also flew 38,000 postcards submitted by students through Club for the Future, the company’s nonprofit.

For Tuesday’s return-to-flight mission, the New Shepard rocket ignited its BE-3PM engine and climbed away from Blue Origin’s remote launch site near Van Horn, Texas, at 10:42 am CST (16:42 UTC). The hydrogen-fueled engine fired for more than two minutes, then shut down as scheduled as the rocket continued coasting upward, reaching an altitude of more than 347,000 feet (106 kilometers). The booster returned for a precision propulsive landing a short distance from the launch pad, and Blue Origin’s capsule deployed three parachutes to settle onto the desert floor, completing a 10-minute up-and-down flight. Blue Origin has launched 24 missions with its reusable New Shepard rocket, including six flights carrying people just over the Karman line, the internationally recognized boundary of space 100 kilometers above Earth.

Read more of this story at Slashdot.

Source: Slashdot – Blue Origin’s Suborbital Rocket Flies For First Time In 15 Months

“The Ministry of Justice is consulting on digitizing and then throwing away about 100 million paper originals of the last wills and testaments of British people dating back more than 150 years in an effort to save 4.5 million pounds a year,” reports Robert Booth via The Guardian. Leading historians are calling these plans “sheer vandalism” and “insane.” From the report: Ministers believe digitisation will speed up access to the papers, but the proposal has provoked a backlash among historians and archivists who took to X to decry it as “bananas” and “a seriously bad idea.” The government is proposing to keep the originals of some wills of “famous people” — likely including those of Charles Darwin, Charles Dickens and Diana, Princess of Wales — but others would be destroyed after 25 years and only a digital copy would be kept. It is feared that wills of ordinary people, some of whom may become historically significant in the future, risk being lost.

Wills are considered essential documents, particularly for social historians and genealogists, as they capture what people considered important at the time and reveal unknown family links. The proposal comes amid growing concern at the fragility of digital archives, after a cyber-attack on the British Library left the online catalogue and digitized documents unavailable to users since late October. “We are advocates of digitization but not at the cost of destroying originals,” says Natalie Pithers, interim co-chief executive of the Society of Genealogists. “In any digitization projects mistakes get made. We don’t know what further information could be gained in the future from the original documents. There could be somebody in there who did something extraordinary.”

Read more of this story at Slashdot.

Source: Slashdot – Ministry of Justice Plans To Digitize Then Destroy 100 Million Historical Wills

“EVs mandates are coming to Canada whether you like it or not,” writes Slashdot reader Major_Disorder, sharing a report from the Canadian Broadcasting Corporation. “Here is what my Canadian brothers and sisters need to know.” From the report: New regulations being published this week by Environment Minister Steven Guilbeault will effectively end sales of new passenger vehicles powered only by gasoline or diesel in 2035. Guilbeault said the Electric Vehicle Availability Standard will encourage automakers to make more battery-powered cars and trucks available in Canada. “There’s no mistaking it. We are at a tipping point,” he said, noting sizable growth in EV sales in Canada and demand that has previously outstripped the available supply.

Automakers will have the next 12 years to phase out combustion engine cars, trucks and SUVs with a requirement to gradually increase the proportion of electric models they offer for sale each year. The electric-vehicle sales mandate regulations will be published later this week. They are setting up a system in which every automaker will have to show that a minimum percentage of vehicles they offer for sale are fully electric or longer-range plug-in hybrids. It will start with 20 per cent in 2026 and rise slightly to 23 per cent in 2027. After that, the share of EVs will begin to increase much faster, so that by 2028, 34 per cent of all vehicles sold will need to be electric — 43 per cent by 2029 and 60 per cent by 2030. That number keeps rising until it hits 100 per cent in 2035.

Guilbeault said the government is working to revise the national building code to encourage the spread of charging stations. The updated code would ensure that residential buildings constructed after 2025 have the electrical capacity to accommodate the charging stations. […] The policy will be regulated under the Canadian Environmental Protection Act and will issue credits to automakers for the EVs they sell. Generally, a fully electric model will generate one credit, with plug-in hybrids getting partial or full credit depending on how far they can go on a single charge. Manufacturers that sell more EVs than they need to meet each year’s target can either bank those credits to meet their targets in future years, or sell them to companies that didn’t sell enough. They can also cover up to 10 per cent of the credits they need each year by investing in public fast-charging stations. Every $20,000 spent on DC fast chargers that are operating before 2027 can earn the equivalent of one credit. Automakers that come up short for their sales requirements will be able to cover the difference by buying credits from others who exceed their targets, or by investing in charging stations. Automakers can start earning some credits toward their 2026 and 2027 targets over the next two years — a bid by the government to encourage a faster transition.

Read more of this story at Slashdot.

Source: Slashdot – Canada Lays Out Plan To Phase Out Sales of Gas-Powered Cars, Trucks By 2035

Juli Clover reports via MacRumors: The developers behind Beeper Mini are continuing with their effort to make iMessage for Android function despite Apple’s mitigations, and the latest “fix” requires Beeper Mini users to have access to a Mac. On Reddit, the Beeper Mini team says that the Mac-based fix coming on December 20 stabilizes iMessage for Beeper Cloud and Mini, and it “works well” and “is very reliable.”

It is unclear how many Android users have a Mac or have a friend with a Mac to rely on, but the fix requires using a Mac to connect to iMessage on Beeper. According to Beeper Mini’s developers, registration data from an actual Mac has to be sent to Apple to use iMessage on Beeper. Beeper has been using its own Mac servers to provide that information to Apple, but that resulted in thousands of Beeper users having the same registration info, which was an “easy target for Apple.”

The Beeper update will instead generate unique registration data for each Mac, making it harder for Apple to tell which users are accessing iMessage through an Android device. The Beeper Mini team says that registration data is “only used to indicate that a Mac is available during registration” and that the Mac will not be given access to an account or messages: “If you do not have access to a Mac computer, but have a friend on Beeper with a Mac, you can ask them if you can use their registration data. In our testing, 10-20 iMessage users can safely use the same registration data.” With the fix, Beeper Cloud and Beeper Mini users will once again be able to use iMessage on Android, but only with email addresses and not with phone numbers.

Read more of this story at Slashdot.

Source: Slashdot – Next Beeper Mini Fix Requires Users To Have a Mac

An anonymous reader writes: Digital mapping specialist TomTom said on Tuesday it has partnered with tech giant Microsoft to create an artificial intelligence (AI)-powered conversational assistant for vehicles. The assistant will allow users to “converse naturally with their vehicles” and enable voice interaction with infotainment, location search, and vehicle command systems, the company said.

TomTom, which competes with Google Maps and the world’s biggest mapping platform HERE, used various Microsoft services like its Azure OpenAI Service to create the voice assistant. The Microsoft Azure OpenAI Service allows enterprises to leverage ChatGPT maker OpenAI’s large language models (LLM). The voice assistant can be integrated into other automotive infotainment systems and is also built into TomTom’s Digital Cockpit, an open, modular in-vehicle infotainment platform, the Dutch map maker said. The company began working with Microsoft in 2016, when it first started powering Azure Maps location services.

Read more of this story at Slashdot.

Source: Slashdot – TomTom Creates AI-Based Conversational Assistant For Vehicles With Microsoft

Longtime Slashdot reader UnknowingFool writes: Microsoft has released a new software tool to remove printer software from HP that was installed without user permission or system need. A few weeks ago, users noticed that Windows Update installed HP printer software even if they did not have HP printers or printers at all. Affecting Windows 10 and 11, consumers reported that this update sometimes caused problems as it could rename their non-HP printers as HP printers causing some printing features to be inaccessible. Microsoft has not disclosed the root cause of the issue. The fix released by Microsoft requires users to download and run a dedicated troubleshooting tool available from Microsoft’s support site. “There are four different versions of the troubleshooter, depending on whether you have the 32- or 64-bit version of an Arm or x86 version of Windows,” notes Ars Technica. “Microsoft will also release an additional recommended troubleshooting tool ‘in the coming weeks’ that will fix the problem in Windows 11 upon a user’s request without requiring the download of a separate tool.”

Read more of this story at Slashdot.

Source: Slashdot – Microsoft Releases Downloadable Tool To Remove Unwanted HP Printer Software

Binance will pay $2.7 billion to the Commodity Futures Trading Commission (CFTC) for evading federal law and operating an illegal derivatives exchange. Meanwhile, the cryptocurrency exchange’s founder, Changpeng “CZ” Zhao, will pay $150 million.

“The court finds Zhao and Binance violated the Commodity Exchange Act (CEA) and CFTC regulations, imposes a $150 million civil monetary penalty personally against Zhao, and requires Binance to disgorge $1.35 billion of ill-gotten transaction fees and pay a $1.35 billion penalty to the CFTC,” wrote the CFTC in a statement. CoinTelegraph reports: The approved settlement marks the conclusion of a long-running case against CZ and Binance by the CFTC. On Nov. 21, CZ agreed to step down from his role at the helm of Binance as part of a wider settlement with the U.S. Department of Justice, the Treasury Department and the CFTC. On the same day, Zhao pleaded guilty to several civil charges and one criminal charge relating to Anti-Money Laundering laws. On Dec. 7, CZ was ordered to remain in the U.S. until his Feb. 23, 2024 sentencing date. He faces up to 18 months in prison on money laundering charges and has agreed not to appeal any potential sentence up to that length.

As part of the settlement, both CZ and Binance have agreed to take further steps to ensure Know Your Customer measures are maintained on the exchange as well as requiring Binance to implement a formalized corporate governance structure, including a board of directors with independent members, a compliance committee and an audit committee. The court also made a separate order for Binance’s former chief compliance officer, Samuel Lim, to pay a $1.5 million civil monetary penalty for “aiding and abetting Binance’s violations and engaging in activities outside of the U. S. to willfully evade or attempt to evade U.S. law.”

Read more of this story at Slashdot.

Source: Slashdot – Binance To Pay .7 Billion Fine To CFTC For Evading Federal Law

An anonymous reader quotes a report from the BBC: A bill that mandates tech giants pay news outlets for their content has come into effect in Canada amid an ongoing dispute with Facebook and Instagram owner Meta over the law. Some have hailed it as a game-changer that sets out a permanent framework that will see a steady drip of funds from wealthy tech companies to Canada’s struggling journalism industry. But it has also been met with resistance by Google and Meta — the only two companies big enough to be encompassed by the law. In response, over the summer, Meta blocked access to news on Facebook and Instagram for Canadians. Google looked set to follow, but after months of talks, the federal government was able to negotiate a deal with the search giant as the company has agreed to pay Canadian news outlets $75 million annually.

No such agreement appears to be on the horizon with Meta, which has called the law “fundamentally flawed.” If Meta is refusing to budge, so is the government. “We will continue to push Meta, that makes billions of dollars in profits, even though it is refusing to invest in the journalistic rigor and stability of the media,” Prime Minister Justin Trudeau told reporters on Friday. According to a study by the Media Ecosystem Observatory, the views of Canadian news on Facebook dropped 90% after the company blocked access to news on the platform. Local news outlets have been hit particularly hard.

“The loss of journalism on Meta platforms represents a significant decline in the resiliency of the Canadian media ecosystem,” said Taylor Owen, a researcher at McGill and the co-author of the study. He believes it also hurts Meta’s brand in the long run, pointing to the fact that the Canada’s federal government, as well as that of British Columbia, other municipalities and a handful of large Canadian corporations, have all pulled their advertising off Facebook and Instagram in retaliation.

Read more of this story at Slashdot.

Source: Slashdot – Meta’s News Ban In Canada Remains As Online News Act Goes Into Effect

In a notice on Monday, Xfinity notified customers of a “data security incident” that resulted in the theft of customer information, including usernames, passwords, contact information, and more. The Verge reports: Xfinity traces the breach to a security vulnerability disclosed by cloud computing company Citrix, which began alerting customers of a flaw in software Xfinity and other companies use on October 10th. While Xfinity says it patched the security hole, it later uncovered suspicious activity on its internal systems “that was concluded to be a result of this vulnerability.”

The hack resulted in the theft of customer usernames and hashed passwords, according to Xfinity’s notice. Meanwhile, “some customers” may have had their names, contact information, last four digits of their social security numbers, dates of birth, and / or secret questions and answers exposed. Xfinity has notified federal law enforcement about the incident and says “data analysis is continuing.”

We still don’t know how many users were affected by the breach. Xfinity will automatically ask customers to change their passwords the next time they log in to their accounts, and it’s also encouraging users to turn on two-factor authentication. You can find the full notice, including contact information for the company’s incident response team, on Xfinity’s website (PDF). UPDATE 12/19/23: According to TechCrunch, almost 36 million Xfinity customers had their sensitive information accessed by hackers via a vulnerability known as “CitrixBleed.” The vulnerability is “found in Citrix networking devices often used by big corporations and has been under mass-exploitation by hackers since late August,” the report says. “Citrix made patches available in early October, but many organizations did not patch in time. Hackers have used the CitrixBleed vulnerability to hack into big-name victims, including aerospace giant Boeing, the Industrial and Commercial Bank of China and international law firm Allen & Overy.”

“In a filing with Maine’s attorney general, Comcast confirmed that almost 35.8 million customers are affected by the breach. Comcast’s latest earnings report shows the company has more than 32 million broadband customers, suggesting this breach has impacted most, if not all Xfinity customers.”

Read more of this story at Slashdot.

Source: Slashdot – Comcast Discloses Data Breach of Close To 36 Million Xfinity Customers [UPDATE]

Imported raw materials such as steel and cement will incur a new carbon tax from 2027 under UK plans designed to support domestic producers and reduce emissions, but the government is facing criticism for not moving fast enough. From a report: The Treasury said the tax would help address the phenomenon of “carbon leakage,” in which UK manufacturers are undercut on price by foreign rivals whose governments do not impose levies on businesses that emit a lot of carbon. The result is that emissions are simply displaced to other countries, while greener UK producers lose out because they have to pay carbon-related charges. The chancellor, Jeremy Hunt, said: “This levy will make sure carbon intensive products from overseas — like steel and ceramics — face a comparable carbon price to those produced in the UK, so that our decarbonisation efforts translate into reductions in global emissions. “This should give UK industry the confidence to invest in decarbonisation as the world transitions to net zero.”

Read more of this story at Slashdot.

Source: Slashdot – UK To Introduce Carbon Tax on Steel Imports from 2027

Speaking of the 1.3 million stolen files of Sony division Insomniac Games that hackers have leaked, the data dump includes game roadmaps, budgets, and detailed information about Insomniac’s upcoming Wolverine game, which a document says is slated for 2026. Bloomberg reports: According to the files, Sony plans to release several Marvel-inspired titles in the next decade, including Spider-Man 3, based on Venom and X-Men games. The files also reference a new Ratchet & Clank game apparently slated for 2029. Insomniac and Marvel’s licensing commitment is as high as $621 million to develop and market the X-Men games by 2035, according to one document, which was one of many circulating on the internet. The documents also give us a peak into how Sony internally felt about Microsoft’s acquisition of Blizzard. Eurogamer adds: Sony has privately described Microsoft’s $68.7bn takeover of Activision Blizzard as a potential “leapfrog” moment for its long-term console rival to take the lead. Threats identified by Sony include Microsoft using Call of Duty to “disrupt and threaten console gaming and game subscription markets”, with a potential “massive threat to PlayStation Plus.” […] “Activision provides incredible strategic value across live service games, scale in mobile and PC storefront (Battle.net),” Sony wrote, describing the various advantages Microsoft has now added to its portfolio with the deal freshly completed.

Read more of this story at Slashdot.

Source: Slashdot – Sony’s Video Game Plans Leaked By Ransomware Group

A anonymous reader shares a report: Shopping on Amazon.com has long entailed scrolling through pages and pages of often redundant customer feedback. In an effort to make the task less onerous, the company in August began using artificial intelligence to convert billions of reviews into brief summaries consisting of a few sentences apiece. As is often true with generative AI, the results aren’t perfect. In some cases, the summaries provide an inaccurate description of a product. In others, they exaggerate negative feedback. This has potential implications not just for customers, but for Amazon merchants who depend on positive reviews to boost sales. Making matters worse, merchants say, the summaries were deployed just as they were headed into the crucial holiday shopping season — giving them one more thing to worry about besides inflation-battered shoppers.

Most shoppers can probably tell when the AI has misclassified a product. For example, the home fitness company Teeter sells an inversion table designed to ease back pain. Amazon’s AI generated summary calls it a desk: “Customers like the sturdiness, adjustability and pain relief of the desk.” The technology’s tendency to overplay negative sentiment in some reviews is less obvious. The $70 Brass Birmingham board game, for instance, boasts a 4.7-star rating based on feedback from more than 500 shoppers. A three-sentence AI summary of reviews ends with: “However, some customer have mixed opinions on ease of use.” Only four reviews mention ease of use in a way that could be interpreted as critical. That’s fewer than 1% of the overall ratings, yet the negative sentiment accounts for about a third of the AI-generated blurb.

Read more of this story at Slashdot.

Source: Slashdot – Amazon’s AI Product Reviews Seen Exaggerating Negative Feedback

Toshiba will be delisted on Wednesday after 74 years on the Tokyo exchange, following a decade of upheaval and scandal that brought down one of Japan’s biggest brands and ushered in a buyout and an uncertain future. From a report: The conglomerate is being taken private by a group of investors led by private equity firm Japan Industrial Partners that also includes financial services firm Orix, utility Chubu Electric Power and chipmaker Rohm. The $14 billion takeover puts Toshiba in domestic hands after protracted battles with overseas activist investors that paralysed the maker of batteries, chips, and nuclear and defence equipment. Although it is not clear what shape Toshiba will ultimately take under its new owners, Chief Executive Taro Shimada, who is staying in his role following the buyout, is expected to focus on high-margin digital services.

Read more of this story at Slashdot.

Source: Slashdot – Toshiba To Be Delisted After 74 Years

A ransomware group that claimed to have successfully hacked Insomniac Games has now leaked the vast majority of its stolen files. From a report: Last week ransomware group Rhysida threatened to expose sensitive data about the company, its employees and its upcoming games, if it wasn’t paid for the data. It then published data online which appeared to corroborate its claim that it had successfully hacked the Sony-owned studio, including an annotated screenshot from Insomniac’s upcoming Wolverine game.

The group then threatened to publish the stolen data within seven days, but first offered it for auction with a starting price of 50 Bitcoins (approximately $2 million). Now, according to Cyber Daily, Rhysida has followed through with its threat and posted more than 1.3 million files totalling 1.67 terabytes to its darknet leak site. Around 98% of the hacked data has been leaked, with Rhysida stating that “not sold data was uploaded,” implying that the remaining 2% may have been sold to someone.

Read more of this story at Slashdot.

Source: Slashdot – Insomniac Hacker Releases More Than 1.3 Million Stolen Files, Including Unannounced Games Info

An international group of law enforcement agencies have seized the dark web leak site of the notorious ransomware gang known as ALPHV, or BlackCat. From a report: “The Federal Bureau of Investigation seized this site as part of a coordinated law enforcement action taken against ALPHV Blackcat Ransomware,” a message on the gang’s dark web leak site now reads, seen by TechCrunch. According to the splash, the takedown operation also involved law enforcement agencies from the United Kingdom, Denmark, Germany, Spain and Australia.

In a later announcement confirming the disruption, the U.S. Department of Justice said that the international takedown effort, led by the FBI, enabled U.S. authorities to gain visibility into the ransomware group’s computer to seize “several websites” that ALPHV operated. The FBI also released a decryption tool that has already enabled more than 500 ALPHV ransomware victims to restore their systems. (The government’s search warrant puts the number at 400 victims.) The FBI said it worked with dozens of victims in the United States, saving them from paying ransom demands totaling approximately $68 million.

Read more of this story at Slashdot.

Source: Slashdot – Authorities Claim Seizure of Notorious ALPHV Ransomware Gang’s Dark Web Leak Site

India consumes more groundwater. That’s testing India’s ability to feed itself and much of the world. From a report: The South Asian nation is already the world’s largest guzzler of groundwater. Cheap power has encouraged routine overreliance on finite riches. India overwhelmingly grows some of the thirstiest crops: rice, wheat and sugar cane. Over the last half century, farm productivity has leapt forward, but so, too, has water usage — up 500% over that period, according to the World Bank. Erratic monsoons and brutal heat waves are only making the problem more acute. Farmers are digging deeper wells because existing ones are no longer refilling. Some regions may run out of groundwater entirely — Punjab, a major wheat producer, could go dry within the next 15 or so years, according to a former state official. States in southern India are battling over water rights in areas where rampant urban development has drained thousands of lakes.

The government is not blind to the crisis. But with a national election on the horizon next year, there’s little to gain in pushing actively for change among farmers, one of the most important voting blocs in the country. Any long-term solution will involve tinkering with farm subsidies or the minimum price set for water-intensive crops. Prime Minister Narendra Modi’s ruling party is all too aware that farmers from India’s grain-growing northern regions dominated months of protests against proposed agrarian reforms from late 2020. Modi was forced to withdraw the proposals. For now, it’s clear the water math does not add up.

Modi has promised piped water to all Indian households by 2024. Yet nearly half of India’s 1.4 billion residents already face high-to-extreme water stress, and the world’s most populous nation is expected to add more than 200 million more people by 2050. Agriculture, meanwhile, accounts for 90% of water use, helping to explain why Indian officials say the clearest strategy for preserving supplies is modernizing the industry. The government has tried to convince farmers to adopt different irrigation technologies, return to traditional rain harvesting and plant less thirsty crops like millets, pulses and oilseeds. Nothing has yet made a substantial difference, in a country where subsidies supporting wheat and rice persist, and farming is dominated by smallholders.

Read more of this story at Slashdot.

Source: Slashdot – India’s Flooded Farmlands Mask a Water Crisis Deep Underground

An anonymous reader quotes a report from BleepingComputer: Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022. The two affected companies are Nirvana Finance, a decentralized crypto exchange, and an unnamed exchange on the Solana blockchain platform that Ahmed hacked using his blockchain audit and smart contract reverse engineering skills. He first targeted the undisclosed crypto exchange by manipulating a smart contract to introduce false pricing data, generating roughly $9 million worth of inflated fees. Ahmed later withdrew the funds and offered to return all but $1.5 million on the condition that the exchange refrained from involving law enforcement.

Although not explicitly named by the Justice Department, the details of the attack match those of a July 2022 breach impacting the Crema Finance decentralized finance (DeFi) platform. Shortly after this first hack, Ahmed exploited a Nirvana Finance DeFi protocol smart contract loophole to take a flash loan of ANA cryptocurrency tokens at a low price and sell it back at a higher rate, yielding him approximately $3.6 million. Despite being offered a $300,000 bounty to return the stolen crypto assets, Ahmed kept everything he stole (representing all the funds owned by Nirvana Finance) after demanding $1.4 million and not reaching an agreement, forcing the exchange to shut down.

Seeking to conceal his actions and obscure the digital trail of the stolen funds, Ahmed used several cryptocurrency mixers (including Samourai Whirlpool), the Solana and Ethereum blockchains, and foreign exchanges to convert the millions he stole into Monero, a cryptocurrency known for its enhanced privacy and anonymity. Wary of being apprehended, Ahmed actively sought ways to elude detection and extradition. His online searches revealed his interest in strategies to flee the United States, thwart asset seizures, and secure citizenship in different nations, clearly showcasing Ahmed’s intention to sidestep legal repercussions for his actions. […] Ahmed entered a guilty plea for a single computer fraud charge, an offense with a maximum imprisonment term of five years. Additionally, he committed to compensating his victims with a sum totaling $5,071,074.23.

Read more of this story at Slashdot.

Source: Slashdot – Ex-Amazon Engineer Pleads Guilty To Hacking Crypto Exchanges

In a notice on Monday, Xfinity notified customers of a “data security incident” that resulted in the theft of customer information, including usernames, passwords, contact information, and more. The Verge reports: Xfinity traces the breach to a security vulnerability disclosed by cloud computing company Citrix, which began alerting customers of a flaw in software Xfinity and other companies use on October 10th. While Xfinity says it patched the security hole, it later uncovered suspicious activity on its internal systems “that was concluded to be a result of this vulnerability.”

The hack resulted in the theft of customer usernames and hashed passwords, according to Xfinity’s notice. Meanwhile, “some customers” may have had their names, contact information, last four digits of their social security numbers, dates of birth, and / or secret questions and answers exposed. Xfinity has notified federal law enforcement about the incident and says “data analysis is continuing.”

We still don’t know how many users were affected by the breach. Xfinity will automatically ask customers to change their passwords the next time they log in to their accounts, and it’s also encouraging users to turn on two-factor authentication. You can find the full notice, including contact information for the company’s incident response team, on Xfinity’s website (PDF).

Read more of this story at Slashdot.

Source: Slashdot – Xfinity Discloses Data Breach But Doesn’t Say How Many Users Affected

NASA has successfully beamed an ultra-high definition streaming video from a record-setting 19 million miles away. The Deep Space Optical Communications experiment, as it is called, is part of a NASA technology demonstration aimed at streaming HD video from deep space to enable future human missions beyond Earth orbit. From a NASA press release: The [15-second test] video signal took 101 seconds to reach Earth, sent at the system’s maximum bit rate of 267 megabits per second (Mbps). Capable of sending and receiving near-infrared signals, the instrument beamed an encoded near-infrared laser to the Hale Telescope at Caltech’s Palomar Observatory in San Diego County, California, where it was downloaded. Each frame from the looping video was then sent “live” to NASA’s Jet Propulsion Laboratory in Southern California, where the video was played in real time.

The laser communications demo, which launched with NASA’s Psyche mission on Oct. 13, is designed to transmit data from deep space at rates 10 to 100 times greater than the state-of-the-art radio frequency systems used by deep space missions today. As Psyche travels to the main asteroid belt between Mars and Jupiter, the technology demonstration will send high-data-rate signals as far out as the Red Planet’s greatest distance from Earth. In doing so, it paves the way for higher-data-rate communications capable of sending complex scientific information, high-definition imagery, and video in support of humanity’s next giant leap: sending humans to Mars.

Uploaded before launch, the short ultra-high definition video features an orange tabby cat named Taters, the pet of a JPL employee, chasing a laser pointer, with overlayed graphics. The graphics illustrate several features from the tech demo, such as Psyche’s orbital path, Palomar’s telescope dome, and technical information about the laser and its data bit rate. Tater’s heart rate, color, and breed are also on display. There’s also a historical link: Beginning in 1928, a small statue of the popular cartoon character Felix the Cat was featured in television test broadcast transmissions. Today, cat videos and memes are some of the most popular content online. “Despite transmitting from millions of miles away, it was able to send the video faster than most broadband internet connections,” said Ryan Rogalin, the project’s receiver electronics lead at JPL. “In fact, after receiving the video at Palomar, it was sent to JPL over the internet, and that connection was slower than the signal coming from deep space. JPL’s DesignLab did an amazing job helping us showcase this technology — everyone loves Taters.”

Read more of this story at Slashdot.

Source: Slashdot – NASA’s Tech Demo Streams First Video From Deep Space Via Laser

Alphabet will pay $700 million and alter its Google Play policies to settle claims that the app store unlawfully dominates the Android mobile applications market, resolving antitrust complaints brought by attorneys general of about three dozen states and consumers. From a report: The deal disclosed in a court filing late Monday calls for tweaks to Google Play policies designed to reduce barriers to competition in the markets for app distribution and payment processing. The lawsuits that were grouped together in federal court in California had threatened billions of dollars in revenue generated by the sale and distribution of apps through Google Play. Google will also make a series of changes to its business practices as part of the settlement. In a blog post, the Android-maker said: Streamlining sideloading while prioritizing security: Unlike on iOS, Android users have the option to sideload apps, meaning they can download directly from a developer’s website without going through an app store like Google Play. While we maintain it is critical to our safety efforts to inform users that sideloading on mobile could come with unique risks, as part of our settlement we will be further simplifying the sideloading process and updating the language that informs users about these potential risks of downloading apps directly from the web for the first time.
Expanding user choice billing to more people: App and game developers will be able to implement an alternative billing option alongside Google Play’s billing system for their U.S. users who can then choose which option to use when making in-app purchases. We have been piloting user choice billing in the U.S. for over a year and will now expand this option further.
Expanding open communication on pricing: We have always given developers more ways to interact with their customers than iOS and other operating systems. For example, Google Play allows developers to communicate freely with their customers outside the app about subscription offers or lower-cost options available on a rival app store or the developer’s website. This openness has spurred competition and benefited consumers and developers. As part of user choice billing, which we’re expanding with today’s settlement announcement, developers are also able to show different pricing options within the app when a user makes a digital purchase.

Read more of this story at Slashdot.

Source: Slashdot – Alphabet, States Reach 0 Million Deal in Google Play Feud