A Harvard professor on the history of science looks at our response to the pandemic, criticizing “a report that gave the false impression that masking didn’t help.” From Scientific American:

The group’s report was published by Cochrane, an organization that collects databases and periodically issues “systematic” reviews of scientific evidence relevant to health care. This year it published a paper addressing the efficacy of physical interventions to slow the spread of respiratory illness such as COVID… The review of studies of masking concluded that the “results were inconclusive…” [and] it was “uncertain whether wearing [surgical] masks or N95/P2 respirators helps to slow the spread of respiratory viruses.” Still, the authors were also uncertain about that uncertainty, stating that their confidence in their conclusion was “low to moderate.” You can see why the average person could be confused… The Cochrane finding was not that masking didn’t work but that scientists lacked sufficient evidence of sufficient quality to conclude that they worked…

Cochrane has made this mistake before. In 2016 a flurry of media reports declared that flossing your teeth was a waste of time… The answer demonstrates a third issue with the Cochrane approach: how it defines evidence. The organization states that its reviews “identify, appraise and synthesize all the empirical evidence that meets pre-specified eligibility criteria.” The problem is what those eligibility criteria are. Cochrane Reviews base their findings on randomized controlled trials (RCTs), often called the “gold standard” of scientific evidence. But many questions can’t be answered well with RCTs, and some can’t be answered at all…
In fact, there is strong evidence that masks do work to prevent the spread of respiratory illness. It just doesn’t come from RCTs. It comes from Kansas. In July 2020 the governor of Kansas issued an executive order requiring masks in public places. Just a few weeks earlier, however, the legislature had passed a bill authorizing counties to opt out of any statewide provision. In the months that followed, COVID rates decreased in all 24 counties with mask mandates and continued to increase in 81 other counties that opted out of them… Cochrane ignored this epidemiological evidence because it didn’t meet its rigid standard.

I have called this approach “methodological fetishism,” when scientists fixate on a preferred methodology and dismiss studies that don’t follow it. Sadly, it’s not unique to Cochrane. By dogmatically insisting on a particular definition of rigor, scientists in the past have landed on wrong answers more than once.
Vox also points out that while Cochrane’s review included 78 studies, “only six were actually conducted during the Covid-19 pandemic… Instead, most of them looked at flu transmission in normal conditions, and many of them were about other interventions like hand-washing.

“Only two of the studies are about Covid and masking in particular. Furthermore, neither of those studies looked directly at whether people wear masks, but instead at whether people were encouraged or told to wear masks by researchers.”

Read more of this story at Slashdot.

Source: Slashdot – Masks Work. So What Went Wrong with a Highly Publicized COVID Mask Analysis?

“New data suggests that what a lot of people do most often in their car is listen to AM/FM radio,” writes 9to5Mac. “Yes, it’s 2023, and you might think AM/FM radio is on the way out, but new data show that to not be the case for a lot of people…”

The market research company Edison Research used one-day listening diarires (for Americans older than 13) to measure the amount of time spent listening to audio — then compared results for those with and without an in-car entertainment system.

Those without an in-car entertainment system spent 67% of their time listening to AM/FM radio — with the rest listening to Sirius XM (12%), a streaming service (9%), or podcasts (4%).

But among those with an in-car entertainment system… 46% still listened to AM/FM radio. Less than a fifth listened to Sirus XM (19%), a streaming service (18%), or podcasts (7%).

The researchers’ conclusion? “Even those with these systems choose AM/FM for nearly half of their in-car listening. For many people, even with so many new options, radio and the in-car environment continue to just go together.”

Read more of this story at Slashdot.

Source: Slashdot – CarPlay? Android Auto? Most People Still Just Listen to AM/FM Radio

One 80-year-old retired teacher in Los Angeles lost $69,000 in bitcoin to scammers. And 46,000 people lost over $1 billion to crypto scams since 2021 (according to America’s Federal Trade Commission).

Now the Los Angeles Times reports California’s new moves against scammers using bitcoin ATMs, with a bill one representative says “is about ensuring that people who have been frauded in our communities don’t continue to watch our state step aside when we know that these are real problems that are happening.”

Starting in January, California will limit cryptocurrency ATM transactions to $1,000 per day per person under Senate Bill 401, which Gov. Gavin Newsom signed into law. Some bitcoin ATM machines advertise limits as high as $50,000… Victims of bitcoin ATM scams say limiting the transactions will give people more time to figure out they’re being tricked and prevent them from using large amounts of cash to buy cryptocurrency.
But crypto ATM operators say the new laws will harm their industry and the small businesses they pay to rent space for the machines. There are more than 3,200 bitcoin ATMs in California, according to Coin ATM Radar, a site that tracks the machines’ locations. “This bill fails to adequately address how to crack down on fraud, and instead takes a punitive path focused on a specific technology that will shudder the industry and hurt consumers, while doing nothing to stop bad actors,” said Charles Belle, executive director of the Blockchain Advocacy Coalition…

Law enforcement has cracked down on unlicensed crypto ATMs, but it can be tough for consumers to tell how serious the industry is about addressing the concerns. In 2020, a Yorba Linda man pleaded guilty to charges of operating unlicensed bitcoin ATMs and failing to maintain an anti-money-laundering program even though he knew criminals were using the funds. The illegal business, known as Herocoin, allowed people to buy and sell bitcoin in transactions of up to $25,000 and charged a fee of up to 25%.

So there’s also provisions in the law against exorbitant fees:
The new law also bars bitcoin ATM operators from collecting fees higher than $5 or 15% of the transaction, whichever is greater, starting in 2025. Legislative staff members visited a crypto kiosk in Sacramento and found markups as high as 33% on some digital assets when they compared the prices at which cryptocurrency is bought and sold. Typically, a crypto ATM charges fees between 12% and 25% over the value of the digital asset, according to a legislative analysis…
Another law would by July 2025 require digital financial asset businesses to obtain a license from the California Department of Financial Protection and Innovation.

Read more of this story at Slashdot.

Source: Slashdot – California Law Limits Bitcoin ATM Transactions to ,000 to Thwart Scammers

“It’s not every day that you get to update the firmware on a device that was produced in the 1970s,” writes Hackaday, “and rarely is said device well beyond the boundaries of our solar system.
“This is however exactly what the JPL team in charge of the Voyager 1 & 2 missions are facing, as they are in the process of sending fresh firmware patches over to these amazing feats of engineering.”

From NASA’s announcement:
One effort addresses fuel residue that seems to be accumulating inside narrow tubes in some of the thrusters on the spacecraft. The thrusters are used to keep each spacecraft’s antenna pointed at Earth. This type of buildup has been observed in a handful of other spacecraft… In some of the propellant inlet tubes, the buildup is becoming significant. To slow that buildup, the mission has begun letting the two spacecraft rotate slightly farther in each direction [almost 1 degree] before firing the thrusters. This will reduce the frequency of thruster firings… While more rotating by the spacecraft could mean bits of science data are occasionally lost — akin to being on a phone call where the person on the other end cuts out occasionally — the team concluded the plan will enable the Voyagers to return more data over time.

Engineers can’t know for sure when the thruster propellant inlet tubes will become completely clogged, but they expect that with these precautions, that won’t happen for at least five more years, possibly much longer. “This far into the mission, the engineering team is being faced with a lot of challenges for which we just don’t have a playbook,” said Linda Spilker, project scientist for the mission as NASA’s Jet Propulsion Laboratory in Southern California. “But they continue to come up with creative solutions.”

But that’s not the only issue:

The team is also uploading a software patch to prevent the recurrence of a glitch that arose on Voyager 1 last year. Engineers resolved the glitch, and the patch is intended to prevent the issue from occurring again in Voyager 1 or arising in its twin, Voyager 2…

In 2022, the onboard computer that orients the Voyager 1 spacecraft with Earth began to send back garbled status reports, despite otherwise continuing to operate normally… The attitude articulation and control system (AACS) was misdirecting commands, writing them into the computer memory instead of carrying them out. One of those missed commands wound up garbling the AACS status report before it could reach engineers on the ground.

The team determined the AACS had entered into an incorrect mode; however, they couldn’t determine the cause and thus aren’t sure if the issue could arise again. The software patch should prevent that.

“This patch is like an insurance policy that will protect us in the future and help us keep these probes going as long as possible,” said JPL’s Suzanne Dodd, Voyager project manager. “These are the only spacecraft to ever operate in interstellar space, so the data they’re sending back is uniquely valuable to our understanding of our local universe.”

Since their launch in 1977, NASA’s two Voyager probes have travelled more than 12 billion miles (each!), and are still sending back data from beyond our solar system.

Read more of this story at Slashdot.

Source: Slashdot – NASA Transmits Patches to the Two Voyager Probes Launched in 1977

“In 2023, the state of our digital privacy is: Very Creepy.” That’s the verdict from Mozilla’s first-ever “Annual Consumer Creep-o-Meter,” which attempts to set benchmarks for digital privacy and identify trends:

Since 2017, Mozilla has published 15 editions of *Privacy Not Included, our consumer tech buyers guide. We’ve reviewed over 500 gadgets, apps, cars, and more, assessing their security features, what data they collect, and who they share that data with. In 2023, we compared our most recent findings with those of the past five years. It quickly became clear that products and companies are collecting more personal data than ever before — and then using that information in shady ways…

Products are getting more secure, but also a lot less private. More companies are meeting Mozilla’s Minimum Security Standards like using encryption and providing automatic software updates. That’s good news. But at the same time, companies are collecting and sharing users’ personal data like never before. And that’s bad news. Many companies now view their hardware or software as a means to an end: collecting that coveted personal data for targeted advertising and training AI. For example: The mental health app BetterHelp shares your data with advertisers, social media platforms, and sister companies. The Japanese car manufacturer Nissan collects a wide range of information, including sexual activity, health diagnosis data, and genetic information — but doesn’t specify how.
An increasing number of products can’t be used offline. In the past, the privacy conscious could always buy a connected device but turn off connectivity, making it “dumb.” That’s no longer an option in many cases. The number of connected devices that require apps and can’t be used offline are increasing. This trend, coupled with the first, means it’s harder and harder to keep your data private.

Privacy policies also need improvement. “Legalese, ambiguity, and policies that sprawl across multiple documents and URLs are the status quo. And it’s getting worse, not better. Companies use these policies as a shield, not an actual resource for consumers.” They note that Toyota has more than 10 privacy policy documents, and that it would actually take five hours to read all the privacy documents the Meta Quest Pro VR headset.

In the end they advise opting out of data collection when possible, enabling security features, and “If you’re not comfortable with a product’s privacy, don’t buy it. And, speak up. Over the years, we’ve seen companies respond to consumer demand for privacy, like when Apple reformed app tracking and Zoom made end-to-end encryption a free feature.”

You can also take a quiz that calculates your own privacy footprint (based on whether you’re using consumer tech products like the Apple Watch, Nintendo Switch, Nook, or Telegram). Mozilla’s privacy advocates award the highest marks to privacy-protecting products like Signal, Sonos’ SL Speakers, and the Pocketbook eReader (an alternative to Amazon’s Kindle. (Although 100% of the cars reviewed by Mozilla “failed to meet our privacy and security standards.”)

The graphics on the site help make its point. As you move your mouse across the page, the cartoon eyes follow its movement…

Read more of this story at Slashdot.

Source: Slashdot – Mozilla Launches Annual Digital Privacy ‘Creep-o-Meter’. This Year’s Status: ‘Very Creepy’

“Twenty phone companies may soon have all their voice calls blocked by US carriers,” reports Ars Technica, “because they didn’t submit real plans for preventing robocalls on their networks.”

The 20 carriers include a mix of US-based and foreign voice service providers that submitted required “robocall mitigation” plans to the Federal Communications Commission about two years ago. The problem is that some of the carriers’ submissions were blank pages and others were bizarre images or documents that had no relation to robocalls. The strange submissions, according to FCC enforcement orders issued Monday, included “a .PNG file depicting an indiscernible object,” a document titled “Windows Printer Test Page,” an image “that depicted the filer’s ‘Taxpayer Profile’ on a Pakistani government website,” and “a letter that stated: ‘Unfortunately, we do not have such a documents.'”

Monday’s FCC announcement said the agency’s Enforcement Bureau issued orders demanding that “20 non-compliant companies show cause within 14 days as to why the FCC should not remove them from the database for deficient filings.” The orders focus on the certification requirements and do not indicate whether these companies carry large amounts of robocall traffic. Each company will be given “an opportunity to cure any deficiencies in its robocall mitigation program description or explain why its certification is not deficient.” After the October 30 deadline, the companies could be removed from the FCC’s Robocall Mitigation Database.

Removal from the database would oblige other phone companies to block all of their calls.

Read more of this story at Slashdot.

Source: Slashdot – 20 Carriers Face Call-Blocking in the US for Submitting Fake ‘Robocall Mitigation Plans’

“Mark Zuckerberg is making good on his promise to accelerate the use of Threads,” reports Business Insider:

The Meta CEO insisted in July that the app was not in its final form. “I’m highly confident that we’re gonna be able to pour enough gasoline on this to help it grow,” Zuckerberg said. Since then, Threads has rolled out a host of major new features, including a web version, keyword search, voice posts, and the ability to edit posts, even as it avoids promoting news. Smaller things, too, like being able to follow updates in individual threads at the tap of a bell icon, a way to mass follow people mentioned in a post, and even tag people’s Instagram accounts, are now available… More Threads features are said to be on the way, like polls.

But Insider also reports that “As the app has matured quickly in recent weeks, users have started to return and downloads have continued to rise.”
So far in October, Threads has hovered around 33 million daily active users and 120 million monthly active users, according to data from Apptopia, up from about 25 million daily users and 100 million monthly users in July… Since the app launched on July 6, it’s been downloaded 260 million times, Apptopia data shows, with downloads in September almost double the downloads in August…

Although the entire team working on Threads remains small by Meta standards, around 50 people, the company was surprised by the interest in the app and “really wants it to work,” an employee said. To that end, Threads is now being integrated to an extent with Facebook and Instagram, two of the most popular apps in the world. There is a direct link to Threads on each user’s Instagram page, a post on Threads can be sent in Instagram DMs, and as of this week, Threads is being promoted within the Instagram app feed via a small carousel of select posts under the header “Threads for you….”

It’s not just Instagram, according to BGR. “If you’ve been posting some especially strange messages Threads, thinking that only the few people who follow you will see them, I have some bad news for you…”
As spotted by TechCrunch, users on Facebook have noticed something new on their News Feed: content from Threads. It appears that Meta is now showing Facebook users a new “For You from Threads” section on the News Feed that contains recommended content from the sibling social media platform.

Read more of this story at Slashdot.

Source: Slashdot – ‘Threads’ Downloads Nearly Doubled in September, as New Features Roll Out

The Washington Post tells the story of a veteran political operative and a former army intelligence officer hired to help keep in power the president of the west African nation Burkina Faso:

Their company, Percepto International, was a pioneer in what’s known as the disinformation-for-hire business. They were skilled in deceptive tricks of social media, reeling people into an online world comprised of fake journalists, news outlets and everyday citizens whose posts were intended to bolster support for [president Roch Marc] Kaboré’s government and undercut its critics. But as Percepto began to survey the online landscape across Burkina Faso and the surrounding French-speaking Sahel region of Africa in 2021, they quickly saw that the local political adversaries and Islamic extremists they had been hired to combat were not Kaboré’s biggest adversary. The real threat, they concluded, came from Russia, which was running what appeared to be a wide-ranging disinformation campaign aimed at destabilizing Burkina Faso and other democratically-elected governments on its borders.

Pro-Russian fake news sites populated YouTube and pro-Russian groups abounded on Facebook. Local influencers used WhatsApp and Telegram groups to organize pro-Russian demonstrations and praise Russian President Vladimir Putin. Facebook fan pages even hailed the Wagner Group, the Russian paramilitary network run by Yevgeniy Prigozhin, the late one-time Putin ally whose Internet Research Agency launched a disinformation campaign in the United States to influence the 2016 presidential election… Percepto didn’t know the full scope of the operation it had uncovered but it warned Kaboré’s government that it needed to move fast: Launch a counteroffensive online — or risk getting pushed out in a coup.

Three years later, the governments of five former French colonies, including Burkina Faso, have been toppled. The new leaders of two of those countries, Mali and Burkina Faso, are overtly pro-Russian; in a third, Niger, the prime minister installed after a July coup has met recently with the Russian ambassador. In Mali and the Central African Republic, French troops have been replaced with Wagner mercenaries…

Percepto’s experience in French-speaking Africa offers a rare window into the round-the-clock information warfare that is shaping international politics — and the booming business of disinformation-for-hire. Meta, the social media company that operates Facebook, Instagram and WhatsApp, says that since 2017 it has detected more than 200 clandestine influence operations, many of them mercenary campaigns, in 68 countries.
The article also makes an interesting point. “The burden of battling disinformation has fallen entirely on Silicon Valley companies.”

Read more of this story at Slashdot.

Source: Slashdot – Online ‘Information War’ in Africa Rages on Social Media

In 1999 cybersecurity pundit Bruce Schneier answered questions from Slashdot’s readers.

24 years later on his personal blog, Schneier is still offering his insights. Last month Schneier said that warnings about millions of vacant cybersecurity positions around the world never made sense to me” — and then shared this alternate theory. From the blog of cybersecurity professional Ben Rothke:
[T]here is not a shortage of security generalists, middle managers, and people who claim to be competent CISOs. Nor is there a shortage of thought leaders, advisors, or self-proclaimed cyber subject matter experts. What there is a shortage of are computer scientists, developers, engineers, and information security professionals who can code, understand technical security architecture, product security and application security specialists, analysts with threat hunting and incident response skills. And this is nothing that can be fixed by a newbie taking a six-month information security boot camp….

In fact, security roles are often not considered entry-level at all. Hiring managers assume you have some other background, usually technical before you are ready for an entry-level security job. Without those specific skills, it is difficult for a candidate to break into the profession. Job seekers learn that entry-level often means at least two to three years of work experience in a related field.

Rothke’s post offers two conclusions:

“Human resources needs to understand how to effectively hire information security professionals. Expecting an HR generalist to find information security specialists is a fruitless endeavor at best.”

“So is there really an information security jobs crisis? Yes, but not in the way most people portray it to be.”

Read more of this story at Slashdot.

Source: Slashdot – What’s Behind the Cybersecurity Jobs Shortage?

“A company backed by BlackRock has abandoned plans to build a 1,300-mile pipeline across the US Midwest to collect and store carbon emissions from the corn ethanol industry,” reports Ars Technica.

The move comes “following opposition from landowners and some environmental campaigners.”

Navigator CO2 on Friday said developing its carbon capture and storage (CCS) project called Heartland Greenway had been “challenging” because of the unpredictable nature of regulatory and government processes in South Dakota and Iowa. Navigator’s decision to scrap its flagship $3.1 billion project — one of the biggest of its kind in the US — is a blow for a fledgling industry… It also represents a setback for the carbon-intensive corn ethanol refining industry, a pillar of the rural Midwestern economy which is targeting industry-scale CCS as a way to reduce emissions…

The project faced opposition from local landowners, who expressed concerns about safety and property seizures, and some environmentalists who describe CO2 pipelines as dangerous and a way to prop up the fossil fuels industry, which already has a network of such infrastructure. Addressing the decision by Navigator, the Coalition To Stop CO2 Pipelines said it “celebrates this victory,” but added: “we also know that the tax incentives made available by the federal government for carbon capture, transport and storage likely mean another entity will pick up Navigator’s project, or find a different route through Illinois.”

The article cites one analyst at energy research firm Wood Mackenzie who believes this cancellation could benefit rival carbon-capture companies like Summit Carbon Solutions, which is planning an even larger network of CO2 pipelines throughout the Midwest, and could try to sign deals with Navigator’s former customers.

Read more of this story at Slashdot.

Source: Slashdot – Plans Abandoned for First 1,300-Mile Carbon-Capture Pipeline Across the US

404 Media (working with Court Watch) reports on a $30 Million cash-for-Bitcoin laundering ring operating in the heart of New York

For years, a gang operating in New York allegedly offered a cash-for-Bitcoin service that generated at least $30 million, with men standing on street corners with plastic shopping bags full of money, drive-by pickups, and hundreds of thousands of dollars laid out on tables, according to court records.

The records provide rare insight into an often unseen part of the criminal underworld: how hackers and drug traffickers convert their Bitcoin into cash outside of the online Bitcoin exchanges that ordinary people use. Rather than turning to sites like Coinbase, which often collaborate with and provide records to law enforcement if required, some criminals use underground, in-real-life Bitcoin exchanges like this gang which are allegedly criminal entities in their own right.

In a long spanning investigation by the FBI involving a confidential source and undercover agents, one member of the crew said “that at least some of his clients made money by selling drugs, that his wealthiest clients were hackers, and that he had made approximately $30 million over the prior three years through the exchange of cash for virtual currency,” the court records read.
Thanks to user Slash_Account_Dot for sharing the news.

Read more of this story at Slashdot.

Source: Slashdot – Inside a Million Cash-for-Bitcoin Laundering Ring In New York

“The Worker as Futurist project assists rank-and-file Amazon workers to write short speculative fiction,” explains its web site. “In a world where massive corporations not only exploit people but monopolize the power of future-making, how can workers and other people fight and write back?”

I couldn’t find any short stories displayed on their site, but there are plans to publish a book next year collecting the workers’ writing about “the world after Amazon” in print, online and in audiobook format. And there’s also a podcast about “the world Amazon is building and the workers and writers struggling for different futures.”

From their web site:
A 2022 pilot project saw over 25 workers gather online to discuss how SF shed light on their working conditions and futures. In 2023, 13 workers started to meet regularly to build their writing skills and learn about the future Amazon is compelling its workers to create… The Worker as Futurist project aims, in a small way, to place the power of the imagination back in the hands of workers. This effort is in solidarity with trade union mobilizations and workers self-organization at Amazon. It is also in solidarity with efforts by civil society to reign in Amazon’s power.
Four people involved with the project shared more details in the socialist magazine Jacobin :

At stake is a kind of corporate storytelling, which goes beyond crass propaganda but works to harness the imagination. Like so many corporations, Amazon presents itself as surfing the wave of the future, responding to the relentless and positive force of the capitalist market with innovation and optimism. Such stories neatly exonerate the company and its beneficiaries from the consequences of their choices for workers and their world…

WWS doesn’t focus on science fiction. But it does show the radical power of the imagination that comes when workers don’t just read inspiring words, but come together to write and thereby take the power of world-building and future-making back into their hands. This isn’t finding individual commercial or literary success, but dignity, imagination, and common struggle… Our “Worker as Futurist” project returns the power of the speculative to workers, in the name of discovering something new about capitalism and the struggle for something different. We have tasked these workers with writing their own futures, in the face of imaginaries cultivated by Amazon that see the techno-overlords bestride the world and the stars.
Thanks to funding from Canada’s arms-length, government-funded Social Sciences and Humanities Research Council, our team of scholars, teachers, writers, and activists has been able to pay Amazon workers (warehouse workers, drivers, copy editors, MTurk workers, and more) to participate in a series of skill-building writing workshops and information sessions. In each of these online forums, we were joined by experts on speculative fiction, on Amazon, and on workers’ struggles. At the end of this series of sessions, the participants were supported to draft the stories they wanted to tell about “The World After Amazon….”

We must envision the futures we want in order to mobilize and fight for them together, rather than cede that future to those who would turn the stars into their own private sandbox. It is in the process of writing and sharing writing we can come to an awareness of something our working bodies know but that we cannot otherwise articulate or express. The rank-and-file worker — the target of daily exploitation, forced to build their boss’s utopia — may have encrypted within them the key to destroying his world and building a new one.

Read more of this story at Slashdot.

Source: Slashdot – Amazon Workers’ Sci-Fi Writing Is Imagining a World After Amazon

Linus Torvalds has said he bought a Dell XPS-13 with Ubuntu Linux for his daughter. Now ZDNet shares some trivia from the history of “the most well-known Linux laptop,” citing a presentation by Barton George, Dell Technologies’ Developer Community manager, at the Linux/open-source conference All Things Open:

First, however, you should know that Dell has supported Linux desktops and laptops since the middle 2000s. In 2006, Michael Dell told me that Dell would be the first major PC vendor to release and support desktop Linux — and this proved to be a success. Barton George explained that Dell had always done great volume with these computers. Not volume, like the Windows machines, of course, but enough that Dell has always offered Linux-based — primarily Red Hat Enterprise Linux (RHEL) powered — workstations.

Still, none of these machines really appealed to developers… George announced on his personal blog what Dell was planning, and his traffic went from 60 views a day to 15,000. Then, as now, there’s a lot of interest in laptops that come with Linux ready to go… Dell got together with Canonical, Ubuntu Linux’s parent company, to make sure all the drivers were in place for a top-notch Ubuntu Linux developer desktop experience. Indeed, the name ‘Project Sputnik’ is a nod to Mark Shuttleworth, Ubuntu founder and Canonical CEO. A decade before the project itself, Shuttleworth had spent eight days orbiting the Earth in a Soviet Soyuz spacecraft. George and the crew decided “Soyuz” didn’t have an inspiring ring to it, so the company went with “Sputnik” instead.

George continued: “We announced a beta program for the machine with a 10% off offer. We thought, well, we’ll probably get 300 people. Instead, we got 6,000. This is where senior management said OK, you’ve got something real.”

Read more of this story at Slashdot.

Source: Slashdot – How Ubuntu Linux Snuck Into High-End Dell Laptops

Slashdot reader Striek remembers Silicon Valley’s long history of open source develoipment — and how HashiCorp “made the controversial decision to change licenses from the Mozilla Public License to MariaDB’s Business Source Licesne. The key difference between these two licenses is that the BSL limits its grant to “non-production use”.

HashiCorp’s CEO is now predicting there would be âoeno more open source companies in Silicon Valleyâ unless the community rethinks how it protects innovation, reports The Stack:

While open source advocates had slammed [HashiCorp’s] license switch, CEO Dave McJannet described the reaction from its largest customers as “Great. Because you’re a critical partner to us and we need you to be a big, big company.” Indeed, he claimed that “A lot of the feedback was, ‘we wished you had done that sooner'” — adding that the move had been discussed with the major cloud vendors ahead of the announcement. “Every vendor over the last three or four years that has reached any modicum of scale has come to the same conclusion,” said McJannet. “It’s just the realisation that the open source model has to evolve, given the incentives that are now in the market.”

He claimed the historic model of foundations was broken, as they were dominated by legacy vendors. Citing the case of Hadoop, he said: “They’re a way for big companies to protect themselves from innovation, by making sure that if Hadoop becomes popular, IBM can take it and sell it for less because they are part of that foundation.” The evolution to putting open source products on GitHub had worked “really, really well” but once a project became popular, there was an incentive for “clone vendors to start taking that stuff.” He claimed that “My phone started ringing materially after we made our announcement from every open source startup in Silicon Valley going ‘I think this is the right model’.”

He said the Linux Foundation’s adoption of Open Tofu raised serious questions. “What does it say for the future of open source, if foundations will just take it and give it a home. That is tragic for open source innovation. I will tell you, if that were to happen, there’ll be no more open source companies in Silicon Valley.”

Hashicorp also announced a beta using generative AI to produce new module tests, and HCP Vault Radar, which scans code for secrets, personally identifiable information, dependency vulnerabilities, and non-inclusive language.

Read more of this story at Slashdot.

Source: Slashdot – Unless Open Source Evolves, HashiCorp CEO Predicts OSS-Free Silicon Valley

An anonymous reader shared this report from SciTechDaily:

Since the 1980s, researchers have observed significant periods of unrest in a region of California’s Eastern Sierra Nevada mountains characterized by swarms of earthquakes as well as the ground inflating and rising by almost half an inch per year during these periods. The activity is concerning because the area, called the Long Valley Caldera, sits atop a massive dormant supervolcano… What is behind the increased activity in the last few decades? Could it be that the area is preparing to erupt again? Or could the uptick in activity actually be a sign that the risk of a massive eruption is decreasing?

To answer these questions, Caltech researchers have created the most detailed underground images to date of the Long Valley Caldera, reaching depths up to 10 kilometers within the Earth’s crust. These high-resolution images reveal the structure of the earth beneath the caldera and show that the recent seismic activity is a result of fluids and gases being released as the area cools off and settles down.

The work was conducted in the laboratory of Zhongwen Zhan (PhD ’14), professor of geophysics. A paper describing the research was published on October 18 in the journal Science Advances. “We don’t think the region is gearing up for another supervolcanic eruption, but the cooling process may release enough gas and liquid to cause earthquakes and small eruptions,” says Zhan. “For example, in May 1980, there were four magnitude 6 earthquakes in the region alone.”

Read more of this story at Slashdot.

Source: Slashdot – California Supervolcano: Caltech’s ‘Chilling’ Discovery In Long Valley Caldera

Breached web sites distribute malware to visitors by claiming they need to update their browser. But one group of attackers “have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement,” reports security researcher Brian Krebs.

“By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain.”

[W]hen Cloudflare blocked those accounts the attackers began storing their malicious files as cryptocurrency transactions in the Binance Smart Chain (BSC), a technology designed to run decentralized apps and “smart contracts,” or coded agreements that execute actions automatically when certain conditions are met. Nati Tal, head of security at Guardio Labs, the research unit at Tel Aviv-based security firm Guardio, said the malicious scripts stitched into hacked WordPress sites will create a new smart contract on the BSC Blockchain, starting with a unique, attacker-controlled blockchain address and a set of instructions that defines the contract’s functions and structure. When that contract is queried by a compromised website, it will return an obfuscated and malicious payload.

“These contracts offer innovative ways to build applications and processes,” Tal wrote along with his Guardio colleague Oleg Zaytsev. “Due to the publicly accessible and unchangeable nature of the blockchain, code can be hosted ‘on-chain’ without the ability for a takedown.” Tal said hosting malicious files on the Binance Smart Chain is ideal for attackers because retrieving the malicious contract is a cost-free operation that was originally designed for the purpose of debugging contract execution issues without any real-world impact. “So you get a free, untracked, and robust way to get your data (the malicious payload) without leaving traces,” Tal said.

In response to questions from KrebsOnSecurity, the BNB Smart Chain (BSC) said its team is aware of the malware abusing its blockchain, and is actively addressing the issue. The company said all addresses associated with the spread of the malware have been blacklisted, and that its technicians had developed a model to detect future smart contracts that use similar methods to host malicious scripts. “This model is designed to proactively identify and mitigate potential threats before they can cause harm,” BNB Smart Chain wrote. “The team is committed to ongoing monitoring of addresses that are involved in spreading malware scripts on the BSC. To enhance their efforts, the tech team is working on linking identified addresses that spread malicious scripts to centralized KYC [Know Your Customer] information, when possible.”

Read more of this story at Slashdot.

Source: Slashdot – Scammers Try Hosting Their Malware on a Binance Network

“The major online platforms are breaking up with news,” reports the New York Times:

Campbell Brown, Facebook’s top news executive, said this month that she was leaving the company. Twitter, now known as X, removed headlines from the platform days later. The head of Instagram’s Threads app, an X competitor, reiterated that his social network would not amplify news. Even Google — the strongest partner to news organizations over the past 10 years — has become less dependable, making publishers more wary of their reliance on the search giant. The company has laid off news employees in two recent team reorganizations, and some publishers say traffic from Google has tapered off… Some executives of the largest tech companies, like Adam Mosseri at Instagram, have said in no uncertain terms that hosting news on their sites can often be more trouble than it is worth because it generates polarized debates…

Publishers seem resigned to the idea that traffic from the big tech companies will not return to what it once was. Even in the long-fractious relationship between publishers and tech platforms, the latest rift stands out — and the consequences for the news industry are stark. Many news companies have struggled to survive after the tech companies threw the industry’s business model into upheaval more than a decade ago. One lifeline was the traffic — and, by extension, advertising — that came from sites like Facebook and Twitter. Now that traffic is disappearing. Top news sites got about 11.5% of their web traffic in the United States from social networks in September 2020, according to Similarweb, a data and analytics company. By September this year, it was down to 6.5%…

The sharp decline in referral traffic from social media platforms over the past two years has hit all news publishers, including The New York Times. The Wall Street Journal noticed a decline starting about 18 months ago, according to a recording of a September staff meeting obtained by the Times. “We are at the mercy of social algorithms and tech giants for much of our distribution,” Emma Tucker, the Journal’s editor-in-chief, told the newsroom in the meeting…

Google cut some members of its news partnership team in September, and this week it laid off as many as 45 workers from its Google News team, the Alphabet Workers Union said. (The Information, a tech news website, reported the Google News layoffs earlier.) “We’ve made some internal changes to streamline our organization,” Jenn Crider, a Google spokesperson, said in a statement… Jaffer Zaidi [Google’s vice president of global news partnerships], wrote in an internal memo reviewed by the Times that the team would be adopting more artificial intelligence. “We had to make some difficult decisions to better position our team for what lies ahead,” he wrote…

Privately, a number of publishers have discussed what a post-Google traffic future may look like and how to better prepare if Google’s AI products become more popular and further bury links to news publications.

Read more of this story at Slashdot.

Source: Slashdot – What Happens When Major Online Platforms Lower Traffic to News Sites?

Images from the James Webb Space Telescope “don’t match scientists’ models of how the universe formed,” reports the Washington Post.

“But it might not be time to dump the standard model of cosmology yet. ”

A recent analysis in the Astrophysical Journal Letters suggests an explanation for the surprisingly massive-seeming galaxies: brilliant, extremely bright bursts of newborn stars.

The galaxies photographed by the telescope looked far too mature and large to have formed so fully so soon after the universe began, raising questions about scientists’ assumptions of galaxy formation. But when researchers ran a variety of computer simulations of the universe’s earliest days, they discovered that the galaxies probably are not as large as they seem. Instead, they attribute their brightness to a phenomenon called “bursty star formation.” As clouds of dust and debris collapse, they form dense, high-temperature cores and become stars. Bursty galaxies spit out new stars in intermittent, bright bursts instead of creating stars more consistently. Usually, these galaxies are low in mass and take long breaks between starbursts.
Because the galaxies in question look so bright in photos produced by the Webb telescope, scientists at first thought they were older and more massive. But bursty systems with the ability to produce extremely bright, abundant light may appear more massive than they really are.
“Not only does this finding explain why young galaxies appear deceptively massive, it also fits within the standard model of cosmology,” explains the announcement:
In the new study, Guochao Sun, who led the study, Northwestern’s, Claude-André Faucher-Giguère, the study’s senior author, and their team used advanced computer simulations to model how galaxies formed right after the Big Bang. The simulations produced cosmic dawn galaxies that were just as bright as those observed by the JWST…

Although other astrophysicists have hypothesized that bursty star formation could be responsible for the unusual brightness of galaxies at cosmic dawn, the Northwestern researchers are the first to use detailed computer simulations to prove it is possible. And they were able to do so without adding new factors that are unaligned with our standard model of the universe.

Read more of this story at Slashdot.

Source: Slashdot – JWST’s Disconnect With Cosmology Models Linked to ‘Bursty Star Formations’

Nearly two dozen species are being taken off America’s endangered species list, reports CBS News, “because they are extinct, the U.S. Fish and Wildlife Service said Monday.”

Most of the species were listed under the Endangered Species Act in the 1970s or 1980s and were very low in numbers or likely already extinct at the time of listing. In the years since, “rigorous reviews of the best available science” have been conducted to determine whether the animals are extinct. “Federal protection came too late to reverse these species’ decline, and it’s a wake-up call on the importance of conserving imperiled species before it’s too late,” Service Director Martha Williams said. Scientists in 2019 warned that worldwide, 1 million species of plants and animals were at risk of extinction.

There are more than 1,300 species listed as either endangered or threatened in the United States under the Endangered Species Act. The 21 species being removed include one mammal, 10 types of birds, two species of fish and eight types of mussels. Eight of the 21 species were found in Hawaii.

From the agency’s announcement:
The 21 species extinctions highlight the importance of the Endangered Species Act and efforts to conserve species before declines become irreversible. The circumstances of each also underscore how human activity can drive species decline and extinction by contributing to habitat loss, overuse, and the introduction of invasive species and diseases…

The Endangered Species Act has been highly effective and credited with saving 99% of listed species from extinction. Thus far, more than 100 species of plants and animals have been delisted based on recovery or reclassified from endangered to threatened based on improved conservation status, and hundreds more species are stable or improving thanks to the collaborative actions of Tribes, federal agencies, state and local governments, conservation organizations and private citizens.

An official from the agency said in the announcement “The ultimate goal is to recover these species, so they no longer need the Act’s protection.”

Read more of this story at Slashdot.

Source: Slashdot – 21 Species Moved From ‘Endangered’ to ‘Extinct’ in America

An anonymous reader quotes a report from CNN: China has unveiled plans to restrict exports of graphite — a mineral crucial to the manufacture of batteries for electric vehicles (EVs) — on national security grounds, the Ministry of Commerce and the General Administration of Customs said Friday. The announcement comes just days after the United States imposed additional limits on the kinds of semiconductors that American companies can sell to Chinese firms. China, which dominates the world’s production and processing of graphite, says export permits will be needed, starting in December, for synthetic graphite material — including high-purity, high-strength and high-density versions — as well as for natural flake graphite. […]

According to the US Geological Survey (PDF), the market for graphite used in batteries has grown 250% globally since 2018. China was the world’s leading graphite producer last year, accounting for an estimated 65% of global production, it said. Besides EVs, graphite is commonly used in the semiconductor, aerospace, chemical and steel industries. The export curbs were announced as China faces pressure from multiple governments over its commercial and trade practices. For more than a year, it has been embroiled in a tech war with the United States and its allies in Europe and Asia over access to advanced chips and chipmaking equipment. “At the moment both China and Western countries are engaged in a tit for tat, highlighting how protectionist measures often spread. Newton’s third law that every action causes a reaction applies here, too,” said Stefan Legge, head of tax and trade policy research at the University of St Gallen in Switzerland.

“At the same time, both sides of the dispute also realize how costly it is if geopolitics trumps economics,” he added.

Read more of this story at Slashdot.

Source: Slashdot – China Restricts Exports of Graphite As It Escalates a Global Tech War