Monthly Archives: June 2022

How carbon emissions got caught up in a Supreme Court showdown

Posted on by
A man walks up the steps of the US Supreme Court.

Enlarge / A man walks up the steps of the US Supreme Court. (credit: Mark Wilson/Getty Images)

Thursday’s Supreme Court decision regarding the use of the Clean Air Act to regulate carbon dioxide emissions from power plants comes down to two specific issues: Should the Supreme Court take the case at all; and did Congress delegate sufficient authority to the EPA for it to implement a specific regulatory scheme first proposed during the Obama administration? But the case was decided against a backdrop of conflict between the court’s conservative and liberal justices, and some of that conflict spills into this decision.

We’ll tackle each issue below and discuss what this means for US climate policy. But one thing that should be clear is that this is a fairly minimalist decision since it applies only to the EPA’s ability to regulate carbon emissions from existing facilities and not to environmental regulations more broadly. While it doesn’t leave the EPA with an obvious next step, it leaves avenues for regulating new power plant construction.

Why now?

As described in our immediate coverage, the decision is focused on the Clean Power Plan, a set of EPA rules formulated during the Obama years that immediately faced lawsuits that put it on hold, where it remained until the Trump administration rescinded it. With yet another new administration in place, the EPA is now formulating replacement rules. As such, the EPA saw no reason for the Supreme Court to intervene at this point.

Read 20 remaining paragraphs | Comments



Source: Ars Technica – How carbon emissions got caught up in a Supreme Court showdown

How to Install Nginx, MariaDB, and PHP (LEMP Stack) on AlmaLinux 8 and Rocky Linux 8

Posted on by

LEMP is a popular web hosting stack used by developers and web hosting companies to test and host web applications. It comprises 3 components: the Nginx ( pronounced as Engine-X) webserver, MariaDB, and PHP which is a server-side scripting language. In this walkthrough, you will learn how to install the LEMP stack on AlmaLinux and Rocky Linux 8.4.

The post How to Install Nginx, MariaDB, and PHP (LEMP Stack) on AlmaLinux 8 and Rocky Linux 8 appeared first on Linux Today.



Source: Linux Today – How to Install Nginx, MariaDB, and PHP (LEMP Stack) on AlmaLinux 8 and Rocky Linux 8

OpenSea users' email addresses leaked in data breach

Posted on by

NFT marketplace OpenSea shared today that it’s the victim of another data breach — though this time the target is one of its vendors. An employee of its email delivery vendor, Customer.io, allegedly downloaded and shared stored email addresses associated with OpenSea accounts and newsletter subscriptions with an unknown third party. Any OpenSea account holder or newsletter subscriber should assume their email address was among those impacted, according to a blog post by the company’s head of security Cory Hardman. At this time it does not appear any passwords or other personal information was stolen.

The company is working with Customer.io to investigate the matter. “Please stay vigilant about your email practices, and be alert for any attempt to impersonate OpenSea via email,” wrote Hardman.

Unlike a previous phishing attack on OpenSea in February that resulted in hundreds of NFTs being stolen, there appears to be no further reported damage beyond the leaked email addresses. Still, the number of people likely impacted by the breach is significant. Hackread noted that 1.8 million users made purchases through the Ethereum network on OpenSea, according to data from Dune Analytics.

Yesterday the company sent emails to OpenSea users who they suspected were involved, warning them to be on the lookout for phishing emails and other scams. Beyond standard advice such as not to download attachments or click on a link from an OpenSea email, users were also warned not to sign wallet transactions directly from an email or to share or confirm secret wallet phrases.

The identity of the third party who received the breached email addresses has not been revealed. A representative from Customer.io toldTechCrunch that the employee behind the breach had “role-specific” access to the OpenSea data that they abused. “We do not believe any other clients’ data has been compromised, but we are continuing to investigate. The employee in question has had all access removed and has been suspended pending the conclusion of our investigation.”



Source: Engadget – OpenSea users’ email addresses leaked in data breach

No AML Checks For Most Transfers To Unhosted Crypto Wallets, EU Policymakers Decide

Posted on by

A Wednesday meeting secured a final deal on anti-money laundering legislation for crypto transfers and largely overturned a proposal from the EU Parliament to impose laundering checks on all payments to private wallets. CoinDesk reports: The final proposals will mean customer identity needs to be verified for even the smallest crypto transfers, if it’s between two regulated digital wallet providers — but payments to unhosted private wallets will largely be left out of laundering checks. EU lawmakers and government representatives have been meeting over the last three months to hash out a political deal on the bill, which was introduced in July 2021 by the European Commission. Two sources leaving the meeting, who asked not to be named, told CoinDesk a deal had been reached on the legislation after just over an hour of talks.

Just under an hour following the publication of this article, EU lawmaker Ondrej Kovarik confirmed the provisional deal in a tweet, saying that it “strikes the right balance in mitigating risks for fighting money laundering in the crypto sector without preventing innovation and overburdening businesses.” Outside the meeting room, Kovarik told CoinDesk that negotiators had found a “good balance” that would not prevent innovation. “It will allow the further development of crypto in Europe,” Kovarik said.

For the rules on transfers to unhosted wallets, Kovarik said the final result had “moved quite far from the initial proposal of the European Parliament” — something likely to be met by a sigh of relief by many in the industry. Kovarik said those unhosted wallet rules would only apply when transfers were made to a person’s own private wallet, and only when the value was over 1,000 euros ($1,052). […] Lawmakers and governments overturned European Commission plans to exempt small transactions, arguing that price volatility and the ability to break up payments into smaller chunks would make it unworkable for crypto. Further reading: Crypto Rules To Make Europe a Global Leader As Prices Plunge (The Associated Press)

Read more of this story at Slashdot.



Source: Slashdot – No AML Checks For Most Transfers To Unhosted Crypto Wallets, EU Policymakers Decide

Someone Reportedly Bought Up $40k Of Stock To Ask Nintendo About F-Zero

Posted on by

Many Nintendo fans desperately want a new entry in the popular sci-fi racing series, F-Zero. However, only one diehard fan was reportedly dedicated enough to spend over 5 million yen (roughly $40,000 US) on Nintendo stock, giving him a chance to ask the Japanese publisher about F-Zero and its future directly.

Read more…



Source: Kotaku – Someone Reportedly Bought Up k Of Stock To Ask Nintendo About F-Zero

New Algorithm Can Predict Future Crime a Week In Advance, With 90% Accuracy

Posted on by

An anonymous reader quotes a report from PsychNewsDaily: Scientists from the University of Chicago have developed a new algorithm that can predict future crime a week in advance with about 90% accuracy, and within a range of about 1000 feet. It does so by learning patterns from public data on violent and property crimes. The tool was tested and validated using historical data from the City of Chicago around two broad categories of reported events: violent crimes (homicides, assaults, and batteries) and property crimes (burglaries, thefts, and motor vehicle thefts). These data were used because they were most likely to be reported to police in urban areas where there is historical distrust and lack of cooperation with law enforcement. Such crimes are also less prone to enforcement bias, unlike drug crimes, traffic stops, and other misdemeanor infractions.

The new model isolates crime by looking at the time and spatial coordinates of discrete events, and detecting patterns to predict future events. It divides the city into “spatial tiles” roughly 1,000 feet across, and predicts crime within these areas. Previous models relied more on traditional neighborhood or political boundaries, which are subject to bias. The model performed just as well with data from seven other U.S. cities: Atlanta, Austin, Detroit, Los Angeles, Philadelphia, Portland, and San Francisco.

Lead author Ishanu Chattopadhyay is careful to note that the tool’s accuracy does not mean it should be used to direct law enforcement policy; police departments, for example, should not use it to swarm neighborhoods proactively to prevent crime, Chattopadhyay said. Instead, it should be added to a toolbox of urban policies and policing strategies to address crime. “We created a digital twin of urban environments. If you feed it data from what happened in the past, it will tell you what’s going to happen in the future,” he said. “It’s not magical; there are limitations, but we validated it and it works really well,” Chattopadhyay added. “Now you can use this as a simulation tool to see what happens if crime goes up in one area of the city, or there is increased enforcement in another area. If you apply all these different variables, you can see how the systems evolve in response.” The findings have been published in the journal Nature Human Behavior.

Read more of this story at Slashdot.



Source: Slashdot – New Algorithm Can Predict Future Crime a Week In Advance, With 90% Accuracy

Microsoft Exchange servers worldwide hit by stealthy new backdoor

Posted on by
Microsoft Exchange servers worldwide hit by stealthy new backdoor

Enlarge (credit: Getty Images)

Researchers have identified stealthy new malware that threat actors have been using for the past 15 months to backdoor Microsoft Exchange servers after they have been hacked.

Dubbed SessionManager, the malicious software poses as a legitimate module for Internet Information Services (IIS), the web server installed by default on Exchange servers. Organizations often deploy IIS modules to streamline specific processes on their web infrastructure. Researchers from security firm Kaspersky have identified 34 servers belonging to 24 organizations that have been infected with SessionManager since March 2021. As of earlier this month, Kaspersky said, 20 organizations remained infected.

Stealth, persistence, power

Malicious IIS modules offer an ideal means to deploy powerful, persistent, and stealthy backdoors. Once installed, they will respond to specifically crafted HTTP requests sent by the operator instructing the server to collect emails, add further malicious access, or use the compromised servers for clandestine purposes. To the untrained eye, the HTTP requests look unremarkable, even though they give the operator complete control over the machine.

Read 5 remaining paragraphs | Comments



Source: Ars Technica – Microsoft Exchange servers worldwide hit by stealthy new backdoor

Apple's Godzilla and the Titans Series Casts Anna Sawai and Kiersey Clemons

Posted on by

Bring on the Titans in this Godzilla spin-off from Legendary Television and Apple. Variety announced the ensemble for the untitled series will be led by The Flash’s Kiersey Clemons and Pachinko’s Anna Sawai, and will also feature Ren Watabe, Joe Tippett, and Elisa Lasowski.

Read more…



Source: Gizmodo – Apple’s Godzilla and the Titans Series Casts Anna Sawai and Kiersey Clemons

Markets Head Toward Worst First Half of a Year in Decades

Posted on by

Global markets are set to close out their most bruising first half of a year in decades, leaving investors bracing for the prospect of further losses. From a report: Accelerating inflation and rising interest rates have fueled a monthslong rout that left few markets unscathed. The S&P 500 fell 20% through Wednesday, heading for its worst first half of a year since 1970, according to Dow Jones Market Data. Investment-grade bonds, as measured by the iShares Core U.S. Aggregate Bond exchange-traded fund, lost 11% — on course for their worst start to a year ever. Stocks and bonds in emerging markets tumbled, hurt by slowing growth. And cryptocurrencies came crashing down, saddling individual investors and hedge funds alike with steep losses.

About the only thing that rose in the first half was commodities prices. Oil prices surged above $100 a barrel, and U.S. gas prices hit records after the Russia-Ukraine war upended imports from Russia, the world’s third-largest oil producer. Now, investors seem to be in agreement about only one thing: More volatility is ahead. That is because central banks from the U.S. to India and New Zealand plan to keep raising interest rates to try to rein in inflation. The moves will likely slow down growth, potentially tipping economies into recession and generating further tumult across markets. “That’s the biggest risk right now — inflation and the Fed,” said Katie Nixon, chief investment officer for Northern Trust Wealth Management.

Read more of this story at Slashdot.



Source: Slashdot – Markets Head Toward Worst First Half of a Year in Decades

EA Revealed ‘Pre-Pre-Pre Alpha’ Skate Footage On Purpose This Time

Posted on by

EA has finally peeled back the griptape on developer Full Circle’s next Skate game…sorta. It’s not like there’s an official release date or any definitive news other than the fact that the team is “still working” on it. However, today EA Full Circle did drop some “pre-pre-pre-alpha” gameplay footage showing off what’s…

Read more…



Source: Kotaku – EA Revealed ‘Pre-Pre-Pre Alpha’ Skate Footage On Purpose This Time

Nordic Walking Is Pretty Badass, Actually

Posted on by

I was skeptical of Nordic Walking when I first heard of it. It seemed like a try at commodifying taking a stroll, like, “You’re not really walking until you’re doing it with these expensive walking poles,” but after looking into the research behind it, my mind was changed completely.

Read more…



Source: LifeHacker – Nordic Walking Is Pretty Badass, Actually

USB installer tool removes Windows 11’s Microsoft account requirements (and more)

Posted on by
The Rufus tool will offer to modify your Windows 11 install media when you create it. The workaround for the Microsoft account requirement is new to the 3.19 beta.

Enlarge / The Rufus tool will offer to modify your Windows 11 install media when you create it. The workaround for the Microsoft account requirement is new to the 3.19 beta. (credit: Andrew Cunningham)

One of the new “features” coming to the Windows 11 22H2 update is a Microsoft account requirement for all new installs, regardless of whether you are using the Home or Pro version of the operating system. And that’s too bad, because the 22H2 update corrects a few of Windows 11’s original shortcomings while adding some nice quality-of-life improvements.

An easy workaround for this requirement is the Rufus USB formatting tool, which can create USB install media for Windows and all kinds of other operating systems. Rufus has already offered some flags to remove Windows 11’s system requirements checks from the installer, removing the need for clunky Windows Registry edits and other workarounds. But the beta of version 3.19 will also remove the Microsoft account requirement for new installs, making it easy to set up a new Windows PC with a traditional local account.

When setting up Windows 11, make sure not to connect your PC to the Internet before creating your user account. This trick worked to circumvent the Microsoft account requirement in Windows 11 Pro and some of the later versions of Windows 10 but is being removed entirely from Windows 11 22H2. The Rufus tool merely reverts to the pre-22H2 status quo.

Read 2 remaining paragraphs | Comments



Source: Ars Technica – USB installer tool removes Windows 11’s Microsoft account requirements (and more)

Google Consolidates Its Chrome and Android Password Managers

Posted on by

Google today announced an update to its password manager that will finally introduce a consistent look-and-feel across the service’s Chrome and Android implementations. From a report: Users will soon see a new unified user experience that will automatically group multiple passwords for the same sites or apps together, as well as a new shortcut on the Android home screen to get access to these passwords. In addition to this, Google is also now adding a new password-related feature to Chrome on iOS, which can now generate strong passwords for you (once you set Chrome as an autofill provider). Meanwhile, on Android, Google’s password check can now also flag weak and re-used passwords and help you to automatically change them, while Chrome users across platforms will now see compromised password warnings.

Read more of this story at Slashdot.



Source: Slashdot – Google Consolidates Its Chrome and Android Password Managers