Richard Stallman Discusses Privacy Risks of Bitcoin, Suggests 'Something Much Better'

Richard Stallman gave a new interview to the site Cointelegraph, which asked him his feelings about cryptocurrencies. “I’m not against them,” Stallman answers “I’m not campaigning to eliminate them, I just don’t particularly want to use them.”

Cointelegraph then asks Stallman how he feels about tests underway for the Chinese government’s own central bank digital currency:

Richard Stallman: “Digital payment systems are fundamentally dangerous if they are not engineered to ensure privacy. China is the enemy of privacy. China shows what totalitarian surveillance is like. I consider that hell on earth. That’s part of why I haven’t used cryptocurrencies that are issued by the community. If the cryptocurrency is issued by a government, it would surveille people just the way credit cards do and PayPal does, and all those other systems meaning completely unacceptable.”
Stallman later says “I don’t do any kind of digital payments, and the reason is the systems that exist do not respect the user’s privacy, and that includes Bitcoin. Every Bitcoin transaction is published.” But when Cointelegraph asks about various Bitcoin modifications designed for privacy, Stallman answers “I am not convinced about them.”

Richard Stallman: In any case, the GNU project has developed something much better, which is GNU Taler. GNU Taler is not a cryptocurrency. It is not a currency at all. It is a payment system designed to be used for anonymous payments to businesses to buy something. It is anonymous through a blind signature for the payer. However, the payee has to identify itself for every purchase in order to get money out of the system. So the idea is you can use your bank account to get Taler Tokens, and you can spend them and the payee won’t be able to tell who you are.

It won’t be able to tell that you got the token from a particular bank account at a particular time, even though you did so. To convert your payment into money in its own bank, the store (the payee) will have to identify itself. So this gives privacy in a much more reliable way than cryptocurrencies do, and it blocks the idea of using this system to enable tax evasion.

GNU Taler recently had an exciting milestone. A few months ago the eurozone banking system became interested in supporting Taler payments, and just recently they succeeded using a test setup in obtaining Taler tokens with one bank account and paying them to another bank account through the Taler system. Now, it’s not something that anybody can use but it will be, and that will be really exciting.
And in response to a question about Facebook’s “Libra” digital currency project, Stallman says he hasn’t study the details “because the most important thing about it I already know. It’s connected with Facebook, and Facebook means surveillance.

“I urge people to join me in absolutely refusing to use Facebook or rather be used by Facebook. Because Facebook doesn’t have users. Facebook has used. So don’t be a sucker, don’t be used by Facebook.”

Read more of this story at Slashdot.

Source: Slashdot – Richard Stallman Discusses Privacy Risks of Bitcoin, Suggests ‘Something Much Better’

New Free Software Foundation Video Mocks Proprietary Remote-Learning Software

“Computer user freedom is a matter of justice,” argues a new video released Friday by the Free Software Foundation:

The University of Costumed Heroes is an animated video telling the story of a group of heroes falling prey to the powers of proprietary software in education. The university board acquires cutting-edge remote learning software that enables them to continue their operations online, but — [SPOILER ALERT] — it may sow the seeds of their downfall.

This video is the second in a series of animated videos created by the Free Software Foundation (FSF), and this one is themed around our campaign against the use of proprietary remote education software. We must reverse the trend of forsaking young people’s freedom, which has been accelerating as corporations try to capitalize on the need to establish new remote education practices. Free software not only protects the freedoms of your child or grandchild by allowing people to study the source code for any malicious functionalities, it also communicates important values like autonomy, sharing, social responsibility, and collaboration.

“Help give students #UserFreedom,” reads a tagline below the video, which shows what happens when the university forsakes an ethical remote-learning platform that safeguards computer user freedom for a proprietary AI-powered alternative. But don’t worry, the bad guys eventually learn their lesson.

“Noo!! Defeated by the Free Software Foundation once again!”

Read more of this story at Slashdot.

Source: Slashdot – New Free Software Foundation Video Mocks Proprietary Remote-Learning Software

Some Cities are Combining Basic Incomes with Local Currenices

Bloomberg looks at some interesting local currency programs that have been implemented around the world. And in at least one case money “is literally being made from trees” — the wooden dollars being printed in a small city in the northwest U.S. and distributed to the needy in monthly stipends.

“We preach localism and investing in our local community,” says mayor Wayne Fournier, “and the idea with this scheme is that we’ll stand together as a community and provide relief to individuals that need it while fueling consumption.”

Since the launch in May, cities from Arizona to Montana and California have been in contact with Tenino for advice about starting their own local currencies. “We have no idea what is going to happen next in 2020,” adds Fournier. “But cities like ours need to come up with niche ways to be sustainable without relying on the larger world…”

As in Tenino, the Brazilian city of Maric, in Rio de Janeiro state, combines a local currency with a basic income program. Around 80,000 residents, nearly half of the population, receive 130 reais ($35) each per month, without any conditions about how they can spend the money. Launched in 2014, the money is distributed in “Mumbuca,” the city’s local currency, which is not accepted in the rest of Brazil. “This can become a model on how a city can efficiently disburse social benefits during the pandemic, supporting poor families while they stay at home and also small business during the crisis,” says Eduardo Diniz, professor of banking and technology at the São Paulo School of Business Administration, who has been researching public policies using community currencies since 2014…
Inspired by blockchain technology, England’s northern city of Hull created the world’s first digital-only local currency in 2018, providing discounts of up to 50% on goods and services for those that did voluntary work with local organizations.

A similar Dutch project, Samen Doen, rewards those who carry out socially beneficial activities such as caring for the elderly.

Read more of this story at Slashdot.

Source: Slashdot – Some Cities are Combining Basic Incomes with Local Currenices

WSJ: Qualcomm Asks US Government to Let it Sell Chips to Huawei

“The Wall Street Journal said it had obtained a Qualcomm presentation lobbying the U.S. government to remove restrictions and let it sell Snapdragon processors to Huawei,” reports Engadget:

The ban won’t prevent Huawei from obtaining necessary parts and could just drive “billions of dollars” of U.S. sales to foreign chip makers like MediaTek and Samsung, Qualcomm reportedly said — lifting the chip ban would theoretically help American companies stay competitive.

There could be a “rapid shift in 5G chipset market share” if Qualcomm is restricted while its foreign rivals aren’t, Qualcomm said.

Read more of this story at Slashdot.

Source: Slashdot – WSJ: Qualcomm Asks US Government to Let it Sell Chips to Huawei

Linus Torvalds: Linux 5.8 "One of our Biggest Releases of All Time"

This week saw the release Linux 5.8, which Linus Torvalds called “one of our biggest releases of all time,” reports TechRepublic:
The new version of the Linux kernel brings a number of updates to Linux 5.7 spanning security, core components, drivers, memory management, networking and improvements to the kernel’s design, amongst others. This includes updates for Microsoft’s Hyper-V virtualization platform, Intel Tiger Lake Thunderbolt support, improvements to Microsoft’s exFAT file system, and support for newer Intel and ARM chips.
Torvalds said the kernel had received over 15,000 merge requests and that around 20% of all the files in the kernel source repository had been modified. “That’s really a fairly big percentage, and while some of it is scripted, on the whole it’s really just the same pattern: 5.8 has simply seen a lot of development,” Torvalds said.
Translated into numbers, Linux 5.8 includes over 800,000 new lines and over 14,000 changed files. It also received one of the biggest number of merge requests during its merge window — over 14,000 non-merge commits and more than 15,000 including merges, according to Torvalds. “5.8 looks big. Really big,” he added.

Read more of this story at Slashdot.

Source: Slashdot – Linus Torvalds: Linux 5.8 “One of our Biggest Releases of All Time”

Researcher Breakthrough Turns Carbon Dioxide Into Ethanol

Slashdot reader Third Position quotes CleanTechnica:
According to a press release from Argonne National Laboratory, researchers at the lab, working with partners at Northern Illinois University, have discovered a new electrocatalyst that converts carbon dioxide and water into ethanol with very high energy efficiency, high selectivity for the desired final product, and low cost. Ethanol is a particularly desirable commodity because it is an ingredient in nearly all U.S. gasoline and is widely used as an intermediate product in the chemical, pharmaceutical, and cosmetics industries.

“The process resulting from our catalyst would contribute to the circular carbon economy, which entails the reuse of carbon dioxide,” says Di-Jia Liu, senior chemist in Argonne’s chemical sciences and engineering division and also a scientist at the Pritzker School of Molecular Engineering at the University of Chicago. “The process resulting from our catalyst would contribute to the circular carbon economy, which entails the reuse of carbon dioxide,” he says. The new electrochemical process converts carbon dioxide emitted from industrial processes, such as fossil fuel power plants or alcohol fermentation plants, into valuable commodities at reasonable cost… It breaks down carbon dioxide and water molecules and selectively reassembles them into ethanol using an external electrical field.

“What we are witnessing is a convergence of technologies that may result in ways to substantially lower the amount of carbon dioxide that gets added to the atmosphere by industry,” writes CleanTechnica, ” and at far lower cost than previously thought possible.”

Read more of this story at Slashdot.

Source: Slashdot – Researcher Breakthrough Turns Carbon Dioxide Into Ethanol

Could Twitter Outbid Microsoft for TikTok?

An anonymous reader quotes Reuters:
Twitter has approached TikTok’s Chinese owner ByteDance to express interest in acquiring the U.S. operations of the video-sharing app, two people familiar with the matter told Reuters, as experts raised doubts over Twitter’s ability to put together financing for a potential deal.

It is far from certain that Twitter would be able to outbid Microsoft and complete such a transformative deal in the 45 days that U.S. President Donald Trump has given ByteDance to agree to a sale, the sources said on Saturday. The news of Twitter and TikTok being in preliminary talks and Microsoft still being seen as the front-runner in bidding for the app’s U.S. operations was reported earlier by the Wall Street Journal. Twitter has a market capitalization of close to $30 billion, almost as much as the valuation of TikTok’s assets to be divested, and would need to raise additional capital to fund the deal, according to the sources. “Twitter will have a hard time putting together enough financing to acquire even the U.S. operations of TikTok. It doesn’t have enough borrowing capacity”, said Erik Gordon, a professor at the University of Michigan….

One of Twitter’s shareholders, private equity firm Silver Lake, is interested in helping fund a potential deal, one of the sources added. Twitter has also privately made a case that its bid would face less regulatory scrutiny than Microsoft’s, and will not face any pressure from China given that it is not active in that country, the sources said.

Read more of this story at Slashdot.

Source: Slashdot – Could Twitter Outbid Microsoft for TikTok?

Cringely Predicts the U.S. Can't Stop WeChat

An anonymous reader quotes long-time technology pundit Robert Cringely:
Forty-five days from now, we’re told, President Trump will shut down TikTok and WeChat. TikTok, maybe, but WeChat? Impossible…

Trump has a chance of taking down TikTok, the short form video sharing site, because that service is dependent on advertising. He can force the app out of U.S. app stores (though not out of foreign ones) and he can cut off the flow of ad dollars… at least those dollars that flow through American pockets. But there are workarounds, I’m sure, even for TikTok and 45 days is a lot of time to come up with them. So maybe the service will be sold to Microsoft or maybe not. In either case I’m sure TikTok will survive in some form.

WeChat, on the other hand, will thrive.

WeChat, if you haven’t used it, is the mobile operating system for China. It’s an app platform in its own right that is used for communication, entertainment, and commerce. Imagine Facebook, LinkedIn, PayPal, Venmo, Skype, Uber, Gmail and eBay all in a single application. That’s WeChat. It’s even a third-party application platform, so while U.S. banks operate on the Internet, Chinese banks operate on WeChat. Shutting WeChat down in the U.S. would be a huge blow to WeChat’s parent company, TenCent, and a huge blow to the Chinese diaspora. Except it won’t work.

To defeat President Trump, all WeChat users need is a Virtual Private Network and any WeChat users already in the U.S. already have a VPN to defeat the much more formidable Great Firewall of China.

Read more of this story at Slashdot.

Source: Slashdot – Cringely Predicts the U.S. Can’t Stop WeChat

Settlement for Google+ Breach Offers Class Members Up to $12 Each

“Anyone in the United States who held a Google Plus account between January 1, 2015 and April 2, 2019, and believes they were impacted by a security flaw that Google disclosed in 2018 can now register for a payout from a class action settlement…” reports the Verge.

“Each class action member is eligible for a payout of up to $12 after attorney fees and other costs are accounted for, although this could vary depending on the number of people who submit a claim.”

Although it’s reached a settlement, Google denies the allegations made in the lawsuit. It denies any wrongdoing, and believes that no users “sustained any damages or injuries due to the software bugs.”

If you’re interested in making a claim, then you can do so over on the settlement’s website, where you’ll need to provide the email address associated with your Google Plus account. As well as holding an account between the dates listed, your data must have been exposed as part of the security lapse (Google has previously said that as many as 500,000 users were affected). A final fairness hearing is scheduled for November 19.
Google has set aside $7.5 million to handle all costs associated with the settlement, according to the claims page at

“If you submit a Valid Claim by October 8, 2020, you may receive a payment. You will also give up your rights to sue Google and/or any other released entities regarding the legal claims in this case.”

Read more of this story at Slashdot.

Source: Slashdot – Settlement for Google+ Breach Offers Class Members Up to Each

New Zealand Marks 100 Days of No Covid-19 Community Spread

Axios reports:
New Zealand has now gone 100 days with no detected community spread of COVID-19, the Ministry of Health confirmed in an emailed statement Sunday afternoon local time… Prime Minister Jacinda Ardern has been widely praised for her leadership that saw New Zealand lock down hard for several weeks before all domestic restrictions were lifted in June…

New Zealand has 23 active coronavirus cases. All are NZ residents newly returned from abroad, who are staying in managed isolation facilities. The border remains closed to non-residents and all newly-returned Kiwis must undergo a two-week isolation program managed by the country’s defense force… Police are stationed outside hotels where travelers are in quarantine.

Read more of this story at Slashdot.

Source: Slashdot – New Zealand Marks 100 Days of No Covid-19 Community Spread

1.5% of All Americans Have Been Infected With Coronavirus – 5 Million Cases

Confirmed coronavirus cases in the U.S. hit 5 million on Sunday, reports the Associated Press, “by far the highest of any country…”

“The failure of the most powerful nation in the world to contain the scourge has been met with astonishment and alarm in Europe.”
Perhaps nowhere outside the U.S. is America’s bungled virus response viewed with more consternation than in Italy, which was ground zero of Europe’s epidemic. Italians were unprepared when the outbreak exploded in February, and the country still has one of the world’s highest official death tolls at 35,000. But after a strict nationwide, 10-week lockdown, vigilant tracing of new clusters and general acceptance of mask mandates and social distancing, Italy has become a model of virus containment. “Don’t they care about their health?” a mask-clad Patrizia Antonini asked about people in the United States as she walked with friends along the banks of Lake Bracciano, north of Rome. “They need to take our precautions. … They need a real lockdown.”

Much of the incredulity in Europe stems from the fact that America had the benefit of time, European experience and medical know-how to treat the virus that the continent itself didn’t have when the first COVID-19 patients started filling intensive care units. Yet, more than four months into a sustained outbreak, the U.S. reached the 5 million mark, according to the running count kept by Johns Hopkins University. Health officials believe the actual number is perhaps 10 times higher, or closer to 50 million, given testing limitations and the fact that as many as 40% of all those who are infected have no symptoms….
With America’s world’s-highest death toll of more than 160,000, its politicized resistance to masks and its rising caseload, European nations have barred American tourists and visitors from other countries with growing cases from freely traveling to the bloc. France and Germany are now imposing tests on arrival for travelers from “at risk” countries, the U.S. included.
America has just 44% of the population of Europe — but 77% of its confirmed virus deaths, according to stats in the article from John Hopkins University. (It cites “America’s world’s-highest death toll of more than 160,000,” while noting that the entire continent of Europe has over 207,000 confirmed virus deaths.) “In the U.S., new cases are running at about 54,000 a day — an immensely high number even when taking into account the country’s larger population.”
1 out of every 67 Americans has now had a confirmed infection.

Read more of this story at Slashdot.

Source: Slashdot – 1.5% of All Americans Have Been Infected With Coronavirus – 5 Million Cases

Penguin Poop Seen From Space Leads To Discovery of New Colonies

Satellite-mapping technology “that detects stains on the ice from penguin droppings” has revealed there are more Emperor colonies than previously known in fast-warming Antarctica, reports Bloomberg: Eleven new colonies of the species were found, taking the census to 61 across the polar continent, according to a study by scientists at the British Antarctic Survey published Wednesday. The scientists used images from Europe’s Copernicus Sentinel-2 mission to locate the flightless birds. “This is an exciting discovery,” said lead author and geographer Peter Fretwell in a statement. “Whilst this is good news, the colonies are small and so only take the overall population count up by 5-10%, to just over half a million penguins…”

The discovery will be used by scientists who are monitoring the birds and raising concerns because they’re particularly vulnerable to sea ice melting from climate change… Scientists warned that most of the newly found colonies are in locations likely to be lost as the climate warms and large sections of seasonal ice — where penguins mate — risk disappearing. “Birds in these sites are therefore probably the ‘canaries in the coal mine’,” said Phil Trathan, head of conservation biology at BAS.

Read more of this story at Slashdot.

Source: Slashdot – Penguin Poop Seen From Space Leads To Discovery of New Colonies

Researcher Discovers New 'HTTP Request Smuggling Attack' Variants

Some scary new variants of “HTTP request smuggling” have been discovered by Amit Klein, VP of security research at SafeBreach, reports Security Week:
Specifically, an HTTP request smuggling attack, which can be launched remotely over the internet, can allow a hacker to bypass security controls, gain access to sensitive data, and compromise other users of the targeted app. While the attack method has been known for more than a decade, it still hasn’t been fully mitigated. Klein has managed to identify five new attack variants and he has released proof-of-concept (PoC) exploits.

He demonstrated his findings using the Abyss X1 web server from Aprelium and the Squid caching and forwarding HTTP web proxy. The developers of Abyss and Squid have been notified of the vulnerabilities exploited by Klein during his research, and they have released patches and mitigations. One of the attacks bypasses the OWASP ModSecurity Core Rule Set (CRS), which provides generic attack detection rules for ModSecurity or other web application firewalls. OWASP has also released fixes after being notified.

Klein told SecurityWeek ahead of his talk on HTTP request smuggling at the Black Hat conference that an attacker needs to find combinations of web servers and proxy servers with “matching” vulnerabilities in order to launch an attack, which makes it difficult to determine exactly how many servers are impacted. However, an attacker can simply try to launch an attack to determine if a system is vulnerable. “The attack is not demanding resource-wise, so there’s no downside to simply trying it,” Klein said. In his research, he demonstrated a web cache poisoning attack, in which the attacker forces the proxy server to cache the content of one URL for a request of a different URL.
He says attacks can be launched en-masse through a proxy server against multiple different web servers or against multiple proxy servers… While there haven’t been any reports of HTTP request smuggling being used in the wild, Klein has pointed out that attacks may have been launched but were not detected by the target.

Read more of this story at Slashdot.

Source: Slashdot – Researcher Discovers New ‘HTTP Request Smuggling Attack’ Variants

Countering Google, Microsoft Promises Its Own Open Source Service Mesh for the CNCF

“As controversy rages over the governance of Google’s Istio service mesh, Microsoft has seen an opportunity to offer a simple and truly open alternative,” reports InfoWorld:
Microsoft has announced that it will release its own open source service mesh — called Open Service Mesh (OSM) — and transfer it to the Cloud Native Computing Foundation (CNCF) as soon as possible. This sets the Redmond-based company apart from its cloud rival Google, which recently announced that its own Istio service mesh will no longer be part of the vendor-neutral CNCF and will instead sit under Google’s own Open Usage Commons foundation.

The service mesh has quickly become a vital part of the modern cloud native computing stack, as it essentially enables communication, monitoring, and load balancing between disparate parts of today’s microservices-based architecture. This differs from the popular container orchestration service Kubernetes in its level of granularity. When run in tandem with Kubernetes, a service mesh enables deeper security policy and encryption enforcement and automated load balancing and circuit breaking functionality…
With this launch Microsoft is not only aligning itself with the open governance side of the debate which has been raging through the open source software community for the past few months, but is also looking to solve a customer pain point.

Read more of this story at Slashdot.

Source: Slashdot – Countering Google, Microsoft Promises Its Own Open Source Service Mesh for the CNCF

Will We Someday Write Code Just By Describing It?

Using millions of programs in online repositories, Intel, Georgia Tech, and MIT researchers created a tool called MISIM (Machine Inferred code Similarity) with a database of code scored by the similarity of its outcomes to suggest alternatives (and corrections) to programmers.

The hope is “to aid developers with nitty-gritty choices like ‘what is the most efficient way to use this API’ or ‘how can I correctly validate this input’,”Ryan Marcus, scientist at Intel Labs, told ZDNet. “This should give engineers a lot more time to focus on the elements of their job that actually create a real-world impact…”

Justin Gottschlich, the lead for Intel’s “machine programming” research team, told ZDNet that as software development becomes ever-more complex, MISIM could have a great impact on productivity. “The rate at which we’re introducing senior developers is not on track to match the pace at which we’re introducing new chip architectures and software complexity,” he said. “With today’s heterogeneous hardware — CPUs, GPUs, FPGAs, ASICs, neuromorphic and, soon, quantum chips — it will become difficult, perhaps impossible, to find developers who can correctly, efficiently, and securely program across all of that hardware.”
But the long-term goal of machine programming goes even further than assisting software development as it stands today. After all, if a technology can assess intent and come up with relevant snippets of code in response, it doesn’t seem far-fetched to imagine that the algorithm could one day be used by any member of the general public with a good software idea. Combined with natural language processing, for example, MISIM could in theory react to verbal clues to one day let people write programs simply by describing them. In other words, an Alexa of sorts, but for software development.
Gottschlich explained that software creation is currently limited to the 27 million people around the world who can code. It is machine programming’s ultimate goal to expand that number and one day, let people express their ideas in some other fashion than code — be it natural language, visual diagrams or even gestures.

Intel currently plans to use the new tool internally.

Read more of this story at Slashdot.

Source: Slashdot – Will We Someday Write Code Just By Describing It?

The Workforce Is About to Change Dramatically

“For the first time ever, the world’s largest companies are telling hundreds of thousands of workers to stay away from the office for a full year, or longer,” notes the Atlantic.

“If, in five years, these edicts have no lingering effects on office culture, that would be awfully strange…”

Ambitious engineers, media makers, marketers, PR people, and others may be more inclined to strike out on their own, in part because they will, at some point, look around at their living room and realize: I am alone, and I might as well monetize the fact of my independence. A new era of entrepreneurship may be born in America, supercharged by a dash of social-existential angst.
Or, you know, maybe not. If companies find that remote work is a mess, they might decide to prematurely scrap the experiment, like IBM and Yahoo famously did. It is certainly curious that the most prestigious tech companies now proclaiming the future of working from home were, just seven months ago, outfitting their offices with the finest sushi bars, yoga rooms, and massage rooms…

Nothing is certain, and every new trend incurs a backlash. Telepresence could crush some downtown businesses; but cheaper downtown real estate could also lead to a resurgence in interesting new restaurants. Working from home could lead to more free-agent entrepreneurship; but if companies notice that they’re bleeding talent, they’ll haul their workforces back to headquarters. Still, even a moderate increase in remote work could lead to fundamental changes in our labor force, economy, and politics. Remote workers will spend more money and time inside their houses; they will spend more time with online communities than with colleagues; and many will distribute themselves across the country, rather than feel it necessary to cluster near semi-optional headquarters.

Read more of this story at Slashdot.

Source: Slashdot – The Workforce Is About to Change Dramatically

Ask Slashdot: How Should College Students Approach This Academic Year?

Long-time Slashdot reader goombah99 wonders how college students should approach this next academic year.
First, should defer their next academic year? Even universities opening their dorms are still limiting their dining facilities to take-out box lunches and offering most of their classes online. (Though some give students a choice of online or in-person classes). Yet despite the new rules, “Some universities are sticky about deferrals, requiring medical excuses, or else re-application for majors and scholarships. Others are more generous.”
And that’s just first decision students are facing:
If you chose to attend online, would you opt to be in the dorms — or in your parent’s house or your home town? What would you be losing (or gaining) by that choice, compared to socially distanced in-person?

For a real-world example, the original submission asks what’s the best strategy for a CS major taking just one or two classes online. “Take a freshman core course? Take a super hard foundational upper level course like Algorithm’s and Data Structures? Or take a simpler class like Intro to Object- Oriented Programming in Java. Which of these benefit the most from having in-person study buddies and labs with in-person TAs?”

Utimately the original submission asks what it is that makes college transformative — the classes, or being there (and living on-campus) in-person? “For me, I recall not even knowing all the possible majors when I attended, and it was networks, chance, new friends and upperclassmen who were how I learned what I wanted to pursue… What does one lose by remote learning and why, either academically or socially?”
Share your own thoughts in the comments. How should college students approach this academic year?

Read more of this story at Slashdot.

Source: Slashdot – Ask Slashdot: How Should College Students Approach This Academic Year?

China Is Now Blocking All Encrypted HTTPS Traffic That Uses TLS 1.3 and ESNI

China’s Great Firewall “is now blocking HTTPS connections set up via the new TLS 1.3 encryption protocol and which use ESNI (Encrypted Server Name Indication),” reports ZDNet:

The block has been in place for more than a week, according to a joint report authored by three organizations tracking Chinese censorship — iYouPort, the University of Maryland, and the Great Firewall Report. ZDNet also confirmed the report’s findings with two additional sources — namely members of a U.S. telecommunications provider and an internet exchange point (IXP) — using instructions provided in a mailing list…

The reason for the ban is obvious for experts. HTTPS connections negotiated via TLS 1.3 and ESNI prevent third-party observers from detecting what website a user is attempting to access. This effectively blinds the Chinese government’s Great Firewall surveillance tool from seeing what users are doing online.

There is a myth surrounding HTTPS connections that network observers (such as internet service providers) cannot see what users are doing. This is technically incorrect. While HTTPS connections are encrypted and prevent network observers from viewing/reading the contents of an HTTPS connection, there is a short period before HTTPS connections are established when third-parties can detect to what server the user is connecting. This is done by looking at the HTTPS connection’s SNI (Server Name Indication) field.

In HTTPS connections negotiated via older versions of the TLS protocol (such as TLS 1.1 and TLS 1.2), the SNI field is visible in plaintext.

Read more of this story at Slashdot.

Source: Slashdot – China Is Now Blocking All Encrypted HTTPS Traffic That Uses TLS 1.3 and ESNI

'5G Just Got Weird'

SuperKendall (Slashdot reader #25,149) shared this review of the recent 5G standards codified by the 3rd Generation Partnership Project (3GPP) in Release 16 (finalized on July 3).
“5G just got weird,” writes IEEE Spectrum:

4G and other earlier generations of cellular focused on just that: cellular. But when 3GPP members started gathering to hammer out what 5G could be, there was interest in developing a wireless system that could do more than connect phones… One of the flashiest things in Release 16 is V2X, short for “Vehicle to Everything.” In other words, using 5G for cars to communicate with each other and everything else around them… The 3GPP standards bring those benchmarks into the realm of gigabytes per second, 99.999 percent reliability, and just a few milliseconds.
Matthew Webb, a 3GPP delegate for Huawei and the other rapporteur for the 3GPP item on V2X, adds that Release 16 also introduces a new technique called sidelinking. Sidelinks will allow 5G-connected vehicles to communicate directly with one another, rather than going through a cell-tower intermediary… Tseng says that sidelinking started as a component of the V2X work, but it can theoretically apply to any two devices that might need to communicate directly rather than go through a base station first. Factory robots are one example, or large-scale Internet of Things installations.
Some other “weird” highlights of the new 5G standards:

“5G incorporates millimeter waves, which are higher frequency radio waves (30 to 300 GHz) that don’t travel nearly as far as traditional cell signals. Millimeter waves means it will be possible to build a network just for an office building, factory, or stadium. At those scales, 5G could function essentially like Wi-Fi networks.”
“In past generations of cellular, three cell towers were required to triangulate where a phone was by measuring the round-trip distance of a signal from each tower. But 5G networks will be able to use the round-trip time from a single tower to locate a device.”
“Release 17 includes a work item on extended reality — the catch-all term for alternate reality and virtual reality technologies.”

Read more of this story at Slashdot.

Source: Slashdot – ‘5G Just Got Weird’

Could Spacecraft of the Future Be Powered By 'Lattice Confinement' Nuclear Fusion?

schwit1 writes: Researchers at NASA’s Glenn Research Center have now demonstrated a method of inducing nuclear fusion without building a massive stellarator or tokamak. In fact, all they needed was a bit of metal, some hydrogen, and an electron accelerator.
The team believes that their method, called lattice confinement fusion, could be a potential new power source for deep space missions. They have published their results in two papers in Physical Review C… “What we did was not cold fusion,” says Lawrence Forsley, a senior lead experimental physicist for the project. Cold fusion, the idea that fusion can occur at relatively low energies in room-temperature materials, is viewed with skepticism by the vast majority of physicists. Forsley stresses this is hot fusion, but “We’ve come up with a new way of driving it.”

The article contains a good description of the technical details, and end by summarizing the hopes of the project’s analytical physicist and nuclear diagnostics lead. “This method of fusion offers a potentially reliable source for craft operating in places where solar panels may not be useable, for example.

“And of course, what works in space could be used on Earth.”

Read more of this story at Slashdot.

Source: Slashdot – Could Spacecraft of the Future Be Powered By ‘Lattice Confinement’ Nuclear Fusion?