| IndyWatch Science and Technology News Feed Archiver | |
 |
Go Back:30 Days | 7 Days | 2 Days | 1 Day |
|
IndyWatch Science and Technology News Feed was generated at World News IndyWatch. |
|
Wednesday, 29 March
03:01
How to work with a list of dictionaries in Ansible Linux.com
Use Jinja selectattr() and map() filters to extract data from a list of dictionaries.
Read More at Enable Sysadmin
The post How to work with a list of dictionaries in Ansible appeared first on Linux.com.
02:30
VA-API's Libva 2.18 Released With Windows WSL D3D12 Support, Optional Disabling DRI3 Phoronix
Version 2.18 of the VA-API library, libva, has been released today for this Linux Video Acceleration API library that is used by the various driver implementations...
02:30
Debugging and Analyzing Real-Mode 16-Bit x86 Code With Fresh Bread Hackaday
Running a debugger like gdb with real-mode 16-bit code on the x86 platform is not the easiest thing to do, but incredibly useful when it comes to analyzing BIOS firmware and DOS software. Although its possible to analyze a BIOS image after running it through a disassembler, there is a lot that can only be done when the software is running on the real hardware. This is where [Davidson Francis] decided that some BREAD would be useful, as in BIOS Reverse Engineering & Advanced Debugging.
What BREAD does is provide some injectable code that with e.g. a BIOS replaces the normal boot logo with the debugger stub. This stub communicates with a bridge via the serial port, with the gdb client connecting to this bridge. Since DOS programs are also often 16-bit re...
02:24
What If EVE Online Becomes Our Future? Lifeboat News: The Blog
Play EVE Online: https://eve.online/Ridddle_EN
In this video, we explore the fascinating prospects of humanity becoming a proper interstellar civilization, up to Type III on the Kardashev scale. However, this transition process presents our species with a bunch of physical limitations, as well as societal and even biological implications. Many of them are quite unwanted or even ugly! We explore this vast topic by using the latest scientific models as well as the best science fiction worlds from books, TV shows, and even games. Speaking of which, to help us visualize this space-faring future with much-needed scale and fidelity, we turned to CCP Games the creators of the massively multiplayer online game EVE Online. https://eve.online/Ridddle_EN. It is set in a rich sci-fi universe, where players can create their own character and explore a vast and complex virtual world built according to the well-thought set of consistent in-world rules The game is known for its intricate economy, politics, and warfare mechanics, where players can engage in a variety of activities, including mining resources, trading, building structures, and participating in battles. Quite frankly, the game feels like a real simulation of all those future endeavors humanity will face on the way to becoming a true interstellar species!
02:24
AI Consciousness : 2023 2030 Timeline of Sentient Machines Lifeboat News: The Blog
Deep Learning AI Specialization: https://imp.i384100.net/GET-STARTED
AI Marketplace: https://taimine.com/
Take a journey through the years 20232030 as artificial
intelligence develops increasing levels of consciousness, becomes
an indispensable partner in human decision-making, and even leads
key areas of society. But as the line between man and machines
becomes blurred, society grapples with the moral and ethical
implications of sentient machines, and the question arises: which
side of history will you be on?
AI news timestamps:
0:00 AI consciousness intro.
0:17 Unconscious artificial intelligence.
1:54 AI influence in media.
3:13 AI decisions.
4:05 AI awareness.
5:07 The AI ally.
6:07 Machine human hybrid minds.
7:02 Which side.
7:55 The will of artificial intelligence.
#ai #future #tech
02:24
Does GPT-4 Really Understand What Were Saying? Lifeboat News: The Blog
One question for David Krakauer, president of the Sante Fe Institute for complexity science where he explores the evolution of intelligence and stupidity on Earth.
Does GPT-4 really understand what were saying?
Yes and no, is the answer to that. In my new paper with computer scientist Melanie Mitchell, we surveyed AI researchers on the idea that large pretrained language models, like GPT-4, can understand language. When they say these models understand us, or that they dont, its not clear that were agreeing on our concept of understanding. When Claude Shannon was inventing information theory, he made it very clear that the part of information he was interested in was communication, not meaning: You can have two messages that are equally informative, with one having loads of meaning and the other none.
02:24
The Periodic Table Has Been Sonified And Every Element Sounds Unique Lifeboat News: The Blog
The unique radiation emitted by heated or electrified elements has been converted into sound, enabling us to hear the distinctive chord each element produces. Although the idea has been tried before, advances in technology have now made it possible for a far more complete and subtle sonification of the periodic table.
When elements are energized electrons can jump to higher energy levels. Eventually, they return to their ground state, releasing a photon in the process. The wavelength of the photon depends on the size of the energy gap between the excited state and the ground state more energy produces higher frequency/shorter wavelength light.
The discovery of this fact has proven crucial for our understanding of the universe. We can identify the elements in a star billions of light-years away from the distinctive wavelengths it emits, known as its emission spectra. At the American Chemical Societys Spring Conference over the weekend, the University of Indianas W. Walker Smith demonstrated the result if every elements electromagnetic spectrum is converted to sound.
02:24
Does consciousness create the universe? A new book makes the startling claim Lifeboat News: The Blog
Credit: Pixabay.
Observer, a thriller co-written by the scientist Robert Lanza and the leading sci-fi writer Nancy Kress, looks towards quantum physics and beyond in a provocative story of a brilliant neurosurgeon.
02:22
The Twilight Zone (1985) Intro HD Lifeboat News: The Blog
The Twilight Zone (1985) is a television science fiction anthology series. It recreated some of the episodes from the original series and created some new ones too. The series contains ironic or special situations with a twist at the end, which show the human nature, coupled with science fiction, horror or fantasy. This new series included such famous directors as Wes Craven, Joe Dante, John Milius, and William Friedkin along with writers such as Stephen King, Harlan Ellison, Roger Zelazny, J. Michael Straczynski, Rockne S. OBannon, Theodore Sturgeon, Ray Bradbury, George Clayton Johnson, and even an original outline by Rod Serling.
Facebook Page:
https://www.facebook.com/TheTwilightZone1985
02:00
The EV Transition Is Harder Than Anyone Thinks IEEE Spectrum
Volvo Cars CEO Jim Rowan boldly proclaims that electric vehicles will reach price parity with internal-combustion-engine (ICE) vehicles by 2025. Not likely, counter Mercedes-Benzs chief technology officer Markus Schfer and Renault Group CEO Luca de Meo.
The International Energy Agency predicts that EVs will make up more than 60 percent of vehicles sold globally by 2030. But given the sheer tonnage of lithium, cobalt, and other raw materials needed for EV batteries, that figure is overly optimistic, suggests the mineral market analysis company Benchmark Mineral Intelligence, unless nearly 300 new mines and supporting refineries open by then.
EV owners should be urged to charge at night to save not only money and the power grid but the world, a news headline cries out. Not so fast, exclaim researchers at Stanford University, who state that charging EVs during the day is actually cheaper, better for the grid, and healthier for the environment.
And so goes the litany of contradictory statements about the transition to EVs:
- EVs will/will not collapse the electric grid.
- EVs will/will not cause massive unemployment among autoworkers.
- EVs will/will not create more pollution than they eliminate.
Confused? Join the crowd.
Sorting through this contradictory rhetoric can make anyones head spin. My response to each proclamation is often a shrug followed by It depends.
Two years ago, I began investigating the veracity of claims surrounding the transition to EVs at scale. The result is a 12-part series and e-book,...
01:08
OpenSSL Security Advisory Open Source Security
Posted by Tomas Mraz on Mar 28
OpenSSL Security Advisory [28th March 2023]===========================================
Invalid certificate policies in leaf certificates are silently ignored (CVE-2023-0465)
======================================================================================
Severity: Low
Applications that use a non-default option when verifying certificates may be
vulnerable to an attack from a malicious CA to circumvent certain checks.
Invalid...
01:03
Re: CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Open Source Security
Posted by Solar Designer on Mar 28
Hi Zhenghan Wang,Thank you for bringing this to oss-security.
Please remind the Bluetooth subsystem maintainers, such as by "replying"
to your own message you had sent them on March 9. When doing so, please
also inform them of the CVE ID and of the oss-security posting.
For others on oss-security: Zhenghan Wang brought this issue to
linux-distros and s@k.o on March 8, brought it to the subsystem
maintainers and public Linux mailing...
01:00
Feeling the Heat: Railway Defect Detection Hackaday
On the technology spectrum, railroads would certainly seem to skew toward the brutally simplistic side of things. A couple of strips of steel, some wooden ties and gravel ballast to keep everything in place, some rolling stock with flanged wheels on fixed axles, and youve got the basics that have been moving freight and passengers since at least the 18th century.
But that basic simplicity belies the true complexity of a railway, where even just keep keeping the trains on the track can be a daunting task. The forces that a fully loaded train can exert on not only the tracks but on itself are hard to get your head around, and the potential for disaster is often only a failed component away. This became painfully evident with the recent Norfolk Southern derailment in East Palestine, Ohio, which resulted in a hazardous materials incident the likes of which no community is ready to deal with.
Given the forces involved, keeping trains on the straight and narrow is no mean feat, and railway designers have come up with a web of sensors and systems to help them with the task of keeping an eye on whats going on with the rolling stock of a train. Lets take a look at some of the interesting engineering behind these wayside defect detectors.
...
00:47
New Technique 'About 80% Effective' at Producing Babies of Desired Sex, Study Suggests SoylentNews
Researchers used a technique to separate sperm on whether they had an X chromosome (making female offspring) or a Y one (male offspring). Sperm with an X chromosome are slightly heavier than those with a Y, the research indicates.
However, the study has again raised long-held concerns over the ethics of such a process. Selecting embryos without reasons such as a sex-linked disease is illegal in many countries.
Experts behind the research, from Weill Cornell Medicine in New York, said their technique was inexpensive and "extremely safe".
Fifty-nine couples wanted a girl and it resulted in 79.1% (231 out of 292) female embryos, with 16 girls being born without any abnormalities. Fifty-six couples wanted a boy and the technique produced 79.6% male embryos (223 out of 280), resulting in 13 healthy male babies.
[...] "I am convinced that the science is sound and that, instead of the usual 50:50 'coin toss' then a couple can get a baby with the desired sex a little under 80% of the time."
From the article:
The desire to have offspring of a specific sex has a long history but has been particularly present since the 1970s with the early appearance of assisted reproduction. The reasons for choosing a child's sex may be social, such as a desire for family balancing [1]. Couples undergoing IVF, who already have a child or children of one sex, may wish to have the experience of raising children of both sexes. Some couples, who already have children, could have financial reasons for not attempting a further pregnancy without assurance that the additional child will be of a specific sex.
Cheung S, Elias R, Xie P, Rosenwaks Z, Palermo GD (2023) A non-randomized clinical trial to determine the safety and efficacy of a novel sperm sex selection technique. PLoS ONE 18(3): e0282216. https://doi.org/10.1371/journal.pone.0282216
Read more of this story at SoylentNews.
00:30
Europol warns of criminal use of ChatGPT Security Affairs
Europol warns of cybercriminal organizations can take advantage of systems based on artificial intelligence like ChatGPT.
EU police body Europol warned about the potential abuse of systems based on artificial intelligence, such as the popular chatbot ChatGPT, for cybercriminal activities. Cybercriminal groups can use chatbot like ChatGPT in social engineering attacks, disinformation campaigns, and other cybercriminal activities, such as developing malicious code.
OpenAIs ChatGPT is becoming even more attractive for cybercriminal organization that are valuating how to use its enormous capabilities.
As the capabilities of Large Language Models (LLMs) such as ChatGPT are actively being improved, the potential exploitation of these types of AI systems by criminals provide a grim outlook. reads the alert published by the Europol.
The following three crime areas are amongst the many areas of concern identified by Europols experts:
- Fraud and social engineering: ChatGPTs ability to draft highly realistic text makes it a useful tool for phishing purposes. The ability of LLMs to re-produce language patterns can be used to impersonate the style of speech of specific individuals or groups. This capability can be abused at scale to mislead potential victims into placing their trust in the hands of criminal actors.
- Disinformation: ChatGPT excels at producing authentic sounding text at speed and scale. This makes the model ideal for propaganda and disinformation purposes, as it allows users to generate and spread messages reflecting a specific narrative with relatively little effort.
- Cybercrime: In addition to generating human-like language, ChatGPT is capable of producing code in a number of different programming languages. For a potential criminal with little technical knowledge, this is an invaluable resource to produce malicious code.
According to the Europol, technologies like ChatGPT can speed up each phase of an attack chain significantly.
As such, ChatGPT can be used to learn about a vast number of potential crime areas with no prior knowledge, ranging from how to break into a home, to terrorism, cybercrime and child sexual abuse. states the report published by Europol. The identified use cases that emerged from the workshops Europol carried out with its experts are by no means exhaustive. Rather, the aim...
00:23
Security updates for Tuesday LWN.net
Security updates have been issued by Debian (dino-im and runc), Fedora (qemu), Red Hat (firefox), SUSE (chromium, containerd, docker, kernel, and systemd), and Ubuntu (graphicsmagick, linux-azure, linux-gcp, linux-oem-5.14, linux-oem-5.17, linux-oem-6.0, linux-oem-6.1, and node-url-parse).
00:23
Dr. John-Arne Rttingen, MD, PhD Ambassador for Global Health, Ministry of Foreign Affairs, Norway Lifeboat News: The Blog
Ambassador Dr. John-Arne Rttingen, MD, Ph.D. (https://www.bsg.ox.ac.uk/people/john-arne-rottingen) is Ambassador for Global Health, at the Ministry of Foreign Affairs, Norway, and a Visiting Fellow of Practice, at the Blavatnik School of Government, Oxford University.
Ambassador Dr. Rttingen has previously served as the Chief Executive of the Research Council of Norway; the founding Chief Executive Officer of the Coalition for Epidemic Preparedness Innovations (CEPI); Executive Director of Infection Control and Environmental Health at the Norwegian Institute of Public Health; founding Chief Executive of the Norwegian Knowledge Centre for the Health Services; Professor of Health Policy at the Department of Health Management and Health Economics, Institute of Health and Society, University of Oslo; and Adjunct Professor at the Department of Global Health and Population, Harvard T.H. Chan School of Public Health.
From 2020, Ambassador Dr. Rttingen also chaired the Executive Group and the International Steering Committee of the WHO Solidarity trial to compare four untested treatments for hospitalized people with severe COVID-19 illness. In early 2021, he was appointed by the G20 to the High Level Independent Panel (HLIP) on financing the global commons for pandemic preparedness and response. That same year, he was also appointed to the Pandemic Preparedness Partnership (PPP), an expert group chaired to advise the G7 presidency. From mid-2021, he was part of the Access to COVID-19 Tools Accelerators Vaccine Manufacturing Working Group.
Ambassador Dr. Rttingen received his MD and Ph.D. from the University of Oslo, an MSc from Oxford University and an MPA from Harvard University.
00:13
Elephant Robotics Unveils New Desktop Educational Robots for 2023 IEEE Spectrum
This is a sponsored article brought to you by Elephant Robotics.
In recent years, interest in using robots in education has seen massive growth. Projects that involve robotics, artificial intelligence, speech recognition, and related technologies can help develop students analytical, creative, and practical skills. However, a major challenge has been the robots themselves: They are typically big, heavy, and costly. For robots to become widely used in education, they need to be smaller, easier to setup and use, and, more important, they need to be affordable to educators and students.
Thats the goal Elephant Robotics aims to achieve with its line of lightweight, smart, and capable robots. The company has launched several desktop collaborative robots over the past few years, including the myCobot, mechArm, and myPalletizer. To help users achieve more applications in education, Elephant Robotics has also launched AI Robot Kit, a robotic kit that integrates multiple functions like vision, positioning grabbing, and automatic sorting modules. This year, the company is unveiling completely improved and upgraded products to make robotics even more accessible in education.
Upgraded Robotic Arms and AI Kits
Schools in different countries and regions have been using Elephant Robotics robotic arms and AI Kits as educational tools in recent years. The products portability, ease of use, and cost-effectiveness have helped schools integrate robotics as part of their programs and courses. The performance of the products and the wide range of built-in software and features help students learn better about robotics and programming. Using the robotic arms and...
00:00
Neurotechs Battles Impact Our Brains Future IEEE Spectrum
Neurotechnologies todaydevices that can measure and influence
our brains and nervous systemsare growing in power and popularity.
The neurotech marketplace, according to Precedence Research, is worth USD
$14.3 billion this year and will exceed $20 billion within four
years. Noninvasive brain-computer interfaces, brain stimulation devices, and brain-monitoring hardware (measuring alertness and
attention at work, for example) are no longer just laboratory
experiments and technological curios. The societal and legal
implications of widespread neurotech adoption may be
substantial.
Nita Farahany, professor of law and philosophy at Duke University, has written a new book, The Battle for Your Brain: Defending the Right to Think Freely in the Age of Neurotechnology, which explores how our lives may be impacted by the use of brain-computer interfaces and neural monitoring devices.
Farahany argues that the development and use of neurotech presents a challenge to our current understanding of human rights. Devices designed to measure, record and influence our mental processes, used by us or on us, may infringe on our rights to mental privacy, freedom of thought, and mental self-determination. She calls this collection of freedoms the right to cognitive liberty. Spectrum spoke with Farahany recently about the future and present of neurotech and how to weigh its promisesenhanced capabilities, for instance, including bionics and prosthetics and even a third armagainst its potential to interfere with peoples mental sovereignty.
Author, Nita
Farahany...
Tuesday, 28 March
23:32
Prompt engineering and jailbreaking: Europol warns of ChatGPT exploitation HackRead | Latest Cybersecurity and Hacking News Site
The concern arises from the growing number of cybercriminals attempting to exploit the AI-based chatbot for developing malware and other malicious tools.
This is a post from HackRead.com Read the original post: Prompt engineering and jailbreaking: Europol warns of ChatGPT exploitation
23:31
Pakistan-Origin SideCopy Linked to New Cyberattack on India's Ministry of Defence The Hacker News
An advanced persistent threat (APT) group that has a track record of targeting India and Afghanistan has been linked to a new phishing campaign that delivers Action RAT. According to Cyble, which attributed the operation to SideCopy, the activity cluster is designed to target the Defence Research and Development Organization (DRDO), the research and development wing of India's Ministry of
23:29
All of Microsofts Strategic Areas Have Layoffs This Year Techrights
The layoffs keep going and going, e.g. todays updates [1, 2]; theres no end in sight
Summary: Microsofts supposedly strategic/future areas gaming (trying to debt-load or offload debt to other companies), so-called security, clown computing (Azure), and Hey Hi (chaffbots etc.) have all had layoffs this year; its clear that the company is having a serious existential crisis in spite of Trumps and Bidens bailouts (a wave of layoffs every month this year) and is just bluffing/stuffing the media with chaffbots cruft (puff pieces/misinformation) to keep shareholders distracted, asking them for patience and faking demand for the chaffbots (whilst laying off Bing staff, too)
23:12
Turtle Beach REACT-R & Recon Xbox Controllers To Be Supported In Linux 6.4 Phoronix
Turtle Beach gaming controllers will see support by the widely-used XPad driver with the upcoming Linux 6.4 kernel...
23:08
IcedID Malware Shifts Focus from Banking Fraud to Ransomware Delivery The Hacker News
Multiple threat actors have been observed using two new variants of the IcedID malware in the wild with more limited functionality that removes functionality related to online banking fraud. IcedID, also known as BokBot, started off as a banking trojan in 2017. It's also capable of delivering additional malware, initial loader
22:54
Breaking the Mold: Pen Testing Solutions That Challenge the Status Quo The Hacker News
Malicious actors are constantly adapting their tactics, techniques, and procedures (TTPs) to adapt to political, technological, and regulatory changes quickly. A few emerging threats that organizations of all sizes should be aware of include the following: Increased use of Artificial Intelligence and Machine Learning: Malicious actors are increasingly leveraging AI and machine learning to
22:31
Links 28/03/2023: Pitivi 2023.03 is Out, Yet More Microsoft Layoffs (Now in Israel) Techrights
Contents
- GNU/Linux
- Distributions and Operating Systems
- Free, Libre, and Open Source Software
- Leftovers
- Gemini* and Gopher
-
GNU/Linux
- ...
22:29
IRC Proceedings: Monday, March 27, 2023 Techrights
Also available via the Gemini protocol at:
- gemini://gemini.techrights.org/irc-gmi/irc-log-techrights-270323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-270323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-social-270323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-techbytes-270323.gmi
Over HTTP:
|
|
|
|
|
|
|
|
|
|
... |
22:23
Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529) Help Net Security
Apple has released security updates for pardon the pop-culture reference everyhing everywhere all at once, and has fixed the WebKit vulnerability (CVE-2023-23529) exploited in the wild for users of older iPhones and iPads. This latest batch of security updates targets the iOS and iPad 16.x and 15.x branches; macOS Big Sur, Monterey and Ventura; watchOS and tvOS; Safari; and Studio Display, a standalone computer monitor / external display. The CVE-2023-23529 fix for older More
The post Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529) appeared first on Help Net Security.
22:19
CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Open Source Security
Posted by Zhenghan Wang on Mar 28
Hi,In the Bluetooth subsystem, a double free vulnerability was found in the
hci_conn_cleanup function of net/bluetooth/hci_conn.c, which may cause DOS
or privilege escalation.
Version: Linux kernel 6.2 (this problem also exists in 6.3-rc1)
At the end of the hci_conn_del_sysfs(conn) function in the hci_conn_cleanup
function, hci_dev_put(hdev) will be called. The hci_dev_put function will
eventually call kfree to release the space used by name:...
22:02
Microsoft to Fix Windows 11 aCropalypse Privacy Failure SoylentNews
Microsoft to fix Windows 11 'aCropalypse' privacy failure:
Updated Microsoft is said to be preparing to fix the high-profile "aCropalypse" privacy bug in its Snipping Tool for Windows 11.
Users can remove sensitive information or some other parts of photos, screenshots, and other images by cropping them using the Snipping Tool app. The problem is that for the Windows 11 app as well as Microsoft's Snip & Sketch cropping tool in Windows 10 the file of the cropped image still includes the cropped out portions, which can be recovered and viewed.
A similar flaw was found in Google's Markup image-editing app for its Pixel smartphones. According to reverse engineers Simon Aarons and David Buchanan who named the bug aCropalyse the problem affects Pixel smartphones since 2018, when the 3 series came out. Google patched its code to avoid leaking cropped areas of images.
Then this week, Buchanan confirmed that the Windows Snipping Tool and Snip & Sketch software had the same issue. If a user cropped a photo or other image using the software and then saved the edited image over the original file, that file still contains the cropped-out portion. The area isn't visible when viewing the image using normal tools, but the data is still there in the file, and can be restored and viewed using appropriate recovery software.
Steven Murdoch, a professor of security engineering at the UK's University College London, shared some thoughts here on the underlying issue within Windows, specifically its latest Save File API, which he described as "defective by design."
[...] Meanwhile, if you've used Microsoft's code to crop your snaps and then shared them on, be aware someone with a copy of them might be able to recover the lopped-off portions.
Read more of this story at SoylentNews.
22:00
Hams Watch For Meteors Hackaday
After passing an exam and obtaining a license, an amateur radio operator will typically pick up a VHF ratio and start talking to other hams in their local community. From there a whole array of paths open up, and some will focus on interesting ways of bouncing signals around the atmosphere. There are all kinds of ways of propagating radio waves and bouncing them off of various reflective objects, such as the Moon, various layers of the ionosphere, or even the auroras, but none are quite as fleeting as bouncing a signal off of a meteor thats just burned up in the atmosphere.
While they arent specifically focused on communicating via meteor bounce, The UK Meteor Beacon Project hopes to leverage amateur radio operators and amateur radio astronomers to research more about meteors as they interact with the atmosphere. A large radio beacon, which has already been placed into service, broadcasts a circularly-polarized signal in the six-meter band which is easily reflected back to Earth off of meteors. Specialized receivers can pick up these signals, and are coordinated among a network of other receivers which stream the data they recover over the internet back to a central server.
With this information, the project can determine where the meteor came from, some of...
21:50
QNX Support Restored For SDL3 Phoronix
When SDL3 development kicked off last November for this open-source library that is widely used by cross-platform games and other software, QNX support was removed alongside other old targets. Just months later, the QNX platform support is being revived...
21:28
Vulkan 1.3.245 Brings New NVIDIA Vendor Extension To Help Optimize Ray-Tracing Phoronix
The Vulkan 1.3.245 extension is a small update to this industry-standard graphics/compute API with just a handful of issues resolved but it does introduce one new extension, which is a NVIDIA vendor extension aiming to further enhance Vulkan ray-tracing...
21:11
CVE-2023-28326: Apache OpenMeetings: allows user impersonation Open Source Security
Posted by Maxim Solodovnik on Mar 28
Severity: criticalDescription:
Vendor: The Apache Software Foundation
Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0
Description: Attacker can elevate their privileges in any room
This issue is being tracked as OPENMEETINGS-2739
Credit:
Dennis Zimmt (reporter)
References:
https://openmeetings.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-28326
https://issues.apache.org/jira/browse/OPENMEETINGS-2739
21:08
Telecom giant Lumen suffered a ransomware attack and disclose a second incident Security Affairs
Telecommunications giant Lumen Technologies discovered two cybersecurity incidents, including a ransomware attack.
In a filing to the Securities and Exchange Commission, on March 27, 2023, Lumen announced two cybersecurity incidents. One of the incidents is a ransomware attack that impacted a limited number of its servers that support a segmented hosting service. The company did not provide details about the family of ransomware that infected its systems, it only admitted that the incident is currently degrading the operations of a small number of the Companys enterprise customers.
On March 27, 2023, Lumen announced two cybersecurity incidents. First, last week the Company discovered that a malicious intruder had inserted criminal ransomware into a limited number of the Companys servers that support a segmented hosting service. reads the 8-k form filed by the company with SEC. This intrusion is currently degrading the operations of a small number of the Companys enterprise customers.
After the discovery of the ransomware attack, Lumen implemented enhanced security software that allowed the company to discover a separate intrusion. In this second incident, a sophisticated intruder accessed a limited number of the Companys internal information technology systems. The attackers were able to conduct reconnaissance of these systems, installing malware and extracting a relatively limited amount of data.
Based on its ongoing investigations described below and information known at this time, the Company does not believe the incidents have had or will have a material adverse impact on its ability to serve its customers or its business, operations, or financial results. continues the form.
Lumen notified law enforcement authorities and reported the incident to the impacted customers. The company launched an investigation into the incident with the help of forensic to determine the extent of the intrusion.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs hacking, Lumen)
The post Telecom giant Lumen suffered a ransomware attack and disclose a second incident appeared first on Security Affairs.
21:06
Intel Releases GPGMM v0.1 GPU Memory Management Library Phoronix
Intel has published v0.1 of its GPGMM software, the open-source General-Purpose GPU Memory Management Library. This library is intended to be used by modern software employing the Vulkan or D3D12 APIs for helping application developers deal with low-level video memory management...
20:53
Stealthy DBatLoader Malware Loader Spreading Remcos RAT and Formbook in Europe The Hacker News
A new phishing campaign has set its sights on European entities to distribute Remcos RAT and Formbook via a malware loader dubbed DBatLoader. "The malware payload is distributed through WordPress websites that have authorized SSL certificates, which is a common tactic used by threat actors to evade detection engines," Zscaler researchers Meghraj Nandanwar and Satyam Singh said in a report
20:52
OpenBLAS 0.3.22 Introduces EmScripten JavaScript, Fixes AMD Zen 4 Handling Phoronix
A new release of OpenBLAS is now available, the open-source BLAS and LAPACK implementation known for its wide variety of processor optimizations...
20:22
Cancer that spreads to the lung maneuvers to avoid being attacked Lifeboat News: The Blog
Cancer that has spread to areas like the lungs can apply the brakes to a natural pathway that should recruit killer T cells directly to where it has metastasized, scientists report.
That newly found strategy used by tumors that have spreadand are consequently more deadlymay help explain why sometimes promising immunotherapies designed to help the immune system kill cancer dont, says Kebin Liu, Ph.D., cancer immunologist in the Department of Biochemistry and Molecular Biology at the Medical College of Georgia.
It also may mean an additional therapeutic maneuver is needed to stop some tumors, which often are diagnosed after they have spread, says Liu, corresponding author of the study in the journal Cancer Cell.
20:20
Death Levels Sharply Above Pre-COVID-19 Levels schestowitz.com
Even if the media does not talk about this (or belittles the whole thing)
AM
sad about this, but I am not shocked.
10 minutes ago ONS released the latest mortality numbers for England and Wales. This update is a weekly occurrence (typically 10AM ish every Tuesday).
Total deaths week 11 in 2019: 10,567. Total deaths week 11 in 2022: 10,928. Total deaths week 11 in 2023: 12,133. Pandemic is over, folks. Go back your office cage and dont wear a mask or anything. COVID-19 is both mild and long now.
20:17
Europol details ChatGPTs potential for criminal abuse Help Net Security
With the increased public interest in ChatGPT, the Europol Innovation Lab took the matter seriously and conducted a series of workshops involving subject matter experts from various departments of Europol. These workshops aimed to investigate potential ways in which large language models (LLMs) like ChatGPT can be exploited by criminals and how they can be utilized to aid investigators in their day-to-day tasks. ChatGPT and law enforcement Their insights are compiled in Europols first Tech More
The post Europol details ChatGPTs potential for criminal abuse appeared first on Help Net Security.
20:09
Bet365 Evaluation
By following the above steps, you possibly can easily obtain the .apk file on your android phone. Please stick with us to know the installation process of the app on your gadget. The Betway app has been modified over the years for Android and iOS platforms. It can higher. But if customers may dont just like the updates, they can turn off the automatic update feature from their telephone.
There are dozens of great video games all streamed in HD high quality within the live on line casino, so you positively shouldnt miss it. Players at Betway can guess on any and all football matches from any nook of the world in their betting account. Football betting is a vital a half of the positioning and it comes as no surprise to see them accomplish that well on this division too. In reality, a majority of Betway reviews on-line have praised their football part.
For occasion, you can simply access the cellular model without having to download anything. However, regardless of having to be downloaded and up to date from time to time, we should always give the sooner entry to their APK. Plus, it offers a extra dependable and smoother wagering experience and the Betway apk doesnt rely as heavily in your internet connection.
The firm provides quite so much of instruments and features to help prospects keep in cost of their spending, corresponding to deposit limits and actuality checks. Another necessary aspect of Bet365 is its customer help. The platform presents excellent customer support, with a devoted team of professionals out there 24/7 to help with any queries or points you may have.
Specify the deposit quantity, fill within the cost particulars and make sure the transaction. Please observe that the account currency can only be selected at this stage. The button to go to this class is in the lower right corner of the screen.
You will acquire entry to the data free mode on Betway once you log into your account on the app. Furthermore, you must also have a constructive steadiness in your account to enable the free information function. Before you set the Betway app to be knowledge free, you have to log in to your Betway account. However, this facet requires utilizing data, so there is no knowledge free login.
Betway has particularly made this for cricket and no different sport. Here is how one can enjoy the Boundary Money Back Special bonus. Now, lets converse of the advantages and some small drawbacks regarding the relevance of the Betway cellular app. Pretty a lot the same process applies to the downloading and installation of the Betway app for iOs devices. After the download, you want to install the app to use it additional. Can gamblers create a couple of account on the platfrom?
Before actually beginning the review, we want all our readers that know how we rank the betting web sites. The cause behind shari...
20:06
Ashneer Grover Launches Fantasy Sports App Crickpe Ahead Of Ipl h+ Media
Ashneer Grover Launches Fantasy Sports App Crickpe Ahead Of Ipl
You can get it on almost all the main smartphone platforms. In the primary case, youll get to the portal Indian.bet. Otherwise, you must scroll the main web site page to the very backside.
At the same time, you probably can guess on several outcomes from the exact match. Express This type of wager lets you predict several outcomes at the same time. The odds will be multiplied, rising the potential winnings.
The want for the cell app was caused as a solution to complaints filed about the betway official site. Before the app, customers typically had a difficult time completing their registration course of on-line. Also, the fee procedures for deposit and withdrawal of funds takes a longer period because of numerous users making an attempt to entry the server at the similar time. They will provide you with entry to all of the features and features which would possibly be available on the desktop version. This means you could make payments, play on line casino games, or even do mundane stuff like shopping the FAQ section all while on the go. The apps work smoothly on all fashionable gadgets, though you need to replace your devices OS to its newest model to make sure optimum performance.
Even though phones are becoming increasingly more refined, people are still struggling to determine which recordsdata to maintain. The RAMs of the telephones these days cant handle all of the heavy apps, and the telephone often slows down. People who face this issue sometimes attempt to access websites using their browsers, and Betway has a correct cell model for his or her site.
After youve completed the Betway obtain apk for its iOS variant, youll need to install it. To finish this procedure, simply settle for it in a specified message. For users from completely different continents, the Betway app is probably considered one of the excellent, and so they belief it implicitly.
The providing within the casino part is overwhelming as nicely. Just choose your sport or casino and begin constructing your betslip. Android and iOS customers can take pleasure in betting by downloading the Betway app, and the process for a similar is talked about in the following section.
When you wish to play for real money, you can depend on the assistance of our specialists to search out you the best deals and best casinos. The second most important query that comes to each users thoughts is whether or not the website is protected to use or not. To get the reply to this query, we have checked the license of the corporate.
You will be succesful of use them immediately for betting or enjoying on the on-line on line casino. Youll also have the flexibility to get a bonus if youre a model new Betway participant, of course. Among sports activities occasions within the Betway online betting app, yow will discover Indian, European, American or African champio...
20:04
Betway Evaluation & Bonus Code h+ Media
Betway Evaluation & Bonus Code
It allows you to enhance your odds and earn cash in your greatest information. As seen, gamers can use any fashionable browser to find Betway. The platform will match any display dimension, thus permitting high-quality gameplay. To entry the Betway mobile website, you first need to ensure your system fulfils several specs. Take a look at the extra table weve made and check the minimum requirements your cellular needs to entry the Betway platform and play.
The Betway poker app works nicely independently from a device. You can get a Windows, iOS, or Android utility free of charge by visiting the Betway portal. If the incompatibility error happens during the course of and additional progress is inconceivable, you need to get to the Support service. There, a manager will recommend to you all attainable methods out.
Popular options embrace set betting, match winner, complete games, and handicaps. The next step is selecting the odds for the sports activities category you wish to bet on. A participant can place bets on a number of matches or a single match, depending on their preference. The first step to putting a guess on the platform is logging into your account with your account info.
Then, click on the My Account tab and select Withdraw. This have to be accomplished to stop illicit registration on the app. The help agents at Betway truly go the extra mile to resolve customer queries as quickly as potential. Theyre attentive, resourceful, environment friendly, and responsive, even during rush hours. The rotating promotion banners are displayed at the centre of the web page, however they dont cowl a lot of the actual estate nor trigger muddle.
All you have to do is open the app in your telephone and luxuriate in betting and gambling anytime and wherever. Betway hasnt misplaced its high quality even after its massive recognition. The User interface of Betway is similar to the website. The company is regulated within the UK by the regional Gambling Commission and internationally by the Malta Gambling Authority. The one issue I confronted was the excessive level of margins for the betting. In the reside events, Betway also alters the percentages more drastically than the other playing sites.
If you create an account beneath a fictitious name, you will be unable to withdraw your winnings. The application takes up little house and consumes a minimal of gadget assets, which offers a quick response when selecting choices and prompt page loading. The cellular software program implements all security measures that guarantee the safety of confidential info and money account. Restart your cell and retry downloading the app from the Apple Store.
The website administration additionally permits all customers to obtain a welcome bonus. Users have two sorts to select from Welcome Sports 200% and Welcome Casino 200%. You can accept the provide, play 4rabet for money with...
19:55
President Biden Signs Executive Order Restricting Use of Commercial Spyware The Hacker News
U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government agencies. The order said the spyware ecosystem "poses significant counterintelligence or security risks to the United States Government or significant risks of improper use by a foreign government or foreign person." It also seeks to ensure that the government's use of
19:41
MPA, Amazon & Apple Win $30m in Damages Against Pirate IPTV Services TorrentFreak
Operators of pirate IPTV services in the United States
risk prison sentences and civil copyright infringement lawsuits
when things dont go to plan.
The recent 66-month sentence handed to YouTuber Omi in a Hellcat is one example with a particularly hefty price tag $30+ million in restitution.
IPTV services operated by Texas resident Dwayne Johnson werent as big or as profitable, but certainly important enough for Hollywood to step in with overwhelming resources.
Powerful Coalition Sues Johnson
In December 2021, movie and TV giants Universal, Disney, Paramount, Warner, and Columbia teamed up with Netflix, Amazon, Apple, and several other studios, in a lawsuit targeting AllAccessTV (AATV) and Quality Restreams.
The complaint alleged that AATV supplied infringing movies and TV shows via its IPTV and VOD services. Titles including The Godfather, Harry Potter, Jurassic Park, and The Office were distributed to subscribers via their smart TVs, computers, set-top boxes, plus mobile and tablet devices.
The studios said that most subscribers paid between $10 to $45 per month to access around 2,500 channels.
Connected service Quality Restreams allegedly provided infringing movies and TV shows to other pirate IPTV providers, including AATV.
In addition to live IPTV channels, its VOD service supplied 600 movies and 600 TV series, organized into named categories, including Netflix, Amazon Prime Video, Hulu, and Disney+.
Disguised as a VPN Provider
While most IPTV providers make at least some effort to hide their nature, the lawsuit alleged that AATV went a little further by presenting itself as a VPN provider.
The lawsuit revealed that along with many other pieces of cross contamination evidence, the studios had already id...
19:19
Researchers Develop Soft Robot That Shifts From Land to Sea With Ease SoylentNews
[R]esearchers at Carnegie Mellon University have created soft robots that can seamlessly shift from walking to swimming, for example, or crawling to rolling:
"We were inspired by nature to develop a robot that can perform different tasks and adapt to its environment without adding actuators or complexity," said Dinesh K. Patel, a post-doctoral fellow in the Morphing Matter Lab in the School of Computer Science'sHuman-Computer Interaction Institute. "Our bistable actuator is simple, stable and durable, and lays the foundation for future work on dynamic, reconfigurable soft robotics."
The bistable actuator is made of 3D-printed soft rubber containing shape-memory alloy springs that react to electrical currents by contracting, which causes the actuator to bend. The team used this bistable motion to change the actuator or robot's shape. Once the robot changes shape, it is stable until another electrical charge morphs it back to its previous configuration.
[...] The actuators require only a hundred millisecond of electrical charge to change their shape, and they are durable. The team had a person ride a bicycle over one of the actuators a few times and changed their robots' shapes hundreds of times to demonstrate durability.
In the future, the robots could be used in rescue situations or to interact with sea animals or coral. Using heat-activated springs in the actuators could open up applications in environmental monitoring, haptics, and reconfigurable electronics and communication.
Video of the robot in action.
Related:
- Scientists Unveil Bionic Robo-Fish to Remove Microplastics From Seas
- New Stretchable, Self-Healing and Illuminating Electronic Material for Wearables and Soft Robots
- A Soft Robotic Insect That Survives Being Flattened by a Fly Swatter
- Rubbery Figures: Scientists Create an Entirely Soft Robot
- "Soft Muscled" Robots Could Perform Delicate Tasks
19:00
Its Difficult To Read An Audiophile Guide As An Analogue Engineer Hackaday
Sitting on a train leaving the Hackaday Berlin conference, and Hacker News pops up Julian Shapiro with a guide to HiFi. What Hackaday scribe wouldnt give it a click, to while away the endless kilometres of North European Plain!
Its very easy as an analogue electronic engineer, to become frustrated while reading audiophile tracts, after all they have a tendency to blur superficial engineering talk with pseudoscience. Theres a rich vein of parody to be found in them, but nevertheless its interesting to read them because just sometimes the writer gets it and doesnt descend into the world of make-believe.
This one is probably par for the course, we raised an eyebrow at the idea of comparing different speaker setups merely from sampled recordings, and rolled our eyes at the usual price-tag worship, but at least some of the acoustics stuff isnt from another planet. The stand-out quote that motivated its write-up here though is the following, where he addresses the relationship between the audiophile industry and the audiophile press:
Also, note that almost all hifi reviews are positive. This is b...
18:27
Peter A. Swan, President of the International Space Elevator Consortium, joins our Space Settlement Board. Lifeboat News
Peter A. Swan, President of the International Space Elevator Consortium, joins our Space Settlement Board.
18:00
Are coincidences real? Terra Forming Terra
In Cods Shadow, Redfish Rise Terra Forming Terra
Stuck with the soul Terra Forming Terra
NHS Dr reveals Staff were ordered to Euthanise Patients to fraudulently increase COVID Death Count Terra Forming Terra
16:35
Microsoft Research Paper Claims Sparks of Artificial Intelligence in GPT-4 SoylentNews
Microsoft Research has issued a 154-page report entitled Sparks of Artificial Intelligence: Early Experiments With GPT-4:
Given the breadth and depth of GPT-4's capabilities, we believe that it could reasonably be viewed as an early (yet still system.
Zvi Mowshowitz wrote a post about this article:
[...] Their method seems to largely be 'look at all these tasks GPT-4 did well on.'
I am not sure why they are so impressed by the particular tasks they start with. The first was 'prove there are an infinite number of primes in the form of a rhyming poem.' That seems like a clear case where the proof is very much in the training data many times, so you're asking it to translate text into a rhyming poem, which is easy for it - for a challenge, try to get it to write a poem that doesn't rhyme.
[...] As I understand it, failure to properly deal with negations is a common issue, so reversals being a problem also makes sense. I love the example on page 50, where GPT-4 actively calls out as an error that a reverse function is reversed.
[...] in 6.1, GPT-4 is then shown to have theory of mind, be able to process non-trivial human interactions, and strategize about how to convince people to get the Covid-19 vaccine far better than our government and public health authorities handled things. The rank order is clearly GPT-4's answer is very good, ChatGPT's answer is not bad, and the actual answers we used were terrible.
[...] Does this all add up to a proto-AGI? Is it actually intelligent? Does it show 'sparks' of general intelligence, as the paper words it?
Read more of this story at SoylentNews.
16:23
Associative learning in the cnidarian Nematostella vectensis Lifeboat News: The Blog
The ability to learn and form memories allows animals to adapt their behavior based on previous experiences. Associative learning, the process through which organisms learn about the relationship between two distinct events, has been extensively studied in various animal taxa. However, the existence of associative learning, prior to the emergence of centralized nervous systems in bilaterian animals, remains unclear. Cnidarians such as sea anemones or jellyfish possess a nerve net, which lacks centralization. As the sister group to bilaterians, they are particularly well suited for studying the evolution of nervous system functions. Here, we probe the capacity of the starlet sea anemone Nematostella vectensis to form associative memories by using a classical conditioning approach. We developed a protocol combining light as the conditioned stimulus with an electric shock as the aversive unconditioned stimulus. After repetitive training, animals exhibited a conditioned response to light aloneindicating that they learned the association. In contrast, all control conditions did not form associative memories. Besides shedding light on an aspect of cnidarian behavior, these results root associative learning before the emergence of NS centralization in the metazoan lineage and raise fundamental questions about the origin and evolution of cognition in brainless animals.
16:23
Hacking phones remotely without touching via new inaudible ultrasound attack Lifeboat News: The Blog
The NearUltrasound Invisible Trojan, or NUIT, was developed by a team of researchers from the University of Texas at San Antonio and the University of Colorado Colorado Springs as a technique to secretly convey harmful orders to voice assistants on smartphones and smart speakers.
If you watch videos on YouTube on your smart TV, then that television must have a speaker, right? According to Guinevere Chen, associate professor and co-author of the NUIT article, the sound of NUIT harmful orders will [be] inaudible, and it may attack your mobile phone as well as connect with your Google Assistant or Alexa devices. That may also happen in Zooms during meetings. During the meeting, if someone were to unmute themself, they would be able to implant the attack signal that would allow them to hack your phone, which was placed next to your computer.
The attack works by playing sounds close to but not exactly at ultrasonic frequencies, so they may still be replayed by off-the-shelf hardware, using a speaker, either the one already built into the target device or anything nearby. If the first malicious instruction is to mute the devices answers, then subsequent actions, such as opening a door or disabling an alarm system, may be initiated without warning if the first command was to silence the device in the first place.
16:00
An Old Netbook Spills Its Secrets Hackaday
For a brief moment in the late 00s, netbooks dominated the low-cost mobile computing market. These were small, low-cost, low-power laptops, some tiny enough to only have a seven-inch display, and usually with extremely limiting hardware even for the time. There arent very many reasons to own a machine of this era today, since even the cheapest of tablets or Chromebooks are typically far more capable than the Atom-based devices from over a decade ago. There is one set of these netbooks from that time with a secret up its sleeve, though: Phoenix Hyperspace.
Hyperspace was envisioned as a way for these slow, low-power computers to instantly boot or switch between operating systems. [cathoderaydude] wanted to figure out what made this piece of software tick, so he grabbed one of the only netbooks that it was ever installed on, a Samsung N210. The machine has both Windows 7 and a custom Linux distribution installed on it, and with Hyperspace its possible to switch almost seamlessly between them in about six seconds; effectively instantly for the time.
[cathoderaydude]s investigation into how bargain-basement hardware from 15 years ago is able to do this revealed more mysteries than it seemed to solve at the time. At first it...
15:30
What you need before the next vulnerability hits Help Net Security
Cyberattacks tend to come from two angles: criminals take advantage of employees with privileged access or of security weaknesses in your hardware/software infrastructure. These broad categories encompass attack vectors such as phishing, man-in-the-middle attacks, misconfigurations, and vulnerability exploits. To prevent bad actors exploiting vulnerabilities, you must take action to reduce or eliminate security risks. Take stock of your software and get notifications for security issues Understand which tools your software uses: First, understand which software More
The post What you need before the next vulnerability hits appeared first on Help Net Security.
15:00
Running a security program before your first security hire Help Net Security
In this Help Net Security video, Matt Spitz, Head of Engineering at Vanta, talks about pragmatic security and illustrates what a small company with limited resources needs to do to lay the groundwork for effective protection.
The post Running a security program before your first security hire appeared first on Help Net Security.
14:41
Apple Issues Urgent Security Update for Older iOS and iPadOS Models The Hacker News
Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models. The issue, tracked as CVE-2023-23529, concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution. It was originally addressed by the tech giant with improved checks as part of updates released on February 13, 2023. An anonymous researcher has been
14:30
What the food and building industry can teach us about securing embedded systems Help Net Security
As one of the leading experts in product security with over 15 years of experience in security engineering and 120 cybersecurity patents under his belt, Adam Boulton is one of the most experienced software security professionals in the industry. Currently the SVP of Security Technology and Innovation at Cybellum, the Left to Our Own Devices podcast invited Adam Boulton to share his experience and his tips on building a product security strategy. Adam didnt expect More
The post What the food and building industry can teach us about securing embedded systems appeared first on Help Net Security.
14:00
Balancing security risks and innovation potential of shadow IT teams Help Net Security
Shadow IT teams, also known as rogue IT teams, have grown in popularity in recent years due to the rise of cloud-based apps and remote work. However, this has led to operational tension and security risks within many businesses. 58% of SMBs have experienced high-impact shadow IT efforts outside the purview of their official IT department, according to Capterra. Half of SMBs say shadow IT teams are most commonly formed because theres a lack of More
The post Balancing security risks and innovation potential of shadow IT teams appeared first on Help Net Security.
13:44
A Federal Judge Has Ruled Against the Internet Archive in a Lawsuit Brought by Four Book Publishers SoylentNews
Preliminary Court Setback for Libraries and Digital Lending
The Internet Archive has published a post about their ongoing fight in the lower courts over Controlled Digital Lending (CDL), specifically from the case Hachette v Internet Archive. This potentially affects all libraries with digital resources and the Internet Archive will appeal the court's decision.
Today's lower court decision in Hachette v. Internet Archive is a blow to all libraries and the communities we serve. This decision impacts libraries across the US who rely on controlled digital lending to connect their patrons with books online. It hurts authors by saying that unfair licensing models are the only way their books can be read online. And it holds back access to information in the digital age, harming all readers, everywhere.
But its not overwe will keep fighting for the traditional right of libraries to own, lend, and preserve books. We will be appealing the judgment and encourage everyone to come together as a community to support libraries against this attack by corporate publishers.
The Electronic Frontier Foundaion (EFF) pointed out that libraries have already paid publishers billions of dollars for their print collections which are being digitized at great expense as means of preserving these slowly decaying artifacts. CDL helps make full use of the books that the public have already bought and paid for in their libraries. Gizmodo had a piece a few days ago, giving a heads up about this setback: Internet Archive Faces Uphill Battle in Lawsuit Over Its Free Digital Library.
Hachette and several other publishers are fighting the Internet Archive in court to stop the practice of CDL. Basically, CDL is a model where artificial restrictions are imposed to create artificial scarcity of digital resources in emulation of the old model based on physical artifacts. This attack on basic library service is just the latest in decades of such attacks. Glyn Moody provides some context about other, long-term general attempts to remove libraries from the picture.
Read more of this story at SoylentNews.
13:00
Tausight expands its AI-based PHI Security Intelligence platform to cover new attack vectors Help Net Security
Tausight has expanded its AI-based PHI Security Intelligence platform which automates the discovery and identification of electronic PHI to enhance the protection of healthcare patients most valuable confidential information. On March 7, President Biden announced his National Cybersecurity Strategy, reflecting the growing awareness of ongoing ransomware attacks and cyber threats facing healthcare and other leading industries. Because each data security breach imposes significant fines on hospitals and disrupts patient care, the healthcare industry has unique More
The post Tausight expands its AI-based PHI Security Intelligence platform to cover new attack vectors appeared first on Help Net Security.
13:00
Long-Distance Gaming Over Packet Radio Hackaday
The amateur radio community often gets stereotyped as a hobby with a minimum age requirement around 70, gatekeeping airwaves from those with less experience or simply ignoring unfamiliar beginners. While there is a small amount of truth to this on some local repeaters or specific frequencies, the spectrum is big enough to easily ignore those types and explore the hobby without worry (provided you are properly licensed). One of the best examples of this weve seen recently of esoteric radio use is this method of using packet radio to play a game of Colossal Cave Adventure.
Packet radio is a method by which digital information can be sent out over the air to nodes, which are programmed to receive these transmissions and act on them. Typically this involves something like email or SMS messaging, so playing a text-based game over the air is not too much different than its intended use. For this build, [GlassTTY] aka [G6AML] is using a Kenwood TH-D72 which receives the packets from a Mac computer. It broadcasts these packets to his node, which receives these packets and sends them to a PDP-11 running the game. Information is then sent back to the Kenwood and attached Mac in much the same way as a standard Internet connection.
The unique features of packet radio make it both...
12:51
We've added 15 more text tools catonmat.net
Team Browserling keeps shipping!
Two weeks ago we added 50 new text tool.
Last week we added 20 more tools.
And just now we added 15 more text tools to our Online Text Tools collection.
I have done my part of the job and now it's Google's turn to index them and rank them well.
Here are the new text tools:
- Draw Box Around Text
- Calculate Letter Sum
- Filter Words in Text
- Sort Text Lines
- Sort Letters in Words
- Sort Words in Text
- Sort Sentences in Text
- Sort Paragraphs in Text
- Sort All Symbols in Text
- Randomize Letters in Text
- Randomize Words in Text
- Randomize Text Lines
- Randomize Text Paragraphs
- Randomize Text Sentences
- Calculate Text Complexity
Next week we'll add even more tools. See you then!
12:37
Links 27/03/2023: GnuCash 5.0 and Ubuntu 20.04 LTS on Phones Techrights
Contents
- GNU/Linux
- Distributions and Operating Systems
- Free, Libre, and Open Source Software
- Leftovers
- Gemini* and Gopher
-
GNU/Linux
-
Unix Men ...
-
11:01
YouTube Channel Linus Tech Tips Terminated After It Was Hacked to Show Crypto-Scam Videos SoylentNews
What just happened? Linus Tech Tips, one of the largest and most popular technology YouTube channels on the platform, has been hacked. It was used by the hackers to show pre-recorded 'live-streaming' crypto-scam videos, featuring former Twitter CEO Jack Dorsey and Tesla CEO Elon Musk. The channel is now showing a message stating it has been shut down for violating YouTube's community guidelines, but it appears Linus' other channels are also being abused.
Linus Sebastian's Linus Tech Tips YouTube channel has been running since 2008 and has amassed 15.8 million subscribers. The Canadian has several channels under the Linus Media Group banner, including TechLinked, but the main one remains the most popular. Sadly for all involved, it's become the latest high-profile channel to be hacked.
[...]
YouTube has shuttered the channel for violating its guidelines, but it seems the hackers have now gone after other Linus Media Group accounts. TechLinked has been renamed Tesla and is showing the same Musk livestream.
[...]
While all the content from the channels has been deleted, Linus previously created several videos showing off the high-end hardware used to store the terabytes of backups the company created over the years.
[UPDATE: After taking back control of the channels, he released a video explaining how it all went down by way of a little bit of social engineering resulting in the attacker gaining their browser session token --hubie]
Also:
Linus Tech Tips YouTube Channel Hacked to Promote Crypto
Scams
Linus Tech Tips YouTube Channel Is Down After Crypto Scammer
Hack
VERGE STUPIDLY MAKES THEIR TITLES IMAGES NOW (Though, it could
just be the one article. This is also an article on the Linus Tech
Tips YouTube channel hack.)
Related:
Live Show
on Improving Your Security -- Wednesday June 3rd, 2020
(NCommander - 2020)
Security
Warning For 23 Million YouTube Creators Following 'Massive' Hack
Attack (2019)
...
11:00
HPR3822: A tale of wonder, angst and woe Hacker Public Radio
In December of 2022, I traveled to Hong Kong, at some point en-route or in-country, I contracted covid. Backing up a step in preparation for the trip I was required to have a negative PCR before I could board the plane from the US as well as proof of vaccination and at least one booster shot. HKSAR Department of Health - Health Declaration Form (https://hdf.chp.gov.hk/dhehd/hdf.jsp?lang=en-us) Upon arrival, I was required to quarantine for 3 days as well as take a home test (referred to as RAT: Rapid Antigen Test, by the locals) every day for the first 7 days On the 2nd full day in HK, I was required to take another clinical PCR provided at a health center, free of charge. On the third day I received my PCR and RAT tests as Covid Positive. By law I was now required to quarantine in my hotel until I tested negative on 2 consecutive days. Since my symptoms were very mild, a sniffle and low grade temp, merely 2-3 deg above normal, I could stay in the hotel and was not required to transfer to a public health center. I was also required to register the positive results with a government website. This registration kicked off a series of events, including a visit from a health representative. (he stood in the hall, I was not permitted to leave the room) I was Required to install an app on my phone called "Stay Home Safe'' and to wear a wristband that I presume was a GPS and possibly temp/pulse tracking device that connected to my phone by bluetooth. The agent installed the app, and synced the watch to it. The complete shownotes are available downloaded from http://bookewyrmm.42web.io/covid.html
Typescript Feature Adoption It Will Never Work in Theory
I started programming full-time eighteen months ago after almost ten years of doing other things. The Python I came back to was not the Python I had left: the language had acquired so many new features that it felt more like Java than like the handy little scripting language I remembered. Those features all solve real problems, but I found myself wondering how many people actually use them.
This paper attempts to answer that question for Typescript by looking at the adoption of 13 new language features over the past three years by 454 open source projects. The authors found that developers are quick to adopt new versions of the compiler, but much more conservative about features, and that some see little uptake even in the long run. I don't know if it would be possible to build models or develop methods to predict which features were going to prove popular, but I hope work like this will encourage language developers to ask, "Will it be used?" as well as, "Would it be useful?"
Joshua D. Scarsbrook, Mark Utting, and Ryan K. L. Ko. Typescript's evolution: an analysis of feature adoption over time. 2023. arXiv:2303.09802.
TypeScript is a quickly evolving superset of JavaScript with active development of new features. Our paper seeks to understand how quickly these features are adopted by the developer community. Existing work in JavaScript shows the adoption of dynamic language features can be a major hindrance to static analysis. As TypeScript evolves the addition of features makes the underlying standard more and more difficult to keep up with. In our work we present an analysis of 454 open source TypeScript repositories and study the adoption of 13 language features over the past three years. We show that while new versions of the TypeScript compiler are aggressively adopted by the community, the same cannot be said for language features. While some experience strong growth others are rarely adopted by projects. Our work serves as a starting point for future study of the adoption of features in TypeScript. We also release our analysis and data gathering software as open source in the hope it helps the programming languages community.
10:30
Hunters integrates its SOC Platform with Databricks Lakehouse Help Net Security
Hunters has integrated its SOC (Security Operations Center) Platform with the Databricks Lakehouse. For the first time, Databricks customers will be able to stand up a security data lake for security operations (data ingestion, detection, investigation and response) in just a few clicks using Hunters SOC Platform. Hunters SOC Platform is an alternative to SIEM that ingests, normalizes and analyzes data from all security and IT sources, including endpoint telemetry, network traffic, identity, and cloud More
The post Hunters integrates its SOC Platform with Databricks Lakehouse appeared first on Help Net Security.
10:30
Hackaday Berlin was Bonkers Hackaday
In celebration of the tenth running of the Hackaday Prize, we had a fantastic weekend event in Berlin. This was a great opportunity for all of the European Hackaday community to get together for a few days of great talks, fun show-and-tells, and above all good old fashioned sitting together and brainstorming. Of course there was the badge, and the location a gigantic hackerspace in Berlin called MotionLab even had a monstrous laser-eye octopus suspended from a gantry overhead. Everyone who came brought something to share or to show. You couldnt ask for more.
Unfortunately, we werent able to record the talks, so well run down the highlights for you here. [Jenny List] is writing up a bunch of the badge hacks as we speak, so well skip that for now. For the full experience, you just had to be there, but well share with you what pictures we got. Enjoy!
Talks
The morning kicked off with [Jiska Classen] taking us through her reverse engineering practice. Sh...
10:22
Re: New distros list statistics Open Source Security
Posted by Anthony Liguori on Mar 27
Yes.Yes. This is actually supported today but I'm the only one doing it and
I'm doing it privately. I'm going to pick on the OpenSSL issue from Feb of
this year to illustrate how this works. Here's the OSV file that my
tooling created:
{
"schema_version": "1.3.0",
"id": "OSS-SEC-ea843",
"modified": "2023-02-04T09:46:55+00:00",
"published":...
10:15
AU10TIX partners with Microsoft on decentralized verifiable credentials Help Net Security
AU10TIX has unveiled that it is working with Microsoft on Reusable ID a verifiable credentials (VC) architecture for identity management. VCs are reusable, unalterable digital credentials that prove the identity of a person or entity and allow the safe sharing of personal documents and biometric credentials. VC architecture also gives users the self-sovereignty to share just the right information on-demand for actions such as opening an account, applying to college, paying taxes, etc. AU10TIXs More
The post AU10TIX partners with Microsoft on decentralized verifiable credentials appeared first on Help Net Security.
09:00
AMD Continues Linux Driver Enablement For Additional "Aldebaran" Instinct GPU Phoronix
Over the weekend I wrote about AMD beginning to post new graphics driver patches for a new GPU. As pointed out in that earlier article, it looks to be a new AMD Instinct MI300 / "Aldebaran" GPU model and today more patches were posted that further confirm this target...
08:37
MPA and RIAA Megaupload Lawsuits Are Now Inactive TorrentFreak
More
than a decade has passed since Kim Dotcoms file-storage empire
Megaupload collapsed after becoming the prime target in a
high-profile
law enforcement operation.
The U.S. Government booked an early result in 2015 when programmer Andrus Nomm was handed a one-year prison sentence following a plea deal.
The case lit up again last year when two of the three remaining defendants, Mathias Ortmann and Bram van der Kolk, signed an agreement to be charged in New Zealand and avoid extradition to the United States. That left Kim Dotcom as the sole active extradition candidate.
As Dotcoms extradition battle continues, the U.S. Governments criminal case has stalled along with a pair of civil lawsuits filed by the RIAA and MPA. These are not expected to begin until the criminal case is finalized, which could take a while.
MPA and RIAA Cases Postponed Again
Over the past several years, Megaupload has repeatedly asked the court to delay these lawsuits. This bi-annual postponement cycle began in 2014 and continued earlier this month.
Defendant Megaupload hereby moves the Court to enter the attached proposed order, continuing the stay in this case for an additional six months, subject to the terms and conditions stated in the proposed order, the requests note, adding there are no objections from the RIAA and MPA.
As expected, District Judge Anthony J. Trenga who took over the Megaupload lawsuits after complaints about Judge Liam OGradys alleged financial ties to Disney swiftly signed off on the new six-month delays.
[T]his matter be stayed until September 1, 2023, on the same terms and conditions as set forth in the Courts original stay order, the...
08:35
Apple fixes recently disclosed CVE-2023-23529 zero-day on older devices Security Affairs
Apple released updates to backport security patches that address actively exploited CVE-2023-23529 WebKit zero-day for older iPhones and iPads.
Apple released security updates to backport patches that address an actively exploited zero-day flaw (CVE-2023-23529) for older iPhones and iPads.
The CVE-2023-23529 flaw is a type confusion issue in WebKit that was addressed by the IT giant with improved checks. The flaw impacts iOS, iPadOS, and macOS.
Apple addressed the vulnerability in February and US CISA added the issue to its Known Exploited Vulnerabilities Catalog on February 14, 2023.
An attacker can trick the victim into visiting malicious web pages to trigger the vulnerability and cause OS crashes or potentially gain arbitrary code execution on vulnerable devices.
Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. reads the advisory published by Apple.
Now Apple released security updates to fix the issue in iOS 15.7.4 and iPadOS 15.7.4.
The vulnerability impacted iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) devices.
In January, Apple backported the security updates for another zero-day vulnerability, tracked as CVE-2022-42856, to older iPhones and iPads.
To secure older devices against attacks exploiting the above issue, Apple released iOS 12.5.7. The patches are now available also for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
...
08:14
Very Few Consumers Want Subscriptions in Their Cars, Survey Shows SoylentNews
Automakers are pushing subscriptions, but consumer interest just isn't there:
The last decade or so has seen the creeping techification of the auto industry. Executives will tell you the trend is being driven by consumers, starry-eyed at their smartphones and tablets, although the 2018 backup camera law is the main reason there's a display in every new car.
But automakers have been trying to adopt more than just shiny gadgets and iterating software releases. They also want some of that lucrative "recurring revenue" that so pleases tech investors but makes the rest of us feel nickeled and dimed. Now we have some concrete data on just how much car buyers are asking for this stuff, courtesy of a new survey from AutoPacific. The answer is "very little."
AutoPacific asked people looking to buy a new vehicle about their interest in 11 different in-car connected features, starting with a data plan for the car for a hypothetical price of $15/month.
The results may chasten some of the investors demanding that the car companies keep traveling down this path. The most in-demand or desirable feature was Internet connection with a Wi-Fi hotspotnot an unreasonable demand for $15 per month. But only 30 percent of people looking to buy a new car said they were interested in paying for their car's Internet access.
[...] AutoPacific also broke down some of its data by age brackets. The 30- to 39-year-old group was consistently the most interested in connected subscription features for their cars28 percent want to stream video directly to the infotainment screen, 20 percent want to play video games on the infotainment screen, and 18 percent want in-car video conferencing. As you might expect, the 60- to 69-year-old bracket was the least interested in any of this stuff; just 10 percent would want in-car video streaming, with video conferencing at 5 percent and in-car gaming at just 4 percent.
In other news, water is wet...
Read more of this story at SoylentNews.
07:31
New MacStealer macOS malware appears in the cybercrime underground Security Affairs
A new MacStealer macOS malware allows operators to steal iCloud Keychain data and passwords from infected systems.
Uptycs researchers team discovered a new macOS information stealer, called MacStealer, which allows operators to steal iCloud Keychain data and passwords from infected systems.
The macOS malware can steal documents, credit card data, cookies from a victims browser (i.e. Firefox, Google Chrome, and Brave browsers), and login information.
The malicious code can steal Microsoft Office files, images, archives, and Python scripts.
It can infect Catalina and subsequent macOS versions running on Intel M1 and M2 CPUs.
The operators can control its MacStealers operations over Telegram.
The malware was advertised on cybercrime forums since early March, it is under active development and its operators planned to add new features to capture data from Apples Safari browser and the Notes app.
The malware spreads through a .DMG file, and upon opening the file, it opens a fake password prompt to gather passwords using a command line.
06:41
Portion of Twitters proprietary source code leaked on GitHub HackRead | Latest Cybersecurity and Hacking News Site
By Deeba Ahmed
Twitter had to file a DMCA request after its source code was found on GitHub.
This is a post from HackRead.com Read the original post: Portion of Twitters proprietary source code leaked on GitHub
06:34
Re: New distros list statistics Open Source Security
Posted by Solar Designer on Mar 27
Hi,Thank you very much for contributing this, Anthony!
I've just edited the wiki to credit Amazon for this (just like we did
for Gentoo's similar contribution in 2017-2019) and to assign the task
to Amazon. Please let me know whether this is right.
Yes, please do update this regularly.
Regarding the content, I notice some issues that I hope you can address:
You show "Coordinated Release Date" and "Days embargoed...
05:33
RISC-Y Business: Arm Wants to Charge Dramatically More for Chip Licenses SoylentNews
Arm is tired of seeing device makers bring in billions while it makes millions:
What's in store for the future of chip maker Arm? The company's owner, Softbank, has been in financial trouble lately, and that has caused Arm to bounce from one dramatic possibility to another. Initially, Arm was put up for sale, and Nvidia was the front-runner to buy the company. That plan was shut down by regulators, and now "Plan B" is an IPO, which is supposed to happen on the New York Stock Exchange sometime this year. If you want to succeed on the stock market, you've got to show revenue, and while Arm enables the sale of billions of dollars of devices around the world, the company's chip licensing scheme only brings in a comparatively small amount of moneyaround $500 million a quarter.
The Financial Times has a report on Arm's "radical shake-up" of its business model. The new plan is to raise prices across the board and charge "several times more" than it currently does for chip licenses. According to the report, Arm wants to stop charging chip vendors to make Arm chips, and instead wants to charge device makersespecially smartphone manufacturersa fee based on the overall price of the final product.
Let's say Motorola makes a phone with a Qualcomm Snapdragon Arm chip. Previously, Qualcomm would have signed a deal with Arm for an Arm license, and that license would extend to anyone that buys a Qualcomm Arm chip, like Motorola. Qualcomm contributes a lot to its own chip designs, but when it comes to the Arm license it is basically an Arm reseller. Arm would now want a licensing fee from Motorola (and not Qualcomm?), and it would ask Qualcomm to not sell chips to anyone that doesn't have a licensing agreement with Arm.
Read more of this story at SoylentNews.
05:15
Distribution Release: UBports 20.04 OTA-1 DistroWatch.com: News
UBports is a Linux distribution designed to run on phones and tablets. The project is a community-run continuation of Ubuntu Touch. The project has published a major update which upgrades the base distribution from Ubuntu 16.04 to 20.04. "Ubuntu Touch is the privacy and freedom-respecting mobile operating system....
05:09
Rerouting Intention And Sensation In Paralyzed Patients IEEE Spectrum
Transcript
Eliza Strickland: Paralysis used to be thought of as a permanent condition, but over the past two decades, engineers have begun to find workarounds. Theyre building on a new understanding of the electric code used by the nervous system. Im Eliza Strickland, a guest host for IEEE Spectrums Fixing the Future podcast. Today Im talking with Chad Bouton, whos at the forefront of this electrifying field of research. Chad, welcome to the program, and can you please introduce yourself to our listeners?
Chad Bouton: Yes, thanks so much, Eliza, for having me. And my name is Chad. Im at the Northwell Health Feinstein Institute for Medical research.
Strickland: And can you tell me a bit about the patient population that youre working with? I believe these are people who had become paralyzed, and maybe you can tell us how that happened and the extent of their paralysis.
Bouton: Absolutely. Absolutely. In fact, we work with folks that have been paralyzed either from a traumatic injury, stroke, or even a brain injury. And theres over 100 million people worldwide that are living with paralysis. And so its a very devastating and important condition, and we are working to restore not only movement, but were making efforts to restore sensation as well, which is often not the focus and certainly should be.
Strickland: So these are people who typically dont have much movement below the head, below the neck?
Bouton: So we have focused on tetraplegia or quadriplegia because, obviously, its extremely important and it is very difficult to achieve independence in our daily lives if you dont have the use of your hands in addition to not being able to move around and walk. And it surprisingly accounts for about half of the cases of spinal cord injury, even slightly more than half. And it used to be thought of as something that was a more rare condition, but with car accidents and diving accidents, its a prominent and critical condition that we need to really address. And theres no cure currently for paralysis. No easy solution. No simple fix at this point.
Strickland: And from your experiences working with these people, what kind of capabilities would they like to get back if possible?
Bouton: Well, individuals with paralysis would like to really regain independence. Ive had patients and study participants comment on that and really ask for advances in technology that would give them that in...
05:08
Better Carbon Sequestration With AI IEEE Spectrum
Transcript
Eliza Strickland: Technology to combat climate change got a big boost this year when the US Congress passed the Inflation Reduction Act, which authorized more than 390 billion for spending on clean energy and climate change. One of the big winners was a technology called carbon capture and storage. Im Eliza Strickland, a guest host for IEEE Spectrums Fixing the Future podcast. Today, Im speaking with Philip Witte of Microsoft Research whos going to tell us about how artificial intelligence and machine learning are helping out this technology. Philip, thanks so much for joining us on the program.
Philip Witte: Hi, Eliza, Im glad to be here.
Strickland: Can you just briefly tell us what you do at Microsoft Research, tell us a little bit about your position there?
Witte: Sure. So Im a researcher at Microsoft Research, and Im working on scientific machine learning in a broader sense and high-performance computing in the cloud. And specifically, how do you apply recent advances in machine learning in the HPC to carbon capture? And Im part of a group at Microsoft thats called Research for Industry, and were overall part of Microsoft Research, but were specifically focusing on transferring technology and computer science to solving industry problems.
Strickland: And how did you start working in this area? Why did you think there might be real benefits of applying artificial intelligence to this tricky technology?
Witte: So I was actually pretty interested in this topic for a couple years now, and then really started diving deeper into it maybe a year-and-a-half ago when Microsoft had signed a memorandum of understanding with one of the big CCS projects that is called Northern Lights. So Microsoft and them signed a contract to explore possibilities of how Microsoft can support the Northern Lights project as a technology partner.
Strickland: So well get into some of these super tech details in a little bit. But before we get to those, lets do a little basic tutorial on the climate science here. How and where can carbon dioxide be meaningfully captured, and how can it be stored, and where?
Witte: So I think its worth pointing out that there are kind of two main technologies around carbon capture, and one is called direct air capture, where you capture CO2 directly fro...
05:00
Pending RADV Driver Change Leads To Much Lower System RAM Use For Some Games Phoronix
A pending change to the Mesa Radeon Vulkan driver "RADV" is leading to much lower system RAM use for some games that make use of many Vulkan Graphics Pipeline Libraries (GPL). The game causing this issue to be investigated was Valve's Dota 2 on RADV and is now seeing an 85% reduction in system RAM use by this open-source Radeon Linux driver...
04:16
Pwn2Own 2023: Tesla Model 3, Windows 11, Ubuntu and more Pwned HackRead | Latest Cybersecurity and Hacking News Site
By Deeba Ahmed
This year's Pwn2Own 2023 was held in Vancouver between March 22nd and 24th, 2023.
This is a post from HackRead.com Read the original post: Pwn2Own 2023: Tesla Model 3, Windows 11, Ubuntu and more Pwned
04:04
UK police reveal they are running fake DDoS-for-hire sites to collect details on cybercriminals Graham Cluley
There's bad news if you're someone who is keen to launch a Distributed Denial-of-Service (DDoS) attack to boot a website off the internet, but don't have the know-how to do it yourself. Rather than hiring the help of cybercriminals to bombard a site with unwanted traffic or kick rivals out of a video game, you might be actually handing your details straight over to the police. Read more in my article on the Hot for Security blog.
03:50
Ubuntu Touch OTA-1 Focal Released For Ubuntu 20.04 LTS On Smartphones Phoronix
03:30
CVE-2023-25197: apache fineract: SQL injection vulnerability in certain procedure calls Open Source Security
Posted by James Dailey on Mar 27
Severity: moderateDescription:
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software
Foundation apache fineract.
Authorized users may be able to exploit this for limited impact on components.
This issue affects apache fineract: from 1.4 through 1.8.2.
Credit:
Eugene Lim at Cyber Security Group (CSG) Government Technology Agency GOVTECH.sg (reporter)
aleks ()...
03:27
CVE-2023-25196: Apache Fineract: SQL injection vulnerability Open Source Security
Posted by James Dailey on Mar 27
Severity: importantDescription:
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Software
Foundation Apache Fineract.
Authorized users may be able to change or add data in certain components.
This issue affects Apache Fineract: from 1.4 through 1.8.2.
Credit:
Zhang Baocheng at Leng Jing Qi Cai Security Lab (reporter)
Aleks () apache org (remediation developer)...
03:25
CVE-2023-25195: Apache Fineract: SSRF template type vulnerability in certain authenticated users Open Source Security
Posted by James Dailey on Mar 27
Severity: moderateDescription:
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract.
Authorized users with limited permissions can gain access to server and may be able to use server for any outbound
traffic.
This issue affects Apache Fineract: from 1.4 through 1.8.3.
Credit:
Huydoppa from GHTK (reporter)
Aleksander (remediation developer)
References:
https://fineract.apache.org/...
03:01
Automate container and pod deployments with Podman and Ansible Linux.com
Podman and Ansible are even better together for enabling automation and orchestration of container and pod lifecycles.
Read More at Enable Sysadmin
The post Automate container and pod deployments with Podman and Ansible appeared first on Linux.com.
03:00
Intel Sapphire Rapids Performance With Google Cloud Compute Engine C3 Phoronix
Back in October Google announced their Compute Engine C3 instances in private preview that featured 4th Gen Xeon Scalable "Sapphire Rapids" processors as well as making use of Google's custom Intel Infrastructure Processing Unit (IPU). Since then, back in January, was the big Sapphire Rapids launch with the likes of the Xeon Platinum 8490H being released. Last month meanwhile Google promoted the C3 VMs to public preview state. The Sapphire Rapids C3 VMs remain in "public preview" from Google Cloud during which time there are no charges involved for the CPU costs. For those wondering about the core-for-core performance of Sapphire Rapids in Google Cloud, here are my initial benchmarks of the C3 series.
02:51
Amazon is About to Go Head to Head With SpaceX in a Battle for Satellite Internet Dominance SoylentNews
In its bid to catch up with Starlink, the company plans to build as many as four satellites a day:
Amazon has applied to the FCC to increase its constellation to 7,774 satellites, which would allow it to cover regions further north and south, including Alaska, as Starlink does.
There are riches to be had: SpaceX currently charges $110 a month to access Starlink, with an up-front cost of $599 for an antenna to connect to the satellites. According to a letter to shareholders last year, Amazon is spending "over $10 billion" to develop Kuiper, with more than 1,000 employees working on the project. Andy Jassy, Amazon's current CEO, has said that Kuiper has a chance of becoming a "fourth pillar" for the company, alongside its retail marketplace, Amazon Prime, and its widely used cloud computing service, Amazon Web Services
"Amazon's business model relies on people having internet connectivity," says Shagun Sachdeva, an industry expert at the space investment firm Kosmic Apple in France. "It makes a lot of sense for them to have this constellation to provide connectivity."
Amazon is not yet disclosing the pricing of its service but has previously said a goal is to "bridge the digital divide" by bringing fast and affordable broadband to "underserved communities," an ambition Starlink has also professed. But whether costs will ever get low enough for that to be achievable remains to be seen. "Costs will come down, but to what extent is really the question," says Sachdeva. On March 14, the company revealed it was producing its own antennas at a cost of $400 each, although a retail cost has not yet been revealed.
Read more of this story at SoylentNews.
02:30
A Comprehensive Look at FDM Supports Hackaday
When we first started 3D printing, we used ABS and early slicers. Using supports was undesirable because the support structures were not good, and ABS sticks to itself like crazy. Thankfully todays slicers are much better, and often we can use supports that easily detach. [Teaching Tech] shows how modern slicers create supports and how to make it even better than using the default settings.
The video covers many popular slicers and their derivatives. If youve done a lot with supports, you might not find too much of this information surprising, but if you havent printed with supports lately or tried things like tree supports, you might find a few things that will up your 3D printing game.
One thing we really like is that the video does show different slicers, so regardless of what slicer you like to use, youll probably find exactly what different settings are called. Of course, because slicers let you examine what they produce layer-by-layer, you can do like the video and examine the results without printing. [Michael] does do some prints with various parameters, though, and you can see how hard or easy the support removal is depending on some settings. The other option is to add support to your designs, as needed manually, or even better dont design things that need support.
This video reminded us of a recent technique we covered that...
02:23
Brains Might Sync As People Interact and That Could Upend Consciousness Research Lifeboat News: The Blog
When we cooperate on certain tasks, our brainwaves might synchronize. This finding could upend the current understanding of consciousness.
02:23
How Were Reverse Engineering the Human Brain in the Lab | Sergiu P. Pasca | TED Lifeboat News: The Blog
Neuroscientist Sergiu P. Pasca has made it his lifes work to understand how the human brain builds itself and what makes it susceptible to disease. In a mind-blowing talk laden with breakthrough science, he shows how his team figured out how to grow organoids and what they call brain assembloids self-organizing clumps of neural tissue derived from stem cells that have shown the ability to form circuits and explains how these miniature parts of the nervous system are bringing us closer to demystifying the brain.
If you love watching TED Talks like this one, become a TED Member to support our mission of spreading ideas: http://ted.com/membership.
Follow TED!
Twitter: http://twitter.com/TEDTalks.
Instagram: https://www.instagram.com/ted.
Facebook: http://facebook.com/TED
LinkedIn: https://www.linkedin.com/company/ted-conferences.
TikTok: https://www.tiktok.com/@tedtoks.
The TED Talks channel features talks, performances and original series from the worlds leading thinkers and doers. Subscribe to our channel for videos on Technology, Entertainment and Design plus science, business, global issues, the arts and more. Visit http://TED.com to get our entire library of TED Talks, transcripts, translations, personalized talk recommendations and more.
Watch more: https://go.ted.com/sergiuppasca.
02:22
Android app from China executed 0-day exploit on millions of devices Lifeboat News: The Blog
Can you imagine if we had computer/brain interfaces what would happen? Well need brain firewalls and antivirus.
Android apps digitally signed by Chinas third-biggest e-commerce company exploited a zero-day vulnerability that allowed them to surreptitiously take control of millions of end-user devices to steal personal data and install malicious apps, researchers from security firm Lookout have confirmed.
The malicious versions of the Pinduoduo app were available in third-party markets, which users in China and elsewhere rely on because the official Google Play market is off-limits or not easy to access. No malicious versions were found in Play or Apples App Store. Last Monday, TechCrunch reported that Pinduoduo was pulled from Play after elsewhere. TechCrunch reported the malicious apps available in third-party markets exploited several zero-days, vulnerabilities that are known or exploited before a vendor has a patch available.
Sophisticated attack
A preliminary analysis by Lookout found that at least two off-Play versions of Pinduoduo for Android exploited CVE-202320963, the tracking number for an Android vulnerability Google patched in updates that became available to end users two weeks ago. This privilege-escalation flaw, which was exploited prior to Googles disclosure, allowed the app to perform operations with elevated privileges. The app used these privileges to download code from a developer-designated site and run it within a privileged environment.
02:18
20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison The Hacker News
Conor Brian Fitzpatrick, the 20-year-old founder and the administrator of the now-defunct BreachForums has been formally charged in the U.S. with conspiracy to commit access device fraud. If proven guilty, Fitzpatrick, who went by the online moniker "pompompurin," faces a maximum penalty of up to five years in prison. He was arrested on March 15, 2023. "Cybercrime victimizes and steals financial
02:00
The Do-or-Die Moments That Determined the Fate of the Internet IEEE Spectrum
New technologies often are introduced through spectacle: Think of the historic demonstrations carried out by Faraday, Edison, Morse, and Bell, or, more recently, by Steve Jobs onstage in his black turtleneck at Macworld 2007, holding the first iPhone. Indeed, hyped-up product announcements at industry events like the Consumer Electronics Show (now CES) and the Game Developers Conference have become regular features of the digital world.
Theres also a parallel traditionless flashy but no less importantof industry events that focus attention on digital infrastructure. Several of these events, such as the first public demo of the ARPANET in 1972, or the mid-1980s conferences now known as Interop, alerted experts to new technologies, and, in some cases, altered the balance between competing approaches.
Although many of these gatherings have escaped the attention of historians, our view is that these events should be recognized more fully as moments where experts could glimpse possible futures and judge for themselves what was most likely to happen. Here we describe a few of these do-or-die moments. You may not have heard of any of these eventsbut if you were there, you will never forget them.
Packet Switching Comes of Age
The ARPANET was one of the first networks to apply packet switching, an approach to communications that breaks messages into discrete chunks, or packets, of data. It was a major departure from circuit-switched networks, such as telephone networks, for which communication partners were linked through a dedicated circuit.
The first node of the ARPANET was installed at the University of California, Los Angeles, in 1969. But the ARPANET didnt take off immediately. And by mid-1971, program director Lawrence Roberts of the Advanced Research Projects Agency (ARPA) was becoming impatient with the slow pace at which ARPA-funded researchers were getting connected. One of these researchers, Bob Kahn, suggested that Roberts organize a public demonstration of the ARPANET, both to educate other researchers about the networks capabilities and to encourage new partners to support the initiative. Once Kahn found a venue for the demoat the International Conference on Computer Communications (ICCC), to be held in Washington, D.C., in late October of 1972he worked feverishly to get it organ...
01:39
AmpereOne Sees Last Minute Compiler Tuning Ahead Of GCC 13 Phoronix
Going back to late 2021 was the initial GCC compiler patch for "Ampere-1" for that next-gen AArch64 server processor while last year this successor to Ampere Altra (Max) was formally announced under the AmpereOne brand. That initial compiler support appeared in GCC 12 while ahead of the GCC 13 release in the coming weeks has been some last minute tuning for the AmpereOne cost table...
01:10
[$] The curious case of O_DIRECTORY|O_CREAT LWN.net
The open() system call offers a number of flags that modify its behavior; not all combinations of those flags make sense in a single call. It turns out, though, that the kernel has responded in a surprising way to the combination of O_CREAT and O_DIRECTORY for a long time. After a 2020 change made that response even more surprising, it seems likely that this behavior will soon be fixed, resulting in a rare user-visible semantic change to a core system call.
01:08
Version 5.0 of the GnuCash accounting tool is out. Changes include a number of investment-tracking improvements, better completion in the register window, a reworked report-generation system, and more.
01:06
Security updates for Monday LWN.net
Security updates have been issued by Debian (libreoffice and xen), Fedora (chromium, curl, and xen), Red Hat (kernel, kernel-rt, kpatch-patch, and thunderbird), Scientific Linux (thunderbird), Slackware (tar), SUSE (apache2, ceph, curl, dpdk, helm, libgit2, and php7), and Ubuntu (firefox and thunderbird).
01:00
Europes Proposed Right-To-Repair Law: a Game Changer, or Business As Usual? Hackaday
Recently, the European Commission (EC) adopted a new proposal intended to enable and promote the repair of a range of consumer goods, including household devices like vacuum cleaners and washing machines, as well as electronic devices such as smartphones and televisions. Depending on how the European Parliament and Council vote in the next steps, this proposal may shape many details of how devices we regularly interact with work, and how they can be repaired when they no longer do.
As we have seen recently with the Digital Fair Repair Act in New York, which was signed into law last year, the devil is as always in the details. In the case of the New York bill, the original intent of enabling low-level repairs on defective devices got hamstrung by added exceptions and loopholes that essentially meant that entire industries and types of repairs were excluded. Another example of right to repair being essentially gamed involves Apples much-maligned self repair program, that is both limited...
01:00
CubeSat Operators Launch an IoT Space Race IEEE Spectrum
A rocket carrying CubeSats launched into Earth orbit two years ago, on 22 March 2021. Two of those CubeSats represented competing approaches to bringing the Internet of Things (IoT) to space. One, operated by Lacuna Space, uses a protocol called LoRaWAN, a long-range, low-power protocol owned by Semtech. The other, owned by Sateliot, uses the narrowband IoT protocol, following in the footsteps of OQ Technology, which launched a similar IoT satellite demonstration in 2019. And separately, in late 2022, the cellular industry standard-setter 3GPP incorporated satellite-based 5G into standard cellular service with its release 17.
In other words, there is now an IoT space race.
In addition to Lacuna and Sateliot, OQ Technology is also nipping at the heels of satellite telecom incumbents such as Iridium, Orbcomm, and Inmarsat for a share of the growing satellite-IoT subscriber market. OQ Technology has three satellites in low Earth orbit and plans to launch seven more this year, says OQ Technologys chief innovation officer, Prasanna Nagarajan. OQ has paying customers in the oil and gas, agriculture, and transport logistics industries.
Sateliot, based in Barcelona, has the satellite it launched in 2021 in orbit and plans to launch four more this year, says Sateliots business development manager, Paula Caudet. The company is inviting early adopters to sample its service for free this year while it builds more coverage. Certain use cases are fine with flybys every...
00:41
Updates from the MaaS: new threats delivered through NullMixer Security Affairs
A technical analysis of NullMixer malware operation revealed Italy and France are the favorite European countries from the attackers perspective.
Executive Summary
- Our insights into a recent NullMixer malware operation revealed Italy and France are the favorite European countries from the opportunistic attackers perspective.
- In thirty days, the operation we monitored was capable to establish initial access to over 8 thousand endpoints and steal sensitive data that are now reaching the underground black markets.
- Most of the victims mount Windows 10 Professional and Enterprise operating systems, including several Datacenter versions of Windows Server. Some of them are also Windows Embedded, indicating the penetration of such malware operation even into IoT environments.
- The NullMixer package is including new polymorphic loaders by third parties MaaS and PPI service providers in the underground markets, and also pieces of controversial, potentially North-Korean linked PseudoManuscript code.
Introduction
During March 2023, we obtained information and data regarding an ongoing malware operation hitting more than 8.000 targets within a few weeks, with a particular emphasis on North American, Italian, and French targets.
Such was related to a worldwide malware operation known as NullMixer, a controversial and widespread malware delivery maneuver based on SEO poisoning and social engineering technique to lure tech-savvy users, including IT personnel.
The insight from this attack wave revealed the presence of a controversial piece of code in the delivered payloads, among additional loaders related to new MaaS and PPI operators.
Technical Analysis
There are two main key areas we technically analyzed during this investigation: first of all the presence of two unknown loaders entering the MaaS and PPI businesses (CrashedLoader and Koi), along with the presence of a controversial, potentially North-Korean linked piece of malware, and secondly, we analyzed data about current successful infection rates on targeted hosts.
The Originating Malvertising Campaign
According to CTI investigation on the adversary infrastructure, we were able to identify an ongoing campaign luring system administrators to install the malicious code into their machines. In particular, the identified attack wave was designed to trick users to install backdoored, cracked versions of notorious PC maintenance software such as EaseUS Partition Master and Driver Easy Pro, two well-known tools within the IT community.
Filen...
00:22
Surprise Computer Science Proof Stuns Mathematicians Lifeboat News: The Blog
For decades, mathematicians have been inching forward on a problem about which sets contain evenly spaced patterns of three numbers. Last month, two computer scientists blew past all of those results.
00:10
Distribution Release: Porteus Kiosk 5.5.0 DistroWatch.com: News
Tomasz Jokiel has announced the release of Porteus Kiosk 5.5.0, designed for in web kiosks: "I'm pleased to announce that Porteus Kiosk 5.5.0 is now available for download. Major software upgrades in this release include: Linux kernel 6.1.20, Google....
00:04
Performance Evaluation of C, Julia, Kokkos and Python/Numba in Exascale High Performance Computing SoylentNews
High-level dynamic languages such as Python, Julia, and R have been at the forefront of artificial intelligence/machine learning (AI/ML), data analysis, and interactive computing workflows in the last decade. Traditional high-performance computing (HPC) frameworks that power the underlying low-level computations for performance and scalability are written in compiled languages: C, C++, and Fortran.
[...] We analyze single node scalability on two systems hosted at the Oak Ridge Leadership Computing Facility (OLCF)1Wombat, which uses Arm Ampere Neoverse CPUs and 2 NVIDIA A100 GPUs, and Crusher, which is equipped with AMD EPYC 7A53 CPUs and 8 MI250X GPUs and serves as a test bed for Frontier, the first exascale system on the TOP500 list.
[...] We run hand-rolled general matrix multiplication (GEMM) code for dense matrices using Julia, Python/Numba and Kokkos implementations and compare the performance with C for multithreaded CPU (OpenMP) and single GPU (CUDA/HIP) systems. GEMM is an important kernel in the Basic Linear Algebra Subprograms (BLAS) used across several deep learning AI frameworks, for which modern GPU architectures have been heavily optimized via tensor cores.
[...] For CPUs, Julia performance was comparable to C/OpenMP combined with LLVM-based ArmClang and AMDClang vendor compilers. For the AMD GPUs, Julia AMDGPU.jl performance was comparable to HIP. Nevertheless, there is still a performance gap on NVIDIA A100 GPUs for single-precision floating point cases.
[...] We observe that Python/Numba implementations still lack the support needed to reach comparable CPU and GPU performance on these systems, and AMD GPU support is deprecated.
Pre-print article:
William F. Godoy and Pedro Valero-Lara and T. Elise Dettling and
Christian Trefftz and Ian Jorquera and Thomas Sheehy and Ross G.
Miller and Marc Gonzalez-Tallada and Jeffrey S. Vetter and Valentin
Churavy, Evaluating performance and portability of high-level
programming models: Julia, Python/Numba, and Kokkos on exascale
nodes, Accepted at the 28th HIPS workshop, held in conjunction
with IPDPS 2023, 2023, 2303.06195, https://doi.org/10.48550/arXiv.2303.06195
...
00:01
Can zero trust be saved? Graham Cluley
Graham Cluley Security News is sponsored this week by the folks at Kolide. Thanks to the great team there for their support! Right now, Zero Trust is in serious danger of becoming an empty buzzword. The problem isnt just that marketers have slapped the Zero Trust label on everything short of breakfast cerealits that for Continue reading "Can zero trust be saved?"
Monday, 27 March
23:59
Linux 6.4 Device Mapper To See Improved Concurrent I/O Performance Phoronix
Thanks to forthcoming work out of Red Hat, the Linux 6.4 Device Mapper (DM) code is expected to see some optimization work that can significantly benefit concurrent I/O performance... In one case at least acquiring buffers now about 25 times faster...
23:24
Latitude Financial Data Breach: 14 Million Customers Affected HackRead | Latest Cybersecurity and Hacking News Site
By Waqas
The CEO of Latitude Financial, Ahmed Fahour, has expressed disappointment in the incident and apologized unreservedly to customers.
This is a post from HackRead.com Read the original post: Latitude Financial Data Breach: 14 Million Customers Affected
23:09
Technical analysis of China-linked Earth Preta APTs infection chain Security Affairs
China-linked Earth Preta cyberespionage group has been observed adopting new techniques to bypass security solutions.
Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions.
Earth Preta, also known as RedDelta or Bronze President, has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs, and even Catholic organizations at the Vatican. Past campaigns were focused on Asian countries, including Taiwan, Hong Kong, Mongolia, Tibet, and Myanmar.
In recent campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures. Upon opening the reports, the infection process starts leading to the deployment of malware on the victims system.
In a recent campaign analyzed by Trend Micro, the threat actors used spear-phishing emails and Google Drive links as attack vectors.
A deep investigation into the campaign revealed several undisclosed malware and interesting data exfiltration tools used by the group.
The researchers categorized the infection chain into six stages: arrival vectors, discovery, privilege escalation, lateral movement, command and control (C&C) and exfiltration, respectively.
The attackers used DLL sideloading, shortcut links, and fake file extensions in the first part of the a...
22:59
BEC scammers are after physical goods, the FBI warns Help Net Security
BEC attacks are usually aimed at stealing money or valuable information, but the FBI warns that BEC scammers are increasingly trying to get their hands on physical goods such as construction materials, agricultural supplies, computer technology hardware, and solar energy products. Supplies in the crosshairs Such schemes are not without a precendent: during the height of the Covid-19 pandemic, scammers went after PPE and other medical equipment. In 2022, the FBI also warned of a More
The post BEC scammers are after physical goods, the FBI warns appeared first on Help Net Security.
22:41
A bug revealed ChatGPT users chat history, personal and billing data Help Net Security
A vulnerability in the redis-py open-source library was at the root of last weeks ChatGPT data leak, OpenAI has confirmed. Not only were some ChatGPT users able to see what other users have been using the AI chatbot for, but limited personal and billing information ended up getting revealed, as well. How did the ChatGPT data leak happen? ChatGPT suffered an outage on March 20 and then problems with making conversation history accessible to users. More
The post A bug revealed ChatGPT users chat history, personal and billing data appeared first on Help Net Security.
22:24
Interaction of the high frequency waves in the vicinity of the ionospheric window Lifeboat News: The Blog
It is well-known that an ordinary high frequency electromagnetic (EM) wave radiated into the ionosphere at the Spitze angle is totally transformed at the reflection height (z0) into the Z-mode. This mode, in turn, penetrates deeper into the ionosphere and it is reflected at some height (zref) usually significantly higher than the O-mode reflection height. This result is reconsidered in the present paper. It is argued that the wave appearing as a continuation of the propagating upward quasi-electrostatic wave changes the direction of motion along the vertical axis slightly above z0 and takes the form of the down-going wave. This wave is excited in the vicinity of the height z0 due to the phase resonance with the up-going O-mode wave which transforms into the Z-mode propagating upward. Thus, the ionospheric window is not totally transparent for the O-mode radiated at the Spitze angle. The up-going O-mode wave loses some part of its energy due to excitation of the down-going EM wave. This wave, in turn, propagates to the ground as the O-mode wave.
22:23
Nonlinear evolution of the Weibel instability with relativistic laser pulses Lifeboat News: The Blog
The Weibel instability is investigated using relativistic intense short laser pulses. A relativistic short laser pulse can generate a sub-relativistic high-density collisionless plasma. By irradiating double parallel planar targets with two relativistic laser pulses, sub-relativistic collisionless counterstreaming plasmas are created. Since the growth rate of the Weibel instability is proportional to the plasma density and velocity, the spatial and temporal scales of the Weibel instability can be much smaller than that from nanosecond large laser facilities. Recent theoretical and numerical studies have revealed that astrophysical collisionless shocks in sub-relativistic regimes in the absence and presence of an ambient magnetic field play essential roles in cosmic ray acceleration. With experimental verification in mind, we discuss the possible experimental models on the Weibel instability with intense short laser pulses. In order to show the experimental feasibility, we perform 2D particle-in-cell simulations in the absence of an external magnetic field as the first step and discuss the optimum conditions to realize the nonlinear evolutions of the Weibel instability in laboratories.
22:23
22:21
Links 27/03/2023: Twitter Source Code Published (But Not Intentionally) Techrights
Contents
-
GNU/Linux
-
9to5Linux 9to5Linux Weekly Roundup: March 26th, 2023
This week we got a lot of cool stuff, starting with the release of the GNOME 44 desktop environment and continuing with a new Linux laptop from Kubuntu Focus, a new major NVIDIA graphics driver release, and new security updates for Ubuntu users.
Several new distro releases were also out this week including Tails 5.11, Trisquel GNU/Linux 11.0 LTS, and OpenMandriva Lx 23.03. Check out the hottest news of this week and access all the distro and package downloads in 9to5Linuxs Linux weekly roundup for March 26th, 2023, below.
-
Audiocasts/Shows
-
...
-
-
22:02
XWayland Lands Fix For At Least One Game Hanging It & Causing 100% CPU Usage Phoronix
While XWayland is in fairly good shape for enjoying both native and emulated games relying on X11 to run atop Wayland compositors for Linux gaming, occasionally different peculiar issues are uncovered. The most recent issue analyzed and addressed in XWayland Git is over the game Resident Evil 6 causing XWayland to hang and consume 100% of the CPU resources on launching that title...
22:00
MS-DOS Client Brings ChatGPT to the IBM PC Hackaday
AI-powered chatbots are clearly the future of computing, and its only a matter of time before youll see them appear on every internet-connected gadget. If you thought you were safe from this by sticking to an ancient MS-DOS PC though, think again: [Yeo Kheng Meng] has recently written a ChatGPT client that runs on DOS.
[Yeo Kheng Meng] didnt cheat by simply running MS-DOS on a modern PC, either: he tested the client on a real 1984 vintage IBM 5155 Portable PC. This semi-portable PC/XT model sports a 4.77 MHz 8088 CPU, 640 kB of RAM and a CGA video card with a built-in monochrome monitor. An NE2000 ISA network card, running in 8-bit mode, enables the Portable to connect to the internet.
Running the client couldnt be simpler: just run
doschgpt.exe and type in your question. [Yeo Kheng
Meng] developed this program using the Open Watcom C/C++ compiler,
which was the compiler of choice for most DOS game developers back
in the day. Networking support was provided by an era-appropriate
packet driver together with MTCP, a TCP/IP stac...
21:56
Where SSO Falls Short in Protecting SaaS The Hacker News
Single sign-on (SSO) is an authentication method that allows users to authenticate their identity for multiple applications with just one set of credentials. From a security standpoint, SSO is the gold standard. It ensures access without forcing users to remember multiple passwords and can be further secured with MFA. Furthermore, an estimated 61% of attacks stem from stolen credentials. By
21:44
OBS Studio Lands AV1 & HEVC RTMP Streaming Support Phoronix
In time for OBS Studio 29.1, the Veovera Software Organization non-profit has contributed support for AV1 and HEVC streaming via RTMP so that gamers and other creators can stream their content to the YouTube RTMP server using these newer video formats...
21:38
New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords The Hacker News
A new information-stealing malware has set its sights on Apple's macOS operating system to siphon sensitive information from compromised devices. Dubbed MacStealer, it's the latest example of a threat that uses Telegram as a command-and-control (C2) platform to exfiltrate data. It primarily affects devices running macOS versions Catalina and later running on M1 and M2 CPUs. "MacStealer has the
21:30
FreeBSD 13.2-RC5 Released With One Last Fix Phoronix
FreeBSD 13.2-RC4 was released this weekend while it's already been replaced by FreeBSD 13.2-RC5 to land one more fix prior to making the final release preparations on this next stable update to this BSD operating system...
21:27
Barred From US Tech, Huawei Builds EDA Platform of its Own SoylentNews
Beijing's Made in China drive fueled by Washington's export crackdowns:
Huawei has reportedly completed work on electronic design automation (EDA) tools for laying out and making chips down to 14nm process nodes.
Chinese media said the platform is one of 78 being developed by the telecoms equipment giant to replace American and European chip design toolkits that have become subject to export controls by the US and others.
EDA is an umbrella term for software, hardware, and services essential to the planning, design, and production of chips. While integrated circuits were largely designed by hand decades ago, chips became so complex that computer-aided design and automation was unavoidable, generally speaking.
Huawei's EDA platform was reportedly revealed by rotating Chairman Xu Zhijun during a meeting in February, and later confirmed by media in China. The Register reached out to Huawei's PR team for comment; we'll let you know if we hear anything back.
Today, the EDA market is largely controlled by three companies: California-based Synopsys and Cadence, as well as Germany's Siemens. According to the industry watchers at TrendForce, these three companies account for roughly 75 percent of the EDA market. And this poses a problem for Chinese chipmakers and foundries, which have steadily found themselves cut off from these tools.
Synopsys and Cadence's EDA tech is already subject to several of these export controls, which were stiffened by the US Commerce Department last summer to include state-of-the-art gate-all-around (GAA) transistors.
Read more of this story at SoylentNews.
21:03
Oumuamua: Avi Loebs Response to the Molecular Hydrogen Theory Centauri Dreams Imagining and Planning Interstellar Exploration
The enigmatic Oumuamua continues to stir controversy. Last week we looked at a new paper from Jennifer Bergner (UC-Berkeley) and Darryl Seligman (Cornell University), discussing a mechanism for the interstellar objects unusual non-gravitational acceleration. The researchers explored the possibility that ice impacted by high-energy particles like cosmic rays would dissociate water in a comet to create molecular hydrogen within the ice. Was the warming of this hydrogen, all but undetectable according to the authors, the cause of outgassing and the anomalous acceleration?
Image: This very deep combined image shows the interstellar object Oumuamua at the center of the image. It is surrounded by the trails of faint stars that are smeared as the telescopes tracked the moving comet. Credit: ESO/K. Meech et al.
Answering the question in a paper just submitted to the arXiv site is Harvards Avi Loeb, working with Thiem Hoang (Korea University of Science and Technology), who home in on Bergner and Seligmans finding that the surface temperature of Oumuamua can exceed 140 K at perihelion, enough to produce this evaporation. Loeb and Hoang argue that this calculation ignores the effect of evaporative cooling of the molecular hydrogen. The authors proceed to take such cooling into account and find that the surface temperature of H2 water ice is lower than that calculated by Bergner and Seligman by a factor of 9. This is turn reduces the projected outgassing.
From the paper:
...we found that the evaporative cooling is much more efficient than radiative cooling at temperatures above 20 K (see Figure 1, left panel). By taking into account the evaporative cooling by H2 evaporation, our results (see Figure 1, right panel) show that the surface temperatures of H2-water ice are lower by a factor of 9 than the temperature obtained by Bergner & Seligman (2023) (see their figure 3). Therefore, the thermal speed of outgassing H2 is decreased by a factor of 3.
20:48
Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools The Hacker News
Microsoft has released an out-of-band update to address a privacy-defeating flaw in its screenshot editing tool for Windows 10 and Windows 11. The issue, dubbed aCropalypse, could enable malicious actors to recover edited portions of screenshots, potentially revealing sensitive information that may have been cropped out. Tracked as CVE-2023-28303, the vulnerability is rated 3.3 on the CVSS
20:12
CVE-2023-27296: Apache InLong: JDBC Deserialization Vulnerability in InLong Open Source Security
Posted by Charles Zhang on Mar 27
Severity: importantDescription:
Deserialization of Untrusted Data vulnerability in Apache Software Foundation Apache InLong.
It could be triggered by authenticated users of InLong, you could refer to [1] to know more about this vulnerability.
This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest
[1] ...
19:26
Twitter Hunts Down Github User Who Leaked Companys Source Code TorrentFreak
On February 21, 2023, Twitter chief Elon Musk published a
tweet suggesting that Twitters algorithm would be made open
source before the end of that month.
Before he took ownership of Twitter, Musk said that having the code out in the open would be a smart move, but the end of February came and went, without any code appearing in public.
On March 17, Musk raised the topic once again. Twitter will open source all code used to recommend tweets on March 31st, he tweeted. With the clock ticking on that event, someone with apparently similar plans but a more urgent publishing schedule, has taken Twitter by surprise.
FreeSpeechEnthusiast Presents: PublicSpace
On March 24, Twitter sent a DMCA takedown notice to GitHub targeting a repo named PublicSpace. The repo was created by a GitHub user called FreeSpeechEnthusiast, but with no description, nothing stood out as particularly interesting or out of the ordinary.
Logs obtained by TorrentFreak suggest that the allegedly infringing content appeared on the PublicSpace repo early Friday morning, around 02:25. When GitHub received the initial DMCA notice isnt clear, but some interaction between Twitter and GitHub appears to have taken place before 10:15.
At 17:12 Friday afternoon, GitHub removed the repo and the code. Just one minute later, GitHub advised Twitter that the content was gone. That was a pretty swift removal but it appears Twitter was in a real hurry.
Proprietary Source Code For Twitters Platform
While the repo itself appeared without fanfare, Twitters DMCA notice is clear on why it should be taken down.
In response to GitHubs request to identify the infringed content, Twitter revealed that it was Proprietary source code for Twitters platform and internal tools.
19:00
Bus Stop Bloom Filter Hackaday
Imagine youre sitting on a nice bench, the sun shines warmly, and a bus pulls up. Youre headed to Stendal from Osnabrck, how can you tell if you should get on that bus? [Julian Vanecek] is trying to turn that from an O(n) problem to an O(1) one with a bloom filter right at the bus stop.
In [Julians] sample code, each stop is a 3-bit number that can be encoded into a 192-bit array. Your ticket is just that 3-bit number encoded, so you can look at the graphic on the side of the incoming bus, match it against your ticket, and hop on. Gone are the days of waiting for the little LED screen to cycle through all the stops, waiting for yours to come up. Your ticket should have just a few boxes filled in so it is relatively quick to search against the buss graphic.
Of course, there is a potential for a false positive rate. [Julian] points out that this can be tuned to prevent errors and has achieved a < 0.5% false positive rate using the Deutsche Bahn bus system. The code is written in Python and available on GitHub. Perhaps buses could have a large flip-dop display on the si...
18:39
Blue Origin Pins Last Summer's NS-23 Rocket Failure on a Faulty Engine Nozzle SoylentNews
The uncrewed capsule will fly again:
Blue Origin now has an explanation for the booster failure that cut a New Shepard flight short last September. Jeff Bezos' company has determined that a "thermo-structural failure" in the NS-23 rocket's engine nozzle was to blame. Operational temperatures for the nozzle climbed higher than expected following cooling system design changes, creating fatigue that misaligned the thrust and activated the crew capsule's escape system.
Engineers are already taking "corrective actions" that include redesigning the combustion chamber and operating conditions. Blue Origin has also tweaked the nozzle design to improve its structural integrity. The capsule wasn't damaged and will fly again, Blue Origin says.
The company says it hopes to resume flights "soon," but hasn't provided an exact date. It intends to restart operations by re-flying the research payload from the aborted mission. The Federal Aviation Administration has to accept the incident findings before Blue Origin can move forward.
There's plenty of pressure on Blue Origin to address the issues. The company recently obtained a NASA contract to fly a science mission to Mars using its yet-to-launch New Glenn rocket, and has been pushing for a lunar lander agreement. The sooner Blue Origin can prove that its rocketry is trustworthy, the sooner it can secure customers that include governments and space tourists.
Read more of this story at SoylentNews.
18:22
This New A.I Will CHANGE VFX Forever! Lifeboat News: The Blog
This AI tool automatically animates, lights, and composes CG characters into a live-action scene. No complicated 3D software, no expensive production hardwareall you need is a camera.
Wonder Dynamics: https://wonderdynamics.com.
Blender Addons: https://bit.ly/3jbu8s7
Join Weekly Newsletter: https://bit.ly/3lpfvSm.
Patreon: https://www.patreon.com/asknk.
Discord: https://discord.gg/G2kmTjUFGm.
Assets & Resources
Blender Addons: https://bit.ly/3jbu8s7
FlippedNormals Deals: https://flippednormals.com/ref/anselemnkoro/
FiberShop Realtime Hair Tool: https://tinyurl.com/2hd2t5v.
GET Character Creator 4 https://bit.ly/3b16Wcw.
Humble Bundles: https://www.humblebundle.com/membership?refc=F0hxTa.
Get Humble Bundle Deals: https://www.humblebundle.com/?partner=asknk.
GET Axyz Anima: https://bit.ly/2GyXz73
Learn More with Domestica: http://bit.ly/3EQanB5
GET ICLONE 8 https://bit.ly/38QDfbb.
Unity3D Asset Bundles: https://bit.ly/384jRuy.
Cube Brush Deals:
https://cubebrush.co/marketplace?on_sale=true&ref=anselemnkoro.
Motion VFX: https://motionvfx.sjv.io/5b6q03
Action VFX Elements: https://www.actionvfx.com/?ref=anselemnkoro.
WonderShare Tools: http://bit.ly/3Os3Rnp.
Sketchfab: https://bit.ly/331Y8hq.
Blender Premium Tutorials
Blender Tutorials #1: https://bit.ly/3nbfTEu.
Blender Tutorials #2: https://tinyurl.com/yeyrkreh.
Learn HardSurface In Blender...
18:07
IRC Proceedings: Sunday, March 26, 2023 Techrights
Also available via the Gemini protocol at:
- gemini://gemini.techrights.org/irc-gmi/irc-log-techrights-260323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-260323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-social-260323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-techbytes-260323.gmi
Over HTTP:
|
|
|
|
|
|
|
|
|
|
... |
18:05
Malicious Python Package uses Unicode support to evade detection Security Affairs
Researchers discovered a malicious package on PyPI that uses Unicode to evade detection while stealing sensitive data.
Supply chain security firm Phylum discovered a malicious Python package on the Python Package Index (PyPI) repository that uses Unicode to evade detection and deliver information-stealing malware.
The package, named onyxproxy, was uploaded to the PyPI repository on March 15, 2023. The analysis of the package revealed that it supports data harvesting capabilities.
Phylums automated platform recently detected the onyxproxy package on PyPI, a malicious package that harvests and exfiltrates credentials and other sensitive data. In many ways, this package typifies other token stealers that we have found prevalent in PyPI. reads the analysis published by Phylum.However, one feature of this particular package caught our eye: an obfuscation technique that was foreseen in 2007 during a discussion about Pythons support for Unicode, documented in PEP-3131
While inspecting the code the experts multiple strange, non-monospaced, sans-serif font with mixed bold and italics. The attackers used Unicode variants of characters that appear identical to a human inspection (homoglyphs) (i.e., self vs. ). The attackers used this trick to evade detection, but when the Python interpreter parsed the code the malicious code was executed.
An obvious and immediate benefit of this strange scheme is readability. We can still easily reason about this code, because our eyes and brains can still read the words, despite the intermixed fonts. Moreover, these visible...
18:00
German monks create world's first powdered beer Terra Forming Terra
An astonishing regularity in student learning rate Terra Forming Terra
Giant galaxy redefined after flipping jet to point straight at Earth Terra Forming Terra
Expected Death Terra Forming Terra
It struck me, reading this from Janosh who i have followed for a couple of deecades, that none of us are ever coached on all this. This item nicely redresses all that.
An expected death does prepare us and let us grant that at least. The worst is always the unexpected. how does one ever accept the death beside you of a young comrade. The shock is too immediate. The acceptance takes time.
The best understanding that we all need to carry with us is to understand that every soul, before born, will choose experiences and also several potential exit points as well. That is big because it cedes control back to the spirit and not a close friend or family member.
We all need to under5stand it this way.
16:49
Links 26/03/2023: OpenMandriva ROME 23.03, Texinfo 7.0.3, and KBibTeX 0.10.0 Techrights
Contents
- GNU/Linux
- Distributions and Operating Systems
- Free, Libre, and Open Source Software
- Leftovers
- Gemini* and Gopher
16:22
Russia Failing to Meet Arms Delivery Commitments to India: IAF Lifeboat News: The Blog
Russia cannot meet its arms delivery commitments to India because of its ongoing invasion of Ukraine, according to the Indian Air Force (AIF).
The statement, aired during a parliamentary committee meeting earlier this week, was the first official confirmation from New Delhi of Moscows defense export shortfalls.
It confirmed speculation that Russias defense industry is experiencing serious problems producing military supplies.
16:22
Computronium universe Lifeboat News: The Blog
I read enough to realize its in depth enough to make it worthwhile. Ill finish tomorrow as its 10:35 pm and Im beat. I need to rest for my mothers cardiac rehab tomorrow. She had a heart attack about a month ago.
Ray Kurzweil discusses having a universe filled with Computronium.
He discusses this happening within 200 years if wormholes or some other means allow faster than light travel.
What would the computation limits of computronium be?
16:21
Tips for an Information Security Analyst/Pentester Career - Ep. 92: 5 Unexpected Tips for A Successful Career Growth The S@vvy_Geek Hacking & Pentesting Blog
I've been a security consultant for almost 5 years, so I collected my share of war stories.
For this reason, I thought I could share with you some experience-driven tips I believe to be critical for achieving success in this industry, and that helped me a lot along the way.
I think some of them will blow your mind, but it's a needed shock to be successful in this industry, and the sooner you go through it the better.
Well, here we go:
- Always be professional: Most people think penetration
testing is all about technical skills, but nothing could be farther
from truth. Especially if you work for a consulting firm,
projecting a professional image at all times is paramount. The
client expects for you to be a subject matter expert and to be able
to explain in layman's terms what problems you found, what their
impact is and especially how to remediate them. This means you need
to be professional at all times. As far as the client is concerned,
you are your company, so you want to look at your best. Even
when clients are mean and rude, you can never get down to their
level, you're expected to keep your cool and continue delivering.
This can be sometimes very hard. I've experienced specific
situations where I really struggled to keep my cool, faced with
rude and combative attitudes, but I did because I knew I'd be the
only one looking bad. At the end of the day, penetration testing is
all about business mindset and professional communication. Yes, you
heard it right, sorry to break this to you. You can be the most
amazing tester on a technical standpoint, but you become worthless
if you can't explain your findings to the clients in terms they
would understand, and if you don't know how to communicate with
clients in a professional and personable way. So make sure you got
your your, you're and so on right. And forget about CTF and
frat house attitudes. Corporate security is much more a
tie-and-suit affair than you might think. The most challenging part
of being a consultant is to avoid an adversarial attitude and
convince the client you're on their team, you're on on their
side and you're not the enemy. I believe each one of us can do
better under this point of view.
- Be a team player: Security companies are often organized in teams and sometimes, for more complex tests, you may find yourself having to collaborate with other consult...
16:00
Caterpillar-Like Soft Robot With Distributed Programmable Thermal Actuation Hackaday
Researchers at North Carolina State University have created a soft robot that moves in a distinctly caterpillar-like manner. As detailed in the research paper in Science Advances by [Shuang Wu] and colleagues, the robot they developed consists of a layer of liquid crystalline elastomers (LCE) and polydimethylsiloxane (PDMS) with embedded silver nanowire that acts as a heater.
The LCE is hereby designed as a thermal bimorph actuator, using a distinct thermal expansion coefficient between the LCE and PDMS sides to create a highly controllable deformation and thus motion. Since the nanowire is divided into sections that can be individually heated, the exact deformation can be quite tightly controlled, enabling the crawling motion.
15:56
Critical Infrastructure Gear is Full of Flaws, but Hey, at Least It's Certified SoylentNews
Security researchers find bugs, big and small, in every industrial box probed:
Devices used in critical infrastructure are riddled with vulnerabilities that can cause denial of service, allow configuration manipulation, and achieve remote code execution, according to security researchers.
The researchers looked at 45 operational technology (OT) product lines used in government, healthcare, water, oil and gas, power generation, manufacturing, retail and other sectors from ten different major vendors. By reverse engineering the products, they were able to identify bad practices like unauthenticated protocols and weak cryptography.
From 53 identified CVEs: More than a third (21 CVEs) could facilitate credential compromise. Another 18 CVEs involved data manipulation, with 13 of these allowing firmware manipulation. And 10 CVEs provided a path to remote code execution.
Based on open source inquiries (e.g., using the Shodan search engine), the authors determined that a significant number of potentially vulnerable systems are exposed to the internet.
The vendors covered included: Bently Nevada, Emerson, Honeywell, JTEKT, Motorola, Omron, Phoenix Contact, Siemens, Yokogawa, and Schneider Electric.
"Worryingly, many of these products are certified but suffer from vulnerabilities that should have been caught in the certification process," the researchers say in their paper, citing IEC 62443 labelled products that weren't compliant. "...This suggests that apart from what the standards may not cover, even the things they do cover are not always properly covered in practice."
The Biden administration has cited the need to protect critical infrastructure as part of its recently announced National Cybersecurity Strategy. That goal evidently remains a work in progress.
Pre-print paper:
Jos Wetzels, Daniel dos Santos, and Mohammad Ghafari. 2023.
Insecure by Design in the Backbone of Critical
Infrastructure. In Cyber-Physical Systems and Internet of
Things Week 2023 this is a preprint version, May 912, 2023, San
Antonio, TX, USA. ACM, New York, NY, USA, 6 pages. https://doi.org/10.48550/arXiv.2303.12340
Read more of this story at SoylentNews.
15:30
Known unknowns: Refining your approach to uncategorized web traffic Help Net Security
Cybersecurity is such a complex field that even the best-trained, best-equipped, and most experienced security managers will sometimes struggle to decide which of several paths to take. Lets consider uncategorized web traffic, for instance. I define this broadly as traffic involving sites that arent yet classified, cant be classified (because theyre newly created or they involve parked or newly reactivated domains), or traffic that is (for now) unresolvable via standard domain name lookup. Since users More
The post Known unknowns: Refining your approach to uncategorized web traffic appeared first on Help Net Security.
15:00
Prioritizing data security amid workforce disruptions Help Net Security
Businesses have faced massive disruptions in their workforce many are requesting employees return to the office, and layoffs are rattling several industries. This disruption in the workforce can open organizations up to significant security breaches. In this Help Net Security video, Chris Wey, President of Data Modernization at Rocket Software, discusses the risks organizations face and the steps they can take to mitigate disruption. Everything from trade secrets to customer data to financial information More
The post Prioritizing data security amid workforce disruptions appeared first on Help Net Security.
15:00
Kernel prepatch 6.3-rc4 LWN.net
Linus has released 6.3-rc4 for testing.
"Things are looking pretty normal for this time of the release
process.
"
14:30
Understanding adversaries through dark web intelligence Help Net Security
93 percent of CISOs are concerned about dark web threats, and almost 72 percent of CISOs believe that intelligence on cybercriminals is critical to defend their organization and increase cybersecurity, according to Searchlight Cyber. The report findings show that most CISOs use threat intelligence to address security concerns, and 79 percent of CISOs are currently gathering data from the dark web. However, the research suggests that even among those that are already collecting dark web More
The post Understanding adversaries through dark web intelligence appeared first on Help Net Security.
14:00
The era of passive cybersecurity awareness training is over Help Net Security
Despite increased emphasis on cybersecurity from authorities and high-profile breaches, critical gaps in vulnerability management within organizations are being overlooked by executive leadership teams, according to Action1. These gaps leave organizations vulnerable to cyber threats. Key findings Low cybersecurity awareness among employees According to the survey, the time required to combat low cybersecurity awareness among employees has increased over the past year. This worrying trend makes organizations more vulnerable to phishing and other cyber-attacks. Breaches More
The post The era of passive cybersecurity awareness training is over appeared first on Help Net Security.
13:45
The World Wide Web is a Cesspit of Misinformation. Lets Do Something About It. Techrights
Social control media is a culmination of that and by far the worst, a principal culprit
Summary: It would be nice to make the Web a safer space for information and accuracy (actual facts) rather than a Safe Space for oversensitive companies and powerful people who cannot tolerate criticism; The Web needs to become more like today's Gemini, free of corporate influence and all other forms of covert nuisance
ABOUT four months ago I left my job at Sirius Open Source (one of the first FSF sponsors) after nearly 12 years at the company. I will be publishing a lot more about how this company robbed its own staff, probably posting an update just once or twice per week. The company is under investigation at the moment; its also losing some very big clients.
My plan is to devote a lot more time/energy to these Internet issues; theyre about as important as Software Freedom and are arguably a prerequisite.I left my job when I was 40 and since then Ive focused on many other things. I didnt lack projects to work on and I finally had a lot more time in my hands. As noted here last night, one aspiration of ours is to curate whats left of the World Wide Web algorithmically, seeing that a lot of todays Web is spam or sponsored propaganda. Gemini does not have this issue (yet).
Another issue is censorship; Ryan just wrote about that, based on his own experience. My plan is to devote a lot more time/energy to these Internet issues; theyre about as important as Software Freedom and are arguably a prerequisite. The photo at the top is me by the way, I stumbled upon it last night when searching old photos because my sister gets married later today. Shes a Debian user...
13:13
Journalist Plugs in Unknown USB Drive Mailed to HimIt Exploded in His Face SoylentNews
It's no secret that USB flash drives, as small and unremarkable as they may look, can be turned into agents of chaos. Over the years, we've seen them used to infiltrate an Iranian nuclear facility, infect critical control systems in US power plants, morph into programmable, undetectable attack platforms, and destroy attached computers with a surprise 220-volt electrical surge. Although these are just a few examples, they should be enough to preclude one from inserting a mysterious, unsolicited USB drive mailed to them into a computer. Unfortunately, one Ecuadorian journalist didn't get the memos.
As reported by the Agence France-Presse (via CBS News) on Tuesday, five Ecuadorian journalists have received USB drives in the mail from Quinsaloma. Each of the USB sticks was meant to explode when activated.
[...]
According to a police official who spoke with AFP, the journalist suffered mild hand and face injuries, and no one else was harmed.According to police official Xavier Chango, the flash drive that went off had a 5-volt explosive charge and is thought to have used RDX. Also known as T4, according to the Environmental Protection Agency (PDF), militaries, including the US's, use RDX, which "can be used alone as a base charge for detonators or mixed with other explosives, such as TNT." Chango said it comes in capsules measuring about 1 cm, but only half of it was activated in the drive that Artieda plugged in, which likely saved him some harm.
Read more of this story at SoylentNews.
13:00
The 4004 Upgrade Youve Been Waiting For Hackaday
You know how it is. You have an older computer, and you cant run the latest software on it. Time to upgrade, right? Well, if you have been in this situation a very long time, [ryomuk] may have an answer for you. The emu8080on4004 project (Google Translate) offers a way to run 8080 code on a 4004 CPU. Finally!
The 4004 development board is a homebrew affair, and the emulator works well enough that an 8080 Tiny BASIC interpreter ran with very few changes to the source code. You can see it working in the video below. It would be cool to run CP/M, but we imagine that would be a little harder, especially resource-wise.
A few things are missing. For example, the DAA instruction doesnt exist, and there are no provisions for interrupts. Theres only one I/O port, and using the IN instruction will block until you receive a serial port character. There is an option to implement the parity flag in the 8080 flags register, but its operation is untested.
Still, pretty impressive for a 4-bit CPU running at 740 kHz with very little memory. If you want to see more about the development board itself, check out the second video below. Want to know more about the chip that launched a family of processors that is still around? Read its biograp...
11:46
CISA to Start Issuing Early-Stage Ransomware Alerts HackRead | Latest Cybersecurity and Hacking News Site
By Deeba Ahmed
According to CISA, this new initiative will be helpful for organizations/institutions in the public health, education, and government sectors.
This is a post from HackRead.com Read the original post: CISA to Start Issuing Early-Stage Ransomware Alerts
11:40
Ryan Farmer: Im Back After WordPress.com Deleted My Blog Over the Weekend Techrights
Reprinted with permission from Ryan
Minutes after posting the commentary on the NBC news article about Apple (post prior to this one), my blog became suspended.
I didnt know what was going on, so I assumed I had been cancelled again, like Reddit, where if you post anything anywhere some special snowflake decides (often through a bot designed to sniff out no no words) that you should be banned.
Automattic (WordPress.com) refuses to say what led to the ban, but its quite obvious through my history of posts about Apples censorship, proprietary software, the Microsoft Stabber, etc. that there are probably outfits that would rather that I just go away and not come back.
Automattic says that theres no robot going around killing blogs without human review, but beyond this, I have no idea and Ill never be able to prove anything.
Things became a little more complicated when I went ahead and shut down my account, and then someone suggested I should appeal the ban.
I think Ive been on the modern Internet too long where people just silently murder your account with a gun pressed up to a pillow and was just no longer thinking in terms of You can appeal this and theres actually going to be someone that considers it., because again, Reddit.
I deleted my account at Reddit a while back because I was running into issues where I would say something like Thats crazy! in response to something incredulous and I would get banned, by a bot, which said You said crazy, and crazy is an ableist term! *spank spank spank*
Combined with the fact that Reddit just went and handed over tons of data about some users on one of its forums to a copyright troll didnt help all of this go down much better. It got me thinking, you know, if you browse around, theyre watching you. Logging you. Would it not be best if they didnt have that data?
So Ive been increasingly disconnecting from proprietary social media, because its all rather bullshit anyway, full of trolls and creepy companies.
After this run in with Automattic Im seriously considering just backing up this entire blog and self-hosting so that nobody else can complain.
You know, the whole thing about You violated the terms! Oh, what terms? TERMS!
Apparently this is just how Automattic rolls.
11:18
Civil Liberties Threatened Online and Offline Techrights
Video
download link | md5sum
388650e7d4e9f734a4572fd0265c3c95
Free Speech Online, Banking Digitally, and More
Creative Commons Attribution-No Derivative Works 4.0
Summary: A society of sheeple (a term used by Richard Stallman last week in his speech) is being herded online and offline; the video covers examples both online and offline, the latter being absence of ATMs or lack of properly-functioning ATMs (a growing problem lately, at least where I live)
THE video above is an outline of topics weve been covering, dealing with, barely coping with (like struggling to get cash out of ATMs where I live), and may cover some time soon. One recurring theme will be online banking or banking with apps.
The video starts by discussing online censorship. Days ago a longtime contributor, Ryan Farmer, had his blog suspended for no sane reason! None at all! If one tries to access anything on his blog it says baronhk.wordpress.com is no longer available. The authors have deleted this site.
This deletion was actually a protest after he had been unjustly suspended, having published this article (OMG! Someone call the cops! The headline had the string porn in it!).
There will be a lot more details in IRC scrollbacks, including todays (to be publish shortly). As an associate noted on the day of the suspension, hugo or jekyll or pelican would be a better choice than wordpress.com (where the ban/suspension happened; were in discussion with them about restoring the blog).
The vide...
11:06
DistroWatch Weekly, Issue 1012 DistroWatch.com: News
This week in DistroWatch Weekly: Review: siduction 22.1.1News: Two community editions of Ubuntu missing, politics and the Linux kernel, GNOME 44 introduces key new features and applicationsQuestions and answers: Protecting privacy from proprietary applicationsReleased last week: Tails 5.11, Trisquel GNU/Linux 11.0, Proxmox 7.4 "Virtual Environment", Ubuntu 20.04.6Torrent corner:....
11:00
HPR3821: The Oh No! News. Hacker Public Radio
The Oh No! news. Oh No! News, is Good News. Threat analysis; your attack surface. TAGS: Malware, Phishing, Security Breach GoDaddy, a Web Hosting Provider Hit Multiple Times by the Same Group. This month, GoDaddy, a leading web hosting provider, revealed that it had experienced a major security breach over several years, resulting in the theft of company source code, customer and employee login credentials, and the introduction of malware onto customer websites. Major Security Breach: Spanning several years. Data Breach: Employee login credentials & customer data. 10-k form Filled with the U.S. Securities and Exchange Commission. sec: GoDaddy Announces Security Incident Affecting Managed WordPress Service. Malware: Compromising customer websites managed by GoDaddy. Phishing Attacks: Exposed customer data including login credentials, email addresses, and SSL private keys. Chick-Fil-A Customers are Victims of a Data Breach. Fast-food chain Chick-fil-A has issued a warning to customers regarding a recent data security breach. The incident occurred between Dec. 18, 2022 and Feb. 12, 2023, during which unauthorized parties gained access to customer information, according to a statement posted on the California Attorney General’s website on Tuesday. Data Breach: membership numbers, mobile pay numbers, QR codes, last 4 digits of credit/debit card numbers, credits on Chick-fil-A accounts, birthdays, phone numbers, and addresses. New phishing campaign uses fake ChatGPT platform to scam eager investors. Bitdefender Antispam Labs confirmed that these scams initiate with an email containing a link that directs users to a copycat version that they can earn as much as $10,000 per month on the duplicate ChatGPT platform. Phishing: Email based scam. LassPass Security Incident Update and Recommended Actions. Major Security Breach: Spanning multiple years. Data Breach: Employee login credentials, source code & other intellectual property, customer data. Malware: Attackers exploited third-party software to compromise company systems by delivering a keylogger type malware. InfoSec; the language of security. TAGS: Information Security, Monitoring Bitwarden flaw can let hackers steal passwords using iframes. Bitwarden highlights that the autofill feature is a potential risk and even includes a prominent warning in its documentation, specifically mentioning the likelihood of compromised sites abusing the autofill feature to steal credentials. Phishing: Sniff credentials from a webpage HTML inline frame. wikipedia: An inline frame places another HTML document in a frame. Unlike an &l
Stress Management Workshop for College Students It Will Never Work in Theory
The further I get from my college years, the more I wonder how I got through them. It wasn't just the stress of juggling assignments that all seemed to be due on Thursday while figuring out what it meant to be an independent adult; the worst part was not being able to admit that it was overwhelming because you knew the response would be, "If you can't stand the heat, get out of the kitchen (or lab)."
A lot has changed for the better since then, in part because of research like that reported in this recent paper. Can a short online workshop on how to manage stress and anxiety actually help students deal with those issues? The answer isn't obvious: on the one hand, it ought to, but on the other hand, does help have to be delivered in person to be effective? Or is a longer intervention required? The answers seem to be "no" and "no", which immediately makes me wonder whether something like this would help programmers (and others) who are dealing with similar stress at work.
As a bonus, this paper shows how scientific abstracts should be written. As I wrote last year, the abstracts of most research papers in software engineering are more like movie trailers; while that is starting to change, it's still refreshing to see objectives, methods, results, and conclusions laid out succinctly and without fluff.
Carol S. Lee, Margaret Bowman, and Jenny L. Wu. Preliminary outcomes from a single-session, asynchronous online, stress and anxiety management workshop for college students. Trends in Psychiatry and Psychotherapy, 2022. doi:10.47626/2237-6089-2021-0448.
Objective: Self-guided asynchronous online interventions may provide college students access to evidence-based care, while mitigating barriers like limited hours of service. Thus, we examined the preliminary effectiveness of a 45-minute self-guided, asynchronous online, Dialectical Behavior Therapy (DBT)-informed stress and anxiety management workshop. Participants: College undergraduates (N=131) were randomized to either workshop (n=65) or waitlist control (n=66) conditions. Methods: Participants in the workshop condition completed baseline measures of depression, stress, and anxiety, before completing the workshop. Participants in the waitlist control condition only completed the baseline measures. All participants were reassessed at one-week follow-up. Results: Controlling for baseline measures, students in the workshop condition experienced significantly less stress and greater self-efficacy to regulate stress and anxiety at follow-up, compared to waitlist controls. Conclusions: A 45-minute self-guided, asynchron...
10:30
Exploring the Features of Music That People Fall Asleep to SoylentNews
Many people say that they listen to music to help them fall asleep, raising the question of whether music chosen for this purpose shares certain universal characteristics. However, research on the characteristics of sleep music is limited, and prior studies have tended to be relatively small.
To better understand the characteristics of sleep music, Scarratt and colleagues analyzed 225,626 tracks from 985 playlists on Spotify that are associated with sleep. They used Spotify's API to compare the audio features of the sleep tracks to audio features of music from a dataset representing music in general.
This analysis showed that sleep music tends to be quieter and slower than other music. It also more often lacks lyrics and more often features acoustic instruments. However, despite these trends, the researchers found considerable diversity in the musical features of sleep music, identifying six distinct sub-categories.
Three of the sub-categories, including ambient music, align with the typical characteristics identified for sleep music.
However, music in the other three subcategories was louder and had a higher degree of energy than average sleep music. These tracks included several popular songs, including "Dynamite" by the band BTS, and "lovely (with Khalid)" by Billie Eilish and Khalid.
[...] Overall, this study suggests that there is no "one-size-fits-all" when it comes to the music people choose for sleep. The findings could help inform future development of music-based strategies to help people sleep.
So what's on your sleep playlist?
Journal Reference:
Rebecca Jane Scarratt, et al., The audio features of
sleep music: Universal and subgroup characteristics [open],
Plos One, 2023. DOI: https://doi.org/10.1371/journal.pone.0278813
Read more of this story at SoylentNews.
10:00
Hackaday Links: March 26, 2023 Hackaday
Sad news in the tech world this week as Intel co-founder Gordon Moore passed away in Hawaii at the age of 94. Along with Robert Noyce in 1968, Moore founded NM Electronics, the company that would later go on to become Intel Corporation and give the world the first commercially available microprocessor, the 4004, in 1971. The four-bit microprocessor would be joined a few years later by the 8008 and 8080, chips that paved the way for the PC revolution to come. Surprisingly, Moore was not an electrical engineer but a chemist, earning his Ph.D. from the California Institute of Technology in 1954 before his postdoctoral research at the prestigious Applied Physics Lab at Johns Hopkins. He briefly worked alongside Nobel laureate and transistor co-inventor William Shockley before jumping ship with Noyce and others to found Fairchild Semiconductor, which is where he made the observation that integrated circuit component density doubled roughly every two years. This calculation would go on to be known as Moores Law.
Also in deceased tech billionaire news, a freak accident happened in Scotland involving the R/V Petrel, a research ship that was once...
09:07
Linux 6.3-rc4 Released: "Looking Pretty Normal" Phoronix
Linus Torvalds just announced the release of Linux 6.3-rc4 as we reach around the half-way point of the Linux 6.3 kernel's development cycle...
08:41
Mesa 23.0.1 Released With Many Fixes For Intel / AMD / Zink Phoronix
It's been one month since the release of Mesa 23.0 while it's finally been succeeded by Mesa 23.0.1 as the first point release containing a wide variety of bug fixes throughout this ecosystem of open-source 3D graphics drivers...
08:26
OpenAI: A Redis bug caused a recent ChatGPT data exposure incident Security Affairs
OpenAI revealed that a Redis bug was the root cause of the recent exposure of users personal information and chat titles in ChatGPT service.
On Friday, OpenAI revealed that the recent exposure of users personal information and chat titles in its chatbot service was caused by a bug in the Redis open-source library.
On March 20, 2023, several ChatGPT users started reporting seeing conversation histories of other users appearing in their accounts.
The same day, the history function showed the error message Unable to load history, and the chatbot service was temporarily interrupted. Below is the message published by OpenAI CEO Sam Altman.
The company identified the bug and quickly addressed it.
We took ChatGPT offline earlier this week due to a bug in an open-source library which allowed some users to see titles from another active users chat history. Its also possible that the first message of a newly-created conversation was visible in someone elses chat history if both users were active around the same time. reads an update published by the company.
The company investigated the impact of the issue and discovered that it may have caused the unintentional visibility of payment-related information of 1.2% of the ChatGPT Plus subscribers who were active during a specific nine-hour window. The company pointed out that the issue did not disclose financial information.
In the hours before we took ChatGPT offline on Monday, it was possible for some users to see another active users first and last name, email address, payment address, the last four digits (only) of a credit card number, and credit card expiration date. Full credit card numbers were not exposed at any time. continues the update.
The expert discovered that the bug was present in the Redis client open-source library, redis-py. The service uses...
06:54
Finest Android Casinos For Real Cash 2023 h+ Media
Finest Android Casinos For Real Cash 2023
Mountairycasino.com must evaluation the protection of your connection sooner than persevering with. Lowest nightly price discovered inside the previous 24 hours based totally on a 1 evening time stay for 2 adults. Millions of individuals in Ontario might be despatched cash from the federal authorities over the following few days.
Below, we expose the sections of those that we now have thought-about crucial and most related for customers. Independent bodies licensed by the DGOJ consider the correct functioning of the random number generator of the machines and thus verify the whole impartiality of the operators. Get WorkGear is a web-based ordering system for uniform suppliers that gives their customers a user-friendly approach to order and handle their product allocations. What this implies is that all data that move through the casinos techniques are encrypted. Only the casinos systems have the vital thing to un-encrypt the info and browse them or interpret them.
On the opposite hand, technological growth has also allowed at present that video games may be enjoyed directly on the website no have to download. Other necessary aspects are the apps developed to enjoy these products on mobile, in addition to the live casino expertise we told you about beneath. On our pages about roulette and online blackjack we pay particular attention to those games. If we give attention to playing, the web slot machines theyre undoubtedly the most popular. In addition, in slots its possible get pleasure from probably the most innovative software and, of course, additionally of enjoyable functions conceived by crucial online developers.
You can do this by clicking on Cashier after logging in TrueBlue Casino. You can use the positioning map at the bottom of the page to entry the cashier part. The casino can be GLI Certified, and that implies that it solely employs top-notch engineers to create and handle its numerous portfolio of choices. These workers are consultants of their respective fields, and they are expected to ship the best attainable type of service and merchandise to patrons.
They have the entire most popular games, and there are numerous totally different variations. Among the choices, you may find poker, blackjack, roulette, craps and baccarat. These all look nice, the play is easy, and the expertise is basically spectacular. A new account holder has a total of 14 days to make all three deposits and it has a relatively low 30x playthrough requirement.
New gamers, 10+ deposit, no e-wallets/prepaid cards, as a lot as 500 Free Spins, 40x Plt on Free Spins winnings. T&Cs applyNew players, 10+ deposit, no e-wallets/prepaid taking part in playing cards, as a lot as 500 Free Spins, 40x Plt on Free Spins winnings. Opt in, deposit and wager 20 on chosen video games inside 7 days of opening new account.
They have the full provide at cas...
06:54
True Blue On Line Casino Review & Actual Bonus Supply h+ Media
True Blue On Line Casino Review & Actual Bonus Supply
Next, youll be directed to the Apple Store page, where you will only need to click on on settle for the obtain, as if it have been some other regular app. That stated, you probably can entry on-line Casino Rocket in a quantity of languages, such as English, German, German-Austrian, French, Canadian English, Canadian French, Swiss-German, and Swiss-French. However, should you consider that you can resolve your problem your self, we advocate trying at the operators FAQ part. It covers a few of the commonest person issues and topics of concern and provides short and clear resolutions. While testing Casino Rocket NZ, we discovered the websites FAQ to be quite useful on multiple occasions.
These provide a broad variety of rewards which embody, free spins, money, and even a $1,000 bitcoin bonus. This facility will operate 24 hours a day and have 500 slot machines. Food and beverages might be out there from a snack bar and meals vans.
What is necessary to remember with that is that totally different video video games can usually have different payout charges. When taking a glance at recreation variety, we additionally take a look at whether or not or not they are appropriate on both cellular and desktop. Many on-line casinos provide restricted compatibility on mobile gadgets. This is often an issue for avid gamers who prefer to play on the go.
Machines are usually grouped by denomination, style and brand name. Video slots have a HELP or INFO button that will stroll you through the assorted payouts, play traces, bonus games and particular options. The 2,700+ slot machines at Encore Boston Harbor provide games for every fanatic, from video slots to reel slots, video poker and digital desk video video games.
Casino Guru Academy Free skilled tutorial programs for on-line on line casino staff geared toward commerce greatest practices, bettering participant expertise, and honest method to playing. Casinos normally settle for all bets made by patrons inside a longtime prohibit, in order that a patron cant win greater than a casino can afford to pay. Every sport supplied provides a casino a mathematical expectancy of winning, and it is extremely unusual for a casino to lose money on its games, even for sooner or later. Even lesser bettors are supplied reduced-fare transportation, lodge rooms, free drinks and cigarettes whereas playing, and other inducements. There are six casinos in Funchal, and so they provide a big selection of video games, together with blackjack, roulette, baccarat, and poker.
You can try all the main points below, clicking information for extra information and Claim to go straight over and decide up a couple of winnings. Check the payment strategies it presents and find out well about those platforms. We advise you not to save your data , so that in case of loss or theft they can not enter your account. The security...
06:53
Melbet India Evaluate Get 2150 In Free Bets h+ Media
Melbet India Evaluate Get 2150 In Free Bets
Using the cellphone you presumably can register, get wage bonuses, contact support, make financial transactions and rather more. Betting apps are in excessive demand among enthusiastic players in current times. The Melbet app is one of thebest international cricket betting apps.
I am especially pleased about melbet online on line casino. Slots are very properly embellished, I play there with my friends at weekends. Variety of occasions not only for sports, good odds, top-of-the-line strains for soccer.
Enable the set up of information for Unknown Sources within the Settings in your telephone. At the identical time, Melbet manages to get ahead in certain regards like notifications, broadcast of reside information, and extra. Melbet has made positive that plenty of effort has gone into making the platform as pleasant as potential. The app additionally does not have any issues with working smoothly on older telephones which have medium efficiency to the boot. It has come to mild that many customers are questioning about the authorized standing of Melbet in India.
Thanks to the booming cellular industry, MelBet couldnt keep away and has developed its cell app, which features perfectly on Android. Anyone can access the app at no cost by downloading it from the official website as an Apk file. Despite the advanced performance, MelBet for Android has comparatively modest system requirements. Thanks to such low necessities, youll have the power to get the total range of companies not on the latest cellphone fashions. Android and iOS app is software program with low system necessities thats suitable with all up-to-date devices.
Furthermore, cricket is a serious source of money for the Indian financial system. So, in case you are Indian, you are a part of a proud heritage. Melbet, unsurprisingly, allows you to guess on varied cricket leagues. The chat channel was examined and received a response in lower than 2 minutes, all providers have been provided in Hindi and English and the operator was very environment friendly. Without a doubt, the Melbet apps customer support, even with a small variety of channels, is amongst the platforms strengths.
The cell app isnt inferior to the web site in its features, offering customers the identical opportunities to get bonuses and participate in regular promotions. The sportsbook provides two utility variations, depending on the operating system. The Melbet APK download for Android is performed right from the location, identical as the app model for iOS units. The app is out there in many languages and offers various betting choices and casino games.
This makes bahrain betting communication between you and the assist group as simple as potential and helps to resolve all your issues sooner. You can check probably the most frequently a...
06:52
Mobile On Line Casino 2022 High 10 Best Cellular Casinos And Apps h+ Media
Mobile On Line Casino 2022 High 10 Best Cellular Casinos And Apps
By betting NZ$1.25 on the quantity 2, one other NZ$1.25 on the number 5, and the remaining NZ$2.50 on three of the four bonus sport fields, you probably can cover at least 27 of the fifty four segments of the wheel. The chance that the wheel will cease in both field of your bets is comparatively high. BonusFinder only works with casinos which function legally because of their Malta Gaming Authority and UK Gambling Commission licenses.
The biggest casino websites have bonuses that current rewards should you make a deposit as an current player, often recognized as a reload bonus. Thanks to the presence of former on line casino staff in-house, we could have interaction with on line casino buyer assistance on reside chat, cellphone, and email to test their responses. We know the tough inquiries to ask which separate out the very best out there when it comes to serving to players. With all playing wants taken care of and a few great promotions, you have to feel correct at home here.
More states, together with New York, have gone via diversified DFS licensed battles and/or have laws in progress. Their most spectacular recreation is their 3D on-line slots which have quite a couple of followers. The no-deposit welcome bonus is one other good characteristic of this website. However, weve a couple of recommendations that will push you in the course of constructing an educated ultimate selection. For a generous lump-sum bonus present, use the code CRYPTO400 with your first BTC deposit.
- On your 2nd, third, and 4th deposit, you will also get to say match bonuses for a complete of 5 BTC if youre not afraid to go huge.
- In addition, in slots it is attainable take pleasure in probably the most progressive software program and, after all, also of enjoyable functions conceived by an important online developers.
- CCS3 is a programming language that has advanced options which could benefit the process of building a website.
- They do this by offering you with the prospect to spice up the deposits you make or providing on line casino credit score to utilize on the positioning youve chosen to wager at.
- Comfort accommodates a quantity of issues during which youll give us the explanation, you will not have to maneuver.
The payment strategies for making deposits and withdrawals are available. Betting on its an experience so close to what you do in your computer. To motivate and please cell casino customers, operators are at all times providing bonus presents. All this with the aim that gamers are encouraged to do this mode of taking half in. 888 Casino NZ brings the magic into play with a bonus of up to $1++ on the first deposit.
Were all about substance right here too, but if it aint wanting fairly and it is troublesome to use, then likelihood is it isnt going to make a listing of prime...
06:50
Betting Options Of Melbet Cellular App h+ Media
Betting Options Of Melbet Cellular App
This makes communication between you and the help staff as simple as attainable and helps to solve all of your points quicker. You can verify essentially the most incessantly requested questions on the MelBet portal and use the fast search to search out the answer to your query earlier than contacting the support group. If you cant or dont wish to obtain Melbet, use the operators cellular site for sports activities predictions. It has virtually the same design and choices as the app.
Deposits and withdrawals for the latter are additionally fully free. However, basically the most attention-grabbing price technique is undoubtedly Bitcoin fee. Melbet was one of the primary bookmakers to supply this system to clients. It could be troublesome for Indian gamers to discover a web site the place they really feel cosy placing bets for reside on line on line casino play. Although the MELbet stay selection is on the small facet, its nonetheless large sufficient for any person to enjoy. MELbet is a worldwide on line on line casino that offers entry to gamblers all around the world.
To get the appliance, you need to go to the Melbet mobile website from your cell device. Apple coverage additionally prohibits downloading iPad, iPhone, or iPod touch apps from the App Store. In each instances, youll have to install this system manually. For Apple gadgets, you will want to make further modifications to the device software. Therefore, its easier has existed since 2012 and has numerous clients everywhere in the world.
Once the app is installed, the icon will seem on your telephone display screen. Clicking on its going to bring you to your MelBet login page. If you have already got a sound account, you simply need to enter your details and proceed to use the app as if it had been on the positioning. It is essential to understand that need to have a modern cellular system to install the Melbet app android model. Melbet app download for Android requires cellphones or tablets with Android four.1 and higher. Remember that you must use units with huge screens and a fast web connection to get pleasure from online betting with none issues.
Open your Melbet cricket app obtain and click on the yellow registration button on the upper-right corner of the screen. Choose cellular application on the backside of the listing. Users are at all times conscious and up to date thanks to the apps competitive odds and real-time updates on sports events. In addition, youll have the power to all the time contact the help workers, the place the best experts will help you.
The Mobile app is a chance to guess on reside matches. Dont fear when you didnt place a wager before the sport began. You can do this whenever you need during the match. Follow the steps and youll easily obtain the app on your iOS cellula...
06:49
Melbet App Evaluate In India h+ Media
Melbet App Evaluate In India
A click on on to the favored markets odds can open the betting ease, which could be obtained into as per choice to put the guess. Once you could have met the minimal withdrawal quantity pertaining to the cost risk you choose to make use of, you might withdraw the winnings. Ive observed that odds on handicaps here are higher than in several bookmakers workplaces. If you do not need to download the utility to your cellphone, you should use all of the features of Melbet bookmaker office within the Website version.
- Then navigate from your cellular gadget using a browser.
- I would like to recommend this bookmaker to a good friend.
- The procedure is equivalent for Android and iOS variations.
There are a lot of video games made by in style global providers. Here youll find a way to play slots of Novomatic, EGT, Pragmatic Play, Booongo, Playson, Endorphina, Microgaming, and so on. All games are licensed and have a set payout level. Thousands of slots, hundreds of unique mechanics and limitless methods to win await you. A unique mode in which there is a digital simulation of sports activities matches on soccer, basketball, and tennis. It is feasible to follow the course of occasions in reside mode.
When it involves downloading the MELbet cell app, you need to make certain that its appropriate with your devices. This means not all gadgets are suitable with the MELbet software. Hence, you would possibly end in enjoying this kind of betting from your cellphones browser. Melbet app makes betting simpler and less complicated for its customers.
When we review the Melbet app, its impossible not to point out such significant things as the primary properties of the bookmaker. Of course, one of many main criteria is that the company has an official Curacao license, so its actions are absolutely authorized in India and other international locations. They do not minimize limits, bets are calculated quickly and there isnt a dishonest. In play and pre-match I truly have a great line with a large spread.
Payment Strategies In Melbet App
With android, every little thing is caught up beneath one roof which is a nonissue because every item goes to its distinctive section. They have three broader divisions of the on line casino market; slots, reside on line casino, and different. Each of these host a sizeable variety of interesting events, easily accessible from melbet app.
Your account will be successfully verified after Melbet approves these documents. The official Melbet website has a piece for cybersports. This is as a result of they are thought-about one of many main betting events on the platform. This is an advantage as it allows gamers to scan the platform shortly and conveniently. Below the slides are stay sporting occasions and each event is updated to the smallest element. We earn our income from promoting...
06:47
Download Melbet App For Android Apk And Ios h+ Media
Download Melbet App For Android Apk And Ios
While the match is occurring and also youre ready for the outcomes, you possibly can entertain yourself within the casino section, which provides lots of video games for cash. Gamblers will discover entertainment to suit all tastes. Are you trying ahead to enroll with this agency utilizing a phone? Look no further as we have the best melbet app and Mobil signup illustrations here for you. This transfer will be the starting of your lengthy journey of exploring a big selection of products. Being a member merely unlocks all features and provides customers the right to make use of the company features and instruments to make money.
Generally, it takes 5-10 business days on your transaction to be reviewed and processed. With melbet app for iOS, ensure your working system is iOS 11 or later, theres 200+MBs storage, and you get the program from their genuine provider. If you own a smartphone with an android working system, we suggest you carry out a few simple steps earlier than installing the applying. The bookmaker permits gamers to make single bets, kind categorical bets and methods.
Here you can wager cash on occasions related to Dota 2, Counter-Strike and different video games. You can place a wager on virtually any sporting event. More than a thousand events associated to cricket, soccer, hockey, and other sports activities are added to the lineup every single day. Once you discover the install it. That means you presumably can simply download and use the app in your mobile gadget with a lot ease. The app capabilities properly on both Android and iOS operating systems.
After that, click on on the Melbet apk download button with the Android emblem. The Melbet apk obtain file will also be routinely downloaded to your device. The Melbet app is a great alternative to get pleasure from the best betting web site proper out of your mobile phone. The app is out there on both iOS and Android platforms.
Melbet was based in 2012, has an Eastern European origin and a Curacao license. Melbet.com also has a license in Nigeria, and the brand has acquired a piece allow in Kenya and Estonia. The design of the app is dominated by the colours grey, green and yellow. Text and odds are clearly seen and distinguishable. The easiest and most simple method for any consumer, as a result of all you need to do is select your country of residence and foreign money.
You could make predictions for each popular and little-known sports. Doubling your first deposit to INR 8,000 is a superb beginner supply to take advantage of in 2021. You cant spend it on on line casino games, toto, poker, and different activities. Players are supplied welcome bonuses for each sports activities betting and playing.
I even havent any issues with melbet free download, everything is virus-free and fast. The withdraw...
05:43
Newly-Revealed Coronavirus Data Has Reignited a Debate Over the Virus's Origins SoylentNews
Newly-revealed coronavirus data has reignited a debate over the virus's origins:
Data collected in 2020and kept from public view since thenpotentially adds weight to the animal theory. It highlights a potential suspect: the raccoon dog. But exactly how much weight it adds depends on who you ask. New analyses of the data have only reignited the debate, and stirred up some serious drama.
The current ruckus starts with a study shared by Chinese scientists back in February 2022. In a preprint (a scientific paper that has not yet been peer-reviewed or published in a journal), George Gao of the Chinese Center for Disease Control and Prevention (CCDC) and his colleagues described how they collected and analyzed 1,380 samples from the Huanan Seafood Market.
These samples were collected between January and March 2020, just after the market was closed. At the time, the team wrote that they only found coronavirus in samples alongside genetic material from people.
There were a lot of animals on sale at this market, which sold more than just seafood. The Gao paper features a long list, including chickens, ducks, geese, pheasants, doves, deer, badgers, rabbits, bamboo rats, porcupines, hedgehogs, crocodiles, snakes, and salamanders. And that list is not exhaustivethere are reports of other animals being traded there, including raccoon dogs. We'll come back to them later.
But Gao and his colleagues reported that they didn't find the coronavirus in any of the 18 species of animal they looked at. They suggested that it was humans who most likely brought the virus to the market, which ended up being the first known epicenter of the outbreak.
But....
Read more of this story at SoylentNews.
04:55
Sparks of Artificial General Intelligence: Early Experiments with GPT-4, Exhibits Emergent Behaviors and Capabilities Whose Sources and Mechanisms Are, at This Moment, Hard to Discern Precisely cryptogon.com
They dont know how it works. Via: arXiv Microsoft Research: Artificial intelligence (AI) researchers have been developing and refining large language models (LLMs) that exhibit remarkable capabilities across a variety of domains and tasks, challenging our understanding of learning and cognition. The latest model developed by OpenAI, GPT-4 [Ope23], was trained using an unprecedented []
04:53
An aperiodic monotile, by David Smith, Joseph Samuel Myers, Craig S. Kaplan, and Chaim Goodman-Strauss. A longstanding open problem asks for an aperiodic monotile, also known as an einstein: a shape that admits tilings of the plane, but never periodic tilings.
Tilings Encyclopedia, from Uni Bielefeld. Aperiodicity can be achieved with pretty easy rules.
How did Dennis Ritchie Produce his PhD Thesis? A Typographical Mystery (PDF), by David F. Brailsford, Brian W. Kernighan, and William A. Ritchie.
Notes on structured concurrency, or: Go statement considered harmful (2018), by Nathaniel J. Smith.
BibBot, a browser add-on to read german news pages using a public library account.
Reviving the IBM Selectric Composer Fonts, by Jens Kutilek.
A compiler for the Tiny-C language, by Marc Feeley. Wirth-level of integration!
The C2 Wiki, online archive with the original feel.
Samsung space zoom moon shots are fake, and here is the proof, what a disgusting feature.
Typescripting the technical interview, by Richard Towers.
04:25
Up to 80 Percent of Workers Could See Jobs Impacted by AI cryptogon.com
Paper: GPTs are GPTs: An Early Look at the Labor Market Impact Potential of Large Language Models: Our findings indicate that approximately 80% of the U.S. workforce could have at least 10% of their work tasks affected by the introduction of GPTs, while around 19% of workers may see at least 50% of their tasks []
04:25
Security Affairs newsletter Round 412 by Pierluigi Paganini International edition Security Affairs
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.
If you want to also receive for free the newsletter with the international press subscribe here.
04:00
Techrights Develops Free Software to Separate the Wheat From the Chaff Techrights
Summary: In order to separate the wheat from the chaff weve been working on simple, modular tools that process news and help curate the Web, basically removing the noise to squeeze out the signal
THE concept behind Free Software emanates from many programmers desire to not only produce useful software but also to share this usefulness with many other people, either in exchange for recognition or further improvements to that software.
Lately weve developed a number of programs (Free Software of course, GPLV3-licensed) that help produce/curate Daily Links. Some time later this month or next month well properly explain what they are and how they work. Other people too deserve access to the toolsets.
03:44
The Last of Us is Getting Married schestowitz.com
spoke
to my sister today (thats her above) one last time before her
wedding tomorrow. Its hard to believe how fast people grow up. Shes
now managing a team, doing programming while using Debian 11, just
like me. Tomorrow shell be officially married to another technical
person. Life passes by when you dont pay attention. We all grow
older, but some take advantage of the time they have on this
planet. Some waste it away.
This is me aged 16, back in the days I was playing tennis a lot.
03:06
OpenMandriva ROME 23.03 Released With Linux 6.2 + KDE Plasma 5.27 Desktop Phoronix
OpenMandriva ROME 23.03 has been released as the "rolling release" flavor of this Linux distribution whose roots trace back to the beautiful days of Mandrake Linux...
02:40
Linux Will Stop Randomizing Per-CPU Entry Area When KASLR Is Not Active Phoronix
With the Linux 6.2 release kernel developers addressed "a tasty target for attackers" after it was realized that the per-CPU entry data was not being randomized, even in the presence of Kernel Address Space Layout Randomization (KASLR). The per-CPU entry area randomization has been present since Linux 6.3 but then was realized it's being activated even if KASLR was disabled, so now that is changing to avoid possible confusion...
02:22
Eye drop recall: Florida woman sues company after eye removed Lifeboat News: The Blog
A Florida woman is suing an eye drop manufacture claiming that its product which has been linked to a deadly bacteria outbreak made her legally blind.
Sixty-eight-year-old Clara Elvira Oliva is taking legal action against Global Pharma Healthcare after suffering such a severe infection from using its EzriCare Artificial Tears that she had to have her eye removed, according to court documents.
Olivas right eye was removed and replaced with a plastic implant in September 2022 to control a severe antibiotic resistant infection, according to the lawsuit filed earlier this month in Federal court in Miami, Florida.
02:22
More than 10 different brands of eye drops recalled Lifeboat News: The Blog
The eye drops were contaminated with an antibiotic-resistant form of Pseudomonas aeruginosa, an aggressive bacterium, according to the CDC.
02:22
SpaceX may have to deorbit some of its new Starlink V2 Mini satellites Lifeboat News: The Blog
SpaceX / Twitter.
The SpaceX CEO explained that some satellites would likely have to be deorbited to burn up in Earths atmosphere.
02:22
80% of workers will be exposed to AI. These jobs will be most affected Lifeboat News: The Blog
Researchers at OpenAI have worked out the potential exposure to AI different occupations face and its impact is widespread.
02:00
Gallium Nitride and Silicon Carbide Fight for Green Tech Domination IEEE Spectrum
Can advanced semiconductors cut emissions of greenhouse gases enough to make a difference in the struggle to halt climate change? The answer is a resounding yes. Such a change is actually well underway.
Starting around 2001, the compound semiconductor gallium nitride fomented a revolution in lighting that has been, by some measures, the fastest technology shift in human history. In just two decades, the share of the global lighting market held by gallium-nitride-based light-emitting diodes has gone from zero to more than 50 percent, according to a study by the International Energy Agency. The research firm Mordor Intelligence recently predicted that, worldwide, LED lighting will be responsible for cutting the electricity used for lighting by 30 to 40 percent over the next seven years. Globally, lighting accounts for about 20 percent of electricity use and 6 percent of carbon dioxide emissions, according to the United Nations Environment Program.
Each wafer
contains hundreds of state-of-the-art power
transistorsPeter Adams
This revolution is nowhere near done. Indeed, it is about to jump to a higher level. The very semiconductor technology that has transformed the lighting industry, gallium nitride (GaN), is also part of a revolution in power electronics that is now gathering steam. It is one of two semiconductorsthe other being silicon carbide (SiC)that have begun displacing silicon-based electronics in enormous and vital categories of power electronics.
GaN and SiC devices perform better and are more efficient than the silicon components they are replacing. There are countless billions of these devices all over the world, and many of them operate for hours every day, so the energy savings are going to be substantial. The rise of GaN and SiC power electronics will ultimately have a greater positive impact on the planets climate...
01:40
Microsoft shares guidance for investigating attacks exploiting CVE-2023-23397 Security Affairs
Microsoft is warning of cyber attacks exploiting a recently patched Outlook vulnerability tracked as CVE-2023-23397 (CVSS score: 9.8).
Microsoft published guidance for investigating attacks exploiting recently patched Outlook vulnerability tracked as CVE-2023-23397.
The flaw is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass.
A remote, unauthenticated attacker can exploit the flaw to access a users Net-NTLMv2 hash by sending a specially crafted e-mail to an affected system.
An attacker who successfully exploited this vulnerability could access a users Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user. reads the advisory published by Microsoft. The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane. External attackers could send specially crafted emails that will cause a connection from the victim to an external UNC location of attackers control. This will leak the Net-NTLMv2 hash of the victim to the attacker who can then relay this to another service and authenticate as the victim.
The vulnerability was reported by the CERT-UA and the Microsoft Incident Response, Microsoft Threat Intelligence (MSTI), suggesting that it has been exploited by a nation-state actor.
Microsoft addressed the flaw as part of its Patch Tuesday updates for March 2023.
The guidance published by Microsoft includes details about the attacks using the vulnerability. The following diagram shows attackers gaining initial access using a Net-NTLMv2 Relay attack, then maintaining persistence via modifying mailbox folder permissions, and performing lateral movement by sending additional malicious messages.
01:27
Links 26/03/2023: MidnightBSD 3.0 and FreeBSD 13.2 RC4 Techrights
Contents
- GNU/Linux
- Distributions and Operating Systems
- Free, Libre, and Open Source Software
- Leftovers
- Gemini* and Gopher
-
GNU/Linux
-
Linux Links Linux Around The World: Nigeria
We cover user groups that are running in Nigeria. This article forms part of our Linux Around The World series.
-
Desktop/Laptop
-
Its FOSS Framework Unveils a New Laptop With Game-Changing Open Source Module System
Framework...
-
-
01:03
Mathematicians Have Finally Discovered an Elusive Einstein Tile SoylentNews
A 13-sided shape called 'the hat' forms a pattern that never repeats:
A 13-sided shape known as "the hat" has mathematicians tipping their caps.
It's the first true example of an "einstein," a single shape that forms a special tiling of a plane: Like bathroom floor tile, it can cover an entire surface with no gaps or overlaps but only with a pattern that never repeats.
"Everybody is astonished and is delighted, both," says mathematician Marjorie Senechal of Smith College in Northampton, Mass., who was not involved with the discovery. Mathematicians had been searching for such a shape for half a century. "It wasn't even clear that such a thing could exist," Senechal says.
Although the name "einstein" conjures up the iconic physicist, it comes from the German ein Stein, meaning "one stone," referring to the single tile. The einstein sits in a weird purgatory between order and disorder. Though the tiles fit neatly together and can cover an infinite plane, they are aperiodic, meaning they can't form a pattern that repeats.
With a periodic pattern, it's possible to shift the tiles over and have them match up perfectly with their previous arrangement. An infinite checkerboard, for example, looks just the same if you slide the rows over by two. While it's possible to arrange other single tiles in patterns that are not periodic, the hat is special because there's no way it can create a periodic pattern.
Read more of this story at SoylentNews.
01:00
Loudmouth DJI Drones Tell Everyone Where You Are Hackaday
Back when commercial quadcopters started appearing in the news on the regular, public safety was a talking point. How, for example, do we keep them away from airports? Well, large drone companies didnt want the negative PR, so some voluntarily added geofencing and tracking mechanisms to their own drones.
When it comes to DJI, one such mechanism is DroneID: a beacon on the drone itself, sending out a trove of data, including its operators GPS location. DJI also, of course, sells the Aeroscope device that receives and decodes DroneID data, declared to be for government use. As it often is with privacy-compromising technology, turns out its been a bigger compromise than we expected.
Questions started popping up last year, as off-the-shelf quadcopters (including those made by DJI) started to play a part in the Russo-Ukrainian War. It didnt take long for Ukrainian forces to notice that launching a DJI drone led to its operators being swiftly attacked, and intel was that Russia got some Aeroscopes from Syria. DJIs r...
00:58
New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails HackRead | Latest Cybersecurity and Hacking News Site
By Deeba Ahmed
The backdoors used in this campaign are never-before-seen malware strains called CommonMagic and PowerMagic.
This is a post from HackRead.com Read the original post: New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails
00:37
Extraordinary: The Revelations cryptogon.com
Via: Unidentified:
00:23
The Impending Collapse of the French Economy Lifeboat News: The Blog
Pensions behave as government mandated ponzi schemes. New contributors are needed to pay for past contributors. But what if there are less and less new contributors and contributions? And what if past generations live longer and longer lives?
Limited time: get 5 free stocks when you sign up to moomoo and deposit $100 and 15 free stocks when you deposit $1,000. Use link https://j.moomoo.com/00iPZo.
France is facing massive protests in response to its recently announced pension reform. While France is the only country facing massive protests for now, almost all developed countries will likely be forced to conduct similar pension reforms in the future as they face rapidly aging populations.
0:00 1:50 Intro.
1:51 5:03 French pension system.
5:04 7:15 The Ponzi scheme.
7:16 9:42 Pension crisis.
9:43 11:20 Demographic time bomb.
11:21 A warning to us all.
Email us: Wallstreetmillennial@gmail.com.
Support us on Patreon: https://www.patreon.com/WallStreetMillennial?fan_landing=true.
Check out our new podcast on Spotify: https://open.spotify.com/show/4UZL13dUPYW1s4XtvHcEwt?si=08579cc0424d4999&nd=1
All materials in these videos are used for educational purposes and fall within the guidelines of fair use. No copyright infringement intended. If you are or represent the copyright owner of materials used in this video and have a problem with the use of said material, please send me an email, wallstreetmillennial.com, and we can sort it out.
00:23
Metas New ChatGPT-Like AI Is Fluent in the Language of Proteinsand Has Already Modeled 700 Million of Them Lifeboat News: The Blog
Meta seems to already have good AI tools.
Metas ESMFold AI is a large language model like OpenAIs ChatGPT. But instead of spitting out text, it generates protein sequences.
00:22
Blood Test #2 in 2023: Diet Composition Lifeboat News: The Blog
Join us on Patreon! https://www.patreon.com/MichaelLustgartenPhD
Discount Links:
NAD+ Quantification: https://www.jinfiniti.com/intracellular-nad-test/
Use Code: ConquerAging At Checkout.
Green Tea: https://www.ochaandco.com/?ref=conqueraging.
Oral Microbiome: https://www.bristlehealth.com/?ref=michaellustgarten.
Epigenetic Testing: https://bit.ly/3Rken0n.
Use Code: CONQUERAGING!
At-Home Blood Testing: https://getquantify.io/mlustgarten.
Sunday, 26 March
22:23
Civil Space Lifeboat News: The Blog
Johns Hopkins APLs Civil Space Mission Area makes critical contributions to NASA and international missions to meet the challenges of space science, engineering, and exploration.
Since the dawn of the Space Age, APL has pushed the frontiers of space science, engineering and exploration. We captured the first picture of Earth from space, invented navigation by satellite, dispatched spacecraft across the solar system from our Sun to Pluto and beyond, and successfully conducted the worlds first full-scale planetary defense test mission.
We continue to shape the future by providing our nation with innovative and low-cost solutions to its space challenges. Our work includes conducting research and space exploration; development and application of space science, engineering, and technology; and production of one-of-a-kind spacecraft, instruments, and subsystems.
22:22
Pyrroloquinoline quinone disodium salt improves brain function in both younger and older adults Lifeboat News: The Blog
Brain function is important for a good quality of life. Pyrroloquinoline quinone disodium salt (PQQ) has been proven to improve brain function and cognition in older adults (above 45 years). In this double-blind, placebo-controlled study, we investigated the effects of PQQ on cognitive function in adults aged between 20 and 65 years. PQQ (20 mg per day) was administered for 12 weeks to the participants. After 12 weeks, the participants showed improvements in composite memory and verbal memory. A further age-stratified analysis was performed. In younger adults (aged 2040 years), PQQ improved cognitive function (cognitive flexibility, processing speed, and execution speed) after 8 weeks. Only older adults (aged 4165 years) showed improvements in complex and verbal memory after 12 weeks. In the logistic regression analysis that included the results of all cognitive tests, the changes due to PQQ intake were observed at 8 and 12 weeks in the young and old groups, respectively.
22:10
Linux 6.4 Preparing DRM Deadline Hints To Help Influence GPU Frequency/Performance Phoronix
Rob Clark on Saturday sent out a pull request adding the DMA-BUF/DMA-FENCE deadline awareness code to the Direct Rendering Manager (DRM) subsystem with the upcoming Linux 6.4 cycle...
22:00
Classic 1960s Flip Clock Gets NTP Makeover Hackaday
Many of the clocks we feature here on Hackaday are entirely built from scratch, or perhaps reuse an unusual display type. But sometimes, an old clock is just perfect as it is, and only needs a bit of an upgrade to help it fit into the modern world. One such example is the lovely 1960s Copal flip clock (in German, Google Translate link) that [Wolfgang Jung] has been working with he managed to bring it squarely into the 21st century without changing its appearance one bit.
Like most flip clocks from the 60s and 70s, the Copal clock uses a small synchronous AC motor to advance the digits. Because this motor runs in step with the mains frequency, it also acts as the clocks timing reference. However the original motor had died, and a direct replacement was impossible to find. So [Wolfgang] decided to replace it with a modern stepper motor. He designed a small PCB that fit the original housing, on which he placed a Trinamic TMC2225 stepper motor driver, a Wemos D1 Mini and a small 5 V power supply.
...
21:54
LLVM 17 Lands Initial Support For RISC-V Vector Crypto Extension ISA Phoronix
Merged this weekend to the LLVM 17 development code-base is initial support for RISC-V's vector crypto extension ISA...
21:45
Major Publishers Mull Legal Action Against Pirate Ebook Platform TorrentFreak
Theres something special about professionally produced
textbooks. From the information inside to the tactile feel of the
paper, textbooks can be items of beauty.
Unfortunately, reality rains on the parade more than just a little. Textbooks are bulky, woefully underpowered for mass research purposes, and then suddenly out date for any number of reasons. After factoring in the extraordinary expense, its no surprise that some turn to sites like the recently resurrected Z-Library.
Check Out The Bargains, Beware of the Scams
A student posting on Reddits /r/college earlier this year posed questions about digital textbooks. As a distance learner, digital copies made sense since they dont have to be physically returned.
After spotting a website offering every textbook the student needed for just $20 each, a question needed to be answered: Is Fenlita.com really legit?
As suggested by some of the responses, sites selling new textbooks for $20 should always be viewed with caution. Several people claiming to have used Fenlita say they pretty much got what they expected a pirated copy of a textbook in PDF format, in some cases delivered via a Dropbox link.
Other reviews and reports suggest more serious problems for potential buyers.
One reported purchase consisted of a file that took about an hour to download and then turned out to be 400 pages of screenshots. Given the low price, that mightve been tolerable; if the textbook in its original form hadnt run to 650 pages.
Reports of multiple charges to credit cards and items appearing in baskets multiple times werent supported by proof but are still a concern. A report from a buyer, who complained that a download link went to an apparently seized website, hardly inspires confidence.
Publishers Target Fenlita.com
Given the above, it’...
21:33
Libinput 1.23 Brings New "Custom" Pointer Acceleration Profile, Better Razer Support Phoronix
Jos Expsito announced the release this weekend of libinput 1.23, the input handling library used these days across the Linux desktop for both X.Org/X11 and Wayland based environments. With libinput 1.23 comes a few notable new features...
21:08
KDE This Week Unveiled The XWaylandVideoBridge, Landed More Crash Fixes Phoronix
KDE developers remain quite busy working on Plasma 6.0 development along with preparing fixes for further Plasma 5.27 LTS point releases...
20:23
Facebook accounts hijacked Lifeboat News: The Blog
The extension is a copy of the legitimate popular add-on for Chrome named ChatGPT for Google that offers ChatGPT integration on search that attempts to steal Facebook session cookies.
The publisher of the extension uploaded it to the Chrome Web Store on February 14, 2023, but only started promoting it using Google Search advertisements on March 14, 2023. Since then, it has had an average of a thousand installations per day.
20:18
Non-Disparagement Clauses Are Retroactively Voided, NLRBs Top Cop Clarifies SoylentNews
The National Labor Relations Board has clarified that non-disparagement clauses attached to severance packages are null and void. Companies will not be able to stifle criticism by ex-employees through clauses asking them to waive their inherent rights.
The general counsel of the National Labor Relations Board issued a clarifying memo on Wednesday regarding the "scope" of a February ruling by the federal agency's board that said employers cannot include blanket non-disparagement clauses in their severance packages, nor demand laid-off employees keep secret the terms of their exit agreements.
Such provisions have become increasingly common in recent years, muzzling employees and otherwise stopping them from speaking up about working conditions by dangling a few weeks or months of pay in front of them at the exact moment they are losing their job.
This is a follow up to last month's statment and could prove significant for some employers with a high rate of turn over and decades of in-house dirt. *cough*m$*cough*
Read more of this story at SoylentNews.
19:30
Week in review: Manage the risk of ChatGPT use, know the danger of failed Okta logins Help Net Security
Heres an overview of some of last weeks most interesting news, articles, interviews and videos: These 15 European startups are set to take the cybersecurity world by storm Google has announced the startups chosen for its Cybersecurity Startups Growth Academy. The 15 selected startups are from eight countries and were chosen from over 120 applicants. Threat actors are experimenting with QR codes Hackers are diversifying attack methods, including a surge in QR code phishing campaigns, More
The post Week in review: Manage the risk of ChatGPT use, know the danger of failed Okta logins appeared first on Help Net Security.
19:00
Is Your USB-C Dock Out To Hack You? Hackaday
In todays installment of Betteridges law enforcement, heres an evil USB-C dock proof-of-concept by [Lachlan Davidson] from [Aura Division]. Weve seen malicious USB devices aplenty, from cables and chargers to flash drives and even suspicious USB fans. But a dock, however, is new. The gist is simple you take a stock dock, find a Pi Zero W and wire it up to a USB 2.0 port tapped somewhere inside the dock. Finding a Pi Zero is unquestionably the hardest part in this endeavor on the software side, everything is ready for you, just flash an SD card with a pre-cooked malicious image and go!
On the surface level, this might seem like a cookie-cutter malicious USB attack. However, theres a non-technical element to it; USB-C docks are becoming more and more popular, and with the unique level of convenience they provide, the plug it in temptation is much higher than with other devices. For instance, in shared workspaces, having a USB-C cable with charging and sometimes even a second monitor is becoming a norm. If you use USB-C...
17:07
IRC Proceedings: Saturday, March 25, 2023 Techrights
Also available via the Gemini protocol at:
- gemini://gemini.techrights.org/irc-gmi/irc-log-techrights-250323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-250323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-social-250323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-techbytes-250323.gmi
Over HTTP:
|
|
|
|
|
|
|
|
|
|
... |
17:05
Vice Society claims attack on Puerto Rico Aqueduct and Sewer Authority Security Affairs
Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyber attack with the help of the FBI and US CISA.
The Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyberattack that last week hit the agency. The agency quickly activated the incident response procedure after the attack.
The attack was disclosed on March 19, and threat actors had access to customer and employee information. The agency is going to notify impacted customers and employees via breach notification letters.
The agency pointed out that operations at the critical infrastructure managed by the agency in Puerto Rico were not impacted.
It should be noted that once the incident was detected and from the first moment we have been working with the relevant authorities, the FBI and CISA [Cybersecurity and Infrastructure Security Agency], specifically, said Nannette Martnez, executive director of the Puerto Rico Aqueduct and Sewer Authoritys (PRASA) office of innovation and technology.
At this time, the agency has yet to reveal the name of the group behind the attack, but the Vice Society ransomware gang added the authority to the list of victims on its Tor leak site. The ransomware gang leaked the passports, drivers licenses and other documents of the impacted individuals.
16:06
Links 26/03/2023: More TikTok Bans Techrights
Contents
-
GNU/Linux
-
Desktop/Laptop
-
Linux Made Simple 2023-03-20Linux Weekly Roundup #227
-
OMG! Linux Framework Laptop 13 Finally Gets AMD Options
Im not lucky enough to own one (yet) but, on sheer concept alone, I am a big fan of Frameworks modular 13-inch laptop
-
-
Server
-
Container Journal Docker, Inc. Celebrates 10th Anniversary With Alliances
Docker, Inc. celebrated the 10th anniversary of the namesake artifact used widely for building cloud-native applications by announcing alliances with Ambassador Labs to improve the developer experience and Hugging Face to make it simpler to launch and deploy machine learning applications on a cloud service using DockerFile. In addition, Docker,
-
-
Audiocasts/Shows
-
Jupiter Broadcasting The Podman Perspective | Self-Hosted 93
Alex goes all in on Rootless Podman, Chris is saving his Nextcloud install from disaster, and a special guest joins us. Special Guest: Alex Ellis.
-
Linux in the Ham Shack LHS Episode #501: FreeDV Deep Dive 2
Hello and welcome to the 501st episode of Linux in the Ham Shack. In this episode, we talk with Mooneer Salem, K6AQ, primary developer on the FreeDV team.
-
The TLLTS Podcast The L...
-
-
16:00
Recreating one of Historys Best Known Spy Gadgets Hackaday
[Machining and Microwaves] got an interesting request. The BBC asked him to duplicate the Great Seal Bug the device the Russians used to listen covertly to the US ambassador for seven years in 1945. Turns out theyre filming a documentary on the legendary surveillance device and wanted to demonstrate how it worked.
The strange thing about the bug is that it wasnt directly powered. It was actually a resonant cavity that only worked when it was irradiated with an external RF energy. Most of the video is background about the bug, with quite a few details revealed. We particularly liked the story of using a software defined radio (SDR) to actually make the bug work.
As you might expect, things didnt go smoothly. Did they ever get results on camera? Watch the video, and you can find out. This is just the first of six videos he plans to make on the topic, and we cant wait for future videos that cover the machining and more technical details.
Weve examined the Theremin bug before. Theres a definite cat-and-mouse dynamic between creating bugging devices and detecting them.
...
15:36
Earth is Running Out of Places for Stargazers' Dark Deeds SoylentNews
A 'new deal for the night' needed:
Increasing levels of light pollution means Earth's surface has almost no practical locations for astronomical observatories, a group of astronomers said on Monday.
Artificial light emitted from buildings, streetlights, and reflected from satellite constellations are making the night sky brighter for earth-bound skywatchers. The Milky Way was visible to pretty much everyone less than 100 years ago, but is now drowned out by human-made light to most, according to the International Dark Sky Association.
[...] "Today, due to the rise of light pollution, there are almost no more remote places available on Earth that simultaneously meet all the characteristics needed to install an observatory (namely, the absence of light pollution, a high number of clear nights, and good seeing)," a team of astronomers said in Nature Astronomy.
The authors urged astronomers, companies, politicians, and lawmakers around the world to work together to reach a global agreement to limit artificial light. Light pollution should be treated in the same way that other types of pollutants, like greenhouse gases, they argued. Governments around the world should and can tackle light pollution in the same ways they address climate change: with international treaties and goals to restrict levels of other pollutants.
[...] "As it is not too late to stop this, we as scientists and first as citizens should act to stop this attack, from above with satellites and from below with [artificial light at night], on the natural night and on the intangible cultural heritage of humankind's starry skies," they concluded.
"Now is the time to consider the prohibition of mega-constellations and to promote a significant reduction in [artificial light at night] and the consequent light pollution. Our world definitely needs a 'new deal' for the night."
Journal Reference:
Falchi, F., Bar, S., Cinzano, P. et al. A call for
scientists to halt the spoiling of the night sky with artificial
light and satellites [open]. Nat Astron 7,
237239 (2023). https://doi.org/10.1038/s41550-022-01864-z
Read more of this story at SoylentNews.
13:00
Single Flex PCB Folds into a Four-Wheel Rover, Complete with Motors Hackaday
Youve got to hand it to [Carl Bugeja] he comes up with some of the most interesting electromechanical designs weve seen. His latest project is right up there, too: a single PCB that folds up into a four-wheel motorized rover.
The key to [Carl]s design lies with his PCB brushless motors, which he has been refining since we first spotted them back in 2018. The idea is to use traces on the PCB for the stator coils to drive a 3D printed rotor containing tiny magnets. They work surprisingly well, even if they dont generate a huge amount of torque. [Carl]s flexible PCB design, which incorporates metal stiffeners, is a bit like an unfolded cardboard box, with two pairs of motor coils on each of the side panels. This leaves the other surfaces available for all the electronics, with includes a PIC, a driver chip, and a Hall sensor for each motor, an IMU and proximity sensor for navigation, and an ESP32 to run the show.
With machined aluminum rotors and TPU tires mounted to the folded-up chassis, it was off to the races, albeit slowly. The lack of torque from the motors and the light w...
10:48
Windows 11, Tesla, Ubuntu, and macOS hacked at Pwn2Own 2023 SoylentNews
Windows 11, Tesla, Ubuntu, and macOS hacked at Pwn2Own 2023:
On the first day of Pwn2Own Vancouver 2023, security researchers successfully demoed Tesla Model 3, Windows 11, and macOS zero-day exploits and exploit chains to win $375,000 and a Tesla Model 3.
The first to fall was Adobe Reader in the enterprise applications category after Haboob SA's Abdul Aziz Hariri (@abdhariri) used an exploit chain targeting a 6-bug logic chain abusing multiple failed patches which escaped the sandbox and bypassed a banned API list on macOS to earn $50,000.
The STAR Labs team (@starlabs_sg) demoed a zero-day exploit chain targeting Microsoft's SharePoint team collaboration platform that brought them a $100,000 reward and successfully hacked Ubuntu Desktop with a previously known exploit for $15,000.
Synacktiv (@Synacktiv) took home $100,000 and a Tesla Model 3 after successfully executing a TOCTOU (time-of-check to time-of-use) attack against the Tesla Gateway in the Automotive category. They also used a TOCTOU zero-day vulnerability to escalate privileges on Apple macOS and earned $40,000.
Oracle VirtualBox was hacked using an OOB Read and a stacked-based buffer overflow exploit chain (worth $40,000).
Last but not least, Marcin Wizowski elevated privileges on Windows 11 using an improper input validation zero-day that came with a $30,000 prize.
Throughout the Pwn2Own Vancouver 2023 contest, security researchers will target products in enterprise applications, enterprise communications, local escalation of privilege (EoP), server, virtualization, and automotive categories.
[...] After zero-day vulnerabilities are demoed and disclosed during Pwn2Own, vendors have 90 days to create and release security fixes for all reported flaws before Trend Micro's Zero Day Initiative publicly discloses them.
During last year's Vancouver Pwn2Own contest, security researchers earned $1,155,000 after hacking Windows 11 six times, Ubuntu Desktop four times, and successfully demonstrating three Microsoft Teams zero-days.
Previous:
Critical
Zoom Vulnerability Triggers Remote Code Execution Without User
Input
Work from
Home Pwn2Own Hackers Make $130,000 in 48 Hours from Windows 10
Exploits
...
10:42
Distribution Release: Slackel 7.6 "Openbox" DistroWatch.com: News
Slackel is a Linux distribution and live environment based on Slackware Linux and Salix OS. The project has published a new version, Slackel 7.6 "Openbox". The project's release announcement offers the following insights: "Slackel 7.6 "Openbox" has been released. It is more than a year since the....
10:00
Inside Digital Image Chips Hackaday
Have you ever thought how amazing it is that every bit of DRAM in your computer requires a teeny tiny capacitor? A 16 GB DRAM has 128 billion little capacitors, one for each bit. However, thats not the only densely-packed IC you probably use daily. The other one is the image sensor in your camera, which is probably in your phone. The ICs have a tremendous number of tiny silicon photosensors, and [Asianometry] explains how they work in the video you can see below.
The story starts way back in the 1800s when Hertz noticed that light could knock electrons out of their normal orbits. He couldnt explain exactly what was happening, especially since the light intensity didnt correlate to the energy of the electrons, only the number of them. It took Einstein to figure out what was going on, and early devices that used the principle were photomultiplier tubes, which are extremely sensitive. However, they were bulky, and an array of even dozens of them would be gigantic.
07:58
NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Security Affairs
The U.K. National Crime Agency (NCA) revealed that it has set up a number of fake DDoS-for-hire sites to infiltrate the online criminal underground.
The UK National Crime Agency announced it has infiltrated the online criminal marketplace by setting up several sites purporting to offer DDoS-for-hire services.
DDoS-for-hire or booter services allows registered users to launch order DDoS attacks without specific knowledge.
While the NCA-run sites were up and running, they have been accessed by several thousand people, whose registration data were obtained by the investigators. The UK authorities will contact registered users that are based in the UK and warn them about engaging in cyber crime. Information relating users that are based overseas is being passed to international law enforcement.
All of the NCA-run sites, which have so far been accessed by around several thousand people, have been created to look like they offer the tools and services that enable cyber criminals to execute these attacks, reads the announcement. However, after users register, rather than being given access to cyber crime tools, their data is collated by investigators.
The activity is part of a coordinated international operation named Operation Power Off that is targeting DDoS-for-hire infrastructures worldwide.
In December, the U.S. Department of Justice (DoJ)...
07:00
How Much Programming Can ChatGPT Really Do? Hackaday
By now weve all seen articles where the entire copy has been written by ChatGPT. Its essentially a trope of its own at this point, so we will start out by assuring you that this article is being written by a human. AI tools do seem poised to be extremely disruptive to certain industries, though, but this doesnt necessarily have to be a bad thing as long as they continue to be viewed as tools, rather than direct replacements. ChatGPT can be used to assist in plenty of tasks, and can help augment processes like programming (rather than becoming the programmer itself), and this article shows a few examples of what it might be used for.
06:06
Benefits of Big City Life Only for the Elite SoylentNews
Urban inequality in Europe and the United States is so severe that urban elites claim most of the benefits from the agglomeration effects that big cities provide, while large parts of urban populations get little to nothing:
In recent years, researchers from across disciplines have identified striking and seemingly universal relationships between the size of cities and their socioeconomic activity. Cities create more interconnectivity, wealth, and inventions per resident as they grow larger. However, what may be true for city populations on average, may not hold for the individual resident.
"The higher-than-expected economic outputs of larger cities critically depend on the extreme outcomes of the successful few. Ignoring this dependency, policy makers risk overestimating the stability of urban growth, particularly in the light of the high spatial mobility among urban elites and their movement to where the money is", says Marc Keuschnigg, associate professor at the Institute for Analytical Sociology at Linkping University and professor at the Institute of Sociology at Leipzig University.
[...] An individual's productivity depends on the local social environments in which they find themselves in. Because of the greater diversity in larger cities, skilled and specialized people are more likely to find others whose skills are complementary to their own. This allows for higher levels of productivity and greater learning opportunities in larger cities.
But, not everyone can access the productive social environments that larger cities provide. Different returns from context accumulate over time which gives rise to substantial inequality.
[...] Consequently, the initially successful individuals in the bigger cities increasingly distanced themselves from both the typical individual in their own city, creating inequality within the big cities, and the most successful individuals in smaller cities, creating inequality between cities.
Read more of this story at SoylentNews.
04:36
FreeBSD 13.2-RC4 Released With Fixed Suspend/Resume For Some Laptops Phoronix
FreeBSD 13.2-RC4 is now available with a few more fixes for this BSD operating system update. A FreeBSD 13.2-RC5 release is also inbound as an extra release candidate with one more bug fix, after which the stable release should happen...
04:09
Are ad-driven business models bad? Geeking with Greg
There's been a lot of discussion that ad-driven business models are inherently exploitative and anti-consumer. I think that's both wrong and not a helpful way to look at how to fix the problems in the tech industry.
I think the problem with ad-driven models is that it's easy and tempting for executives to use short-term metrics and incentives like clicks or engagement. It's the wrong metric and incentives for teams. But I think the problem is more ignorance, or willful ignorance, of that issue. In the short-term, for an ad-supported product, ad revenue and profitability does look like ad clicks. In the long-term, ad profitability looks like converting performing ads for advertisers over the lifetime of customers. Those are quite a bit different. With subscription-driven models, it's more obvious that your metrics should be long-term. With ad-driven models, long-term metrics are harder to maintain, and many execs don't realize they need to. If execs let teams optimize for clicks, they eventually find those clicks have long-term costs as customers start leaving, but unfortunately it's quite costly to reverse the damage once you're far down this path. In the long-term, I think you can improve the profitability of an ad-driven platform by making the content and ads work better for customers and advertisers (raising ad spend, increasing ad competition for the space, and reducing ad blindness) and by retaining customers longer (along with recruiting new customers). That looks a lot like the strategy for increasing the profitability of a subscription-driven platform. So I don't see much of a difference between ad-supported and subscription-supported business models other than the temptation for executives to inadvertently optimize for the wrong thing.03:42
Links 25/03/2023: Gordon Moore (of Moores Law) is Dead Techrights
Contents
- GNU/Linux
- Distributions and Operating Systems
- Free, Libre, and Open Source Software
- Leftovers
- Gemini* and Gopher
-
GNU/Linux
-
Desktop/Laptop
-
CNX Software Framework modular laptop adds Intel Raptor Lake, AMD Ryzen motherboards, 16-inch laptop frame
When we first covered the Framework modular laptop in 2021 it came with a choice of 11th generation Intel Tiger Lake Core processors, up to 64GB RAM, up t...
-
-
Saturday, 25 March
23:46
Links 25/03/2023: Decade of Docker, Azure Broken Again Techrights
Contents
- GNU/Linux
- Distributions and Operating Systems
- Free, Libre, and Open Source Software
- Leftovers
- Gemini* and Gopher
22:35
AI Researcher Goaded Chat GPT to Attempt to Jailbreak Itself and Access the Internet cryptogon.com
It wrote a Python script for Kosinski to run on his computer that would have passed data into the system via the API. Its all fun and games until someone loses an eye. Via: inews: Concerns have been raised about the extent of artificial intelligence GPT-4s power to take over computers after the AI chatbot []
20:57
New No Deposit Free Spins Australia Stebbings Automotive, Restoration And Fabrication h+ Media
New No Deposit Free Spins Australia Stebbings Automotive, Restoration And Fabrication
When utilizing this characteristic, you can expect instantaneous response with a polite and professional representative. Everything on the cellular website resembles what youll find when using the app. If either you choose to bet from the cellular website or using the app, you should not have any cause to fret since they are each fast. This makes them one of the best choices for all your betting wants while on the transfer, or when you arent using a computer.
For extra information or assist, use the links to your right. In India, sports betting apps are shortly choosing the tempo and becoming punters first choice to guess on their favorite sports activities and games. There are not any restrictions or central laws that forestall Indian punters from utilizing betting apps in the region.
Many 5 greenback deposit casinos NZ use this banking method as it is a very safe means of depositing money. This platform additionally has a $ 5 minimum deposit cellular on line casino compatible with Android, iPhone, Blackberry, and tablets. The platform has a great payout rate of ninety five.73%, giving you an excellent probability to make a good return out of your bankroll. Being multilingual is considered one of the most resourceful options of this platform. This platform supports English, German, Italian, French, and Spanish. If you are not swept off your feet, then the banking flexibility could just do that.
It means that as soon as you log in and earlier than you make a deposit, you get numerous free spins to check out the games. But understand that these bonuses come with playthrough requirements. With a great Montreal casino on-line real wins are possible and your cash can stretch a lot additional, and this Sunpura Casino overview of the reside vendor video games will prove it. Other than getting Blackjack from the bounce, but ultimately it has made the game practically unimaginable to beat for anybody not outfitted and proficient with their very own HUDs. The most important factor is that you know how to say 1xbet promo codes and purchase a quantity of bonuses sooner or later.
You must redeem the bonus inside 30 days of registration. Otherwise, the bonus and all winnings made from the bonus will be revoked. Casinobonusesfinder.co.nz must evaluation the security of your connection earlier than continuing. Bet and get place a bet and get a free wager of a special value to the actual money stake, usually as twice your preliminary stake. Bookmakers present their registration provides in some ways but one can find it simple as she or he indicators up to claim the designated bonus.
However, there are different excellent 1xBet offers you should try. Even so, offers from different bookies such as the Betsafe new buyer supply are worthy of your consideration. You will solely receive the bonus after creating an account, verifying...
19:48
[Meme] Money Deducted in Payslips, But Nothing in Pensions Techrights
Summary: Sirius Open Source has stolen money from staff (in secret)
19:16
1xbet Promo Code India 2023 Vip Bonus h+ Media
1xbet Promo Code India 2023 Vip Bonus
In this Sportscafe review, well go through the completely different options and functionalities that 1xBet provides to Indian prospects. Our record of prime on line casino video games in India, play on line casino video games demo in enjoyable mode and each time you are prepared, play for real money. The MIB sends letters to particular person gamers as and when a violation is dropped at its notice. Offshore on-line betting platforms Fairplay, PariMatch, Betway, Wolf 777, and 1xBet have been advertising on TV and digital platforms via surrogate information websites. Sometimes, punters prefer certain forms of bets over others when putting wagers in on-line bookmakers. If theres data out there on wagering trends for the match were reviewing, well let you know what the public thinks.
1xBet India operates with a license issued by the Government of Curacao and is thus authorized in India. Indian legislation doesnt prohibit betting or gambling in India. However, gamers should seek the guidance of their native legal guidelines and rules before using 1xBet India services. 1xBet India also offers its customers a number of bonus programs, together with welcome bonuses, loyalty factors, free bets, and more. If you like to guess on cricket and also take pleasure in wagering on other sports, few bookmakers will give the selection that you can see on 1XBet.
The only drawback is the attack, where there are not any main world football celebrities. However, the star midfielders more than compensates for this. On the positioning at the bottom of the web page there is an option to alter one or one other kind 1xbet betting odds.
You wont find the chances of two.00 on one bookie and four.00 on one other. Instead, the distinction might be zero.1 or zero.2 in most cases. Still, if the percentages are higher at a given betting website, we are going to ensure to deliver your consideration to it in our online betting tips. After fulfilling the basic requirements of the bookmakers workplace, the player will want to make a deposit. Remember that the upper the deposit amount, the larger the reward.
Keep in thoughts that only people who have reached the age of 18 years can register at such betting corporations. In addition, a choice of two completely different bonuses shall be obtainable to you directly within the registration type, nonetheless, you can even choose them later. You may read the detailed directions on how to enroll on the 1xBet website below.
Second, to that is the tremendous quantity of fee options and the wide range of events and activities on which you can guess. Although essentially the most accountable approach to gamble at 1xbet India is not to gamble there at all, the site does offer basic self-exclusion options. Unfortunately, the on line casino has allegedly used these self-exclusion options to set off a pressured cease for some players acco...
18:01
IRC Proceedings: Friday, March 24, 2023 Techrights
Also available via the Gemini protocol at:
- gemini://gemini.techrights.org/irc-gmi/irc-log-techrights-240323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-240323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-social-240323.gmi
- gemini://gemini.techrights.org/irc-gmi/irc-log-techbytes-240323.gmi
Over HTTP:
|
|
|
|
|
|
|
|
|
|
... |
17:29
The Corporate Media is Not Reporting Large-Scale Microsoft Layoffs (Too Busy With Chaffbot Puff Pieces), Leaks Required to Prove That More Layoffs Are Happening Techrights
New screenshot from thelayoff.com:
New article (behind paywall, posted just before the weekend, hence limited audience):
Summary: Just as we noted days ago, there are yet more Microsoft layoffs, but the mainstream media gets bribed to go gaga over vapourware and chaffbots (making chaff like Bill Gates Says pieces) instead of reporting actual news about Microsoft
16:48
Sirius Open Source Pensiongate: Time to Issue a Warrant of Arrest and Extradite the Fake Founder of Sirius Techrights
Previously/context:
- Sirius Open Source and the Money Missing From the Pension
- Sirius Finished
- Sirius Open Source Pensiongate: An Introduction
- When the Pension Vanishes
- Sirius Open Source Pensiongate (Sirius Financial Crisis): Company May Have Squandered/Plundered the Pensions of Many People
- Sirius Open Source Pensiongate: Pension Providers That Repeatedly Lie to the Clients and Dont Respond to Messages
- NOW: Pensions Lies to Its Customers and Protects Abusers
- Sirius Open Source Pensiongate: Its Beginning to Look Like a Criminal Matter and Sirius is in Serious Trouble
- Sirius Open Source Pensiongate: A Long Story Merits Many Videos
- An Update on Sirius Open Source Pensiongate: Its Looking Worse Than Ever
Summary: Sirius Open Source is collapsing, but that does not mean that it can dodge accountability for crimes (e.g. money that it silently stole from its staff si...
05:31
Links 24/03/2023: Microsofts Fall on the Web and Many New Videos Techrights
Contents
- GNU/Linux
- Distributions and Operating Systems
- Free, Libre, and Open Source Software
- Leftovers
- Gemini* and Gopher
-
GNU/Linux
-
Desktop/Laptop
-
Toms Hardware Framework Previews 16-inch Laptop With Upgradeable Graphics, Adds Ryzen Mainboards
Framework...
-
-