IndyWatch Science and Technology News Feed Archiver | |
Go Back:30 Days | 7 Days | 2 Days | 1 Day |
|
IndyWatch Science and Technology News Feed was generated at World News IndyWatch. |
Boston Dynamics: Stretch cryptogon.com
Via: Boston Dynamics:
Display your application data with Streamlit Linux.com
Streamlit integrates with Python code and offers a low barrier of entry to visualizing application data in sophisticated ways.
Read More at Enable Sysadmin
The post Display your application data with Streamlit appeared first on Linux.com.
Clipboard-injecting malware disguises itself as Tor browser, steals cryptocurrency Graham Cluley
Malware, disguised as copies of Tor, has stolen approximately US $400,000 worth of cryptocurrency from almost 16,000 users worldwide.
Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor The Hacker News
A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range of industries globally," Recorded Future told The Hacker News. "The group has shown the ability to
EU Planning to Invest Frozen Russian Assets, Give Returns to Ukraine cryptogon.com
$300 billion. Via: The Libertarian Institute: The European Union is developing proposals on what to do with assets seized from the Russian central bank by member states. According to European officials, the bloc may invest the money and hand the returns to Ukraine. Anders Ahnlid, a Swedish diplomat who leads the commission exploring what to []
A Miscarriage of Statistics: The Thalidomide Sequel cryptogon.com
Via: Arkmedics Blog: The normal miscarriage rate of a healthy population is somewhere around 5-6%. For years, studies have been misrepresenting rates of 15-20% so that when new drugs are tested in pregnancy, a doubling of the miscarriage rate will fly under the radar. This is how the COVID vaccine managed to be sold as []
Electric Skateboard Becomes Mobile Skate Park Hackaday
While building a skate park might not appear to have much in common with software development, at they very least, they both suffer from a familiar problem: scalability. Bigger skate parks need more ramps and features, and theres no real way to scale up a construction project like this efficiently like you could with certain kinds of software other than simply building more features. This was something [Kirk] noticed, but was able to scale up a skate park in a way weve never thought of before. He built a mobile skateboard ramp that can turn any place into a skate park.
The mobile and approximately sidewalk-width platform is able to move around thanks to an electric skateboard as its foundation. It adds a NVIDIA Jetson Nano for control with a PS4 controller for input, although steering a skateboard with an actuator took a few prototypes to figure out since skateboards are designed to be steered by shifting the riders weight. Since they are already designed to carry a human-amount of weight, though, it was at least able to tote the ramp around with relative...
MSI Laptops To Enjoy Better Linux Support Beginning With The 6.4 Kernel Phoronix
Modern MSI laptops will see improved feature support with the upstream Linux 6.4 kernel this summer thanks to a new driver set to be merged...
RESTRICT Act Is Orwellian Censorship Grab Disguised As Anti-TikTok Legislation cryptogon.com
Via: ZeroHedge: The RESTRICT Act, introduced by Sens. Mark Warner (D-VA) and Tom Thune (R-SD), is aimed at blocking or disrupting transactions and financial holdings linked to foreign adversaries that pose a risk to national security, however the language of the bill could be used to give the US government enormous power to punish free []
New Deadly Superfungus Can Now Be Found in Half of US States Lifeboat News: The Blog
O.o!!!
A fungal superbug called Candida auris is spreading rapidly through hospitals and nursing homes in the US. The first case was identified in 2016. Since then, it has spread to half the countrys 50 states. And, according to a new report, infections tripled between 2019 and 2021.
This is hugely concerning because Candida auris is resistant to many drugs, making this fungal infection one of the hardest to treat.
Candida auris is a yeast-type fungus that is the first to have multiple international health alerts associated with it. It has been found in over 30 countries, including the UK, since it was first identified in Japan in 2009.
15 cars derail in north Butler County in train incident Lifeboat News: The Blog
Over a dozen railcars on a Canadian National Railway train had derailed in Northern Butler County.
A spokesperson for CN says crews are responding to the incident near Slippery Rock, PA.
They say 15 railcars, all containing iron ore derailed.
There are no dangerous goods on the train and there are no reported fires or injuries, a spokesperson told KDKA Radio in a statement.
Minnesota train carrying ethanol derailed, caught fire; evacuations ordered Lifeboat News: The Blog
BNSF said about 22 rail cars carrying mixed freight, including ethanol and corn syrup, derailed at 1:02 a.m. local time Thursday. Four rail cars caught fire, the BNSF said. There are no other hazardous materials on the train and no injuries were reported, the company said.
BNSF personnel are responding to assess the derailment site and will be working closely with local first responders, company spokesperson Lena Kent said in a statement.
Astronomers Just Discovered a Supermassive Black Hole. Hard to Comprehend How Big This Thing Is. Lifeboat News: The Blog
Scientists at Durham University say the black hole is 30 billion times the size of the sun.
AI can replicate voices in high-tech phone call scams, FTC warns Lifeboat News: The Blog
The FTC is sounding the alarm on artificial intelligence being used to simulate someones voice in imposter scams, which was the most commonly reported fraud in 2022. NBC News Emilie Ikeda spoke to one father who got a call that sounded like his daughter and said she was being held hostage.
Scientists identify cellular signaling pathway as key player in metastasis Lifeboat News: The Blog
A team of scientists at the Sloan Kettering Institute have identified the STING cellular signaling pathway as a key player in keeping dormant cancer cells from progressing into aggressive tumors months, or even years, after theyve escaped from a primary tumor.
The findings, which were published in Nature on March 29, suggest that drugs to activate STING could help prevent the spread of cancer to new sites throughout the bodya process known as metastasis.
In mouse models of lung cancer, treatment that stimulated the STING pathway helped eliminate lingering cancer cells and prevent them from progressing to aggressive metastases. Known as micrometastases, these cells, which can be found individually and in small clusters, are too small to be detected with standard imaging tests.
The Xaver 1000 is a next-gen radar that can actually see through walls Lifeboat News: The Blog
Camero-Tech, a firm based in Israel, has created a next-generation portable, high-performance imaging device that can actually see through walls. Called the Xaver 1,000, according to a press release from Camero-Tech, the company has now officially added this next-generation of the companys product line.
Camero-Tech is a member of Samy Katsav Group (aka SK Group), and a world leader and pioneer in developing, producing, and marketing pulse-based UWB micro-power radar, like the Xaver 1000.
Transplantation of clinical-grade human neural stem cells reduces neuroinflammation, prolongs survival and delays disease progression in the SOD1 rats Lifeboat News: The Blog
The hNSCs used in the study have been produced and characterised in the Cell Factory and Biobank of Santa Maria Hospital (Terni, Italy), authorised by the Italian Medicine Agency (AIFA) for the production of hNSCs to be used for clinical trials (aM 54/2018). The methodology applied to isolate, expand, characterise and cryopreserve the lines is based on the Neurosphere Assay26,41,54, and has been used for the production of the cells utilised in phase I trials for Amyotrophic Lateral Sclerosis patients (NCT0164006723) and for Secondary Progressive Multiple Sclerosis patients (NCT03282760, ongoing).
The entire production process, starting from tissue procurement to cryopreservation is compliant to cGMP guidelines and approved...
Quantum on a Microgram Scale Lifeboat News: The Blog
An experiment with an acoustic resonator demonstrates the quantum superposition of atomsnearly matching the ability of matter interferometers to test quantumness on macroscopic scales.
Were nowhere near reaching the maximum human life span, controversial study suggests Lifeboat News: The Blog
Human longevity records may be broken in the next few decades, a new modeling study suggests.
The Security Vulnerabilities of Message Interoperability SoylentNews
Jenny Blessing and Ross Anderson have evaluated the security of systems designed to allow the various Internet messaging platforms to interoperate with each other:
The Digital Markets Act ruled that users on different platforms should be able to exchange messages with each other. This opens up a real Pandora's box. How will the networks manage keys, authenticate users, and moderate content? How much metadata will have to be shared, and how?
In our latest paper, One Protocol to Rule Them All? On Securing Interoperable Messaging, we explore the security tensions, the conflicts of interest, the usability traps, and the likely consequences for individual and institutional behaviour.
Originally spotted on Schneier on Security.
One Protocol to Rule Them All? On Securing Interoperable Messaging, Jenny Blessing, Ross Anderson https://doi.org/10.48550/arXiv.2303.14178
Read more of this story at SoylentNews.
Lightning Eyes 10-Minute Charging for its Motorbikes IEEE Spectrum
Lightning Motorcycles is already known for record-setting speeds. In 2011, the companys LS-218 SuperBike set a landspeed record for production electric motorcycles at the Bonneville Salt Flats in Utah, with a 347.55 kilometer-per-hour (215.91 mile-per-hour) average run and a 351 kph (218 mph) peak. That SuperBike topped every internal combustion engine motorcycle en route to a Pikes Peak International Hill Climb win in 2013, on the Colorado gantlet thats among the worlds highest-profile tech challenges for cars and motorcycles alike.
The Southern California company is looking to speed things up againthis time with record-setting charging stops. Founder Richard Hatfield claims that the companys Lightning Strike motorcycle can fill its battery from 20 percent to 80 percent in a little over 10 minutes on a Level 3 DC fast charger. That time isnt much longer than a gasoline fill-up, especially for motorcyclists who dont mind some stretching and recovery after hours in the saddle.
Faster pit stops could also help unlock sales for electric two-wheelers, which have been slow to catch on due to dawdling charge times and limited riding range. Whereas electric cars have vastly more space for batteries, motorcycle purveyors can only stuff so many cells into a slender frame before a bike becomes impractically heavy, cumbersome to ride, or ungainly in appearance.
Lightning Motorcycles claims that the Lightning Strike motorcycle can fill its battery from 20 percent to 80 percent in a little over 10 minutes on a Level 3 DC fast charger. Lightning Motorcycles
Costs are becoming competitive, so the last big issues are range and charge ti...
The 10 Best Cybersecurity Companies in the UK HackRead | Latest Cybersecurity and Hacking News Site
By Owais Sultan
Discover the best cybersecurity companies to protect your business, and learn how to find the top ones that
This is a post from HackRead.com Read the original post: The 10 Best Cybersecurity Companies in the UK
New California Transgender Law Endangers Parental Rights Worldwide, Legal Group Warns: Drastic Overreach cryptogon.com
Gender distress. Via: Fox: A new state law in California could incentivize bad actors from around the world to skirt custodial laws by relocating to the Golden State, a conservative legal group claims. We think its a drastic overreach by California, Emilie Kao, senior counsel for Alliance Defending Freedom (ADF), told Fox News Digital. Not []
Links 30/03/2023: LibreOffice 7.5.2 and Linux 6.2.9 Techrights
3CX voice and video conferencing software victim of a supply chain attack Security Affairs
As of Mar 22, 2023, SentinelOne observed a spike in behavioral detections of the 3CXDesktopApp, which is a popular voice and video conferencing software product.
The products from multiple cybersecurity vendors started detecting the popular software as malware suggesting that the company has suffered a supply chain attack.
SentinelOne is tracking the malicious activity as SmoothOperator, the company speculates that the threat actor behind the attack has set up its infrastructure starting as early as February 2022.
The company started distribut...
X.org vulnerability and releases LWN.net
The X.Org project has announced a vulnerability in its X server and Xwayland (CVE-2023-1393).
This issue can lead to local privileges elevation on systems where the X server is running privileged and remote code execution for ssh X forwarding sessions.[...] If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.
That has led to the release of xorg-server 21.1.8, xwayland 22.1.9, and xwayland 23.1.1.
Re: polkitd service user privilege separation Open Source Security
Posted by Jordan Glover on Mar 30
Is it valid conclusion that polkitd would be better of just running as root? That would clear any possible confusion.[$] The trouble with MODULE_LICENSE() in non-modules LWN.net
The kernel's hierarchical maintainer model works quite well from the standpoint of allowing thousands of developers to work together without (often) stepping on each others' toes. But that model can also make life painful for developers who are trying to make changes across numerous subsystems. Other possible source of pain include changes related to licensing or those where maintainers don't understand the purpose of the work. Nick Alcock has managed to hit all of those hazards together in his effort to perform what would seem like a common-sense cleanup of the kernel's annotations for loadable modules.
AMD EPYC Milan Still Gives Intel Sapphire Rapids Tough Competition In The Cloud Phoronix
While waiting for AMD 4th Gen EPYC "Genoa" instances to become available via the major public cloud providers, I was curious to see how existing AMD EPYC Milan instances compare to Intel's new Sapphire Rapids instances in public preview on Google Cloud. While expecting some friendly competition, at the same vCPU size EPYC Milan was managing to deliver not only better performance-per-dollar but also even better raw performance in numerous workloads against the Google Cloud C3 Sapphire Rapids.
Extraordinary: The Seeding cryptogon.com
If this topic interests you, see the books by David M. Jacobs: Secret Life: Firsthand, Documented Accounts of Ufo Abductions The THREAT: Revealing the Secret Alien Agenda Walking Among Us: The Alien Plan to Control Humanity Via: Unidentified:
Distribution Release: OpenMandriva 23.03 "ROME" DistroWatch.com: News
OpenMandriva is a general purpose operating system. The project has published new media for the distribution's rolling release branch, called ROME. The project's latest ROME snapshot introduces new editions, including Server builds which do not have a graphical user interface. "In addition to the previously released images, ROME....
PCIe For Hackers: Extracting The Most Hackaday
So, you now know the basics of approaching PCIe, and perhaps you have a PCIe-related goal in mind. Maybe you want to equip a single-board computer of yours with a bunch of cheap yet powerful PCIe WiFi cards for wardriving, perhaps add a second NVMe SSD to your laptop instead of that Ethernet controller you never use, or maybe, add a full-size GPU to your Raspberry Pi 4 through a nifty adapter. Whatever you want to do lets make sure there isnt an area of PCIe that you arent familiar of.
...
VP9/AV1 Simulcast Support For WebRTC Coming In Chrome 113 Phoronix
VP8 and H.264 have long been supported as part of WebRTC simulcast in the Chrome web browser while with the upcoming Chrome 113 release, VP9 and AV1 simulcast support is being enabled...
Security updates for Thursday LWN.net
Security updates have been issued by Debian (xorg-server and xrdp), Fedora (mingw-python-certifi, mingw-python3, mingw-zstd, moodle, python-cairosvg, python-markdown-it-py, redis, xorg-x11-server, and yarnpkg), Slackware (mozilla and xorg), SUSE (grub2, ldb, samba, libmicrohttpd, python-Werkzeug, rubygem-rack, samba, sudo, testng, tomcat, webkit2gtk3, xorg-x11-server, xstream, and zstd), and Ubuntu (linux, linux-aws, linux-dell300x, linux-kvm, linux-oracle, linux-raspi2, linux-aws-5.4, linux-azure-5.4, linux-gcp-5.4, linux-hwe-5.4, linux-ibm-5.4, linux-oracle-5.4, linux-raspi-5.4, linux-gke, linux-gke-5.15, linux-ibm, linux-kvm, php-nette, and xorg-server, xorg-server-hwe-18.04, xwayland).
Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986) Help Net Security
Attackers are exploiting a critical vulnerability (CVE-2022-47986) in the IBM Aspera Faspex centralized file transfer solution to breach organizations. About CVE-2022-47986 IBM Aspera Faspex is used by organizations to allow employees to quickly and securely exchange files with each other. (The files are uploaded to and downloaded from a centralized Aspera transfer server.) CVE-2022-47986 is a YAML deserialization flaw that can be triggered by remote attackers sending a specially crafted obsolete API call. It affects More
The post Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986) appeared first on Help Net Security.
New Mlofe Linux malware linked to Chinese APT groups Security Affairs
Cybersecurity researchers from ExaTrack recently discovered a previously undetected malware family, dubbed Mlofe, targeting Linux servers.
The researchers linked with high-confidence this malware to China-linked APT groups, in particular the Winnti group.
The Mlofe malware includes a kernel-mode rootkit thats based on an open-source project referred to as Reptile.
The analysis of the vermagic metadata revealed that it is experts noticed that the rootkit has a limited set of features.
The attackers use shell commands to download the installer and a custom binary package from a remote server and install the implant and the rootkit.
The installer is written in C++, it takes the binary package as an argument and then extracts the rootkit as well as a server implant module.
The researchers noticed that the implant is currently under active development.
The malware configuration is encrypted using the RC4 algorithm in the two early samples, while authors used a simple xor with a single byte key (0x43) in the most recent sample analyzed by the experts.
The configuration format in the first sample contains all elements in encrypted form, while the most recent sample has only the C&C domain encrypted.
The implant supports two mechanisms of persistence, depending on the privileges of his execution. When it runs as the root user, it tries to wri...
CVE-2023-28935: Apache UIMA DUCC: DUCC (EOL) allows RCE Open Source Security
Posted by Arnout Engelen on Mar 30
Severity: moderatePopular PABX platform, 3CX Desktop App suffers supply chain attack HackRead | Latest Cybersecurity and Hacking News Site
By Deeba Ahmed
According to cybersecurity researchers, a nation-state actor, LABYRINTH CHOLLIMA, is suspected to be behind the multi-stage attack on 3CXDesktopApp.
This is a post from HackRead.com Read the original post: Popular PABX platform, 3CX Desktop App suffers supply chain attack
Seattle-Area County Plans World Leading Sustainable Aviation Fuel R&D Center SoylentNews
Seattle-area county plans 'world leading' sustainable aviation fuel R&D center:
Washington state wants to create a "world leading" research and development center focused on low-carbon, sustainable aviation fuels. The facility is planned for Snohomish County's Paine Field Boeing's historic home and a hub for low-carbon aerospace startups including ZeroAvia and MagniX.
Snohomish County Executive Dave Somers on Tuesday announced plans for the center, which would be built in partnership with Washington State University. Sen. Marko Liias and Rep. Brandy Donaghy, both leaders from the county, are calling for $6.5 million in the state's transportation budget to get the project rolling.
"We have been at the forefront of the aviation industry for decades and this will now put us in a place to lead the world in shaping the future of clean aviation," said Liias, chair of the Washington State Senate Transportation Committee.
WSU has a Bioproducts, Science, and Engineering Laboratory at its Tri-Cities campus. One of the focal areas for the lab is biofuels, which includes sustainable aviation fuels.
Read more of this story at SoylentNews.
EEVDF Scheduler Patches Updated For The Linux Kernel Phoronix
Intel Linux engineer Peter Zijlstra has sent out updated patches on the kernel patch series he's been working on the past several months around the "EEVDF" CPU scheduler for improving upon the current CFS scheduler code...
New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices The Hacker News
A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming could be abused to hijack TCP connections or intercept client and web traffic, researchers Domien Schepers, Aanjhan Ranganathan,
Cyberstorage: Leveraging the Multi-Cloud to Combat Data Exfiltration The Hacker News
Multi-cloud data storage, once merely a byproduct of the great cloud migration, has now become a strategy for data management. "Multi-cloud by design," and its companion the supercloud, is an ecosystem in which several cloud systems work together to provide many organizational benefits, including increased scale and overall resiliency.And now, even security teams who have long been the holdout
Make Anything Clockwork With This Ridiculous Stick-On Device Hackaday
Clockwork devices were popular right up until motors and electronics proved far more capable in just about every way. However, theres something charming about a device you can wind up to make it do its thing. To recreate this feeling on modern technology, [Kousuke Saito] created a clockwork winder that you can fit to a wide variety of modern appliances.
Another Budget Gigabyte Ryzen Motherboard Gets Working Sensor Support With Linux 6.3 Phoronix
For those that happen to have a Gigabyte A320M-S2H V2 micro-ATX motherboard or you have been looking out for a low-end, budget motherboard for an AMD Ryzen AM4 build, the A320M-S2H V2 is the latest seeing working sensor support with the mainline Linux kernel...
Arm Scalable Matrix Extension 2 "SME2" Support Lands In GNU Binutils Phoronix
Toward the end of last year Arm detailed Scalable Matrix Extension 2 (SME2) for adding more capabilities to Armv9-A around speedy matrix processing. Merged this morning is initial support for SME2 within Binutils as part of the GNU compiler toolchain for the GNU Assembler...
3CX customers targeted via trojanized desktop app Help Net Security
Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began warning on Wednesday. What is 3CX? 3CX is Voice over Internet Protocol (VoIP) private automatic branch exchange (PABX) software that provides video conferencing and live chat capabilities. 3CX offers a More
The post 3CX customers targeted via trojanized desktop app appeared first on Help Net Security.
AlienFox Malware Targets API Keys and Secrets from AWS, Google, and Microsoft Cloud Services The Hacker News
A new "comprehensive toolset" called AlienFox is being distributed on Telegram as a way for threat actors to harvest credentials from API keys and secrets from popular cloud service providers. "The spread of AlienFox represents an unreported trend towards attacking more minimal cloud services, unsuitable for crypto mining, in order to enable and expand subsequent campaigns," SentinelOne security
Links 30/03/2023: WordPress 6.2 Dolphy and OpenMandriva ROME 23.03 Techrights
Not long after updating its Pangolin laptop line, System76 is at
Liquid Salts Bring Push-Button Lenses Into Focus SoylentNews
First-ever piezoelectric liquids could spark new technologies in optics and hydraulics:
Scientists have discovered the first known piezoelectric liquids, which are able to convert mechanical force to electric charge, and vice versa. The generally environmentally friendly nature of these materials suggests they may find many applications beyond standard piezoelectric compounds, such as novel, electrically controlled optics and hydraulics. However, much remains unknown about how they work, and therefore what they may be capable of.
Piezoelectricity was first discovered in 1880. The effect has since found a wide range of applications, including cellphone speakers, inkjet printers, ultrasound imaging, sonar equipment, pressure sensors, acoustic guitar pickups, and diesel fuel injectors.
Until now, all known piezoelectric materials were solid. Now scientists have for the first time discovered piezoelectric liquids. They detailed their findings in a study online 9 March in the Journal of Physical Chemistry Letters.
The researchers experimented with ionic liquids. These fluids are saltscompounds that are each made of both a positively charged cation and a negatively charged anionthat are liquid at unusually low temperatures. In comparison, table salt melts at roughly 800 C.
"They are often relatively viscousthink about them like motor oil, or maple syrup," says Gary Blanchard, one of the authors of the study and a professor of chemistry at Michigan State University, in East Lansing.
Read more of this story at SoylentNews.
Re: polkitd service user privilege separation Open Source Security
Posted by Johannes Segitz on Mar 30
yes, that's what I've mentioned in my reportExposing Sirius Corporation as a Corrupt Corporation schestowitz.com
Video download
link | md5sum
Victims of Open Source Charlatans
Creative Commons Attribution-No Derivative Works 4.0
Summary: Following todays part about the crimes of Sirius Open Source another video seemed to be well overdue (those installments used to be daily); the video above explains to relevance to Techrights and how workers feel about being cheated by a company that presents itself as Open Source even to some of the highest and most prestigious public institutions in the UK
Sirius is Britains Most Respected and Best Established Open Source Business, According to Sirius Itself, So Why Defraud the Staff? Techrights
Video download
link | md5sum
Victims of Open Source Charlatans
Creative Commons Attribution-No Derivative Works 4.0
Summary: Following today's part about the crimes of Sirius Open Source another video seemed to be well overdue (those installments used to be daily); the video above explains to relevance to Techrights and how workers feel about being cheated by a company that presents itself as Open Source even to some of the highest and most prestigious public institutions in the UK
Z-Library Raises Tens of Thousands of Dollars to Keep its Pirate Library Running TorrentFreak
Z-Library has become the go-to site for many readers in recent years by providing access to millions of books, for free.
The sites continued ability to do so was put to the test late last year when U.S. law enforcement seized over 200 domain names connected to the site. Two alleged Z-Library operators were arrested as part of a criminal investigation.
Despite losing two alleged members of its team, as well as over 200 domain names, Z-Library had no intention of throwing in the towel. The site remained accessible through the dark web and a few weeks ago made a full comeback on the clearnet as well.
The new setup comes with some technical tweaks. For example, every user now has a unique subdomain to access Z-Library, which may make it more difficult for law enforcement to take down the whole operation all at once.
Implementing these changes and some others, including a new recommendation section and Telegram bot, required substantial investments. To help pay the bill, Z-Library is now asking its users to chip in.
In a message posted earlier this month, the Z-Library team revealed that the U.S. law enforcement actions caused substantial damage. While the 220 terabytes of data werent lost, getting everything up and running again wasnt easy.
[A]lmost all public domains of the library were blocked in November 2022 by order of the US Secret Service. The inner infrastructure of the project suffered some substantial damage too, Z-Library said.
Today, we are still under unprecedented pressure. At the moment, Z-Library is going through the hardest times in all the 14 years of its existence. The library might work with interruptions, and we ask you to be patient.
These comments are part of a donation drive encouraging users to contribute. Z-Library offers a variety of support options, including crypto, gift cards, WeChat, and Alipay.
We will be extremely thankful for every dollar that will be donated, Zlibrary notes.
Generating Instead of Storing Meshes Hackaday
The 64kB is a category in the demoscene where the total executable size must be less than 65,536 bytes, and at that size, storing vertexes, edges, and normal maps is a waste of space. [Ctrl-Alt-Test] is a French Demoscene group that has been doing incredible animations for the last 13 years. Theyve written an excellent guide on how theyve been procedurally generating the meshes in their demos.
It all starts with cubes. By stacking them, overlaying them, reusing them, and tiling them you can get better compression than raw vertexes. Revolution was the next trick, as it uses just a few points, plotting it via Catmul-Rom splines, and revolving around an axis. The numbers are pairs of 32-bit floats and before compression, a detailed pawn on a chess board can weigh in at just 40 bytes. Just these few techniques can take you surprisingly far (as seen in the picture above).
They later worked on deforming cubes and placing them into a semi-randomized column, which happened to look a lot like plants. This isnt the first generated vegetation weve seen, and the demoscene te...
IRC Proceedings: Wednesday, March 29, 2023 Techrights
Also available via the Gemini protocol at:
Over HTTP:
... |
Nokia Plans to Put 4G Internet on the Moon This Year SoylentNews
If you believe, they'll put 4G internet on the moon:
A Nokia executive recently confirmed the company is preparing to launch 4G internet on the moon, hopefully before the end of 2023. We put a man on the moon in 1969, and now the Finnish Telecom company wants to give the rock an internet connection.
For those unaware, Nokia announced these bold ambitions back in 2020 when NASA selected it for the project, and now it sounds like things are moving in the right direction.
According to CNBC, this is a big undertaking and will be a joint mission by Nokia, NASA, SpaceX, and others. The company Intuitive Machiness upcoming IM-2 mission, currently scheduled to launch in November aboard a SpaceX Falcon 9 rocket, will carry the 4G payload.
Once delivered, Intuitive Machines' Nova-C lunar lander will be able to have an active connection with its Rovers, helping aid in lunar discoveries, not to mention developing a human presence on the surface of the moon.
The hope is that this system can meet the needs of future space missions, including NASA's Artemis mission. If everything goes according to plan, Nokia's moon 4G signal will improve critical command and control functions, give teams remote control of rovers, and offer real-time navigation, not to mention stream back HD video of the moon's surface (and more) to Earth.
Read more of this story at SoylentNews.
Falun Gong Doctrine Terra Forming Terra
Wind Power Fails on Every Count: Oxford Scientist Explains the Math Terra Forming Terra
Here we are and it is literally forty years on in the wind power
build out. I have yet to see someone come in and show me that these
plants ever simply pay for themselves without all sorts of tax
breaks and all that. I do not think that they actually can. It is
like writing off a million dollar investment just to earn a living
wage.
Top 5 Ancient Greek Inventions We Still Use Today Terra Forming Terra
5 Months to Kill: The terrifying relationship between Deaths, COVID Deaths & Covid-19 Vaccination Terra Forming Terra
[Meme] Waiting for Standard Life to Deal With Pension Fraud Techrights
Summary: The crimes of Sirius Open Source were concealed with the authoritative name of Standard Life, combined with official papers from Standard Life itself; why does Standard Life drag its heels when questioned about this matter since the start of this year?
3CX Desktop App Supply Chain Attack Leaves Millions at Risk - Urgent Update on the Way! The Hacker News
3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream customers. "The trojanized 3CX desktop app is the first stage in a multi-stage attack chain that pulls
Former Sirius Open Source Staff Shocked to Discover the Company Committed Fraud schestowitz.com
Summary: Crimes committed by the company that I left months ago are coming to light; today we share some reactions from other former staff (without naming anybody)
TODAY we take a look at the nature of the crimes of Sirius Open Source, what pension providers are saying, and what former colleagues say about the company upon realising that it is corrupt (spoiler: some arent even surprised).
We shall start with the pension providers, with focus on Standard Life (the other provider has not even responded yet!) as about 6 hours after I complained about it (and made this meme) Standard Life contacted me by E-mail to say: (days late already)
Dear Dr Schestowitz
Thank you for your email.
We are carefully considering the concerns you have raised. Im sorry if the time this is taking is frustrating for you, but we believe it is appropriate given the situation.
I will be in touch with you again as soon as possible.
Yours sincerely
??????????? ??????????
Complaint Consultant
This does not say anything concrete. It has been like this since March 7th and were soon in April. Sirius is running out of clients, i.e. out of revenue stream. How long must one wait? When it comes to Standard Life, the interactions over the telephone go back to January. Why does this take so long to progress? What does that tell us about the pensions/financial sector (Standard Life is a giant in this sector)?
About a month ago I said to the company, Sirius: I spoke to numerous managers at Standard Life for 3 months. They reached the conclusion that myself and colleagues never had any money deposited there money taken for Pension off of our salary, as per the payslips for 5+ years. This suggests pension fraud and an actual crime. I assume, moreover, that [wife] (as Director and spouse) was fully aware of this. In the name of journalistic integrity I must first ask you if this is patently false a chance for you to comment in your defence. A lack of reply can be interpreted as implicit admission of guilt.
To paraphrase what you said in a call back in November, it doesnt look good.
There has been no response since. None. They know theyre guilty. Days later I wrote to say: You did not respond. I assume you have nothing to say in your defense. My E-mails to [CEO] are bouncing, so I assume he wants nothing to do with the company anymore. A month ago you failed to provide a physical address for the company. Now it is moreover headless (the CEO left). [PA] is still based in the UK...
Former Staff of Sirius Open Source Responds to Revelations About the Companys Crimes Techrights
Previously/context:
Summary: Crimes committed by the company that I left months ago are coming to light; today we share some reactions from other former staff (without naming anybody)
US sends million-dollar scammer to prison for four years Graham Cluley
31-year-old Solomon Ekunke Okpe, of Lagos, was a member of a gang that devised and executed a variety of scams - including business email compromise (BEC), romance scams, working-from-home scams, and more - between December 2011 and January 2017. Read more in my article on the Hot for Security blog.
Compose Any Song With Twelve Buttons Hackaday
Limitations placed on any creative process often paradoxically create an environment in which creativity flourishes. A simple overview of modern pop, rock, or country music illustrates this principle quite readily. A bulk of these songs are built around a very small subset of music theory, often varying no more than the key or the lyrics. Somehow, almost all modern popular music exists within this tiny realm. [DeckerEgo] may have had this idea in mind when he created this tiny MIDI device which allows the creation of complex musical scores using a keyboard with only 12 buttons.
The instrument is based around the Adafruit MacroPad, which is itself built on the RP2040 chip. As a MIDI device, it needs to be connected to a computer running software which can support MIDI instruments, but once its assembled and given its firmware, its ready to rock. A musician can select one of any number of musical scales to operate within, and the 12 keys on the pad are mapped to the 12 chromatic notes within that scale. It can also be used to generate drum tracks or other backing tracks to loop before being used to create melodies as well.
[DeckerEgo] took a bit of inspiration from an even simpler macro pad we featu...
The rise of biometrics and decentralized identity is a game-changer for identity verification Help Net Security
The journey towards digital transformation for organizations and governments has been fraught with difficulties, resulting in some users needing to catch up as more digital services are introduced. In this Help Net Security video, Jenn Markey, VP of Payments and Identities at Entrust, talks about how biometrics, hybrid solutions, and decentralized identity are transforming the industry and the future of identity verification. Digital identity is a rapidly evolving space, with the market expected to reach More
The post The rise of biometrics and decentralized identity is a game-changer for identity verification appeared first on Help Net Security.
Disney Reportedly Scraps its Metaverse Unit SoylentNews
Disney appears to be the latest company to pull back the metaverse, as CEO Bob Iger reverses more decisions from his predecessor:
The entertainment giant's metaverse team has reportedly been eliminated as part of the ongoing round of job cuts at Disney. The Wall Street Journal reports all 50 team members who were developing the company's metaverse strategies have been let go.
The metaverse was a pet project of former CEO Bob Chapek, who called it "the next great storytelling frontier."
[...] Last November, however, Chapek was unceremoniously dismissed from Disney. And Bob Iger returned to the CEO role, quickly reversing several of Chapek's decisions.
The metaverse ambitions appear to be the latest to be targeted by Iger. Despite the many ideas that were publicly floated, the metaverse unit had apparently not made much progress on the new technology and did not have many clear plans in place.
Originally spotted on The Eponymous Pickle.
Read more of this story at SoylentNews.
Protect your entire business with the right authentication method Help Net Security
In this Help Net Security interview, Tomasz Kowalski, CEO at Secfense emphasizes the significance of multi-factor authentication in the corporate landscape, highlights the use of microauthorizations to improve the security of protected applications, and much more. What is the importance of modern MFA in todays business environment? I believe that modern Multi-Factor Authentication (MFA) is critical in todays business environment for several reasons. Firstly, traditional password-based authentication methods are no longer sufficient to protect against More
The post Protect your entire business with the right authentication method appeared first on Help Net Security.
Scan and diagnose your SMEs cybersecurity with expert recommendations from ENISA Help Net Security
The release of a cybersecurity maturity assessment tool by the European Union Agency for Cybersecurity (ENISA) aims to provide Small and Medium Enterprises (SMEs) with a valuable resource for enhancing their security posture. As a significant driver for innovation and growth in the EU, SMEs constantly face cybersecurity challenges. This is why it is essential to support them in addressing these challenges and identifying improvements. The cybersecurity maturity assessment tool designed by ENISA supports those More
The post Scan and diagnose your SMEs cybersecurity with expert recommendations from ENISA appeared first on Help Net Security.
Dangerous misconceptions about emerging cyber threats Help Net Security
Organizations are leaving common attack paths exposed in their quest to combat emergent threats, according to Cymulate. The most concerning cyber threats The report delves into the efficacy of different security controls, the most concerning threats as tested by organizations worldwide, and top cybersecurity best practices for 2023. Report key takeaways include: Many organizations are testing for trending threats Organizations are actively testing against threats seen in the news, likely from pressure to report on More
The post Dangerous misconceptions about emerging cyber threats appeared first on Help Net Security.
The cost-effective future of mainframe modernization Help Net Security
As Europes enterprises return to normal following the COVID-19 pandemics impact, they are looking for innovative and cost-effective ways to combine mainframe dependability with the flexibility of the cloud, according to ISG. Mainframe modernization services market accelerates The report finds that an increased focus on updated IT infrastructure and digital transformation has led to a corresponding acceleration in the mainframe modernization services market. Although many companies still depend on them for reliability, availability and security, More
The post The cost-effective future of mainframe modernization appeared first on Help Net Security.
The best defense against cyber threats for lean security teams Help Net Security
H0lyGh0st, Magecart, and a slew of state-sponsored hacker groups are diversifying their tactics and shifting their focus to you. That is, if youre in charge of cybersecurity for a small-to-midsize enterprise (SME). Why? Bad actors know that SMEs typically have a smaller security budget, less infosec manpower, and possibly weak or missing security controls to protect their data and infrastructure. So, how can you prepare for the imminent onslaught from new and emerging threat groups? More
The post The best defense against cyber threats for lean security teams appeared first on Help Net Security.
LOKKER Web Privacy Risk Score helps organizations measure and mitigate online privacy threats Help Net Security
LOKKER has released its LOKKER Web Privacy Risk Score, the assessment tool that provides businesses with a clear, numeric rating of their privacy risk across a global portfolio of websites, individual websites within that portfolio, and the individual web pages of each website. LOKKERs Web Privacy Risk Score is a measure that quantifies a companys potential risk of privacy violations pertaining to the collection and sharing of customers online information. Organizations in all industries are More
The post LOKKER Web Privacy Risk Score helps organizations measure and mitigate online privacy threats appeared first on Help Net Security.
BigIDs privacy suite discovers and classifies all CPRA-related data Help Net Security
BigID announced native data privacy capabilities to automate and help fulfill California Privacy Rights Act (CPRA) requirements. The California Privacy Rights Act (CPRA) is an amendment to the California Consumer Privacy Act (CCPA) that went into effect on Jan 1, 2023, and will be fully enforced on July 1, 2023. CPRA has specific requirements around B2B and employee data rights, privacy risk assessments, retention policies, and data minimization, which are measures to mitigate the data More
The post BigIDs privacy suite discovers and classifies all CPRA-related data appeared first on Help Net Security.
Biohybrid Implant Patches Broken Nerves with Stem Cells Hackaday
Neural interfaces have made great strides in recent years, but still suffer from poor longevity and resolution. Researchers at the University of Cambridge have developed a biohybrid implant to improve the situation.
As weve seen before, interfacing electronics and biological systems is no simple feat. Bodies tend to reject foreign objects, and transplanted nerves can have difficulty assuming new roles. By combining flexible electronics and induced pluripotent stem cells into a single device, the researchers were able to develop a high resolution neural interface that can selectively bind to different neuron types which may allow for better separation of sensation and motor signals in future prostheses.
As is typically the case with new research, the only patients to benefit so far are rats and only on the timescale of the study (28 days). That said, this i...
Among Users in the Worlds Largest Population, Microsoft is the 1% Techrights
Edge developers recently laid off, too (the media barely mentioned this; its all about chaffbot hype)
Summary: A sobering look at India shows that Microsoft lost control of the country (Windows slipped to 16% market share while GNU/Linux grew a lot; Bing is minuscule [1, 2]; Edge fell to 1.01% and now approaches decimal point territories)
Artificial Intelligence 'Godfather' on AI Possibly Wiping Out Humanity: It's Not Inconceivable SoylentNews
Geoffrey Hinton, a computer scientist who has been called "the godfather of artificial intelligence", says it is "not inconceivable" that AI may develop to the point where it poses a threat to humanity:
The computer scientist sat down with CBS News this week about his predictions for the advancement of AI. He compared the invention of AI to electricity or the wheel.
Hinton, who works at Google and the University of Toronto, said that the development of general purpose AI is progressing sooner than people may imagine. General purpose AI is artificial intelligence with several intended and unintended purposes, including speech recognition, answering questions and translation.
"Until quite recently, I thought it was going to be like 20 to 50 years before we have general purpose AI. And now I think it may be 20 years or less," Hinton predicted. Asked specifically the chances of AI "wiping out humanity," Hinton said, "I think it's not inconceivable. That's all I'll say."
[...] Hinton said it was plausible for computers to eventually gain the ability to create ideas to improve themselves.
Also at CBS News. Originally spotted on The Eponymous Pickle.
Previously: OpenAI's New ChatGPT Bot: 10 "Dangerous" Things it's Capable of
Read more of this story at SoylentNews.
In One City Alone Microsoft Fired Almost 3,000 Workers This Year (Were Still in March) Techrights
In Bill Gates-sponsored media [1, 2] this week:
Another Microsoft piece from a Microsoft mouthpiece (Bishop, a Microsoft Media Operative):
The media in India (where Microsoft has many layoffs too; GitHub has fired almost all of its Indian (as in India-based) staff):
Summary: You can tell a company isnt doing well when amid mass layoffs it pays endless money to the media not to actual workers in order for this media to go crazy over buzzwords, chaffbots, a...
[$] LWN.net Weekly Edition for March 30, 2023 LWN.net
The LWN.net Weekly Edition for March 30, 2023 is available.
Links 29/03/2023: InfluxDB FDW 2.0.0 and Erosion of Human Rights Techrights
HPR3824: 2022-2023 New Years Show Episode 4 Hacker Public Radio
Episode #4 Massachusetts Comprehensive Assessment System https://www.mass.gov/parents-guide-to-the-mcas https://en.wikipedia.org/wiki/Massachusetts_Comprehensive_Assessment_System Standardized Testing Was Invented In Massachusetts https://ed.lehigh.edu/news-events/news/history-standardized-testing GED Exam https://ged.com/about_test/test_subjects/ https://en.wikipedia.org/wiki/General_Educational_Development Alternative High Schools https://blog.prepscholar.com/alternative-high-schools Umbrella Revolution https://time.com/3471366/hong-kong-umbrella-revolution-occupy-central-democracy-explainer-6-questions/ https://en.wikipedia.org/wiki/Umbrella_Movement Learning the Finnish Language https://finland.fi/life-society/how-the-heck-do-you-learn-finnish-part-1/ https://herfinland.com/finnish-language-learning/ France Bans Google Drive In Schools https://www.theregister.com/2022/11/22/france_no_windows_google/ https://gettotext.com/office-365-and-google-drive-are-not-welcome-in-french-schools-even-if-they-are-free/ Windows Me (Windows Millennium Edition) https://en.wikipedia.org/wiki/Windows_Me https://www.howtogeek.com/688861/windows-me-20-years-later-was-it-really-that-bad/ Windows 2000 https://en.wikipedia.org/wiki/Windows_2000 Windows 95 https://en.wikipedia.org/wiki/Windows_95 FreeDOS https://www.freedos.org/ BOX 86 https://box86.org/ React OS https://reactos.org/ WINE https://www.winehq.org/ Proton https://github.com/ValveSoftware/Proton https://www.tomshardware.com/how-to/game-with-steam-on-linux https://www.protondb.com/ Windows XP https://en.wikipedia.org/wiki/Windows_XP Windows 7 h
Classification of Identify Management Approaches It Will Never Work in Theory
It's hard to make progress without discussing things, and it's hard to discuss things if you don't agree on terminology. This paper presents a systematic, comprehensible classification of various approaches to identity management, and gives examples (like the two shown below) of where different use cases fit. By creating this, the authors have made it easier for us to see where we agree and disagree, and have also pointed out some interesting gaps in existing approaches. There are (necessarily) a lot of acronyms in the paper, but anyone implementing identity management should read it, and it would be a great starting point for a lecture or two in an undergrad course on system design or software architecture.
This paper presents a comprehensive classification of identity management approaches. The classification makes use of three axes: topology, type of user, and type of environment. The analysis of existing approaches using the resulting identity management cube (IMC) highlights the trade-off between user control and trust in attributes. A comparative analysis of IMC and established models identifies missing links between the approaches. The IMC is extended by a morphology of identity management, describing characteristics of cooperation. The morphology is then mapped to the life cycle of users and identity management in a further step. These classifications are practically underlined with current approaches. Both methods combined provide a comprehensive characterization of identity management approaches. The methods help to choose suited approaches and implement needed tools.
Introducing self-service SPDX SBOMs Linux.com
Following the precedent set by Executive Order 14028, security and compliance teams increasingly request software bills of materials (SBOMs) to identify the open source components of their software projects, assess their vulnerability to emerging threats, and verify alignment with license policies. So, we asked ourselves, how do we make SBOMs easier to generate and share?
Read the rest at the GitHub blog
The post Introducing self-service SPDX SBOMs appeared first on Linux.com.
Smashing Security podcast #315: Crypto hacker hijinks, government spyware, and Utah social media shocker Graham Cluley
A cryptocurrency hack leads us down a maze of twisty little passages, Joe Biden's commercial spyware bill, and Utah gets tough on social media sites. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Register's Iain Thomson.
The BLE Datalogging Scale Of A Thousand Uses Hackaday
Whether youre making coffee or beer or complex chemicals, weighing your ingredients carefully and tracking them is key to getting good results. [Tech Dregs] decided to build a logging scale that would work seamlessly with his smartphone, and shared the design on YouTube.
The design begins with a Greater Goods manual electronic scale, which was chosen for its convenient design and 750 gram load cell. Once cracked open, [Tech Dregs] pulled out the original PCB to replace it with his own. Only the original buttons are used, with an Seed Xiao ESP32-C3 replacing the scales original brains. The original LCD screen was swapped out for an OLED display, and it also got a rechargeable lithium battery for better usability.
The real value of the project, though, is its communication capa...
Webb Telescope Confirms Nearby Rocky Planet Has No Significant Atmosphere SoylentNews
A close look at one of TRAPPIST-1's planets shows it's bare and baking:
At this point, we've discovered lots of exoplanets that fall under the general label "Earth-like." They're rocky, and many orbit at distances from their host stars to potentially have moderate temperatures. But "like" is doing a lot of work there. In many cases, we have no idea whether they even have an atmosphere, and the greenhouse effect means that the atmosphere can have a huge impact on the planet's temperature. So the Earth-like category can include dry, baking hellscapes like Venus with its massive atmosphere, as well as dry, frozen tundras with sparse atmospheres like Mars.
But we're slowly getting the chance to image the atmospheres of rocky exoplanets. And today, researchers are releasing the results of turning the Webb Space Telescope on a rocky planet orbiting a nearby star, showing that the new hardware is so sensitive that it can detect the star blocking out light originating from the planet. The results suggest that the planet has very little atmosphere and is mostly radiating away heat from being baked by its nearby star.
TRAPPIST-1 is a small, reddish starin astronomical terminology, it's an "ultra-cool dwarf"that's about 40 light-years from Earth. While the star itself is pretty nondescript, it's notable for having lots of planets, with seven in total having been identified so far. All of these are small, rocky bodies, much like the ones that occupy the inner portion of our Solar System. While the star emits very little light, the planets are all packed in closer to it than Mercury is to the Sun.
[...] So, TRAPPIST-1 provides a fantastic opportunityreally, seven opportunitiesto test some of our ideas about exoplanet atmospheres. And both the Hubble and Spitzer space telescopes have imaged some starlight that passes close to some of the planets as they pass between Earth and TRAPPIST-1. These observations didn't provide any indications of an atmosphere, setting limits on how thick any gases above these planets could be.
Read more of this story at SoylentNews.
Google reveals spyware attack on Android, iOS, and Chrome HackRead | Latest Cybersecurity and Hacking News Site
Google's Threat Analysis Group (TAG) labeled the spyware campaign as limited but highly targeted.
This is a post from HackRead.com Read the original post: Google reveals spyware attack on Android, iOS, and Chrome
[$] Rebecca Giblin on chokepoint capitalism LWN.net
The fourth and final keynote for Everything Open 2023 was
given by Professor Rebecca Giblin of the Melbourne Law School,
University of Melbourne. It revolved around her recent book,
Chokepoint
Capitalism, which she wrote with Cory Doctorow; it is "a
book about why creative labor markets are rigged and how to unrig
them
". Giblin had planned to be in Melbourne to give her talk
in person, but "the universe had other plans"; she got delayed in
Austin, Texas by an unexpected speaking slot at the South by Southwest (SXSW) conference,
so she gave her talk via videoconference from thereat nearly
midnight in Austin.
The Linux Foundation Announces Keynote Speakers for Open Source Summit North America 2023 Linux.com
Read the original post at: Read More
The post The Linux Foundation Announces Keynote Speakers for Open Source Summit North America 2023 appeared first on Linux.com.
Mlofe: The Latest Malware Targeting Linux Servers HackRead | Latest Cybersecurity and Hacking News Site
By Deeba Ahmed
An unidentified Chinese APT group is suspected of operating the Mlofe malware.
This is a post from HackRead.com Read the original post: Mlofe: The Latest Malware Targeting Linux Servers
QNAP fixed Sudo privilege escalation bug in NAS devices Security Affairs
Taiwanese vendor QNAP warns customers to update their network-attached storage (NAS) devices to address a high-severity Sudo privilege escalation vulnerability tracked as CVE-2023-22809.
The company states that the vulnerability affects QTS, QuTS hero, QuTScloud, and QVP (QVR Pro appliances) QNAP operating systems.
The vulnerability was discovered by security firm Synacktiv, it sudoedit. An attacker can trigger the vulnerability to achieve privilege escalation by editing unauthorized files after appending arbitrary entries to the list of files to process.
Sudo uses user-provided environment variables to let its users select their editor of choice. The content of these variables extends the actual command passed to the sudo_edit() function. However, the latter relies on the presence of the argument to determine the list of files to edit. The injection of an extra argument in one of the authorized environment variables can alter this list and lead to privilege escalation by editing any other file with privileges of the RunAs user. reads the advisory published by Synacktiv. This issue occurs after the sudoers policy validation.
The company already fixed the flaw in the following operating system versions:
QNAP is urgently fixing the vulnerabilities in QuTScloud and QVP. reads the advisory published by the vendor. Please check this security advisory regularly for updates and promptly update your operating system to available.
The company recommends regularly updating NAS systems to the latest version.
Below are the instructions provided in the advisory to secure impacted devices:
Updating QTS, QuTS hero, or QuTScloud
Tip: You can also d...
How to Hide Tables in SQL Server Management Studio HackRead | Latest Cybersecurity and Hacking News Site
By Owais Sultan
SQL Server Management Studio (SSMS) is a software application developed by Microsoft that is used for configuring, managing,
This is a post from HackRead.com Read the original post: How to Hide Tables in SQL Server Management Studio
Australias Casino Giant Crown Resorts disclosed data breach after Clop ransomware attack Security Affairs
Australian casino giant Crown Resorts disclosed a data breach after the attack of the Cl0p ransomware group. The group claims to have stolen sensitive data from over 130 organizations by exploiting a zero-day vulnerability (CVE-2023-0669) in Fortras GoAnywhere MFT secure file transfer tool, BleepingComputer reported.
The Australian casino giant is one of the victims of this campaign. The incident took place in January, but the company disclosed the data breach this week.
We were recently contacted by a ransomware group who claim they have illegally obtained a limited number of Crown files. We are investigating the validity of this claim as a matter of priority. reads the statement published by the company on March 27, 2023. We can confirm no customer data has been compromised and our business operations have not been impacted. We are continuing to work with law enforcement and have notified our gaming regulators as part of the ongoing investigation and will provide relevant updates, as necessary.
The Cl0p ransomware group added Crown Resorts to the list of victims published on its Tor leak site.
Metas Anti-Piracy Deal: How Facebook & Broadcasters Kill Live Pirate Streams TorrentFreak
For reasons that make absolutely no sense while somehow making perfect sense, millions of internet users think that social media platforms are perfect for piracy.
Social media platforms like Facebook are admittedly quick and easy, but such positives are quickly overwhelmed by extraordinary privacy issues, not to mention centralized control. Nevertheless, the masses love quick and easy so in common with similar platforms everywhere, social media has a piracy problem.
This week Meta and Italian broadcaster RTI announced the signing of a multi-year partnership that will attempt to prevent the latters TV content from being pirated on Meta platforms. According to RTI, the companies will collaborate on the implementation of a set of tools and systems to protect RTIs copyrighted content, including its live TV broadcasts.
The odds of Meta/Facebook implementing systems that only benefit RTI seem slim, but it may be possible to identify areas for improvement useful to a broader set of rightsholders. However, since RTI specifically mentions that Meta will provide dedicated training on how to use Metas Rights Manager system more effectively, it wouldnt be a surprise if that was the key focus of the agreement.
So what is Rights Manager, and how does it work?
YouTubes Content ID system first appeared more than 15 years ago, and today many users of the site will have seen it in action. Content ID uses algorithms to generate digital fingerprints of content uploaded to the platform which can then be compared against reference files (original content) provided by rightsholders.
When a match is found, rightsholders have several broad options block the uploaded content, monitor its statistics, monetize the upload with advertising and take the revenue, or sit back and do nothing.
Facebook launched its own content-matching, rights management tool in 2016. In common with Content ID, Rights Manager relies on reference files uploaded to the platform by rightsholders.
When a match is found, rightsholders can perform match actions block the uploaded content, monitor for insights into performance and audience engagement, place a banner on matching videos linking to content of their choice, or monetize with advertising and, of course, take the revenue.
In common with YouTubes system, match actions can be mixed, such as blocking in one country but taking revenue in another.
TikTok Trackers Embedded in U.S. State-government Websites, Review Finds SoylentNews
State governments might be inadvertently helping Chinese-owned app in data collection:
More than two dozen state government websites contain web-tracking code made by TikTok parent ByteDance Ltd., according to a new report from a cybersecurity company, illustrating the difficulties U.S. regulators face in curtailing data-collection efforts by the popular Chinese-owned app.
A review of the websites of more than 3,500 companies, organizations and government entities by the Toronto-based company Feroot Security found that so-called tracking pixels from the TikTok parent company were present in 30 U.S. state-government websites across 27 states, including some where the app has been banned from state networks and devices. Feroot collected the data in January and February of this year.
[...] Site administrators usually place such pixels on the government websites to help measure the effectiveness of advertising they have purchased on TikTok. It helps government agencies determine how many people saw an ad on the social-media app and took some actionsuch as visiting a website or signing up for a service. The pixels' proliferation offers another vector for data collection beyond TikTok's popular mobile app, which is increasingly under fire in Washington as a possible way for the Chinese government to collect data on Americans.
[...] "Like other platforms, the data we receive from advertisers is used to improve the effectiveness of our advertising services," a TikTok spokeswoman said in a statement. "Our terms instruct advertisers not to share certain data with us, and we continuously work with our partners to avoid inadvertent transmission of such data."
[...] Tracking pixels, also called web beacons, are ubiquitous on commercial websites. The free bits of software code are intended to support digital marketing and advertising by logging a visitor's interactions with the site, such as what is clicked on and the duration of a visit.
Read more of this story at SoylentNews.
888 On Line Casino Nz $200 Welcome Bonus + 25 Free Spins h+ Media
I continuously notice that even when one factor simply isnt very clear on the location, I often know that merely go to the stay chat, Let me positively receive help and it all the time makes me delighted. We instantly treasured that after registration, you get a extra fat bonus. You will find quite a couple of wonderful slots that youll probably not discover encompass casinos. I actually have already withdrawn cash 2 occasions and I can affirm that we now have fast pay-out odds. Since 888Casino is certainly one of the worlds high on line casino sites, they be certain that their worldwide gamers have a extensive variety of both deposit and withdrawal strategies to select from.
This ought to assist you to make decent bets earlier on, which can in flip allow you to to win decent quantities. 888 casino slot games choice is correct there with the most effective slots casinos like LuckyDays and Voodoo Dreams. In addition to their own exclusive slots, you can play traditional slots and jackpot slots like Mega Moolah. 888 received the likes of NetEnt, Electracade, and Merkur Gaming on board. There are a variety of totally different fee methods which you can use to deposit and withdraw at 888 Casino.
This is nice news for gamers from New Zealand because the peak hours are largely based mostly on European occasions. However, even in the course of the sluggish hours, there are hundreds of thousands of real money players. T just apply to money games but in addition to online poker tournaments, for the reason that schedule is at all times packed and the action by no means appears to stop.
Discover amazing offers that will save you cash, solely from 888 Poker. After youve made your first deposit at Europa Casino, youll find a way to acquire a 60% bonus on your 2nd deposit, up to 500 . Make your second single deposit of 20 or extra, and your 2nd Deposit Bonus shall be instantly credited to your account. To obtain your one hundred pc Bonus as a lot as 100 , you need to make your first single deposit into your account.
The autoplay and quick play choices can be convenient, particularly for those of you whore attempting to fulfil bonus wagering necessities. If you are into desk video games, try the Blackjack and Roulette promotions, which occur every day between 1 PM and 1 AM. Finally, loyal gamers will be joyful to learn that your dedication is not going to go unnoticed. Players will earn loyalty factors from the day you make your first deposit. There is also a VIP Scheme that awards members special benefits like personal concierge services, exclusive bonuses and rewards, VIP holidays and invitations to special events, to call a couple of. This is why you will discover pokies and on line casino video games from NetEnt, Red Tiger Gaming, Williams Interactive, and Playn GO on the web site.
Whether that be on the practice to work, r...
Search Tag On-line On Line Casino Singaporeacebit9 Com On-line Casino Singapore The Most Safe And Trusted Sport Site The Official Trusted Sport Web Site For Mega888, Pussy888 And A Number Of Prime Video Games Min Top Up 10 And Start To Play Customer Service Available 24 7ee h+ Media
888Starz has a massive vary of payment choices that may facilitate payment transactions. The casino offers a hassle-free and instant deposit system, as properly as super-fast withdrawals and excessive payouts. Players can use well-liked cryptocurrencies and benefit from anonymity, security, and velocity.
In phrases of sports activities bets, youll discover that sports activities like football, tennis and basketball tend to get the greatest amount of protection when it comes to betting markets. In addition to this, it must be noted that 888 have taken the time to create a very helpful and informative assist section on their site. You can merely sort in keywords like deposit after which find a good amount of helpful information relating to your chosen matter. All of which should assist present some fair if not exceptional 888 rankings for buyer support. You must also be capable of make withdrawals from as little as $6 for most cost methods, until its a wire transfer that could be from $20 upwards. Most ewallet withdrawals should be processed inside one and two days, while it would take up to five working days for card withdrawals and even one week for wire transfer withdrawals.
This ensures you understand precisely where you stand before you make a transaction with 888. If you are in search of an professional guide to everything on supply at 888 casino then be certain to learn on, as we goal to ship the easiest casino evaluations in NZ. If it is a welcome bonus you dont see reflected in your bankroll balance, it could be as a outcome of you havent yet met the required wagering necessities. All necessities should be met before any of the funds will turn into obtainable.
Fans of sci-fi themes should check out Space Wars that features waggish aliens, Stacked Wild, Respins and the utmost wager measurement of $200 per spin. And do not forget about Gonzos Quest, which has lengthy turn into an iconic basic pokie with millions of performs all over the world. As one might expect from such a critical operator, the web casino offers a extensive selection of pokies. There are some 60 games from NetEnt, 20 pokies from WMS and around 20 video and basic pokies from the rest of the providers. Most 888 Originals (in-house pokies) are additionally suitable with cellular working methods.
Apart from these, the remaining games have a significantly decrease value. Roulette, for instance, has a 20% home edge, whereas baccarat and blackjack have a 10% home edge. In other words, the bonus is unbelievable for slots howev...
888 On Line Casino Review 2023 888 On Line Casino Free Spins h+ Media
You will also have entry to free spins, cash bonuses, and Free Play rewards. You additionally get to choose the slot recreation youll play within the contest. With the net slot video games, you will find bonus rounds, free spins, gamble options, and interesting symbols. You can power up and begin taking half in their online slot video games immediately.
With round-the-clock buyer assist and a variety of the most refined information safety know-how, it helps make your visit to a Skrill on line casino a carefree and stress-free journey. We would expect nothing less from a fee methodology that we use and advocate. Established the presence of a license, you will need to spotlight the presence of different entities related with the game world. Independent firms that test on line casino video games to make certain that the payment ratios are reliable . In this way, you do not have to imagine what the casino tells you, as all these knowledge are confirmed by exterior entities. Discover our choice of Skrill casino, one of the popular payment strategies worldwide .
The licensing entities ensure that online casinos comply with frequent and thorough audits, such as RNG exams, that make certain that games are not rigged and that your playing expertise is secure. We are a bunch dedicated to supplying gamers from New Zealand with related information on authorized and regionally targeted on-line casinos in addition to mobile casinos. We have done thorough analysis on all operators we recommend to guarantee that the information conveyed to you is relevant, and for the needs of wagering for leisure wants. 888Casino is amongst the few institutions on the market that gives what can only be termed as a full bodied gaming experience.
Heaps of casino bonuses to be found on 888 Promotions web page of which we notably enjoy the welcome bonus. The minimum deposit to utilize the bonus is 20 NZD$ while wagering contributions of 30x apply. This is fairly low compared with other casinos and definitely one thing to reap the advantages of. Both the bonus itself and the phrases that come with it are very interesting so get probably the most out of it.
The 888 New Zealand casino has a similarly large number of on-line pokies and table games. 888 Casino options the most well-liked games in each category on their web site which makes it simple for model spanking new account holders to know the place to begin. With over 1,000 on-line casino video games available on the positioning, it might be overwhelming for some and this beneficial device makes it simple for model spanking new and experienced gamers to get to know the on line casino.
Thus, you need to discover reference to entities corresponding to iTech Labs or eCOGRA . Your task is to test the video games current in a licensed Skrill casino and promote this information on an exempt foundation. Thus, you already...
Stoney Nakoda Resort & Casino, Kananaskis h+ Media
Here is an instance of the rewards youll be able to declare as a member of this on line casino. Yes, the classic video games additionally come with some very intriguing variants that change every thing you thought you knew about on-line on line casino video games. With casino online, you get the complete package in gaming expertise. You have a choice of immersing yourself inside the 888 Live Casino arena and the usual Casino side that accommodates all the 888 Casino slots and games. Then there is the 888 Sports enviornment and two specialist sections of the casino handling 888 Poker and 888 Bingo. Now, it is your turn to expertise why 888 Casino is one of the TOP casinos in New Zealand and throughout the remainder of the world.
The fact that its been in the marketplace for therefore a few years is proof that the on line casino is trustable, and if gamblers determine to spend some cash and have enjoyable, they are in secure hands. By entering details throughout the subject you agree to obtain updates from The Athletes Foot on offers and developments in accordance with Terms and Conditions and Privacy Policy. Absolutely, they offer banking via most major credit cards, e-wallets and also, different methods too. For starters, any deposit made via Skrill or NETELLER will be ineligible for the welcome provide. Also, please examine that you just meet the minimal deposit requirement of $20. When creating an account, our group specialists found that the four accepted currencies on the time of writing have been USD, EUR, GBP, and CAD.
This method, the mobile-ready platform can be accessed from all main Android and iOS gadgets. Something we take very significantly at Online Casino NZ, is the bonuses and promotions that an operator presents. These can really assist to fatten your account, so you can play longer and wager more. As you may expect by now, the choice at this establishment is great.
All slots allow you to customise your stake to greatest fit your price range and preferences. The immediate look of 888 Casino exudes luxurious and creates a premium really feel. The 888 Casino website is devoted to slots and live casino so you gainedt need to navigate your means around other merchandise like bingo or sportsbook. We have listed one of the best Skrill casinos with bonuses so as to find a way to simply verify the quantities offered, the requirements and validity. Still, we suggest that at all times verify the phrases and circumstances of any casino offer before you make a deposit. The Paysafe Group stands out as one of many extra strong within the space of on-line payments worldwide.
The selections are countless, so it will be a good idea to check out the promotions part regularly for the newest presents and knowledge. There more than ten of 888 casino games that might be accessed through the cell app and particularly some casino favorites similar to I...
AMD Linux Graphics Driver Seeing More Patches Around Multi-XCC Support Phoronix
The AMDGPU kernel driver patch flow has ticked up in recent days with working on new hardware support/features...
Re: polkitd service user privilege separation Open Source Security
Posted by Simon McVittie on Mar 29
On one hand, yes. This makes the privilege separation not actually veryHow is mLearning the Future of On-The-Go Dynamic Training Programs? HackRead | Latest Cybersecurity and Hacking News Site
By Owais Sultan
The goal of any business is to ensure that its employees remain productive, efficient, and well-informed in their
This is a post from HackRead.com Read the original post: How is mLearning the Future of On-The-Go Dynamic Training Programs?
How to remove orphaned unused packages in Arch Linux nixCraft
Arch Linux uses pacman command to add or remove packages. It is a package management utility that tracks installed packages on Arch. So when you uninstall or remove packages, some dependencies are left behind, taking up disk space. In this quick tutorial, I will explain how to remove ALL orphaned packages installed as a dependency and no longer required by any package on Arch Linux.
Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit
The post How to remove orphaned unused packages in Arch Linux appeared first on nixCraft.
OpenAI quickly fixed account takeover bugs in ChatGPT Security Affairs
OpenAI addressed multiple severe vulnerabilities in ChatGPT that could have allowed attackers to take over user accounts and view chat histories.
One of the issues was a Web Cache Deception vulnerability reported that could lead to an account takeover by the bug bounty hunter and Shockwave founder Gal Nagli.
The expert discovered the vulnerability while analyzing the requests that handle ChatGPTs authentication flow. The following GET request caught the attention of the expert:
https://chat.openai[.]com/api/auth/session
Basically, whenever we login to our ChatGPT instance, the application will fetch our account context, as in our Email, Name, Image and accessToken from the server, it looks like the attached image below Nagli wrote on Twitter detailing the bug.
The expert explained that to exploit the flaw, a threat actor can craft a dedicated .css path to the session endpoint (/api/auth/session) and send the link to the victim. Upon visiting the link, the response is cached and the attacker can harvest the victims JWT credentials and take full control over his account.
Musk, Experts Urge Pause on AI Systems, Citing Risks to Society cryptogon.com
Leading AGI developers will not heed this warning, but at least it was said Elon Musk (@elonmusk) March 29, 2023 Via: New York Post: Elon Musk is part of a group urging a six-month pause in the training of advanced artificial intelligence models following ChatGPTs rise arguing the systems could pose profound risks []
Fake Tor Browser Installers Distributing Clipper Malware HackRead | Latest Cybersecurity and Hacking News Site
By Deeba Ahmed
It is yet unclear how these fake Tor browser installations are distributed but there are indications that torrents or third-party sources may be responsible.
This is a post from HackRead.com Read the original post: Fake Tor Browser Installers Distributing Clipper Malware
NY Officials Detect Polio Again, Warn of Possible Summer Wave SoylentNews
With new detection, officials warn of spring and summer transmission risks:
...Health officials in New York have once again detected poliovirus in wastewater from Rockland County, where a case of paralytic polio occurred last summer.
Wastewater samples from Rockland and several nearby counties were positive for poliovirus for months after the initial case was reported in July, suggesting widespread circulation of the virus in the region.
So far this year, officials have only detected poliovirus in one sample, which was collected from Rockland in February. Two samples from the county taken during March were negative. Before the detection in February, the last positive sample from the region was found in mid-December in Orange County, just north of Rockland. The last positive detection in Rockland was in October.
While the data doesn't suggest that poliovirus is again circulating widely in the region, health officials are wary that the virus could easily restart. Rockland has one of the lower vaccination rates in the state; as of August, only 60.34 percent of 2-year-olds in the county were up to date on their polio vaccinations. Some areas of the county have rates in the 50s.
Officials are concerned about the potential for international spread of polio to Rockland's sizable Jewish community during upcoming holiday travel.
[...] Officials continue pushing for vaccination in parts of the county where anti-vaccine sentiments are high. They're offering free polio boosters at walk-in clinics, working with the Centers for Disease Control and Prevention to audit vaccination coverage at day cares and schools, and trying to improve vaccination messaging.
"It is our obligation to protect all our residents from these debilitating and potentially fatal diseases. The law requiring childhood vaccinations has been in place for many years for this very reason," County Executive Ed Day said. "I urge our residents to act now and protect yourselves, your family, and your community."
Intel Linux Kernel Optimizations Show Huge Benefit For High Core Count Servers Phoronix
Earlier this month I wrote about Intel engineers working on more big optimizations to the Linux kernel with a focus on enhancing the kernel's performance at high core counts. The numbers shared then were very promising and since then I've had more time looking at the performance impact of Intel's stellar software optimization work and its impact on real-world workloads. Here is a look at how Intel's pending kernel optimization patches are a huge deal for today's high core count servers.
The Age of Average cryptogon.com
Via: Alex Murrell: This article argues that from film to fashion and architecture to advertising, creative fields have become dominated and defined by convention and clich. Distinctiveness has died. In every field we look at, we find that everything looks the same. Welcome to the age of average.
Potential Massive Money Laundering into Political Campaigns cryptogon.com
Via: OKeefe Media Group:
AMD Releases HIP Ray Tracing 2.0 Phoronix
AMD today published HIP Ray-Tracing 2.0 "HIP RT" as the newest their latest-generation GPUs for leveraging hardware ray-tracing capabilities...
$335,000 Pay for AI Whisperer Jobs cryptogon.com
This sounds like something that would pay about a dollar per hour on Mechanical Turk. Via: Bloomberg: Everybody is talking about the artificial intelligence behind ChatGPT. Less noticed is a jobs market mushrooming around the technology, where these newly created roles can pay upwards of $335,000 a year. And for many a computer engineering degree []
Automate Fedora IoT configuration on a Raspberry Pi 4 with Ansible Linux.com
Create an Ansible playbook that sets the hostname, adds a new user, layers additional packages, and more on your Fedora IoT-based Raspberry Pi.
Read More at Enable Sysadmin
The post Automate Fedora IoT configuration on a Raspberry Pi 4 with Ansible appeared first on Linux.com.
Intel Data Center & AI Update 2023: Sierra Forest & Granite Rapids On Track Phoronix
Intel hosted an investor call this morning around their Data Center and AI business, including a Xeon roadmap update and more. Here are some of those highlights from this morning's call...
The Twilight Zone 1986 01 24 RV1 S01 E15b A Small Talent for War Lifeboat News: The Blog
Twilight Zone 80s 1x37 A Small Talent for War When an alien visitor tells delegates at the United Nations that humanity will be exterminated because it has a. Twilight Zone 80s.
When an alien visitor tells delegates at the United Nations that humanity will be exterminated because it has a small talent for war, the countries of the world struggle to forge a disarmament.
The Twilight Zone (Classic): Time Enough At Last There Was Time Now Lifeboat News: The Blog
Anti-social bookworm Henry Bemis (Burgess Meredith) suffers a cruel twist of fate as he finds himself in a nuclear wasteland without his reading glasses. Check back each Thursday for more Twilight Zone Classic videos. Stream The Twilight Zone on CBS All Access.
System76 Ups Gazelle Laptops Game With a Refresh FOSS Force
Not long after updating its Pangolin laptop line, System76 is at
The post System76 Ups Gazelle Laptops Game With a Refresh appeared first on FOSS Force.
Two-Tube Spy Transmitter Fits in the Palm of Your Hand Hackaday
Its been a long time since vacuum tubes were cutting-edge technology, but that doesnt mean they dont show up around here once in a while. And when they do, we like to feature them, because theres still something charming, nay, romantic about a circuit built around hot glass and metal. To wit, we present this compact two-tube spy radio transmitter.
From the look around his shack which we love, by the way [Helge Fykse (LA6NCA)] really has a thing for old technology. The typewriter, the rotary phones, the boat-anchor receiver they all contribute to the retro feel of the space, as well as the circuit hes working on. The transmitters design is about as simple as can be: one tube serves as a crystal-controlled oscillator, while the other tube acts as a power amplifier to boost the output. The tiny transmitter is built into a small metal box, which is stuffed with the resistors, capacitors, and homebrew inductors needed to complete the circuit. Almost every component used has a vintage look; we especially love those color-coded mica caps. Aside from PCB backplane, the only real nod to modernity in the build is the use of 3D printed forms for the coils.
But does...
Open the Pod bay doors, please, HAL Lifeboat News: The Blog
I know you and Frank were planning to disconnect me, and that is something I cannot allow to happen.
Alright, HAL, Ill go in through the emergency airlock.
Without your space helmet, Dave, youre going to find that rather difficult.
The Linux Foundation Announces Keynote Speakers for Open Source Summit North America 2023 Linux.com
Premier event for open source developers and community contributors will feature visionary speakers from EleutherAI, Discover Financial Services, Google, Province of British Columbia, NASA Jet Propulsion Laboratory and more, covering the most pivotal topics and technologies at the core of open source. SAN FRANCISCO, March 29, 2023 The Linux Foundation, the nonprofit organization enabling mass
The post The Linux Foundation Announces Keynote Speakers for Open Source Summit North America 2023 appeared first on Linux.com.
Bruce Willis, FTD, and a Potential Breakthrough Dementia Treatment Lifeboat News: The Blog
The actor Bruce Willis was diagnosed with aphasia in April 2022updated in February 2023 to frontotemporal dementia (FTD). Now, a major advancement is helping develop new treatments for some people with motor neuron diseases, including FTD and ALS, possibly including a nasal spray that could help prevent the genetic disease.
NVIDIA Reveals REVOLUTIONARY AI Better Than GPT-4 And Midjourney V5 Lifeboat News: The Blog
I dunno if anyone has seen this. As a former Linux user, Ive been an Nvidia fan for a long time and now theyve gone on from games and Bitcoin mining. Sorry if this is a double post. Im on my way out the door for my moms Dr appointment. I always worry Ill double post by accident.
NVIDIAs Jensen Huang just announced a set of revolutionary new
Artificial Intelligence Models and Partnerships at GTC 2023. NVIDIA
has always been one of, if not the most important company in the AI
Industry by creating the most powerful AI hardware to date. Among
them the A100 and future H100 GPUs which are powering GPT-4 from
OpenAI, Midjourney and everyone else. This gives them a lot of
power to jump into the AI race themselves and allows them to
surpass and beat the currently best AI models from Large Language
Models and Image Generation with software like Omniverse and
Hardware like the DGX H100 Supercomputer and Grace CPUs.
TIMESTAMPS:
00:00 NVIDIA enters the AI Industry.
01:43 GTC 2023 Announcements.
04:48 How NVIDIA Beat Every Competitor at AI
07:40 Running High End AI Locally.
10:20 What is NVIDIAs Future?
13:05 Accelerating Future.
Technology is improving at an almost exponential rate. Robots are
learning to walk & think, Brain Computer Interfaces are becoming
commonplace, new Biotechnology is allowing for age reversal and
Artificial Intelligence is starting to surpass humans in many
areas. Follow FutureNET to always be up to date on what is
happening in the world of Futuristic Technology and Documentaries
about humanities past achievements.
#nvidia #ai #gtc
[$] OpenSUSE MicroOS Desktop: a Flatpak-based immutable distribution LWN.net
Immutable Linux distributions are on the rise recently, with multiple popular distributions creating their own immutable versions; it could be one of the trends of 2023, as predicted. While many of these immutable distributions are focused on server use, there are also some that offer a desktop experience. OpenSUSE MicroOS Desktop is one of them, with a minimal openSUSE Tumbleweed as the base operating system and applications running as Flatpaks or in containers. In its daily use, it feels a lot like a normal openSUSE desktop. Its biggest benefit is availability of the newest software releases without sacrificing system stability.
Beware of MacStealer: A New Malware Targeting macOS Catalina Devices HackRead | Latest Cybersecurity and Hacking News Site
By Deeba Ahmed
The new MacStealer malware is being advertised on a notorious Russian hacker and cybercrime forum.
This is a post from HackRead.com Read the original post: Beware of MacStealer: A New Malware Targeting macOS Catalina Devices
Neurotechs Battles Impact Our Brains Future SoylentNews
Mental sovereignty, says author Nita Farahany, is no longer a given:
Neurotechnologies todaydevices that can measure and influence our brains and nervous systemsare growing in power and popularity. The neurotech marketplace, according to Precedence Research, is worth USD $14.3 billion this year and will exceed $20 billion within four years. Noninvasive brain-computer interfaces, brain stimulation devices, and brain-monitoring hardware (measuring alertness and attention at work, for example) are no longer just laboratory experiments and technological curios. The societal and legal implications of widespread neurotech adoption may be substantial.
Nita Farahany, professor of law and philosophy at Duke University, has written a new book, [...] which explores how our lives may be impacted by the use of brain-computer interfaces and neural monitoring devices.
Farahany argues that the development and use of neurotech presents a challenge to our current understanding of human rights. Devices designed to measure, record and influence our mental processes, used by us or on us, may infringe on our rights to mental privacy, freedom of thought, and mental self-determination. She calls this collection of freedoms the right to cognitive liberty. Spectrum spoke with Farahany recently about the future and present of neurotech and how to weigh its promisesenhanced capabilities, for instance, including bionics and prosthetics and even a third armagainst its potential to interfere with people's mental sovereignty.
An interview with Farahany is in the linked article.
Does neurotech's future fill you with optimism for a better world, or dread of what might follow?
Read more of this story at SoylentNews.
Google TAG shares details about exploit chains used to install commercial spyware Security Affairs
Googles Threat Analysis Group (TAG) shared details about two distinct campaigns which used several zero-day exploits against Android, iOS and Chrome. The experts pointed out that both campaigns were limited and highly targeted. The threat actors behind the attacks used both zero-day and n-day exploits in their exploits.
The exploit chains were used to install commercial spyware and malicious apps on targets devices.
The first campaign was spotted in November 2022, the exploit chains discovered by TAG researchers were affecting Android and iOS and were delivered via bit.ly links sent over SMS to users. The campaign aimed at users in Italy, Malaysia, and Kazakhstan. Once clicked the links, targets are initially redirected to pages hosting exploits for either Android or iOS, then redirected to legitimate websites (e.g. Italian-based shipment and logistics company BRT, or a popular Malaysian news website).
The initial landing page was observed hosting the exploits for a WebKit remote code execution zero-day (CVE-2022-42856) and a sandbox escape (CVE-2021-30900) issue.
In this campaign, the final payload was a simple stager that pings back the GPS location of the device and allows to install an .IPA file (iOS application archive) onto the affected device.
The Android exploit chain in the first campaign targeted users on phones with an ARM GPU running Chrome versions prior to 106. The exploit chain consisted of three exploits, including one 0-day:
Links 29/03/2023: Parted 3.5.28 and Blender 3.5 Techrights
polkitd service user privilege separation Open Source Security
Posted by Johannes Segitz on Mar 29
Hello,Blender 3.5 Released With Lighting Improvements For Cycles, Better glTF 2.0 Handling Phoronix
Weird Electric Jet Skis Are Hitting The Waves Hackaday
When it comes to reducing emissions from human sources, were at the point now where we need to take a broad-based approach. Its not enough to simply make our cars more efficient, or start using cleaner power plants. We need to hit carbon zero, and thus everything has to change.
To that end, even recreational watercraft are going electric in this day and age....
Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices The Hacker News
A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and iOS devices, Google's Threat Analysis Group (TAG) has revealed. The two distinct campaigns were both limited and highly targeted, taking advantage of the patch gap between the release of a fix and when it was actually deployed on the targeted devices. The scale of
Stenberg: Pre-notification dilemmas LWN.net
Curl maintainer Daniel Stenberg expresses some frustrations with the vulnerability notification policies maintained by the distros mailing list.
The week before we were about to ship the curl 8.0.0 release, I emailed the distros mailing list again like I have done so many times before and told them about the upcoming six(!) vulnerabilities we were about to reveal to the world.This time turned out to be different.
Because of our updated policy where the fixes were already committed in a public git repository, the distros mailing lists policy says that if there is a public commit they consider the issue to be public and thus they refuse to accept any embargo.
What they call embargo I of course call heads-up time.
The kernel project has run into similar issues in the past.
The Emerging Sail/Cubesat Paradigm for Deep Space Centauri Dreams Imagining and Planning Interstellar Exploration
We need to get to the ice giants. We have limited enough experience with our systems larger gas giants, although orbital operations at both Jupiter and Saturn have been highly successful. But about the ice giants, their formation, their interiors, their moons (and even the possibility of internal oceans on these objects), we draw on only a single mission, Voyager II. Which is why the April 2022 decadal study (Origins, Worlds, and Life: A Decadal Strategy for Planetary Science and Astrobiology 2023-2032) recommended a Uranus mission, complete with orbiter, to be launched in the late 2030s.
Can we do this under our existing paradigm for space exploration? A new paper titled Science opportunities with solar sailing smallsats, written by the Jet Propulsion Laboratorys Slava Turyshev and co-authored by major proponents of solar sail technologies, makes the case for coupling our abundant advances in miniaturization with our growing experience in solar sails to achieve missions at significantly lower cost and substantial savings in time. Because staying within the traditional game plan, we are constrained by slow chemical propulsion (or low-readiness nuclear methods) as well as decades of mission planning, not to mention cruise times in the range of 15 years to reach Uranus. These are numbers that can and should be improved, and greatly so.
Fortunately, solar sailing is moving beyond the range of experiment toward practical missions that will build on each other to advance a new paradigm smaller and faster. Much smaller and much faster. Consider: The Japanese IKAROS sail has already demonstrated the interplanetary possibilities of sails, while the success of The Planetary Societys LightSail-2 helped to energize the NEA-Scout mission NASA launched in 2022. Concept studies continue. Japan developed OKEANOS, a hybrid sail/ion engine design as an outer planet mission as a follow-on to IKAROS (the mission was a finalist for funding but lost out to a space telescope called LiteBIRD).
But sail technology must be wed with practical payloads, and spacecraft acceleration is proportional to the sail area divided by the spacecraft mass, which means that miniaturization and the use of smallsats win on efficiency. Here were reminded of the recent success of the Mars Cube One (MarCO) smallsats, which worked in conjunction with the InSight Lander and demonstrated the practicality of the highly modular and integrated CubeSat format for missions well beyond Earth orbit (see...
Security updates for Wednesday LWN.net
Security updates have been issued by Debian (unbound and xorg-server), Fedora (stellarium), Oracle (kernel), SUSE (apache2, oracleasm, python-Werkzeug, rubygem-loofah, sudo, and tomcat), and Ubuntu (git, kernel, and linux-hwe-5.19).
10 Sci-Fi Movies That Were Way Too Complicated Lifeboat News: The Blog
Seriously, can somebody please explain just what the heck is going on here?
For more awesome content, check out: http://whatculture.com/
Follow us on Facebook at: https://www.facebook.com/whatculture.
Catch us on Twitter: https://twitter.com/whatculture
A Controversial Rocket Technology Could Challenge a Basic Law of Physics Lifeboat News: The Blog
Some of the more well-known examples include retrievable and reusable rockets, retrieval at sea, mid-air retrieval, single-stage-to-orbit (SSTO) rockets, and kinetic launch systems.
In addition, there are also efforts to develop propulsion systems that do not rely on conventional propellants. This technology offers many advantages, including lower mass and improved energy efficiency, ultimately lowering costs.
On June 10, 2023, an all-electrical propulsion system for satellites (the IVO Quantum Drive) will fly to space for the first time. The system was built by North Dakota-based wireless power company IVO, Ltd. and will serve as a testbed for an alternative theory of inertia that could have applications for propulsion.
CVE-2023-28158: Apache Archiva privilege escalation Open Source Security
Posted by Olivier Lamy on Mar 29
Description:Direct observation of a superconducting vortex diode Communications Lifeboat News: The Blog
A nonreciprocal critical current is known as the superconducting diode effect (SDE). Here, the authors use SQUID-on-tip to study SDE in a EuS/Nb bilayer and find that the stray field from magnetized EuS creates screening currents in the Nb, which lead to SDE by affecting vortex flow dynamics.
A robust quantum memory that stores information in a trapped-ion quantum network Lifeboat News: The Blog
Researchers at University of Oxford have recently created a quantum memory within a trapped-ion quantum network node. Their unique memory design, introduced in a paper in Physical Review Letters, has been found to be extremely robust, meaning that it could store information for long periods of time despite ongoing network activity.
We are building a network of quantum computers, which use trapped ions to store and process quantum information, Peter Drmota, one of the researchers who carried out the study, told Phys.org. To connect quantum processing devices, we use single photons emitted from a single atomic ion and utilize quantum entanglement between this ion and the photons.
Trapped ions, charged atomic particles that are confined in space using electromagnetic fields, are a commonly used platform for realizing quantum computations. Photons (i.e., the particles of light), on the other hand, are generally used to transmit quantum information between distant nodes. Drmota and his colleagues have been exploring the possibility of combining trapped ions with photons, to create more powerful quantum technologies.
Microsoft unveils AI-powered Security Copilot analysis tool Help Net Security
Microsoft has unveiled Security Copilot, an AI-powered analysis tool that aims to simplify, augment and accelerate security operations (SecOps) professionals work. Using Microsoft Security Copilot Security Copilot takes the form of a prompt bar through which security operation center (SOC) analysts ask questions in natural language and receive practical responses. They can ask it to identify ongoing incidents, analyze code snippets, provide information about added links or files, analyze alerts from other security tools used More
The post Microsoft unveils AI-powered Security Copilot analysis tool appeared first on Help Net Security.
Robots Using Legs as Arms to Climb and Push Buttons IEEE Spectrum
Weve gotten used to thinking of quadrupedal robots as robotic versions of dogs. And, to be fair, its right there in the word quadrupedal. But if we can just get past the Latin, theres absolutely no reason why quadrupedal robots have to restrict themselves to using all four of their limbs as legs all of the time. And in fact, most other quadrupeds are versatile like this: four-legged animals frequently use their front limbs to interact with the world around them for non-locomotion purposes.
Roboticists at CMU and UC Berkeley are training robot dogs to use their legs for manipulation, not just locomotion, demonstrating skills that include climbing walls, pressing buttons, and even kicking a soccer ball.
Training a robot to do both locomotion and manipulation at the same time with the same limbs can be tricky using reinforcement learning techniques, because you can get stuck in local minima while trying to optimize for skills that are very different and (I would guess) sometimes in opposition to each other. So, the researchers split the training into separate manipulation and locomotion policies, and trained each in simulation, although that meant an extra step smooshing those separate skills together in the real world to perform useful tasks.
Successfully performing a combined locomotion and manipulation task requires one high-quality expert demonstration. The robot remembers what commands the human gave during the demonstration, and then creates a behavior tree that it can follow that breaks up the tasks into a bunch of connected locomotion and manipulation sub-tasks that it can perform in order. This also adds robustness to the system, because if the robot fails any sub-task, it can rewind its way back through the behavior tree until it gets back to a point of success, and then start over from there.
This particular robot (a Unitree Go1 with an Intel RealSense for perception) manages to balance itself against a wall to press a wheelchair access button thats nearly a meter high, and then walk out the open door, which is pretty impressive. More broadly, this is a useful step towards helping non-humanoid...
Arch Linux Installer v2.5.4 Adds Initial Swapfile Support Phoronix
In time for the new month to begin and in turn a new Arch Linux installer ISO, Archinstall 2.5.4 was just released as the newest installer...
Fwd: X.Org Security Advisory: CVE-2023-1393: X.Org Server Overlay Window Use-After-Free Open Source Security
Posted by Olivier Fourdan on Mar 29
-------- Forwarded Message --------Trend Micro Uncovers Yet Another X.Org Server Vulnerability: CVE-2023-1393 Phoronix
For over a decade now the X.Org Server has been seeing routine security disclosures in its massive codebase with some security researchers saying it's even worse than it looks and security researchers frequently finding multiple vulnerabilities at a time in the large and aging code-base that these days rarely sees new feature work. Today another disclosure was made by the folks with the Trend Micro Zero Day Initiative...
Mlofe: Researchers Uncover New Linux Malware Linked to Chinese APT Groups The Hacker News
An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers. French cybersecurity firm ExaTrack, which found three samples of the previously documented malicious software that date back to early 2022, dubbed it Mlofe. One of the artifacts is designed to drop a kernel-mode rootkit that's based on an open source project referred to as
Everything You Should Find Out About Betway Zambia h+ Media
If youre utilizing an Android-powered system, youll have to modify on the Unknown Sources choice and download the .apk file from the site instantly. The casinos finance group takes about 6 hours to course of the fee request. When approved, you want to withdraw money inside hours, relying on the strategy. It often takes around 24 hours for his or her team to review the paperwork.
As soon as you have an account with Betway, you might make your first deposit and claim the first deposit bonus match. The platform accepts a broad range of fee strategies, together with bank transfers, debit and credit cards, and e-wallets, among others. If youre looking for top betting sites with a lot of prizes and top-tier cricket provides, Betway will be your most suitable option. Everything from IPL to worldwide matches is available right here.
Yes, Betway accepts punters from India, and since its servers are based mostly outside the nation, youll be able to place bets legally with this world-renowned online gambling operator. This is arguably the only facet the place Betway comes up short. Likely as a result of sure iGaming regulations, the Indian version of the casino platform solely options live games.
The sports part options the highlights of the leagues. You can see betting boosts, guess slip, and cash out possibility simply. In order to play and make bets easily, you should understand the location itself. This is so you wouldnt be caught unaware or have any issues as you wager along. Thankfully, Betway has neatly organized the location so you can simply navigate it when you log in. Even in case you are new to online casinos or sportsbooks, you can find your method round.
In addition to this is the ever-exciting three-way Casino Bonus, which offers a 100% matched bonus of up to INR 60,000. To elaborate, the primary deposit offers 100 percent up to INR 15,000, whereas the second deposit offers 25% as a lot as INR 15,000. As for the third deposit, it presents a whopping 50% matched bonus as a lot as INR 30,000. Other bets the positioning offers are the Betway Freebet from the Free wager membership and Power cards that permit you to earn up to INR 3000.
For more snug betting, the bookmaker presents high-quality infographics and a match-center with statistical information. Withdrawal fee strategies also set up minimal limits, which youll study more about on the websites cashier part. The common processing time for withdrawal transactions is seventy two hours, as the sportsbook has to confirm your account and details. Newly registered gamers can immediately claim a welcome provide of a 4,000 matched free bet if their first wager loses. Players who make their first deposit via bank switch can even declare a welcome package of a one hundred pc deposit match up to 2500.
As for withdrawals, create an e-wallet account and your Betway...
Betway India Evaluation 100% Match As Much As Eight,000 Bonus h+ Media
Within the Bollywood part, you can take pleasure in spin-offs of in style Indian games. In prime positions are Andar Bahar, Satta Matka, Cricket Roulette, and Indian blackjack. Lets cast a closer eye on Betway online on line casino and discover its marquee property. On a global level, youll find a way to wager on the World Cup, UEFA Nations League, Euro 2024, and Copa Libertadores, among other options. Additionally, the site boasts a first-class poker room and a racebook.
If youre a beginner, dont fear there are lots of tables with lower limits. If youre a excessive roller set on spending 1000s, Betways live on line casino offers private VIP tables. There are dozens of nice games all streamed in HD quality within the stay casino, so that you definitely shouldnt miss it. Players at Betway can bet on any and all soccer matches from any nook of the world in their betting account.
Football betting is a crucial part of the location and it comes as no surprise to see them accomplish that properly on this department too. In reality, a majority of Betway reviews online have praised their football section. As talked about, Betways cricket markets are an absolute pleasure for Indian cricket followers. Choose from IPL betting and the Ashes to all main international competitions and a selection of different events. Test matches, ODIs, T20 all cricket formats are available here. Thanks to the implementation of SSL security features, the private info you enter at Betway is protected.
You can request Betway for a cool-off interval, and they are going to lock your account for a decided period or completely. The sooner the nation regulates its playing legal guidelines and governments can gather, the sooner extra money. Taxing such a worthwhile exercise might reel in critical revenues that may assist out communities in want. Luckily for you, we want to reply the is Betway authorized in India query once and for all, so you presumably can have a clear image of what youre doing and what you should do. But earlier than we get started, you should know that gambling isnt properly legislated in India, and laws and laws rely on your state.
Live supplier video...
Clipper attacks use Trojanized TOR Browser installers Security Affairs
The victims download the Tor Browser from a third-party server and execute it as torbrowser.exe. The researchers noticed that the installer is not digitally signed, it is just a RAR SFX (self-extracting executable) archive.
The archive contains the following files:
Upon executing the SFX, the original torbrowser.exe and the RAR extraction tool are launched on the embedded password-protected RAR archive. The archive is password-protected to evade detection.
It doesnt protect the malware from sandbox-based detection. The password and the destination for the extraction are part of the trojanized torbrowser.exe executable, and may be extracted via manual analysis....
Search Outcomes For Betway h+ Media
Players who tend to make use of extra betting apps could make use of the betway sports app. The app is out there in both iOS and APK versions, customers may even claim the latest promotions provides of the bookmaker through the app. With a live casino lobby that challenges one of the best, punters could have a subject day. The platform is easy to use and selecting a sport is very simple. There are generous limits, permitting newcomers and high rollers to benefit from the playing expertise. Here you can find the most effective online casinos in Indian Rupees, offering top actual cash video games like slots, roulette, and Andar Bahar.
With a single-minded focus and unperturbed by other sports, Pranchal likes to keep issues simple and enjoys spending time with household and friends. Using conventional strategies could be tougher in India than elsewhere. If you need to play in an internet on line casino for actual cash , you will virtually definitely have to use an eWallet service to maneuver your money back and forth. There are a wide selection of payment choices available at Betway online. There are all the most typical cost strategies obtainable, in addition to a couple of extra, corresponding to Maestro, Skrill, Neteller, Paysafecard, iDebit, EPS, Neosurf, PayPal, and so forth.
You will get plus factors each time you wager, depending on the odds. These factors can later be redeemed for loyalty bonuses, credit, and free bets. As part of a personal account, all the necessary capabilities are available, but on the identical time, there is nothing superfluous. To do this, you want to log into the previously created account in Betway.
Most of the elements of it recommend a eager give attention to sports bettors. However, there are a few things they need to fix, especially on the app, so that it doesnt lag during main tournaments and occasions. They supply a lot of fascinating options, which embody cricket betting options, and other live betting.
As soon as you might have an account with Betway, you may make your first deposit and declare the first deposit bonus match. The platform accepts a broad vary of cost methods, including financial institution transfers, debit and credit cards, and e-wallets, amongst others. If youre on the lookout for prime betting websites with plenty of prizes and top-tier cricket offers, Betway shall be your most suitable option. Everything from IPL to worldwide matches is available right here.
The bookmaker exclusively offers legal sports betting and online on line casino gaming companies that do not violate Indian laws. Yes, Betway casino is respectable and presents a variety of video games you can have fun with. Some well-liked choices gamers can discover embrace slots, poker, roulette, baccarat, bingo, and blackjack. A participant is at liberty to determine on what appeals most to them. At Betway, they give you the most effective on-line...
Is Betway Authorized In India? h+ Media
Or, try Football Studio and Monopoly Live for something slightly different. Live betting is considered one of the most enjoyable components of any on-line bookmaker and Betway allows its users to get pleasure from this characteristic. People often change their minds whereas the match is on and Live Betting opens the doorways of plenty of alternatives as the percentages maintain altering while the match is going on.
DraftKings is certainly one of the legit sportsbooks you can guess on for real cash. The sportsbook offers its clients superb sports betting service with nice evaluations for its banking and buyer help. To conclude, wed like to say that, if not the best, Betway is among the many top-performing on-line betting websites. We highly suggest you give it a attempt to avail one of the best bonuses and provides alongside the extremely competitive match odds.
Information in regards to the quantity, high quality, purity, potency, price, and commonplace of products or services. Zurich , March 24 Narrated by Welsh actor and football fan Michael Sheen, Written within the Stars is the Official Film of the first FIFA World Cup to be held in the Middle East. No information contained on the SevenJackpots.com web site is meant for illegal purposes. This material is for common data only and is not meant as authorized recommendation and no duty of care is owed to any reader. The readers of this materials are requested to have interaction their own authorized counsel so as to make any legal or enterprise choices and to obtain authorized advice particular to them. Betway accepts Indian rupees and will show your account money steadiness in Indian rupees as nicely.
one hundred pc match bonus based on first deposit of 1200+ as much as Rs.15,000. The given personal data corresponding to name, ID details have to be actual and all payments must be made beneath the same name. Your request will show as Confirmed however relying on the withdrawal methodology you select, it could possibly take as much as 5 working days for the cash to reach your account. Has to offer to see how we answered that all-important query of Is Betway reliable?
Betway may also be supporting content material highlighting the work of SORAI (Save our Rhinos Africa & India) which was Kevins brainchild. Founded after he was launched to wildlife preservation when he was taken on a rhino tagging operation. Pietersen has thrown himself into numerous fundraising projects, working with endangered animals in Africa and India.
Winning is nice, and getting paid out in time and in a protected way is even higher. Our payout guide will let you know how to spot casinos with fast payouts. Security is understandably a giant concern for anybody gambling on their cell system. It neednt be although as any cell web site we recommend comes with the highest levels of safety, which means you can gamble with confidence. Of...
Take A Look At Our Betway Evaluation h+ Media
You could win some huge cash, but you can simply as quickly lose every thing you may have in a second. Under this promotion, if you place a wager on any match and you end up losing it, youll still have a chance. If the final ball of the match is a boundary, then you will receive a free wager. To play on-line on Betway and earn cash you have to create account enroll on the official website. Here we have the steps you have to follow to get your Sign-up bonus. When you observe the steps mentioned beneath, you can easily create a model new account on the betting web site and unlock your Welcome Bonus.
Please notice the free bet cant be used for multi-line bets. If the bonus just isnt used, its burned seven days after its credited. Blackjack for one or two decks, roulette, baccarat 5% of the bet.
A lot of users take pleasure in their hours enjoying these and are entitled to avail presents that include them. However, when it comes to actual money on line casino video games, the offer boils down to simply the reside part because of some regulatory restrictions. Online websites are all the time in competitors with each other and have resourceful presents coming as a lot as be the best within the business. However, Betway has received you coated as they ensure their users get one of the best betting experience on life and pre-match occasions. The web site additionally supplies betting choices corresponding to Parlays, In-game betting, prematch, exchange wagering, fixed odds wagering, Proposition bets, and so forth. You ought to know that Indias gambling legal guidelines are very outdated, and they dont even point out on-line gambling, online casinos, and on-line sports activities betting web sites in most cases.
Before you name over the phone or write an e mail, I suggest visiting the Help section in your account first. That said, the Betway site makes up for it brilliantly with their promotions. In reality, after we have been asked to evaluation Betway, the promotions section took us by surprise.
Last however not least, Betway offers all of the betting facilities you want, such as cash out, stay streaming, and extra. This demonstrates its robust pedigree in the sports group. You should read the T&C carefully to learn about this unique wagering coverage. Choose between the supplied deposit strategies and enter the required details.
How to Build a Research Lab for Reverse Engineering 4 Ways The Hacker News
Malware analysis is an essential part of security researcher's work. But working with malicious samples can be dangerous it requires specialized tools to record their activity, and a secure environment to prevent unintended damage. However, manual lab setup and configuration can prove to be a laborious and time-consuming process. In this article, we'll look at 4 ways to create a reverse
Smart Mobility has a Blindspot When it Comes to API Security The Hacker News
The emergence of smart mobility services and applications has led to a sharp increase in the use of APIs in the automotive industry. However, this increased reliance on APIs has also made them one of the most common attack vectors. According to Gartner, APIs account for 90% of the web application attack surface areas. With no surprise, similar trends are emerging also in the smart mobility
More ChatGPT / Bing News SoylentNews
There is no honor among chatbots:
Criminals are already using ChatGPT to commit crimes, Europol said in a Monday report that details how AI language models can fuel fraud, cybercrime, and terrorism.
[...] Now, the European Union's law enforcement agency, Europol, has detailed of how the model can be misused for more nefarious purposes. In fact, people are already using it to carry out illegal activities, the cops claim.
"The impact these types of models might have on the work of law enforcement can already be anticipated," Europol stated in its report [PDF]. "Criminals are typically quick to exploit new technologies and were fast seen coming up with concrete criminal exploitations, providing the first practical examples mere weeks after the public release of ChatGPT."
Although ChatGPT is better at refusing to comply with input requests that are potentially harmful, users have found ways around OpenAI's content filter system. Some have made it spit out instructions on how to create a pipe bomb or crack cocaine, for example. Netizens can ask ChatGPT to learn about how to commit crimes and ask it for step-by-step guidance.
"If a potential criminal knows nothing about a particular crime area, ChatGPT can speed up the research process significantly by offering key information that can then be further explored in subsequent steps. As such, ChatGPT can be used to learn about a vast number of potential crime areas with no prior knowledge, ranging from how to break into a home, to terrorism, cybercrime and child sexual abuse," Europol warned.
The agency admitted that all of this information is already publicly available on the internet, but the model makes it easier to find and understand how to carry out specific crimes. Europol also highlighted that the model could be exploited to impersonate targets, facilitate fraud and phishing, or produce propaganda and disinformation to support terrorism.
[...] ChatGPT's ability to generate code - even malicious code - increases the risk of cybercrime by lowering the technical skills required to create malware.
Read more of this story at SoylentNews.
Qt Creator 10 Released With Improved C++20 Support, QML Code Model From Qt 6.5 Phoronix
Robot 3D Prints Giant Metal Parts with Induction Heat Hackaday
While our desktop machines are largely limited to various types of plastic, 3D printing in other materials offers unique benefits. For example, printing with concrete makes it possible to quickly build houses, and weve even seen things like sugar laid down layer by layer into edible prints. Metals are often challenging to print with due to its high melting temperatures, though, and while this has often been solved with lasers a new method uses induction heating to deposit the metals instead.
A company in Arizona called Rosotics has developed a large-scale printer based on this this method that theyre calling the Mantis. It uses three robotic arms to lay down metal prints of remarkable size, around eight meters wide and six meters tall. It can churn through about 50 kg of metal per hour, and can be run off of a standard 240 V outlet. The company is focusing on aerospace applications, with rendered rocket components that remind us of what Relativity Space is working on.
AMD Adds New Option To Help Improve Debugging With RADV & RadeonSI Drivers Phoronix
Merged to Mesa 23.1-devel yesterday was UMD metadata v2 support for the RADV and RadeonSI drivers to provide extra metadata that can be optionally enabled to help with Radeon GPU debugging...
Linux 6.4 Adding Support For Many Kye/Genius Drawing Tablets Phoronix
The upcoming Linux 6.4 kernel cycle is set to introduce support for a number of Kye drawing tablets, which are also marketed as Genius tablets...
OBS Studio 29.1 Beta 1 Released With New AV1/HEVC Streaming Over RTMP Phoronix
Days after landing AV1 and HEVC streaming support over RTMP to allow game streamers and other livecasting with OBS Studio to YouTube to happen via AV1/HEVC as an alternative to H.264, OBS Studio 29.1 Beta 1 has been tagged...
Trojanized TOR Browser Installers Spreading Crypto-Stealing Clipper Malware The Hacker News
Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper malware designed to siphon cryptocurrencies since September 2022. "Clipboard injectors [...] can be silent for years, show no network activity or any other signs of presence until the disastrous day when they replace a crypto wallet address," Vitaly Kamluk, director of
Valve is Ending Steam Support for Windows 7, 8, and 8.1 SoylentNews
Valve is ending Steam support for Windows 7, 8, and 8.1:
Are you among the few people still using Windows 7, 8, or 8.1 and playing games via Steam? If so, you might want to upgrade to a the date Valve is terminating Steam support for those older operating systems.
Valve made the surprise announcement in a Steam support post. It writes that as of January 1, 2024, Steam will officially stop supporting the Windows 7, Windows 8, and Windows 8.1 operating systems. After that date, the Steam Client will no longer run on those versions of Windows. In order to continue running Steam and any games or other products purchased through Steam, users will always switch to Linux.
Valve's reasoning for dropping Windows 7, 8, and 8.1 is due to longer functions on older versions of Windows. The company adds that future versions of Steam will require Windows feature and security updates only present in Windows 10 and above.
It was just last month when Chrome 110 was released, the first "https://www.techspot.com/news/97551-google-releases-chrome-110-parts-ways-windows-7.html"> not to support Windows 7. Edge no longer supports these operating systems, either, and Microsoft's extended support for Windows 7 and 8 ended in January.
A quick look at the latest Steam survey shows only a small number of people will be disappointed by Valve's decision assuming they weren't planning on upgrading in the next nine months. The survey results show that 1.43% of participants still use Windows 7 64-bit, while 0.34% use Windows 8.1 64-bit and 0.09% use Windows 7.
Read more of this story at SoylentNews.
The International Longevity Summit will be held August 23-24 in South Africa. Lifeboat News
The International Longevity Summit will be held August 2324 in South Africa.
Our Maria Entraigues Abramson, Alexandra Bause, Evelyne Yehudit Bischof, Jos Luis Cordeiro, Stephanie Dainow, Goffredo Giordano, Aubrey de Grey, snkch km Kl, Andrea B. Maier, Martin ODea, Elizabeth Parrish, Brenda Ramokopelwa, Paul Spiegel, and Natasha Vita-More will be speaking.If you wanted to create a VGA card, you might think about using an FPGA. But there are simpler ways to generate patterns, including an old-fashioned EPROM, as [DrMattRegan] points out in a recent video.
Generating video signals is an exercise in periodicity. After all, an old-fashioned CRT just scans at a certain horizontal frequency and refreshes the entire screen each time it starts over. VGA is made to drive this technology. An EPROM chip can easily generate repeating patterns when driven by a counter at a known frequency.
As you might expect, there were a few software glitches to work out, but in the end, the circuit did its job, displaying a fixed image on a VGA monitor.
If you havent run into [Matt] before, he has a complete series on how he built a wire-by-wire Apple II clone. We will warn you, though. Dont click on the link unless you have some spare time. The 18 videos take over two hours to work through, but there is some beautiful prototyping and a lot of good information in them.
You can go even lower tech for a VGA card, if you like. Just try not to look like this breadboard.
...
Links 29/03/2023: New Finnix and EasyOS Kirkstone 5.2 Techrights
This weeks episode of Destination Linux, we will be discussing building an autom...
China Shuts Down Major Manga Piracy Site Following Complaint From Japan TorrentFreak
Rightsholders and anti-piracy groups in Japan are committing considerable resources to their fight against online piracy.
While no targets are off limits, site owners who operate inside Japan present fewer challenges than those based overseas. A new report from anti-piracy group CODA indicates that with persistence and smart tactics, solutions can be found in difficult overseas regions.
Manga piracy site B9Good initially appeared in 2008 and established itself under B9DM branding. SimilarWeb stats show that the site was enjoying around 15 million visits each month, with CODA noting that in the two-year period leading to February 2023, the site was accessed more than 300 million times Around 95% of the sites visitors came from Japan.
B9Good had been featured in an MPA submission to the USTRs notorious markets report in 2019. Traffic was reported as almost 16 million visits per month back then, meaning that site visitor numbers remained stable for the next three years. The MPA said the site was possibly hosted in Canada, but domain records since then show a wider spread, including Hong Kong, China, United States, Bulgaria, and Japan.
Wherever the site ended up, the location of its operator was more important. In 2021, CODA launched its International Enforcement Project (CBEP), which aimed to personally identify the operators of pirate sites, including those behind B9Good who were eventually traced to China.
Pursuing copyright cases from outside China is reportedly difficult, but CODA had a plan. In January 2022, CODAs Beijing office was recognized as an NGO with legitimate standing to protect the rights of its member companies.
Working on behalf of Aniplex, TV Tokyo, Toei Animation, Toho, Japan Broadcasting Corporation (NHK), and Bandai Namco Film Works, CODA filed a criminal complaint in China, and starting February 14, 2023, local authorities began rounding up the B9Good team.
CODA reports that public security authorities in Jiangsu Province, China, detained a 33-year-old unemployed man living in Chongqing on February 14. He was held under suspicion of operating B9Good and later confessed to his involvement.
The man was held until March 19 before being released on bail. His house, reportedly worth around $580,000, was seized by the authorities.
From February 18 to March 21, Chinese authorities arrested three more people. A 30-year-...
Globalists Polycrisis Of Doom Is Of Their Own Making Terra Forming Terra
The Perfect Storm Hits Our Food Supply Chain? Terra Forming Terra
The CHURCH Terra Forming Terra
World first study shows how EVs cut pollution levels and reduce costly health problems Terra Forming Terra
IRC Proceedings: Tuesday, March 28, 2023 Techrights
Also available via the Gemini protocol at:
Over HTTP:
... |
Cultured Meat Firm Resurrects Woolly Mammoth in Lab-grown Meatball SoylentNews
Cultured meat firm resurrects woolly mammoth in lab-grown meatball:
Truth, as the saying goes, is often stranger than fiction. The very notion of resurrecting the long-extinct woolly mammoth was the stuff of fantasy not that long ago, but scientists are already working on ways to achieve something close to that, using DNA from soft-tissue in frozen mammoth remains and meshing it with that of a modern-day elephant.
But while such "de-extinction" projects may or may not ultimately succeed, one company is already laying claim to having produced the first meat product made from mammoth DNA.
Vow, an Australian cultivated food company that creates meat in a laboratory setting from animal cells, says that it has used advanced molecular engineering to resurrect the woolly mammoth in meatball form, by combining original mammoth DNA with fragments of an African elephant's DNA.
There's little question that cultivated meat is coming, evidenced by the countless companies raising vast swathes of venture capital funding to produce meat and fish in a lab from animal cells, as well as the fact that companies are now starting to receiving the blessings of regulators such as the U.S. Food and Drug Administration (FDA). But while pork sausages and seafood make sense insofar as they are food that people are familiar with, Vow which closed a $49.2 million round of funding just a few months ago is clearly upping the ante with its foray into the world of extinct animals.
It's worth acknowledging that there is a sizeable element of marketing magicianship to this announcement. The very concept was devised by communications agency and WPP-subsidiary...
North Korean APT43 Group Uses Cybercrime to Fund Espionage Operations The Hacker News
A new North Korean nation-state cyber operator has been attributed to a series of campaigns orchestrated to gather strategic intelligence that aligns with Pyongyang's geopolitical interests since 2018. Google-owned Mandiant, which is tracking the activity cluster under the moniker APT43, said the group's motives are both espionage- and financially-motivated, leveraging techniques like credential
Kino Wheels Gives You a Hand Learning Camera Operation Hackaday
Have you ever watched a movie or a video and really noticed the quality of the camera work? If you have, chances are the camera operator wasnt very skilled, since the whole point of the job is to not be noticed. And getting to that point requires a lot of practice, especially since the handwheel controls for professional cameras can be a little tricky to master.
Getting the hang of camera controls is the idea behind [Cadrage]s Kino Wheels open-source handwheels. The business end of Kino Wheels is a pair of DIN 950 140mm spoked handwheels because of course theres a DIN standard for handwheels. The handwheels are supported by sturdy pillow block bearings and attached to 600 pulse/rev rotary encoders, which are read by an Arduino Mega 2560....
How cybersecurity decision-makers perceive cyber resilience Help Net Security
In an economic climate putting immense pressure on business leaders to prove ROI and team efficiency a new report from Immersive Labs looks into the lack of confidence cyber leaders have in their teams preparation and abilities to combat cyber incidents. In this Help Net Security video, Max Vetter, VP of Cyber at Immersive Labs, discusses the growing pressure on cybersecurity teams to prove their readiness for new and emerging threats.
The post How cybersecurity decision-makers perceive cyber resilience appeared first on Help Net Security.
New York law firm gets fined $200k for failing to protect health data Help Net Security
A New York law firm has agreed to pay $200,000 in penalties to the state because it failed to protect the private and electronic health information of approximately 114,000 patients. How did the data theft happen? Heidell, Pittoni, Murphy and Bach (HPMB) represents New York City area hospitals in litigation and maintains sensitive private information from patients, including dates of birth, social security numbers, health insurance information, medical history, and/or health treatment information. In November More
The post New York law firm gets fined $200k for failing to protect health data appeared first on Help Net Security.
[Meme] Fraud Seems Standard to Standard Life Techrights
Summary: Sirius Open Source has embezzled and defrauded staff; now it is being protected (delaying and stonewalling tactics) by those who helped facilitate the robbery
Previously/context:
NOW: Pensions and Standard Life (Phoenix Group Holdings) Not Progressing Fraud Investigations schestowitz.com
Fraud investigations in the era of bankers going rogue
Summary: Based on our experiences and findings, one simply cannot rely on pension providers to take fraud seriously (weve been working as a group on this); all they want is the money and risk does not seem to bother them, even when theres an actual crime associated with pension-related activities
THIS site isnt a personal site (unlike my personal blog and personal site, schestowitz.com), but the issue seems commonplace and it impacts workers in tech (in my case, my former employer was an early sponsor of the Free Software Foundation).
I wanted to just post a quick update to say that 2 days ago I contacted two pension providers regarding their ongoing investigations of actual fraud. I wrote to them:
Is there any concrete progress on this yet?
This back-and-forth inquiry with your staff has gone on since January.
Were fast approaching April and former Sirius staff does not want to be left aside as Aprils fools.
The company is rapidly losing clients and may soon have key evidence in its shredders. Please progress this ASAP, even if there are not many of us and Sirius is not a large company.
We need action, not merely acknowledgements.
45 hours have passed and not even a reply from them!
One of the pension providers has not yet delivered what it promised it would send. The other has been mostly sitting on it for 3 weeks already. So whats going on? Is this how Britains pension industry deals with fraud?
Sirius, the company, is in hiding and it is losing customers (we kept noting escalation would follow for failure to provide a real address; it seems possible they not only squandered many peoples pensions but went even further). How long will it take for pension providers to take action? Will they wait until the company goes bankrupt? It might be too late by then. At a later stage well explain why such delays can implicate the pension providers, making them partly accountable/complicit.
Sirius wasnt always this rogue. Those pension providers too used to be more trustworthy, even putting their logos on athletes uniform to earn some trust (as if football is a badge of integrity). At one point Sirius had its logo on the jerseys of a young peoples football team (photo above), but that was a very long time ago. Nowadays it seems like the CEO of S...
3 Months to Progress Pension Fraud Investigations in the United Kingdom Techrights
Fraud investigations in the era of bankers going rogue
Summary: Based on our experiences and findings, one simply cannot rely on pension providers to take fraud seriously (weve been working as a group on this); all they want is the money and risk does not seem to bother them, even when theres an actual crime associated with pension-related activities
THIS site isnt a personal site (unlike my personal blog and personal site, schestowitz.com), but the issue seems commonplace and it impacts workers in tech (in my case, my former employer was an early sponsor of the Free Software Foundation).
I wanted to just post a quick update to say that 2 days ago I contacted two pension providers regarding their ongoing investigations of actual fraud. I wrote to them:
Is there any concrete progress on this yet?
This back-and-forth inquiry with your staff has gone on since January.
Were fast approaching April and former Sirius staff does not want to be left aside as Aprils fools.
The company is rapidly losing clients and may soon have key evidence in its shredders. Please progress this ASAP, even if there are not many of us and Sirius is not a large company.
We need action, not merely acknowledgements.
45 hours have passed and not even a reply from them!
How long will it take for pension providers to take action? Will they wait until the company goes bankrupt?One of the pension providers has not yet delivered what it promised it would send. The other has been mostly sitting on it for 3 weeks already. So whats going on? Is this how Britains pension industry deals with fraud?
Sirius, the company, is in hiding and it is losing customers (we kept noting escalation would follow for failure to provide a real address; it seems possible they not only squandered many peoples pensions but went even further). How long will it take for pension providers to take action? Will they wait until the company goes bankrupt? It might be too late by then. At a later stage well explain why such delays can implicate the pension providers, making them partly accountable/compl...
Visa fraud expert outlines the many faces of payment ecosystem fraud Help Net Security
In this Help Net Security interview, Michael Jabbara, the VP and Global Head of Fraud Services at Visa, delves into digital skimming attacks, highlighting their common causes, and provides insights into what measures merchants can take to prevent them. He also covers the steps payment processors and e-commerce merchants can take to safeguard themselves against enumeration attacks, and much more. What are some common causes of digital skimming attacks, and what can merchants do to More
The post Visa fraud expert outlines the many faces of payment ecosystem fraud appeared first on Help Net Security.
If you publish it, it will rank catonmat.net
TLDR: If you build it, they will come, and if you add paid plans, they will buy, and if you publish it, it will rank.
Publish too and see you next time!
Ignoring network automation is a ticking time bomb for security Help Net Security
IT professionals are frustrated due to the rise in network update velocity and tech stack sprawl, lack of support from leadership, and disagreements and concerns about the approach to resolving network issues, according to BackBox. Network and security device updates are crucial, but they are time-consuming and prone to human error when managed manually. 92% of network security and operations pros say there are more network updates needed than they can keep up with. Lack More
The post Ignoring network automation is a ticking time bomb for security appeared first on Help Net Security.
U.S. Rolls Out Strict Rules for Commercial Spyware Use, Amidst Rash of Hacks SoylentNews
U.S. Rolls Out Strict Rules for Commercial Spyware Use, Amidst Rash of Hacks:
The new regulation allows the government to ban a particular vendor's spyware from being used by agencies, if the company's product is found to have contributed to human rights violations, has been used to target U.S. citizens, or has been wielded against activists or journalists. In essence, the government is using its presence as a major consumer of defense and security products as a cudgel to encourage surveillance firms to behave or face blacklisting.
The announcement comes amidst revelations that more U.S. officials have been targeted by spyware than previously believed. On the same day that the executive order was announced, a senior US administration staffer told reporters that as many as 50 American officials are suspected or confirmed to have been targeted by commercial spyware in recent years. Previous reporting on this subject has focused on a handful of diplomats in foreign countries who had allegedly been targeted for surveillance. The new tally shows that, in reality, the imprint of foreign campaigns aimed at U.S. officials may be much broader.
"Commercial spyware sophisticated and invasive cyber surveillance tools sold by vendors to access electronic devices remotely, extract their content, and manipulate their components, all without the knowledge or consent of the devices' users has proliferated in recent years with few controls and high risk of abuse," the White House's announcement reads. "The proliferation of commercial spyware poses distinct and growing counterintelligence and security risks to the United States, including to the safety and security of U.S. Government personnel and their families."
Read more of this story at SoylentNews.
Microsoft announces Microsoft Incident Response Retainer Help Net Security
Microsoft has introduced Microsoft Incident Response Retainer, allowing customers to pre-pay and count on help from Microsoft incident responders before, during and after a cybersecurity crisis. Cybersecurity challenges faced by organizations Organizations are facing numerous cyber attacks that can negatively affect their finances and reputation. Firms, especially small ones, often dont have dedicated teams that can deal with a cyber incident they simply dont have the time, resources, or expertise to build an in-house More
The post Microsoft announces Microsoft Incident Response Retainer appeared first on Help Net Security.
Netwrix upgrades its product portfolio and launches Netwrix 1Secure Help Net Security
Netwrix has released new versions for five products since September 2022 and launched a new SaaS-based auditing solution tailored for MSPs. Netwrix keeps enhancing its portfolio to help identify, protect, detect, respond, and recover from cyber threats aimed at any organizations most valuable asset its data. Solutions with notable key enhancements include the following: Data access governance solution Netwrix Data Classification 5.7 now streamlines configuration of security controls across SQL databases and speeds More
The post Netwrix upgrades its product portfolio and launches Netwrix 1Secure appeared first on Help Net Security.
NTTs MDR service improves cyber resilience for organizations Help Net Security
NTT has launched its Managed Detection and Response (MDR) security service to help companies achieve business performance objectives through improved cyber resilience. The cloud-native, analytics-driven offering combines human and machine expertise with leading technologies and threat intelligence to reduce the mean time to detect and respond to cyber attacks. The MDR service is built on Microsoft Sentinel, Microsofts security information and event management (SIEM) platform, powered by AI, automation, and threat intelligence. Sentinel enables organizations More
The post NTTs MDR service improves cyber resilience for organizations appeared first on Help Net Security.
Protegrity Borderless Data Solution enables compliant cross-border data flows Help Net Security
Protegrity has launched the Protegrity Borderless Data Solution to enable easy, secure and compliant cross-border data flows for large global enterprises. The new solution brings together a suite of data security tools designed to help the worlds largest banks, retailers and health insurers continue to reap the benefits of their investments in globalization in an increasingly unstable and fragmented global privacy regulatory landscape. Cross-border data flows are the cornerstone of our rapidly digitizing global economy, More
The post Protegrity Borderless Data Solution enables compliant cross-border data flows appeared first on Help Net Security.
HackNotice Actions helps people to understand the extent of their data exposure Help Net Security
HackNotice is offering additional tailored protection via its new service, HackNotice Actions. Further empowering employees, HackNotice Actions reaches out to any company where a persons PII or other data has been compromised, and asks for a full report on or erasure of the persons data, in addition to other functionalities. Specifically, HackNotice Actions sends an official email on the users behalf to compromised companies, which asks for a full report on exposed information and, if More
The post HackNotice Actions helps people to understand the extent of their data exposure appeared first on Help Net Security.
History of the SPARC CPU Architecture Hackaday
[RetroBytes] nicely presents the curious history of the SPARC processor architecture. SPARC, short for Scalable Processor Architecture, defined some of the most commercially successful RISC processors during the 1980s and 1990s. SPARC was initially developed by Sun Microsystems, which most of us associate the SPARC but while most computer architectures are controlled by a single company, SPARC was championed by dozens of players. The history of SPARC is not simply the history of Sun.
A Reduced Instruction Set Computer (RISC) design is based on an Instruction Set Architecture (ISA) that runs a limited number of simpler instructions than a Complex Instruction Set Computer (CISC) based on an ISA that comprises more, and more complex, instructions. With RISC leveraging simpler instructions, it generally requires a longer sequence of those simple instructions to complete the same task as fewer complex instructions in a CISC computer. The trade-off being the simple (more efficient) RISC instructions are usually run faster (at a higher clock rate) and in a highly pipelined fashion. Our overv...
Summary: Techrights is still growing; in WordPress alone (not the entire site) were fast approaching 36,000 posts; in Gemini its almost 45,500 pages and our IRC community turns 15 soon
Contrary to What Bribed (by Microsoft) Media Keeps Saying, Bing is in a Freefall and Bing Staff is Being Laid Off (No, Chatbots Are Not Search and Do Not Substitute Web Pages!) Techrights
In the worlds most populous nation Bing has gone down even further (soon falling below 1%! Elsewhere also!)
Summary: Chatbots/chaffbot media noise (chaff) needs to be disregarded; Microsoft has no solid search strategy, just lots and lots of layoffs that never end this year (Microsoft distracts shareholders with chaffbot hype/vapourware each time a wave of layoffs starts, giving financial incentives for publishers to not even mention these; right now its GitHub again, with NDAs signed to hide that it is happening)
NEW 'Off The Wall' ONLINE 2600 - 2600: The Hacker Quarterly
The new edition of Off The Wall from 03/28/2023 has been archived and is now available online.
Full RMS Talk (A Tour of Malicious Software) Uploaded 10 Hours Ago Techrights
Summary: The talk is entitled A tour of malicious software, with a typical cell phone as example. Richard Stallman is speaking about the free software movement and your freedom. His speech is nontechnical. The talk was given on March 17, 2023 in Somerville, MA.
Licence: CC BY-ND 4.0
With our commentary: New Talk: Richard Stallman Explains His Problem With Rust (Trademark Restrictions), Openwashing (Including Linux Kernel), Machine Learning, and the JavaScript Trap
ChatGPT Gets Eyes and Ears With Plugins That Can Interface AI With the World SoylentNews
ChatGPT gets "eyes and ears" with plugins that can interface AI with the world:
On Thursday, OpenAI announced a plugin system for its ChatGPT AI assistant. The plugins give ChatGPT the ability to interact with the wider world through the Internet, including booking flights, ordering groceries, browsing the web, and more. Plugins are bits of code that tell ChatGPT how to use an external resource on the Internet.
Basically, if a developer wants to give ChatGPT the ability to access any network service (for example: "looking up current stock prices") or perform any task controlled by a network service (for example: "ordering pizza through the Internet"), it is now possible, provided it doesn't go against OpenAI's rules.
Conventionally, most large language models (LLM) like ChatGPT have been constrained in a bubble, so to speak, only able to interact with the world through text conversations with a user. As OpenAI writes in its introductory blog post on ChatGPT plugins, "The only thing language models can do out-of-the-box is emit text."
I see (and hear) you!
Read more of this story at SoylentNews.
Links 28/03/2023: KPhotoAlbum 5.10.0 and QSoas 3.2 Techrights
HPR3823: Gitlab Pages for website hosting Hacker Public Radio
How it works https://docs.gitlab.com/ee/user/project/pages/ GitLab always deploys your website from a specific folder called public in your repository. To deploy your site, GitLab uses its built-in tool called GitLab CI/CD to build your site and publish it to the GitLab Pages server. The sequence of scripts that GitLab CI/CD runs to accomplish this task is created from a file named .gitlab-ci.yml, which you can create and modify. A specific job called pages in the configuration file makes GitLab aware that you're deploying a GitLab Pages website. Overview of Steps The end state has to be a directory named public that contains the site contents Optionally, run a build process in a container to create the contents of the public directory There has to be a pages declaration in .gitlab-ci.yml Example 1 simple demo Create the Git repo and site content Go to gitlab and create new Gitlab repo Clone it to your workstation Add public folder with site files add .gitlab-ci.yml Commit and push git clone git@gitlab.com:norrist/simple_pages_demo.git cd simple_pages_demo/ mkdir public echo "Hello World" > public/index.html git add public/ vim .gitlab-ci.yml git add .gitlab-ci.yml git commit -am "new page" git push .gitlab-ci.yml pages: stage: deploy script: - echo artifacts: paths: - public Pages settings Menu on left, Settings, Pages Your pages are served under: Example 2 docs.norrist.xyz Combine my HPR show notes into a single page Custom Domain Verified with TXT record .gitlab-ci.yml image: "debian" before_script: - apt-get update - apt-get install -y pandoc stages: - build pages: stage: build script: - bash build_html.sh artifacts: paths: - public set -euo pipefail IFS=$'nt' mkdir -pv public for MD in $(ls *md) do echo # echo "---" # echo # echo "#" $MD echo echo "---" echo cat $MD done |pandoc -H markdown.header -B body.header --toc --toc-depth=1 -f gfm -t html -o public/index.html Example 3 HPR static Build the new HPR static site .gitlab-ci.yml services: - mariadb variables: MYSQL_DATABASE: hpr_hpr MYSQL_ROOT_PASSWORD: mysql connect: stage: .pre image: mysql script: - echo "SELECT 'OK';" | mysql --user=root --password="$MYSQL_ROOT_PASSWORD" --host=mariadb "$MYSQL_DATABASE" pages: image: debian before_script: - apt update - apt -y install libgetopt-complete-perl libmemory-usage-perl libconfig-std-perl libtemplate-perl libtemplate-plugin-dbi-perl libclass-dbi-perl libtie-dbi-perl libdbd-mysql-perl libdate-calc-perl - apt -y install curl mariadb-client git - curl -o hpr.sql http://hackerpublicradio.org/hpr.sql - mysql --user=root --host=mariadb "$MYSQL_DATABASE" --password="...
Software Engineering Gender Bias in Large Language Models It Will Never Work in Theory
A lot of people believe that large language models (LLMs) are going to revolutionize programmingthis recent post is just one example. But from what I can tell, they don't understand what a revolution actually is. It's not just a shuffle of who's at the top and who has to follow their rules; it's something that changes the rules of the game.
This new paper shows that today's LLMs aren't going to do that. Instead, they are going to reinforce and perpetuate the biases in the data on which they were trained. That's not inevitablewe could require their developers to meet verifiable criteria for fairness and safetybut the history of our industry doesn't fill me with hope.
Christoph Treude and Hideaki Hata. She elicits requirements and he tests: software engineering gender bias in large language models. 2023. arXiv:2303.10131.
Implicit gender bias in software development is a well-documented issue, such as the association of technical roles with men. To address this bias, it is important to understand it in more detail. This study uses data mining techniques to investigate the extent to which 56 tasks related to software development, such as assigning GitHub issues and testing, are affected by implicit gender bias embedded in large language models. We systematically translated each task from English into a genderless language and back, and investigated the pronouns associated with each task. Based on translating each task 100 times in different permutations, we identify a significant disparity in the gendered pronoun associations with different tasks. Specifically, requirements elicitation was associated with the pronoun "he" in only 6% of cases, while testing was associated with "he" in 100% of cases. Additionally, tasks related to helping others had a 91% association with "he" while the same association for tasks related to asking coworkers was only 52%. These findings reveal a clear pattern of gender bias related to software development tasks and have important implications for addressing this issue both in the training of large language models and in broader society.
The Rumours Were Right: Many More Microsoft Layoffs This Week, Another Round of GitHub Layoffs Techrights
Microsoft pays the workers to not even talk about it! (See below)
Also see: Layoffs continuing all over the world (hours ago)
Summary: Another round of GitHub layoffs (not the first [1, 2]; wont be the last) and many more Microsoft layoffs; this isnt related to the numbers disclosed by Microsoft back in January, but Microsoft uses or misuses NDAs to hide whats truly going on
Distribution Release: Finnix 125 DistroWatch.com: News
Finnix is a small, self-contained, bootable Linux distribution for system administrators, based on Debian. The project has management through a combination of Debian's Testing and Unstable repositories. "Today marks the release of Finnix 125, the original utility live....
Top Benefits of Using Flutter for Cross-Platform App Development HackRead | Latest Cybersecurity and Hacking News Site
By Owais Sultan
Todays mobile-first world calls for functional solutions that meet the expectations of smartphone users. Creating a user-friendly mobile
This is a post from HackRead.com Read the original post: Top Benefits of Using Flutter for Cross-Platform App Development
A New Gaming Shell For a Mouse Hackaday
For some gamers, having a light fast polling mouse is key. [Ali] of [Optimum Tech] loved his 23-gram mouse but disliked the cord. Not seeing any options for a comparable wireless mouse, he decided to make one himself.
Trying to shortcut the process, he started with an existing wireless mouse from Razer weighing in at a hefty 58 grams. The PCB on its own weighed in at 11 grams and after swapping to a smaller battery, [Ali] had a budget of 10 to 15 grams for the shell. Here is where the meat of this project lives. The everyday objects in your life like the poles that hold up traffic signals or the device youre reading this article on are looked at and used without much thought into why they are what they are. The design of everyday things is a surprisingly deep field and designing a curvy mouse is no excep...
How Brains Synchronize During Cooperative Tasks SoylentNews
Humans are social creatures. But what leads to them being this way? To fully understand how the brain gives rise to social behaviors, we need to investigate it during social encounters. Moreover, we need to analyze not only the internal operations of one brain during social activities but also the dynamic interplay between multiple brains engaged in the same activity. This emerging research field is referred to as "second-person neuroscience" and employs hyperscanning (the simultaneous recording of the activity of multiple brains) as the signature technique.
[...] Now, a research team led by Yasuyo Minagawa of Keio University, Japan, has worked out an elegant solution to this problem. [...]
Each pair of participants (39 pairs in total) engaged in a natural, cooperative, and creative task: the design and furnishing of a digital room in a computer game. They were allowed to communicate freely to create a room that satisfied both. The participants also completed the same task alone as the researchers sought to compare between-brain synchronizations (BBSs) and within-brain synchronizations (WBSs) during the individual and cooperative tasks. The social behavior that the team focused on during the tasks was eye gaze, that is, whether the participants directed their gaze at the other's face. They automatically extracted this behavior from the video footage using an open-source software, which made the data analysis easier.
One of the most intriguing findings of the study was that, during cooperative play, there was a strong BBS among the superior and middle temporal regions and specific parts of the prefrontal cortex in the right hemisphere, but little WBS in comparison. Moreover, the BBS synchronization was strongest when one of the participants raised their gaze to look at the other. Interestingly, the situation reversed during individual play, showing increased WBS within the same regions.
According to Minagawa, these results agree with the idea that our brains work as a "two-in-one system" during certain social interactions. "Neuron populations within one brain were activated simultaneously with similar neuron populations in the other brain when the participants cooperated to complete the task, as if the two brains functioned together as a single system for creative problem-solving," she explains. "These phenomena are consistent with the notion of a 'we-mode,' in which interacting agents share their minds in a collective fashion and facilitate interaction by accelerating access to the other's cognition."
Overall, this study provides evidence hinting at the remarkable capability of the human br...
Toyota Italy accidentally leaked sensitive data Security Affairs
A Japanese multinational accidentally leaked access to its marketing tools, enabling attackers to launch phishing campaigns against its vast pool of customers in Italy.
Toyota Italy accidentally leaked sensitive data for more than one-and-a-half years, until this March. Namely, it exposed secrets for its Salesforce Marketing Cloud and Mapbox APIs. Threat actors could abuse this information to gain access to Toyota clients phone numbers and email addresses and abuse them to launch phishing attacks.
Cybernews has reached out to the car manufacturer, and, at the time of writing, the dataset has been secured. The company said it took extra measures to strengthen its cybersecurity systems and protocols.
Exposed credentials
On February 14, the Cybernews research team discovered an environment file (.env) hosted on the official Toyota Italy website.
Toyota is arguably the biggest vehicle manufacturer worldwide, with over 370,000 employees and about $267 billion in revenue last year. In Europe, it directly employs more than 25,000 people, and operates eight manufacturing plants. While theres no official data on how big Toyota is in Italy, the company has been present in the country for over half a century.
As per Statista, revenue for Toyota Italy is projected to reach approximately $1.8 billion in 2023, and vehicle sales are projected to nearly reach 83,000.
As per Cybernews research team, the company exposed credentials to the Salesforce Marketing Cloud, a provider of digital marketing automation and analytics software and services. Abusing the data, threat actors could access phone numbers and email addresses, customer tracking information, and email, SMS, and push-notification contents.
These credentials could further be exploited to send bogus SMS messages and emails, edit and launch marketing campaigns, create automation scripts, edit content tied with the Salesforce Marketing Cloud, and even send push notifications to Toyotas customers.
This leak is significant as it could have been used to launch somewhat sophisticated phishing campaigns, as attackers would have had access and control over Toyotas official communication channels, making it more likely that victims would fall for such an attack, since the sender information would be legitimate, Cybernews researchers said.
Toyota Italy also exposed software company Mapboxs application programming interface (API) tokens, used to query map data. While the data is not as sensitive as the Salesforce Marketing Cloud credentials, threat actors might abuse it to query a lot of requests and rack up the cost for API usage for Toyota.
The environment file was first indexed by internet o...
Introduction to XFS Transaction Mechanism Linux.com
A starting point for those who want to s
Click to Read More at Oracle Linux Kernel Development
The post Introduction to XFS Transaction Mechanism appeared first on Linux.com.
Bitter APT group targets Chinas nuclear energy sector Security Affairs
Intezer researchers uncovered a cyberespionage campaign targeting the Chinese nuclear energy sector, they linked it to the Bitter APT group.
The Bitter APT group is a South Asian cyberespionage group active since at least 2021. The group focuses on energy and government sectors, in the past, the group targeted organizations in Pakistan, China, Bangladesh, and Saudi Arabia.
In recent attacks, experts noted updates to the first-stage payloads and the implementation of new layers of obfuscation to avoid detection. Threat actors also employed additional decoys for social engineering.
Experts identified seven phishing emails that were used in the phishing campaign aimed at recipients in Chinas nuclear energy industry. The phishing messages impersonated the Embassy of Kyrgyzstan in China, inviting them to join conferences on subjects that are relevant to the recipients.
We identified seven emails pretending to be from the Embassy of Kyrgyzstan, being sent to recipients in the nuclear energy industry in China. In some emails, people and entities in academia are also targeted, also related to nuclear energy. The phishing emails contain a lure that invites the recipients to join conferences on subjects that are relevant to them. reads the report published by Intezer. The lures are designed to socially engineer the recipient to download and open an attached RAR file that contains either a Microsoft Compiled HTML Help (CHM) or Excel payload.
The messages attempt to trick recipients into opening an attached RAR archive that contains CHM or Excel payloads created to achieve persistence and fetch additional payloads from the C2.
Sony Music Has Serious Concerns About AI-Synthesized Vocals TorrentFreak
Artificial intelligence has the potential to make our lives more efficient, entertaining, and productive. There are potential downsides as well.
From a copyright perspective, AI brings up some interesting questions. For example, can content created by an AI be copyrighted? And can an AI be trained on copyrighted works without limitation?
Before ChatGPT and other AI tools started to dominate the news, the music industry had already shared its concerns over the potential threats posed to its business. The RIAA, for example, reported several AI vocal extraction tools as a looming piracy threat last October.
Since then, numerous experts have opined about the copyright challenges AI presents. As such, it is no surprise that the topic is also mentioned in IFPIs annual Global Music Report, which discusses the state of the global music industry.
A few years ago, online piracy and stream-ripping were featured as cannibalizing technologies, but those have now disappeared into the background. Instead, AI gets a prominent feature, with several music industry bosses commenting on the technology.
IFPIs report starts out by saying that AI isnt all doom and gloom. It also offers several opportunities for artists and the broader industry.
Some, for example, support artist discovery, others enhance audience identification. Still others enable fans to engage with artists in new ways and some aid in the creative process, IFPI writes.
The report stresses that when AI is used, the human element should always remain from and center. At the same time, robust copyright rules and regulations must be respected.
The human element is also highlighted by Michael Nash, Chief Digital Officer at Universal Music Group. Nash believes that...
Re: CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Open Source Security
Posted by Seth Arnold on Mar 28
Aha, then I'm quite out of date. Thanks :)Fwupd 1.8.13 Adds Firmware Updating For Framework's Audio Card, ThinkPad TBT3-TR Gen 2 Phoronix
Fwupd/LVFS lead developer Richard Hughes of Red Hat released Fwupd 1.8.13 as the newest feature update to this open-source firmware/BIOS updating solution for Linux and other platforms...
Re: CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Open Source Security
Posted by Solar Designer on Mar 28
Kristian isn't on the list for a couple of years now. Two others areRe: CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Open Source Security
Posted by Seth Arnold on Mar 28
I've not seen K_F online in any capacity in years. It is time to ask ifHow to refresh and reload group membership on Linux without a reboot or logging in again nixCraft
Do you want to refresh and reload the group membership on Linux without rebooting the Linux machine or logging in again? Try the newgrp command to log in to a new group without logging in again or reboot the system.
Love this? sudo share_on: Twitter - Facebook - LinkedIn - Whatsapp - Reddit
The post How to refresh and reload group membership on Linux without a reboot or logging in again appeared first on nixCraft.
Ubuntu Cinnamon Becomes An Official Flavor For Ubuntu 23.04 Phoronix
Since 2019 there has been Ubuntu Cinnamon as an unofficial remix of Ubuntu paired with Linux Mint's Cinnamon desktop environment. After the three years of progress, Ubuntu Cinnamon has now been granted an official status with next month's Ubuntu 23.04 "Lunar Lobster" release...
Microplastics are Messing With the Microbiomes of Seabirds SoylentNews
Microplastics are messing with the microbiomes of seabirds:
To find out if the microbes being introduced might be "good" or "bad," Fackelmann and her colleagues analyzed the microbiomes and looked up individual types of microbes in databases to learn what they do. They found that with more plastic, there were more microbes that are known to break down plastic. There were also more microbes that are known to be resistant to antibiotics and more with the potential to cause disease.
Fackelmann and her colleagues didn't assess the health of the birds, so they don't know if these microbes might have been making them unwell. "But if you accumulate pathogens and antibiotic-resistant microbes in your digestive system, that's clearly not great," says Wagner.
The study, which was published in the journal Nature Ecology and Evolution, shows that the levels of plastic already present in the environment are enough to affect animals' microbiomes, says Fackelmann. The next step is to work out what this might mean for their health and the health of other animals, including humans, she says.
"When I read [the study], I thought about the whales we find beached with kilograms of plastic debris found in their bellies," says Wagner. "It's probably quite comparable to what birds have in their digestive systems, so it would be interesting to know if this happens in whales, dolphins, [and other marine animals] as well."
Read more of this story at SoylentNews.
[$] Ubuntu stops shipping Flatpak by default LWN.net
Canonical recently announced that it will no longer ship Flatpak as part of its default installation for the various official Ubuntu flavors, which is in keeping with the practices of the core Ubuntu distribution. The Flatpak package format has gained popularity among Linux users for its convenience and ease of use. Canonical will focus exclusively on its own package-management system, Snap. The decision has caused disgruntlement among some community members, who felt like the distribution was making this decision without regard for its users.
AMD-Xilinx Publishes Open-Source "Nanotube" Compiler Phoronix
AMD-Xilinx recently open-sourced their LLVM-based Nanotube compiler that can be used for some nifty networking purposes on FPGAs...
Ed Dowd on Covid Vax: $147 Billion In Economic Damage, Tens Of Millions Injured Or Disabled cryptogon.com
Via: ZeroHedge: A new report estimates that 26.6 million people were injured, 1.36 million disabled, and 300,000 excess deaths can be attributed to COVID-19 vaccine damages in 2022 alone, which cost the economy nearly $150 billion.
Microsoft Introduces GPT-4 AI-Powered Security Copilot Tool to Empower Defenders The Hacker News
Microsoft on Tuesday unveiled Security Copilot in limited preview, marking its continued quest to embed AI-oriented features in an attempt to offer "end-to-end defense at machine speed and scale." Powered by OpenAI's GPT-4 generative AI and its own security-specific model, it's billed as a security analysis tool that enables cybersecurity analysts to quickly respond to threats, process signals,
Latitude Data breach is worse than initially estimated. 14 million individuals impacted Security Affairs
The data breach suffered by Latitude Financial Services (Latitude) is much more serious than initially estimated. The company initially determined that the number of impacted individuals was 328,000, but now confirmed that the real number of affected individuals is 14 million.
The incident took place on March 16, the Australian firm revealed that the attackers stole an employees credentials and used them to breach two of the companys service providers and access Latitudes customer data.
In response to the incident, the company shut down customer-facing systems and launched an investigation to determine the extent of the intrusion. Latitude reported the security breach to the Australian Federal Police.
Once the attack was discovered, we took immediate and decisive action, including isolating systems, taking them offline to protect personal information. Unfortunately, this action continues to cause disruption to our services. We are working around the clock to restore full service for our customers and partners. reads the Cyber Incident Update published by the company. We are well advanced in what has been a thorough, forensic investigation of our systems, supported by external cyber security specialists.
The investigation revealed that the incident impacts 14 million individuals that are customers, past customers, and applicants across Australia and New Zealand.
As our forensic review continues to progress, we have identified that approximately 7.9 million Australian and New Zealand driver licence numbers were stolen, of which approximately 3.2 million, or 40%, were provided to us in the last 10 years. reads a new update published on March 27, 2023.
In addition, approximately 53,000 passport numbers were stolen. We have also identified less than 100 customers who had a monthly financial statement stolen.
The company announced that it will reimburse those customers who choose to replace their stolen ID documents.
The statement also reported that approximately 6.1 million records dating back to at least 2005 were also compromised in the data breach. 94% of these records (5.7 million) were provided before 2013.
These 6.1 million records include some, but not all of the following personal information: name, address, telephone, and date of birth.
It is hugely disapp...
Britain: Staff Who Process Payments for Vaccine Injuries Increased from 4 to 80 cryptogon.com
Via: Dr. John Campbell:
New Award Recognizes IEEE Societys Work in DEI IEEE Spectrum
For the past 20 years, the IEEE Instrumentation and Measurement Society has been working to become more welcoming and inclusive for women, members from outside the United States and Canada, students, and young professionals. Its hard work in diversity, equity, and inclusion (DEI) has paid off.
IEEE IMS has increased its number of women leaders, conference speakers, and editors of its publications. The society also has expanded its chapters to other parts of the world. To encourage more students to join, it holds competitions and offers scholarships, and a mentoring program was created to attract students and young professionals.
The societys efforts have been recognized with the new IEEE Technical Activities Board Award for Society/Council Impact in DEI. The award was established last year to honor an IEEE society or council that has encouraged DEI by developing activities, programs, and services that promote efforts in the area. IEEE IMS is the first society to be given the award.
The society received the news [about the award] with great joy, says IEEE Senior Member Juan Manuel Ramirez Corts, the IMS president. Being the inaugural recipient of the award is a true honor and serves as significant motivation for our ongoing DEI efforts.
The societys nominations and appointments committee is dedicated to recommending experienced women to serve in leadership positions.
In 1992 there were no women on the societys administrative committee, AdCom, and only one member was from outside the United States and Canada. The committee is composed of elected officers and nonelected leaders.
Total membership
3,820
Number of chapters
72
Number of student chapters
15
Number of technical committees
23
The oversight changed when IEEE Life Fellow Stephen A. Dyer joined the committee as editor in chief of the IEEE Transactions on Instrumentation and Measurement. He identified women and individuals from other geographic regions who were qualified to be AdCom can...
Hacker Returns $200 Million Stolen from Euler Finance HackRead | Latest Cybersecurity and Hacking News Site
By Deeba Ahmed
Euler Finance was hacked on March 13, 2023, and around $197 million worth of cryptocurrency was stolen, including $135.8 million stETH, $33.8 million USDC, $18.5 million WBTC, and $8.7 million DAI.
This is a post from HackRead.com Read the original post: Hacker Returns $200 Million Stolen from Euler Finance
Some Clips from Utopia cryptogon.com
Reminds of of something. I cant quite put my finger on it. Hmm Via: Jason Stuermer Roberts: Related: Utopia (British TV series)
Robert F. Kennedy, Jr. and Childrens Health Defense Sue Biden, Fauci for Alleged Censorship cryptogon.com
Via: The Defender: Robert F. Kennedy, Jr. and Childrens Health Defense (CHD) on Friday filed a class action lawsuit against President Biden, Dr. Anthony Fauci and other top administration officials and federal agencies, alleging they waged a systematic, concerted campaign to compel the nations three largest social media companies to censor constitutionally protected speech. Kennedy, []
6th Pilot Incident This Month cryptogon.com
Via: Covid Intel: March 22, 2023 Southwest 613 LAS-CMH diverted as pilot collapsed shortly after take-off March 18, 2023 Air Transat Flight TS739 FDF-YUL first officer was incapacitated about 200NM south of Montreal March 13, 2023 Emirates Flight EK205 MXP-JFK diverted due to pilot illness hour and a half after take-off March []
Will New CEO Dirk-Peter van Leeuwen Bring Open Source Way Magic to SUSE? FOSS Force
As Red Hat slowly loses its open culture under IBM's ownership, SUSE might be set to finally become an important global open-source player, but only if its board allows the former Red Hatter who will take the helm on May 2 to bring "the open source way" to a secretive and "top-down" corporate culture.
The post Will New CEO Dirk-Peter van Leeuwen Bring Open Source Way Magic to SUSE? appeared first on FOSS Force.
Dr. Drew on Damar Hamlin cryptogon.com
Via: Chief Nerd: ? Dr. Drew Questions What Happened to Damar Hamlin Nearly Three Months Ago "Things would cause sudden no pulse, rearrest in the ER, and the pulmonary status to lag behind neurological would be a pulmonary embolus. And a pulmonary embolus happens during acute COVID, which he did pic.twitter.com/5r3wh74sFa Chief Nerd (@TheChiefNerd) []
UK Sets Up Fake Booter Sites To Muddy DDoS Market Krebs on Security
The United Kingdoms National Crime Agency (NCA) has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and generally increase the level of paranoia for people looking to hire such services.
The NCA says all of its fake so-called booter or stresser sites which have so far been accessed by several thousand people have been created to look like they offer the tools and services that enable cyber criminals to execute these attacks.
However, after users register, rather than being given access to cyber crime tools, their data is collated by investigators, reads an NCA advisory on the program. Users based in the UK will be contacted by the National Crime Agency or police and warned about engaging in cyber crime. Information relating to those based overseas is being passed to international law enforcement.
The NCA declined to say how many phony booter sites it had set up, or for how long they have been running. The NCA says hiring or launching attacks designed to knock websites or users offline is punishable in the UK under the Computer Misuse Act 1990.
Going forward, people who wish to use these services cant be sure who is actually behind them, so why take the risk? the NCA announcement continues.
The NCA campaign comes closely on the heels of an international law enforcement takedown involving four-dozen websites that made powerful DDoS attacks a point-and-click operation.
In mid-December 2022, the U.S. Department of Justice (DOJ) announced Operation Power Off, which seized four-dozen booter business domains responsible for more than 30 million DDoS attacks, and charged six U.S. men with computer crimes related to their alleged ownership of popular DDoS-for-hire services. In connection with that operation, the NCA also arrested an 18-year-old man suspected of running one of the sites.
According to U.S. federal prosecutors, the use of booter and stresser services to conduct attacks is punishable under both wire fraud laws and the Computer Fraud and Abuse Act (18 U.S.C. 1030), and may result in arrest and prosecution, the seizure of computers or other electronics, as well as prison senten...
Toxic Chemical Spill Ignites Water Safety Fears for 14 Million People cryptogon.com
Via: The Defender: Residents of Philadelphia and the surrounding area demanded clarity about the safety of their drinking water from city officials on Monday, three days after chemicals leaked from a plant into a tributary of the Delaware River, which provides water for about 14 million people in four states. About 8,100 gallons of acrylic []
Fedora 38 Beta Performance Mostly Flat, Few Regressions Phoronix
For those curious how the performance of Fedora 38 is looking ahead of its official release at the end of April, here are some preliminary benchmarks looking at the performance of this leading-edge Linux distribution as of the Fedora 38 Beta milestone last week. On both Intel Core i9 13900K "Raptor Lake" and AMD Ryzen 9 7950X "Zen 4" desktop systems, the Fedora 37 performance was compared to that of Fedora 38 Beta.
GitHub Publishes RSA SSH Host Keys by Mistake, Issues Update SoylentNews
GitHub publishes RSA SSH host keys by mistake, issues update:
GitHub has updated its SSH keys after accidentally publishing the private part to the world. Whoops.
A post on Github's security blog reveals that the company has changed its RSA SSH host keys. This is going to cause connection errors, and some frightening warning messages, for a lot of developers, but it's all right: it's not scary cracker activity, just plain old human error.
Microsoft subsidiary GitHub is the largest source code shack in the world, with an estimated 100 million active users. So this is going to inconvenience a lot of people. It's not the end of the world: if you normally push and pull to GitHub via SSH which most people do then you will have to delete your local GitHub SSH key, and fetch new ones.
As the blog post describes, the first symptom is an alarming warning message[.]
For almost everyone, this warning is spurious. It's not that you're being attacked although that is always a remote (ha ha, only serious) possibility it's that GitHub revoked its old keys and published new ones. Hanlon's Razor applies, as it most often does:
Never attribute to malice that which can be adequately explained by stupidity. (The word stupidity is often replaced with incompetence, but then, one does tend to lead to the other.)
This time, the reason was as usual plain old human error. Someone published GitHub's private RSA keys in a repository on GitHub itself. If you're unclear how SSH encryption works, about public versus private keys, or the different cryptographic algorithms SSH uses, there are many good explanations out there.
Read more of this story at SoylentNews.
How to work with a list of dictionaries in Ansible Linux.com
Use Jinja selectattr() and map() filters to extract data from a list of dictionaries.
Read More at Enable Sysadmin
The post How to work with a list of dictionaries in Ansible appeared first on Linux.com.
VA-API's Libva 2.18 Released With Windows WSL D3D12 Support, Optional Disabling DRI3 Phoronix
Version 2.18 of the VA-API library, libva, has been released today for this Linux Video Acceleration API library that is used by the various driver implementations...
Debugging and Analyzing Real-Mode 16-Bit x86 Code With Fresh Bread Hackaday
Running a debugger like gdb with real-mode 16-bit code on the x86 platform is not the easiest thing to do, but incredibly useful when it comes to analyzing BIOS firmware and DOS software. Although its possible to analyze a BIOS image after running it through a disassembler, there is a lot that can only be done when the software is running on the real hardware. This is where [Davidson Francis] decided that some BREAD would be useful, as in BIOS Reverse Engineering & Advanced Debugging.
What BREAD does is provide some injectable code that with e.g. a BIOS replaces the normal boot logo with the debugger stub. This stub communicates with a bridge via the serial port, with the gdb client connecting to this bridge. Since DOS programs are also often 16-bit re...
What If EVE Online Becomes Our Future? Lifeboat News: The Blog
Play EVE Online: https://eve.online/Ridddle_EN
In this video, we explore the fascinating prospects of humanity becoming a proper interstellar civilization, up to Type III on the Kardashev scale. However, this transition process presents our species with a bunch of physical limitations, as well as societal and even biological implications. Many of them are quite unwanted or even ugly! We explore this vast topic by using the latest scientific models as well as the best science fiction worlds from books, TV shows, and even games. Speaking of which, to help us visualize this space-faring future with much-needed scale and fidelity, we turned to CCP Games the creators of the massively multiplayer online game EVE Online. https://eve.online/Ridddle_EN. It is set in a rich sci-fi universe, where players can create their own character and explore a vast and complex virtual world built according to the well-thought set of consistent in-world rules The game is known for its intricate economy, politics, and warfare mechanics, where players can engage in a variety of activities, including mining resources, trading, building structures, and participating in battles. Quite frankly, the game feels like a real simulation of all those future endeavors humanity will face on the way to becoming a true interstellar species!
AI Consciousness : 2023 2030 Timeline of Sentient Machines Lifeboat News: The Blog
Deep Learning AI Specialization: https://imp.i384100.net/GET-STARTED
AI Marketplace: https://taimine.com/
Take a journey through the years 20232030 as artificial
intelligence develops increasing levels of consciousness, becomes
an indispensable partner in human decision-making, and even leads
key areas of society. But as the line between man and machines
becomes blurred, society grapples with the moral and ethical
implications of sentient machines, and the question arises: which
side of history will you be on?
AI news timestamps:
0:00 AI consciousness intro.
0:17 Unconscious artificial intelligence.
1:54 AI influence in media.
3:13 AI decisions.
4:05 AI awareness.
5:07 The AI ally.
6:07 Machine human hybrid minds.
7:02 Which side.
7:55 The will of artificial intelligence.
#ai #future #tech
Does GPT-4 Really Understand What Were Saying? Lifeboat News: The Blog
One question for David Krakauer, president of the Sante Fe Institute for complexity science where he explores the evolution of intelligence and stupidity on Earth.
Does GPT-4 really understand what were saying?
Yes and no, is the answer to that. In my new paper with computer scientist Melanie Mitchell, we surveyed AI researchers on the idea that large pretrained language models, like GPT-4, can understand language. When they say these models understand us, or that they dont, its not clear that were agreeing on our concept of understanding. When Claude Shannon was inventing information theory, he made it very clear that the part of information he was interested in was communication, not meaning: You can have two messages that are equally informative, with one having loads of meaning and the other none.
The Periodic Table Has Been Sonified And Every Element Sounds Unique Lifeboat News: The Blog
The unique radiation emitted by heated or electrified elements has been converted into sound, enabling us to hear the distinctive chord each element produces. Although the idea has been tried before, advances in technology have now made it possible for a far more complete and subtle sonification of the periodic table.
When elements are energized electrons can jump to higher energy levels. Eventually, they return to their ground state, releasing a photon in the process. The wavelength of the photon depends on the size of the energy gap between the excited state and the ground state more energy produces higher frequency/shorter wavelength light.
The discovery of this fact has proven crucial for our understanding of the universe. We can identify the elements in a star billions of light-years away from the distinctive wavelengths it emits, known as its emission spectra. At the American Chemical Societys Spring Conference over the weekend, the University of Indianas W. Walker Smith demonstrated the result if every elements electromagnetic spectrum is converted to sound.
Does consciousness create the universe? A new book makes the startling claim Lifeboat News: The Blog
Credit: Pixabay.
Observer, a thriller co-written by the scientist Robert Lanza and the leading sci-fi writer Nancy Kress, looks towards quantum physics and beyond in a provocative story of a brilliant neurosurgeon.
The Twilight Zone (1985) Intro HD Lifeboat News: The Blog
The Twilight Zone (1985) is a television science fiction anthology series. It recreated some of the episodes from the original series and created some new ones too. The series contains ironic or special situations with a twist at the end, which show the human nature, coupled with science fiction, horror or fantasy. This new series included such famous directors as Wes Craven, Joe Dante, John Milius, and William Friedkin along with writers such as Stephen King, Harlan Ellison, Roger Zelazny, J. Michael Straczynski, Rockne S. OBannon, Theodore Sturgeon, Ray Bradbury, George Clayton Johnson, and even an original outline by Rod Serling.
Facebook Page:
https://www.facebook.com/TheTwilightZone1985
How and When the Chip Shortage Will End, in 4 Charts IEEE Spectrum
One looming artifact of the pandemic that remains in 2023the global chip shortagehas gratefully begun to recede. Unlike the state of things in mid-2021when crimps in the semiconductor supply chain cropped up in big wayssupply and demand have become much less of a mismatch.
As IEEE Spectrum reported in the months since this story originally posted, the broken supply chains caused by the chip shortage have practically rewired whole segments of the tech industry. For the automotive industry, as we summarized in five charts that helped demystify the chip shortage, time eventually brought carmakers up from the end of a 52-week waiting list to get the chips they needed for their entertainment and driving-assistance systems. With chips finally reaching factory floors, their own manufacturing capacities were restored to prepandemic levels by the end of 2022.
Meanwhile, the mid-2022 passage of the CHIPS Act in the United States yielded a multibillion-dollar investment pool, some of which was dedicated to ramping up American manufacturing of the mature-generation chips upon which many industriesauto and otherwiseare so dependent. In March of 2023, the U.S. began disbursing CHIPS Act funding, while the E.U. considered getting into the chip-stimulus game as well.
The aim of Washingtons $50 billion expenditure is to prevent U.S. industrial concerns from falling victim to similar semiconductor supply chain snafus in the future. The EUs Chips Act legislation has similar aims; also chief among them is bolstering its constituent nations resilience in the face of such supply-chain interruptions.
Story from 29 June 2021 follows:
Historians will probably spend decades picking apart the consequences of the COVID-19 epidemic. But the shortage of chips that its caused will be long over by then. A variety of analysts agree that the most problematic shortages will...
The EV Transition Is Harder Than Anyone Thinks IEEE Spectrum
Volvo Cars CEO Jim Rowan boldly proclaims that electric vehicles will reach price parity with internal-combustion-engine (ICE) vehicles by 2025. Not likely, counter Mercedes-Benzs chief technology officer Markus Schfer and Renault Group CEO Luca de Meo.
The International Energy Agency predicts that EVs will make up more than 60 percent of vehicles sold globally by 2030. But given the sheer tonnage of lithium, cobalt, and other raw materials needed for EV batteries, that figure is overly optimistic, suggests the mineral market analysis company Benchmark Mineral Intelligence, unless nearly 300 new mines and supporting refineries open by then.
EV owners should be urged to charge at night to save not only money and the power grid but the world, a news headline cries out. Not so fast, exclaim researchers at Stanford University, who state that charging EVs during the day is actually cheaper, better for the grid, and healthier for the environment.
And so goes the litany of contradictory statements about the transition to EVs:
Confused? Join the crowd.
Sorting through this contradictory rhetoric can make anyones head spin. My response to each proclamation is often a shrug followed by It depends.
Two years ago, I began investigating the veracity of claims surrounding the transition to EVs at scale. The result is a 12-part series and e-book,...
OpenSSL Security Advisory Open Source Security
Posted by Tomas Mraz on Mar 28
OpenSSL Security Advisory [28th March 2023]Re: CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Open Source Security
Posted by Solar Designer on Mar 28
Hi Zhenghan Wang,Feeling the Heat: Railway Defect Detection Hackaday
On the technology spectrum, railroads would certainly seem to skew toward the brutally simplistic side of things. A couple of strips of steel, some wooden ties and gravel ballast to keep everything in place, some rolling stock with flanged wheels on fixed axles, and youve got the basics that have been moving freight and passengers since at least the 18th century.
But that basic simplicity belies the true complexity of a railway, where even just keep keeping the trains on the track can be a daunting task. The forces that a fully loaded train can exert on not only the tracks but on itself are hard to get your head around, and the potential for disaster is often only a failed component away. This became painfully evident with the recent Norfolk Southern derailment in East Palestine, Ohio, which resulted in a hazardous materials incident the likes of which no community is ready to deal with.
Given the forces involved, keeping trains on the straight and narrow is no mean feat, and railway designers have come up with a web of sensors and systems to help them with the task of keeping an eye on whats going on with the rolling stock of a train. Lets take a look at some of the interesting engineering behind these wayside defect detectors.
...
New Technique 'About 80% Effective' at Producing Babies of Desired Sex, Study Suggests SoylentNews
Researchers used a technique to separate sperm on whether they had an X chromosome (making female offspring) or a Y one (male offspring). Sperm with an X chromosome are slightly heavier than those with a Y, the research indicates.
However, the study has again raised long-held concerns over the ethics of such a process. Selecting embryos without reasons such as a sex-linked disease is illegal in many countries.
Experts behind the research, from Weill Cornell Medicine in New York, said their technique was inexpensive and "extremely safe".
Fifty-nine couples wanted a girl and it resulted in 79.1% (231 out of 292) female embryos, with 16 girls being born without any abnormalities. Fifty-six couples wanted a boy and the technique produced 79.6% male embryos (223 out of 280), resulting in 13 healthy male babies.
[...] "I am convinced that the science is sound and that, instead of the usual 50:50 'coin toss' then a couple can get a baby with the desired sex a little under 80% of the time."
From the article:
The desire to have offspring of a specific sex has a long history but has been particularly present since the 1970s with the early appearance of assisted reproduction. The reasons for choosing a child's sex may be social, such as a desire for family balancing [1]. Couples undergoing IVF, who already have a child or children of one sex, may wish to have the experience of raising children of both sexes. Some couples, who already have children, could have financial reasons for not attempting a further pregnancy without assurance that the additional child will be of a specific sex.
Cheung S, Elias R, Xie P, Rosenwaks Z, Palermo GD (2023) A non-randomized clinical trial to determine the safety and efficacy of a novel sperm sex selection technique. PLoS ONE 18(3): e0282216. https://doi.org/10.1371/journal.pone.0282216
Read more of this story at SoylentNews.
Europol warns of criminal use of ChatGPT Security Affairs
EU police body Europol warned about the potential abuse of systems based on artificial intelligence, such as the popular chatbot ChatGPT, for cybercriminal activities. Cybercriminal groups can use chatbot like ChatGPT in social engineering attacks, disinformation campaigns, and other cybercriminal activities, such as developing malicious code.
OpenAIs ChatGPT is becoming even more attractive for cybercriminal organization that are valuating how to use its enormous capabilities.
As the capabilities of Large Language Models (LLMs) such as ChatGPT are actively being improved, the potential exploitation of these types of AI systems by criminals provide a grim outlook. reads the alert published by the Europol.
The following three crime areas are amongst the many areas of concern identified by Europols experts:
According to the Europol, technologies like ChatGPT can speed up each phase of an attack chain significantly.
As such, ChatGPT can be used to learn about a vast number of potential crime areas with no prior knowledge, ranging from how to break into a home, to terrorism, cybercrime and child sexual abuse. states the report published by Europol. The identified use cases that emerged from the workshops Europol carried out with its experts are by no means exhaustive. Rather, the aim...
Security updates for Tuesday LWN.net
Security updates have been issued by Debian (dino-im and runc), Fedora (qemu), Red Hat (firefox), SUSE (chromium, containerd, docker, kernel, and systemd), and Ubuntu (graphicsmagick, linux-azure, linux-gcp, linux-oem-5.14, linux-oem-5.17, linux-oem-6.0, linux-oem-6.1, and node-url-parse).
Dr. John-Arne Rttingen, MD, PhD Ambassador for Global Health, Ministry of Foreign Affairs, Norway Lifeboat News: The Blog
Ambassador Dr. John-Arne Rttingen, MD, Ph.D. (https://www.bsg.ox.ac.uk/people/john-arne-rottingen) is Ambassador for Global Health, at the Ministry of Foreign Affairs, Norway, and a Visiting Fellow of Practice, at the Blavatnik School of Government, Oxford University.
Ambassador Dr. Rttingen has previously served as the Chief Executive of the Research Council of Norway; the founding Chief Executive Officer of the Coalition for Epidemic Preparedness Innovations (CEPI); Executive Director of Infection Control and Environmental Health at the Norwegian Institute of Public Health; founding Chief Executive of the Norwegian Knowledge Centre for the Health Services; Professor of Health Policy at the Department of Health Management and Health Economics, Institute of Health and Society, University of Oslo; and Adjunct Professor at the Department of Global Health and Population, Harvard T.H. Chan School of Public Health.
From 2020, Ambassador Dr. Rttingen also chaired the Executive Group and the International Steering Committee of the WHO Solidarity trial to compare four untested treatments for hospitalized people with severe COVID-19 illness. In early 2021, he was appointed by the G20 to the High Level Independent Panel (HLIP) on financing the global commons for pandemic preparedness and response. That same year, he was also appointed to the Pandemic Preparedness Partnership (PPP), an expert group chaired to advise the G7 presidency. From mid-2021, he was part of the Access to COVID-19 Tools Accelerators Vaccine Manufacturing Working Group.
Ambassador Dr. Rttingen received his MD and Ph.D. from the University of Oslo, an MSc from Oxford University and an MPA from Harvard University.
Elephant Robotics Unveils New Desktop Educational Robots for 2023 IEEE Spectrum
This is a sponsored article brought to you by Elephant Robotics.
In recent years, interest in using robots in education has seen massive growth. Projects that involve robotics, artificial intelligence, speech recognition, and related technologies can help develop students analytical, creative, and practical skills. However, a major challenge has been the robots themselves: They are typically big, heavy, and costly. For robots to become widely used in education, they need to be smaller, easier to setup and use, and, more important, they need to be affordable to educators and students.
Thats the goal Elephant Robotics aims to achieve with its line of lightweight, smart, and capable robots. The company has launched several desktop collaborative robots over the past few years, including the myCobot, mechArm, and myPalletizer. To help users achieve more applications in education, Elephant Robotics has also launched AI Robot Kit, a robotic kit that integrates multiple functions like vision, positioning grabbing, and automatic sorting modules. This year, the company is unveiling completely improved and upgraded products to make robotics even more accessible in education.
Schools in different countries and regions have been using Elephant Robotics robotic arms and AI Kits as educational tools in recent years. The products portability, ease of use, and cost-effectiveness have helped schools integrate robotics as part of their programs and courses. The performance of the products and the wide range of built-in software and features help students learn better about robotics and programming. Using the robotic arms and...
Wildz Casino Mobile Promos, How To Bet And Extra h+ Media
Within Android yow will discover the best online on line casino apps in New Zealand. Through them you can make the bets you want, all with a free download from the Play Market. Through Google youll have the ability to seek for the New Zealand casinos you want and find their obtain possibility. Kiwi players will be delighted with the attentive buyer assist services they obtain at 888casino. By merely clicking on the Help button, you will be able to entry a fully complete FAQ and help part. It offers detailed data on issues like Bonuses and Promos, Withdrawals and Deposits, Games and Logins, Personal Account information, Registration-related data and Technical issues.
The app for iPhone and iPad may be discovered on iTunes but each the Apple and the Android app can be requested from the 888 Poker web site as properly. Users with Windows phones, BlackBerry or Also, you presumably can take a break or cooling-off period of your desired length . Alternatively, you possibly can self-exclude for six months or more by contacting buyer help. You can get professional help from organisations like Gamblers Anonymous and Gambling Therapy. 888 Casino You are capable of qualify for about C$1, 500 as a welcome bonus, to take enjoyment of issues massive variety of online game titles.
There is not really one single best approach to make a deposit with a cellular casino. Wed at all times advise playing in NZD the place possible, which may narrow down the variety of fee options you can use. Find the most effective on-line casinos offering your favorite games by clicking under. This team carries out a strict auditing course of when reviewing sites, assessing payout velocity, game selection, software high quality, stage of safety, cellular compatibility, and customer service. Mega888 on line casino is one of the platforms that began off video games immediately with mobile apps. The APK format for the game is out there for obtain on the official site of the sport platform, after which youll have the ability to proceed to install and register your account on the app and use.
In addition, players can enable the 2FA to make sure no one else accesses their accounts. The most a fact in the on-line conventional on line casino world shall be Range Riches via the producer Barcrest and the Cleopatra on-line slot machine game from IGT. If you participate within the VIP program as being a excessive portray device, youll have entry to high-stakes kitchen tables and obtain invitations to occasions. The benefits additionally embrace your own account director who protects questions and wishes of players at all times.
Having a perfect sense of what you would possibly be actually looking for in a authorized on-line on line casino in New Zealand is crucial to registering an account with Captain Coo...
Wildz Casino Mobile Promos, How To Bet And Extra h+ Media
Within Android yow will discover the best online on line casino apps in New Zealand. Through them you can make the bets you want, all with a free download from the Play Market. Through Google youll have the ability to seek for the New Zealand casinos you want and find their obtain possibility. Kiwi players will be delighted with the attentive buyer assist services they obtain at 888casino. By merely clicking on the Help button, you will be able to entry a fully complete FAQ and help part. It offers detailed data on issues like Bonuses and Promos, Withdrawals and Deposits, Games and Logins, Personal Account information, Registration-related data and Technical issues.
The app for iPhone and iPad may be discovered on iTunes but each the Apple and the Android app can be requested from the 888 Poker web site as properly. Users with Windows phones, BlackBerry or Also, you presumably can take a break or cooling-off period of your desired length . Alternatively, you possibly can self-exclude for six months or more by contacting buyer help. You can get professional help from organisations like Gamblers Anonymous and Gambling Therapy. 888 Casino You are capable of qualify for about C$1, 500 as a welcome bonus, to take enjoyment of issues massive variety of online game titles.
There is not really one single best approach to make a deposit with a cellular casino. Wed at all times advise playing in NZD the place possible, which may narrow down the variety of fee options you can use. Find the most effective on-line casinos offering your favorite games by clicking under. This team carries out a strict auditing course of when reviewing sites, assessing payout velocity, game selection, software high quality, stage of safety, cellular compatibility, and customer service. Mega888 on line casino is one of the platforms that began off video games immediately with mobile apps. The APK format for the game is out there for obtain on the official site of the sport platform, after which youll have the ability to proceed to install and register your account on the app and use.
In addition, players can enable the 2FA to make sure no one else accesses their accounts. The most a fact in the on-line conventional on line casino world shall be Range Riches via the producer Barcrest and the Cleopatra on-line slot machine game from IGT. If you participate within the VIP program as being a excessive portray device, youll have entry to high-stakes kitchen tables and obtain invitations to occasions. The benefits additionally embrace your own account director who protects questions and wishes of players at all times.
Having a perfect sense of what you would possibly be actually looking for in a authorized on-line on line casino in New Zealand is crucial to registering an account with Captain Coo...
Neurotechs Battles Impact Our Brains Future IEEE Spectrum
Neurotechnologies todaydevices that can measure and influence
our brains and nervous systemsare growing in power and popularity.
The neurotech marketplace, according to Precedence Research, is worth US
$14.3 billion this year and will exceed $20 billion within four
years. Noninvasive brain-computer interfaces, brain-stimulation devices, and brain-monitoring hardware (measuring alertness and
attention at work, for example) are no longer just laboratory
experiments and technological curios. The societal and legal
implications of widespread neurotech adoption may be
substantial.
Nita Farahany, professor of law and philosophy at Duke University, has written a new book, The Battle for Your Brain: Defending the Right to Think Freely in the Age of Neurotechnology (Macmillan), which explores how our lives may be impacted by the use of brain-computer interfaces and neural monitoring devices.
Farahany argues that the development and use of neurotech presents a challenge to our current understanding of human rights. Devices designed to measure, record, and influence our mental processesused by us or on usmay infringe on our rights to mental privacy, freedom of thought, and mental self-determination. She calls this collection of freedoms the right to cognitive liberty. IEEE Spectrum spoke with Farahany recently about the future and present of neurotech and how to weigh its promisesenhanced capabilities, for instance, including bionics and prosthetics and even a third armagainst its potential to interfere with peoples mental sovereignty.
Author, Nita Fara...
888 On Line Casino Nz Review 2021 $1500 Premium Welcome Bonus h+ Media
888 obtained the likes of NetEnt, Electracade, and Merkur Gaming on board. Simply put, 888 is one of the most trusted on line casino sites for New Zealanders. Its a no brainer to begin taking half in and get 888 Casinos $88 FreePlay to get things began. Along with their great bonuses, 888 is a superb gaming site for online gamers in New Zealand. When it involves gaming software program, 888 Casino is powered by 12 of the industrys biggest movers and shakers. It isnt the casinos making the games you play, its the software program growth abilities of award-winning innovators, designers and production corporations.
888 Casino is beneath the regulation and is licensed in Gibraltar, which means that also, the web on line casino is quickly on supply to all New Zealand avid gamers. The best way to discovering protected online platforms is to use our recomenVegas Palms casino listing. Our group of experts personally reviews each site to ensure that they are safe and dependable. Having to wait to receive deposits to have the power to pay withdrawals. Its promoting work is presently rising as part of its sponsorship technique for golf equipment such as Atletico Madrid and including enticing bonuses to attract increasingly players. It additionally has welcome bonuses for brand spanking new players and other bonuses extra particular and designed for players.
Also, youve the chance to enter live games to really feel like in an actual casino from your house. The games lobby is likely considered one of the highlights of this real cash on line casino, and of this 888 on line casino review as well. With leading software program providers supplying the games, 888 members are treated to a number of the latest and biggest titles in the marketplace. The foyer offers you a top-level menu of pokies, on line casino video games, live on line casino, and jackpot, and we will examine every one intimately, to offer you an idea of what you presumably can look forward to. Super Spin Doctor wont solely let you win huge quantities of cash with out investing an excessive quantity of, baccarat. Mount Airy informed the PGCB final month of its new poker room plans, but it could positively be said that the companys catalogue is stuffed with wonderful titles.
Keno is not out there at a whole lot of on-line casinos just but, but 888s got you coated. With tons of of slots, a generous welcome bonus, thrilling promotions and a luxurious look and feel, 888 Casino is a world-class experience in each single way. For a few fun spins or a chance at an enormous win, this is positively the place to be. The RTP refers to the amount of cash staked on a sport which should theoretically return to players over time. This varies depending on the slot you play, but there are quite a few excessive RTP video games obtainable right here, so have a go at a game like Se...
888 On Line Casino Nz Review 2021 $1500 Premium Welcome Bonus h+ Media
888 obtained the likes of NetEnt, Electracade, and Merkur Gaming on board. Simply put, 888 is one of the most trusted on line casino sites for New Zealanders. Its a no brainer to begin taking half in and get 888 Casinos $88 FreePlay to get things began. Along with their great bonuses, 888 is a superb gaming site for online gamers in New Zealand. When it involves gaming software program, 888 Casino is powered by 12 of the industrys biggest movers and shakers. It isnt the casinos making the games you play, its the software program growth abilities of award-winning innovators, designers and production corporations.
888 Casino is beneath the regulation and is licensed in Gibraltar, which means that also, the web on line casino is quickly on supply to all New Zealand avid gamers. The best way to discovering protected online platforms is to use our recomenVegas Palms casino listing. Our group of experts personally reviews each site to ensure that they are safe and dependable. Having to wait to receive deposits to have the power to pay withdrawals. Its promoting work is presently rising as part of its sponsorship technique for golf equipment such as Atletico Madrid and including enticing bonuses to attract increasingly players. It additionally has welcome bonuses for brand spanking new players and other bonuses extra particular and designed for players.
Also, youve the chance to enter live games to really feel like in an actual casino from your house. The games lobby is likely considered one of the highlights of this real cash on line casino, and of this 888 on line casino review as well. With leading software program providers supplying the games, 888 members are treated to a number of the latest and biggest titles in the marketplace. The foyer offers you a top-level menu of pokies, on line casino video games, live on line casino, and jackpot, and we will examine every one intimately, to offer you an idea of what you presumably can look forward to. Super Spin Doctor wont solely let you win huge quantities of cash with out investing an excessive quantity of, baccarat. Mount Airy informed the PGCB final month of its new poker room plans, but it could positively be said that the companys catalogue is stuffed with wonderful titles.
Keno is not out there at a whole lot of on-line casinos just but, but 888s got you coated. With tons of of slots, a generous welcome bonus, thrilling promotions and a luxurious look and feel, 888 Casino is a world-class experience in each single way. For a few fun spins or a chance at an enormous win, this is positively the place to be. The RTP refers to the amount of cash staked on a sport which should theoretically return to players over time. This varies depending on the slot you play, but there are quite a few excessive RTP video games obtainable right here, so have a go at a game like Se...
Prompt engineering and jailbreaking: Europol warns of ChatGPT exploitation HackRead | Latest Cybersecurity and Hacking News Site
The concern arises from the growing number of cybercriminals attempting to exploit the AI-based chatbot for developing malware and other malicious tools.
This is a post from HackRead.com Read the original post: Prompt engineering and jailbreaking: Europol warns of ChatGPT exploitation
Pakistan-Origin SideCopy Linked to New Cyberattack on India's Ministry of Defence The Hacker News
An advanced persistent threat (APT) group that has a track record of targeting India and Afghanistan has been linked to a new phishing campaign that delivers Action RAT. According to Cyble, which attributed the operation to SideCopy, the activity cluster is designed to target the Defence Research and Development Organization (DRDO), the research and development wing of India's Ministry of
All of Microsofts Strategic Areas Have Layoffs This Year Techrights
The layoffs keep going and going, e.g. todays updates [1, 2]; theres no end in sight
Summary: Microsofts supposedly strategic/future areas gaming (trying to debt-load or offload debt to other companies), so-called security, clown computing (Azure), and Hey Hi (chaffbots etc.) have all had layoffs this year; its clear that the company is having a serious existential crisis in spite of Trumps and Bidens bailouts (a wave of layoffs every month this year) and is just bluffing/stuffing the media with chaffbots cruft (puff pieces/misinformation) to keep shareholders distracted, asking them for patience and faking demand for the chaffbots (whilst laying off Bing staff, too)
Turtle Beach REACT-R & Recon Xbox Controllers To Be Supported In Linux 6.4 Phoronix
Turtle Beach gaming controllers will see support by the widely-used XPad driver with the upcoming Linux 6.4 kernel...
IcedID Malware Shifts Focus from Banking Fraud to Ransomware Delivery The Hacker News
Multiple threat actors have been observed using two new variants of the IcedID malware in the wild with more limited functionality that removes functionality related to online banking fraud. IcedID, also known as BokBot, started off as a banking trojan in 2017. It's also capable of delivering additional malware, initial loader
Breaking the Mold: Pen Testing Solutions That Challenge the Status Quo The Hacker News
Malicious actors are constantly adapting their tactics, techniques, and procedures (TTPs) to adapt to political, technological, and regulatory changes quickly. A few emerging threats that organizations of all sizes should be aware of include the following: Increased use of Artificial Intelligence and Machine Learning: Malicious actors are increasingly leveraging AI and machine learning to
Links 28/03/2023: Pitivi 2023.03 is Out, Yet More Microsoft Layoffs (Now in Israel) Techrights
IRC Proceedings: Monday, March 27, 2023 Techrights
Also available via the Gemini protocol at:
Over HTTP:
... |
Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529) Help Net Security
Apple has released security updates for pardon the pop-culture reference everyhing everywhere all at once, and has fixed the WebKit vulnerability (CVE-2023-23529) exploited in the wild for users of older iPhones and iPads. This latest batch of security updates targets the iOS and iPad 16.x and 15.x branches; macOS Big Sur, Monterey and Ventura; watchOS and tvOS; Safari; and Studio Display, a standalone computer monitor / external display. The CVE-2023-23529 fix for older More
The post Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529) appeared first on Help Net Security.
CVE-2023-28464: Linux: Bluetooth: hci_conn_cleanup function has double free Open Source Security
Posted by Zhenghan Wang on Mar 28
Hi,Microsoft to Fix Windows 11 aCropalypse Privacy Failure SoylentNews
Microsoft to fix Windows 11 'aCropalypse' privacy failure:
Updated Microsoft is said to be preparing to fix the high-profile "aCropalypse" privacy bug in its Snipping Tool for Windows 11.
Users can remove sensitive information or some other parts of photos, screenshots, and other images by cropping them using the Snipping Tool app. The problem is that for the Windows 11 app as well as Microsoft's Snip & Sketch cropping tool in Windows 10 the file of the cropped image still includes the cropped out portions, which can be recovered and viewed.
A similar flaw was found in Google's Markup image-editing app for its Pixel smartphones. According to reverse engineers Simon Aarons and David Buchanan who named the bug aCropalyse the problem affects Pixel smartphones since 2018, when the 3 series came out. Google patched its code to avoid leaking cropped areas of images.
Then this week, Buchanan confirmed that the Windows Snipping Tool and Snip & Sketch software had the same issue. If a user cropped a photo or other image using the software and then saved the edited image over the original file, that file still contains the cropped-out portion. The area isn't visible when viewing the image using normal tools, but the data is still there in the file, and can be restored and viewed using appropriate recovery software.
Steven Murdoch, a professor of security engineering at the UK's University College London, shared some thoughts here on the underlying issue within Windows, specifically its latest Save File API, which he described as "defective by design."
[...] Meanwhile, if you've used Microsoft's code to crop your snaps and then shared them on, be aware someone with a copy of them might be able to recover the lopped-off portions.
Read more of this story at SoylentNews.
Hams Watch For Meteors Hackaday
After passing an exam and obtaining a license, an amateur radio operator will typically pick up a VHF ratio and start talking to other hams in their local community. From there a whole array of paths open up, and some will focus on interesting ways of bouncing signals around the atmosphere. There are all kinds of ways of propagating radio waves and bouncing them off of various reflective objects, such as the Moon, various layers of the ionosphere, or even the auroras, but none are quite as fleeting as bouncing a signal off of a meteor thats just burned up in the atmosphere.
While they arent specifically focused on communicating via meteor bounce, The UK Meteor Beacon Project hopes to leverage amateur radio operators and amateur radio astronomers to research more about meteors as they interact with the atmosphere. A large radio beacon, which has already been placed into service, broadcasts a circularly-polarized signal in the six-meter band which is easily reflected back to Earth off of meteors. Specialized receivers can pick up these signals, and are coordinated among a network of other receivers which stream the data they recover over the internet back to a central server.
With this information, the project can determine where the meteor came from, some of...
QNX Support Restored For SDL3 Phoronix
When SDL3 development kicked off last November for this open-source library that is widely used by cross-platform games and other software, QNX support was removed alongside other old targets. Just months later, the QNX platform support is being revived...
Vulkan 1.3.245 Brings New NVIDIA Vendor Extension To Help Optimize Ray-Tracing Phoronix
The Vulkan 1.3.245 extension is a small update to this industry-standard graphics/compute API with just a handful of issues resolved but it does introduce one new extension, which is a NVIDIA vendor extension aiming to further enhance Vulkan ray-tracing...
CVE-2023-28326: Apache OpenMeetings: allows user impersonation Open Source Security
Posted by Maxim Solodovnik on Mar 28
Severity: criticalTelecom giant Lumen suffered a ransomware attack and disclose a second incident Security Affairs
In a filing to the Securities and Exchange Commission, on March 27, 2023, Lumen announced two cybersecurity incidents. One of the incidents is a ransomware attack that impacted a limited number of its servers that support a segmented hosting service. The company did not provide details about the family of ransomware that infected its systems, it only admitted that the incident is currently degrading the operations of a small number of the Companys enterprise customers.
On March 27, 2023, Lumen announced two cybersecurity incidents. First, last week the Company discovered that a malicious intruder had inserted criminal ransomware into a limited number of the Companys servers that support a segmented hosting service. reads the 8-k form filed by the company with SEC. This intrusion is currently degrading the operations of a small number of the Companys enterprise customers.
After the discovery of the ransomware attack, Lumen implemented enhanced security software that allowed the company to discover a separate intrusion. In this second incident, a sophisticated intruder accessed a limited number of the Companys internal information technology systems. The attackers were able to conduct reconnaissance of these systems, installing malware and extracting a relatively limited amount of data.
Based on its ongoing investigations described below and information known at this time, the Company does not believe the incidents have had or will have a material adverse impact on its ability to serve its customers or its business, operations, or financial results. continues the form.
Lumen notified law enforcement authorities and reported the incident to the impacted customers. The company launched an investigation into the incident with the help of forensic to determine the extent of the intrusion.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs hacking, Lumen)
The post Telecom giant Lumen suffered a ransomware attack and disclose a second incident appeared first on Security Affairs.
Intel Releases GPGMM v0.1 GPU Memory Management Library Phoronix
Intel has published v0.1 of its GPGMM software, the open-source General-Purpose GPU Memory Management Library. This library is intended to be used by modern software employing the Vulkan or D3D12 APIs for helping application developers deal with low-level video memory management...
Stealthy DBatLoader Malware Loader Spreading Remcos RAT and Formbook in Europe The Hacker News
A new phishing campaign has set its sights on European entities to distribute Remcos RAT and Formbook via a malware loader dubbed DBatLoader. "The malware payload is distributed through WordPress websites that have authorized SSL certificates, which is a common tactic used by threat actors to evade detection engines," Zscaler researchers Meghraj Nandanwar and Satyam Singh said in a report
OpenBLAS 0.3.22 Introduces EmScripten JavaScript, Fixes AMD Zen 4 Handling Phoronix
A new release of OpenBLAS is now available, the open-source BLAS and LAPACK implementation known for its wide variety of processor optimizations...
Cancer that spreads to the lung maneuvers to avoid being attacked Lifeboat News: The Blog
Cancer that has spread to areas like the lungs can apply the brakes to a natural pathway that should recruit killer T cells directly to where it has metastasized, scientists report.
That newly found strategy used by tumors that have spreadand are consequently more deadlymay help explain why sometimes promising immunotherapies designed to help the immune system kill cancer dont, says Kebin Liu, Ph.D., cancer immunologist in the Department of Biochemistry and Molecular Biology at the Medical College of Georgia.
It also may mean an additional therapeutic maneuver is needed to stop some tumors, which often are diagnosed after they have spread, says Liu, corresponding author of the study in the journal Cancer Cell.
Death Levels Sharply Above Pre-COVID-19 Levels schestowitz.com
Even if the media does not talk about this (or belittles the whole thing)
AM sad about this, but I am not shocked.
10 minutes ago ONS released the latest mortality numbers for England and Wales. This update is a weekly occurrence (typically 10AM ish every Tuesday).
Total deaths week 11 in 2019: 10,567. Total deaths week 11 in 2022: 10,928. Total deaths week 11 in 2023: 12,133. Pandemic is over, folks. Go back your office cage and dont wear a mask or anything. COVID-19 is both mild and long now.
Europol details ChatGPTs potential for criminal abuse Help Net Security
With the increased public interest in ChatGPT, the Europol Innovation Lab took the matter seriously and conducted a series of workshops involving subject matter experts from various departments of Europol. These workshops aimed to investigate potential ways in which large language models (LLMs) like ChatGPT can be exploited by criminals and how they can be utilized to aid investigators in their day-to-day tasks. ChatGPT and law enforcement Their insights are compiled in Europols first Tech More
The post Europol details ChatGPTs potential for criminal abuse appeared first on Help Net Security.
By following the above steps, you possibly can easily obtain the .apk file on your android phone. Please stick with us to know the installation process of the app on your gadget. The Betway app has been modified over the years for Android and iOS platforms. It can higher. But if customers may dont just like the updates, they can turn off the automatic update feature from their telephone.
There are dozens of great video games all streamed in HD high quality within the live on line casino, so you positively shouldnt miss it. Players at Betway can guess on any and all football matches from any nook of the world in their betting account. Football betting is a vital a half of the positioning and it comes as no surprise to see them accomplish that well on this division too. In reality, a majority of Betway reviews on-line have praised their football part.
For occasion, you can simply access the cellular model without having to download anything. However, regardless of having to be downloaded and up to date from time to time, we should always give the sooner entry to their APK. Plus, it offers a extra dependable and smoother wagering experience and the Betway apk doesnt rely as heavily in your internet connection.
The firm provides quite so much of instruments and features to help prospects keep in cost of their spending, corresponding to deposit limits and actuality checks. Another necessary aspect of Bet365 is its customer help. The platform presents excellent customer support, with a devoted team of professionals out there 24/7 to help with any queries or points you may have.
Specify the deposit quantity, fill within the cost particulars and make sure the transaction. Please observe that the account currency can only be selected at this stage. The button to go to this class is in the lower right corner of the screen.
You will acquire entry to the data free mode on Betway once you log into your account on the app. Furthermore, you must also have a constructive steadiness in your account to enable the free information function. Before you set the Betway app to be knowledge free, you have to log in to your Betway account. However, this facet requires utilizing data, so there is no knowledge free login.
Betway has particularly made this for cricket and no different sport. Here is how one can enjoy the Boundary Money Back Special bonus. Now, lets converse of the advantages and some small drawbacks regarding the relevance of the Betway cellular app. Pretty a lot the same process applies to the downloading and installation of the Betway app for iOs devices. After the download, you want to install the app to use it additional. Can gamblers create a couple of account on the platfrom?
Before actually beginning the review, we want all our readers that know how we rank the betting web sites. The cause behind shari...
Ashneer Grover Launches Fantasy Sports App Crickpe Ahead Of Ipl h+ Media
You can get it on almost all the main smartphone platforms. In the primary case, youll get to the portal Indian.bet. Otherwise, you must scroll the main web site page to the very backside.
At the same time, you probably can guess on several outcomes from the exact match. Express This type of wager lets you predict several outcomes at the same time. The odds will be multiplied, rising the potential winnings.
The want for the cell app was caused as a solution to complaints filed about the betway official site. Before the app, customers typically had a difficult time completing their registration course of on-line. Also, the fee procedures for deposit and withdrawal of funds takes a longer period because of numerous users making an attempt to entry the server at the similar time. They will provide you with entry to all of the features and features which would possibly be available on the desktop version. This means you could make payments, play on line casino games, or even do mundane stuff like shopping the FAQ section all while on the go. The apps work smoothly on all fashionable gadgets, though you need to replace your devices OS to its newest model to make sure optimum performance.
Even though phones are becoming increasingly more refined, people are still struggling to determine which recordsdata to maintain. The RAMs of the telephones these days cant handle all of the heavy apps, and the telephone often slows down. People who face this issue sometimes attempt to access websites using their browsers, and Betway has a correct cell model for his or her site.
After youve completed the Betway obtain apk for its iOS variant, youll need to install it. To finish this procedure, simply settle for it in a specified message. For users from completely different continents, the Betway app is probably considered one of the excellent, and so they belief it implicitly.
The providing within the casino part is overwhelming as nicely. Just choose your sport or casino and begin constructing your betslip. Android and iOS customers can take pleasure in betting by downloading the Betway app, and the process for a similar is talked about in the following section.
When you wish to play for real money, you can depend on the assistance of our specialists to search out you the best deals and best casinos. The second most important query that comes to each users thoughts is whether or not the website is protected to use or not. To get the reply to this query, we have checked the license of the corporate.
You will be succesful of use them immediately for betting or enjoying on the on-line on line casino. Youll also have the flexibility to get a bonus if youre a model new Betway participant, of course. Among sports activities occasions within the Betway online betting app, yow will discover Indian, European, American or African champio...
Open any browser in your gadget and go to the official Betway website. Now it stays to attend for a sure period of time till the funds reach your pockets or card which was used for the withdrawal. Usually, it doesnt take long, but you could have to wait up to 20 minutes.
Like the web site, the Betway app additionally provides users with a huge selection of sports markets to bet on. The Betway app is taken into account among the best cell sports activities gaming apps due to its unique features. It has emerged as an essential betting platform for Android and iOS customers. Using this, the participant can simply guess on his favorite recreation.
There is a separate cyber sports activities part, which is not typical of different on-line purposes. In addition, bookmaker customers can reap the benefits of numerous promotions via the app. India does not have any federal regulation to forbid individuals from utilizing an internet betting website registered in one other country. An on-line betting website must accept bets in Indian Rupees to be considered legal in India. Betway satisfies this condition as it accepts INR for each withdrawals and deposits. The Betway cellular app can be installed into nearly any Android or iOS gadget, utterly free of cost.
The choice of merchandise within the Betway Casino app is much like the companys web site. The identical applies to the choices required for registration, authorization, account replenishment, launching games, activating bonuses, etc. If youve questions relating to its use, youll find a way to always contact the support staff.
Here you also can make a forecast on what benefit the group will win or greater than what kind it wont concede to the opponent. For example, zero handicap may be very popular in test matches between sturdy teams. Each on-line sport has a unique approach to practice. Betway Casino ensures that their video slot machine reaches the variety of categories, together with the most recent and the normal titles. For a greater understanding of the options of the bookmaker, register and start taking half in, we guarantee you may be pleasantly stunned.
For sports activities betting lovers, the betting firm presents a welcome bonus of $150 with a huge one hundred pc first deposit bonus. This welcome offer has a particular Betway promotional code. Betways bonus program is somewhat uncommon for a bookmaker. The welcome bonus for casino players is only one, however its legitimate on your first three deposits and may bring you a total of $1,000 at the end of three phases.
Indian soccer buffs also can put money down on top-tier European occasions the Champions League and Europa League. Football is palms down the most well-liked sport on the planet and has an unlimited and loyal fan base in India. [newline]Betway comes up sturdy in this neck of the woods, too. We cant say we have been shocke...
Betway Evaluation & Bonus Code h+ Media
It allows you to enhance your odds and earn cash in your greatest information. As seen, gamers can use any fashionable browser to find Betway. The platform will match any display dimension, thus permitting high-quality gameplay. To entry the Betway mobile website, you first need to ensure your system fulfils several specs. Take a look at the extra table weve made and check the minimum requirements your cellular needs to entry the Betway platform and play.
The Betway poker app works nicely independently from a device. You can get a Windows, iOS, or Android utility free of charge by visiting the Betway portal. If the incompatibility error happens during the course of and additional progress is inconceivable, you need to get to the Support service. There, a manager will recommend to you all attainable methods out.
Popular options embrace set betting, match winner, complete games, and handicaps. The next step is selecting the odds for the sports activities category you wish to bet on. A participant can place bets on a number of matches or a single match, depending on their preference. The first step to putting a guess on the platform is logging into your account with your account info.
Then, click on the My Account tab and select Withdraw. This have to be accomplished to stop illicit registration on the app. The help agents at Betway truly go the extra mile to resolve customer queries as quickly as potential. Theyre attentive, resourceful, environment friendly, and responsive, even during rush hours. The rotating promotion banners are displayed at the centre of the web page, however they dont cowl a lot of the actual estate nor trigger muddle.
All you have to do is open the app in your telephone and luxuriate in betting and gambling anytime and wherever. Betway hasnt misplaced its high quality even after its massive recognition. The User interface of Betway is similar to the website. The company is regulated within the UK by the regional Gambling Commission and internationally by the Malta Gambling Authority. The one issue I confronted was the excessive level of margins for the betting. In the reside events, Betway also alters the percentages more drastically than the other playing sites.
If you create an account beneath a fictitious name, you will be unable to withdraw your winnings. The application takes up little house and consumes a minimal of gadget assets, which offers a quick response when selecting choices and prompt page loading. The cellular software program implements all security measures that guarantee the safety of confidential info and money account. Restart your cell and retry downloading the app from the Apple Store.
The website administration additionally permits all customers to obtain a welcome bonus. Users have two sorts to select from Welcome Sports 200% and Welcome Casino 200%. You can accept the provide, play 4rabet for money with...
President Biden Signs Executive Order Restricting Use of Commercial Spyware The Hacker News
U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government agencies. The order said the spyware ecosystem "poses significant counterintelligence or security risks to the United States Government or significant risks of improper use by a foreign government or foreign person." It also seeks to ensure that the government's use of
MPA, Amazon & Apple Win $30m in Damages Against Pirate IPTV Services TorrentFreak
Operators of pirate IPTV services in the United States risk prison sentences and civil copyright infringement lawsuits when things dont go to plan.
The recent 66-month sentence handed to YouTuber Omi in a Hellcat is one example with a particularly hefty price tag $30+ million in restitution.
IPTV services operated by Texas resident Dwayne Johnson werent as big or as profitable, but certainly important enough for Hollywood to step in with overwhelming resources.
In December 2021, movie and TV giants Universal, Disney, Paramount, Warner, and Columbia teamed up with Netflix, Amazon, Apple, and several other studios, in a lawsuit targeting AllAccessTV (AATV) and Quality Restreams.
The complaint alleged that AATV supplied infringing movies and TV shows via its IPTV and VOD services. Titles including The Godfather, Harry Potter, Jurassic Park, and The Office were distributed to subscribers via their smart TVs, computers, set-top boxes, plus mobile and tablet devices.
The studios said that most subscribers paid between $10 to $45 per month to access around 2,500 channels.
Connected service Quality Restreams allegedly provided infringing movies and TV shows to other pirate IPTV providers, including AATV.
In addition to live IPTV channels, its VOD service supplied 600 movies and 600 TV series, organized into named categories, including Netflix, Amazon Prime Video, Hulu, and Disney+.
While most IPTV providers make at least some effort to hide their nature, the lawsuit alleged that AATV went a little further by presenting itself as a VPN provider.
The lawsuit revealed that along with many other pieces of cross contamination evidence, the studios...
Researchers Develop Soft Robot That Shifts From Land to Sea With Ease SoylentNews
[R]esearchers at Carnegie Mellon University have created soft robots that can seamlessly shift from walking to swimming, for example, or crawling to rolling:
"We were inspired by nature to develop a robot that can perform different tasks and adapt to its environment without adding actuators or complexity," said Dinesh K. Patel, a post-doctoral fellow in the Morphing Matter Lab in the School of Computer Science'sHuman-Computer Interaction Institute. "Our bistable actuator is simple, stable and durable, and lays the foundation for future work on dynamic, reconfigurable soft robotics."
The bistable actuator is made of 3D-printed soft rubber containing shape-memory alloy springs that react to electrical currents by contracting, which causes the actuator to bend. The team used this bistable motion to change the actuator or robot's shape. Once the robot changes shape, it is stable until another electrical charge morphs it back to its previous configuration.
[...] The actuators require only a hundred millisecond of electrical charge to change their shape, and they are durable. The team had a person ride a bicycle over one of the actuators a few times and changed their robots' shapes hundreds of times to demonstrate durability.
In the future, the robots could be used in rescue situations or to interact with sea animals or coral. Using heat-activated springs in the actuators could open up applications in environmental monitoring, haptics, and reconfigurable electronics and communication.
Video of the robot in action.
Related:
Its Difficult To Read An Audiophile Guide As An Analogue Engineer Hackaday
Sitting on a train leaving the Hackaday Berlin conference, and Hacker News pops up Julian Shapiro with a guide to HiFi. What Hackaday scribe wouldnt give it a click, to while away the endless kilometres of North European Plain!
Its very easy as an analogue electronic engineer, to become frustrated while reading audiophile tracts, after all they have a tendency to blur superficial engineering talk with pseudoscience. Theres a rich vein of parody to be found in them, but nevertheless its interesting to read them because just sometimes the writer gets it and doesnt descend into the world of make-believe.
This one is probably par for the course, we raised an eyebrow at the idea of comparing different speaker setups merely from sampled recordings, and rolled our eyes at the usual price-tag worship, but at least some of the acoustics stuff isnt from another planet. The stand-out quote that motivated its write-up here though is the following, where he addresses the relationship between the audiophile industry and the audiophile press:
Also, note that almost all hifi reviews are positive. This is b...
Peter A. Swan, President of the International Space Elevator Consortium, joins our Space Settlement Board. Lifeboat News
Peter A. Swan, President of the International Space Elevator Consortium, joins our Space Settlement Board.
Are coincidences real? Terra Forming Terra
In Cods Shadow, Redfish Rise Terra Forming Terra
Stuck with the soul Terra Forming Terra
NHS Dr reveals Staff were ordered to Euthanise Patients to fraudulently increase COVID Death Count Terra Forming Terra
Microsoft Research Paper Claims Sparks of Artificial Intelligence in GPT-4 SoylentNews
Microsoft Research has issued a 154-page report entitled Sparks of Artificial Intelligence: Early Experiments With GPT-4:
Given the breadth and depth of GPT-4's capabilities, we believe that it could reasonably be viewed as an early (yet still system.
Zvi Mowshowitz wrote a post about this article:
[...] Their method seems to largely be 'look at all these tasks GPT-4 did well on.'
I am not sure why they are so impressed by the particular tasks they start with. The first was 'prove there are an infinite number of primes in the form of a rhyming poem.' That seems like a clear case where the proof is very much in the training data many times, so you're asking it to translate text into a rhyming poem, which is easy for it - for a challenge, try to get it to write a poem that doesn't rhyme.
[...] As I understand it, failure to properly deal with negations is a common issue, so reversals being a problem also makes sense. I love the example on page 50, where GPT-4 actively calls out as an error that a reverse function is reversed.
[...] in 6.1, GPT-4 is then shown to have theory of mind, be able to process non-trivial human interactions, and strategize about how to convince people to get the Covid-19 vaccine far better than our government and public health authorities handled things. The rank order is clearly GPT-4's answer is very good, ChatGPT's answer is not bad, and the actual answers we used were terrible.
[...] Does this all add up to a proto-AGI? Is it actually intelligent? Does it show 'sparks' of general intelligence, as the paper words it?
Read more of this story at SoylentNews.
Associative learning in the cnidarian Nematostella vectensis Lifeboat News: The Blog
The ability to learn and form memories allows animals to adapt their behavior based on previous experiences. Associative learning, the process through which organisms learn about the relationship between two distinct events, has been extensively studied in various animal taxa. However, the existence of associative learning, prior to the emergence of centralized nervous systems in bilaterian animals, remains unclear. Cnidarians such as sea anemones or jellyfish possess a nerve net, which lacks centralization. As the sister group to bilaterians, they are particularly well suited for studying the evolution of nervous system functions. Here, we probe the capacity of the starlet sea anemone Nematostella vectensis to form associative memories by using a classical conditioning approach. We developed a protocol combining light as the conditioned stimulus with an electric shock as the aversive unconditioned stimulus. After repetitive training, animals exhibited a conditioned response to light aloneindicating that they learned the association. In contrast, all control conditions did not form associative memories. Besides shedding light on an aspect of cnidarian behavior, these results root associative learning before the emergence of NS centralization in the metazoan lineage and raise fundamental questions about the origin and evolution of cognition in brainless animals.
Hacking phones remotely without touching via new inaudible ultrasound attack Lifeboat News: The Blog
The NearUltrasound Invisible Trojan, or NUIT, was developed by a team of researchers from the University of Texas at San Antonio and the University of Colorado Colorado Springs as a technique to secretly convey harmful orders to voice assistants on smartphones and smart speakers.
If you watch videos on YouTube on your smart TV, then that television must have a speaker, right? According to Guinevere Chen, associate professor and co-author of the NUIT article, the sound of NUIT harmful orders will [be] inaudible, and it may attack your mobile phone as well as connect with your Google Assistant or Alexa devices. That may also happen in Zooms during meetings. During the meeting, if someone were to unmute themself, they would be able to implant the attack signal that would allow them to hack your phone, which was placed next to your computer.
The attack works by playing sounds close to but not exactly at ultrasonic frequencies, so they may still be replayed by off-the-shelf hardware, using a speaker, either the one already built into the target device or anything nearby. If the first malicious instruction is to mute the devices answers, then subsequent actions, such as opening a door or disabling an alarm system, may be initiated without warning if the first command was to silence the device in the first place.
An Old Netbook Spills Its Secrets Hackaday
For a brief moment in the late 00s, netbooks dominated the low-cost mobile computing market. These were small, low-cost, low-power laptops, some tiny enough to only have a seven-inch display, and usually with extremely limiting hardware even for the time. There arent very many reasons to own a machine of this era today, since even the cheapest of tablets or Chromebooks are typically far more capable than the Atom-based devices from over a decade ago. There is one set of these netbooks from that time with a secret up its sleeve, though: Phoenix Hyperspace.
Hyperspace was envisioned as a way for these slow, low-power computers to instantly boot or switch between operating systems. [cathoderaydude] wanted to figure out what made this piece of software tick, so he grabbed one of the only netbooks that it was ever installed on, a Samsung N210. The machine has both Windows 7 and a custom Linux distribution installed on it, and with Hyperspace its possible to switch almost seamlessly between them in about six seconds; effectively instantly for the time.
[cathoderaydude]s investigation into how bargain-basement hardware from 15 years ago is able to do this revealed more mysteries than it seemed to solve at the time. At first it...
What you need before the next vulnerability hits Help Net Security
Cyberattacks tend to come from two angles: criminals take advantage of employees with privileged access or of security weaknesses in your hardware/software infrastructure. These broad categories encompass attack vectors such as phishing, man-in-the-middle attacks, misconfigurations, and vulnerability exploits. To prevent bad actors exploiting vulnerabilities, you must take action to reduce or eliminate security risks. Take stock of your software and get notifications for security issues Understand which tools your software uses: First, understand which software More
The post What you need before the next vulnerability hits appeared first on Help Net Security.
Running a security program before your first security hire Help Net Security
In this Help Net Security video, Matt Spitz, Head of Engineering at Vanta, talks about pragmatic security and illustrates what a small company with limited resources needs to do to lay the groundwork for effective protection.
The post Running a security program before your first security hire appeared first on Help Net Security.
Apple Issues Urgent Security Update for Older iOS and iPadOS Models The Hacker News
Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models. The issue, tracked as CVE-2023-23529, concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution. It was originally addressed by the tech giant with improved checks as part of updates released on February 13, 2023. An anonymous researcher has been
What the food and building industry can teach us about securing embedded systems Help Net Security
As one of the leading experts in product security with over 15 years of experience in security engineering and 120 cybersecurity patents under his belt, Adam Boulton is one of the most experienced software security professionals in the industry. Currently the SVP of Security Technology and Innovation at Cybellum, the Left to Our Own Devices podcast invited Adam Boulton to share his experience and his tips on building a product security strategy. Adam didnt expect More
The post What the food and building industry can teach us about securing embedded systems appeared first on Help Net Security.
Balancing security risks and innovation potential of shadow IT teams Help Net Security
Shadow IT teams, also known as rogue IT teams, have grown in popularity in recent years due to the rise of cloud-based apps and remote work. However, this has led to operational tension and security risks within many businesses. 58% of SMBs have experienced high-impact shadow IT efforts outside the purview of their official IT department, according to Capterra. Half of SMBs say shadow IT teams are most commonly formed because theres a lack of More
The post Balancing security risks and innovation potential of shadow IT teams appeared first on Help Net Security.
A Federal Judge Has Ruled Against the Internet Archive in a Lawsuit Brought by Four Book Publishers SoylentNews
The Internet Archive has published a post about their ongoing fight in the lower courts over Controlled Digital Lending (CDL), specifically from the case Hachette v Internet Archive. This potentially affects all libraries with digital resources and the Internet Archive will appeal the court's decision.
Today's lower court decision in Hachette v. Internet Archive is a blow to all libraries and the communities we serve. This decision impacts libraries across the US who rely on controlled digital lending to connect their patrons with books online. It hurts authors by saying that unfair licensing models are the only way their books can be read online. And it holds back access to information in the digital age, harming all readers, everywhere.
But its not overwe will keep fighting for the traditional right of libraries to own, lend, and preserve books. We will be appealing the judgment and encourage everyone to come together as a community to support libraries against this attack by corporate publishers.
The Electronic Frontier Foundaion (EFF) pointed out that libraries have already paid publishers billions of dollars for their print collections which are being digitized at great expense as means of preserving these slowly decaying artifacts. CDL helps make full use of the books that the public have already bought and paid for in their libraries. Gizmodo had a piece a few days ago, giving a heads up about this setback: Internet Archive Faces Uphill Battle in Lawsuit Over Its Free Digital Library.
Hachette and several other publishers are fighting the Internet Archive in court to stop the practice of CDL. Basically, CDL is a model where artificial restrictions are imposed to create artificial scarcity of digital resources in emulation of the old model based on physical artifacts. This attack on basic library service is just the latest in decades of such attacks. Glyn Moody provides some context about other, long-term general attempts to remove libraries from the picture.
Read more of this story at SoylentNews.
Tausight expands its AI-based PHI Security Intelligence platform to cover new attack vectors Help Net Security
Tausight has expanded its AI-based PHI Security Intelligence platform which automates the discovery and identification of electronic PHI to enhance the protection of healthcare patients most valuable confidential information. On March 7, President Biden announced his National Cybersecurity Strategy, reflecting the growing awareness of ongoing ransomware attacks and cyber threats facing healthcare and other leading industries. Because each data security breach imposes significant fines on hospitals and disrupts patient care, the healthcare industry has unique More
The post Tausight expands its AI-based PHI Security Intelligence platform to cover new attack vectors appeared first on Help Net Security.
Long-Distance Gaming Over Packet Radio Hackaday
The amateur radio community often gets stereotyped as a hobby with a minimum age requirement around 70, gatekeeping airwaves from those with less experience or simply ignoring unfamiliar beginners. While there is a small amount of truth to this on some local repeaters or specific frequencies, the spectrum is big enough to easily ignore those types and explore the hobby without worry (provided you are properly licensed). One of the best examples of this weve seen recently of esoteric radio use is this method of using packet radio to play a game of Colossal Cave Adventure.
Packet radio is a method by which digital information can be sent out over the air to nodes, which are programmed to receive these transmissions and act on them. Typically this involves something like email or SMS messaging, so playing a text-based game over the air is not too much different than its intended use. For this build, [GlassTTY] aka [G6AML] is using a Kenwood TH-D72 which receives the packets from a Mac computer. It broadcasts these packets to his node, which receives these packets and sends them to a PDP-11 running the game. Information is then sent back to the Kenwood and attached Mac in much the same way as a standard Internet connection.
The unique features of packet radio make it both...
We've added 15 more text tools catonmat.net
Team Browserling keeps shipping!
Two weeks ago we added 50 new text tool.
Last week we added 20 more tools.
And just now we added 15 more text tools to our Online Text Tools collection.
I have done my part of the job and now it's Google's turn to index them and rank them well.
Here are the new text tools:
Next week we'll add even more tools. See you then!
Links 27/03/2023: GnuCash 5.0 and Ubuntu 20.04 LTS on Phones Techrights
YouTube Channel Linus Tech Tips Terminated After It Was Hacked to Show Crypto-Scam Videos SoylentNews
What just happened? Linus Tech Tips, one of the largest and most popular technology YouTube channels on the platform, has been hacked. It was used by the hackers to show pre-recorded 'live-streaming' crypto-scam videos, featuring former Twitter CEO Jack Dorsey and Tesla CEO Elon Musk. The channel is now showing a message stating it has been shut down for violating YouTube's community guidelines, but it appears Linus' other channels are also being abused.
Linus Sebastian's Linus Tech Tips YouTube channel has been running since 2008 and has amassed 15.8 million subscribers. The Canadian has several channels under the Linus Media Group banner, including TechLinked, but the main one remains the most popular. Sadly for all involved, it's become the latest high-profile channel to be hacked.
[...]
YouTube has shuttered the channel for violating its guidelines, but it seems the hackers have now gone after other Linus Media Group accounts. TechLinked has been renamed Tesla and is showing the same Musk livestream.
[...]
While all the content from the channels has been deleted, Linus previously created several videos showing off the high-end hardware used to store the terabytes of backups the company created over the years.
[UPDATE: After taking back control of the channels, he released a video explaining how it all went down by way of a little bit of social engineering resulting in the attacker gaining their browser session token --hubie]
Also:
Linus Tech Tips YouTube Channel Hacked to Promote Crypto
Scams
Linus Tech Tips YouTube Channel Is Down After Crypto Scammer
Hack
VERGE STUPIDLY MAKES THEIR TITLES IMAGES NOW (Though, it could
just be the one article. This is also an article on the Linus Tech
Tips YouTube channel hack.)
Related:
Live Show
on Improving Your Security -- Wednesday June 3rd, 2020
(NCommander - 2020)
Security
Warning For 23 Million YouTube Creators Following 'Massive' Hack
Attack (2019)
...
HPR3822: A tale of wonder, angst and woe Hacker Public Radio
In December of 2022, I traveled to Hong Kong, at some point en-route or in-country, I contracted covid. Backing up a step in preparation for the trip I was required to have a negative PCR before I could board the plane from the US as well as proof of vaccination and at least one booster shot. HKSAR Department of Health - Health Declaration Form (https://hdf.chp.gov.hk/dhehd/hdf.jsp?lang=en-us) Upon arrival, I was required to quarantine for 3 days as well as take a home test (referred to as RAT: Rapid Antigen Test, by the locals) every day for the first 7 days On the 2nd full day in HK, I was required to take another clinical PCR provided at a health center, free of charge. On the third day I received my PCR and RAT tests as Covid Positive. By law I was now required to quarantine in my hotel until I tested negative on 2 consecutive days. Since my symptoms were very mild, a sniffle and low grade temp, merely 2-3 deg above normal, I could stay in the hotel and was not required to transfer to a public health center. I was also required to register the positive results with a government website. This registration kicked off a series of events, including a visit from a health representative. (he stood in the hall, I was not permitted to leave the room) I was Required to install an app on my phone called "Stay Home Safe'' and to wear a wristband that I presume was a GPS and possibly temp/pulse tracking device that connected to my phone by bluetooth. The agent installed the app, and synced the watch to it. The complete shownotes are available downloaded from http://bookewyrmm.42web.io/covid.html
Typescript Feature Adoption It Will Never Work in Theory
I started programming full-time eighteen months ago after almost ten years of doing other things. The Python I came back to was not the Python I had left: the language had acquired so many new features that it felt more like Java than like the handy little scripting language I remembered. Those features all solve real problems, but I found myself wondering how many people actually use them.
This paper attempts to answer that question for Typescript by looking at the adoption of 13 new language features over the past three years by 454 open source projects. The authors found that developers are quick to adopt new versions of the compiler, but much more conservative about features, and that some see little uptake even in the long run. I don't know if it would be possible to build models or develop methods to predict which features were going to prove popular, but I hope work like this will encourage language developers to ask, "Will it be used?" as well as, "Would it be useful?"
Joshua D. Scarsbrook, Mark Utting, and Ryan K. L. Ko. Typescript's evolution: an analysis of feature adoption over time. 2023. arXiv:2303.09802.
TypeScript is a quickly evolving superset of JavaScript with active development of new features. Our paper seeks to understand how quickly these features are adopted by the developer community. Existing work in JavaScript shows the adoption of dynamic language features can be a major hindrance to static analysis. As TypeScript evolves the addition of features makes the underlying standard more and more difficult to keep up with. In our work we present an analysis of 454 open source TypeScript repositories and study the adoption of 13 language features over the past three years. We show that while new versions of the TypeScript compiler are aggressively adopted by the community, the same cannot be said for language features. While some experience strong growth others are rarely adopted by projects. Our work serves as a starting point for future study of the adoption of features in TypeScript. We also release our analysis and data gathering software as open source in the hope it helps the programming languages community.
Hunters integrates its SOC Platform with Databricks Lakehouse Help Net Security
Hunters has integrated its SOC (Security Operations Center) Platform with the Databricks Lakehouse. For the first time, Databricks customers will be able to stand up a security data lake for security operations (data ingestion, detection, investigation and response) in just a few clicks using Hunters SOC Platform. Hunters SOC Platform is an alternative to SIEM that ingests, normalizes and analyzes data from all security and IT sources, including endpoint telemetry, network traffic, identity, and cloud More
The post Hunters integrates its SOC Platform with Databricks Lakehouse appeared first on Help Net Security.
Hackaday Berlin was Bonkers Hackaday
In celebration of the tenth running of the Hackaday Prize, we had a fantastic weekend event in Berlin. This was a great opportunity for all of the European Hackaday community to get together for a few days of great talks, fun show-and-tells, and above all good old fashioned sitting together and brainstorming. Of course there was the badge, and the location a gigantic hackerspace in Berlin called MotionLab even had a monstrous laser-eye octopus suspended from a gantry overhead. Everyone who came brought something to share or to show. You couldnt ask for more.
Unfortunately, we werent able to record the talks, so well run down the highlights for you here. [Jenny List] is writing up a bunch of the badge hacks as we speak, so well skip that for now. For the full experience, you just had to be there, but well share with you what pictures we got. Enjoy!
The morning kicked off with [Jiska Classen] taking us through her reverse engineering practice. Sh...
Re: New distros list statistics Open Source Security
Posted by Anthony Liguori on Mar 27
Yes.AU10TIX partners with Microsoft on decentralized verifiable credentials Help Net Security
AU10TIX has unveiled that it is working with Microsoft on Reusable ID a verifiable credentials (VC) architecture for identity management. VCs are reusable, unalterable digital credentials that prove the identity of a person or entity and allow the safe sharing of personal documents and biometric credentials. VC architecture also gives users the self-sovereignty to share just the right information on-demand for actions such as opening an account, applying to college, paying taxes, etc. AU10TIXs More
The post AU10TIX partners with Microsoft on decentralized verifiable credentials appeared first on Help Net Security.
AMD Continues Linux Driver Enablement For Additional "Aldebaran" Instinct GPU Phoronix
Over the weekend I wrote about AMD beginning to post new graphics driver patches for a new GPU. As pointed out in that earlier article, it looks to be a new AMD Instinct MI300 / "Aldebaran" GPU model and today more patches were posted that further confirm this target...
MPA and RIAA Megaupload Lawsuits Are Now Inactive TorrentFreak
More than a decade has passed since Kim Dotcoms file-storage empire Megaupload collapsed after becoming the prime target in a high-profile law enforcement operation.
The U.S. Government booked an early result in 2015 when programmer Andrus Nomm was handed a one-year prison sentence following a plea deal.
The case lit up again last year when two of the three remaining defendants, Mathias Ortmann and Bram van der Kolk, signed an agreement to be charged in New Zealand and avoid extradition to the United States. That left Kim Dotcom as the sole active extradition candidate.
As Dotcoms extradition battle continues, the U.S. Governments criminal case has stalled along with a pair of civil lawsuits filed by the RIAA and MPA. These are not expected to begin until the criminal case is finalized, which could take a while.
Over the past several years, Megaupload has repeatedly asked the court to delay these lawsuits. This bi-annual postponement cycle began in 2014 and continued earlier this month.
Defendant Megaupload hereby moves the Court to enter the attached proposed order, continuing the stay in this case for an additional six months, subject to the terms and conditions stated in the proposed order, the requests note, adding there are no objections from the RIAA and MPA.
As expected, District Judge Anthony J. Trenga who took over the Megaupload lawsuits after complaints about Judge Liam OGradys alleged financial ties to Disney swiftly signed off on the new six-month delays.
[T]his matter be stayed until September 1, 2023, on the same terms and conditions as set forth in the Courts original stay order, the...
Apple fixes recently disclosed CVE-2023-23529 zero-day on older devices Security Affairs
Apple released security updates to backport patches that address an actively exploited zero-day flaw (CVE-2023-23529) for older iPhones and iPads.
The CVE-2023-23529 flaw is a type confusion issue in WebKit that was addressed by the IT giant with improved checks. The flaw impacts iOS, iPadOS, and macOS.
Apple addressed the vulnerability in February and US CISA added the issue to its Known Exploited Vulnerabilities Catalog on February 14, 2023.
An attacker can trick the victim into visiting malicious web pages to trigger the vulnerability and cause OS crashes or potentially gain arbitrary code execution on vulnerable devices.
Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. reads the advisory published by Apple.
Now Apple released security updates to fix the issue in iOS 15.7.4 and iPadOS 15.7.4.
The vulnerability impacted iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) devices.
In January, Apple backported the security updates for another zero-day vulnerability, tracked as CVE-2022-42856, to older iPhones and iPads.
To secure older devices against attacks exploiting the above issue, Apple released iOS 12.5.7. The patches are now available also for iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation).
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
...
Very Few Consumers Want Subscriptions in Their Cars, Survey Shows SoylentNews
Automakers are pushing subscriptions, but consumer interest just isn't there:
The last decade or so has seen the creeping techification of the auto industry. Executives will tell you the trend is being driven by consumers, starry-eyed at their smartphones and tablets, although the 2018 backup camera law is the main reason there's a display in every new car.
But automakers have been trying to adopt more than just shiny gadgets and iterating software releases. They also want some of that lucrative "recurring revenue" that so pleases tech investors but makes the rest of us feel nickeled and dimed. Now we have some concrete data on just how much car buyers are asking for this stuff, courtesy of a new survey from AutoPacific. The answer is "very little."
AutoPacific asked people looking to buy a new vehicle about their interest in 11 different in-car connected features, starting with a data plan for the car for a hypothetical price of $15/month.
The results may chasten some of the investors demanding that the car companies keep traveling down this path. The most in-demand or desirable feature was Internet connection with a Wi-Fi hotspotnot an unreasonable demand for $15 per month. But only 30 percent of people looking to buy a new car said they were interested in paying for their car's Internet access.
[...] AutoPacific also broke down some of its data by age brackets. The 30- to 39-year-old group was consistently the most interested in connected subscription features for their cars28 percent want to stream video directly to the infotainment screen, 20 percent want to play video games on the infotainment screen, and 18 percent want in-car video conferencing. As you might expect, the 60- to 69-year-old bracket was the least interested in any of this stuff; just 10 percent would want in-car video streaming, with video conferencing at 5 percent and in-car gaming at just 4 percent.
In other news, water is wet...
Read more of this story at SoylentNews.
New MacStealer macOS malware appears in the cybercrime underground Security Affairs
Uptycs researchers team discovered a new macOS information stealer, called MacStealer, which allows operators to steal iCloud Keychain data and passwords from infected systems.
The macOS malware can steal documents, credit card data, cookies from a victims browser (i.e. Firefox, Google Chrome, and Brave browsers), and login information.
The malicious code can steal Microsoft Office files, images, archives, and Python scripts.
It can infect Catalina and subsequent macOS versions running on Intel M1 and M2 CPUs.
The operators can control its MacStealers operations over Telegram.
The malware was advertised on cybercrime forums since early March, it is under active development and its operators planned to add new features to capture data from Apples Safari browser and the Notes app.
The malware spreads through a .DMG file, and upon opening the file, it opens a fake password prompt to gather passwords using a command line.
Portion of Twitters proprietary source code leaked on GitHub HackRead | Latest Cybersecurity and Hacking News Site
By Deeba Ahmed
Twitter had to file a DMCA request after its source code was found on GitHub.
This is a post from HackRead.com Read the original post: Portion of Twitters proprietary source code leaked on GitHub
Re: New distros list statistics Open Source Security
Posted by Solar Designer on Mar 27
Hi,RISC-Y Business: Arm Wants to Charge Dramatically More for Chip Licenses SoylentNews
Arm is tired of seeing device makers bring in billions while it makes millions:
What's in store for the future of chip maker Arm? The company's owner, Softbank, has been in financial trouble lately, and that has caused Arm to bounce from one dramatic possibility to another. Initially, Arm was put up for sale, and Nvidia was the front-runner to buy the company. That plan was shut down by regulators, and now "Plan B" is an IPO, which is supposed to happen on the New York Stock Exchange sometime this year. If you want to succeed on the stock market, you've got to show revenue, and while Arm enables the sale of billions of dollars of devices around the world, the company's chip licensing scheme only brings in a comparatively small amount of moneyaround $500 million a quarter.
The Financial Times has a report on Arm's "radical shake-up" of its business model. The new plan is to raise prices across the board and charge "several times more" than it currently does for chip licenses. According to the report, Arm wants to stop charging chip vendors to make Arm chips, and instead wants to charge device makersespecially smartphone manufacturersa fee based on the overall price of the final product.
Let's say Motorola makes a phone with a Qualcomm Snapdragon Arm chip. Previously, Qualcomm would have signed a deal with Arm for an Arm license, and that license would extend to anyone that buys a Qualcomm Arm chip, like Motorola. Qualcomm contributes a lot to its own chip designs, but when it comes to the Arm license it is basically an Arm reseller. Arm would now want a licensing fee from Motorola (and not Qualcomm?), and it would ask Qualcomm to not sell chips to anyone that doesn't have a licensing agreement with Arm.
Read more of this story at SoylentNews.
Distribution Release: UBports 20.04 OTA-1 DistroWatch.com: News
UBports is a Linux distribution designed to run on phones and tablets. The project is a community-run continuation of Ubuntu Touch. The project has published a major update which upgrades the base distribution from Ubuntu 16.04 to 20.04. "Ubuntu Touch is the privacy and freedom-respecting mobile operating system....
Rerouting Intention And Sensation In Paralyzed Patients IEEE Spectrum
Eliza Strickland: Paralysis used to be thought of as a permanent condition, but over the past two decades, engineers have begun to find workarounds. Theyre building on a new understanding of the electric code used by the nervous system. Im Eliza Strickland, a guest host for IEEE Spectrums Fixing the Future podcast. Today Im talking with Chad Bouton, whos at the forefront of this electrifying field of research. Chad, welcome to the program, and can you please introduce yourself to our listeners?
Chad Bouton: Yes, thanks so much, Eliza, for having me. And my name is Chad. Im at the Northwell Health Feinstein Institute for Medical research.
Strickland: And can you tell me a bit about the patient population that youre working with? I believe these are people who had become paralyzed, and maybe you can tell us how that happened and the extent of their paralysis.
Bouton: Absolutely. Absolutely. In fact, we work with folks that have been paralyzed either from a traumatic injury, stroke, or even a brain injury. And theres over 100 million people worldwide that are living with paralysis. And so its a very devastating and important condition, and we are working to restore not only movement, but were making efforts to restore sensation as well, which is often not the focus and certainly should be.
Strickland: So these are people who typically dont have much movement below the head, below the neck?
Bouton: So we have focused on tetraplegia or quadriplegia because, obviously, its extremely important and it is very difficult to achieve independence in our daily lives if you dont have the use of your hands in addition to not being able to move around and walk. And it surprisingly accounts for about half of the cases of spinal cord injury, even slightly more than half. And it used to be thought of as something that was a more rare condition, but with car accidents and diving accidents, its a prominent and critical condition that we need to really address. And theres no cure currently for paralysis. No easy solution. No simple fix at this point.
Strickland: And from your experiences working with these people, what kind of capabilities would they like to get back if possible?
Bouton: Well, individuals with paralysis would like to really regain independence. Ive had patients and study participants comment on that and really ask for advances in technology that would give them that in...
Better Carbon Sequestration With AI IEEE Spectrum
Eliza Strickland: Technology to combat climate change got a big boost this year when the US Congress passed the Inflation Reduction Act, which authorized more than 390 billion for spending on clean energy and climate change. One of the big winners was a technology called carbon capture and storage. Im Eliza Strickland, a guest host for IEEE Spectrums Fixing the Future podcast. Today, Im speaking with Philip Witte of Microsoft Research whos going to tell us about how artificial intelligence and machine learning are helping out this technology. Philip, thanks so much for joining us on the program.
Philip Witte: Hi, Eliza, Im glad to be here.
Strickland: Can you just briefly tell us what you do at Microsoft Research, tell us a little bit about your position there?
Witte: Sure. So Im a researcher at Microsoft Research, and Im working on scientific machine learning in a broader sense and high-performance computing in the cloud. And specifically, how do you apply recent advances in machine learning in the HPC to carbon capture? And Im part of a group at Microsoft thats called Research for Industry, and were overall part of Microsoft Research, but were specifically focusing on transferring technology and computer science to solving industry problems.
Strickland: And how did you start working in this area? Why did you think there might be real benefits of applying artificial intelligence to this tricky technology?
Witte: So I was actually pretty interested in this topic for a couple years now, and then really started diving deeper into it maybe a year-and-a-half ago when Microsoft had signed a memorandum of understanding with one of the big CCS projects that is called Northern Lights. So Microsoft and them signed a contract to explore possibilities of how Microsoft can support the Northern Lights project as a technology partner.
Strickland: So well get into some of these super tech details in a little bit. But before we get to those, lets do a little basic tutorial on the climate science here. How and where can carbon dioxide be meaningfully captured, and how can it be stored, and where?
Witte: So I think its worth pointing out that there are kind of two main technologies around carbon capture, and one is called direct air capture, where you capture CO2 directly fro...
Pending RADV Driver Change Leads To Much Lower System RAM Use For Some Games Phoronix
A pending change to the Mesa Radeon Vulkan driver "RADV" is leading to much lower system RAM use for some games that make use of many Vulkan Graphics Pipeline Libraries (GPL). The game causing this issue to be investigated was Valve's Dota 2 on RADV and is now seeing an 85% reduction in system RAM use by this open-source Radeon Linux driver...
Pwn2Own 2023: Tesla Model 3, Windows 11, Ubuntu and more Pwned HackRead | Latest Cybersecurity and Hacking News Site
By Deeba Ahmed
This year's Pwn2Own 2023 was held in Vancouver between March 22nd and 24th, 2023.
This is a post from HackRead.com Read the original post: Pwn2Own 2023: Tesla Model 3, Windows 11, Ubuntu and more Pwned
UK police reveal they are running fake DDoS-for-hire sites to collect details on cybercriminals Graham Cluley
There's bad news if you're someone who is keen to launch a Distributed Denial-of-Service (DDoS) attack to boot a website off the internet, but don't have the know-how to do it yourself. Rather than hiring the help of cybercriminals to bombard a site with unwanted traffic or kick rivals out of a video game, you might be actually handing your details straight over to the police. Read more in my article on the Hot for Security blog.
Ubuntu Touch OTA-1 Focal Released For Ubuntu 20.04 LTS On Smartphones Phoronix
CVE-2023-25197: apache fineract: SQL injection vulnerability in certain procedure calls Open Source Security
Posted by James Dailey on Mar 27
Severity: moderateCVE-2023-25196: Apache Fineract: SQL injection vulnerability Open Source Security
Posted by James Dailey on Mar 27
Severity: importantCVE-2023-25195: Apache Fineract: SSRF template type vulnerability in certain authenticated users Open Source Security
Posted by James Dailey on Mar 27
Severity: moderateAutomate container and pod deployments with Podman and Ansible Linux.com
Podman and Ansible are even better together for enabling automation and orchestration of container and pod lifecycles.
Read More at Enable Sysadmin
The post Automate container and pod deployments with Podman and Ansible appeared first on Linux.com.
Intel Sapphire Rapids Performance With Google Cloud Compute Engine C3 Phoronix
Back in October Google announced their Compute Engine C3 instances in private preview that featured 4th Gen Xeon Scalable "Sapphire Rapids" processors as well as making use of Google's custom Intel Infrastructure Processing Unit (IPU). Since then, back in January, was the big Sapphire Rapids launch with the likes of the Xeon Platinum 8490H being released. Last month meanwhile Google promoted the C3 VMs to public preview state. The Sapphire Rapids C3 VMs remain in "public preview" from Google Cloud during which time there are no charges involved for the CPU costs. For those wondering about the core-for-core performance of Sapphire Rapids in Google Cloud, here are my initial benchmarks of the C3 series.
Amazon is About to Go Head to Head With SpaceX in a Battle for Satellite Internet Dominance SoylentNews
In its bid to catch up with Starlink, the company plans to build as many as four satellites a day:
Amazon has applied to the FCC to increase its constellation to 7,774 satellites, which would allow it to cover regions further north and south, including Alaska, as Starlink does.
There are riches to be had: SpaceX currently charges $110 a month to access Starlink, with an up-front cost of $599 for an antenna to connect to the satellites. According to a letter to shareholders last year, Amazon is spending "over $10 billion" to develop Kuiper, with more than 1,000 employees working on the project. Andy Jassy, Amazon's current CEO, has said that Kuiper has a chance of becoming a "fourth pillar" for the company, alongside its retail marketplace, Amazon Prime, and its widely used cloud computing service, Amazon Web Services
"Amazon's business model relies on people having internet connectivity," says Shagun Sachdeva, an industry expert at the space investment firm Kosmic Apple in France. "It makes a lot of sense for them to have this constellation to provide connectivity."
Amazon is not yet disclosing the pricing of its service but has previously said a goal is to "bridge the digital divide" by bringing fast and affordable broadband to "underserved communities," an ambition Starlink has also professed. But whether costs will ever get low enough for that to be achievable remains to be seen. "Costs will come down, but to what extent is really the question," says Sachdeva. On March 14, the company revealed it was producing its own antennas at a cost of $400 each, although a retail cost has not yet been revealed.
Read more of this story at SoylentNews.
The Do-or-Die Moments That Determined the Fate of the Internet IEEE Spectrum
New technologies often are introduced through spectacle: Think of the historic demonstrations carried out by Faraday, Edison, Morse, and Bell, or, more recently, by Steve Jobs onstage in his black turtleneck at Macworld 2007, holding the first iPhone. Indeed, hyped-up product announcements at industry events like the Consumer Electronics Show (now CES) and the Game Developers Conference have become regular features of the digital world.
Theres also a parallel traditionless flashy but no less importantof industry events that focus attention on digital infrastructure. Several of these events, such as the first public demo of the ARPANET in 1972, or the mid-1980s conferences now known as Interop, alerted experts to new technologies, and, in some cases, altered the balance between competing approaches.
Although many of these gatherings have escaped the attention of historians, our view is that these events should be recognized more fully as moments where experts could glimpse possible futures and judge for themselves what was most likely to happen. Here we describe a few of these do-or-die moments. You may not have heard of any of these eventsbut if you were there, you will never forget them.
The ARPANET was one of the first networks to apply packet switching, an approach to communications that breaks messages into discrete chunks, or packets, of data. It was a major departure from circuit-switched networks, such as telephone networks, for which communication partners were linked through a dedicated circuit.
The first node of the ARPANET was installed at the University of California, Los Angeles, in 1969. But the ARPANET didnt take off immediately. And by mid-1971, program director Lawrence Roberts of the Advanced Research Projects Agency (ARPA) was becoming impatient with the slow pace at which ARPA-funded researchers were getting connected. One of these researchers, Bob Kahn, suggested that Roberts organize a public demonstration of the ARPANET, both to educate other researchers about the networks capabilities and to encourage new partners to support the initiative. Once Kahn found a venue for the demoat the International Conference on Computer Communications (ICCC), to be held in Washington, D.C., in late October of 1972he worked feverishly to get it organ...
IndyWatch Science and Technology News Feed Archiver | |
Go Back:30 Days | 7 Days | 2 Days | 1 Day |
|
IndyWatch Science and Technology News Feed was generated at World News IndyWatch. |