SoylentNews

Arthur T Knackerbracket has found the following story:

Galaxies come in many shapes and sizes. One of the key galaxy types we see in the universe is the spiral galaxy, as demonstrated in an especially beautiful way by the subject of this Hubble Space Telescope image, NGC 2985. NGC 2985 lies over 70 million light-years from the solar system in the constellation of Ursa Major (the Great Bear).

The intricate, near-perfect symmetry on display here reveals the incredible complexity of NGC 2985. Multiple tightly wound spiral arms widen as they whirl outward from the galaxy's bright core, slowly fading and dissipating until these majestic structures disappear into the emptiness of intergalactic space, bringing a beautiful end to their starry splendor.

[...] The image (1.7MB) can be found here.

Original Submission

takyon writes:

Ex-NSA Contractor Who Stole Top Secret Documents Is Sentenced To 9 Years In Prison

A former National Security Agency contractor who pleaded guilty to stealing vast troves of classified material over the course of two decades has been sentenced to nine years in prison.

Harold Martin III, 54, apologized before U.S. District Judge Richard Bennett handed down the sentence on Friday.

"My methods were wrong, illegal and highly questionable," Martin told the court in Baltimore, according to The Associated Press.

Earlier this year, he pleaded guilty to "willful retention of national defense information," a crime that carries a punishment of anywhere from no jail time to a maximum prison sentence of 10 years. His plea agreement called for a sentence of nine years in prison.

Previously: NSA Contractor Harold Martin III Arrested
NSA Contractor Accused of "Stealing" Terabytes of Information, Charged Under Espionage Act
The Shadow Brokers Identify Hundreds of Targets Allegedly Hacked by the NSA
Former NSA Contractor May Have Stolen 75% of TAO's Elite Hacking Tools
Former NSA Contractor Harold Martin Indicted

Original Submission

Arthur T Knackerbracket has found the following story:

Mission planners at NASA and ESA's Operations Centre (ESOC) have spent months debating the pros and cons of different orbits, and have now decided on the path of the Lunar Gateway.

Like the International Space Station, the Gateway will be a permanent and changeable human outpost. Instead of circling our planet however, it will orbit the moon, acting as a base for astronauts and robots exploring the lunar surface.

Like a mountain refuge, it will also provide shelter and a place to stock up on supplies for astronauts en route to more distant destinations, as well as providing a place to relay communications and a laboratory for scientific research.

Mission analysis teams at ESOC are continuing to work closely with international partners to understand how this choice of orbit affects vital aspects of the mission—including landing, rendezvous with future spacecraft and contingency scenarios needed to keep people and infrastructure safe.

The Gateway, it has recently been decided, will follow a near-rectilinear halo orbit, or NRHO.

Instead of orbiting around the moon in a low lunar orbit like Apollo, the Gateway will follow a highly 'eccentric' path. At is closest, it will pass 3000 km from the lunar surface and at its furthest, 70 000 km. The orbit will actually rotate together with the moon, and as seen from the Earth will appear a little like a lunar halo.

Orbits like this are possible because of the interplay between the Earth and moon's gravitational forces. As the two large bodies dance through space, a smaller object can be 'caught' in a variety of stable or near-stable positions in relation to the orbiting masses, also known as libration or Lagrange points.

Such locations are perfect for planning long-term missions, and to some extent dictate the design of the spacecraft, what it can carry to and from orbit, and how much energy it needs to get—and stay—there.

Original Submission

"upstart" writes for SoyCow7671:

GDPR Shows Its Teeth, Goes After Breached Companies

In 2018, the European Union (EU) General Data Protection Regulation (GDPR) heralded in the most important change in data privacy regulation in 20 years.

[...] EU regulators have long warned that non-compliance with GDPR would result in hefty penalties. Beginning as early as 2018, tech giants Facebook and Google faced scrutiny for a lack of transparency about the data they collect. They were eventually fined €56 million.

But tech companies aren't the only ones in the spotlight. CIO Dive reports that in July 2019, the UK's Information Commissioner's Office announced plans to fine British Airways and Marriott International $230 million and $124 million, respectively, for data breaches reported in 2018.

This action is a huge red flag for all companies. It signifies that GDPR is far more broad reaching than most firms had anticipated.

"The aim of the GDPR is to protect all EU citizens from privacy and data breaches in today's data-driven world," states the regulation. "Under the GDPR, breach notifications are now mandatory in all member states where a data breach is likely to 'result in a risk for the rights and freedoms of individuals.' This must be done within 72 hours of first having become aware of the breach."

The penalties are severe. Organizations in breach of GDPR can be fined up to 4% of annual global turnover or €20 million, whichever is greater. In the case of British Airways and Marriott, the fines were stiffer than those incurred by tech companies.

Ironically, the breach doesn't have to come from within to incur the wrath of GDPR enforcers. Marriott was never directly breached. The attack came from an already compromised server inherited during Marriott's 2016 acquisition of the Starwood Hotels group.

Marriott is not alone. Today, 59% of breaches originate with third-party vendors and 53% of acquiring businesses say they've encountered a cybersecurity issue or incident that put an M&A deal in jeopardy.

Original Submission

martyb writes:

Over the years I have viewed many a video on YouTube. I quickly noticed an "ID" string that appeared in each video URL. Here's an example: https://www.youtube.com/watch?v=ShvnDSgjfXw -- see that string "ShvnDSgjfXw"? What characters are permitted? How long is it?

Along the way, I came upon an amazingly useful utility: youtube-dl. I accidentally discovered that it will happily download a YouTube video given just the Video ID. (Don't let the name of the utility mislead you; it seems to work fine with Instagram, Twitter, Sound Cloud... it's amazing!)

Now with my curiosity suitably piqued, I started a genuine search for what the parameters were that defined a valid YouTube Video ID. This question on "Web Applications Stack Exchange" was most helpful. Especially this response.

It appears that the Video ID (and the Channel ID) are modified base64 encodings of 64-bit (and 128-bit) integers. The primary change is that the base64 encoding produces two characters that are verboten in URLs. A generated "/" is replaced with "-" and a generated "+" is replaced with a "_".

There is no official documentation claiming that the ID lengths are guaranteed to always be 11 or 22 characters long, but empirical evidence suggests that is the current, de-facto standard.

There is even mention of " the maximally-constrained regular expression (RegEx) for the videoId" being:

[0-9A-Za-z_-]{10}[048AEIMQUYcgkosw]

Things get even more interesting if you are using Windows. Under NTFS, file names default to be case-preserving, but case-insensitive. Say I create a file called "Foo.txt" and then get a directory listing. Sure enough, I see: "Foo.txt" displayed. The fun comes if I do "DIR foo.txt" or "DIR FOO.TXT" or any other variation... they all find the same file: "Foo.txt"; this is counter to Unix where filenames are case-sensitive and each of those variations would be treated as separate and distinct files. Though it is possible to make an NTFS volume case-sensitive, it is not for the faint of heart!

One could, therefore, reverse-engineer the integer that produced the Video ID and use that in addition (or for the adventuresome: instead of) the Video ID.

The whole discussion was well-worth the read and highly recommended for anyone who would like more information on where it came from and how it came about.

Original Submission

"upstart" writes:

Submitted via IRC for Bytram

Atlassian ditches 'brilliant jerks' in performance review overhaul

Atlassian says it will no longer tolerate "brilliant jerks" who deliver results for the company but make life hell for their co-workers as part of a complete overhaul of how the tech firm conducts performance reviews.

The $47 billion Australian software company, which was founded in Sydney in 2002 and floated on the US stock market in 2015, says two-thirds of every performance review will now have nothing to do with job skills.

Instead, equal weighting will be given to how each of its 3000 employees impacts others on their team, and to how they live the company values. Atlassian says the change will “more fairly measure people on how they bring their whole self to work”.

“Basically over the last 18 to 24 months we have totally changed the way we do performance reviews at the company globally,” Atlassian global head of talent Bek Chee said.

“We recognise things are not the way they used to be, yet companies haven’t evolved (from) 30 years ago when they were primarily made up often of white men. Tech standards have evolved, we have new ways of working, new demographics and generational change.”

Ms Chee said most companies “haven’t looked at their performance systems in a new innovative way”. “We wanted to make sure we were rewarding the right behaviours,” she said.

Arthur T Knackerbracket has found the following story:

Researchers from the Garvan Institute of Medical Research have developed a new method to spot rare immune cells that are reactive against cancer cells, from within a patient's own immune system.

The patented 'RAGE-seq' method enables scientists to track how immune cells evolve inside tumour tissue for the first time, revealing unprecedented insight into how to better arm the immune system to target cancer. The technique can be likened to a barcode tracker, able to scan detailed information from thousands of immune cells at a time.

"This method gives us the most detailed view yet of how immune cells behave in the human body," says Professor Chris Goodnow, Executive Director of the Garvan Institute and co-senior author of the published work. "Immune cells play a critical role in the development of disease. This method shows significant potential to help us personalise cancer treatments to the individual."

Development of the method, by Dr Mandeep Singh (Immunogenomics Laboratory) and Ghamdan Al-Eryani (Tumour Progression Laboratory) at Garvan, is published in the journal Nature Communications.

takyon writes:

Why I'm turning my son into a cyborg (archive) (alt)

Imagine if everyone spoke a language you don't understand. People have been speaking it around you since the day you were born, but while everyone else picks it up immediately, for you it means nothing. Others become frustrated with you. Friendships and jobs are difficult. Just being "normal" becomes a battle.

For many with autism, this is the language of emotion. For those on the spectrum, fluency in facial expressions doesn't come for free as it does for "neurotypicals." To them, reading facial expressions seems like a superpower.

So when my son was diagnosed, I reacted not just as a mom. I reacted as a mad scientist and built him a superpower.

This isn't the first time I've played mad scientist with my son's biology. When he was diagnosed with type 1 diabetes, I hacked his insulin pump and built an AI that learned to match his insulin to his emotions and activities. I've also explored neurotechnologies to augment human sight, hearing, memory, creativity, and emotions. Tiger moms might obsess over the "right" prep schools and extracurriculars for their child, but I say why leave their intellect up to chance?

I've chosen to turn my son into a cyborg and change the definition of what it means to be human. But do my son's engineered superpowers make him more human, or less?

Original Submission

upstart writes:

Submitted via IRC for Bytram

Amazon Accidentally Sold $13,000+ Camera Gear for $100 on Prime Day

Amazon discounted a wide range of camera gear for Prime Day this week, but some photographers scored what may be the best deals of their lives. Thanks to a pricing error, many people were able to purchase high-end camera gear bundles, some worth over $5,000, for just around $100.

It all started when someone noticed that the $550 Sony a6000 and 16-50mm lens bundle was being listed at just $94.50 on Amazon, and the person shared the “deal” on Slickdeals, where it hit the front page.

Many users were able to see the same price and place orders, while other users reported still seeing the normal price of $550. And it wasn’t 3rd-party sellers that the $94.50 price applied to — the gear was being sold and shipped by Amazon.

But then people noticed that other cameras and bundles were also being sold for $94.50, and that’s when the real frenzy started.

“Literally everything is $94.48,” one member writes. “I have bought like 10k worth of stuff that was like 900 dollars total.”

[...] Other members spoke to Amazon customer service about their order and were told that the order would indeed ship. Others also reported that they successfully price matched gear at retailers such as Best Buy and Walmart.

Original Submission

Arthur T Knackerbracket has found the following story:

An 80-million-year-old nesting site found in the Gobi desert in Mongolia confirms that some dinosaurs nested in colonies like birds. It consists of at least 15 clutches of eggs laid during the same season and buried by a flood.

Several other dinosaur nesting sites with multiple clutches have been discovered, so it has long been suspected that some species nested together, as many birds do today. However, at these sites it is not clear that all the clutches were laid during the same season – they could instead be a result of dinosaurs returning to the same site year after year.

[...] Many of the eggs are partly eroded, but ten that are complete have a large opening in the upper half – thought to be the hatching window through which the young therizinosaurs[*] clambered out.

The team think at least 60 per cent of the eggs hatched successfully. “We do not know the fate of the rest,” says Tanaka.

[...] At some point after most of the eggs had hatched, a small flood covered the site in a thin layer of red mud. Crucially, this red mud is inside eggs in different clutches.

“If some eggs were laid in earlier years, we would expect different types of sediments filling the eggs,” says Tanaka.

Later a bigger flood buried the site entirely, preserving it.

Journal reference: Geology, DOI: 10.1130/G46328.1

[*] therizinosaur dinosaur that had feathers and large claws on their forearms.

Original Submission

Arthur T Knackerbracket has found the following story:

Researchers at the Center for Geospatial Analytics at North Carolina State University recently developed a new forecasting technology [...] called PoPS, the Pest or Pathogen Spread forecast, a sophisticated yet user-friendly tool that can be used to predict the spread of potentially any species.

Computer models are the go-to method for predicting the spread of insect pests and the pathogens that cause plant disease. Running these models typically requires a lot of data––gigabytes and gigabytes of data––and being fluent in the language of computer code. Assorted software is also usually needed, and so is a familiarity with the ins and outs of model calibration and validation: that is, making sure that a model is well-matched to the data feeding it and checking that the model is doing a good job of predicting what it's supposed to.

For managers who need answers quickly, without being expert coders, the task can be daunting. Under most circumstances, preparing the data and models to simulate a pest's spread can take months to a year. Enter PoPS, a nearly fully automated framework that asks its users for a few simple inputs to output spread predictions and comparisons of management scenarios.

With PoPS, managers simply provide three years' worth of infestation information and adjust a few values on the web-based dashboard to answer pressing questions about when, where and how much a pest problem is likely to grow, and how much it may cost to stop it.

Original Submission

martyb writes:

Viral App FaceApp Now Owns Access to more than 150 Million People's Faces and Names:

Everyone's seen them: friends posting pictures of themselves now, and years in the future.

Viral app FaceApp has been giving people the power to change their facial expressions, looks, and now age for several years. But at the same time, people have been giving FaceApp the power to use their pictures — and names — for any purpose it wishes, for as long as it desires.

[...] While according to FaceApp's terms of service people still own their own "user content" (read: face), the company owns a never-ending and irrevocable royalty-free license to do anything they want with it ... in front of whoever they wish:

You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you. When you post or otherwise share User Content on or through our Services, you understand that your User Content and any associated information (such as your [username], location or profile photo) will be visible to the public.

FaceApp terms of use

[...] And it's a good reason to be wary when any app wants access and a license to your digital content and/or identity.

As former Rackspace manager Rob La Gesse mentioned today:

To make FaceApp actually work, you have to give it permissions to access your photos - ALL of them. But it also gains access to Siri and Search .... Oh, and it has access to refreshing in the background - so even when you are not using it, it is using you.

Do recall we recently had a story here about "Deep Fakes": Deep Fakes Advance to Only Needing a Single Two Dimensional Photograph.

Also at Security Week.

Original Submission

martyb writes:

Scrubbed Chandrayaan 2 Mission to Moon's South Pole now set to Launch on July 22:

Chandrayaan 2, India's exploration mission to the moon's south pole, is set to fly to the moon on July 22. The launch, which has suffered several delays was originally scheduled for July 14, but the Indian Space Research Organization (ISRO) postponed Chandrayaan 2's departure less than an hour before launch due to a "technical snag."

The landmark mission is now set to depart a few days after the 50th anniversary of Apollo 11, humanity's first crewed lunar landing, with the goal of making the first soft landing at the lunar south pole. India's mission isn't slated to feature humans, rather, Chandrayaan 2 is carrying three lunar exploration robots -- a lander, rover and orbiter -- that will be able to survey the moon from both the surface and the sky.

The launch is set to take place at India's Satish Dhawan Space Centre in Sriharikota, north of Chennai, at the revised (and slightly unfriendly time) of 2:13 a.m. PT (5:13 a.m. ET), Monday July 22.

The payload of Chandrayaan-2 consists of a lunar orbiter, a lunar lander and a lunar rover and will be launched atop the ISRO-developed GSLV Mk-III rocket. That rocket is about half as powerful as the SpaceX Falcon 9 and will put Chandrayaan-2 into what's known as an "Earth parking orbit" before the module uses its own power to extend its orbit and eventually position itself for a lunar rendezvous.

How to watch the Chandrayaan-2 launch

Want to tune in to the historic mission? During the first run of the mission on July 14, ISRO handled livestreaming duties across its social media pages, which meant you could tune in at the ISRO Twitter or follow along on the agency's Facebook page. India's public broadcaster Doordarshan also carried a livestream on its YouTube channel. There's plenty of options and it's a good bet they will all be on the table for the rescheduled launch -- but until we get official confirmation of the new launch date and time, we can't be certain.

(Emphasis in original retained.)

Original Submission

An Anonymous Coward writes:

The Washington Post is Preparing for Post-Cookie Ad Targeting:

The Washington Post has developed a first-party data ad targeting tool called Zeus Insights that offers detailed contextual targeting capabilities along with user-intent predictions for marketers. The goal: to give marketers a sophisticated ad-targeting tool that isn’t reliant on third-party cookies but still drives results despite stricter data-privacy stipulations laid down by regulators.

The Zeus platform monitors contextual data such as what article a person is reading or watching, what position they have scrolled to on a page, what URL they have used to arrive there and what they’re clicking on. The publisher will then match that data to its existing audience data pools, which it has accumulated over the last four years, to create assumptions on what that news user’s consumption intent will be. The technology uses machine learning to decipher the patterns.

However, The Post’s strategic goal isn’t just to provide ad-targeting options for advertising clients that want to wean themselves off reliance on third-party cookies; it’s also to widen other publishers’ ability to compete with the big tech platforms.

The Post plans to license the Zeus platform to publishers both domestically and internationally, by integrating it with its Arc technology platform, which it has licensed to publishers since 2016 and reaches a combined 750 million unique users globally, according to the publisher. The theory is that in doing so, publishers can compete more effectively with the scale and data-targeting opportunities provided by Facebook and Google.

[...] “In a world where third-party cookies are being killed and cookie pools are decreasing, we expect tools like this to increase in importance,” said Ryan Storrar, svp and head of media activation, EMEA for Essence. “Being able to action cookieless user data is a helpful step in the right direction to embrace privacy in precision marketing.”

Original Submission

martyb writes:

Europe's Galileo GPS System Back after Six-Day Outage:

Europe's Galileo satellite navigation system, a rival of the American GPS network, is back in service after a six-day outage, its oversight agency said on Thursday.

"Commercial users can already see signs of recovery of the Galileo navigation and timing services, although some fluctuations may be experienced until further notice," the European Global Navigation Satellite Systems Agency said in a statement.

[...]The European Global Navigation Satellite Systems Agency said the problem was due to an equipment malfunction in the ground control centres that make time and orbit predictions for the satellites.

Though a great deal of progress has been made, the Galileo system is not complete. According to Wikipedia:

The first Galileo test satellite, the GIOVE-A, was launched 28 December 2005, while the first satellite to be part of the operational system was launched on 21 October 2011. As of July 2018, 26 of the planned 30 active satellites are in orbit. Galileo started offering Early Operational Capability (EOC) on 15 December 2016, providing initial services with a weak signal, and is expected to reach Full Operational Capability (FOC) in 2019. The complete 30-satellite Galileo system (24 operational and 6 active spares) is expected by 2020. It is expected that the next generation of satellites will begin to become operational by 2025 to replace older equipment. Older systems can then be used for backup capabilities.

There are 22 satellites in usable condition (satellite is operational and contributing to the service provision), 2 satellites are in "testing" and 2 more are marked as not available.

Given the problem was with a reference time signal, I wonder if anyone involved was playing this song? Or how about this variant of it?

Original Submission

takyon writes:

With access to summit blocked, telescope operators abandon Mauna Kea summit

The directors of existing telescopes at the summit of Mauna Kea evacuated their employees Tuesday as a growing protest against the construction of TMT blocked access to the mountain.

Jessica Dempsey, the deputy director for the East Asian Observatory, said the organizations that run the observatories made a "joint decision" to withdraw all employees as a safety precaution. [...] The telescopes, Dempsey said, have millions of dollars of instrumentation that need constant maintenance. "This is a risk for us to have to step away at this point," she said. "This is not a decision we came to lightly, but want to emphasize the importance of safety for our staffs and the facilities."

Protesters at Mauna Kea welcomed the news Tuesday, with an eruption of cheers and hugs.

'Stolen lands': dozens arrested as Hawaiians protest $1.4bn telescope

Dozens of people have been arrested on Hawaii's Big Island this week after hundreds of protesters stood, lay and even chained themselves to structures in an effort to stop the construction of a billion-dollar space observatory at the summit of Hawaii's tallest mountain.

[...] [Organizer Kahoʻokahi] Kanuha and fellow protesters have vowed to continue fighting the telescope until construction is halted, and plan to continue peaceful protests. On Wednesday an estimated 1,000 demonstrators turned up at the site, with police issuing citations to 33 people.

Previously: Divisive Giant Telescope Cleared for Construction on Hawaiian Peak
Protesters Block Road in Attempt to Halt Thirty Meter Telescope Construction

Original Submission