SoylentNews

Arthur T Knackerbracket has found the following story:

Twitter announced today that it removed a new batch of state-backed accounts from its platform. During this latest round of purges, the social network removed accounts operated from the United Arab Emirates, Egypt, Saudi Arabia, Spain, Ecuador, and China.

These new removals come as Twitter also took down state-backed accounts part of extensive information operations back in January (Bangladesh, Iran, Russia, Venezuela), June (Iran, Spain, Venezuela), and August (China).

Just like it did before, Twitter has made the information about these accounts and their tweets public and downloadable for research and academic purposes.

The breakdown by country is:

United Arab Emirates & Egypt - 267 accounts
United Arab Emirates - 4,258 accounts
Saudi Arabia - 6 accounts
Spain - 259 accounts
Ecuador - 1,019 accounts
China - 4,302 accounts

Original Submission

Arthur T Knackerbracket has found the following story:

Vampire bats may hold the key to unraveling the mysteries of smell, according to research by an international team of scientists led by Stony Brook's Laurel Yohe.

Their findings, published this week in Molecular Ecology Resources, suggest a new method to quantify olfactory receptors by sequencing them in vampire bats.

Understanding how to obtain accurate numbers of olfactory receptor counts in the mammalian genome is major aspect to understanding the sense of smell, according to Yohe, a PhD alumna and affiliated research associate in the lab of Liliana Dávalos in Stony Brook's Department of Ecology and Evolution, as well as a National Science Foundation Postdoctoral Fellow at Yale University.

The difficulty is that genes related to smell are highly similar to one another, and therefore determining the correct sequencing of the hundreds of olfactory receptors is difficult and similar to analyzing many pieces of a puzzle that are nearly the same.

The researchers selected the vampire bat to compare for the first time different ways to sequence olfactory receptors. The vampire bat relies on its sense of smell to find its prey and has a comparable number of olfactory receptors to humans (approximately 400). They compared different methods to get the DNA sequences of olfactory receptor genes using the vampire bat genome. The methods ranged from traditional polymerase chain reaction (PCR) and cloning to newer technologies to probe sequences of bat olfactory receptors.

They discovered that an approach called "targeted sequence capture," which involves the researchers to design generic 'search' motifs that 'bait' olfactory receptors. This makes for a quick and efficient sequencing of the olfactory receptors. By using this method, they discovered a fast and cost-effective method to find up to 90 percent of the genes involved in smell. The method also found almost four times the amount of intact olfactory receptors as was previously reported in published works.

"The comparison study changes our interpretation of what constitutes a good smeller," says Yohe. "Our method makes it feasible to probe the DNA behind the sense of smell, across hundreds of species and thousands of genes, which may ultimately illuminate some of the mysteries behind the sense of smell."

Original Submission

mechanicjay writes:

A developer of some Ruby Gems pulled the code as a statement against certain entities (Department of Homeland Security — DHS) ultimately using the code. Chef gets owned in the process.

ZDNet has a good rundown of the incident:

https://www.zdnet.com/article/developer-takes-down-ruby-library-after-he-finds-out-ice-was-using-it/

It seems that developers at chef may have used an old copy of the dev's code to get things back up and running again, which seems like exactly the wrong approach.

Original Submission

An Anonymous Coward writes:

https://www.digitalmusicnews.com/2019/09/20/led-zeppelin-stairway-to-heaven-copyright-lawsuit-resumes/

The latest battle has been over their classic song "Stairway to Heaven," and amazingly, court proceedings are now in their fifth year. On September 23rd, the battle continues — once again — in federal court.

That's when the full 'en banc' panel of the U.S. Court of Appeals for the Ninth Circuit is scheduled to hear oral arguments in the copyright infringement lawsuit that the descendants of Randy Wolfe initially filed against Led Zeppelin. The descendants insist that the opening cords of "Stairway to Heaven" were stolen from a song that the late guitarist wrote called "Taurus," which was performed by the band Spirit.

[...] In August, more than 120 music artists filed an amicus brief in support of the band. The artists have said that if the lawsuit against Led Zeppelin succeeds, it could seriously hamper creativity in music. Even more impressively, the U.S. government also filed an amicus brief on behalf of Led Zeppelin, citing the need to "foster innovation and creative expression."

Previously:
Led Zeppelin Appear in Court Over Stairway to Heaven Vs Spirits Taurus Dispute Music Copyright Laws Worsen as Artists Give Up

Original Submission

SemperOSS writes:

At the All Systems Go conference in Berlin 20-22 September, Lennart Poettering proposed a new extension to systemd, systemd-homed.service. A video of his session can be downloaded from media.ccc.de with accompanying slides [PDF].

In his presentation, Poettering outlines a number of problems he sees with the current system, like /etc needs to be writeable, UIDs need to be consistent across systems, and lack of encryption and resource management.

His goals with the proposed solution are migrateable and self-contained, UID-independent home directories with extensible user records that unify the user's password and encryption key; LUKS locking on system suspend; and Yubikey support.

He identifies a number of problems this new idea could cause with SSH logins, disk space assignments, UID assignments, and LUKS locking.

He plans to introduce JSON user records that can be queried via a Varlink interface and to a certain extent are convertible to and from existing formats. The home directories will be stored as LUKS-encrypted files that will be managed by the proposed new service, systemd-homed.service. The system integration will be supported by pam_systemd and systemd-logind.service.

It will be interesting to see how the world responds to this new take on systemd's ever-increasing encroachment of Linux.

... and lastly, this story is brought to you from a systemd-free laptop.

Original Submission

upstart writes:

Submitted via IRC for Bytram

Medicine show: Crown Sterling demos 256-bit RSA key-cracking at private event

On September 19, in a conference room at the Pelican Hill Resort in Newport Beach, California, Crown Sterling CEO Robert Grant, COO Joseph Hopkins, and a pair of programmers staged a demonstration of Grant's claimed cryptography-cracking algorithm. Before an audience that a Crown Sterling spokesperson described as "approximately 100 academics and business professionals," Grant and Hopkins had their minions generate two pairs of 256-bit RSA encryption keys and then derive the prime numbers used to generate them from the public key in about 50 seconds.

In a phone interview with Ars Technica today, Grant said the video was filmed during a "business session" at the event. The "academic" presentation, which went into math behind his claims and a new paper yet to be published, was attended by "mostly people from local colleges," Hopkins said. Grant said that he didn't know who attended both sessions, and the CEO added that he didn't have access to the invitation list.

During the presentation, Grant called out to Chris Novak, the global director of Verizon Enterprise Solutions' Threat Research Advisory Center, naming him as a member of Crown Sterling's advisory board. The shout-out was during introductory remarks that Grant made about a survey of chief information security officers that the company had conducted. The survey found only 3% had an understanding of the fundamental math behind encryption.

The video of the demonstration is here. (The video was briefly marked as private, but is now back again.) The demo was displayed from a MacBook Pro, but it appeared that it was being run in part via a secure shell session to a server. Grant claimed that the work could be used to "decrypt" a 512-bit RSA key in "as little as five hours" using what Grant described as "standard computing."

upstart writes:

Submitted via IRC for Bytram

The '$4.4m a year' bug: Chipotle online orders swallowed by JavaScript credit-card form blunder

Chipotle Mexican Grill has been leaving money on the table, thanks to an apparent bug in the restaurant chain's e-commerce operation.

On Thursday, Jason Grigsby, co-founder of app development biz Cloud Four, published his analysis of the eatery's online order form. The webpage code, he claims, contains an error that he estimates is costing the company millions in lost sales.

While attempting to submit an order, Grigsby encountered two error messages, one indicating that the website had been unable to save his credit card number – despite having not checked the box to allow this – and the other being a general submission error.

The errors happened every time he tried to use his browser's autofill capability but not when the data was entered manually. Upon further scrutiny, he noticed that his credit card's expiration date kept being changed after the date was filled in.

Grigsby traced the problem to the way the food biz implemented the expiration date input field in its order form. The order form, built using JavaScript with the Angular framework, relies on an Angular module called ui-mask, which allows developers to limit input based on a predetermined pattern.

In this case, the ui-mask="99" attribute limits the expiration date input field to two characters, but it provides the wrong ones. "When autofill tries to enter 2023, this ui-mask only lets the first two characters be entered," explains Grigsby.

By altering the credit-card expiration date, the form returns an error and prevents the order from going through. "I assume it is the backend processor rejecting the card because the expiration year is wrong [since] it happens after form submission," he explained in an email to The Register.

Original Submission

An Anonymous Coward writes:

https://techcrunch.com/2019/09/19/twitter-launches-its-controversial-hide-replies-feature-in-the-u-s-and-japan/

Twitter's controversial "Hide Replies" feature, aimed at civilizing conversations on its platform, is launching today in the U.S. and Japan after earlier tests in Canada. The addition is one of the more radical changes to Twitter to date. It puts people back in control of a conversation they've started by giving them the ability to hide those contributions they think are unworthy.

These replies, which may range from the irrelevant to the outright offensive, aren't actually deleted from Twitter. They're just put behind an extra click.

That means people who come into a conversation to cause drama, make inappropriate remarks or bully and abuse others won't have their voices heard by the majority of the conversation's participants. Only those who choose to view the hidden replies will see those posts.

Other social media platforms don't give so much power to commenters to disrupt conversations. On Facebook and Instagram, for example, you can delete any replies to your own posts.

But Twitter has a different vibe. It's meant to be a public town square, where everyone has a right to speak (within reason.)

Unfortunately, Twitter's open nature also led to bullying and abuse. Before today, the only options Twitter offered were to mute, block and report users. Blocking and muting, however, only impact your own Twitter experience. You may no longer see posts from those users, but others still could. Reporting a tweet is also a complicated process that takes time. It's not an immediate solution for a conversation rapidly spinning out of control.

Community moderation - what an innovative idea!

Original Submission

upstart writes:

Submitted via IRC for Bytram

'Worse Than Anyone Expected': Air Travel Emissions Vastly Outpace Predictions

Greenhouse gas emissions from commercial air travel are growing at a faster clip than predicted in previous, already dire, projections, according to new research — putting pressure on airline regulators to take stronger action as they prepare for a summit next week.

The United Nations aviation body forecasts that airplane emissions of carbon dioxide, a major greenhouse gas, will reach just over 900 million metric tons in 2018, and then triple by 2050.

But the new research, from the International Council on Clean Transportation, found that emissions from global air travel may be increasing more than 1.5 times as fast as the U.N. estimate. The researchers analyzed nearly 40 million flights around the world last year.

"Airlines, for all intents and purposes, are becoming more fuel efficient. But we're seeing demand outstrip any of that," said Brandon Graver, who led the new study. "The climate challenge for aviation is worse than anyone expected."

Airlines in recent years have invested in lighter, more fuel-efficient aircraft, and have explored powering their planes with biofuel.

Over all, air travel accounts for about 2.5 percent of global carbon dioxide emissions — a far smaller share than emissions from passenger cars or power plants. Still, one study found that the rapid growth in plane emissions could mean that by 2050, aviation could take up a quarter of the world's "carbon budget," or the amount of carbon dioxide emissions permitted to keep global temperature rise to within 1.5 degrees Celsius above preindustrial levels.

[...] The decision by Greta Thunberg, a young climate activist, to sail across the Atlantic rather than travel by air ahead of her speech at the United Nations next week, has refocused attention on aviation's role in causing climate change and its consequences, including sea-level rise and more intense heat waves, hurricanes, flooding and drought.

Climate protesters have said they plan to gather in Montreal next week, where airline regulators are set to hold their own summit.

William Raillant-Clark, a spokesman for the U.N. aviation body, stood by its emissions projection, which he said was "the most up-to-date" and provided "a clear picture on the future environmental trends." He added that the group "endorses and welcomes wholeheartedly" calls for the aviation industry to address climate change with greater urgency.

Original Submission

Arthur T Knackerbracket has found the following story:

The images consisted of photos of cars taken as they entered and left 19 Tesco car parks spread across the country. Visible and highlighted were the cars' numberplates, though drivers were not visible in the low-res images seen by The Register.

Used to power the supermarket’s outsourced parkshopreg.co.uk website, the Azure blob had no login or authentication controls. Tesco admitted to The Register that “tens of millions” of timestamped images were stored on it, adding that the images had been left exposed after a data migration exercise.

Ranger Services, which operated the Azure blob and the parkshopreg.co.uk web app, said it had nothing to add and did not answer any questions put to it by The Register. We understand that they are still investigating the extent of the breach. The firm recently merged with rival parking operator CP Plus and renamed itself GroupNexus.

Tesco customers across the nation were instructed to use parkshopreg.co.uk to validate their parking with a code printed on their receipts along with their vehicle’s registration number, thus avoiding parking charges.

Live ANPR [automatic number plate recognition] images were saved to the blob as timestamped jpegs with the time information also contained within the image filenames, allowing anyone with access to harvest the images in bulk for illicit use. Tens of millions of images were freely available to anyone who could correctly deduce the format of the required HTTP POST request.

The Tesco car parks affected by the breach include Braintree, Chelmsford, Chester, Epping, Fareham, Faversham, Gateshead, Hailsham, Hereford, Hove, Hull, Kidderminster, Woolwich, Rotherham, Sale (Cheshire), Slough, Stevenage, Truro, Walsall and Weston-super-Mare.

Original Submission

upstart writes:

Submitted via IRC for Bytram

Sacklers threaten to scrap opioid deal if they aren't shielded from lawsuits

Lawyers for OxyContin-maker Purdue Pharma filed a new complaint late Wednesday threatening that the company's mega-rich owners, the Sackler family, could pull out of a proposed multi-billion-dollar opioid settlement deal if a bankruptcy judge doesn't shield the family from outstanding state lawsuits.

Purdue's lawyers argue that if the lawsuits continue, the Sacklers will have to waste "hundreds of millions of dollars" on legal costs that could otherwise go to claimants in the settlement. The family's lawyers added that in that event, the family "may be unwilling—or unable—to make the billions of dollars of contributions" to the proposed settlement.

State attorneys general, however, argue that the tactic is yet another move designed to shield the Sacklers and their ill-gotten wealth.

"This filing isn't a surprise. It's yet another effort by Purdue to avoid accountability and shield the Sackler family fortune, and we will be opposing it," Maura Healey, the attorney general of Massachusetts, told the New York Times.

Related:

• Makers of OxiCotin, Purdue Pharma, Files Reorganization Chapter 11 "Bankrupty"
• Opioid Talks Fail, Purdue Bankruptcy Filing Expected

Original Submission

upstart writes:

Submitted via IRC for Bytram

Facebook suspended tens of thousands of apps from 400 developers

As part of its promise to investigate apps that had access to large amounts of user data, Facebook announced today that it suspended tens of thousands of apps from about 400 developers.

"This is not necessarily an indication that these apps were posing a threat to people," said Ime Archibong, VP of Product Partnerships at Facebook.

"Many were not live but were still in their testing phase when we suspended them. It is not unusual for developers to have multiple test apps that never get rolled out. And in many cases, the developers did not respond to our request for information so we suspended them," Archibong said.

In some extraordinary cases, Facebook said it banned some of the more suspicious apps.

"That can happen for any number of reasons including inappropriately sharing data obtained from us, making data publicly available without protecting people's identity or something else that was in clear violation of our policies," Archibong said.

Of all the apps it had to ban, Facebook highlighted one case, of an app named myPersonality. Facebook said the app shared user data with researchers and companies and refused to participate in an audit when Facebook caught on to its tactics and reached out.

The Facebook exec said the company notified users in cases there's been clear abuse, along with regulators and policymakers.

In addition, the social network also filed lawsuits when it needed, such as suing South Korean company RankWave for refusing to participate in an investigation, LionMobi and JediMobi for ad fraud, and two Ukrainian men, Gleb Sluchevsky and Andrey Gorbachov, for running quiz apps that secretly stole user data.

Original Submission

upstart writes:

Submitted via IRC for Bytram

Microsoft: Free Windows 7 security updates for 2020 election

Microsoft said Friday it will offer free security updates through the 2020 election in the United States—and in other interested democratic countries with national elections next year—for federally certified voting systems running on soon-to-be-outdated Windows 7 software.

An Associated Press analysis previously found that the vast majority of 10,000 election jurisdictions in the U.S. use Windows 7 or an older operating system to create ballots, program voting machines, tally votes and report counts.

Windows 7 reaches its "end of life" on Jan. 14, meaning Microsoft stops providing free technical support and producing "patches" to fix software vulnerabilities, which hackers can exploit. Cash-strapped election officials are scrambling to address this issue and what's essentially a one-year extension on additional costs.

The promise of free updates does not address the cost of putting them in place or the time and cost of certifying such changes to a voting system. Fixing a new vulnerability requires that the companies resubmit the voting system for recertification, which can take weeks or even months.

At a U.S. Election Assistance Commission forum last month, Microsoft's Ginny Badanes, who heads its Defending Democracy Program, said that election administrators should not be forced to make the difficult choice of "using election systems with known vulnerabilities or applying security patches and, in so doing, taking their systems out of certification."

Original Submission

upstart writes:

Submitted via IRC for Bytram

Mysterious magnetic pulses discovered on Mars

At midnight on Mars, the red planet's magnetic field sometimes starts to pulsate in ways that have never before been observed. The cause is currently unknown.

That's just one of the stunning preliminary findings from NASA's very first robotic geophysicist there, the InSight lander. Since touching down in November 2018, this spacecraft has been gathering intel to help scientists better understand our neighboring planet's innards and evolution, such as taking the temperature of its upper crust, recording the sounds of alien quakes, and measuring the strength and direction of the planet's magnetic field.

As revealed during a handful of presentations this week at a joint meeting of the European Planetary Science Congress and the American Astronomical Society, the early data suggest the magnetic machinations of Mars are marvelously mad.

In addition to the odd magnetic pulsations, the lander's data show that the Martian crust is far more powerfully magnetic than scientists expected. What's more, the lander has picked up on a very peculiar electrically conductive layer, about 2.5 miles thick, deep beneath the planet's surface. It's far too early to say with any certainty, but there is a chance that this layer could represent a global reservoir of liquid water.

On Earth, groundwater is a hidden sea locked up in sand, soil, and rocks. If something similar is found on Mars, then "we shouldn't be surprised," says Jani Radebaugh, a planetary scientist at Brigham Young University who was not involved with the work. But if these results bear out, a liquid region at this scale on modern Mars has enormous implications for the potential for life, past or present. (Get the facts about previous evidence for an underground lake on Mars.)

So far, none of these data have been through peer review, and details about the initial findings and interpretations will undoubtedly be tweaked over time. Still, the revelations provide a stunning showcase for InSight, a robot that has the potential to revolutionize our comprehension of Mars and other rocky worlds across the galaxy.

Original Submission

An Anonymous Coward writes:

https://gizmodo.com/google-says-its-achieved-quantum-supremacy-a-world-fir-1838299829

The Financial Times reports that they saw a Google publication claiming that the company's quantum processor can perform a calculation "in three minutes and 20 seconds that would take today's most advanced classical computer, known as Summit, approximately 10,000 years"—a demonstration of quantum supremacy. Google has not yet responded to a Gizmodo request for comment, and it has long been cagey about when and how it'd make the announcement.

We don't have many details as to what calculation the computer performed. But previous proposals essentially involve the quantum computer racing classical computer simulating a random quantum circuit. The achievement would not be a surprise—we've long known that Google has been testing a 72-qubit device called Bristlecone with which it hoped to achieve quantum supremacy. Financial Times reports that the supremacy experiment was instead performed with a 53-qubit processor codenamed Sycamore.

This would be a major early milestone when it comes to comparing these quantum devices against classical computers. But we're a long way off before quantum computers actually demonstrate quantum usefulness. That would require increasing the coherence time and introducing error correction schemes‚ those where multiple qubits are combined into one in order to ensure that the quantum computer outputs the answers it's supposed to output.

Original Submission