SoylentNews

"exec" writes:

Arthur T Knackerbracket has found the following story:

Intel is removing drivers and BIOS for its old desktop boards so anyone running an old Pentium-based PC has four days to get hold of anything they might need.

The warning on Intel's download center page says:

End Of Life - This download, BIOS Update [RL86510A.86A] P21, will no longer be available after November 22, 2019 and will not be supported with any additional functional, security, or other updates. All versions are provided as is. Intel recommends that users of BIOS Update [RL86510A.86A] P21 uninstall and/or discontinue use as soon as possible.

Opinion on message boards is mixed, with some accepting that a 20-year support cycle is not terrible. But others pointed out that some industries like manufacturing will still be relying on old hardware to run parts of their infrastructure.

Posters on Vogon, a forum dedicated to ancient hardware and emulators that allow you to run old games on newer machines, questioned the move and how much space and storage Intel would really save by the housekeeping measure.

Various people are setting up their own mirrors and using archive.org, but the maker community noted that file names are not always obvious and downloading from mirror sites can be risky.

-- submitted from IRC

Original Submission

MrPlow writes:

Submitted via IRC for AndyTheAbsurd

The U.S. government is letting American businesses work with Chinese tech giant Huawei for an additional three months, in a third delay to a ban enacted in May for national security reasons.

It is the third time the U.S. has extended a reprieve, which is meant to help ease disruption for Huawei customers. Many Internet and cellphone carriers in rural parts of the U.S. buy networking equipment from Huawei, and the temporary extension means they can keep their networks up to date.

"The Temporary General License extension will allow carriers to continue to service customers in some of the most remote areas of the United States who would otherwise be left in the dark," said Commerce Secretary Wilbur Ross in a statement.

Source: https://www.npr.org/2019/11/18/780473704/u-s-firms-get-90-day-extension-to-work-with-huawei-on-rural-networks

Arthur T Knackerbracket has found the following story:

Uber's two co-founders have let go of some of the millions of shares they own in the ride-hailing company. Over the past two weeks, Travis Kalanick has sold more than 26 million shares, according to filings with the Securities and Exchange Commission. That's nearly 27% of his stake in Uber, worth nearly $705 million based on today's stock price. And to a lesser degree, Garrett Camp has sold 510,000 shares, worth roughly $13.6 million.

Uber investors and employees were first able to sell their shares in the company two weeks ago when its initial public offering lockup period ended. While many early investors said they'd hold onto their shares, others flooded the market, causing Uber's stock to hit record lows.

The company's shares haven't traded higher than $27 since then -- roughly 40% lower than Uber's IPO price of $45.

[...] It isn't clear why Kalanick and Camp sold some of their shares; neither returned a request for comment. But they both still own large stakes in the company. Uber had roughly 1.7 billion shares when it went public, according to SEC filings. Of those, Kalanick still owns more than 71 million shares and Camp owns more than 73 million. They also both sit on Uber's board of directors.

[...] After six months of scandals -- including a #DeleteUber movement, allegations of a chaotic corporate culture that OK'd sexual harassment and a lawsuit brought by Waymo claiming Uber stole its self-driving car tech -- Kalanick was forced to step down. Current Uber CEO Dara Khosrowshahi came on two months later in August 2017.

Original Submission

upstart writes in with submission, via IRC, for SoyCow2736.

Chess: Magnus Carlsen to meet top teens in pursuit of record unbeaten run:

Magnus Carlsen, the world champion, will face five opponents aged 21 or younger when he bids for a record eighth victory at Tata Steel Wijk aan Zee in January. The traditional Dutch tournament at the small windswept North Sea town is by general consensus the best all-play-all annual event on the chess calendar and the invited entry for its 2020 version is bold and imaginative.

Fabiano Caruana, the world No 2, and Wesley So, who crushed Carlsen 13.5-2.5 at Fischer Random earlier this month, are in the field, but many dedicated fans will be watching Alireza Firouzja, who at 16 is receiving rave reviews comparing the Iranian teen to the legendary attacking genius Mikhail Tal. Jeffery Xiong, 19, the No 1 US junior, also has a breakthrough opportunity.

For Carlsen, the fifth round at Wijk, which will be played on tour at Eindhoven, could be the day when he sets a world record for the longest run of classical games without defeat. The Norwegian thought he had reached his target when he surpassed Ding Liren's 100 mark but then there was publicity for the Russian-Dutch GM Sergey Tiviakov's 110 against weaker opposition. So Carlsen still needs to stay unbeaten in four games at the Grand Tour final at London Olympia on 2-8 December and his first five rounds at Wijk.

Original Submission

Arthur T Knackerbracket has found the following story:

Sydney was shrouded in a dangerous haze on Tuesday as high winds blew smoke from bushfires blazing along Australia's eastern coast into the country's biggest city sending pollution levels soaring.

Official data showed air pollution had reached "hazardous" levels across Sydney, with the highest readings of PM 2.5 particulates in the city's northwest reaching 186 parts per million on the air quality index - comparable to New Delhi in India. Residents were warned to avoid outdoor exercise.

[...] More than 110 fires are currently burning across the east, with dozens of blazes still not contained.

In South Australia state, a ban on lighting fires is in place ahead of predicted "catastrophic" fire danger on Wednesday, when temperatures are expected to soar to about 40 degrees Celsius (104 degrees Fahrenheit).

Original Submission

canopic jug writes:

Professor J. Alex Halderman, the noted election security researcher, along with his co-authors, have published a summary of Let's Encrypt, its components, and what it does. (Warning for PDF.) The service Let's Encrypt is a free, automated, open certificate authority (CA) to provide TLS certificates. These are usually for web sites, enabling them to provide HTTPS connections.

Since its launch in late 2015, Let's Encrypt has grown to become the world's largest HTTPS CA, accounting for more currently valid certificates than all other browser-trusted CAs combined. By January 2019, it had issued over 538 million certificates for 223 million domain names. We describe how we built Let's Encrypt, including the architecture of the CA software system (Boulder) and the structure of the organization that operates it (ISRG), and we discuss lessons learned from the experience. We also describe the design of ACME, the IETF-standard protocol we created to automate CA–server interactions and certificate issuance, and survey the diverse ecosystem of ACME clients, including Certbot, a software agent we created to automate HTTPS deployment. Finally, we measure Let's Encrypt's impact on the Web and the CA ecosystem. We hope that the success of Let's Encrypt can provide a model for further enhancements to the Web PKI and for future Internet security infrastructure.

[...] Prior to our work, a major barrier to wider HTTPS adoption was that deploying it was complicated, expensive, and error-prone for server operators. Let's Encrypt overcomes these through a strategy of automation: identity validation, certificate issuance, and server configuration are fully robotic, which also results in low marginal costs and enables the CA to provide certificates at no charge. We designed Let's Encrypt to scale to the size of the entire Web. In just over three years of operation, it is well on its way: it has issued over 538 million certificates and accounts for more valid browser-trusted certificates than all other CAs combined. We hope that in the near future, clients will start using HTTPS as the default Web transport. Eventually, we may marvel that there was ever a time when Web traffic traveled over the Internet as plaintext.

Let's Encrypt: An Automated Certificate Authority to Encrypt the Entire Web, Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, Pages 2473-2487 (DOI: 10.1145/3319535.3363192

Earlier on SN:
Let's Encrypt to Transition to ISRG Root (2019)
Three Years Later, Let's Encrypt Has Issued Over 380 Million HTTPS Certificates (2018)
Let's Encrypt is Now Officially Trusted by All Major Root Programs (2018)
Let's Encrypt Takes Free "Wildcard" Certificates Live (2018)
Free Certs Come With a Cost (2017)
Let's Encrypt Issues 100 Millionth Certificate (2017)
Let's Encrypt Won its Comodo Trademark Battle - but Now Fan Tools Must Rename (2016)
Let's Encrypt Gets Automation (2015)

Original Submission

takyon writes:

Boeing seems upset with NASA's inspector general

"We strongly disagree with the report's conclusions about CST-100 Starliner pricing and readiness, and we owe it to the space community and the American public to share the facts the Inspector General missed," Jim Chilton, vice president and general manager of Boeing Space and Launch, stated in a release posted on Boeing's website.

Boeing's response takes issue with several parts of NASA's report. But the company appears especially exercised about the claim that NASA overpaid Boeing for seats on the third through sixth Starliner missions, payment over and above what was originally agreed upon as part of the company's fixed price contract with the space agency.

"Through fair and open negotiations with NASA in a competitive environment, we offered single-mission pricing for post-certification missions 3-6, thus enabling additional flexibility and schedule resiliency to enhance future mission readiness," the Boeing statement reads.

[...] In its response, Boeing said its per-seat price was not $90 million, although the company declined to say what its actual price is or provide any documentation to support this claim. "For proprietary, competitive reasons Boeing does not disclose specific pricing information, but we are confident our average seat pricing to NASA is below the figure cited," the company's statement reads.

Previously: NASA Warned Of Safety Risks In Delayed Private Crew Launches
Boeing Received 'Unnecessary' Contract Boost for Astronaut Capsule, Watchdog Says

Original Submission

takyon writes:

Lawsuit claims Burger King's Impossible Whoppers are contaminated by meat

Burger King was sued on Monday by a vegan customer who accused the fast-food chain of contaminating its meatless "Impossible" Whoppers by cooking them on the same grills as its traditional meat burgers.

In a proposed class action, Phillip Williams said he bought an Impossible Whopper, a plant-based alternative to Burger King's regular Whopper, at an Atlanta drive-through, and would not have paid a premium price had he known the cooking would leave it "coated in meat by-products."

The lawsuit filed in Miami federal court seeks damages for all U.S. purchasers of the Impossible Whopper, and an injunction requiring Burger King to "plainly disclose" that Impossible Whoppers and regular burgers are cooked on the same grills.

[...] Its website describes the Impossible Burger as "100% Whopper, 0% Beef," and adds that "for guests looking for a meat-free option, a non-broiler method of preparation is available upon request."

Also at Boing Boing.

Previously: Meatless "Beyond Burgers" Come to Fast Food Restaurants
Burger King Adds Impossible Vegan Burger To Menu
Plant-Based "Impossible Burger" Coming to Every Burger King Location

Related: Inside the Strange Science of the Fake Meat that 'Bleeds'
FDA Approves Impossible Burger "Heme" Ingredient; Still Wants to Regulate "Cultured Meat"
Following IPO of Beyond Meat, Tyson Foods Plans Launch of its Own Meatless Products
Impossible Burger Lands in Some California Grocery Stores

Original Submission

upstart writes:

Submitted via IRC for soylent_fuschia

Two Charged Over Crypto Theft via SIM Swapping, Death Threats

Two men from Massachusetts were arrested and charged by the Boston U.S. District Court with stealing high-value social media accounts and hundreds of thousands worth of cryptocurrency from at least ten victims by using SIM swapping, death threats, and hacking.

Eric Meiggs and Declan Harrington, the two defendants, were charged with one count of conspiracy, eight counts of wire fraud, one count of computer fraud and abuse, and one count of aggravated identity theft in an 11-count indictment unsealed today.

A SIM swapping (aka SIM hijacking) attack is the process through which malicious actors take control of a target's mobile phone number without the victim's authorization.

This is done by convincing their target's' mobile phone service providers to reassign their phone number to an attacker-controlled SIM card either via social engineering or by bribing employees of the provider to do it.

These types of attacks allow crooks to take control of one's phone number, later to be used for bypassing SMS-based multi-factor authentication (MFA), for stealing credentials, and taking control of their targets' accounts for online services.

"Armed with your login credentials, the scammer could log in to your bank account and steal your money, or take over your email or social media accounts," the FTC says. "And they could change the passwords and lock you out of your accounts."

Original Submission

Arthur T Knackerbracket has found the following story:

New research shows that many larval fish species from different ocean habitats are ingesting plastics in their preferred nursery habitat.

Many of the world's marine fish spend their first days to weeks feeding and developing at the ocean surface. Larval fish are the next generation of adult fish that will supply protein and essential nutrients to people around the world. However, little is known about the ocean processes that affect the survival of larval fish. NOAA's Pacific Islands Fisheries Science Center and an international team of scientists conducted one of the most ambitious studies to date to learn where larval fish spend their time and what they eat while there.

The study will be published November 11, 2019 in the journal Proceedings of the National Academy of Sciences. The researchers combined field-based plankton tow surveys and advanced remote sensing techniques to identify larval fish nursery habitats in the coastal waters of Hawai'i.

The team found that surface slicks contained far more larval fish than neighboring surface waters. Surface slicks are naturally occurring, ribbon-like, smooth water features at the ocean surface. They are formed when internal ocean waves converge near coastlines and are observed in coastal marine ecosystems worldwide. The surface slicks also aggregate plankton, which is an important food resource for larval fish.

[...] Larval fish in the surface slicks were larger, well-developed, and had increased swimming abilities. Larval fish that actively swim will better respond and orient to their environment. This suggests that tropical larval fish are actively seeking surface slicks to capitalize on concentrated prey.

Unfortunately, the team also discovered that the same ocean processes that aggregated prey for larval fish also concentrated buoyant, passively floating plastics. "We were shocked to find that so many of our samples were dominated by plastics," said Dr. Whitney.

Journal Reference:

Jamison M. Gove, et. al. Prey-size plastics are invading larval fish nurseries. Proceedings of the National Academy of Sciences, 2019; 201907496 DOI: 10.1073/pnas.1907496116

Original Submission

Arthur T Knackerbracket has found the following story:

For years, physicists have assumed that Cooper pairs, the electron duos that enable superconductors to conduct electricity without resistance, were two-trick ponies. The pairs either glide freely, creating a superconducting state, or create an insulating state by jamming up within a material, unable to move at all.

But in a new paper published in Science, a team of researchers has shown that Cooper pairs can also conduct electricity with some amount of resistance, like regular metals do. The findings describe an entirely new state of matter, the researchers say, that will require a new theoretical explanation.

Original Submission

upstart writes:

Submitted via IRC for SoyCow1337

VoltServer adds a data layer to electricity distribution in a move that could help smart grid rollout – TechCrunch

Stephen Eaves, the chief executive of a new startup that promises to overlay data on electricity distribution, has spent years developing data management technologies.

Eaves’ first company, the eponymous Eaves Devices, focused on energy systems in aerospace and defense — they converted the military’s fleet of B2 bombers to use lithium ion batteries.

The second company he was involved in was developing modular array devices to install in central offices and cell towers and conducted early work on electric vehicle development.

His goal, Eaves says, was to “make electricity inherently safe.”

VoltServer is the latest company from Eaves to pursue that goal. Eaves makes transmission safer by breaking electrical distribution into packets; those packets are sent down transmission lines to ensure that there are not faults. If there’s a break in the line, the equipment stops transmitting energy.

[...] Already roughly 700 stadiums, large offices and indoor grow facilities have deployed the company’s technology. And the traction was enough to attract the attention of Alphabet subsidiary Sidewalk Labs, which led a recent $7.4 million financing into the company. To date, the company has raised $18 million from a clutch of investors, including: Marker Hill Capital, Slater Technology Fund, Natural Resources Capital Management, Clean Energy Venture Group, Angel Street Capital and Coniston Capital.

[...] "Electricity powers our world, but the fundamental danger inherent in AC or DC electricity makes today's electrical systems expensive to install or change,” said Sidewalk Labs chairman and chief executive, Dan Doctoroff in a statement. “[This technology] is a breakthrough, offering a less expensive, safer and more efficient way to distribute electricity that can make buildings more affordable and flexible. Over time, that can make cities more affordable, sustainable, and adaptable as our needs change."

Original Submission

upstart writes:

Submitted via IRC for SoyCow1337

GitHub will store all of its public open source code in an Arctic vault

At its Universe Developer Conference two days ago, GitHub announced its Archive Program -- its plan to preserve all of its open source software for future generations. The program will see this data stored on an ongoing basis across various data formats and locations, including in the Arctic World Archive, a vault hidden 250 meters within an Arctic mountain in Svalbard. The Doomsday seed vault is just around the corner.

The data is stored on reels of film coated with iron oxide powder. It can be read by a computer or -- in the event of a global power outage -- a human with a magnifying glass. Crucially, this film will last for 1,000 years. Among the first data deposit at the vault is the source code for Android and Linux operations systems, as well as a range of programming languages, web platforms, cryptocurrencies and AI tools. GitHub is planning on having all active public repositories stored by February 2020.

Original Submission

An Anonymous Coward writes:

Having written an IDE, an API, and having gone through the copyright process for software before, I have at least a little understanding the current debate between Google and Oracle. While the general consensus seems to be that Google is right, I disagree. Here are my reasons.

upstart writes:

Submitted via IRC for SoyCow1337

US-CERT Warns of Remotely Exploitable Bugs in Medical Devices

Vulnerabilities in key surgical equipment could be remotely exploited by a low-skill attacker.

US-CERT has issued an advisory for vulnerabilities in Medtronic's Valleylab FT10 and Valleylab FX8 Energy Platforms, both key surgical equipment that could be remotely exploited by a low-skill attacker. Vulnerabilities also affect Valleylab Exchange Client, officials report.

The advisory details three vulnerabilities. One is the use of hard-coded credentials (CVE-2019-13543). Affected devices use multiple sets of hard-coded credentials; if discovered, they could be used to read files on the equipment. The flaw has been assigned a CVSS base score of 5.8.

These products also use a reversible one-way hash for OS password hashing. While interactive, network-based logons are disabled. An attacker could use other vulnerabilities disclosed to gain local shell access and obtain these hashes. This flaw (CVE-2019-13539) has a CVSS score of 7.0.

Improper input validation (CVE-2019-3464 and CVE-2019-3463) marks the third type of vulnerability. The affected devices use a vulnerable version of the rssh utility to enable file uploads, which could give an attacker administrative access to files or the ability to execute arbitrary code. This vulnerability has been given a CVSS score of 9.8.

Original Submission

upstart writes:

Submitted via IRC for SoyCow1337

The USPTO wants to know if artificial intelligence can own the content it creates

And it wants the public to weigh in

The US office responsible for patents and trademarks is trying to figure out how AI might call for changes to copyright law, and it's asking the public for opinions on the topic. The United States Patent and Trademark Office (USPTO) published a notice in the Federal Register last month saying it's seeking comments, as spotted by TorrentFreak.

The office is gathering information about the impact of artificial intelligence on copyright, trademark, and other intellectual property rights. It outlines thirteen specific questions, ranging from what happens if an AI creates a copyright-infringing work to if it's legal to feed an AI copyrighted material.

It starts off by asking if output made by AI without any creative involvement from a human should qualify as a work of authorship that's protectable by US copyright law. If not, then what degree of human involvement "would or should be sufficient so that the work qualifies for copyright protection?"

Other questions ask if the company that trains an AI should own the resulting work, and if it's okay to use copyrighted material to train an AI in the first place. "Should authors be recognized for this type of use of their works?" asks the office. "If so, how?"

The office, which, among other things, advises the government on copyright, often seeks public opinion to understand new developments and hear from people who actually deal with them. Earlier this year, the office similarly asked for public opinion on AI and patents.

"if it's really a push button thing, and you get a result, I don't think there's any copyright in that."

Original Submission