SoylentNews

martyb writes:

Bald eagles, eaglets found nesting in arms of Arizona cactus

The Arizona Game and Fish Department revealed Wednesday that biologists discovered a pair of eagles and their eaglets in the arms of a large saguaro during a recent eagle survey.

Kenneth "Tuk" Jacobson, the agency's coordinator of raptor management, said the eagles are on a cactus near a central Arizona reservoir.

[...] Wildlife biologists have looked for decades for a sighting of bald eagles nesting in Arizona saguaro cacti. According to Jacobson, the last known mention of such a sighting was a 1937 record.

Nice to see something flourishing right now besides viruses and locusts.

Original Submission

martyb writes:

Subsistence agriculture:

Subsistence agriculture occurs when farmers grow food crops to meet the needs of themselves and their families. In subsistence agriculture, farm output is targeted to survival and is mostly for local requirements with little or no surplus.

Africa's Huge Locust Swarms Are Growing at the Worst Time:

As the coronavirus pandemic exploded across the world earlier this year, another even more conspicuous plague was tearing through East Africa: locusts. The voracious little beasts are particularly fond of carbohydrates like grains, a staple of subsistence farmers across the continent. Back in January, the UN Food and Agriculture Organization (FAO) predicted the worst was still to come, and that by June, the size of the swarms could grow by a factor of 500.

And now, at the worst time, a second wave of locusts 20 times bigger than the first has descended on the region, thanks to heavy rains late last month, according to the FAO. The swarms have infiltrated Yemen and firmly established themselves across the Persian Gulf, having laid eggs along 560 miles of Iran's coastline. New swarms are particularly severe in Kenya, Ethiopia, and Somalia.

"The timing is really horrendous, because the farmers are just planting, and the seedlings are just coming up now since it's the beginning of the rainy season," says Keith Cressman, senior locust forecasting officer with the FAO. "And it's right at the same time when you have an increasing number of swarms in Kenya and in Ethiopia. There's already pictures and reports of the seedlings getting hammered by the swarms. So basically that's it for the farmers' crops."

"This represents an unprecedented threat to food security and livelihoods," FAO officials wrote in a brief last week. All this is happening while the region locks down to stave off the coronavirus pandemic, and as travel restrictions mean experts can't get to countries to train people. It'd be hard to imagine a more brutal confluence of factors. "The problem is that most of the countries were not ready, and are now invaded with swarms," says ecologist Cyril Piou, of the French Agricultural Research Center for International Development, which helps economically developing countries with agricultural issues. "The solution is to try to control as much as you can."

martyb writes:

DHS Urges Pulse Secure VPN Users To Update Passwords:

The Department of Homeland Security (DHS) is urging companies that use Pulse Secure VPNs to change their passwords for Active Directory accounts, after several cyberattacks targeted companies who had previously patched a related flaw in the VPN.

[...] Government officials say before the patches were deployed, bad actors were able to compromise Active Directory accounts. So even those who have patched for the bug could still be compromised and are vulnerable to attack.

At the heart of the advisory is a known, critical Pulse Secure arbitrary file reading flaw that opens systems to exploitation from remote, unauthenticated attackers to gain access to a victim's networks. Tracked as CVE-2019-11510, the bug was patched by Pulse Secure in April 2019, and many companies impacted by the flaw issued the fix to address the vulnerability since then.

[...] Attackers have already exploited the flaw to snatch up victims' credentials – and now are using those credentials to move laterally through organizations, DHS' Cybersecurity and Infrastructure Security Agency (CISA) warned in the Thursday alert.

[...] "CISA strongly urges organizations that have not yet done so to upgrade their Pulse Secure VPN to the corresponding patches for CVE-2019-11510," according to CISA's alert. "If—after applying the detection measures in this alert—organizations detect evidence of CVE-2019-11510 exploitation, CISA recommends changing passwords for all Active Directory accounts, including administrators and services accounts."

The flaw exists in Pulse Connect Secure, Pulse Secure's SSL VPN (virtual private network) platform used by various enterprises and organizations. Exploitation of the vulnerability is simple, which is why it received a 10 out of 10 CVSS ranking. Attackers can exploit the flaw to get initial access on the VPN server, where they're able to access credentials. A proof of concept (PoC) was made public in August 2019. During that time, Troy Mursch with Bad Packets identified over 14,500 Pulse Secure VPN endpoints that were vulnerable to this flaw. In a more recent scan, on Jan. 3, 2020, Mursch said 3,825 endpoints remain vulnerable.

[...] In addition to urging organizations update credentials on accounts in Active Directory, which is the database keeps track of all organizations' user accounts and passwords, CISA has also released a new tool to help network admins sniff out any indicators of compromise on their systems that are related to the flaw.

Original Submission

The Mighty Buzzard writes:

So, COVID-19 (coronavirus, SARS-CoV-2, whatever you call it) sucks a bit for your health but it turns out it sucks a lot for the economy. So we're extending any subscriptions that were going to expire before then out to June first (this may be extended a time or two depending on how well our savings hold up). Yeah, we know we're an extremely small cap entity and that's not going to make a whole lot of difference but it's something we felt we should do anyway for a couple reasons.

First, we as a corporation do not have paid employees. The only people we give money to are our hosts, our registrar, our CPA, and the revenooers. Which we're going to have to continue doing regardless and which we can currently afford to do for a month or two without dire risk of having to make infrastructure cutbacks. Putting money into us during this nonsense doesn't help much in directly putting food on someone's table or keeping jobs from going poof, so we'd prefer you guys put anything you were going to send us to work where it will help at least a tiny bit in keeping the businesses that your neighbors work at afloat. Which is to say, spend it locally.

Second, we're quite fond of the folks who've chosen to financially support the site and we don't want them to get dinged because of something that wasn't remotely their fault.

Now we're not shutting down the site's subscription functionality. If you feel a desire to contribute anyway, we're happy to oblige and we're not going to tell you that you can't. We're not the bosses of your wallets and it would mean extra work for me when I don't really have time to do much of anything code/admin-wise.

Also, we're only doing this automatically for current and new subscribers; we don't want to hit people who weren't interested with an unsolicited email about subscription expiration when we have to shut the extensions down. They may have quit subscribing or even frequenting the site and it's annoying as all get out to keep getting emails from sites you stopped doing business with on purpose. We're happy to handle it manually, though, if your subscription ended any time since the first of the year. Just drop a comment to this journal entry (NOT to THIS story!) and I'll take care of it as often as I have time (at least once a day).

That's all. We now return you to your regularly scheduled mix of discussion, debate, yelling at each other, and trolling.

(Oh, and you can still submit stories, too! Hint hint! --martyb)

Arthur T Knackerbracket has found the following story:

Asgard archaea are relatively new to science, but they are ancient and important to us in more ways than one. They are single-celled organisms and were originally found at the bottom of the ocean. Asgard archaea are what are known as a prokaryote, they do not have a cell nucleus, yet despite this, they are genetically close to single-celled organisms called eukaryotes which do contain a cell nucleus. They are like a modern analogue of an ancient common ancestor.

[...] Associate Professor Keiichi Inoue from the Institute for Solid State Physics at the University of Tokyo, Professor Hideki Kandori from Nagoya Institute of Technology and their team chose to study a feature of Asgard archaea that although not unique to them, is especially interesting in their case, and that is light-sensitive or photoreceptive proteins called rhodopsins. The organisms live at the bottom of oceans and lakes so it's surprising they need any kind of sensitivity to light.

"We explored the molecular function of special rhodopsins in Asgard archaea called schizorhodopsins and found that they acted as light-activated microscopic pumps," explained Inoue. "Schizorhodopsin uses sunlight energy to take up a proton into the cell along a pathway inside the protein. Many prokaryotes such as bacteria and other archaea use rhodopsins to pump protons out, but we find this newly characterized form in Asgard archaea particularly interesting."

[...] "These findings will help us better understand proton and other ion transport mechanisms. In addition, schizorhodopsin could be made into a useful molecular tool for researchers," commented Inoue. "For example in optogenetics, which is a new methodology to control various cellular phenomena with light. Schizorhodopsins could also be used to control the pH inside cells or microorganisms with light, as pH can be altered by changing the proton concentration."

Journal Reference: "Schizorhodopsins: A novel family of rhodopsins from Asgard archaea that function as light-driven inward H+ pumps" Science Advances (2020). DOI: 10.1126/sciadv.aaz2441 , https://advances.sciencemag.org/content/6/15/eaaz2441

Also at Science Daily and phys.org.

Original Submission

upstart writes in with an IRC submission for Fnord666:

Supply-chain attack hits RubyGems repository with 725 malicious packages:

More than 725 malicious packages downloaded thousands of times were recently found populating RubyGems, the official channel for distributing programs and code libraries for the Ruby programming language.

The malicious packages were downloaded almost 100,000 times, although a significant percentage of those are likely the result of scripts that automatically crawl all 158,000 packages available in the repository, Tomislav Pericin, the cofounder and chief software architect of security firm ReversingLabs, told Ars. All of them originated from just two user accounts: "JimCarrey" and "PeterGibbons."

The accounts, which ReversingLabs suspects may be the work of a single individual, used a variation of typosquatting—the technique of giving a malicious file or domain a name that's similar to a commonly recognizable name—to give the impression they were legitimate. For instance, "atlas-client," a booby-trapped package with 2,100 downloads, was a stand-in for the authentic "atlas_client" package. More than 700 of the packages were uploaded from February 16 to 25.

Once installed, the packages executed a script that attempted to intercept Bitcoin payments made on Windows devices.

Original Submission

upstart writes in with an IRC submission for Fnord666:

Understanding RAID: How performance scales from one disk to eight:

One of the first big challenges neophyte sysadmins and data hoarding enthusiasts face is how to store more than a single disk worth of data. The short—and traditional—answer here is RAID (a Redundant Array of Inexpensive Disks), but even then there are many different RAID topologies to choose from.

Most people who implement RAID expect to get extra performance, as well as extra storage, out of all those disks. Those expectations aren't always rooted very firmly in the real world, unfortunately. But since we're all home with time for some technical projects, we hope to shed some light on how to plan for storage performance—not just the total number of gibibytes (GB) you can cram into an array.

A quick note here: Although readers will be interested in the raw numbers, we urge a stronger focus on how they relate to one another. All of our charts relate the performance of RAID arrays at sizes from two to eight disks to the performance of a single disk. If you change the model of disk, your raw numbers will change accordingly—but the relation to a single disk's performance will not for the most part.

[...] For all tests, we're using Linux kernel RAID, as implemented in the Linux kernel version 4.15, along with the ext4 filesystem. We used the --assume-clean parameter when creating our RAID arrays in order to avoid overwriting every block of the array, and we used -E lazy_itable_init=0,lazy_journal_init=0 when creating the ext4 filesystem to avoid contaminating our tests with ongoing background writes initializing the filesystem in the background.

Original Submission

upstart writes in with an IRC submission for Bytram:

SpaceX Offers NASA A Custom Moon Freighter:

Under the current Administration, NASA has been tasked with returning American astronauts to the Moon as quickly as possible. The Artemis program would launch a crewed mission to our nearest celestial neighbor as soon as 2024, and establish a system for sustainable exploration and habitation by 2028. It's an extremely aggressive timeline, to put it mildly.

To have any chance of meeting these goals, NASA will have to enlist the help of not only its international partners, but private industry. There simply isn't enough time for the agency to design, build, and test all of the hardware that will eventually be required for any sort of sustained presence on or around the Moon. By awarding a series of contracts, NASA plans to offload some of the logistical components of the Artemis program to qualified companies and agencies.

For anyone who's been following the New Space race these last few years, it should come as no surprise to hear that SpaceX has already been awarded one of these lucrative logistics contracts. They've been selected as the first commercial provider for cargo deliveries to Gateway, a small space station that NASA intendeds to operate in lunar orbit. Considering SpaceX already has a contract to resupply the International Space Station, they were the ideal candidate to offer similar services for a future lunar outpost.

But that certainly doesn't mean it will be easy. The so-called "Gateway Logistics Services" contract stipulates that providers must be able to deliver at least 3,400 kilograms (7,500 pounds) of pressurized cargo and 1,000 kilograms (2,200 pounds) of unpressurized cargo to lunar orbit. That's beyond the capabilities of SpaceX's Dragon spacecraft, which was only designed to service low Earth orbit.

To complete this new mission, the company is proposing a new vehicle they're calling the Dragon XL that would ride to orbit on the Falcon Heavy booster. But even for this New Space darling, there's not a lot of time to design, test, and build a brand-new spacecraft. To get the Dragon XL flying as quickly as possible, SpaceX is going to need to strip the craft down to the bare minimum.

Original Submission

Arthur T Knackerbracket has found the following story:

During learning, the brain is a prediction engine that continually makes theories about our environment and accurately registers whether an assumption is true or not. A team of neuroscientists from Ruhr-Universität Bochum has shown that expectation during these predictions affects the activity of various brain networks. Dr. Bin Wang, Dr. Lara Schlaffke and Associate Professor Dr. Burkhard Pleger from the Neurological Clinic of Berufsgenossenschaftliches Universitätsklinikum Bergmannsheil report on the results in two articles that were published in March and April 2020 in the journals Cerebral Cortex and Journal of Neuroscience.

The neuroscientists identified two key regions in the brain: the thalamus plays a central role in decision-making. The insular cortex, on the other hand, is particularly active when it is clear whether the right or wrong decision has been made. "The expectation during learning then regulates specific connections in the brain and thus the prediction for learning-relevant sensory perception," says Burkhard Pleger.

[...] For the investigation, the team used a learning task that focuses on the decision-making process during the perception of skin contact in the brain. "It's like learning a computer strategy game using a game pad, which gives sensory feedback to certain fingers on certain stimuli," compares Pleger. "The point is that a certain touch stimulus leads to success and that this has to be learned from stimulation to stimulation."

28 participants were given either tactile stimulus A or B on the index finger in each trial run. At the push of a button, they then had to predict whether the subsequent tactile stimulus would be the same or not. The probability of A and B was constantly changing, which the participant had to learn from prediction to prediction.

upstart writes in with an IRC submission for Bytram:

Hospitalizations down once power plants retired coal or installed better emission controls:

After four Louisville, Kentucky, coal-fired power plants either retired coal as their energy source or installed stricter emissions controls, local residents' asthma symptoms and asthma-related hospitalizations and emergency department (ED) visits dropped dramatically, according to research published in Nature Energy this week by Columbia University Mailman School of Public Health, Propeller Health, University of California Berkeley, Harvard TH Chan School of Public Health, University of Texas Austin, Colorado State University, Louisville Metro Department of Public Health and Wellness, Louisville Metro Office of Civic Innovation and Technology, the Christina Lee Brown Envirome Institute and Family Allergy & Asthma.

[...] Between 2013 and 2016, one coal-fired power plant in the Louisville area retired coal as an energy source, and three others installed stricter emission controls to comply with regulations from the U.S. Environmental Protection Agency. Researchers took advantage of these circumstances to analyze the impact of the coal-fired power plant energy transitions on residents' respiratory health, using data from Propeller and local hospitals to assess how asthma-related symptoms, ED visits and hospitalizations changed over time.

[...] The researchers found that energy transitions in the spring of 2015 resulted in three fewer hospitalizations and ED visits per ZIP code per quarter in the following year, when comparing areas that had high coal-fired power plant emission exposure prior to the transition to those with lower levels. This translates into nearly 400 avoided hospitalizations and ED visits each year across Jefferson County.

Arthur T Knackerbracket has found the following story:

Blood pressure readings taken from neuroscience intensive care unit (NSICU) patients had marked differences between opposite sides of the body and different anatomical sites in each individual, highlighting the significant and sometimes extreme variability of this measure even in the same person depending on where it's taken, researchers from UT Southwestern Medical Center report in a new study.

The findings, published online Feb. 25, 2020, in Scientific Reports and the 100th research paper published by nurses at UTSW, could eventually impact how blood pressure information -- which informs a variety of medical decisions in the NSICU and beyond -- is collected.

upstart writes in with an IRC submission for Bytram:

ICANN delays .org sale again after scathing letter from California AG:

ICANN, the nonprofit that oversees the Internet's domain name system, has given itself another two weeks to decide whether to allow control of the .org domain to be sold to private equity firm Ethos Capital. The decision comes after ICANN received a blizzard of letters from people opposed to the transaction, including California Attorney General Xavier Becerra.

Becerra's letter was significant because ICANN is incorporated in California. That means it's Becerra's job to make sure that ICANN is living up to the commitments in its articles of incorporation, which promise that ICANN will operate "for the benefit of the Internet community as a whole."

Becerra questioned whether ICANN was really doing that. "There is mounting concern that ICANN is no longer responsive to the needs of its stakeholders," he wrote.

California's attorney general pointed to several specific concerns about the transaction. One was the shadowy nature of the proposed buyer, Ethos Capital. "Little is known about Ethos Capital and its multiple proposed subsidiaries," Becerra writes. Ethos Capital, he said, has "refused to produce responses to many critical questions posted by the public and Internet community."

Ethos Capital's plan is to buy the Public Interest Registry (PIR) from its current parent organization, the nonprofit Internet Society. To help finance the sale, Ethos will saddle PIR with $300 million in debt—a common tactic in the world of leveraged buyouts. Becerra warns that this tactic could endanger the financial viability of the PIR—especially in light of the economic uncertainty created by the coronavirus.

"If the sale goes through and PIR's business model fails to meet expectations, it may have to make significant cuts in operations," Becerra warns. "Such cuts would undoubtedly affect the stability of the .org registry."

Becerra also blasts the Internet Society for considering the sale in the first place. "ISOC purports to support the Internet, yet its actions, from the secretive nature of the transaction, to actively seeking to transfer the .org registry to an unknown entity, are contrary to its mission and potentially disruptive to the same system it claims to champion and support," he writes.

Becerra ends his letter with a warning: "This office will continue to evaluate this matter, and will take whatever action necessary to protect Californians and the nonprofit community."

Original Submission

upstart writes in with an IRC submission:

Apple Music on the web is no longer in beta -- including on Linux:

Yes, starting today, you can simply visit https://music.apple.com/ rather than https://beta.music.apple.com/. All mentions of the word "beta" are gone, signaling it is no longer in a testing phase. This isn't just on Linux, but Windows and Mac too. Since many users of those operating systems despise iTunes, it is big news for them too -- Apple Music without the bloated iTunes!

Truth be told, I found Apple Music  to be flawless while in beta when using Firefox on Ubuntu, but it is good to know that Apple is taking the web version seriously and won't be abandoning it any time soon. Quite frankly, it is refreshing that the company hasn't tried to block Linux users by detecting the user agent.

See also: The Web-based version of Apple Music has officially launched

Original Submission

upstart writes in with an IRC submission for SoyCow8192:

Some shirts hide you from cameras:

Right now, you're more than likely spending the vast majority of your time at home. Someday, however, we will all be able to leave the house once again and emerge, blinking, into society to work, travel, eat, play, and congregate in all of humanity's many bustling crowds.

The world, when we eventually enter it again, is waiting for us with millions of digital eyes—cameras, everywhere, owned by governments and private entities alike. Pretty much every state out there has some entity collecting license plate data from millions of cars—parked or on the road—every day. Meanwhile all kinds of cameras—from police to airlines, retailers, and your neighbors' doorbells—are watching you every time you step outside, and unscrupulous parties are offering facial recognition services with any footage they get their hands on.

In short, it's not great out there if you're a person who cares about privacy, and it's likely to keep getting worse. In the long run, pressure on state and federal regulators to enact and enforce laws that can limit the collection and use of such data is likely to be the most efficient way to effect change. But in the shorter term, individuals have a conundrum before them: can you go out and exist in the world without being seen?

[Ed Note - This is a two-page article.]

Original Submission

Arthur T Knackerbracket has found the following story:

For most of human history, the way to get custom shapes and colors onto one's retinas was to draw it on a cave wall, or a piece of parchment, or on paper. Later on, we invented electronic displays and used them for everything from televisions to computers, even toying with displays that gave the illusion of a 3D shape existing in front of us. Yet what if one could just skip this surface and draw directly onto our retinas?

Admittedly, the thought of aiming lasers directly at the layer of cells at the back of our eyeballs — the delicate organs which allow us to see — likely does not give one the same response as you'd have when thinking of sitting in front of a 4K, 27″ gaming display to look at the same content. Yet effectively we'd have the same photons painting the same image on our retinas. And what if it could be an 8K display, cinema-sized. Or maybe have a HUD overlay instead, like in video games?

In many ways, this concept of virtual retinal displays as they are called is almost too much like science-fiction, and yet it's been the subject of decades of research, with increasingly more sophisticated technologies making it closer to an every day reality. Will we be ditching our displays and TVs for this technology any time soon?

[...] Naturally, the very first question that may come to one's mind when hearing about VDRs is why it's suddenly okay to shine not one but three lasers into your eyes? After all, we have been told to never, not even once, point even the equivalent of a low-powered laser pointer at a person, let alone straight at their eyes. Some may remember the 2014 incident at the Burning Man festival where festival goers practically destroyed the sight of a staff member with handheld lasers.

The answer to these concerns is that very low-powered lasers are used. Enough to draw the images, not enough to do more than cause the usual wear and tear from using one's eyes to perceive the world around us. As the light is projected straight onto the retina, there is no image that can become washed out in bright sunlight. Companies like Bosch have prototypes of VRD glasses, with the latter recently showing off their BML500P Bosch Smartglasses Light Drive solution. They claim an optical output power of <15 µW.

-- submitted from IRC

Original Submission