SoylentNews

takyon writes:

4/20 in the age of coronavirus, explained

In normal times, April 20 would be 4/20, the unofficial holiday for celebrating marijuana. People would be preparing to rally near state capitols, in concerts, and at huge fairs to fill the air with thick, pungent smoke.

But April 20 this year, on Monday, doesn't come during normal times. With a coronavirus pandemic still going, much of the United States and the rest of the world are staying at home as much as possible to avoid the spread of Covid-19, the disease caused by the SARS-CoV-2 virus. That means the large crowds and rallies that have previously taken place in Denver, San Francisco, Washington, DC, and many other places around the world are not going to happen.

Yet 4/20 will go on. Before the big day, I got emails from marijuana companies asking, for example, if I was "throwing a virtual 4/20 smoke sesh." (No, I'm not.) One such company advertised "awesome marijuana-inspired Zoom backgrounds so you can tune in and drop out, immersing yourself fully in the 4/20 experience" — in reference to the backgrounds that can be made for the video conferencing service, Zoom, used by workplaces globally and, apparently, marijuana users throwing virtual 4/20 parties.

Coronavirus sends 420 gatherings up in smoke, but potheads still plan virtual toke

In mid-March, as cities across the country began to impose stay-at-home orders, cannabis dispensaries saw a sharp spike in business. Figures from the nationwide cannabis data intelligence firm Headset showed that legal marijuana sales in California skyrocketed 159% on March 16 compared with the same day in 2019. In Washington state, sales jumped 33% on March 15 compared with a week earlier, with purchases of more than $50 increasing from 16% to 21%.

Sales leveled off before they spiked again nearly 50% last week as American taxpayers began receiving financial stimulus checks of up to $1,200 from the federal government, according to Jane Technologies, an eCommerce platform for more than 1,300 cannabis retailers across the nation.

Some members of the legal cannabis industry have joined forces to give back to their communities on 420. In Colorado, Friends in Weed, a consortium of cannabis businesses, has issued a challenge dubbed 420Help that began over the weekend to raise money for Gov. Jared Polis' COVID Relief Fund, which is providing financial assistance to Coloradans impacted by the coronavirus.

The organizers of the event are challenging cannabis businesses and coalitions to donate at least $420 or 4.2% of sales to Polis' funds and for consumers to give $4.20 to the fund. Organizers are also encouraging people to support their favorite dispensary's "budtenders" by providing them gift cards to local restaurants and small businesses.

Virginia Governor Approves Marijuana Decriminalization Bill

The governor of Virginia announced on Sunday that he approved a bill to decriminalize marijuana possession in the state.

The legislation, which would make possessing up to one ounce of cannabis punishable by a $25 fine with no threat of jail time and no criminal record, was passed by the legislature and transmitted to the governor's desk in March.

Original Submission

An Anonymous Coward writes:

https://www.itwire.com/open-source/jonathan-carter-wins-race-to-lead-debian-for-next-year.html

South African developer Jonathan Carter will be the leader of the Debian GNU/Linux project for the next year, after he defeated the two other contenders in the race, according to the results which were declared on Sunday.

Carter was up against Sruthi Chandran, who was bidding to become the first female leader of the project, and Brian Gupta, a member of the project for the last seven years.

Carter had cited the need for better publicity, getting more feedback to ease up issues that contributors faced and better visibility and transparency about funds received and how they were spent in his election platform.

[...] Debian is one of the few free software projects that holds elections. It has done so since it was set up in 1993 by the late Ian Murdock.

Original Submission

upstart writes in with an IRC submission for both aristarchus and an AnonymousCoward:

Security lapse exposed Clearview AI source code – TechCrunch:

Since it exploded onto the scene in January after a newspaper exposé, Clearview AI quickly became one of the most elusive, secretive and reviled companies in the tech startup scene.

The controversial facial recognition startup allows its law enforcement users to take a picture of a person, upload it and match it against its alleged database of 3 billion images, which the company scraped from public social media profiles.

But for a time, a misconfigured server exposed the company's internal files, apps and source code for anyone on the internet to find.

Mossab Hussein, chief security officer at Dubai-based cybersecurity firm SpiderSilk, found the repository storing Clearview's source code. Although the repository was protected with a password, a misconfigured setting allowed anyone to register as a new user to log in to the system storing the code.

The repository contained Clearview's source code, which could be used to compile and run the apps from scratch. The repository also stored some of the company's secret keys and credentials, which granted access to Clearview's cloud storage buckets. Inside those buckets, Clearview stored copies of its finished Windows, Mac and Android apps, as well as its iOS app, which Apple recently blocked for violating its rules. The storage buckets also contained early, pre-release developer app versions that are typically only for testing, Hussein said.

The repository also exposed Clearview's Slack tokens, according to Hussein, which, if used, could have allowed password-less access to the company's private messages and communications.

Arthur T Knackerbracket has found the following story:

For millennia, metallurgists have been meticulously tweaking the ingredients of steel to enhance its properties. As a result, several variants of steel exist today; but one type, called martensitic steel, stands out from its steel cousins as stronger and more cost-effective to produce. Hence, martensitic steels naturally lend themselves to applications in the aerospace, automotive and defense industries, among others, where high-strength, lightweight parts need to be manufactured without boosting the cost.

However, for these and other applications, the metals have to be built into complex structures with minimal loss of strength and durability. Researchers from Texas A&M University, in collaboration with scientists in the Air Force Research Laboratory, have now developed guidelines that allow 3D printing of martensitic steels into very sturdy, defect-free objects of nearly any shape.

"Strong and tough steels have tremendous applications but the strongest ones are usually expensive -- the one exception being martensitic steels that are relatively inexpensive, costing less than a dollar per pound," said Dr. Ibrahim Karaman, Chevron Professor I and head of the Department of Materials Science and Engineering. "We have developed a framework so that 3D printing of these hard steels is possible into any desired geometry and the final object will be virtually defect-free."

Although the procedure developed was initially for martensitic steels, researchers from the Texas A&M said they have made their guidelines general enough so that the same 3D printing pipeline can be used to build intricate objects from other metals and alloys as well.

The findings of the study were reported in the December issue of the journal Acta Materialia.

[...] "Although we started with a focus on 3D printing of martensitic steels, we have since created a more universal printing pipeline," said Karaman. "Also, our guidelines simplify the art of 3D printing metals so that the final product is without porosities, which is an important development for all type of metal additive manufacturing industries that make parts as simple as screws to more complex ones like landing gears, gearboxes or turbines."

Journal Reference:

Raiyan Seede, David Shoukr, Bing Zhang, Austin Whitt, Sean Gibbons, Philip Flater, Alaa Elwany, Raymundo Arroyave, Ibrahim Karaman. An ultra-high strength martensitic steel fabricated using selective laser melting additive manufacturing: Densification, microstructure, and mechanical properties. Acta Materialia, 2020; 186: 199 DOI: 10.1016/j.actamat.2019.12.037

Original Submission

upstart writes in with an IRC submission for Bytram:

National security concerns just won out over Twitter's attempt to be transparent about surveillance:

Six years ago, Twitter sued the US government in an attempt to detail surveillance requests the company had received, but a federal judge on Friday ruled in favor of the government's case that detailing the requests would jeopardize the country's safety.

If Twitter revealed the number of surveillance requests it received each calendar quarter, it "would be likely to lead to grave or imminent harm to the national security," US District Judge Yvonne Gonzalez Rogers concluded after reviewing classified information from the government. See below for the full ruling.

"While we are disappointed with the court's decision, we will continue to fight for transparency," Twitter said in a statement Saturday.

Original Submission

[20200420_144755 UTC: Update: According to this comment to the thread at NASASpaceflight, the RollLift (which would transport SN4 to the pad) has not finished being assembled. Looks like it will still be a while before testing commences. --martyb]

[20200420_162536 UTC: Corrected timelines and costs; see linked comment. --martyb]

martyb writes:

NASASpaceflight has continuous updates of activities at the Boca Chica SpaceX site with many pics and videos, too. The last time I checked, SN4 (SpaceX's 4th Starship prototype: Serial Number 4) is nearing completion of construction and is soon to be transported to the testing platform. Historically, next would be pressurization tests, e.g. with liquid nitrogen, to see if the rocket can handle the temperatures and pressures. Prior testing failures have been... impressive. Should all go well with these tests, next up would be testing of SN4 with liquid methane and liquid oxygen. If successful, static fire tests with the rocket tethered and, ultimately, with a powered hop for a very limited duration and distance.

SpaceX CEO Elon Musk has set a goal of building a new Starship rocket each week. SN4 has been under construction for less than a month. By comparison, the SLS (Space Launch System) has been under development for many years, has cost billions of dollars per year, and has never (not even once) been launched. (Please see this comment for clarification.)

Here are the dates and times of upcoming road and beach closures (and alternates) as announced by Cameron County, Texas coinciding with planned testing by SpaceX:

• April 20, 2020: 0800-0900 (Primary Date)
• April 23, 2020: 0900-1000 (Primary Date)
• April 26, 2020: 0900-1159 (Primary Date)
• April 27, 2020: 0900-1159 (Alternate Date)
• April 28, 2020: 0900-1159 (Alternate Date)

(All times are Central Daylight Time; add 5 hours to get the corresponding date/time in UTC .)

Previously:
(2020-04-18) SpaceX Offers NASA a Custom Moon Freighter
(2020-04-03) SpaceX Loses its Third Starship Prototype During a Cryogenic Test
(2020-04-03) SpaceX Almost Ready to Start Testing SN3 -- The Third Starship Prototype
(2020-04-01) SpaceX Releases a Payload User's Guide for its Starship Rocket
(2020-03-10) Another Starship Prototype Explodes, but SpaceX Isn't Stopping

Original Submission

Arthur T Knackerbracket has found the following story:

When Jane Goodall witnessed a chimpanzee troop split into two bands in 1974, she called the event a "once-in-a-lifetime" opportunity. Now, a group of chimp researchers fears missing its own once-in-a-lifetime moment because of the coronavirus pandemic. Two years ago, they, too, witnessed a chimp group fission at Kibale National Park in Uganda. The consequences surprised them: Males of one group recently attacked the other and beat up the females. "I would have never predicted that males that have grown up together would be at each other's throats," says John Mitani, a primatologist at the University of Michigan, Ann Arbor. But he and his colleagues are likely to remain ignorant about how this power struggle plays out over the coming months or even the next year.

Because of the coronavirus pandemic, most of the research team has left the country. Mitani says such precautions make sense for both humans and chimps, who are likely vulnerable to COVID-19, too, according to an 11 April preprint on bioRxiv. But he and his colleagues may miss the rare events that structure chimpanzee society.

-- submitted from IRC

Original Submission

An Anonymous Coward writes:

Do you want your government tracking you by your mobile phone in the fight against COVID-19? In Australia members of Parliament have refused to install the COVID Trace app to track COVID-19 transmission. The code for the app, due to be released in a few weeks, will be open sourced and the government promises to not keep any data longer than required for the current pandemic emergency.

After the complete screwup of the last census, the debacle that is eHealth, data leakage from credit card transactions, and dismal state of privacy today how can anyone have any confidence in this type of 'help'?

Original Submission

upstart writes in with an IRC submission for chromas:

Copyright Holders Have to 'Resend' Millions of Pirate Bay Takedown Notices:

After several weeks of absence, The Pirate Bay became accessible again through its main .org domain last weekend.

At first sight the site looked more or less the same but there are some significant changes, both under the hood and in appearance.

Many users immediately noticed that the site doesn't work well with several ad blockers. Whether this is a bug or a feature is the question, but it was both frustrating and annoying for some.

[...] With the new Pirate Bay design also comes a new URL structure. Instead of the old torrent pages that were accessible through thepiratebay.org/torrent/12345, the format has now changed to thepiratebay.org/description.php?id=12345.

Other URLs, including categories, the top lists, and user pages, all updated as well. To give another example, the 100 most-active torrents on the site can now be accessed from thepiratebay.org/search.php?q=top100:all, instead of the old thepiratebay.org/top/all.

For users, this isn't a problem. All old links simply redirect to new ones. However, for copyright holders, it's an outright disaster as it means that they will have to resend all their takedown notices.

[...] Looking at Google's transparency report we see that copyright holders have asked the search engine to remove more than five million URLs. Pretty much all of these notices have been rendered useless.

For example, this 2012 takedown notice from Paramount Pictures removed the link to The Pirate Bay's top 100 video torrents. However, after the update, the same page reappeared under a new URL. Another consideration is that Google is just one search engine, so the same applies to other search engines too.

Previously:
(2020-04-11) Pirate Bay No Longer Uses Cloudflare, Visitors Sent to 'Black Hole'
(2020-04-09) Anti-Piracy Copyright Lawyer Decides to Abuse Trademarks to Shut Down Pirates
(2020-04-07) Movie Company Boss Urges U.S. Senators to Make "Streaming Piracy" a Felony
(2020-03-26) Supreme Court Rules States are Not Liable for Copyright Violations
(2020-03-23) The Invisible Man, Emma, and The Hunt Hit Pirate Sites after Rushed Video on Demand Releases

Original Submission

lentilla writes:

The Australian federal government has decided to force Internet giants to pay for content they collect from local publishers. Treasurer Mr Frydenberg says "It's only fair that those that generate content get paid for it".

According to this article appearing in the Sydney Morning Herald: 'The ACCC [Australian Competition and Consumer Commission] will be asked to draft a new industry approach for consultation in July with a definition of the "news content" to be covered by the mandatory code, with the expectation the search and social media giants will have to pay for content.'

Students of history will recall that German publishers tried something similar in 2013. Google responded by removing links to these articles rather than pay the publishers for the privilege of linking. The result: "visitors from web search fell 40 percent; from Google News, they fell 80 percent". Two weeks later and the group of publishers decided to give search engines a free licence to index their content.

Original Submission

upstart writes in with an IRC submission for Bytram:

Zoom: Every security issue uncovered in the video chat app:

As the coronavirus pandemic forced millions of people to stay home over the past month, Zoom suddenly became the video meeting service of choice: Daily meeting participants on the platform surged from 10 million in December to 200 million in March.

With that popularity came Zoom's privacy risks extending rapidly to massive numbers of people. From built-in attention-tracking features to recent upticks in "Zoombombing" (in which uninvited attendees break into and disrupt meetings with hate-filled or pornographic content), Zoom's security practices have been drawing more attention -- along with at least three lawsuits against the company.

Here's everything we know about the Zoom security saga, and when it happened. If you aren't familiar with Zoom's security issues, you can start from the bottom and work your way up to the most recent information. We'll continue updating this story as more issues and fixes come to light.

The story provides a day-by-day list with details of what was reported. Apologies as there are no anchors in the story to which we could provide links. The dates and headlines are excerpted below. See the original story for the details.

martyb writes:

How Our Brain Analyzes Poetry

[An] international research team theorized that the constrained structure of poetry serves as a mental template that allows readers and listeners to group creative poetic language into coherent meanings.

In order to test their hypothesis, the team focused on a genre of ancient Chinese poetry called Jueju, which has a highly constrained style. They generated artificial poems using a recurrent neural network so they could present novel Jueju poems to their participants, while controlling the poetic content.

Nearly eighty thousand ancient poems written over the course of five Chinese dynasties were fed into the neural network model, which then learned to create artificial poems based on the Jueju form.

The researchers synthesized each poem into a speech stream, removing the pauses, intonation, and other prosodic cues that a human speaker would produce, so that listeners had to rely on their knowledge of poetic structures in order to parse the stream.

Native Chinese speakers then listened to the artificial speech streams in an MEG[*] scanner, while the researchers aimed to detect neural signatures in the participants' brains that corresponded to the poetic structure. And indeed, the scientists discovered a brain rhythm of around 0.67 Hertz corresponding to the line structure of Jueju.

Even though the modern Chinese listeners were hearing each "pseudo ancient" poem for the first time and could not fully understand every phrase in the poems, they recognized the highly constrained structure and then actively grouped the poetic speech stream into lines according to their prior knowledge of Jueju. When the participants listened to the same poem for the second time, their brains had learned the structure, which allowed them to predict the forthcoming lines.

martyb writes:

Bald eagles, eaglets found nesting in arms of Arizona cactus

The Arizona Game and Fish Department revealed Wednesday that biologists discovered a pair of eagles and their eaglets in the arms of a large saguaro during a recent eagle survey.

Kenneth "Tuk" Jacobson, the agency's coordinator of raptor management, said the eagles are on a cactus near a central Arizona reservoir.

[...] Wildlife biologists have looked for decades for a sighting of bald eagles nesting in Arizona saguaro cacti. According to Jacobson, the last known mention of such a sighting was a 1937 record.

Nice to see something flourishing right now besides viruses and locusts.

Original Submission

martyb writes:

Subsistence agriculture:

Subsistence agriculture occurs when farmers grow food crops to meet the needs of themselves and their families. In subsistence agriculture, farm output is targeted to survival and is mostly for local requirements with little or no surplus.

Africa's Huge Locust Swarms Are Growing at the Worst Time:

As the coronavirus pandemic exploded across the world earlier this year, another even more conspicuous plague was tearing through East Africa: locusts. The voracious little beasts are particularly fond of carbohydrates like grains, a staple of subsistence farmers across the continent. Back in January, the UN Food and Agriculture Organization (FAO) predicted the worst was still to come, and that by June, the size of the swarms could grow by a factor of 500.

And now, at the worst time, a second wave of locusts 20 times bigger than the first has descended on the region, thanks to heavy rains late last month, according to the FAO. The swarms have infiltrated Yemen and firmly established themselves across the Persian Gulf, having laid eggs along 560 miles of Iran's coastline. New swarms are particularly severe in Kenya, Ethiopia, and Somalia.

"The timing is really horrendous, because the farmers are just planting, and the seedlings are just coming up now since it's the beginning of the rainy season," says Keith Cressman, senior locust forecasting officer with the FAO. "And it's right at the same time when you have an increasing number of swarms in Kenya and in Ethiopia. There's already pictures and reports of the seedlings getting hammered by the swarms. So basically that's it for the farmers' crops."

"This represents an unprecedented threat to food security and livelihoods," FAO officials wrote in a brief last week. All this is happening while the region locks down to stave off the coronavirus pandemic, and as travel restrictions mean experts can't get to countries to train people. It'd be hard to imagine a more brutal confluence of factors. "The problem is that most of the countries were not ready, and are now invaded with swarms," says ecologist Cyril Piou, of the French Agricultural Research Center for International Development, which helps economically developing countries with agricultural issues. "The solution is to try to control as much as you can."

martyb writes:

DHS Urges Pulse Secure VPN Users To Update Passwords:

The Department of Homeland Security (DHS) is urging companies that use Pulse Secure VPNs to change their passwords for Active Directory accounts, after several cyberattacks targeted companies who had previously patched a related flaw in the VPN.

[...] Government officials say before the patches were deployed, bad actors were able to compromise Active Directory accounts. So even those who have patched for the bug could still be compromised and are vulnerable to attack.

At the heart of the advisory is a known, critical Pulse Secure arbitrary file reading flaw that opens systems to exploitation from remote, unauthenticated attackers to gain access to a victim's networks. Tracked as CVE-2019-11510, the bug was patched by Pulse Secure in April 2019, and many companies impacted by the flaw issued the fix to address the vulnerability since then.

[...] Attackers have already exploited the flaw to snatch up victims' credentials – and now are using those credentials to move laterally through organizations, DHS' Cybersecurity and Infrastructure Security Agency (CISA) warned in the Thursday alert.

[...] "CISA strongly urges organizations that have not yet done so to upgrade their Pulse Secure VPN to the corresponding patches for CVE-2019-11510," according to CISA's alert. "If—after applying the detection measures in this alert—organizations detect evidence of CVE-2019-11510 exploitation, CISA recommends changing passwords for all Active Directory accounts, including administrators and services accounts."

The flaw exists in Pulse Connect Secure, Pulse Secure's SSL VPN (virtual private network) platform used by various enterprises and organizations. Exploitation of the vulnerability is simple, which is why it received a 10 out of 10 CVSS ranking. Attackers can exploit the flaw to get initial access on the VPN server, where they're able to access credentials. A proof of concept (PoC) was made public in August 2019. During that time, Troy Mursch with Bad Packets identified over 14,500 Pulse Secure VPN endpoints that were vulnerable to this flaw. In a more recent scan, on Jan. 3, 2020, Mursch said 3,825 endpoints remain vulnerable.

[...] In addition to urging organizations update credentials on accounts in Active Directory, which is the database keeps track of all organizations' user accounts and passwords, CISA has also released a new tool to help network admins sniff out any indicators of compromise on their systems that are related to the flaw.

Original Submission