2020-07-01 00:00:00 ..
2020-07-06 14:30:24 UTC
2020-07-07 03:15:40 UTC
We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.
A spacewalking astronaut added to the millions of pieces of junk orbiting the Earth on Friday, losing a small mirror on his sleeve as soon as he emerged from the International Space Station for battery work.
Commander Chris Cassidy said the mirror quickly floated away. The lost item posed no risk to either the spacewalk or the station, according to NASA.
While millions of pieces of space debris orbit Earth, more than 20,000 items including old rocket parts and busted satellites are big enough to be tracked in order to safeguard the space station and working satellites.
Spacewalking astronauts wear a wrist mirror on each sleeve to get better views while working. The mirror is just 5-by-3 inches (7-by-12 centimeters), and together with its band has a mass of barely one-tenth of a pound (50 grams).
The mirror came loose in darkness. Cassidy inspected his spacesuit sleeve later in sunlight but didn't see any clues that might explain how the mirror came off.
The rest of the six-hour spacewalk went swimmingly.
Apple's iOS 14 beta added a feature that reveals each time an application copies text from the clipboard. A recent article in Ars Technica brought renewed focus to an issue we previously reported in February. This story includes a list of apps from the researcher's blog post.
In March, researchers uncovered a troubling privacy grab by more than four dozen iOS apps including TikTok, the Chinese-owned social media and video-sharing phenomenon that has taken the Internet by storm. Despite TikTok vowing to curb the practice, it continues to access some of Apple users' most sensitive data, which can include passwords, cryptocurrency wallet addresses, account-reset links, and personal messages. Another 53 apps identified in March haven't stopped either.
The privacy invasion is the result of the apps repeatedly reading any text that happens to reside in clipboards, which computers and other devices use to store data that has been cut or copied from things like password managers and email programs. With no clear reason for doing so, researchers Talal Haj Bakry and Tommy Mysk found, the apps deliberately called an iOS programming interface that retrieves text from users' clipboards.
[...] In many cases, the covert reading isn't limited to data stored on the local device. In the event the iPhone or iPad uses the same Apple ID as other Apple devices and are within roughly 10 feet of each other, all of them share a universal clipboard, meaning contents can be copied from the app of one device and pasted into an app running on a separate device.
That leaves open the possibility that an app on an iPhone will read sensitive data on the clipboards of other connected devices. This could include bitcoin addresses, passwords, or email messages that are temporarily stored on the clipboard of a nearby Mac or iPad. Despite running on a separate device, the iOS apps can easily read the sensitive data stored on the other machines.
[...] TikTok's continued snooping has gotten extra scrutiny for other reasons. When called out in March, the video-sharing provider told UK publication The Telegraph it would end the practice in the coming weeks. Mysk said that the app never stopped the monitoring. What's more, a Wednesday Twitter thread revealed that the clipboard reading occurred each time a user entered a punctuation mark or tapped the space bar while composing a comment. That means the clipboard reading can happen every second or so, a much more aggressive pace than documented in the March research, which found monitoring happened when the app was opened or reopened.
A tweet by Jeremy Burge gives an example of how this can be reproduced:
1. Have something on your clipboard. Eg copy some text from Notes or a website
2. Open TikTok and start typing in any text field
3. You learn from iOS 14 beta each time an app "pastes" - but in this instance I didn't request it, and none of that text appears in UI
— Jeremy Burge (@jeremyburge) June 24, 2020
Here is the list of apps (emphasis retained from original) from a researcher's blog post:
List of Apps
This section summarizes the list of apps that snoop on the pasteboard every time the app is opened. The apps are listed alphabetically in the following format:
- App Name — BundleID
- ABC News — com.abcnews.ABCNews
- Al Jazeera English — ajenglishiphone
- CBC News — ca.cbc.CBCNews
- CBS News — com.H443NM7F8H.CBSNews
- CNBC — com.nbcuni.cnbc.cnbcrtipad
- Fox News — com.foxnews.foxnews
- News Break — com.particlenews.newsbreak
- New York Times — com.nytimes.NYTimes
- NPR — org.npr.nprnews
- ntv Nachrichten — de.n-tv.n-tvmobil
- Reuters — com.thomsonreuters.Reuters
- Russia Today — com.rt.RTNewsEnglish
- Stern Nachrichten — de.grunerundjahr.sternneu
- The Economist — com.economist.lamarr
- The Huffington Post — com.huffingtonpost.HuffingtonPost
- The Wall Street Journal — com.dowjones.WSJ.ipad
- Vice News — com.vice.news.VICE-News
- 8 Ball Pool™ — com.miniclip.8ballpoolmult
- AMAZE!!! — com.amaze.game
- Bejeweled — com.ea.ios.bejeweledskies
- Block Puzzle — Game.BlockPuzzle
- Classic Bejeweled — com.popcap.ios.Bej3
- Classic Bejeweled HD — com.popcap.ios.Bej3HD
- FlipTheGun — com.playgendary.flipgun
- Fruit Ninja — com.halfbrick.FruitNinjaLite
- Golfmasters — com.playgendary.sportmasterstwo
- Letter Soup — com.candywriter.apollo7
- Love Nikki — com.elex.nikki
- My Emma — com.crazylabs.myemma
- Plants vs. Zombies™ Heroes — com.ea.ios.pvzheroes
- Pooking – Billiards City — com.pool.club.billiards.city
- PUBG Mobile — com.tencent.ig
- Tomb of the Mask — com.happymagenta.fromcore
- Tomb of the Mask: Color — com.happymagenta.totm2
- Total Party Kill — com.adventureislands.totalpartykill
- Watermarbling — com.hydro.dipping
- TikTok — com.zhiliaoapp.musically
- ToTalk — totalk.gofeiyu.com
- Tok — com.SimpleDate.Tok
- Truecaller — com.truesoftware.TrueCallerOther
- Viber — com.viber
- Weibo — com.sina.weibo
- Zoosk — com.zoosk.Zoosk
- 10% Happier: Meditation —com.changecollective.tenpercenthappier
- 5-0 Radio Police Scanner — com.smartestapple.50radiofree
- Accuweather — com.yourcompany.TestWithCustomTabs
- AliExpress Shopping App — com.alibaba.iAliexpress
- Bed Bath & Beyond — com.digby.bedbathbeyond
- Dazn — com.dazn.theApp
- Hotels.com — com.hotels.HotelsNearMe
- Hotel Tonight — com.hoteltonight.prod
- Overstock — com.overstock.app
- Pigment – Adult Coloring Book — com.pixite.pigment
- Recolor Coloring Book to Color — com.sumoing.ReColor
- Sky Ticket — de.sky.skyonline
- The Weather Network — com.theweathernetwork.weathereyeiphone
Note: the list is not meant to be exhaustive. The researchers surveyed a selection of popular apps. Given how many were found, it is likely there are many more.
The revolutionary Intel 8086 microprocessor was introduced 42 years ago this month so I've been studying its die.1 I came across two 8086 dies with different sizes, which reveal details of how a die shrink works. The concept of a die shrink is that as technology improved, a manufacturer could shrink the silicon die, reducing costs and improving performance. But there's more to it than simply scaling down the whole die. Although the internal circuitry can be directly scaled down,2 external-facing features can't shrink as easily. For instance, the bonding pads need a minimum size so wires can be attached, and the power-distribution traces must be large enough for the current. The result is that Intel scaled the interior of the 8086 without change, but the circuitry and pads around the edge of the chip were redesigned.
The photo below shows an 8086 chip from 1979, and a version with a visibly smaller die from 1986.3 (The ceramic lids have been removed to show the silicon dies inside.) In the updated 8086, the internal circuitry was scaled to about 64% of the original size by length, so it took 40% of the original area. The die as a whole wasn't reduced as much; it was about 54% of the original area. (The chip's package was unchanged, the 40-pin DIP package commonly used for microprocessors of that era.)
Researchers have developed a transgenic rice strain which lowers blood pressure in laboratory rats. Genes from unrelated organisms were artificially introduced into the rice to cause production of ten different blood pressure affecting peptides.
In the future, taking your blood pressure medication could be as simple as eating a spoonful of rice. This "treatment" could also have fewer side effects than current blood pressure medicines. As a first step, researchers reporting in ACS' Journal of Agricultural and Food Chemistry have made transgenic rice that contains several anti-hypertensive peptides. When given to hypertensive rats, the rice lowered their blood pressure.
The rice contains natural ACE inhibitors which help to regulate blood pressure and don't have the side effects often associated with pharmaceutical ACE inhibitors such as "dry cough, headache, skin rashes and kidney impairment."
Two hours after treatment, hypertensive rats showed a reduction in blood pressure, while rats treated with wild-type rice proteins did not. Treatment of rats over a 5-week period with flour from the transgenic rice also reduced blood pressure, and this effect remained 1 week later. The treated rats had no obvious side effects in terms of growth, development or blood biochemistry.
In the United States, Hypertension affects almost half of the adult population and is a primary or contributing cause of death for about half a million people per year.
Hypotensive Activity of Transgenic Rice Seed Accumulating Multiple Antihypertensive Peptides, Journal of Agricultural and Food Chemistry (DOI: 10.1021/acs.jafc.0c01958)
Finland's Radiation and Nuclear Safety Authority (STUK) said it has found small amounts of radioactive isotopes of cobalt, ruthenium and caesium in air samples collected in Helsinki between 16 and 17 June. Radiation authorities in Sweden and Norway have reported similar findings.
Pia Vesterbacka, who heads environmental radiation surveillance at STUK, said there was no cause for alarm as the detected radioactive material was too minute to pose any risk.
"The amount of radioactive particles is very small and has no impact on the environment or human health," she explained.
Samples from Finland's seven other radiation monitoring stations have yet to be analysed.
"Investigations are still ongoing...at this point we would not want to come out and say the radiation originated in Russia," she said.
Also on Radio Free Europe, pointing to a tweet of Lassina Zerbo, the head of the Comprehensive Nuclear-Test-Ban Treaty Organization, tweet that shows a map of the possible source region in the 72h preceding detection.
The bill also addresses state laws blocking municipal and public/private broadband.
From the article:
House Democrats yesterday unveiled a $100 billion broadband plan that's gaining quick support from consumer advocates.
"The House has a universal fiber broadband plan we should get behind," Electronic Frontier Foundation Senior Legislative Counsel Ernesto Falcon wrote in a blog post. House Majority Whip James Clyburn (D-S.C.) announced the Accessible, Affordable Internet for All Act, saying it has more than 30 co-sponsors and "invests $100 billion to build high-speed broadband infrastructure in unserved and underserved communities and ensure that the resulting Internet service is affordable." The bill text is available here [PDF].
In addition to federal funding for broadband networks with speeds of at least 100Mbps downstream and upstream, the bill would eliminate state laws that prevent the growth of municipal broadband. There are currently 19 states [PDF] with such laws. The Clyburn legislation targets those states with this provision:
No State statute, regulation, or other State legal requirement may prohibit or have the effect of prohibiting any public provider, public-private partnership provider, or cooperatively organized provider from providing, to any person or any public or private entity, advanced telecommunications capability or any service that utilizes the advanced telecommunications capability provided by such provider.
The bill also has a Dig Once requirement that says fiber or fiber conduit must be installed "as part of any covered highway construction project" in states that receive federal highway funding. Similar Dig Once mandates have been proposed repeatedly over the years and gotten close to becoming US law, but never quite made it past the finish line.
So Soylentils, Do you have high-speed (100+mb/sec) broadband in your area? If not, what steps have your state/local government taken to get it or, alternatively, block it?
Should the Senate majority support legislation like this? If so, why? If not, why not?
Outrage has greeted media reports that say American intelligence officials believe a Russian military intelligence unit offered bounties to Taliban-linked militants for killing foreign soldiers in Afghanistan, including targeting Americans.
The story first appeared in the New York Times, citing its sources as unnamed officials briefed on the matter, and followed up by the Washington Post. The reports said that the US had come to the conclusion about the operation several months ago and offered rewards for successful attacks last year.
The Times wrote: "The intelligence finding was briefed to Trump, and the White House's National Security Council discussed the problem at an interagency meeting in late March." White House officials apparently drew up several possible options to retaliate against the Kremlin, ranging from a diplomatic reprimand right through to fresh sanctions. However, the White House has so far not taken any action.
It is not clear if bounties were ever paid out for successfully killing American soldiers.
Damascus steel—and modern versions of the steelmaking technique—is generally synonymous with artisan forgework. In traditional Japanese sword-making, for example, the steel is repeatedly folded to produce hundreds or thousands of alternating layers, producing intricate patterns in the finished product. That's not just for the visual effect—the layers alternate between hard-but-brittle and more flexible steel, combining for the best of both worlds.
A new study led by Philipp Kürnsteiner of the Max Planck Institute for Iron Research shows that it is possible to do something very similar with laser additive manufacturing—3D printed metals.
Traditional folded steels combined two steels that varied by carbon content and in their microscale structure, which is controlled by how quickly it cools (by quenching). In this case, the researchers were using a nickel-titanium-iron alloy steel that works well with these 3D printing techniques, in which metal powder is fed onto the work surface and heated with a laser.
[...] The team's idea was to use the layer-by-layer printing process to manipulate the temperatures each layer experienced, alternating softer, more flexible layers with layers hardened by that precipitation process. While printing a cubic chunk of steel, they did this simply by turning the laser off for a couple minutes or so every few layers. The top layer would rapidly cool, converting to the desired crystalline form. Then, as additional layers were added on top, temperatures in the crystalline layer would cycle back up, inducing the precipitation of the nickel-titanium particles.
High-strength Damascus steel by additive manufacturing (DOI: 10.1038/s41586-020-2409-3) (DX)
Australia's Science Agency "The Commonwealth Scientific and Industrial Research Organisation" (CSIRO) is working on cotton plants that grow with an array of natural colors rather than the usual plain white, which requires environmentally problematic dying.
[The cotton is] the product of CSIRO plant breeders dedicated to producing better, sustainable natural fibres that will hopefully one day lead to wrinkle-free, naturally dyed, stretchy cotton to outperform synthetic fabrics.
Colleen MacMillan leads the team of scientists who have cracked cotton's molecular colour code, adding genes to make the plants produce a colour.
Cotton grown without a need to dye it later can have significant environmental advantages.
While cotton is renewable, recyclable and biodegradable, it still needs to be dyed, and the use of sometimes harmful chemical dyes is considered a blot on the industry's environmental copybook.
Particularly significant is the CSIRO team's work to breed naturally black cotton to replace black dyes, which are regarded as the most polluting of textile colours.
The team is also working on wrinkle-free cotton varieties.
The textile industry is considered "the second-most polluting in the world" and clothes are not typically environmentally friendly. Natural cotton clothing breaks down in landfills in as little as three months, but Australian lingerie designer Stephanie Devine notes that, on average
60 per cent of our clothes are actually made of polyester, which lasts 200 years in landfill, and we typically only use natural fibres in 6 per cent of our clothing.
Synthetic biology vs synthetic textiles, would you wear genetically engineered clothing?
The Federal Emergency Management Agency has warned states not to use COVID-19 testing supplies it bought under a $10.2 million contract after a ProPublica investigation last week showed the vendor was providing contaminated and unusable mini soda bottles.
[...] ProPublica reported on June 18 that Fillakit was using plastic preforms, which are expanded with heat and pressure to become 2-liter soda bottles, to fulfill FEMA's contract for testing supplies to be used by states. The bottles were shoveled into the warehouse, then filled with saline in what workers described as unsanitary conditions. Some of the states receiving the lab equipment told ProPublica that even if Fillakit's tubes weren't contaminated, they were simply too big to be used in lab machinery.
[...] The FEMA spokeswoman said the agency continues to provide "critically needed testing supplies in a timely manner to our state and local partners in response to the coronavirus."
FEMA signed its first deal with Fillakit on May 7, just six days after the company was formed by an ex-telemarketer repeatedly accused of fraudulent practices over the past two decades. Fillakit has supplied a total of more than 3 million tubes, which FEMA then approved and sent to all 50 states.
Wexler has previously declined to comment. A ProPublica reporter visited the facility this month and confirmed that workers were using snow shovels to gather up tubes and filling them, all in the open air.
On Tuesday, Sens. Lindsey Graham (R-S.C.), Tom Cotton (R-Ark.), and Marsha Blackburn (R-Tenn.) introduced yet another bill attempting to poke holes in data encryption, called the Lawful Access To Encrypted Data Act. This bill follows previous US efforts to weaken encryption, including March's proposed EARN IT Act and demands made by US Attorney General William Barr in his 2019 keynote address at the International Conference on Cyber Security.
A press release from the Senate Judiciary Committee—which is chaired by Graham—describes the bill as "a balanced solution that keeps in mind the constitutional rights afforded to all Americans, while providing law enforcement the tools needed to protect the public from everyday violent crime and threats to our national security." It goes on to emphasize—in both bold and italic text—that the bill would "only" require service providers to grant law enforcement a back door after a court issues a warrant.
Graham expresses his personal position in strong terms:
Terrorists and criminals routinely use technology, whether smartphones, apps, or other means, to coordinate and communicate [...] tech companies have refused to honor [court orders] and assist law enforcement in their investigations. My position is clear: After law enforcement obtains the necessary court authorizations, they should be able to retrieve information to assist in their investigations. Our legislation respects and protects the privacy rights of law-abiding Americans.
Unfortunately, as is typical for these resolutions, Graham's expressed ideas don't adhere to technological reality. In order for a service provider to "honor and assist" law enforcement investigations in the way Graham demands, it would necessarily—and fatally—have to compromise the very encryption it offered in the first place. This would apply to every consumer the provider services (American or otherwise), whether a warrant were issued or not.
Encryption doesn't work that way
Sens. Lindsay Graham (South Carolina), Tom Cotton (Arkansas) and Marsha Blackburn (Tennessee) introduced the Lawful Access to Encrypted Data Act, which would put an end to what they called "warrant-proof" encryption.
"My position is clear: After law enforcement obtains the necessary court authorizations, they should be able to retrieve information to assist in their investigations," Graham, who is chairman of the Senate Judiciary Committee, said in a statement. "Our legislation respects and protects the privacy rights of law-abiding Americans. It also puts the terrorists and criminals on notice that they will no longer be able to hide behind technology to cover their tracks."
[...] The bill is targeted at companies like Facebook and Apple, which have repeatedly defended their stances by saying they have an obligation to protect the billions of innocent citizens who trust the encryption embedded in their devices and apps to shield their information from public exposure. The tech companies fear that if they provide investigators with a back door past encryption, they'll open up an avenue for bad actors to exploit the entryway.
"End-to-end encryption is a necessity in modern life – it protects billions of messages sent every day on many apps and services, especially in times like these when we can't be together," Facebook said in a statement, according to CNET. "Rolling back this vital protection will make us all less safe, not more. We are committed to continuing to work with law enforcement and fighting abuse while preserving the ability for all Americans to communicate privately and securely."
Republican senators have introduced what they have described as a "balanced" bill that would require technology companies to give law enforcement agencies access to encrypted user data.
Authorities in the United States and other countries have long tried to convince — an in some cases force — tech companies to develop and use encryption that would allow law enforcement to access encrypted data if needed. Experts have argued that adding backdoors to encryption systems would also allow malicious actors to abuse those backdoors, thus defeating the purpose of strong encryption.
Senators Lindsey Graham (R-South Carolina), Tom Cotton (R-Arkansas) and Marsha Blackburn (R-Tennessee) are making another attempt with a new bill introduced on Tuesday, which they have named the Lawful Access to Encrypted Data Act.
They claim the goal of the bill is to "bolster national security interests and better protect communities across the country by ending the use of 'warrant-proof' encrypted technology by terrorists and other bad actors to conceal illicit behavior."
The officials believe that while encryption is "vital" for securing data, communications and financial transactions, law enforcement should be given access to the information they seek if they present a warrant.
[...] On the other hand, security and privacy experts who support the use of end-to-end encryption provide journalists, activists, whistleblowers and members of persecuted groups as examples of individuals for whom strong encryption is crucial.
[...] The Attorney General would be allowed to ask companies to report on their ability to comply with court orders, but it's prohibited from forcing vendors to use specific technical methods.
Moreover, the government would compensate companies for their compliance and the Attorney General would create a prize competition to reward those who create a solution that maximizes privacy and security while allowing lawful access to encrypted data.
A California sex addict is suing the video streaming platform Twitch for $25 million after claiming the site's overabundance of "scantily clad gamers" have caused him to injure his penis, according to the lawsuit.
In the legal document filed at a Santa Clara County court on June 15, San Francisco's Erik Estavillo claimed the Amazon subsidiary had "subjected him to overly suggestive and sexual content from various female streamers."
To cure the "Twitch" in his pants, the self-proclaimed sex addict reportedly resorted to using a Fleshlight to masturbate while watching the salacious gamers, which resulted in him "chaffing" his penis every day.
The plaintiff's randy pastime was "extremely painful" and caused him redness and mild infections that forced him to use "Neosporin on his tip to prevent necrosis," per the 56-page document.
Estavillo alleges in the transcript he even once ejaculated on his PC monitor, which caused his gaming system to short-circuit and resulted in a fire that temporarily caused his apartment to black out.
In response to The Post's request for comment on the allegations, a Twitch spokesman simply stated, "These claims are frivolous and have absolutely no merit".
A large, multinational technology company got a nasty surprise recently as it was expanding its operations to China. The software a local bank required the company to install so it could pay local taxes contained an advanced backdoor.
The cautionary tale, detailed in a report published Thursday, said the software package, called Intelligent Tax and produced by Beijing-based Aisino Corporation, worked as advertised. Behind the scenes, it also installed a separate program that covertly allowed its creators to remotely execute commands or software of their choice on the infected computer. It was also digitally signed by a Windows trusted certificate.
Trustwave didn't identify the two companies that encountered GoldenSpy or the local Chinese bank that required that Intelligent Tax be installed. Representatives of Aisino Corporation didn't immediately respond to an email seeking comment for this post.
"Amid this global movement to end anti-Blackness, we credit these companies for answering our call swiftly and taking a clear stand for what's right so we can hold Facebook accountable for its racist policies," said Rashad Robinson, president of Color of Change, which is one of the groups organizing the boycott.
Almost 100 firms have joined the boycott so far, Robinson said, adding: "Facebook has a decision to make: adopt a civil rights infrastructure or continue to see key advertisers dropping from its platform."
[...] Most recently, the tension between Facebook and the content its users share has come to a head due to messages posted by President Donald Trump and his re-election campaign in the past month, amid nationwide protests in support of Black communities and against police violence. Twitter in late May took action against a Trump tweet by appending a warning that it glorified violence against protesters, in contravention of the site's rules. Facebook, however, took no action against the same content, and the company took heat from both civil rights advocates and employees over that choice.
Apple will start switching its Macs to its own ARM-based processors later this year, but you won't be able to run Windows in Boot Camp mode on them. Microsoft only licenses Windows 10 on ARM to PC makers to preinstall on new hardware, and the company hasn't made copies of the operating system available for anyone to license or freely install.
"Microsoft only licenses Windows 10 on ARM to OEMs," says a Microsoft spokesperson in a statement to The Verge. We asked Microsoft if it plans to change this policy to allow Windows 10 on ARM-based Macs, and the company says "we have nothing further to share at this time."
[...] Apple later confirmed it's not planning to support Boot Camp on ARM-based Macs in a Daring Fireball podcast. "We're not direct booting an alternate operating system," says Craig Federighi, Apple's senior vice president of software engineering. "Purely virtualization is the route. These hypervisors can be very efficient, so the need to direct boot shouldn't really be the concern."