SoylentNews

takyon writes:

Russia's space chief is hopping mad over most recent US restrictions

On Monday the US Commerce Department released a list of Chinese and Russian companies that it says have military ties. The list designates 58 Chinese and 43 Russian companies as "military end users" and requires exporters to obtain a license before selling them products. Such licenses are unlikely to be issued.

[...] The list includes several space companies in China and Russia, including the Progress Rocket Space Center in Samara, Russia. This company develops and manufactures the Soyuz rockets that have carried Russian and US astronauts to the International Space Station for the last decade after the US space shuttle retired.

The inclusion of the Soyuz manufacturer drew a swift rebuke from Dmitry Rogozin, the leader of Russia's space corporation, Roscosmos, on Tuesday. In his heated statement, Rogozin said the restrictions were "illegal," and he characterized them as "stupid."

"This Samara enterprise manufactures the legendary Soyuz-2 launch vehicles, with the help of which the Soyuz MS spacecraft has been taking American astronauts to the ISS for 10 years already," he said. "Now, it turns out that our American colleagues have their 'trampoline working' again, and the first thing they did is spit into the Samara well. Isn't it too early, colleagues, in case your 'trampoline' breaks again suddenly and you will have to satisfy your passion for space from our well again?"

Earlier, Rogozin had demonstrated yet again that SpaceX is on his mind:

upstart writes in with an IRC submission:

Major Computing Breakthrough: Copenhagen Researchers Can Now Achieve “Quantum Advantage”:

“We now possess the tool that makes it possible to build a quantum simulator that can outperform a classical computer. This is a major breakthrough and the first step into uncharted territory in the world of quantum physics,” asserts Professor Peter Lodahl, Director of the Center for Hybrid Quantum Networks (Hy-Q).

[...] While the researchers have yet to conduct an actual ‘quantum advantage’ experiment, their article in Science Advances proves that their chip produces a quantum mechanical resource that can be used to reach ‘quantum advantage’ with already demonstrated technology.

To achieve this state demands that one can control about 50 quantum bits, “qubits” — quantum physics’ equivalent of the binary bits of zeros and ones used in our classical computers — in a comprehensive experimental set-up that is well beyond the university’s own financial means.

[...] Various schools exist in the world of qubit development for quantum computers, depending upon which “quantum building blocks” one starts with: atoms, electrons, or photons. Each platform has pros and cons, and it remains difficult to predict, which technology will triumph.

The primary advantage of light-based quantum computers is that technology is already available for scaling up to many qubits because of the availability of advanced photonic chips, which have been developed for the telecom industry. A major challenge to generating photon qubits has been to do so with sufficiently high quality. This is precisely where the Copenhagen researchers achieved their breakthrough.

The main block in performing an actual experiment is funding; they need about 10 million Euro.

Journal Reference:
Ravitej Uppu, Freja T. Pedersen, Ying Wang, et al. Scalable integrated single-photon source [open], Science Advances (DOI: 10.1126/sciadv.abc8268)

Original Submission

martyb writes:

Diamonds are not just for jewelry anymore:

When it comes to the semiconductor industry, silicon has reigned as king in the electronics field, but it is coming to the end of its physical limits.

To more effectively power the electrical grid, locomotives and even electric cars, Lawrence Livermore National Laboratory (LLNL) scientists are turning to diamond as an ultra-wide bandgap semiconductor.

[...] "We said to ourselves 'let's take this pure high quality CVD [(chemical vapor deposition)] diamond and irradiate it to see if we can tailor the carrier lifetime,'" [LLNL physicist Paulius] Grivackas said. "Eventually, we nailed down the understanding of which irradiation defect is responsible for carrier lifetimes and how does the defect behave under annealing at technologically relevant temperatures."

Photoconductive diamond switches produced this way can be used, for example, in the power grid to control current and voltage surges, which can fry out the equipment. Current silicon switches are big and bulky, but the diamond-based ones can accomplish the same thing with a device that could fit on the tip of a finger, Grivickas said.

Journal Reference:
P. Grivickas, P. Ščajev, N. Kazuchits, et al. Carrier recombination and diffusion in high-purity diamond after electron irradiation and annealing, Applied Physics Letters (DOI: 10.1063/5.0028363)

Original Submission

upstart writes in with an IRC submission:

New SUPERNOVA backdoor found in SolarWinds cyberattack analysis:

While analyzing artifacts from the SolarWinds Orion supply-chain attack, security researchers discovered another backdoor that is likely from a second threat actor.

Named SUPERNOVA, the malware is a webshell planted in the code of the Orion network and applications monitoring platform and enabled adversaries to run arbitrary code on machines running the trojanized version of the software.

The webshell is a trojanized variant of a legitimate .NET library (app_web_logoimagehandler.ashx.b6031896.dll) present in the Orion software from SolarWinds, modified in a way that would allow it to evade automated defense mechanisms.

Orion software uses the DLL to expose an HTTP API, allowing the host to respond to other subsystems when querying for a specific GIF image.

[...] The malicious code contains only one method, DynamicRun, which compiles on the fly the parameters into a .NET assembly in memory, thus leaving no artifacts on the disk of a compromised device.

This way, the attacker can send arbitrary code to the infected device and run it in the context of the user, who most of the times has high privileges and visibility on the network.

[...] The researcher adds that taking a valid .NET program as a parameter and in-memory code execution makes SUPERNOVA a rare encounter as it eliminates the need for additional network callbacks besides the initial C2 request.

Original Submission

An anonymous user writes:

Exploring the potential of near-sensor and in-sensor computing systems:

As the number of devices connected to the internet continues to increase, so does the amount of redundant data transfer between different sensory terminals and computing units. Computing approaches that intervene in the vicinity of or inside sensory networks could help to process this growing amount of data more efficiently, decreasing power consumption and potentially reducing the transfer of redundant data between sensing and processing units.

Researchers at Hong Kong Polytechnic University have recently carried out a study outlining the concept of near-sensor and in-sensor computing. These are two computing approaches that enable the partial transfer of computation tasks to sensory terminals, which could reduce power consumption and increase the performance of algorithms.

"The number of sensory nodes on the Internet of Things continues to increase rapidly," Yang Chai, one of the researchers who carried out the study, told TechXplore. "By 2032, the number of sensors will be up to 45 trillion, and the generated information from sensory nodes is equivalent to 10²⁰ bit/second. It is thus becoming necessary to shift part of the computation tasks from cloud computing centers to edge devices in order to reduce energy consumption and time delay, saving communication bandwidth and enhancing data security and privacy."

[...] So far, the work by Chai and his colleagues primarily focused on vision sensors. However, near-sensor and in-sensor computing approaches could also integrate other types of sensors, such as those that detect acoustic, pressure, stain, chemical or even biological signals.

Journal References:
1.) Feichi Zhou, Yang Chai. Near-sensor and in-sensor computing, Nature Electronics (DOI: 10.1038/s41928-020-00501-9)
2). Feichi Zhou, Zheng Zhou, Jiewei Chen, et al. Optoelectronic resistive random access memory for neuromorphic vision sensors, Nature Nanotechnology (DOI: 10.1038/s41565-019-0501-3)
3.) Yang Chai. In-sensor computing for machine vision, Nature (DOI: 10.1038/d41586-020-00592-6)

Original Submission

upstart writes in with an IRC submission for c0lo:

1 in 5 prisoners in the US has had COVID-19, 1,700 have died:

LITTLE ROCK, Ark. (AP) — One in every five state and federal prisoners in the United States has tested positive for the coronavirus, a rate more than four times as high as the general population. In some states, more than half of prisoners have been infected, according to data collected by The Associated Press and The Marshall Project.

As the pandemic enters its 10th month — and as the first Americans begin to receive a long-awaited COVID-19 vaccine — at least 275,000 prisoners have been infected, more than 1,700 have died and the spread of the virus behind bars shows no sign of slowing. New cases in prisons this week reached their highest level since testing began in the spring, far outstripping previous peaks in April and August.

[...] "That number is a vast undercount," said Homer Venters, the former chief medical officer at New York's Rikers Island jail complex.

Venters has conducted more than a dozen court-ordered COVID-19 prison inspections around the country. "I still encounter prisons and jails where, when people get sick, not only are they not tested but they don't receive care. So they get much sicker than need be," he said.

[...] From the earliest days of the pandemic, public health experts called for widespread prison releases as the best way to curb virus spread behind bars. In October, the National Academies of Science, Medicine, and Engineering released a report urging states to empty their prisons of anyone who was medically vulnerable, nearing the end of their sentence or of low risk to public safety.

But releases have been slow and uneven. In the first three months of the pandemic, more than 10,000 federal prisoners applied for compassionate release. Wardens denied or did not respond to almost all those requests, approving only 156 — less than 2%.

upstart writes in with an IRC submission for Runaway1956:

Ötzi the Iceman may have scaled ice-free Alps:

Ötzi the Iceman, a Copper Age wanderer found mummified in the Alps nearly three decades ago, may have lived at a time when the glaciers were advancing down from the highest peaks to the lower slopes of the mountains.

[...] But a new analysis of ice only 7.4 miles (12 kilometers) from where Ötzi was found suggests that only the very highest peaks were covered in glaciers until slightly before the iceman's lifetime. Just a few hundred years before Ötzi was born, nearby mountains may have been ice-free.

[...] The two ice cores analyzed in the new study came from the summit glacier of Weißseespitze in the Austrian part of the Ötzal Alps, at about 11,500 feet (3,500 m) elevation. Bohleber and his colleagues ferried themselves and their equipment to the summit by helicopter and drilled 36 feet (11 m) down to where the ice was frozen fast to the bedrock. This was crucial for a continuous record of ice, because meltwater not only carries away the historical record as it flows but causes the ice to slide and deform, also erasing decades or centuries of data. Fortunately, the ice at the base of the Weißseespitze glacier had never melted[...]

upstart writes in with an IRC submission for carny:

State of Software Security v11:

Over the past 11 years, we have explored the challenges in secure application development against the backdrop of new threats and evolving expectations in our annual State of Software Security report. For the 11th report[*], our focus is to look ahead and identify how developers can continue along their software development journey to make applications better and more secure.

This year, we found that most apps are still vulnerable, fix rates remain slow, and that vulnerabilities in third-party libraries are a growing problem. But we also uncovered data that highlights developer actions that dramatically improve fix rates, even under less than ideal conditions.

Read the report to gain valuable perspective on the state of software security today.

[*] https://info.veracode.com/report-state-of-software-security-volume-11.html

How does your shop's software development process measure up?

Original Submission

upstart writes in with an IRC submission:

A Microsoft executive accidentally exposed one of the ugly truths of tech:

One of the great dangers in tech lies in believing you're a special kind of clever. A Microsoft executive's innocent comment led to some stark revelations about how some people in tech really think.

[...] Sometimes nerds can get on your nerves.

They don't necessarily mean to, but they can have a particularly unfiltered mind that's connected to particularly unfiltered vocal cords.

[...] Here, for example, was a conversation I blundered upon. It involved someone at Microsoft, someone at Starbucks and someone who might want to consider his filters. (And may now have.)

Naturally, the conversation was on Twitter. I don't get to eavesdrop anywhere else these days.

Microsoft senior cloud advocate Chloe Condon saw a tweet that she wanted to applaud. It read: "We once hired a former barista in our #DevOps team. Our dept always had epic coffee."

Condon, amidst a bevy of handclapping emojis, tweeted her reaction: "Hire folks with non-traditional paths to tech."

This seems like an expression of wisdom. Don't you want thinking that's not fomulaic? Don't you need an outside perspective to tell you that, just perhaps, you're not all that? Don't you want someone who doesn't think they know it all?

Oh, but Condon's sentiment found a detractor. Or, at least, a[n] apparent sneerer.

I'm reminded of an old saying, "Those people who think they know everything are so annoying to those of us who do."

The exchanges in the linked story serve up large doses of humble pie, crow, and a side of Schadenfreude. Are there any Soylentils here who would like to confess to having a similar smack-down? Replying as an AC (Anonymous Coward) might be prudent. We could all use a good, self-deprecating laugh as the year 2020 winds to a close.

Original Submission

rigrig made a submission which was the genesis for this story.

The Citizen Lab found that the iPhones of dozens of journalists were hacked using an invisible zero-day zero-click exploit in iMessage.

The Great iPwn -- Journalists Hacked with Suspected NSO Group iMessage 'Zero-Click' Exploit:

Summary & Key Findings

• In July and August 2020, government operatives used NSO Group's Pegasus spyware to hack 36 phones belonging to journalists and employees at Al Jazeera. The phone of a journalist at London-based Al Araby TV was also hacked.
• The phones were compromised using an exploit chain that we call KISMET, which appears to involve an invisible zero-click exploit in iMessage. In July 2020, KISMET was a zero-day against at least iOS 13.5.1 and could hack Apple's then-latest iPhone 11.
• Based on logs from compromised phones, we believe that NSO Group customers also successfully deployed KISMET or a related zero-click, zero-day exploit between October and December 2019.
• The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attribute to Saudi Arabia, and one operator SNEAKY KESTREL that we attribute to the United Arab Emirates.
• We do not believe that KISMET works against iOS 14 and above, which includes new security protections. All iOS device owners should immediately update to the latest version of the operating system.
• Given the global reach of NSO Group's customer base and the apparent vulnerability of almost all iPhone devices prior to the iOS 14 update, we suspect that the infections that we observed were a miniscule fraction of the total attacks leveraging this exploit.

There are other findings which are then followed by an in-depth analysis of a few infections. The story concludes with an admonition to "Update your iOS Device Immediately":

upstart writes in with an IRC submission for c0lo:

Google's antitrust case won't go to trial until Sept. 2023:

The U.S. government's attempt to prove Google has been using its dominance of online search to stifle competition and innovation at the expense of consumers and advertisers won't go to trial for nearly three years.

U.S. District Judge Amit Mehta on Friday set a tentative trial date of Sept. 12, 2023 for the landmark case that the Justice Department filed two months ago.

"This dispels the notion that we would go to trial quickly," said Mehta during a conference call with government and Google lawyers to go over the ground rules for exchanging confidential documents and deposing top Google executives.

He estimated that once the trial begins it will last about 5 1/2 weeks in his Washington, D.C., courtroom.

[...] With the trial still years away, Google will conceivably become an even more imposing force before the federal government and the attorneys general in dozens of states get their day in court. Another antitrust case filed Thursday is seeking to preempt Google's dominance in other still-emerging fields of technology such as voice-activated devices in the home and internet-connected cars. That case is likely to be combined with the Justice Department's.

Original Submission

upstart writes in with an IRC submission for Runaway1956:

What's the biggest group of animals ever recorded on Earth?:

In early 2020, ornithologist Noah Strycker found himself walking amongst several thousand chinstrap penguins on Elephant Island, a remote blip of snow-covered rock just off the Antarctic Peninsula. He was there to carry out a census of the island's penguin colony, which hadn't been properly surveyed since 1970. "I'll never forget the sight, sound, and...smell," joked Strycker, a graduate student at Stony Brook University in New York, as well as a professional bird watcher, and author.

The survey that he and his colleagues eventually produced revealed that chinstrap penguin numbers are in decline. But despite this, this species actually forms the biggest colony of penguins on Earth - gathering in the millions in some Antarctic locations. But counting these animals doesn't daunt Strycker, who has actually developed something of a hobby for this task.

It started a few years ago when he found himself pondering how many starlings were contained in the magical murmurations that these birds form, and which swell and undulate across the evening sky in many parts of the world. "They are quite beautiful. It almost looks like smoke," Strycker told Live Science. "And it just gets you wondering, how many of them are there?" The answer, he discovered, was that there are roughly 1 million in the average murmuration, all soaring and swooping in unison. That discovery spurred Strycker on to answer an even more ambitious question: beyond birds, what's the biggest group of animals ever recorded on Earth?

Answering this question takes us to some very interesting places — back into the past, up into the sky, down into the ocean and sweeping across desert plains. It offers magnificent proof of the abundance of animal life on Earth, but it also points to humanity's role in reducing — and, unexpectedly, increasing it too.

Original Submission

upstart writes in with an IRC submission for c0lo:

Swiss say Uber Eats must register as postal service provider:

Switzerland's postal supervisory authority, PostCom, announced Thursday that the U.S.-based company's Swiss affiliate needs to register as a postal service provider by the end of January, though it can contest the decision.

Following a nearly year-long assessment, PostCom found that at least part of Uber Eats' business falls under postal legislation. Food packages in essence meet the criteria for postal service, and "the nature of the contents isn't relevant when it comes to the properties of a package," PostCom said in a statement.

[...] Previously, Uber Switzerland challenged the obligation to subject itself to Swiss postal law, arguing that it was not in contractual relationship with restaurants for which the deliveries were made, PostCom said.

Original Submission

upstart writes in with an IRC submission:

Lockheed Martin to acquire Aerojet Rocketdyne for $4.4 billion - SpaceNews:

The largest U.S. defense contractor Lockheed Martin announced Dec. 20 it has inked a deal to acquire rocket engine manufacturer Aerojet Rocketdyne for $4.4 billion.

James Taiclet, Lockheed Martin's president and CEO, said the acquisition gives the company a larger footprint in space and hypersonic technology.

He said Aerojet Rocketdyne's propulsion systems already are key components of Lockheed Martin's supply chain across several business areas.

"The proposed acquisition adds substantial expertise in propulsion to Lockheed Martin's portfolio," the company said in a news release.

[...] The acquisition is expected to close in the second half of 2021. It is subject to regulatory approvals and has yet to be approved by Aerojet Rocketdyne's stockholders.

Original Submission

upstart writes in with an IRC submission for Runaway1956:

GitHub removes its annoying cookie banners:

Cookie banners are one of the most annoying parts of browsing the web, forcing you to click accept or deny on multiple sites. Microsoft-owned GitHub is starting to address this aggravation by removing cookie banners from its site this week. "At GitHub, we want to protect developer privacy, and we find cookie banners quite irritating, so we decided to look for a solution," explains GitHub CEO Nat Friedman. "After a brief search, we found one: just don't use any non-essential cookies. Pretty simple, really."

GitHub, which operates independently from Microsoft, has now removed all nonessential cookies, meaning the site doesn't send any information to third-party analytics services. This is a change that's turned into a commitment, so GitHub will only ever use cookies that are required and none to track, display ads, or send information elsewhere.

Original Submission