2021-01-01 06:28:29 ..
2021-04-13 15:27:03 UTC
2021-04-14 14:00:32 UTC --martyb
We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.
Soviet nostalgia. Their own version of Lord of the Rings from 1991 has been found in an old TV-archive, digitized and uploaded to YouTube. It looks just like what one could expect from a eastern European puppet show from decades ago -- even if it's live action. It only aired once before the collapse of the Soviet Union, not that they are related events. While it doesn't have the production value of the Jackson version, it does have things he chose to cut from the books.
2 Хранители | Часть 1 | Телеспектакль по мотивам повести Д.Р.Р.Толкиена - Keepers | Part 1 | Teleplay based on the novel by J.R.R. Tolkien
3 Хранители | Часть 2 | Телеспектакль по мотивам повести Д.Р.Р.Толкиена - Keepers | Part 2 | Teleplay based on the novel by J.R.R. Tolkien
[Ed Note - Translations via Google Translate. Please provide any corrections in the comments.]
The Guardian reports that a Soviet television adaptation of The Lord of the Rings — thought to have been lost to time — was rediscovered and posted on YouTube last week, delighting Russian-language fans of JRR Tolkien.
The 1991 made-for-TV film, Khraniteli, based on Tolkien’s "The Fellowship of the Ring", is the only adaptation of his Lord of the Rings trilogy believed to have been made in the Soviet Union. Few knew about its existence until Leningrad Television’s successor, 5TV, abruptly posted the film to YouTube last week [part one | part two], where it has gained more than 800,000 views within several days.
In 2020, Slack nearly doubled its paying customer base over the previous year, thanks to the pandemic, and was recently acquired by Salesforce for over $27 billion. But according to Justin Hardin, senior software engineer at Slack, the product originally started as a gaming platform that failed to take off.
"They unfortunately ran out of money and had to lay people off, so they pivoted by asking, 'Which piece of our product works?' And that was the chat aspect," Hardin says on the latest episode of Decoded, OutSystems' podcast for the next generation of developers.
But the app's friendly human tone was inspired by its gaming roots.
"They kept the writer on who was creating the dialogues for the games, and instead had her do the dialogues for the product," he says. "That's how you have this enterprise chat platform with help messages and onboarding that's in a more conversational tone, which helped define the product experience."
[Ed Note - I'm not surprised by this. Slack always felt like a part of a gaming platform to me. - Fnord]
DALLAS (AP) — An unopened copy of Nintendo's Super Mario Bros. that was bought in 1986 and then forgotten about in a desk drawer has sold at auction for $660,000.
[...] The auction house said the video game was bought as a Christmas gift but ended up being placed in a desk drawer, where it remained sealed in plastic and with its hang tab intact until it was found earlier this year.
[...] Heritage said it is the finest copy known to have been professionally graded for auction. Its selling price far exceeded the $114,000 that another unopened copy that was produced in 1987 fetched in a Heritage auction last summer.
Ars Technica elaborates in Sealed Super Mario Bros. shatters record with $660,000 auction sale:
A pristine-condition sealed early copy of Super Mario Bros. sold for a record-shattering $660,000 in an online auction today.
That includes $550,000 to the seller and a $110,000 "Buyers' Premium" paid to Heritage Auctions. The final gavel came after 13 bidders placed 36 distinct bids, including heavy proxy bidding before the live auction commenced Friday afternoon.
The sale obliterates the $156,000 Heritage Auction record for a video game, set by a rare variant of Super Mario Bros. 3 sold last November. Crowdsourced collectibles platform Rally paid $140,000 for a sealed Super Mario Bros. last year, the previous record for that game.
The seller of this sealed copy, who asked to remain anonymous publicly, told Heritage that the game was purchased as a Christmas gift in 1985 and sat untouched at the bottom of a desk drawer for 35 years before being discovered [Update: A representative for Heritage Auctions tells Ars the 1985 date was "an error on our part" and that "The owner must have purchased this game in late 1986"]. "It stayed in the bottom of my office desk this whole time since the day I bought it," the seller told Heritage. "I never thought anything about it."
According to a headline on the answers.yahoo.com web page, Yahoo Answers is shutting down .
Yahoo Answers is shutting down on May 4th, 2021 (Eastern Time) and beginning April 20th, 2021 (Eastern Time) the Yahoo Answers website will be in read-only mode. There will be no changes to other Yahoo properties or services, or your Yahoo account. You can find more information about the Yahoo Answers shutdown and how to download your data on this help page.
Yahoo provided additional details at https://help.yahoo.com/kb/SLN35642.html including:
What's the timeline for this process?
- April 20th - You won't be able to post new Yahoo Answers questions or answer other users' questions.
- May 4th - The website won't be accessible. If you try to access Yahoo Answers on May 4th you'll be redirected to the Yahoo homepage.
[Ed Note - Have any of my fellow soylentils used Yahoo Answers, and if so was it helpful?]
Of all the stellar events in the universe, supernovae are the crucibles of the heavier elements, the ones on which life as we know it depends. They also leave stunningly beautiful remnants, like the Veil Nebula, of which there is a recently-enhanced image from the Hubble Space Telescope. Pic and story at C|Net.
The Hubble Space Telescope has revealed the cosmos in stunning detail over its three decades of service. The telescope's view of the Veil Nebula -- a remnant of a supernova -- has gotten a makeover that reveals previously unseen details of the structure.
The Veil is 2,100 light-years from Earth in the constellation Cygnus, the Swan. It was the subject of a 2015 Hubble image release, but the new look highlights what the European Space Agency (ESA) described as "the nebula's delicate threads and filaments of ionized gas" in a statement this week.
The changes between the two image versions may seem subtle at first, but the delight is in the details. "The new post-processing methods have further enhanced details of emissions from doubly ionized oxygen (seen here in blues), ionized hydrogen, and ionized nitrogen (seen here in reds)," ESA said.
For those who dislike reading, a direct link to the picture.
News at CNN:
Jezero Crater, an ancient lake bed on Mars and the current site of the Perseverance rover and Ingenuity helicopter, can drop to temperatures of minus 130 degrees Fahrenheit. That's low enough to do significant damage to the helicopter's electrical and battery components.
The 4-pound helicopter finally separated on April 3 from the belly of the Perseverance rover, where it has been stashed since before the rover launched from Earth in July.
Ingenuity went through a series of movements to unfold from beneath the rover, which looked like the metamorphosis of a butterfly, before dropping the final 4 inches to the Martian surface.
[...] "This is the first time that Ingenuity has been on its own on the surface of Mars," said MiMi Aung, Ingenuity project manager at NASA's Jet Propulsion Laboratory in Pasadena, California, in a statement. "But we now have confirmation that we have the right insulation, the right heaters, and enough energy in its battery to survive the cold night, which is a big win for the team. We're excited to continue to prepare Ingenuity for its first flight test."
When Ingenuity does fly, which could happen as soon as April 11, it will be the first powered, controlled flight on another planet. In a nod to the first such feat conducted on Earth, Ingenuity carries a swatch of fabric from the Wright brothers' plane, Flyer 1.
Ingenuity, the first rotorcraft sent to Mars, presented a challenge to the engineers who designed it for several reasons. It needed to be small enough to tuck up under the rover without endangering Perseverance's mission, which is the first to search for evidence of ancient microbial life on Mars.
April 11, or 4-11! Or later.
NASA’s Mars Rover Drops Off Ingenuity Helicopter Ahead of Historic Flight
First Flight on Mars? Ingenuity Helicopter Preps for Takeoff
NASA Lays Out Plans for its First Flights on Mars
The topics of security and data have become almost inseparable as enterprises move more workloads to the cloud. But unlocking new uses for that data, particularly driving richer AI and machine learning, will require next-generation security.
To that end, companies have been developing confidential computing to allow data to remain encrypted while it is being processed. But as a complement to that, a security process known as fully homomorphic encryption is now on the verge of making its way out of the labs and into the hands of early adopters after a long gestation period.
Researchers like homomorphic encryption because it provides a certain type of security that can follow the data throughout its journey across systems. In contrast, confidential computing tends to be more reliant upon special hardware that can be powerful but is also limiting in some respects.
Companies such as Microsoft and Intel have been big proponents of homomorphic encryption. Last December, IBM made a splash when it released its first homomorphic encryption services. That package included educational material, support, and prototyping environments for companies that want to experiment.
[...] With FHE, the data can remain encrypted while being used by an application. Imagine, for instance, a navigation app on a phone that can give directions without actually being able to see any personal information or location.
Companies are potentially interested in FHE because it would allow them to apply AI to data, such as from finance and health, while being able to promise users that the company has no way to actually view or access the underlying data.
While the concept of homomorphic encryption has been of interest for decades, the problem is that FHE has taken a huge amount of compute power, so much so that it has been too expensive to be practicable.
But researchers have made big advances in recent years.
[...] Maass said in the near term, IBM envisions FHE being attractive to highly regulated industries, such as financial services and health care.
"They have both the need to unlock the value of that data, but also face extreme pressures to secure and preserve the privacy of the data that they're computing upon," he said.
But he expects that over time a wider range of businesses will benefit from FHE. Many sectors want to improve their use of data, which is becoming a competitive differentiator. That includes using FHE to help drive new forms of collaboration and monetization. As this happens, IBM hopes these new security models will drive wider enterprise adoption of hybrid cloud platforms.
The UK is planning a new attack on end-to-end encryption, with the Home Office set to spearhead efforts designed to discourage Facebook from further rolling out the technology to its messaging apps.
Home Secretary Priti Patel is planning to deliver a keynote speech at a child protection charity's event focused on exposing the perceived ills of end-to-end encryption and asking for stricter regulation of the technology. At the same time a new report will say that technology companies need to do more to protect children online.
[...] The Home Office's move comes as Facebook plans to roll out end-to-end encryption across all its messaging platforms—including Messenger and Instagram—which has sparked a fierce debate in the UK and elsewhere over the supposed risks the technology poses to children.
[...] An early draft of the report, seen by WIRED, says that increased usage of end-to-end encryption would protect adults' privacy at the expense of children's safety, and that any strategy adopted by technology companies to mitigate the effect of end-to-end encryption will "almost certainly be less effective than the current ability to scan for harmful content."
The report also suggests that the government devise regulation "expressly targeting encryption", in order to prevent technology companies from "engineer[ing] away" their ability to police illegal communications.[...]
[...] Since Facebook's announcement on the extension of end-to-end encryption in 2019, Patel has grown increasingly impatient and vocal about the dangers of the technology—publicly calling on Facebook to "halt plans for end-to-end encryption", and bringing up the subject in meetings with her US counterparts and the Five Eyes intelligence alliance of English-speaking countries.
[...] Jim Killock, executive director at digital rights organization Open Rights Group, says he is "worried that the Home Office will be considering using a secret order (TCN) to force Facebook to limit or circumvent their encryption."
"Facebook would be gagged from saying anything," Killock adds. Although the action would be targeted to Facebook only, he thinks that such a move would set a precedent.
[...] Company executives have previously admitted that the increased rollout of end-to-end encryption will reduce the amount of child abuse reports it makes to industry monitoring groups.
"Its full rollout on our messaging services is a long-term project and we are building strong safety measures into our plans," the spokesperson added.
The FBI and the Cybersecurity and Infrastructure Security Agency [(CISA)] said that advanced hackers are likely exploiting critical vulnerabilities in the Fortinet FortiOS VPN in an attempt to plant a beachhead to breach medium and large-sized businesses in later attacks.
"APT actors may use these vulnerabilities or other common exploitation techniques to gain initial access to multiple government, commercial, and technology services," the agencies said Friday in a joint advisory. "Gaining initial access pre-positions the APT actors to conduct future attacks." APT is short for advanced persistent threat, a term used to describe well-organized and well-funded hacking groups, many backed by nation states.
[...] The FBI and CISA provided no details about the APT mentioned in the joint advisory. The advisory also hedges by saying that there is a "likelihood" the threat actors are actively exploiting the vulnerabilities.
Patching the vulnerabilities requires IT administrators to make configuration changes, and unless an organization is using a network with more than one VPN device, there will be downtime. While those barriers are often tough in environments that need VPNs to be available around the clock, the risk of being swept into a ransomware or espionage compromise is significantly greater.
On the ground! The Mars helicopter, Ingenuity, has been dropped from Perseverance onto the Martian surface.
Article at the Verge.
NASA’s Perseverance rover, which is currently roaming around Mars, has dropped off the mini helicopter Ingenuity ahead of the four-pound aircraft’s historic first flight.
Ingenuity dropped four inches from the belly of Perseverance to the surface of Mars.
[...] Now that Ingenuity is separated from Perseverance, it will need to power and heat itself. Ingenuity will draw power from the sun using its onboard solar panels, but its heater will have the tough job of keeping the helicopter warm through the freezing cold nights on Mars, where temperatures can go as low as negative 130 degrees Fahrenheit, according to Bob Balaram, Ingenuity’s chief engineer.
I have no doubt that at some point, in the future, a Martian colonialist kid will find a really neat toy.
Just The Picture.
Google is finally taking steps to limit what applications can scan the application list on your device.
Google has announced another privacy restriction for Play Store apps. Starting this summer, Android 11's new Query_All_Packages permission will be flagged as "sensitive" on the Play Store, meaning Google's review process will restrict it to apps the company feels really need it. Query_All_Packages lets an app read your entire app list, which can contain all sorts of sensitive information, like your dating preferences, banking information, password management, political affiliation, and more, so it makes sense to lock it down.
On a support page, Google announced, "Apps that have a core purpose to launch, search, or interoperate with other apps on the device may obtain scope-appropriate visibility to other installed apps on the device." Google has another page that lists allowable use cases for Play Store apps querying your app list, including "device search, antivirus apps, file managers, and browsers." The page adds that "apps that must discover any and all installed apps on the device, for awareness or interoperability purposes may have eligibility for the permission." For apps that have to interact with other apps, Google wants developers to use more scoped app-discovery APIs (for instance, all apps that support x feature) instead of just pulling the entire app list.
There's also an exception for financial apps like banking apps and P2P wallets, which the page says "may obtain broad visibility into installed apps solely for security-based purposes." We assume this means scanning for root apps. The new policy also states that "[a]pp inventory data queried from Play-distributed apps may never be sold nor shared for analytics or ads monetization purposes."
When will this apply to all applications?
Today's restriction is a great example: the Query_All_Packages permission was added in Android 11, so it only applies to apps targeting Android 11's API level, which is "API Level 30." The Play Store's restrictions, naturally, also only apply to apps targeting API level 30 and up, which probably isn't many apps right now. Shortly after Android 11 is one year old, though (in November 2021), the Play Store will make API level 30 the minimum API level for updating apps, so the permission and the new restrictions will apply to every currently maintained app in the store.
GitHub Actions is currently being abused by attackers to mine cryptocurrency using GitHub's servers in an automated attack.
GitHub Actions is a CI/CD solution that makes it easy to automate all your software workflows and setup periodic tasks.
The particular attack adds malicious GitHub Actions code to repositories forked from legitimate ones, and further creates a Pull Request for the original repository maintainers to merge the code back, to alter the original code. But, an action is not required by the maintainer of the legitimate project for the attack to succeed.
BleepingComputer also observed the malicious code loads a misnamed crypto miner npm.exe from GitLab and runs it with the attacker's wallet address. Additionally, after initially reporting on this incident, BleepingComputer has come across copycat attacks targeting more GitHub projects in this manner.
Here is how it works:
The attack involves first forking a legitimate repository that has GitHub Actions enabled. It then injects malicious code in the forked version, and files a Pull Request for the original repository maintainers to merge the code back. But, in an unexpected twist, the attack does not need the maintainer of the original project to approve the malicious Pull Request.
Perdok says that merely filing the Pull Request by the malicious attacker is enough to trigger the attack. This is especially true for GitHub projects that have automated workflows setup to validate incoming Pull Requests via Actions. As soon as a Pull Request is created for the original project, GitHub's systems would execute the attacker's code which instructs GitHub servers to retrieve and run a crypto miner.
It looks like the validation of the Pull request is what triggers execution of the cryptominer. I wonder how long Github Actions will run a task before killing it?
The case concerned about 12,000 lines of code that Google used to build Android that were copied from the Java application programming interface developed by Sun Microsystems, which Oracle acquired in 2010. It was seen as a landmark dispute over what types of computer code are protected under American copyright law.
Oracle had claimed at points to be owed as much as $9 billion, while Google claimed that its use of the code was covered under the doctrine of fair use and therefore not subject to copyright liability. Android is the most popular mobile operating system in the world.
In addition to resolving a multibillion-dollar dispute between the tech titans, the ruling helps affirm a longstanding practice in software development. But the Court declined to weigh in on the broader question of whether APIs are copyrightable.
Several of the other justices, including Chief Justice John Roberts, suggested they were sympathetic to Oracle's copyright claims.
Still, they appeared reluctant to rule in Oracle's favor because of arguments made by leading computer scientists and Microsoft, in friend-of-the-court briefs, that doing so could upend the industry.
Held: Google's copying of the Java SE API, which included only those lines of code that were needed to allow programmers to put their accrued talents to work in a new and transformative program, was a fair use of that material as a matter of law. Pp. 11–36.
Life was trying, but it wasn't working out. As the Late Devonian period dragged on, more and more living things died out, culminating in one of the greatest mass extinction events our planet has ever witnessed, approximately 359 million years ago.
The culprit responsible for so much death may not have been local, scientists say. In fact, it might not have even come from our Solar System.
[...] In their new work, Fields and his team explore the possibility that the dramatic decline in ozone levels coinciding with the Late Devonian extinction might not have been a result of volcanism or an episode of global warming.
Instead, they suggest it's possible the biodiversity crisis exposed in the geological record could have been caused by astrophysical sources, speculating that the radiation effects from a supernova (or multiple) approximately 65 light-years from Earth may have been what depleted our planet's ozone to such disastrous effect.
Brian D. Fields, Adrian L. Melott, John Ellis, et al. Supernova triggers for end-Devonian extinctions [open], Proceedings of the National Academy of Sciences (DOI: 10.1073/pnas.2013774117)
Researchers have confirmed for the first time that Pine Island Glacier in West Antarctica could cross tipping points, leading to a rapid and irreversible retreat which would have significant consequences for global sea level.
Pine Island Glacier is a region of fast-flowing ice draining an area of West Antarctica approximately two thirds the size of the UK. The glacier is a particular cause for concern as it is losing more ice than any other glacier in Antarctica.
Currently, Pine Island Glacier together with its neighbouring Thwaites glacier are responsible for about 10% of the ongoing increase in global sea level.
Scientists have argued for some time that this region of Antarctica could reach a tipping point and undergo an irreversible retreat from which it could not recover. Such a retreat, once started, could lead to the collapse of the entire West Antarctic Ice Sheet, which contains enough ice to raise global sea level by over three metres.
Rosier, Sebastian H. R., Reese, Ronja, Donges, Jonathan F., et al. The tipping points and early warning indicators for Pine Island Glacier, West Antarctica [open], The Cryosphere (DOI: https://doi.org/10.5194/tc-15-1501-2021)