SoylentNews

upstart writes:

Three iOS 0-days revealed by researcher frustrated with Apple's bug bounty:

Yesterday, a security researcher who goes by illusionofchaos dropped public notice of three zero-day vulnerabilities in Apple's iOS mobile operating system. The vulnerability disclosures are mixed in with the researcher's frustration with Apple's Security Bounty program, which illusionofchaos says chose to cover up an earlier-reported bug without giving them credit.

[...] illusionofchaos says that they've reported four iOS security vulnerabilities this year—the three zero-days they publicly disclosed yesterday plus an earlier bug that they say Apple fixed in iOS 14.7. It appears that their frustration largely comes from how Apple handled that first, now-fixed bug in analyticsd.

[...] According to illusionofchaos, they sent Apple the first detailed report of this bug on April 29. Although Apple responded the next day, it did not respond to illusionofchaos again until June 3, when it said it planned to address the issue in iOS 14.7. On July 19, Apple did indeed fix the bug with iOS 14.7, but the security content list for iOS 14.7 acknowledged neither the researcher nor the vulnerability.

Apple told illusionofchaos that its failure to disclose the vulnerability and credit them was just a "processing issue" and that proper notice would be given in "an upcoming update." The vulnerability and its resolution still were not acknowledged as of iOS 14.8 on September 13 or iOS 15.0 on September 20.

upstart writes:

Mathematician Answers Chess Problem About Attacking Queens:

If you have a few chess sets at home, try the following exercise: Arrange eight queens on a board so that none of them are attacking each other. If you succeed once, can you find a second arrangement? A third? How many are there?

This challenge is over 150 years old. It is the earliest version of a mathematical question called the n-queens problem whose solution Michael Simkin, a postdoctoral fellow at Harvard University's Center of Mathematical Sciences and Applications, zeroed in on in a paper posted in July. Instead of placing eight queens on a standard 8-by-8 chessboard (where there are 92 different configurations that work), the problem asks how many ways there are to place n queens on an n-by-n board. This could be 23 queens on a 23-by-23 board — or 1,000 on a 1,000-by-1,000 board, or any number of queens on a board of the corresponding size.

"It is very easy to explain to anyone," said Érika Roldán, a Marie Skłodowska-Curie fellow at the Technical University of Munich and the Swiss Federal Institute of Technology Lausanne.

Simkin proved that for huge chessboards with a large number of queens, there are approximately (0.143n)ⁿ configurations. So, on a million-by-million board, the number of ways to arrange 1 million non-threatening queens is around 1 followed by about 5 million zeros.

Original Submission

upstart writes:

New report suggests Texas' grid was 5 minutes from catastrophic failure:

The preliminary report has been put together by the Federal Energy Regulatory Commission (FERC) in combination with the North American Electric Reliability Corporation, a nonprofit set up by utilities to help set standards and practices that keep the grid stable. The draft itself isn't being released at this point, but the two have posted a detailed presentation that describes the report's contents. A final version will be released in November.

The outline of February's grid problems is well understood: a severe cold snap raised demand at the same time as it caused failure of many of the generating sources in the area affected. The problems struck a number of states, but only Texas' ERCOT grid suffered severe failures. The neighboring Southwest Power Pool suffered five hours when its demand exceeded its generating capacity, But, because of its tight integration into neighboring grids, it was able to call upon 13 gigawatts of generation capacity in states farther east.

[...] The largest single cause of failures during the event was frozen equipment, which ranged from individual gauges and instruments on large plants to the icing up of wind turbine blades. This accounted for 44 percent of the failures of generating equipment. Mechanical failures accounted for another 20 percent. Between the two was a failure of fuel supplies, accounting for nearly a third of the failures. And "fuel supplies" here primarily means natural gas.

[...] But a major problem was loss of power to the gas distribution and supply system. Apparently, Texas grid operators had taken no steps to identify natural gas facilities and prioritize power delivery to them when starting the rolling blackouts. "Most natural gas production and processing facilities surveyed were not identified as critical load or otherwise protected from load shedding," the report indicates.

Previously:
https://soylentnews.org/article.pl?sid=21/02/15/2347241

Original Submission

upstart writes:

Delta Air Lines calls for carriers to share names of unruly passengers:

Delta Air Lines is calling for an industry-wide effort to keep passengers from boarding competitors' flights after being banned for disruptive behavior.

So far this year, Delta says it has submitted the names of more than 600 banned passengers to the Federal Aviation Administration, which has sought to enforce rules against interfering with flight crews. The industry has seen a surge in poor behavior and banned passengers in recent months, with the bulk of incidents related to face mask requirements.

"We've also asked other airlines to share their 'no fly' list to further protect airline employees across the industry," Delta said in a memo this week. "A list of banned customers doesn't work as well if that customer can fly with another airline."

The company did not say whether sharing of passenger lists should be through the federal government or among companies themselves, and declined to elaborate. Delta said it has more than 1,600 people on its internal no-fly list and did not clarify why it submitted fewer than that to the FAA.

"Marckalada" mentioned by 14th century Italian monk

takyon writes:

Genoan friar knew about America 150 years before Christopher Columbus

Sailors in Christopher Columbus's home town knew about North America more than a century before the explorer discovered the continent, Italian researchers have claimed.

An account by Genoan sailors of a verdant land beyond Greenland "where giants live" has been found in a history of the world written around 1340 by an Italian friar — 152 years before Columbus set foot in the Americas in 1492.

"This astonishing find is the first known report to circulate in the Mediterranean of the American continent, and if Columbus was aware of what these sailors knew it might have helped convince him make his voyage," said Paolo Chiesa, who led the research at the University of Milan.

Journal Reference:
Paolo Chiesa. Marckalada: The First Mention of America in the Mediterranean Area (c. 1340), Terrae Incognitae (DOI: 10.1080/00822884.2021.1943792)

A Monk in 14th-century Italy Wrote About the Americas

upstart writes:

A monk in 14th-century Italy wrote about the Americas:

upstart writes:

Why EFF Flew a Plane Over Apple's Headquarters:

For the last month, civil liberties and human rights organizations, researchers, and customers have demanded that Apple cancel its plan to install photo-scanning software onto devices. This software poses an enormous danger to privacy and security. Apple has heard the message, and announced that it would delay the system while consulting with various groups about its impact.

[...] The delay may well be a diversionary tactic. Every September, Apple holds one of its big product announcement events, where Apple executives detail the new devices and features coming out. Apple likely didn’t want concerns about the phone-scanning features to steal the spotlight.

But we can’t let Apple’s disastrous phone-scanning idea fade into the background, only to be announced with minimal changes down the road. To make sure Apple is listening to our concerns, EFF turned to an old-school messaging system: aerial advertising.

During Apple’s event, a plane circled the company’s headquarters carrying an impossible-to-miss message: Apple, don’t scan our phones! The evening before Apple’s event, protestors also rallied nationwide in front of Apple stores. The company needs to hear us, and not just dismiss the serious problems with its scanning plan. A delay is not a cancellation, and the company has also been dismissive of some concerns, referring to them as “confusion” about the new features.

Original Submission

upstart writes:

Fossilized footprints show humans made it to North America much earlier than first thought:

North and South America were the last continents to be settled by humans, but exactly when that started is a topic that has divided archaeologists.

The commonly held view is that people arrived in North America from Asia via Beringia, a land bridge that once connected the two continents, at the end of the Ice Age around 13,000 to 16,000 years ago. But more recent -- and some contested -- discoveries have suggested humans might have been in North America earlier.

Now, researchers studying fossilized human footprints in New Mexico say they have the first unequivocal evidence that humans were in North America at least 23,000 years ago.

"The peopling of the Americas is one of those things that has been for many years very contentious and a lot of archeologists hold views with almost religious zeal," said Matthew Bennett, a professor and specialist in ancient footprints at Bournemouth University and author of a study on the new findings that published in the journal Science on Thursday.

"One of the problems is that there is very few data points," he added.

Bennett and his colleagues were able to accurately date 61 footprints by radiocarbon dating layers of aquatic plant seeds that had been preserved above and below them. The prints, which were discovered in the Tularosa Basin in White Sands National Park, were made 21,000 to 23,000 years ago, the researchers found.

Journal Reference:
Matthew R. Bennett, David Bustos, Jeffrey S. Pigati, et al. Evidence of humans in North America during the Last Glacial Maximum^[$], Science (DOI: 10.1126/science.abg7586)

Original Submission

upstart writes:

Mapping words to colors:

No language has words for all the blues of a wind-churned sea or the greens and golds of a wildflower meadow in late summer. Globally, different languages have divvied up the world of color using their own set of labels, from just a few to dozens.

The question of how humans have done this -- ascribe a finite vocabulary to the multitude of perceivable colors -- has been long studied, and consistent patterns have emerged, even across wildly divergent languages and cultures. Yet slight differences among languages persist, and what is less understood is how the differing communicative needs of local cultures drive those differences. Do some cultures need to talk about certain colors more than others, and how does that shape their language?

In a new study, researchers led by Colin Twomey, [...] and Joshua Plotkin [...] address these questions, developing an algorithm capable of inferring a culture's communicative needs -- the imperative to talk about certain colors -- using previously collected data from 130 diverse languages.

Their findings underscore that, indeed, cultures across the globe differ in their need to communicate about certain colors. Linking almost all languages, however, is an emphasis on communicating about warm colors -- reds and yellows -- that are known to draw the human eye and that correspond with the colors of ripe fruits in primate diets.

"Their results were so astonishing," Plotkin says. "They demanded explanation."

Substantial research followed, some of which suggested that one major reason for the remarkable similarities between languages' color vocabularies came down to physiology.

"Languages differ, cultures differ, but our eyes are the same," says Plotkin.

But another reason for the overarching similarities could be that humans, regardless of what language they speak, are more interested in talking about certain colors than others.

Journal Reference:
Colin R. Twomey, Gareth Roberts, David H. Brainard, et al. What we talk about when we talk about colors [open], Proceedings of the National Academy of Sciences (DOI: 10.1073/pnas.2109237118)

Original Submission

upstart writes:

Tech giants quietly buy up dozens of companies a year. Regulators are finally noticing.:

A soaring number of mergers and acquisitions, many of them never publicly announced, is overwhelming antitrust regulators, a major problem for the Biden administration’s hopes of intensifying scrutiny of corporate power centers like Silicon Valley.

Already this year, companies across all industries have sought to buy or merge with others worth at least $92 million almost 3,000 times — roughly 40 percent more than before the pandemic in 2019 — according to federal data. Regulators at the Federal Trade Commission, charged with upholding competition laws alongside the Justice Department, are warning they are unable to adequately review this magnitude of activity.

Regulators and antitrust advocates are particularly worried about acquisitions by Silicon Valley giants. While big acquisitions, like Amazon’s plans to purchase MGM, are the subject of press scrutiny and regulatory attention, hundreds of other purchases fly under the radar because of financial market guidelines and antitrust laws, which only require companies to disclose their largest deals. As they seek to take on tech titans’ power, regulators are increasingly paying attention to how tech companies gobble up smaller potential competitors before they have a chance to develop enough to provide consumers with serious alternatives.

But limited resources, and what some regulators consider an outdated antitrust framework, represent a direct threat to the administration’s goal of cracking down on what it sees as excess corporate power in certain industries. The White House, key policymakers such as FTC Chair Lina Khan and progressives on Capitol Hill have signaled intense interest in taking on monopolies, and the inability to keep up with the pace of mergers represents a major challenge.

Courts also have been deeply skeptical of arguments that tech giants are illegal monopolies, issuing two recent decisions rejecting antitrust allegations made against Facebook and Apple.

That means the quiet and rapid acquisitions of other companies by tech giants is having an unforeseen effect on the economy, experts warn.

“We won’t know the effects of the concentration that’s happening for some time, and neither will the general public,” said Krista Brown, a senior policy analyst at the American Economic Liberties Project, a liberal think tank that studies antitrust policy. “If we don’t have a record of what’s happening or what type of oversight and competition enforcement are working, then we will have missed an opportunity to know where things are slipping.”

The FTC requires companies to report every acquisition worth more than $92 million. In a study released Wednesday, the FTC said Microsoft, Apple, Google, Facebook and Amazon together made 616 acquisitions from 2010 to 2019 that fell below that reporting threshold but were worth at least $1 million. Many of those acquisitions probably were never disclosed at all.

Original Submission

DannyB writes:

SpaceX CEO Elon Musk explains why Blue Origin’s Starship lawsuit makes no sense

[....] After the details broke in new court documents filed on Wednesday, SpaceX CEO Elon Musk weighed in on Twitter to offer his take on why the arguments Blue Origin has hinged its lawsuit on make very little sense.

Elon Musk tweeted:

We always do flight readiness reviews! This argument makes no sense.

[....] most of the opening argument is legible. In short, Blue Origin appears to have abandoned the vast majority of arguments it threw about prior to suing NASA and the US government and is now almost exclusively hinging its case on the claim that SpaceX violated NASA’s procurement process by failing to account for a specific kind of prelaunch review before every HLS-related Starship launch.

[....] As Blue Origin has exhaustively reminded anyone within earshot for the last five months, SpaceX’s Starship Moon lander proposal is extremely complex and NASA is taking an undeniable risk (of delays, not for astronauts) by choosing SpaceX. Nevertheless, NASA’s Kathy Lueders and a source evaluation panel made it abundantly clear in public selection statement that SpaceX’s proposal was by far the most competent, offering far a far superior management approach and technical risk no worse than Blue Origin’s far smaller, drastically less capable lander.

[....] Curiously, Blue Origin nevertheless does make a few coherent and seemingly fact-based arguments in the document. Perhaps most notably, it claims that when NASA ultimately concluded that it didn’t have funds for even a single award (a known fact) and asked SpaceX – its first choice – to make slight contract modifications to make the financial side of things work, NASA consciously chose to waive the need for an FRR before every HLS Starship launch. Only via purported cost savings from those waived reviews, Blue Origin claims, was NASA able to afford SpaceX’s proposal – which, it’s worth noting, was more than twice as cheap as the next cheapest option (Blue Origin).

One thing Blue Origin's New Shepard has going for it: suborbital hops don't need a "waste management system".

See also:
Judge Releases Redacted Lunar Lander Lawsuit from Bezos’ Blue Origin Against NASA-SpaceX Contract

Original Submission

Freeman writes:

Apple turns post-lawsuit tables on Epic, will block Fortnite on iOS:

Weeks after Epic's apparent "win" against Apple in the Epic Games v. Apple case, Apple issued a letter denying Epic's request to have its developer license agreement reinstated until all legal options are exhausted. This effectively bans Fortnite and any other software from the game maker from returning to Apple's App Store for years.

Epic was handed an initial victory when the US District Court for Northern California issued an injunction on September 10 ordering Apple to open up in-game payment options for all developers. At the time, the injunction was something of a moral victory for Epic—allowing the developer to keep its in-game payment systems in its free-to-play Fortnite intact while avoiding paying Apple a 30 percent fee that had previously covered all in-app transactions.

But now Epic has faced a significant reversal of fortune.

The better thing would be to ban all micro-transactions. Instead this is more like a couple thieves divvying up the loot from the candy they stole from children. Sure, they didn't "steal anything", but kids aren't allowed to play the slot machines in Casinos, either.

Previously:
Apple Can No Longer Force Developers to Use In-App Purchasing, Judge Rules
Valve Gets Dragged into Apple and Epic’s Legal Fight Over Fortnite
Judge Dismisses Apple’s “Theft” Claims in Epic Games Lawsuit
Microsoft Thumbs its Nose at Apple With New “App Fairness” Policy
Your iPhone Copy of Fortnite is About to Become Out of Date [Updated]
Judge Issues Restraining Order Protecting Unreal Engine Development on iOS
Microsoft Issues Statement in Support of Epic Games to Remain on Apple Ecosystem
Epic-Apple Feud Could Also Affect Third-Party Unreal Engine Games
Fortnite Maker Sues Apple after Removal of Game From App Store

Original Submission

Freeman writes:

Engineers Figured out how to Cook 3D-printed Chicken With Lasers :

Who hasn't dreamt of coming home after a long day and simply pressing a few buttons to get a hot, home-cooked 3D-printed meal, courtesy of one's digital personal chef? It might make microwaves and conventional frozen TV dinners obsolete. Engineers at Columbia University are trying to make that fantasy a reality, and they've now figured out how to simultaneously 3D-print and cook layers of pureed chicken, according to a recent paper published in the journal npj Science of Food. Sure, it's not on the same level as the Star Trek replicator, which could synthesize complete meals on demand, but it's a start.

[...] The scientists purchased raw chicken breast from a local convenience store and then pureed it in a food processor to get a smooth, uniform consistency. They removed any tendons and refrigerated the samples before repackaging them into 3D-printing syringe barrels to avoid clogging. The cooking apparatus used a high-powered diode laser, a set of mirror galvanometers (devices that detect electrical current by deflecting light beams), a fixture for custom 3D printing, laser shielding, and a removable tray on which to cook the 3D-printed chicken.

DannyB writes:

Congress to NASA: What comes after the International Space Station?

Questions of how long the station — already over 20 years old — can last and how international and industry partnerships might drive activity in low Earth orbit (LEO) filled a two-hour hearing held by the House Science, Space and Technology's subcommittee on space and aeronautics on Tuesday (Sept. 21). The International Space Station partners are currently committed to operating the orbiting laboratory until 2024. NASA has long argued that the facility is safe to occupy until at least 2028 and the U.S. space agency's Administrator Bill Nelson has endorsed keeping the station operational until 2030.

But some worry that pushing the lab so far beyond its design lifetime is courting disaster, particularly as a string of incidents have shown the facility's wizened age. (Construction of the station began in 1998.)

[....] "We did experience a gap in our transportation system when we retired the shuttle that we do not wish to repeat with our U.S. human presence in low Earth orbit," Robyn Gatens, NASA's director for the International Space Station (ISS), said during the hearing.

[....] "The first and foremost indicator is that we have commercial LEO destinations to transition to," Gatens said. "That may sound pretty obvious, but that's a prerequisite so that we don't have a gap in low Earth orbit." Other indicators include the structural health of the International Space Station and the development of commercial markets, she said.

What should America do next in space after the ISS?

Original Submission

upstart writes:

Facebook paid FTC $4.9B more than required to shield Zuckerberg, lawsuit alleges:

In a newly unsealed lawsuit, Facebook shareholders allege that the company intentionally overpaid a $5 billion Federal Trade Commission fine to protect CEO Mark Zuckerberg from further government scrutiny.

"Zuckerberg, Sandberg, and other Facebook directors agreed to authorize a multi-billion settlement with the FTC as an express quid pro quo to protect Zuckerberg from being named in the FTC's complaint, made subject to personal liability, or even required to sit for a deposition," the lawsuit says (emphasis in the original). An early draft of the order obtained by The Washington Post through the Freedom of Information Act shows that the commission was considering holding Zuckerberg responsible.

The FTC levied the fine in July 2019 in the wake of the Cambridge Analytica scandal, which saw political operatives harvesting the personal data of 50 million Facebook users without their consent. (The lawsuit says only 0.31 percent of the affected users consented.) The fine (which was a record for privacy-related penalties) was 50 times larger than the maximum prescribed by a previous FTC consent decree, the lawsuit alleges. It was also well in excess of the previous record fine of $168 million.

"Facebook's maximum monetary exposure was $104,751,390—about $4.9 billion less than it agreed to pay," shareholders said in the lawsuit. The overpayment, they said, is a breach of fiduciary duty.

The lawsuit also alleges that, by withholding information about the Cambridge Analytica leak, executives and board members, including Zuckerberg and COO Sheryl Sandberg, engaged in insider trading. "After Zuckerberg learned of Cambridge Analytica's massive extraction of Facebook user data, he and the entities controlled by him significantly accelerated his sales of Facebook shares," the lawsuit says.

DannyB writes:

The NSA and CIA Use Ad Blockers Because Online Advertising Is So Dangerous:

The Intelligence Community has deployed ad-blocking technology, according to a letter sent by Congress and shared with Motherboard.

Lots of people who use ad blockers say they do it to block malicious ads that can sometimes hack their devices or harvest sensitive information on them. It turns out, the NSA, CIA, and other agencies in the U.S. Intelligence Community (IC) are also blocking ads potentially for the same sorts of reasons.

The IC, which also includes the parts of the FBI, DEA, and DHS, and various DoD elements, has deployed ad-blocking technology on a wide scale, according to a copy of a letter sent by Congress and shared with Motherboard.

[...] In addition, Motherboard has reported on how data brokers may obtain information via a process called real-time bidding. Before an advertisement is placed into a person's app or browsing session, companies bid on whether their own advert will win the ad spot. As part of that process, participating companies can gather data on people, known as bidstream data, even if they don't win the ad placement.

[...] "This information would be a goldmine for foreign intelligence services that could exploit it to inform and supercharge hacking, blackmail, and influence campaigns," the letter read.

If the preceding weren't bad enough, digital advertisers make bad tap dancers because they expect to be paid per click.

Original Submission