SoylentNews

upstart writes:

This new ransomware targets data visualization tool Jupyter Notebook:

A new strain of Python ransomware is targeting environments using Jupyter Notebook.

Jupyter Notebook is an open source web environment for data visualization. The modular software is used to model data in data science, computing, and machine learning. The project supports over 40 programming languages and is used by companies including Microsoft, IBM, and Google, alongside numerous universities.

Aqua Security's Team Nautilus recently discovered malware that has honed in on this popular data tool.

While Jupyter Notebook allows users to share their content with trusted contacts, access to the app is secured through account credentials or tokens. However, in the same way that businesses sometimes do not secure their AWS buckets, leaving them open for anyone to view, Notebook misconfigurations have also been found.

The Python ransomware targets those that have accidentally left their environments vulnerable.

[...] A Shodan search reveals several hundred internet-facing Jupyter Notebook environments are open and accessible (although some may also be honeypots.)

Original Submission

upstart writes:

AI helps radiologists detect bone fractures:

Artificial intelligence (AI) is an effective tool for fracture detection that has potential to aid clinicians in busy emergency departments, according to a study in Radiology.

Missed or delayed diagnosis of fractures on X-ray is a common error with potentially serious implications for the patient. Lack of timely access to expert opinion as the growth in imaging volumes continues to outpace radiologist recruitment only makes the problem worse.

AI may help address this problem by acting as an aid to radiologists, helping to speed and improve fracture diagnosis.

[...] Dr. Kuo cautioned that research into fracture detection by AI remains in a very early, pre-clinical stage. Only a minority of the studies that she and her colleagues looked at evaluated the performance of clinicians with AI assistance, and there was only one example where an AI was evaluated in a prospective study in a clinical environment.

"It remains important for clinicians to continue to exercise their own judgment," Dr. Kuo said. "AI is not infallible and is subject to bias and error."

Journal References:
Rachel Y. L. Kuo, Conrad Harrison, Terry-Ann Curran, et al. Artificial Intelligence in Fracture Detection: A Systematic Review and Meta-Analysis, Radiology (DOI: 211785)
Jérémie F. Cohen, Matthew D. F. McInnes. Deep Learning Algorithms to Detect Fractures: Systematic Review Shows Promising Results but Many Limitations, Radiology (DOI: 212966)

Original Submission

owl writes:

http://www.lupinia.net/writing/tech/scammed.htm

When discussing scams and social engineering attacks, it's easy for security researchers and experts to present information in a way that implies the victims of these attacks should have known better. It's an attitude borne of biases that many engineers have - myself included - but it's unhelpful and counter-productive. And, as much as we may like to think we'd handle these situations so much better, that's just not true. Security experts - even those with professional experience in social engineering - are not immune to scams. As an example of this, I'd like to share the story of a scam I fell for recently.

The Call

In the early afternoon, after starting my day with an extremely tiring 2-hour meeting, I kicked back for a much-needed break before digging into some writing projects. However, my meditation was interrupted by my phone ringing. Which, in and of itself, was noteworthy - I use a complex web of forwarding numbers and obfuscation to avoid giving out a real phone number as much as possible, and the only people who have my real phone number rarely call me, especially during the day. I checked the caller ID, and it was my bank, Wells Fargo (I know, I know; trust me, they were not my first choice).

I answered, the guy said he was calling from Wells Fargo's Fraud Prevention Department, calling to verify some transactions. He verified my name, he had the last four digits of my debit card number, and everything generally seemed to follow the normal script of a transaction verification call. He rattled off three separate transactions, totalling close to a thousand US dollars, all of which were things I didn't recognize, in a city I've never been to, 1300 miles (2100km) from where I live. So, yeah, definitely fraudulent transactions. He said they'd cancel my debit card and send a new one, and verified the address on file - which he also already had, without me needing to provide it. I've had a bunch of these calls over the years, so nothing weird so far. I figured we were about finished with a very routine and normal fraud call, but it turned out we were just getting started.

Original Submission

upstart writes:

Folding design leads to heart sensor with smaller profile:

As advances in wearable devices push the amount of information they can provide consumers, sensors increasingly have to conform to the contours of the body. One approach applies the principles of kirigami to give sensors the added flexibility.

Researchers want to leverage the centuries-old art of cutting paper into designs to develop a sensor sheet that can stretch and breathe with the skin while collecting electrocardiographic data. In Applied Physics Reviews, the sensor made by researchers in Japan uses cuts in a film made of polyethylene terephthalate (PET) printed with silver electrodes to fit on a person's chest to monitor his or her heart.

"In terms of wearability, by applying kirigami structure in a PET film, due to PET deformation and bending, the film can be stretchable, so that the film can follow skin and body movement like a bandage," said author Kuniharu Takei, from Osaka Prefecture University. "In addition, since kirigami structure has physical holes in a PET film, skin can be easily breathed through the holes."

Unlike the related origami, which involves strictly paper folding, the art of kirigami extends its methods to paper cutting as well. Such a technique allows relatively stiff materials, like PET, to adapt to their surfaces.

Journal Reference:
Yan Xuan, Hyuga Hara, Satoko Honda, et al. Wireless, minimized, stretchable, and breathable electrocardiogram sensor system, Applied Physics Reviews (DOI: 10.1063/5.0082863)

Original Submission

owl writes:

https://hackaday.com/2022/03/30/replaceable-batteries-are-coming-back-to-phones-if-the-eu-gets-its-way/

Back in the day, just about everything that used a battery had a hatch or a hutch that you could open to pull it out and replace it if need be. Whether it was a radio, a cordless phone, or a cellphone, it was a cinch to swap out a battery.

These days, many devices hide their batteries, deep beneath tamper-proof stickers and warnings that state there are "no user serviceable components inside." The EU wants to change all that, though, and has voted to mandate that everything from cellphones to e-bikes must have easily replaceable batteries, with the legislation coming into effect as soon as 2024.

Once upon a time, most batteries in common use were primary cells – single-use items that could not be recharged and were intended to be discarded after use. Naturally, this meant that appliances relying on battery power had provisions to make swapping cells out a quick and easy process.

Fast forward to the modern day. Many of our appliances, and particularly our phones, rely on rechargeable lithium batteries. Since they're rechargeable, manufacturers decided we no longer needed to replace them, and started sealing them away inside devices where they were free from the meddling fingers of the unwashed masses.

Original Submission

upstart writes:

China to launch Einstein Probe in 2023 to observe violent cosmic events - SpaceNews:

A Chinese wide-field x-ray space observatory has passed a major review and is expected to launch next year to detect flashes from cataclysmic cosmic events.

The Einstein Probe is expected to launch around mid-2023 to observe distant, violent interactions such as tidal disruption events—in which stars are pulled apart by supermassive black holes—supernovae, and detect and localize the high-energy, electromagnetic counterparts to gravitational wave events.

A March 25 review session organized by the National Space Science Center (NSSC) under the Chinese Academy of Sciences (CAS) approved the mission to proceed to the spacecraft assembly, integration and testing phase, ahead of an expected launch next year.

The roughly 1,400-kilogram spacecraft will be launched into a 600-kilometer altitude, low inclination orbit. From there it will observe the sky with a Wide-field X-ray Telescope (WXT) with a field of view of 3,600 square degrees, using cutting edge "lobster eye" optics to allow the probe to view X-ray events more widely than previously possible.

The spacecraft will feature onboard data processing and autonomous followup capabilities, meaning the probe's Follow-up X-ray Telescope (FXT), developed in Europe, can be quickly brought to bear after WXT detects an X-ray event.

Original Submission

upstart writes:

Crypto Hacker Siphons $625 Million From Axie Infinity's Ronin Sidechain:

Sky Mavis, the company behind the popular blockchain game Axie Infinity, announced it was the target of a $625 million hack. Taking advantage of vulnerabilities in the Ronin sidechain implementation, the hacker has shimmied away with around 173,600 ETH (valued at $594.6 million) and $25.5 million in U.S. dollars. Experts expect this to be one of the biggest hacks in the relatively short-lived history of cryptocurrency when all cards hit the proverbial table, but it's far from the first.

Axie Infinity is so popular that it's the number one marketplace for NFT collectibles. That puts it ahead of famous marketplaces such as OpenSea, which saw the introduction of the popular Bored Ape Yacht Club (BAYC) NFTs — of which the least expensive one currently goes for ~130 ETH ($356K).

Sidechains (also referred to as L2 chains) are solutions built alongside L1 chains such as Bitcoin, Ethereum and Algorand. These solutions help skirt blockchain congestion by offloading transactions that would occur on the L1 chain to the speedier, usually custom-built sidechains. Also known as Bridges or Wormholes, these allow users to bring their L1 chain funds (in this case, Ethereum) to other blockchain ecosystems. Crypto moved to these chains is locked as collateral, and an equivalent value is minted in whatever token the chain uses to operate. Being relatively stationary targets whose locked value tends to only increase over time, Bridges are particularly attractive targets for bad actors.

upstart writes:

Severe drought and mandatory water cuts are pitting communities against each other in Arizona:

As the climate crisis intensifies, battle lines are beginning to form over water. In Arizona -- amid a decades-long megadrought -- some communities are facing the very real possibility of losing access to the precious water that remains.

Outside the city limits of Scottsdale, where the asphalt ends and the dirt road begins, is the Rio Verde Foothills community. Hundreds of homes here get water trucked in from Scottsdale, but those deliveries will end on January 1, 2023.

That's because last summer, for the first time ever, drought conditions forced the federal government to declare a tier 1 water shortage in the Colorado River, reducing how much Arizona can use.

[...] "We are what I call the 'sacrificial lamb' for the bigger areas," Irwin told CNN. "In my opinion, look somewhere else -- we need to be able to sustain ourselves."

The scarcity of water in the state is pitting small towns against fast-growing metropolitan communities.

[...] Arizona's population growth and extreme drought have increased demand for water in limited supply. Kathleen Ferris, a senior research fellow with the Kyl Center for Water Policy in Arizona, says water scarcity in the state has resulted in the "haves" and the "have nots," and likened the coming water battles to the days of the Wild West. "Once you have your water rights, you defend it," Ferris said. "That's the way it works."

Original Submission

upstart writes:

Why using the oceans to suck up CO2 might not be as easy as hoped:

The world's oceans are amazing carbon sponges. They already capture a quarter of human-produced carbon dioxide when surface waters react with the greenhouse gas in the air or marine organisms gobble it up as they grow.

[...] Other research groups have also recently found that dissolving olivine in filtered and artificial seawater produced less of an increase in alkalinity than expected, the study noted. Still another recent preprint paper found similarly confounding results for other minerals that had been expected to boost ocean alkalinity.

Meanwhile, several additional studies recently raised doubts about a different ocean-based approach: growing seaweed and sinking it to suck up and store away carbon.

Finding viable ways to pull down greenhouse gases will be vital in the coming decades. A National Academies report in December on ocean-based carbon removal noted that the world may need to suck up an additional 10 billion tons annually by midcentury to limit warming to 2 ˚C.

Boosting ocean alkalinity could theoretically remove tens of billions of tons each year on its own, according to the research group Ocean Visions. But the National Academies panel noted that it will require extracting, grinding, and shipping rocks on roughly similar scales, all of which would have substantial environmental consequences as well.

The new studies haven't delivered the final, definitive word on whether any of these methods will be feasible ways of helping to reach those carbon removal targets.

Journal Reference:
Fuhr, Michael, Geilert, Sonja, Schmidt, Mark, et al. Kinetics of Olivine Weathering in Seawater: An Experimental Study, Frontiers in Climate (DOI: 10.3389/fclim.2022.831587)

Original Submission

takyon writes:

Hubble Space Telescope Spots Oldest and Farthest Star Known

Astronomers announced on Wednesday the discovery of the farthest and oldest star ever seen, a dot of light that shined 12.9 billion years ago, or just 900 million years after the Big Bang that gave birth to the universe.

That means the light from the star traveled 12.9 billion light-years to reach Earth.

The finding was part of efforts using the Hubble Space Telescope to search for some of the universe's farthest and earliest galaxies. By a lucky coincidence, the astronomers were able to discern a single star system within one of those galaxies.

[...] The star spotted by Mr. Welch and his colleagues possesses what astronomers call a red shift of 6.2, far higher than the previous record-holder for most distant single star. That star, reported in 2018, had a red shift of 1.5, corresponding to when the universe was about four billion years old.

The researchers nicknamed the new star Earendel — Old English for "morning star." If it is a single star, the astronomers estimate that it is a big one — some 50 times the mass of our sun. It could also be a system of two or more stars.

The alignment of Earendel and the galaxy cluster will persist for years, so Earendel will be one of the targets during the first year of observations by the newly launched James Webb Space Telescope, which has a larger mirror than Hubble and gathers light at the longer infrared wavelengths.

A highly magnified star at redshift 6.2
https://doi.org/10.1038/s41586-022-04449-y

Original Submission

stretch611 writes:

From The Register:

According to a research paper, "What Data Do The Google Dialer and Messages Apps On Android Send to Google?" [PDF] Google Messages (for text messaging) and Google Dialer (for phone calls) have been sending data about user communications to the Google Play Services Clearcut logger service and to Google's Firebase Analytics service.

"The data sent by Google Messages includes a hash of the message text, allowing linking of sender and receiver in a message exchange," the paper says. "The data sent by Google Dialer includes the call time and duration, again allowing linking of the two handsets engaged in a phone call. Phone numbers are also sent to Google."

The timing and duration of other user interactions with these apps has also been transmitted to Google. And Google offers no way to opt-out of this data collection.

Google Messages (com.google.android.apps.messaging) is installed on over a billion Android handsets. It's offered by AT&T and T-Mobile on Android phones in the US and comes preloaded on recent handsets from Huawei, Samsung, and Xiaomi. Similarly, Google Dialer (also known as Phone by Google, com.google.android.dialer) has the same reach.

upstart writes:

What do you do with end-of-life wind turbines? - Technology Org:

Wind turbines are designed to last at least 20 years. However, they may often work far beyond their estimated service life if properly maintained. Sooner or later, however, they will be so marked by wind and weather that they must be taken out of use. And that time has now come for the first large generation of energy-producing wind turbines.

Most parts of the turbine can be reused without problems. Reuse is more problematic when it comes to blades made of composite materials consisting of glass fibres held together by a strong glue like epoxy.

According to a statement from the European Technology and Innovation Platform on Wind Energy (ETIPWind), there will be around 66,000 tonnes of end-of-life wind turbine blades in Europe in 2025, and intensive work is currently being done to find out how they can be given new life rather than simply being deposited in landfills. It is, in fact, not a very good idea to incinerate them as ordinary waste, because it leaves a lot of ash and many fiberglass particles.

Development Engineer Justine Beauson is a materials scientist at DTU. For several years, her field of research has been what to do with end-of-life wind turbine blades. For example, Justine can describe how wind turbine blades—or various parts of them—have been used as exciting structures in playgrounds and— in crushed form—as reinforcement in concrete, as fillers in noise attentuation screens, and the like.

upstart writes:

Finland's Spy Service Warns of Russian Interference, Attacks:

Finland must brace for Russian interference and hybrid attacks as it weighs whether to join the NATO military alliance, the security services warned on Tuesday.

The Nordic nation shares a 1,340-kilometre (830-mile) border with Russia and has remained militarily non-aligned since the end of World War II to avoid provoking its eastern neighbour.

[...] "The whole of Finnish society must be vigilant towards Russian attempts to influence Finnish decision-making regarding the NATO question," Antti Pelttari, head of the Finnish security services Supo, said.

Releasing its updated terrorism threat report, Supo on Tuesday highlighted the danger of "widespread Russian interference and illegal surveillance," but kept the national terror threat at level two, or "elevated", on a scale of four.

[...] Finland has previously been subject to so-called hybrid tactics from Moscow, such as repeated airspace incursions, or the release in 2016 of 1,700 migrants across the Finnish border.

Earlier this month the transport authority Traficom said it had received "numerous" reports from aircraft of GPS interference in eastern Finland, but was unable to identify the source of the interference.

Original Submission

upstart writes:

Quantum Computer Researcher Warns That the Industry Is Full of Ridiculous Hype:

The nascent field of quantum computing generates a steady drumbeat of attention-grabbing headlines about the looming "quantum apocalypse," "quantum supremacy," and endless new investments in ventures that promise to finally crack the commercial capabilities of the tech wide open.

In an excoriating new essay for MIT Tech Review, though, prominent University of Maryland quantum researcher Sankar Das Sarma says that everybody needs to take a deep, deep breath.

The research is fascinating, he writes, and may well eventually lead to extraordinary breakthroughs. But the reality, according to his analysis, is that things are progressing slowly so far and we're unlikely to see anything world-changing from the tech in the near future.

"I am as pro-quantum-computing as one can be: I've published more than 100 technical papers on the subject, and many of my PhD students and postdoctoral fellows are now well-known quantum computing practitioners all over the world," Das Sarma wrote. "But I'm disturbed by some of the quantum computing hype I see these days, particularly when it comes to claims about how it will be commercialized."

Original Submission

upstart writes:

ATLAS Experiment at Large Hadron Collider Seeks Out Unusual Signatures of Long-Lived Particles:

Physicists at the ATLAS experiment are on the hunt for new, long-lived particles to help explain several outstanding mysteries of our Universe. High-energy collisions allow researchers to study heavy particles that decay very quickly, like the Higgs boson. But unlike heavy Standard Model particles – which decay within a few millimeters of the Large Hadron Collider (LHC) collision point – new, long-lived particles (LLPs) could travel sizeable distances through the ATLAS detector before decaying.

Studying the decay of any particle is a complex task, but it is usually made much easier by assuming that it decayed near the LHC collision point. This leaves LLPs in a blind spot, as they could decay anywhere in the detector. Further, as the layers of the ATLAS experiment are instrumented differently, evidence of LLPs would look different depending on which layer the particle decays in.

To ensure no stone is left unturned, ATLAS physicists have devised a range of new strategies to look for LLPs with various possible characteristics. Four new results from this effort have been presented at the recent Lepton-Photon and La Thuile conferences.