SoylentNews

DannyB writes:

Piece Falls Off Boeing Starliner as It Trundles Toward Launchpad
That probably wasn't supposed to happen.

Oops!

After years of setbacks, Boeing is finally rolling out its Starliner spacecraft to the launchpad today for its second attempt to rendezvous with the International Space Station.

Doing no favors for the spacecraft's reputation for jankiness, it ran into yet another mishap along the way. While strapped to the back of a large truck, a piece of the capsule's window appeared to pop off, tumbling down to the asphalt, as spotted in footage shared by CBS space news reporter William Harwood.

[....] The procession briefly stopped to check for damage before resuming its journey to Space Launch Complex 41 in Cape Canaveral, Florida.

Boeing later confirmed to Harwood that it was a protective window cover that had fallen off the capsule.

All told, it doesn't sound like a terribly serious issue, but the optics are terrible considering what Boeing has been through with the development of Starliner, its competitor to SpaceX's Crew Dragon capsule.

Hey, first Starliner spacefright crew... don't worry. I'm sure the rest of the Starliner is made to the high standards that we've come to expect from Boeing.

Original Submission

oaklandwatch writes:

We made a mistake, argues developer Andrew Duensing. We let the world's social networks become profit-driven enterprises. "We don't really tolerate it for almost any other centers of community (like book clubs, churches/mosques/temples, running groups, schools)," Duensing says. "But for some reason, we tolerate it as soon as it becomes 1s and 0s?

"I want to show that there isn't necessarily an economic reason it has to be that way."

He's one of several developers who've discovered another secret about social networks: they're actually really easy to build. The article identifies at least three developers who have now coded up their own social networks, just for friends and interaction (and never for profit). Like a backyard barbecue that didn't feel the need for a sponsor.

And because they're privately owned, they can explore entirely new ideas. Alex Ghiculescu and Jillian Schuller are the creators of a special social network designed to be checked just once a week -- on Sunday.

Robert Louis Stevenson once argued that to know what you prefer, "instead of humbly saying 'Amen' to what the world tells you you ought to prefer, is to keep your soul alive." And in the same way, after crafting her own social media platform, Schuller acknowledges that "the experience in building it was very cathartic, and the most contented I've ever felt, building something that I knew was worthwhile."

Original Submission

canopic jug writes:

The sudo project has a short article about fine tuning access and logging for sudo. Sudo can be used for fine grained access to system level utilities and functions, though some distros have made it infamous by intentionally misconfiguring it to stand in for su. Unfortunately the example in the above article comes dangerously close to that by granting root access to the shell, Bash. So the better parts of the article about logging and JSON should be focused on instead:

Sudo had many features to help blue teams in their daily job even before 1.9 was released. Session recordings, plugins and others made sure that most administrative access could be controlled and problems easily detected. Version 1.9 introduced Python support, new APIs, centralized session recordings, however some blind spots still remained. Learn how some of the latest sudo features can help you to better control and log administrative access to your hosts. You will learn about JSON logging in sudo, chroot support, logging sub-commands, and how to work with these logs in syslog-ng.

The sudo blog has more coverage of available features.

Original Submission

hubie writes:

Wi-Fi May Be Coming Soon to a Lamppost Near You:

As Wi-Fi is deployed more widely in cities, and perhaps at higher frequencies, it may depend on an abundant urban asset: streetlight poles.

To help ensure these networks work well, researchers at the National Institute of Standards and Technology (NIST) developed and verified a novel model that will help wireless communications providers analyze how high to attach Wi-Fi equipment to light poles.

In general, the NIST team found that the optimal height depends on transmission frequency and antenna design. Attaching equipment at lower heights of around 4 meters is better for traditional wireless systems with omnidirectional antennas, whereas higher locations 6 or 9 meters up are better for the latest systems such as 5G using higher, millimeter-wave frequencies and narrow-beam antennas.

An international group, the Telecom Infra Project, is promoting the idea of making Wi-Fi available over the unlicensed 60 gigahertz (GHz) frequency band by installing access points on light poles. A technical challenge is that signals in this band, which are higher than traditional cellphone frequencies, are sparse and tend to scatter off rough surfaces.

These systems are becoming more line-of-sight and point-to-point, which means a lot of these will need to be used for a given area. Will lampposts end up looking like the water towers do, all covered in transceivers from every vendor?

Journal Reference:
S. Y. Jun et al., Quasi-Deterministic Channel Propagation Model for 60 GHz Urban WiFi Access from Light Poles, in IEEE Antennas and Wireless Propagation Letters
DOI: 10.1109/LAWP.2022.3171503

Original Submission

Freeman writes:

https://arstechnica.com/tech-policy/2022/05/stung-by-3-court-losses-isps-stop-fighting-california-net-neutrality-law/

The broadband industry has abandoned its lawsuit against California's net neutrality law after a series of court rulings went against Internet service providers.

The four broadband lobby groups that sued California "hereby stipulate to the dismissal of this action without prejudice," they wrote in a filing Wednesday in US District Court for the Eastern District of California. The ISP groups are ACA Connects (formerly the American Cable Association), CTIA-The Wireless Association, NCTA-The Internet & Television Association, and USTelecom.

"After losing three times in federal court, the ISPs have finally realized that they can't overturn California's net neutrality law and that they should just stop trying," Stanford Law Professor Barbara van Schewick wrote, calling the development "a historic win for Californians and the open Internet."

Original Submission

upstart writes:

New method detects deepfake videos with up to 99% accuracy:

Computer scientists at UC Riverside can detect manipulated facial expressions in deepfake videos with higher accuracy than current state-of-the-art methods. The method also works as well as current methods in cases where the facial identity, but not the expression, has been swapped, leading to a generalized approach to detect any kind of facial manipulation. The achievement brings researchers a step closer to developing automated tools for detecting manipulated videos that contain propaganda or misinformation.

Developments in video editing software have made it easy to exchange the face of one person for another and alter the expressions on original faces. As unscrupulous leaders and individuals deploy manipulated videos to sway political or social opinions, the ability to identify these videos is considered by many essential to protecting free democracies. Methods exist that can detect with reasonable accuracy when faces have been swapped. But identifying faces where only the expressions have been changed is more difficult and to date, no reliable technique exists.

[...] The UC Riverside method divides the task into two components within a deep neural network. The first branch discerns facial expressions and feeds information about the regions that contain the expression, such as the mouth, eyes, or forehead, into a second branch, known as an encoder-decoder. The encoder-decoder architecture is responsible for manipulation detection and localization.

More information: Ghazal Mazaheri, Amit K. Roy-Chowdhury, Detection and Localization of Facial Expression Manipulations. arXiv:2103.08134v1 [cs.CV], arxiv.org/abs/2103.08134

Original Submission

upstart writes:

This time, can Boeing's Starliner finally shine?:

Boeing and NASA say the Starliner spacecraft is ready for a do-over flight, with a second uncrewed test mission of the spacecraft now scheduled for May 19.

Nine months have passed since a standard pre-flight check of the spacecraft, then sitting atop a rocket on a launch pad in Florida, found that 13 of 24 oxidizer valves within Starliner's propulsion system were stuck. The discovery was made within hours of liftoff.

Since then, engineers and technicians at Boeing and NASA have worked to fully understand why the valves were stuck and to fix the problem. They found that the dinitrogen tetroxide oxidizer that had been loaded onto the spacecraft 46 days prior to launch had combined with ambient humidity to create nitric acid, which had started the process of corrosion inside the valve's aluminum housing.

On Tuesday, during a teleconference with reporters, officials from Boeing and NASA discussed the steps they have taken to ameliorate the problem for Starliner's upcoming test flight. Michelle Parker, vice president and deputy general manager of Boeing Space and Launch, said the valves remain the same on the vehicle but that technicians have sealed up pathways by which moisture might get inside the propulsion system. They are also purging moisture from the valves using nitrogen gas and loading propellants onto Starliner closer to launch.

With those mitigations undertaken, Starliner will soon be stacked on top of an Atlas V rocket built by United Launch Alliance. Starliner was in fact due to roll out to the Atlas V launch complex in Florida on Wednesday, but Boeing said the rollout was "paused" due to a hydraulic leak on United Launch Alliance's transport vehicle.

Original Submission

Dog Coronavirus Jumps to Humans, With a Protein Shift

upstart writes:

Dog coronavirus jumps to humans, with a protein shift:

A new canine coronavirus was first identified in two Malaysian human patients who developed pneumonia in 2017-18. A group of other scientists isolated the canine coronavirus, sequenced it and published their findings in 2021.

Now, a team led by Cornell and Temple University researchers has identified a pattern that occurs in a terminus of the canine coronavirus spike protein -- the area of the virus that facilitates entry into a host cell: The virus shifts from infecting both the intestines and respiratory system of the animal host to infecting only the respiratory system in a human host.

The researchers identified a change in the terminus -- known as the N terminus -- a region of the molecule with alterations also detected in another coronavirus, which jumped from bats to humans, where it causes a common cold.

The paper, "Recent Zoonotic Spillover and Tropism Shift of a Canine Coronavirus is Associated with Relaxed Selection and Putative Loss of Function in NTD Subdomain of Spike Protein," was published April 21 in the journal Viruses.

"This study identifies some of the molecular mechanisms underlying a host shift from dog coronavirus to a new human host, that may also be important in the circulation of a new human coronavirus that we previously didn't know about," said Michael Stanhope, professor of public and ecosystem health in the College of Veterinary Medicine.

Journal Reference:
Jordan D. Zehr, Sergei L. Kosakovsky Pond, Darren P. Martin, et al. Recent Zoonotic Spillover and Tropism Shift of a Canine Coronavirus Is Associated with Relaxed Selection and Putative Loss of Function in NTD Subdomain of Spike Protein, Viruses (DOI: 10.3390/v14050853)

Bird Flu Found in Colorado Man but Risk to Humans is Low, CDC Says

upstart writes:

Bird Flu Found in Colorado Man but Risk to Humans Is Low, CDC Says:

A man in Colorado has tested positive for the H5N1 avian flu, the US Centers for Disease Control and Prevention and state health officials said Thursday. The man, who's younger than 40 and an inmate at a state correctional facility, had direct exposure to infected poultry at a commercial farm in western Colorado.

The CDC and the Colorado Department of Public Health said the risk to the public remains low. The man is largely asymptomatic but is receiving treatment per CDC guidelines and is being kept away from others.

According to the CDC, this is the second human case "associated with this specific group of H5 viruses," and the first case in the US. H5N1 is the predominant bird flu virus in the world, but it remains rare in humans.

"We want to reassure Coloradans that the risk to them is low," said Dr. Rachel Herlihy, epidemiologist with the Colorado Department of Public Health and Environment, in a release.

Original Submission #1  Original Submission #2 

An Anonymous Coward writes:

Code locker has figured out it's a giant honeypot for miscreants planning supply chain attacks

GitHub has announced that it will require two factor authentication for users who contribute code on its service.

"The software supply chain starts with the developer," wrote GitHub chief security officer Mike Hanley on the company blog. "Developer accounts are frequent targets for social engineering and account takeover, and protecting developers from these types of attacks is the first and most critical step toward securing the supply chain."

Readers will doubtless recall that attacks on development supply chains have recently proven extremely nasty. Exhibit A: the Russian operatives that slipped malware into SolarWinds' Orion monitoring tool and used it to gain access to over 18,000 companies. GitHub has also had its own problems, such as when access to npm was compromised.

Hence its decision to require 2FA "by the end of 2023" for users who commit code, open or merge pull requests, use Actions, or publish packages. GitHub already offers 2FA, requires contributors of popular packages (including npm) to employ it, and states that 16.5 per cent of active users already employ the technique.

Original Submission

upstart writes:

Facebook employees knew that a computer-curated feed increased the time users spent on the social network—and that it led to unhealthy behaviors:

This piece is part of Gizmodo's ongoing effort to make the Facebook Papers available to the public. See the full directory of documents here.

In a presentation dated May 6, 2018, a Facebook employee asked, "Is Ranking Good?"

"Probably. Even asking the question feels slightly blasphemous at Facebook," the same employee answered in smaller text below. "So many experiments and product launches demonstrate the value of ranking that it's [sic] value is often taken as an article of faith."

[...] . The presentation is part of the Facebook Papers, a trove of documents that offer an unprecedented look inside the most powerful social media company in the world. [...]

Today, as part of a rolling effort to make the Facebook Papers available publicly, Gizmodo is releasing a second batch of documents—37 files in all. In our first drop, we shared 28 files related to the 2020 election and the Jan 6. attack on the U.S. Capitol. [...]

Today's batch offers insight into how Meta chooses to rank the content submitted by its users. It's a system that very few people seem to understand, a problem that the company appears short on clues how to solve. [...]

Original Submission

upstart writes:

Is there a First Amendment right to assemble in the metaverse?:

In front of Samsung's headquarters this February, dozens of protesters marched in red shirts with "MoneyFestation" written on the front, holding signs that say, "I Have A Scream."

The shirt was designed by Azerbaijani poet and artist Babi Badalov. Combining the words money, infestation, and manifestation, Badalov and supporters were rallying to criticize rampant capitalism and consumerism.

But the protest didn't take place in the Samsung headquarters in South Korea; instead, it was at their digital headquarters in the virtual town of Decentraland within the depths of the metaverse.

The protesters were digital avatars, and their shirts were minted non-fungible tokens (NFTs) that were distributed among the protesters for free as a commentary on the commodification of art.

[...] Schweiger said the group was protesting big tech companies that are encroaching on what is supposed to be decentralized, digital land.

Corporations such as Samsung act in contradiction to the decentralization of the internet, which Superflus sees as a major actor in "colonizing [the metaverse], bringing along consumerism, (digital) inequality, exclusion, and extraction."

[...] The new and exciting ways to protest in the metaverse also bring a new set of challenges and concerns. As extended reality technology continues to develop and become more ubiquitous, there are questions about human rights within virtual reality.

upstart writes:

This California Greenhouse is Run by Robots - ExtremeTech:

Northern California-based Iron Ox was born from the realization that conventional American agriculture negatively impacts the environment in a multitude of ways. The type of farming most of us are familiar with uses as much as 70 percent of the world's fresh water supply and produces up to 1.19 gigatons of greenhouse gasses every year. [...]

Iron Ox uses two house-designed, AI-supported robots to perform most repetitive farming tasks and ensure resources are used efficiently. The first of these, called Grover, makes up the brawn of Iron Ox's robotic crew. Able to lift more than 1,000 pounds, Grover helps move plant "modules" (i.e. planter boxes) around the greenhouse. Grover also helps water and harvest crops in tandem with Phil, the company's brainier robot farmer. Phil monitors and delivers each module's water, nutrient mix, and pH levels to maximize crop yield and quality while making sure resources aren't overused.

[...] As with any other setting, the integration of robots into agriculture raises concerns regarding job displacement. Conventional farming has long presented employment opportunities for lower-income communities and immigrants; [...] The company says farming is facing a labor crisis as young workers turn away from grueling, environmentally detrimental work, and that its technology may very well present a more positive alternative.

Original Submission

upstart writes:

Attackers Use Event Logs to Hide Fileless Malware:

Researchers have discovered a malicious campaign utilizing a never-before-seen technique for quietly planting fileless malware on target machines.

The technique involves injecting shellcode directly into Windows event logs. This allows adversaries to use the Windows event logs as a cover for malicious late stage trojans, according to a Kaspersky research report released Wednesday.

Researchers uncovered the campaign in February and believe the unidentified adversaries have been active for the past month.

"We consider the event logs technique, which we haven't seen before, the most innovative part of this campaign," wrote Denis Legezo, senior security researcher with Kaspersky's Global Research and Analysis Team.

[...] The first stage of the attack involves the adversary driving targets to a legitimate website and enticing the target to download a compressed .RAR file boobytrapped with the network penetration testing tools called Cobalt Strike and SilentBreak. Both tools are popular among hackers who use them as a vehicle for delivering shellcode to target machines.

[...] Next, attackers are then able to leverage Cobalt Strike and SilentBreak to "inject code into any process" and can inject additional modules into Windows system processes or trusted applications such as DLP.

[...] What is new is new, however, is how the encrypted shellcode containing the malicious payload is embedded into Windows event logs. To avoid detection, the code "is divided into 8 KB blocks and saved in the binary part of event logs."

Look what I can do! writes:

"We are especially proud to present you Tails 5.0, the first version of Tails based on Debian 11 (Bullseye). It brings new versions of a lot of the software included in Tails and new OpenPGP tools."

Original Submission

upstart writes:

Every ISP in the US has been ordered to block three pirate streaming services:

A federal judge has ordered all Internet service providers in the United States to block three pirate streaming services operated by Doe defendants who never showed up to court and hid behind false identities.

The blocking orders affect Israel.tv, Israeli-tv.com, and Sdarot.tv, as well as related domains listed in the rulings and any other domains where the copyright-infringing websites may resurface in the future. The orders came in three essentially identical rulings (see here, here, and here) issued on April 26 in US District Court for the Southern District of New York.

Each ruling provides a list of 96 ISPs that are expected to block the websites, including Comcast, Charter, AT&T, Verizon, and T-Mobile. But the rulings say that all ISPs must comply even if they aren't on the list [...].

[...] The plaintiffs are United King Film Distribution, D.B.S. Satellite Services (1998), HOT Communication Systems, Reshet Media, and Keshet Broadcasting. While the plaintiffs "transmit their programming in an encrypted form," the defendants' "various services and hardware permit end-user consumers to bypass the Plaintiffs' encryption to view Plaintiffs' content," the rulings said.

The judge ordered domain registrars and registries to transfer the domain names to the plaintiffs. The rulings include injunctions against "third parties providing services used in connection with Defendants' operations," including web hosts, content delivery networks, DNS providers, VPN providers, web designers, search-based online advertising services, and others.

Original Submission