SoylentNews

An Anonymous Coward writes:

https://www.ghacks.net/2022/05/17/nvidia-releases-security-update-for-out-of-support-gpus/

Nvidia published a security bulletin on May 16, 2022 in which it informs customers about a new software security update for the Nvidia GPU display driver. The update patches security issues in earlier driver versions that can lead to "denial of service, information disclosure, or data tampering".

[...] In this particular case, Nvidia released security updates for Kepler-series graphics adapters that it no longer supports officially with Game Ready Drivers.

The company retired most products belonging to the GTX 600 and GTX 700 Kepler series in 2021. The first Kepler-based video cards were released in 2012 by Nvidia.

"Windows and Linux versions of the drivers are affected according to the security bulletin."

[...] The security bulletin lists a total of ten vulnerabilities in Nvidia GPU display drivers. Most are vulnerabilities in the kernel mode layer on Windows and Linux devices, while some address security issues in the DirectX11 user mode driver on Windows, or a vulnerability in the ECC layer.

Open source drivers and now legacy support? What's going on here?

Original Submission

upstart writes:

Proposed improvements to SiC MOSFET power converter technology overcome existing challenges:

Transistors, which are devices that control or amplify electrical signals and power, are one of the most ubiquitous components of modern electronics. The most widely used transistor is known as the MOSFET, which stands for metal–oxide–semiconductor field-effect transistor. MOSFETs have been in use since the 1960s and have typically relied on silicon to act as a semiconductor. The latest iteration of the MOSFET uses silicon carbide as a semiconductor, known as SiC MOSFET. This has many advantages, but it has not been widely adopted for medium-voltage power conversion. This is because of several challenges associated with SiC MOSFETs that researchers hope to solve by combining novel technologies.

SiC MOSFETs offer many advantages over traditional transistors. Compared to the current technology, SiC MOSFETs can meet the demands of modern electronics by improving efficiency and power density. However, if you were to just switch out the current technology for SiC MOSFETs as is, there would not be enough of a benefit to justify the transition. In order to get the most out of SiC MOSFETs and expand their use across a wide range of applications, researchers employed novel control technologies and strategies to improve how the SiC MOSFETs work in medium-voltage applications.

[...] "For medium-voltage power conversion, 10 kV SiC MOSFETS have inherent superiorities, such as high breakdown voltage, fast switching, high temperature operation, and low specific on-state resistance," said paper author Slavko Mocevic, a researcher at the ABB Corporate Research Center in Raleigh, NC in the United States.

[...] By overcoming challenges like electromagnetic interference, high switching frequency, fast voltage transitions, and the need for high-voltage insulation, the SiC MOSFET technology can be more broadly applied to medium-voltage converters. Looking ahead, Mocevic said, "The immediate next step is to improve performance and fully understand the behavior of this converter to ensure stable operations in all situations for all targeted applications. The ultimate goal is to develop a family of medium-voltage circuit networks that utilize SCC and ICBT control that can fully utilize the power processing capacity of SiC devices. This will effectively tackle the lack of circuit solutions currently barring their adoption."

Journal Reference:
Design of a 10 kV SiC MOSFET-based high-density, high-efficiency, modular medium-voltage power converter, (DOI: 10.23919/IEN.2022.0001)

Original Submission

upstart writes:

GPDPR data scrape a 'mistake', says leading scientist:

Significant elements of the initially proposed General Practice Data for Planning and Research (GPDPR) programme to collect patient data from general practitioners in England to help improve frontline care in the NHS has been branded "wrong" and a "mistake" by one of the UK's most noted scientists.

The GPDPR programme was heavily criticised last year by privacy experts and others who said it presented an unacceptable level of security risk, and that the public had not been adequately informed of the plans.

Had it gone ahead in its initial form, the resulting database would have contained substantial amounts of personally identifiable information (PII) on millions of people, including diagnoses, symptoms, observations, test results, medications, allergies, immunisations, referrals, recalls and appointments.

It would also have included information on physical, mental and sexual health, data on gender, ethnicity and sexual orientation, and data on staff who have treated patients.

upstart writes:

Russian tanks are using chips from household appliances due to sanctions:

[...] In a Senate hearing on Wednesday, the US Secretary of Commerce Gina Raimondo cited Ukrainians who found semiconductors from dishwashers and refrigerators in Russian tanks. Ukrainian officials say these are substitutes for components Russian manufacturers can't get due to international sanctions.

Raimondo said US technology exports to Russia have sunk by almost 70 percent since Russia started its invasion in late February. Moreover, spokesperson from the US Commerce department Robyn Patterson said US component shipments to Russia have fallen by 85 percent in the last year. Raimondo said the Ukrainian findings prove the sanctions are successfully diminishing Russia's war effort.

Complying with sanctions, computer companies like Intel, AMD, IBM, TSMC, and GlobalFoundries also stopped chip sales to Russia.

[...] Russia isn't the only entity cannibalizing appliances to fill chip deficiencies. Last month, ASML CEO Peter Wennik admitted that some companies are repurposing chips from washing machines to compensate for the ongoing global chip shortage.

https://www.techspot.com/news/94301-asml-ceo-companies-ripping-out-chips-washing-machines.html

Last year, TSMC chairman Mark Liu said various distributors and go-betweens had been stockpiling chips throughout the pandemic. Liu also didn't mention names, but both TSMC and ASML are close with an extensive network of partners and customers. They have long warned that geopolitical instability and sanctions imposed on countries like China and Russia would push companies to create even more chaos in the tech supply chain.

Lam Research CEO Timothy Archer echoed Wennink's remark that supply-related delays will affect how much factory equipment can be manufactured in the coming months. Even if companies like TSMC, Samsung, and Intel could somehow secure enough tooling for their new factories, major wafer suppliers won't be able to keep up with demand until 2024.

Original Submission

hubie writes:

Pharmacists at Higher Risk of Suicide than General Population, Study Finds:

[...] In the first study to report pharmacist suicide rates in the United States, researchers from Skaggs School of Pharmacy and Pharmaceutical Sciences at University of California and UC San Diego School of Medicine found that suicide rates are higher among pharmacists compared to the general population, at an approximate rate of 20 per 100,000 pharmacists compared to 12 per 100,000 in the general population. [...]

The figures are based on data from 2003 through 2018, collected by the Centers for Disease Control and Prevention's National Violent Death Reporting System. Study authors expect numbers to be even higher in subsequent years due to the additional stressors of the pandemic, and are currently evaluating more recent data.

[...] For pharmacists, Lee said job problems reflect significant changes in the industry in recent years, with more pharmacists employed by hospitals and chain retailers than small, private pharmacies more common in the past. The responsibilities of a pharmacist have also grown considerably, with larger volumes of pharmaceuticals to dispense and increasing demands to administer vaccines and other health care services.

"Pharmacists have many more responsibilities now, but are expected to do them with the same resources and compensation they had 20 years ago," said Lee. "And with strict monitoring from state and federal regulatory boards, pharmacists are expected to perform in a fast-paced environment with perfect accuracy. It's difficult for any human to keep up with that pressure."

Journal Reference:
Kelly C. Lee, Gordon Y. Ye, Amanda Choflet, et al., Longitudinal analysis of suicides among pharmacists during 2003-2018, J Am Pharm Assoc, 2022
DOI: 10.1016/j.japh.2022.04.013

Original Submission

upstart writes:

Micron's new 3D NAND flash could usher in a rapid new generation of SSDs:

Micron has revealed it has developed 3D NAND flash with a whopping 232 layers, which will enter full-scale production later this year.

[...] The company has not yet provided performance specs for its 232-layer device, but implied that speeds will exceed those of its current 3D NAND products, paving the way for rapid and capacious new SSDs.

NAND flash is a type of non-volatile memory that features in all kinds of storage devices, from memory cards, USB sticks and portable drives to SSDs for devices and servers.

The general idea behind NAND flash development is to reduce cost per capacity and increase storage density, effectively eliminating the use cases for traditional hard disk drives.

[...] SSDs powered by the new 3D NAND flash are expected to come to market at some point in 2023.

Original Submission

upstart writes:

If they ever hit our roads for real, other drivers need to know exactly what they are:

It will soon become easy for self-driving cars to hide in plain sight. The rooftop lidar sensors that currently mark many of them out are likely to become smaller. Mercedes vehicles with the new, partially automated Drive Pilot system, which carries its lidar sensors behind the car's front grille, are already indistinguishable to the naked eye from ordinary human-operated vehicles.

[...] We could argue that, on principle, humans should know when they are interacting with robots. [...] If self-driving cars on public roads are genuinely being tested, then other road users could be considered subjects in that experiment and should give something like informed consent. Another argument in favor of labeling, this one practical, is that—as with a car operated by a student driver—it is safer to give a wide berth to a vehicle that may not behave like one driven by a well-practiced human.

There are arguments against labeling too. A label could be seen as an abdication of innovators' responsibilities, implying that others should acknowledge and accommodate a self-driving vehicle. And it could be argued that a new label, without a clear shared sense of the technology's limits, would only add confusion to roads that are already replete with distractions.

upstart writes:

We finally have an image of the black hole at the heart of the Milky Way:

Astronomers announced May 12 that they have finally assembled an image of the supermassive black hole at the center of our galaxy.

"This image shows a bright ring surrounding the darkness, the telltale sign of the shadow of the black hole," astrophysicist Feryal Özel of the University of Arizona in Tucson said at a news conference announcing the result.

The black hole, known as Sagittarius A*, appears as a faint silhouette amidst the glowing material that surrounds it. The image reveals the turbulent, twisting region immediately surrounding the black hole in new detail. The findings also were published May 12 in 6 studies in the Astrophysical Journal Letters.

[...] . By combining about 3.5 petabytes of data, or the equivalent of about 100 million TikTok videos, captured in April 2017, researchers could begin to piece together the picture. To tease out an image from the initial massive jumble of data, the EHT team needed years of work, complicated computer simulations and observations in various types of light from other telescopes.

[...] . This won't be the last eye-catching image of Sgr A* from EHT. Additional observations, made in 2018, 2021 and 2022, are still waiting to be analyzed.

"This is our closest supermassive black hole," Haggard says. "It is like our closest friend and neighbor. And we've been studying it for years as a community. [This image is a] really profound addition to this exciting black hole we've all kind of fallen in love with in our careers."

Journal Reference:
Six papers in ApJ Lett, 2022

See also:
Wits scientists in the team that made the first image of the black hole in the centre of our galaxy
Astronomers reveal first image of the black hole at the heart of our galaxy
Groundbreaking image of black hole Sagittarius A* enhanced by UTSA physics professor Richard Anantua's research
First Image of the Beastly Black Hole at the Heart of Our Galaxy
Sagittarius A* Revealed

Original Submission

Phoenix666 writes:

SpinLaunch has released onboard footage from its eighth kinetic launch test:

SpinLaunch has released on-board footage from its eighth suborbital flight test, giving us a unique opportunity to imagine what it'd be like to be hurled skyward out of a centrifugal accelerator at more than a thousand miles per hour.

Rockets are big, dangerously explosive, and environmentally hazardous – and there are other ways to get stuff up into orbit. Green Launch, for example, is planning to get satellites into orbit within just 10 minutes, by replacing the first-stage rocket booster with a hydrogen-powered hypersonic impulse launch cannon that can fire a launch vehicle upwards at more than 17 times the speed of sound.

The approach is meant to lower costs for getting materiel into orbit.

Original Submission

upstart writes:

Open source community sets out path to secure software:

The open source community has presented a 10-point plan to improve the security and resilience of its software, bringing together more than 90 executives from 37 organisations, alongside US government officials, at a summit in Washington DC.

[...] OpenSSF executive director Brian Behlendorf added: "What we are doing here together is converging a set of ideas and principles of what is broken out there and what we can do to fix it. The plan we have put together represents the 10 flags in the ground as the base for getting started. We are eager to get further input and commitments that move us from plan to action."

The 10-point plan, which can be read in full on OpenSSF's website, is as follows:

1. To deliver baseline secure software development education and certification;
2. To establish a public, supplier-neutral, objective-metrics-based risk assessment dashboard for 10,000 widely used open source software (OSS) components;
3. To accelerate the adoption of digital signatures on OSS releases;
4. To eliminate the root causes of many vulnerabilities by replacing non-memory-safe languages;
5. To establish an OpenSSF-backed incident response team to help open source projects respond to vulnerability disclosures;
6. To improve the ability of maintainers and experts to discover new vulnerabilities in open source projects;
7. To establish a programme of third-party code audits and remediation for up to 200 of the most-critical OSS components;
8. To coordinate industry-wide data sharing to improve how the community goes about determining what the most-critical OSS components actually are;
9. To improve the adoption of software bill of materials (SBOM) tooling and training;
10. And finally, to enhance the 10 most-critical OSS build systems, package managers and distribution systems with improved supply chain security tools and practices.

Commenting on the plan, Mike Hanley, chief security officer (CSO) at GitHub, said: "Securing the open source ecosystem starts with empowering developers and open source maintainers with tools and best practices that are instrumental to securing the software supply chain.

Original Submission

upstart writes:

The Good, the Bad, and the Ugly: Twitter Users React to Elon Musk Putting Buyout Deal 'On Hold':

Following Tesla CEO Elon Musk's announcement Friday that he has placed his buyout of Twitter "on hold," many across social media were quick to react to the news.

Breitbart News reported earlier today that Tesla and SpaceX CEO Elon Musk has tweeted that his deal to purchase Twitter is currently "on hold" while an investigation into the number of bots and spam accounts on Twitter is completed. Twitter claimed in a recent filing that less than five percent of its daily active users were fake or spam accounts, now Musk appears to want to confirm this claim, which is lower than most estimates.

"Twitter deal temporarily on hold pending details supporting calculation that spam/fake accounts do indeed represent less than 5% of users," Musk said in a tweet. He later added, "Still committed to acquisition."

Original Submission

hubie and upstart both write:

Findings may lead to reconsideration of how we treat acute pain:

Using anti-inflammatory drugs and steroids to relieve pain could increase the chances of developing chronic pain, according to researchers from McGill University and colleagues in Italy. Their research puts into question conventional practices used to alleviate pain. Normal recovery from a painful injury involves inflammation and blocking that inflammation with drugs could lead to harder-to-treat pain.

[...] "In analyzing the genes of people suffering from lower back pain, we observed active changes in genes over time in people whose pain went away. Changes in the blood cells and their activity seemed to be the most important factor, especially in cells called neutrophils," says Luda Diatchenko a Professor in the Faculty of Medicine, Faculty of Dentistry, and Canada Excellence Research Chair in Human Pain Genetics.

"Neutrophils dominate the early stages of inflammation and set the stage for repair of tissue damage. Inflammation occurs for a reason, and it looks like it's dangerous to interfere with it," says Professor Mogil, who is also a member of the Alan Edwards Centre for Research on Pain along with Professor Diatchenko.

AnonTechie writes:

The National Security Agency's cybersecurity chief has claimed that next-generation encryption standards under development in the US will be unbreachable, even by the American government's own spies. The National Security Agency has been involved in parts of the process but insists it has no way of bypassing the new standards.

"There are no backdoors," said Rob Joyce, the NSA's director of cybersecurity at the National Security Agency, in an interview. A backdoor enables someone to exploit a deliberate, hidden flaw to break encryption. An encryption algorithm developed by the NSA was dropped as a federal standard in 2014 amid concerns that it contained a backdoor.

The new standards are intended to withstand quantum computing, a developing technology that is expected to be able to solve math problems that today's computers can't. But it's also one that the White House fears could allow the encrypted data that girds the U.S. economy – and national security secrets – to be hacked.

Bloomberg

[Related]:
EXECUTIVE ORDER 14028, IMPROVING THE NATION'S CYBERSECURITY

QUANTUM HEGEMONY ? China's Ambitions and the Challenge

Would you agree with the un-breachable encryption FUD that is being brandied about in this article ? If it is encrypted by humans, it can be decrypted by humans !!

Original Submission

takyon writes:

UK's Royal Mail to deliver post by drone on 50 new routes

The UK's Royal Mail has announced plans to open 50 postal routes serviced by delivery drones over the next three years as part of a wider objective of deploying over 500 UAVs to carry letters and parcels to remote localities in the country.

Royal Mail said drone delivery of post will initially be introduced to the Shetland Islands, Orkney Islands, Hebrides, and the Isles of Scilly. That latter destination was selected by the 507-year-old public service last year to first trial postal flights by UAVs between Cornwall and the archipelago, located 30 miles to the south. Since then, Royal Mail has additionally operated test programs to Scotland's Isle of Mull and Orkney Islands.

Most of those Royal Mail trials have been in partnership with drone delivery and air taxi infrastructure company Skyports, which operated the Mull flights after earlier transporting medical materials to far-flung UK destinations during spikes in the COVID-19 pandemic.

Pending approval from the UK's Civil Aviation Authority, Royal Mail will start phasing in postal drone deliveries across more than 50 designated routes in coming months. It will operate flights with drone manufacturer and service provider Windracers, which participated in earlier trials.

The company's 10-meter, fixed wing UAVs can carry up to 100 kg of post over a maximum range of 70 miles. The craft were used in a trial last month to the Orkney island of Unst, flying 50 miles each way.

Original Submission

upstart writes:

Some top 100,000 websites collect everything you type:

When you sign up for a newsletter, make a hotel reservation, or check out online, you probably take for granted that if you mistype your email address three times or change your mind and X out of the page, it doesn't matter. Nothing actually happens until you hit the Submit button, right? Well, maybe not. As with so many assumptions about the web, this isn't always the case, according to new research: A surprising number of websites are collecting some or all of your data as you type it into a digital form.

Researchers from KU Leuven, Radboud University, and University of Lausanne crawled and analyzed the top 100,000 websites, looking at scenarios in which a user is visiting a site while in the European Union and visiting a site from the United States. They found that 1,844 websites gathered an EU user's email address without their consent, and a staggering 2,950 logged a US user's email in some form. Many of the sites seemingly do not intend to conduct the data-logging but incorporate third-party marketing and analytics services that cause the behavior.

[...] "If there's a Submit button on a form, the reasonable expectation is that it does something—that it will submit your data when you click it," says Güneş Acar, a professor and researcher in Radboud University's digital security group and one of the leaders of the study. "We were super surprised by these results. We thought maybe we were going to find a few hundred websites where your email is collected before you submit, but this exceeded our expectations by far."