SoylentNews

Arthur T Knackerbracket has processed the following story:

Scientists have been left perplexed after billions of crabs and crustaceans reportedly disappeared mysteriously in the Bering Sea off the US state of Alaska in the last several years.

Ben Daly, a researcher with the Alaska Department of Fish and Game (ADF&G), told US media outlet CNN the snow crab population shrank from about 8 billion in 2018 to 1 billion in 2021.

“Snow crab is by far the most abundant of all the Bering Sea crab species that is caught commercially,” Daly said. “So the shock and awe of many billions missing from the population is worth noting – and that includes all the females and babies.”

[...] “Environmental conditions are changing rapidly,” Daly told CBS News. “We’ve seen warm conditions in the Bering Sea the last couple of years, and we’re seeing a response in a cold-adapted species, so it’s pretty obvious this is connected. It is a canary in a coal mine for other species that need cold water.”

The sharp drop in their numbers forced the ADF&G last week announced the cancellation of the Alaska snow crab harvest for the first time ever in Alaska, the United States’ largest state.

It said that while there would be “substantial impacts” on harvesters, the department has to balance the impacts with the “need for long-term conservation and sustainability of crab stocks”.

[...] Jamie Goen, executive director of the Alaska Bering Sea Crabbers said some crabbers will be going out of business as a result of the cancellation.

Original Submission

An Anonymous Coward writes:

Sting against Deadbolt ransomware groups provides victims with a way to get encrypted files back without paying up:

Working alongside cybersecurity company Responders.NU, the Dutch National Police obtained 150 decryption keys from ransomware group Deadbolt. 

With the decryption keys now in the hands of law enforcement, some victims of Deadbolt ransomware attacks can retrieve encrypted files and servers without the need to pay cyber-criminal extortionists. 

[...] Police tricked Deadbolt by making Bitcoin payments for decryption keys, receiving the keys, then withdrawing the ransom payments – leaving the cyber criminals without their payments after they had provided the police and cybersecurity researchers with the decryption keys to aid victims of attacks. 

Describing it as a "nasty blow" for cyber criminals, Dutch Police said the operation demonstrates to cyber criminals that they're "in the crosshairs of international law enforcement authorities" and "attempts to move their criminal earnings are not without risks". 

Original Submission

canopic jug writes:

The Internet Systems Consortium (ISC) has announced, with plenty of hints long in advance, that the ISC DHCP Server has reached EOL. The ISC's DHCP software has been available since the late 1990s and is widely used to automate the assignment of IPv4 addresses to a dynamic pool of clients. The article covers the ISC DHCP suite's history and evolution, along with brief biographies of its four main authors over its lifecycle. The main reasons for reaching EOL are that the codebase is very mature at this point and, significantly, the code base has not been designed for testability.

The 4.4.3-P1 and 4.1-ESV-R16-P2 versions of ISC DHCP, released on October 5, 2022, are the last maintenance versions of this software that ISC plans to publish. If we become aware of a significant security vulnerability, we might make an exception to this, but it is our intention to cease actively maintaining this codebase.

[...] The first release of the ISC DHCP distribution in December 1997 included just the DHCP server. Release 2 in June 1999 added a DHCP client and a BOOTP/DHCP relay agent. DHCP 3 was released in October 2001 and included DHCP failover support, OMAPI, Dynamic DNS, conditional behavior, client classing, and more. The 4.0 release in December 2007 introduced DHCPv6 protocol support for the server and client. The client and relay components reached their End-of-Life in January 2022.

The development of ISC DHCP paralleled the development of the protocol in the DHC working group (WG). The DHC working group was founded in 1989 by Ralph Droms, who also wrote IETF RFC 1531, the first version of the Dynamic Host Configuration Protocol; it was standardized in October 1993. DHC is now the oldest WG that still functions.

How is networking managed in the computing environments where you operate? Often they are unavoidable. Which, if any, DHCP server have you switched to in those cases?

Original Submission

upstart writes:

Apple's reliance on China put to test as political pressure freezes new chips plan:

Apple has been trying to rely less on China due to US government pressure. While BGR has been reporting that the Cupertino company is trying to diversify its supply chain from China to India, Taiwan, and other Asian countries, it seems Apple has another reason to keep doing that. A report indicates that the company's plans to use China's YMTC chips have been put on hold due to US political pressure.

According to Nikkei Asia, Apple will no longer use memory chips from China's Yangtze Memory Technologies Co (YMTC) in its products.

The publication explains that "the move comes amid the latest round of US export controls imposed against the Chinese tech sector and is a sign that Washington's crackdown is creating a chilling effect down the supply chain."

In March, it was reported by Bloomberg that Apple was considering for the first time adding a Chinese flash storage maker to its supplier roster:

Original Submission

Arthur T Knackerbracket has processed the following story:

Almost nine in 10 software and DevOps professionals have either quit or considered quitting their job during the past 12 months, a new industry report suggests.

The results from Uniting Cloud's Software Engineer and DevOps Industry Report 2022 found that 50% of developers and DevOps professionals have moved roles in the last year. Of the 50% who have not moved roles, 71% had considered doing do.

Of the 400 UK software developers and DevOps professionals surveyed by Uniting Cloud, just 13% had not considered quitting their job for a new role – meaning 87% of tech professionals have either changed jobs in the past year of thought about doing so.

The survey once again highlights the challenges employers face retaining technology staff as hiring competition escalates.

Reasons for quitting given by respondents included taking advantage of high salaries and benefits packages being offered by employers in return for in-demand tech skills, as well as a reluctance to return to the office.

Survey respondents said they would expect to see a 21.5% increase in salary as a result of moving to a new role. According to Uniting Cloud's data, software engineers with 3-5 years of experience can expect a salary averaging up to £64,000, while professionals with both experience in both software development and DevOps can land a salary of up to £84,000.

"Seasoned" professionals with 6-10 years of experience and skills in both software engineering and DevOps see an average base salary of £97,000 – while professionals with the same years of experience in software development alone can expect £82,000.

Does this reflect your experiences in Europe, USA, or elsewhere?

Original Submission

DannyB writes:

Researchers make cyborg cockroaches that carry their own power packs

Solar cell and a battery can keep the cyborg's electronics running for weeks.

Have you ever thought you'd be seeing a cyborg cockroach that runs on solar power and carries a backpack that looks like an electric circuit? A team of researchers at Japan's RIKEN research institute has turned a regular Madagascar hissing cockroach into a real cyborg insect by connecting a lithium battery, a solar cell, multiple wires, and a tiny electronic circuit. The cyborg can be controlled using Bluetooth signals, and the researchers suggest that, in the future, such robo-bugs could be employed for search-and-rescue missions.

The researchers refer to their cyborg as an insect-computer hybrid system, and it incorporates a living insect as a platform and a mini-electronic system as its controller. Basically, it's a biobot that can be controlled like a robot, but it has the power to explore and navigate a complex environment with the proficiency of an insect.

[...] Whenever the researchers want the cockroach to move, they send a Bluetooth signal to the circuit board, which transmits electric current to the legs via the wires.

[...] other scientists proposed additional types of biorobots ranging from moth robots to cyborg beetles. However, most of these cyborg insects lack energy-harvesting devices on their body because the area and load of the harvesting device considerably impair their mobility. So adding a suitable energy-harvesting device (the solar cell) for recharging the electronic controlling unit on a cyborg insect has been one of the main achievements of their research.

Forget search and rescue. Imagine a data center or giant brain designed to be filled with these for servicing.

Original Submission

Arthur T Knackerbracket has processed the following story:

An international team of scientists including experts from the University of Adelaide has designed a quantum thermometer to measure the ultra-cold temperatures of space and time predicted by Einstein and the laws of quantum mechanics.

The University of Adelaide's Dr. James Q. Quach, Ramsay Fellow, School of Physical Sciences and the Institute for Photonics and Advanced Sensing (IPAS), led the investigation.

"We have designed a quantum thermometer that can measure extremely small changes in temperature," he said. "The theoretical design of the quantum thermometer is based on the same technology used to build quantum computers."

Einstein predicted that the rate at which you perceive time to pass is dependent on the speed at which you are traveling: a person moving very fast ages at a slower rate than someone standing still. This led to his Theory of General Relativity, which says that space and time together act like a fabric that can flex and warp.

The relationship between temperature and acceleration is similar to the relationship between time and speed. Different observers moving at different acceleration would perceive different, albeit minute, difference in temperatures.

Journal Reference:
James Q. Quach, Timothy C. Ralph, and William J. Munro. Berry Phase from the Entanglement of Future and Past Light Cones: Detecting the Timelike Unruh Effect, Phys. Rev. Lett. 129, 160401 (DOI https://doi.org/10.1103/PhysRevLett.129.160401)

Original Submission

upstart writes:

UberEats Adds Weed Delivery to App in Toronto:

Today, Toronto residents age 19 years or older can officially purchase weed on demand from Uber Eats. The food delivery service has partnered with Leafly, an online marijuana retailer, to connect customers with local dispensaries.

According to Leafly, this is the first time marijuana delivery is available on a third-party food ordering platform like Uber Eats. Customers can begin purchasing cannabis products in the Uber Eats app today, with delivery from licensed retailers fulfilled by staff from CanSell, an Ontario-based cannabis retail education program. Leafly and Uber Eats say that this partnership will hopefully help tackle the underground marijuana market as well as encourage people not to drive while high.

"Leafly has been empowering the cannabis marketplace in Canada for more than four years and we support more than 200 cannabis retailers in the GTA.

Original Submission

upstart writes:

After several delays, we are going, eventually:

What's a few more days of waiting for a mission many years in the making? NASA's first giant step in returning humans to the moon could now take place on Nov. 14. On Wednesday, the space agency announced a fresh set of potential launch dates for its uncrewed Artemis I around-the-moon mission.

NASA will roll Artemis I back to out the launchpad at Kennedy Space Center in Florida as early as Nov. 4. The Nov. 14 attempt would mean a nighttime launch with a 69-minute window opening at 12:07 a.m. ET (9:07 p.m. PT on Nov. 13).

Artemis I involves an Orion capsule with no humans on board catching a ride to space on a powerful Space Launch System (SLS) rocket. The whole kit and caboodle has been out to the launchpad multiple times and stumbled through a series of wet dress rehearsals meant to simulate launch conditions.

[...] The Nov. 14 date isn't set in stone. A successful launch will depend on good weather and good behavior from the rocket's systems. NASA has already requested backup launch opportunities for Nov. 16 and Nov. 19 in case the earlier date doesn't work out.

If Artemis I takes off as planned on Nov. 14, it will spend just over 25 days on its mission to stroll around our lunar neighbor, testing Orion's worthiness to carry human passengers for Artemis II. That would put it on track to return to Earth for a splashdown on Dec. 9.

NASA is no doubt hoping this attempt will be the one that finally flies and ushers in the Artemis era in earnest.

NASA press release

Original Submission

upstart writes:

The attack framework of probable Chinese origin used by cybercriminals has been discovered:

A standalone Command and Control (C2) server called "Alchimist" was recently discovered by Cisco Talos. The framework has been designed to run attacks via standalone GoLang-based executables that can be distributed easily. The framework found by Talos contains both the whole web user interface and the payloads.

[...] Alchimist, whose name has been given by its developer, uses GoLang-based assets, which are custom-made embedded packages, to store all the resources needed for its operations as a C2 server. During initialization, all its content is placed in hard coded folders, namely /tmp/Res for the web interface, HTML files and more folders, and /tmp/Res/Payload for its payloads for Windows and Linux operating systems.

A self-signed certificate without any server name is also dropped in the /tmp folder (Figure A), together with its key for use in HTTPS communications. That certificate could be found on five different IP addresses on the Internet at the time of the research, all of them used for Alchimist.

[...] Most common features expected to handle Remote Administration Tool (RAT) malware are implemented in the interface, yet one stands out according to the researchers: The ability to generate PowerShell and wget code snippets for Windows and Linux systems. These commands might be embedded in malicious documents, LNK files or any other kind of files used for initial compromise, and download/install the additional payload provided by the framework: the Insekt RAT.

Arthur T Knackerbracket has processed the following story:

In 1999, 29-year-old Anna Bågenholm survived a body temperature of 13.7 degrees Celsius (56.7 degrees Fahrenheit), after a skiing accident sent her under ice in a river. Her heart did not beat for several hours. The story was later relayed by the BBC.

Now, a group of researchers in Oslo have come closer to explaining what happens in cells that experience deep cooling.

Their work is relevant for both hibernation and accidental hypothermia. It has ramifications for treating trauma patients in hospitals, neurodegenerative diseases like Alzheimer's and Parkinson's and, in the future, might help humans travel in space.

[...] "We started looking at them in our favorite model organism, the nematode Caenorhabditis elegans," he says.

[...] They saw that if they cool the C. elegans in a particular way, they will survive for a very long time without affecting the total lifespan.

[...] "We started looking at what happens in this organism and, while doing genetics on this model, we realized that there are certain manipulations we can do that make the survival of these animals in the cold even more effective."

An Anonymous Coward writes:

The idea that humans could be frozen and later brought back has survived for decades:

When Aaron Drake flew from Arizona to the Yinfeng Biological Group in China’s eastern Jinan province in 2016, he was whisked into a state-of-the-art biotech hub. More than 1,000 staffers—including an army of PhDs and MDs—were working on things like studies of the stem cells in umbilical cord blood. The center specialized in research on human cells, from gene testing to tailored cancer treatments. 

But it also had other plans: cylindrical stainless-steel tanks would eventually contain corpses suspended in liquid nitrogen. The tanks weren’t installed yet, but Yinfeng hoped Drake would help with that while it invested some $7 million to get the new project off the ground. As its high-profile new hire, he was there to guide China’s first forays into cryonics, or freezing corpses for reanimation.

[...] The foundation, and cryonics in general, had long survived outside of mainstream acceptance. Typically shunned by the scientific community, cryonics is best known for its appearance in sci-fi films like 2001: A Space Odyssey. But its adherents have held on to a dream that at some point in the future, advances in medicine will allow for resuscitation and additional years on Earth. [...]

[...] Still, the field remains rooted in faith rather than any real evidence that it works. “It’s a hopeless aspiration that reveals an appalling ignorance of biology,” says Clive Coen, a neuroscientist and professor at King’s College London.

upstart writes:

Critical VM2 flaw lets attackers run code outside the sandbox:

Researchers are warning of a critical remote code execution flaw in 'vm2', a JavaScript sandbox library downloaded over 16 million times per month via the NPM package repository.

The vm2 vulnerability is tracked as CVE-2022-36067 and received a severity rating of 10.0, the maximum score in the CVSS system, as it could allow attackers to escape the sandbox environment and run commands on a host system.

Sandboxes are meant to be an isolated environment that is walled off from the rest of the operating system. However, as developers commonly use sandboxes to run or test potentially unsafe code, the ability to "escape" from this confined environment and execute code on the host is a massive security problem.

[...] "The reporter's POC bypassed the logic above since vm2 missed wrapping specific methods related to the "WeakMap" JavaScript built-in type," the researchers explain in their report.

"This allowed the attacker to provide their own implementation of "prepareStackTrace," then trigger an error, and escape the sandbox."

[...] Software developers are urged to update to the latest VM2 version and replace older releases in their projects as soon as possible.

For end users, it is important to note that it could take a while before virtualization software tools relying on VM2 apply the available security update.

As we saw with Log4Shell, a critical security problem in a widely deployed open-source library may persist for extended periods without the impacted users even knowing they're vulnerable due to the obscurity in the supply chain.

If you use a sandbox solution, check if it relies on VM2 and whether it's using the latest version.

Secure javascript????

Original Submission

upstart writes:

The Court wrestled with who gets to decide the meaning of art:

In 1981 the photographer Lynn Goldsmith took a portrait of Prince. He sits alone on a white background, wearing a blank expression with a glint of light in his eyes. In 1984 Andy Warhol used that photo to create art. Warhol altered the image, adjusting the angle of Prince's face, layering on swaths of color, darkening the edges, and adding hand-drawn outlines and other details in a series of 16 silkscreen prints.

40 years later, the artwork is at the center of a Supreme Court case that could change the course of American art, copyright law, and even the state of the internet. The question is whether Warhol's work was fair use, or if he violated Goldsmith's copyright. In oral arguments on Wednesday, the Court wrestled with the finer points of the issue, and to put it mildly, it's pretty complicated.

Did Warhol create an entirely new work of art, or was it just a derivative reinterpretation of Goldsmith's photo? If the art is found to be derivative, the Warhol Foundation will owe Goldsmith millions in fees, royalties, and perhaps additional damages. But the implications of the Supreme Court's impending decision are a much bigger deal than a few million dollars.

[...] You don't have to pay the original artist if it's fair use, which is determined based on four factors: the purpose you're using it for, the nature of the art, how substantially you used the original work, and how your new art affects the market for the original. The lawyers, in this case, focused on the first and fourth factors, purpose and the market.

upstart writes:

Biotechnology startup TurtleTree wants to change the way people consume milk:

Cows are out—at least as far as milking goes. The replacement: cell-based milk. The company says it is able to create raw milk using cells from mammals. The cells are then grown in TurtleTree's labs and milk is ultimately produced. In giant bioreactors, the cells stick to tiny straws, the fluid is then drawn through the straws, and milk comes out the other end.

[...] Most startups fail, and TurtleTree will need to produce a food product consumers will buy. Alternative dairy products already exist, but Lin said that plant-based milk produces less of important protein components than cows milk.

[...] TurtleTree's products will also need the approval of the federal Food and Drug Administration. Cell-based milk is currently not approved for purchase.

[...] There's been limited research on the market for cell-based milk with one study calling it a niche product. But a niche product with limited sales could still be a financial goldmine in the $871 billion global dairy industry.

[...] But even if everything goes right for TurtleTree, cell-based milk won't be flying off the supermarket shelves without great taste.