2022-07-02 10:17:28 ..
2022-10-05 12:33:58 UTC
2022-10-05 14:04:11 UTC --fnord666
We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.
Although many believed the war in Ukraine would be over in mere days, we are closing in on a year of vicious fighting. Early on, Ukraine gained a notable advantage over the Russian invaders: connectivity. Access to SpaceX's Starlink satellite internet has allowed the Ukrainian Army to keep lines of communication open and control drone aircraft. A new report appears to show Ukraine has gotten even more creative with Starlink, modifying one of the dishes to mount it aboard a drone.
[...] KCPN claims the hardware is a high-performance dish, which SpaceX only started providing to Starlink RV customers in December. However, our friends at PCMag believe it's more likely to be a standard Starlink dish. In either case, the antenna has been freed of its plastic housing to make it easier to fit on the drone. The drone also contains a Raspberry Pi 4 single-board computer and a CubePilot module for flight control.
With an integrated Starlink dish, the drone would have had internet access anywhere it could see open sky. That would allow it to be controlled from anywhere in the world. It could even supply Wi-Fi access to Ukrainian positions on the ground. However, drone aircraft don't have exceptional battery life even before you start wiring satellite dishes to them — it's unclear how long the autonomous vehicle could have operated. This probably runs afoul of some provision in the end-user license agreement for Starlink's terminals, but Ukraine has bigger problems.
The good news: New York State recently passed landmark right to repair legislation that should improve consumer access to independent repair options. The bad news: despite passing the state assembly 147–2 and the senate 59–4, lobbyists managed to convince NY Governor Kathy Hochul to dramatically water down the legislation before it was passed, rendering it largely useless.
[...] Paul Roberts is the founder of SecuRepairs, a coalition of IT and cybersecurity professionals who advocate for consumers' right to repair. In an op-ed over in the Times Union, he lambasts Hochul for falling victim to industry's claims that improved repair options and more transparent access to tools and documentation poses a threat to U.S. consumers:
As they have done on the road to burying more than 100 proposed pieces of repair legislation in 40 states since 2014, anti-repair groups argued – without evidence – that such information, if made available to owners and independent repair providers, would lead to cyberattacks and the theft of consumer data.
Had the governor and her staff had no other information to guide them in making their decision, we might forgive them for erring on the side of caution. But the governor and her staff knew that the manufacturers' arguments were bogus. I should know: My group told them.
The original Digital Fair Repair Act required that manufacturers that already provide security codes and passwords to their authorized repair providers to also provide them at a reasonable price to the owners of covered devices and to independent repair providers.
Industry has long claimed that manufacturer-authorized repair options are more reliable and secure than independent repairs or repairs carried out by technology owners. Hochul bowed to these concerns, despite a recent FTC report making it clear these claims are completely false. Worse, non-transparent repair options make it more likely security threats won't be noticed before they're a problem.
New research has been published on the organic analysis of the Winchcombe meteorite which crashed landed onto a driveway in Winchcombe, Gloucestershire in 2021. [...]
In the study, the analysis found a range of organic matter which reveals that the meteorite was once from part of an asteroid where liquid water occurred, and if it that asteroid had been given access to the water, a chemical reaction could have occurred leading to more molecules turning into amino acids and protein - the building blocks of life.
[...] "Winchcombe belongs to a rare type of carbonaceous meteorite which typically contains a rich inventory of organic compounds and water. The first Winchcombe meteorite stone was recovered within 12 hours of the fireball observation event and properly curated to restrict any terrestrial contamination. This allowed us to study the organic signature truly essential to the meteorite itself.
"Studying the organic inventory of the Winchcombe meteorite provided us with a window into the past, how simple chemistry kick started the origin of life at the birth of our solar system. Discovering these life's precursor organic molecules allowed us to comprehend the fall of similar material to the surface of the Earth, prior to the emergence of life on our own planet.
Queenie H. S. Chan, Jonathan S. Watson, Mark A. Sephton, et al., The amino acid and polycyclic aromatic hydrocarbon compositions of the promptly recovered CM2 Winchcombe carbonaceous chondrite [open], Meteorit Planet Sci, 2023. DOI: https://doi.org/10.1111/maps.13936
Turning off Waze or your favorite GPS app and using an old-fashioned map may be the best way to fight Alzheimer's disease, a new study reveals:
Researchers at McMaster University say orienteering, an outdoor sport that exercises the mind and body through navigation puzzles, can train the brain and stave off cognitive decline. The aim of orienteering is to navigate between checkpoints or controls marked on a special map. In competitive orienteering, the challenge is to complete the course in the quickest time.
For older adults, scientists say the sport — which sharpens navigational skills and memory — could become a useful intervention measure to fight off the slow decline related to dementia onset. They believe the physical and cognitive demands of orienteering can stimulate parts of the brain our ancient ancestors used for hunting and gathering.
The human brain evolved thousands of years ago to adapt to harsh environments by creating new neural pathways, the McMaster team explains. Those same brain functions are not always necessary today, however, thanks to GPS apps and food being readily available.
Unfortunately, the team says these skills fall into a "use it or lose it" situation.
[...] People who participated in orienteering displayed better spatial navigation and memory skills, suggesting that adding elements of wayfinding into their daily routines benefited them over their lifetime.
Emma E. Waddington, Jennifer J. Heisz. Orienteering experts report more proficient spatial processing and memory across adulthood, PLOS ONE (DOI: 10.1371/journal.pone.0280435)
Super gonorrhea has infected people in the United States for the first known time. This week, Massachusetts public health officials announced the discovery of two gonorrhea cases appearing to display increased resistance to all known antibiotic classes that can be used against it. These cases were thankfully still curable, but it's the latest reminder that this common sexually transmitted infection is becoming a more serious threat.
Gonorrhea, caused by the namesake bacteria Neisseria gonorrhoeae, is the second most commonly reported STI in the U.S., with 677,769 cases documented in 2020. Many infected people don't experience illness, but initial symptoms can include a discolored discharge from the genitals, painful or burning urination, and rectal bleeding if caught from anal sex. When gonorrhea is left untreated, it raises the risk of more serious complications, like damage to the reproductive tract in women and swollen testicles in men, both of which can lead to infertility. And when it's passed down from mother to child, the infection can be fatal or cause blindness in newborns.
[...] These cases are likely only a warning of what's to come. Some of the important genetic markers seen in this novel strain have been spotted in pan-resistant cases from Europe and Asia, which shows that these mutations are continuing to spread around the world. Gonorrhea rates in general have increased year after year in the U.S. And perhaps most worryingly, no clear connection between the two Massachusetts cases has been found, indicating that these strains may already be circulating past the point where they could be easily contained.
People are increasingly trying to grow both food and clean energy on the same land to help meet the challenges of climate change, drought and a growing global population that just topped 8 billion. This effort includes agrivoltaics, in which crops are grown under the shade of solar panels, ideally with less water.
Now scientists from the University of California, Davis, are investigating how to better harvest the sun — and its optimal light spectrum — to make agrivoltaic systems more efficient in arid agricultural regions like California.
Their study, published in Earth's Future, a journal of the American Geophysical Union, found that the red part of the light spectrum is more efficient for growing plants, while the blue part of the spectrum is better used for solar production.
[...] "Today's solar panels take all the light and try to make the best of it. But what if a new generation of photovoltaics could take the blue light for clean energy and pass the red light onto the crops, where it is most efficient for photosynthesis?"
[...] "We cannot feed 2 billion more people in 30 years by being just a little more water-efficient and continuing as we do," Abou Najm said. "We need something transformative, not incremental. If we treat the sun as a resource, we can work with shade and generate electricity while producing crops underneath. Kilowatt hours become a secondary crop you can harvest."
Matteo Camporese, Majdi Abou Najm, Not All Light Spectra Were Created Equal: Can We Harvest Light for Optimum Food-Energy Co-Generation? [open], Earth's Future, 10, 2022. DOI: https://doi.org/10.1029/2022EF002900
In another sign that the tide may be finally turning against ransomware actors, ransom payments declined substantially in 2022 as more victims refused to pay their attackers — for a variety of reasons.
If the trend continues, analysts expect ransomware actors will start demanding bigger ransoms from larger victims to try and compensate for falling revenues, while also increasingly going after smaller targets that are more likely to pay (but which represent potentially smaller payoffs).
"Our findings suggest that a combination of factors and best practices — such as security preparedness, sanctions, more stringent insurance policies, and the continued work of researchers — are effective in curbing payments," says Jackie Koven, head of cyber-threat intelligence at Chainanalysis.
[...] "Enterprise organizations investing in cybersecurity defenses and ransomware preparedness are making a difference in the ransomware landscape," Koven says. "As more organizations are prepared, fewer need to pay ransoms, ultimately disincentivizing ransomware cybercriminals."
[...] Bill Siegel, CEO and co-founder of Coveware, says that insurance companies have influenced proactive enterprise security and incident response preparedness in a positive manner in recent years. After cyber-insurance firms sustained substantial losses in 2019 and 2020, many have tightened their underwriting and renewal terms and now require insured entities to have minimum standards like MFA, backups, and incident response training.
[...] "As the expected profitability of a given ransomware attack declines for cybercriminals, they have attempted to compensate by adjusting their own tactics," Coveware said. "Threat actors are moving slightly up the market to try and justify larger initial demands in the hopes that they result in large ransom payments, even as their own success rate declines."
Another sign is that many ransomware operators began re-extorting victims after extracting money from them the first time, Coveware said. Re-extortion has traditionally been a tactic reserved for small business victims. But in 2022, groups that have traditionally targeted mid- to large-size companies began employing the tactic as well, likely as a result of financial pressures, Coveware said.
[...] Ransomware victims have realized that even if they pay the ransom, there's no guarantee they will get their data back or that the ransomware actor will delete the "stolen" files without selling them to third parties on the dark web. The public perception of the ransomware phenomenon has matured as well, so data leaks don't carry the same risks for brand reputation of the last few years.
[...] Even though the victims are not paying as much as before, the ransomware business is anything but dead: in 2022, the average lifespan of file encrypting-malware strains has dropped from 153 days to just 70 days year-over-year. The "Conti" ransomware operation came to an end while other ransomware-as-a-service (raas) operations went live, including Royal, Play, and BlackBasta. LockBit, Hive, Cuba, BlackCat, and Ragna were still in business (and still asking for ransom payments) at the end of 2022.
A new AI learning scheme combined with a spray-on smart skin can decipher the movements of human hands to recognize typing, sign language, and even the shape of simple familiar objects:
The technology quickly recognizes and interprets hand motion with limited data and minimal training and should work for all users, its developers say.
Besides finding use in gaming and virtual reality, the new hand-task-cognition technology could allow people to communicate with others and with machines using gestures. Other applications the technologists envision include surgeons remotely controlling medical devices, as well as a new modality for robots and prosthetics to achieve object and motion recognition.
[...] There are two key parts of the new system, which the team reported in the journal Nature Electronics. One is a mesh made of millions of nanowires of silver coated with gold that are embedded in a polyurethane plastic coating. The mesh, he says, is both durable and stretchy and helps the sensor stick to skin. "It conforms intimately to the wrinkles and folds of each human finger that wears it," [Korea Advanced Institute of Science and Technology professor Sungho] Jo says.
[...] The team directly printed the mesh onto the back of a user's hand going down the index finger. The nanowire network senses tiny changes to electrical resistance as the skin underneath stretches. As the hand moves, the nanomesh creates unique signal patterns that it wirelessly sends via a lightweight Bluetooth unit to a computer for processing.
[...] As the hand moves, the nanomesh creates unique signal patterns that it wirelessly sends via a lightweight Bluetooth unit to a computer for processing.
This is where the AI kicks in. A machine-learning system maps the changing patterns in electrical conductivity to specific physical tasks and gestures. The researchers first use random hand and finger motions from three different users to help the AI learn the general correlation between motions.
Originally spotted on The Eponymous Pickle.
In a study published Monday in the journal Biosensor and Bioelectronics, a group of researchers from Tel Aviv University (via Neuroscience News) said they recently created a robot that can identify a handful of smells with 10,000 times more sensitivity than some specialized electronics. They describe their robot as a bio-hybrid platform (read: cyborg). It features a set of antennae taken from a desert locust that is connected to an electronic system that measures the amount of electrical signal produced by the antennae when they detect a smell. They paired the robot with an algorithm that learned to characterize the smells by their signal output. In this way, the team created a system that could reliably differentiate between eight "pure" odors, including geranium, lemon and marzipan, and two mixtures of different smells. The scientists say their robot could one day be used to detect drugs and explosives.
Dr. Maoz and Prof. Ayali explain: "Man-made technologies still can't compete with millions of years of evolution. One area in which we particularly lag behind the animal world is that of smell perception.
"An example of this can be found at the airport where we go through a magnetometer that costs millions of dollars and can detect if we are carrying any metal devices. But when they want to check if a passenger is smuggling drugs, they bring in a dog to sniff him.
"In the animal world, insects excel at receiving and processing sensory signals. A mosquito, for example, can detect a 0.01 percent difference in the level of carbon dioxide in the air. Today, we are far from producing sensors whose capabilities come close to those of insects."
[...] "In the study, we were able to characterize 8 odors, such as geranium, lemon and marzipan, in a way that allowed us to know when the smell of lemon or marzipan was presented. In fact, after the experiment was over, we continued to identify additional different and unusual smells, such as various types of Scotch whiskey.
"A comparison with standard measuring devices showed that the sensitivity of the insect's nose in our system is about 10,000 times higher than the devices that are in use today."
Short YouTube video accompanying the article
Shvil Neta, Golan Ariel, Yovel Yossi, et al., The Locust antenna as an odor discriminator, Biosens Bioelectron, 221, 2023. DOI: https://doi.org/10.1016/j.bios.2022.114919
Researchers have uncovered yet another supply chain attack targeting an open source code repository, showing that the technique, which has gained wide use in the past few years, isn't going away any time soon.
This time, the repository was PyPI, short for the Python Package Index, which is the official software repository for the Python programming language. Earlier this month, a contributor with the username Lolip0p uploaded three packages to PyPI titled: colorslib, httpslib, and libhttps. The contributor was careful to disguise all three as legitimate packages, in this case, as libraries for creating a terminal user interface and thread-safe connection pooling. All three packages were advertised as providing full-featured usability.
[...] Open source repositories such as PyPI and NPM have become increasingly used as vectors for installing malware through supply chain attacks, which spread malicious software at the source of a legitimate project. From 2018 to 2021, this type of attack grew on NPM almost fourfold and about fivefold on PyPI, according to security firm ReversingLabs. From January to October last year, 1,493 malicious packages were uploaded to PyPI, and 6,977 malicious packages were uploaded to NPM.
[...] "Python end users should always perform due diligence before downloading and running any packages, especially from new authors," ReversingLabs researchers wrote in the post documenting the latest attacks. "And as can be seen, publishing more than one package in a short time period is no indication that an author is reliable."
The same advice should be applied to NPM, RubyGems, and virtually every other open source repository.
The night sky has been brightening faster than researchers realized, thanks to the use of artificial lights at night. A study of more than 50,000 observations of stars by citizen scientists reveals that the night sky grew about 10 percent brighter, on average, every year from 2011 to 2022.
In other words, a baby born in a region where roughly 250 stars were visible every night would see only 100 stars on their 18th birthday, researchers report in the Jan. 20 Science.
[...] "In a way, this is a call to action," says astronomer Connie Walker of the National Optical-Infrared Astronomy Research Laboratory in Tucson. "People should consider that this does have an impact on our lives. It's not just astronomy. It impacts our health. It impacts other animals who cannot speak for themselves."
Walker works with the Globe at Night campaign, which began in the mid-2000s as an outreach project to connect students in Arizona and Chile and now has thousands of participants worldwide. Contributors compare the stars they can see with maps of what stars would be visible at different levels of light pollution, and enter the results on an app.
"I'd been quite skeptical of Globe at Night" as a tool for precision research, admits physicist Christopher Kyba of the GFZ German Research Centre for Geosciences in Potsdam. But the power is in the sheer numbers: Kyba and colleagues analyzed 51,351 individual data points collected from 2011 to 2022.
"The individual data are not precise, but there's a whole lot of them," he says. "This Globe at Night project is not just a game; it's really useful data. And the more people participate, the more powerful it gets."
[...] The good news is that no major technological breakthroughs are needed to help fix the problem. Scientists and policy makers just need to convince people to change how they use light at night — easier said than done.
"People sometimes say light pollution is the easiest pollution to solve, because you just have to turn a switch and it goes away," Kyba says. "That's true. But it's ignoring the social problem — that this overall problem of light pollution is made by billions of individual decisions."
Some simple solutions include dimming or turning off lights overnight, especially floodlighting or lights in empty parking lots.
Kyba shared a story about a church in Slovenia that switched from four 400-watt floodlights to a single 58-watt LED, shining behind a cutout of the church to focus the light on its facade. The result was a 96 percent reduction in energy use and much less wasted light , Kyba reported in the International Journal of Sustainable Lighting in 2018. The church was still lit up, but the grass, trees and sky around it remained dark.
"If it was possible to replicate that story over and over again throughout our society, it would suggest you could really drastically reduce the light in the sky, still have a lit environment and have better vision and consume a lot less energy," he says. "This is kind of the dream."
Fabio Falchi and Salvador Bará, Light pollution is skyrocketing, Science, 379, 6629, 2023. (DOI: 10.1126/science.adf4952)
If you visit the Field Museum in Chicago for its First Kings of Europe exhibit that opens March 31, keep an eye out for a ragged, unassuming sword. It has a special backstory. The Field Museum had thought it was a convincing replica of a Bronze Age sword. Turns out, it's the real thing.
The sword is around 3,000 years old. The museum acquired the artifact almost a century ago. It was first discovered in the 1930s in the Danube River in Budapest, Hungary. It may have ended up there as part of a ritual for the dead.
Field Museum scientists with specialities in chemistry and archaeology examined the sword with an X-ray fluorescence detector, a device that can determine what an object is composed of. "When they compared the sword's chemical makeup to other known Bronze Age swords in Europe, their content of bronze, copper and tin were nearly identical," the Field Museum said in a statement this week.
Tracing the sword to its rightful place in history was unexpected. "Usually this story goes the other way round. What we think is an original turns out to be a fake," said Bill Parkinson, curator of anthropology.
T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts.
In a filing today with the U.S. Securities and Exchange Commission, T-Mobile said a "bad actor" abused an application programming interface (API) to hoover up data on roughly 37 million current postpaid and prepaid customer accounts. The data stolen included customer name, billing address, email, phone number, date of birth, T-Mobile account number, as well as information on the number of customer lines and plan features.
APIs are essentially instructions that allow applications to access data and interact with web databases. But left improperly secured, these APIs can be leveraged by malicious actors to mass-harvest information stored in those databases. In October, mobile provider Optus disclosed that hackers abused a poorly secured API to steal data on 10 million customers in Australia.
T-Mobile said it first learned of the incident on Jan. 5, 2023, and that an investigation determined the bad actor started abusing the API beginning around Nov. 25, 2022. The company says it is in the process of notifying affected customers, and that no customer payment card data, passwords, Social Security numbers, driver's license or other government ID numbers were exposed.
In August 2021, T-Mobile acknowledged that hackers made off with the names, dates of birth, Social Security numbers and driver's license/ID information on more than 40 million current, former or prospective customers who applied for credit with the company. That breach came to light after a hacker began selling the records on a cybercrime forum.
Last year, T-Mobile agreed to pay $500 million to settle all class action lawsuits stemming from the 2021 breach. The company pledged to spend $150 million of that money toward beefing up its own cybersecurity.
In its filing with the SEC, T-Mobile suggested it was going to take years to fully realize the benefits of those cybersecurity improvements, even as it claimed that protecting customer data remains a top priority.
Wikipedia has released their new layout, which unsurprisingly includes whitespace bars on either side, justified by the claim "most people prefer a column 60-80 characters wide" (although it's not that extreme).
The changes being introduced are not very dramatic — in fact, they may not even be immediately noticed by some users. The organization, however, says the update was necessary in order to meet the needs of the next generation of internet users, including those who are more newly coming online and may have less familiarity with the internet.
To develop the new interface, the foundation engaged with more than 30 different volunteer groups from around the world, with users in places like India, Indonesia, Ghana and Argentina, among others, all helping to test the update and provide insights into the product development. The goal for the update was to make Wikipedia more of a modern web platform, it said, and to remove clutter, while also making it easier for users to contribute. It additionally aimed to make the desktop web version more consistent with Wikipedia's mobile counterpart.
It is possible to go back to the old layout, if you log in to the site and set it in your preferences.
Poor cryptocurrency valuations and continued fallout from FTX's downfall left Genesis unable to pay its creditors.
Genesis, one of the largest crypto lending firms in the space finally filed for Chapter 11 bankruptcy on Friday. Though Genesis managed to cling on to life for months longer than some of its largest competitors, recent market shake-ups and festering fallout from FTX's collapse flung it over the edge. Now, the firm will join Celsius, Voyager Digital, and BlockFi in a graveyard of former crypto giants.
Genesis was among the crypto firms offering sky high returns on cryptocurrency investments. The company lent funds to some of the shadiest names in the space, including failed crypto hedge fund Three Arrows Capital and FTX affiliate Alameda Research. In the latter example, Genesis reportedly gave out hundreds of million worth of unsecured loans to Alameda. Genesis' parent company, DCG, now reportedly owes creditors around $3 billion, according to CNBC. The bankruptcy filing comes just a week after the Securities and Exchange Commission charged Genesis with allegedly selling unregistered securities.
[...] While Genesis, like just about every other company in the crypto space, struggled to adapt to worsening cryptocurrency valuations and diminished consumer trust, the public response to FTX's implosion likely accelerated the company' downfall. FTX's death spiral sparked a new wave of crypto customers sprinting to withdraw their funds. Genesis reportedly sought out a $1 billion bailout during this time to stop the bleeding but nobody answered the company's call.