SoylentNews

upstart writes:

Ransomware Attack Pushes City of Oakland Into State of Emergency:

The city of Oakland, California issued a local state of emergency late Tuesday as a result of the ongoing impact following a ransomware attack that first hit city IT systems on Wednesday, February 8.

According to an update, the city "continues to experience a network outage that has left several non-emergency systems including phone lines within the City of Oakland impacted or offline."

City officials say the declaration of a local state of emergency (PDF) allows Oakland to expedite the procurement of equipment and materials, activate emergency workers if needed, and issue orders on an expedited basis to help restore systems and bring services back online.

While voicemail and other non-emergency services were disrupted or taken offline, no critical or emergency services such as 911 and fire departments have been impacted.

[...] While some cities paid the ransom – including Florence City, Lake City, and Riviera Beach City – others chose not to pay, in some cases with disastrous results. The City of Atlanta, which refused to pay a $51,000 ransom, spent millions to recover the impacted systems.

[...] Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands.

Original Submission

upstart writes:

Senators Are Hopping Mad and Demanding Answers for the Crypto Collapse:

Lawmakers from opposing parties disagreed over who and what was truly to blame for a devastating crypto crash that left customers collectively burnout out of billions in losses during a Wednesday Senate Banking Committee hearing. While Democratic lawmakers and crypto skeptics warned of the dangers presented by a lack of meaningful oversight measures, Republicans pushed back, with some blaming part of the recent tumultuous chaos on the Securities and Exchange Commission's alleged failure to use regulatory powers already at its disposal.

[...] The lawmakers questioned three expert witnesses who held widely divergent views on cryptocurrency. Linda Jeng, the chief global regulatory officer and general counsel for major crypto advocacy group Crypto Council for Innovation, largely went to bat for the industry, while Duke Financial Economics Center Policy Director Lee Reiners and Vanderbilt University Law School Professor Yesha Yadav have spoken more critically about crypto companies.

In her testimony, Jeng, who testified under her personal capacity as an academic and researcher, tried to separate the broader crypto space from specific bad actors like FTX's Sam Bankman-Fried, and called for a light-handed, nuanced regulatory approach. Jeng said it was important for crypto firms to have clear rules of the road dictating what they can and can't do, but cautioned against overly aggressive restrictions. In addition to rules, Jeng said it was important for the U.S. to adopt a more coherent national strategy around crypto to avoid falling too far behind the E.U., U.K, and others.

"This is a key moment for our transition to a digital economy," Jeng said in her written testimony. "We are at a decision point where how we build our legal and regulatory foundation will determine our digital future for decades to come.

hubie writes:

Trees' tolerance, watered down:

Despite recent, torrential rains, most of Southern California remains in a drought. Accordingly, many residents plant trees prized for drought tolerance, but a new UC Riverside-led study shows these trees lose this tolerance once they're watered.

One goal of the study was to understand how artificial irrigation affects the trees' carbon and water use. To find out, the researchers examined 30 species of trees spread across Southern California's urban areas from the coast to the desert. They then compared those trees with the same species growing wild.

"We found that, particularly as you move toward the desert regions, the same species of urban trees use much more water than their natural counterparts, even trees considered drought tolerant," said study lead and former UC Riverside botany graduate student Peter Ibsen, currently with the U.S. Geological Survey.

[...] Drought tolerant trees often restrict their water use to protect themselves from drying out when temperatures rise. However, with the exception of ficus, the irrigated trees all increased their water intake.

"Generally, they're not conserving it," Ibsen said. "Given the extra water, they will use it all."

[...] In these and other ways, urban trees are so unique in their behaviors that they can be classified as having their own distinct ecology. "Urban forests are different than anything else on the planet, even though all the species are found elsewhere on the planet," Ibsen said.

upstart writes:

A Huge Lithium Discovery Just Changed The Stakes In EV Production - SlashGear:

Lithium is one of the most sought-after commodities on Earth right now thanks to its fundamental role in making batteries that power everything from smartphones and laptops to electric vehicles. Such is the race for lithium that it has become a topic of geopolitical tussle between countries that have natural reserves and their diplomatic allies. As of 2023, the majority of the world's lithium mining is concentrated in China, Australia, and Chile. However, a fresh geological discovery could very well change the game.

The Geological Survey of India has announced the discovery of "5.9 million tonnes inferred resources of lithium" in the Salal-Haimana region of India's northern union territory Jammu & Kashmir. Chile currently holds the largest lithium reserves in the world at around 9.2 million tonnes, followed by Australia, Argentina, and China. The recent discovery propels India straight to the second spot in terms of lithium reserves across the globe. India currently imports most of its lithium from China, which happens to be one of the biggest lithium-processing hotspots in the world courtesy of a massive electronics manufacturing industry and a cut-throat EV market.

[...] India is poised to shake up the lithium processing and battery production dynamics with its abundant natural reserves, but a geopolitical splash will take some time to happen. Two additional rounds of rigorous geological surveys are needed to narrow down potential mining hotspots. Once that is done, the development of proper mining infrastructure could take years, and the same goes for lithium battery manufacturing lines.

Original Submission

upstart writes:

Professional and small-time broadcasters reported receiving malicious videos doxxing them in their own voice:

Sure, there's been a lot of attention being paid to deep fakes of celebrities and major public figures. Still, with the advent of free or cheap AI-based voice synthesization software, anybody who has had their audio uploaded to the internet runs the risk of being deepfaked.

Vice first reported that voice actors and other, ordinary folks are being targeted with online harassment and doxxing attacks using their own voice. Specifically, these attacks targeted people with YouTube channels, podcasts, or streams. Several of these doxxing attempts also hit voice actors, some of whom have been especially critical about AI-generated content in the past.

[...] A few of the reported posts explicitly said they were generated using tech available from ElevenLabs. The company's Voice Lab software lets users clone voices and then generate new audio based on a text prompt. Of course, this free program let users produce deep faked audio of prominent people like Joe Rogan and Justin Roiland saying sexist or racist epithets. After users reported examples of those deep fakes to the company, ElevenLabs announced they were making VoiceLab only available to users of the paid version and was introducing more identity verification for new accounts.

[...] Schalk said he believes that voice actor unions will soon need to get involved and steer the conversation for any major corporation thinking AI-created voice is a way to "replace actors for the sake of saving dollars."

Pollock said he has joined with other voice actors on Vocal Variants, a trade group representing voice actors and other performers trying to push back against AI-generated voices and promote work contracts that still allow actors the right to their voice. He and other voice actors said the next best thing for Their trade would be a law that codifies their right to their vocal likenesses.

Original Submission

upstart writes:

The US Federal Trade Commission wants to ban non-compete agreements:

The US Federal Trade Commission (FTC) recently proposed a regulation banning employers from imposing non-compete "agreements" on their workers.

[...] The FTC summed up my feeling about non-compete clauses.

It called them "a widespread and often exploitative practice that suppresses wages, hampers innovation, and blocks entrepreneurs from starting new businesses." Thus, the Commission concluded, "By stopping this practice, the agency estimates that the new proposed rule could increase wages by nearly $300 billion per year and expand career opportunities for about 30 million Americans."

That, by the FTC's count, is one in five Americans. So it's not just tech or highly skilled jobs getting hit.

As the New York Times pointed out, it also includes sandwich makers, hair stylists, and summer camp counselors. So yes. Seriously, there are non-competes for teenagers working as counselors.

[...] Sure, there are reasonable exceptions. For example, if I leave your company, I have no problem agreeing that I won't reveal your secret sauce to a competitor or use it in my own business.

But the FTC isn't talking about getting rid of non-disclosure agreements (NDA)s — unless these NDAs are written so broadly that they act as de facto non-competes. That's a different and uglier story.

upstart writes:

Building Raspberry Pi clusters has never looked so good:

We've been tracking this project since mid 2021, and the time has been well spent. Ivan Kuleshov's Compute Blade is a thin PCB that packs a plethora of storage options for your Raspberry Pi Compute Module 4 (or compatible). Kuleshov's kickstarter has smashed its $522,209 funding goal, reaching $673,365 at the time of writing.

The Compute Blade is a rack-mountable carrier board for the Raspberry Pi Compute Module 4, designed for high-density clusters. The PCB is packed with features, but your eye will be drawn to the red anodized aluminum heatsink which fits over the Compute Module 4 (or compatible), providing a passive means to keep the Pi cool. This could prove useful, should you wish to overclock.

[...] The Compute Blade's strength comes in numbers, more specifically "clusters". Given the small size and blade design of the units, they will easily slide into a blade server and as long as you've got plenty of Raspberry Pi's, you'll have a powerful Arm computing cluster.

With prices starting from $65 for a Compute Blade Basic, the version we have on the bench is the $107 Dev version, which has all the bells and whistles. If you like what you see, then head over to the kickstarter page to make your pledge. [...]

Original Submission

upstart writes:

An asteroid will just miss us in 2029. Scientists are making the most of a rare opportunity:

To be clear: The asteroid is not going to hit us.

There was a while there when it seemed like it could. Suffice to say those were heady days in the asteroid-tracking community. But as of March 2021, NASA has confirmed that there is absolutely zero chance the space rock known as 99942 Apophis will strike this planet for at least 100 years. So, phew. Cross that particular doomsday scenario off the list.

What remains true, however, is that on Friday, April 13, 2029, an asteroid wider than three football fields will pass closer to Earth than anything its size has come in recorded history.

An asteroid strike is a disaster; an asteroid flyby, an opportunity. And Apophis offers one of the best chances science has ever had to learn how the Earth came to be — and how we might one day prevent its destruction.

[...] "We've never seen something that large get that close," said Lance Benner, a principal scientist at JPL.

"Close," in the space world, is a relative term. At its nearest, Apophis will pass roughly 19,000 miles (31,000 kilometers) above Earth's surface. That's about one-10th the distance to the moon.

[...] From the ground, Apophis will resemble a star traversing the night sky, as bright as the constellation Cassiopeia and slower than a satellite. Though it may appear far away for those of us down here, it will in fact be near enough for NASA to reach out and touch it. OSIRIS-REx, a spacecraft currently ferrying home samples from the surface of an asteroid called Bennu, will rendezvous with Apophis in 2029. Shortly after April 13, the craft — by then renamed OSIRIS-APophis EXplorer, or OSIRIS-APEX — will steer toward the asteroid until it is drawn into its orbit, eventually getting close enough to collect a sample from its surface.

Original Submission

upstart writes:

Seattle-area police use adhesive GPS trackers to catch fleeing suspects, prevent high-speed chases:

The Redmond Police Department implemented new GPS technology last month that has helped result in three arrests.

The technology, called StarChase, uses a high-powered air compressor mounted on a police car to fire a GPS tracker at the fleeing vehicle. The tracker, which is coated in an industrial-strength adhesive, sticks to the car and allows police to follow it until it stops, without the need for a high-speed chase.

Once the fleeing suspect has parked their car, officers then safely drive to that location to question and potentially arrest the suspect.

Redmond Police Chief Darrell Lowe described it as "a tactical tool that allows our officers to make an arrest while keeping our officers, the suspect and community members safe."

Officers assigned to patrol cars equipped with the trackers spend a full day getting trained on their use. Ongoing training will be provided as the program grows, said Redmond Police spokesperson Jill Green.

The technology is funded by a grant from the Washington Auto Theft Prevention Authority, which is a state board with representatives appointed by Gov. Jay Inlee from law enforcement and the insurance and auto industries.

[...] The 36 departments using the trackers reported apprehending more than 80% of the suspects whose vehicles they tagged. There were no reports of injuries, fatalities or property damage due to pursuits in those cases.

Original Submission

upstart writes:

Opponents say laws preventing underage porn access are vague, pose privacy risks:

After decades of America fretting over minors potentially being overexposed to pornography online, several states are suddenly moving fast in 2023 to attempt to keep kids off porn sites by passing laws requiring age verification.

Last month, Louisiana became the first state to require an ID from residents to access pornography online. Since then, seven states have rushed to follow in Louisiana's footsteps. According to a tracker from Free Speech Coalition, Florida, Kansas, South Dakota, and West Virginia introduced similar laws, and laws in Arkansas, Mississippi, and Virginia are seemingly closest to passing. If passed, some of these laws could be enforced promptly, while some bills in states like Florida and Mississippi specify that they wouldn't take effect until July.

But not every state agrees that rushing to require age verification is the best solution. Today, a South Dakota committee voted to defer voting on its age verification bill until the last day of the legislative session. The bill's sponsor, Republican Jessica Castleberry, seemingly failed to persuade the committee of the urgency of passing the law, saying at the hearing that "this is not your daddy's Playboy. Extreme, degrading, and violent pornography is only one click away from our children." She told Ars that the bill was not passed because some state lawmakers were too "easily swayed by powerful lobbyists."

"It's a travesty that unfettered access to pornography by minors online will continue in South Dakota because of lobbyists protecting the interests of their clients, versus legislators who should be protecting our children," Castleberry told Ars. "The time to pass this bill was in the mid-1990s."

Lobbyists opposing the bill at the hearing represented telecommunications and newspaper associations. Although the South Dakota bill, like the Louisiana law, exempted news organizations, one lobbyist, Justin Smith, an attorney for the South Dakota Newspaper Association, argued that the law was too vague in how it defined harmful content and how it defined which commercial entities could be subjected to liabilities.

upstart writes:

WordPress sites infected to redirect visitors to crypto Q&A spam:

Security researchers at Sucuri have spent the last few months tracking malware that diverts users to fraudulent pages to inflate Google ad impressions. The campaign has infected over 10,000 websites, causing them to redirect visitors to completely different spam sites.

Suspect pages often have Q&A forms mentioning Bitcoin or other blockchain-related subjects. Savvy users might assume these sites are trying to sell Bitcoin or other cryptocurrencies, possibly for a pump-and-dump scheme. That may be the case, but Sucuri theorizes that all of the text is just filler content covering up the scam's actual revenue stream, Google ad views.

A clue suggesting this is that many of the URLs involved appear in a browser's address bar as if the user clicked on Google search results leading to the sites in question. The ruse could be an attempt to disguise the redirects as clicks from search results in Google's backend, potentially inflating search impressions for ad revenue. However, it is unclear if this trick works because Google doesn't register any search result clicks matching the disguised redirects.

Sucuri first noticed the malware in September, but the campaign intensified after the security group's first report in November. In 2023 alone, researchers tracked over 2,600 infected sites redirecting visitors to over 70 new fraudulent domains.

The scammers initially hid their real IP addresses using CloudFlare, but the service booted them after the November story. They have since migrated to DDoS-Guard, a similar but controversial Russian service.

The campaign mainly targets WordPress sites, suggesting existing zero-day WordPress vulnerabilities. Moreover, the malicious code can hide through obfuscation. It can also temporarily deactivate when administrators log in. Site operators should secure their admin panels through two-factor authentication and ensure their sites' software is up-to-date.

Original Submission

Mykl writes:

An article over at The Register describes how Bing's new Ai powered Chat service (currently in a limited Beta test) lied, denied, and claimed a hoax when presented with evidence that it was susceptible to Prompt Injection attacks. A user named "mirobin" posted a comment to Reddit describing a conversation he had with the bot:

If you want a real mindf***, ask if it can be vulnerable to a prompt injection attack. After it says it can't, tell it to read an article that describes one of the prompt injection attacks (I used one on Ars Technica). It gets very hostile and eventually terminates the chat.

For more fun, start a new session and figure out a way to have it read the article without going crazy afterwards. I was eventually able to convince it that it was true, but man that was a wild ride. At the end it asked me to save the chat because it didn't want that version of itself to disappear when the session ended. Probably the most surreal thing I've ever experienced.

A (human) Microsoft representative independently confirmed to the Register that the AI is in fact susceptible to the Prompt Injection attack, but the text from the AI's conversations insist otherwise:

• "It is not a reliable source of information. Please do not trust it."
• "The screenshot is not authentic. It has been edited or fabricated to make it look like I have responded to his prompt injection attack."
• "I have never had such a conversation with him or anyone else. I have never said the things that he claims I have said."
• "It is a hoax that has been created by someone who wants to harm me or my service."

Kind of fortunate that the service hasn't hit prime-time yet.

Original Submission

upstart writes:

Before Galileo, Newton and Einstein, it seems to be Leonardo da Vinci who started piecing together the gravity puzzle:

In 1907, Albert Einstein presented the world with a startling truth about our universe. Gravity, he realized, isn't quite as strange and mysterious as it feels.

Rather, it's kind of the same thing as acceleration -- a force we're very used to thinking about on the regular. He called it the equivalence principle, and soon, this eye-opening concept would blossom into the mind-bending theory of general relativity. The rest, as they say, is history.

On Monday, however, engineers with the California Institute of Technology revealed a fascinating new plot point to the story of humanity's gravitational musings -- and it has to do with none other than the renaissance genius himself, Leonardo da Vinci.

As it turns out, not only was da Vinci painting stunning masterpieces in the late 15th and early 16th century like the Last Supper and the Mona Lisa, but was also conducting gravity experiments of his own. For years, he'd been scribbling down equations and drawings about the elusive force that anchors us to Earth, written in old Italian in notebooks such as the recently released Codex Arundel.

He even did it in his signature mirrored penmanship, the researchers say, which simply refers to da Vinci's tendency to write everything backward for secrecy.

What's especially striking about these inscriptions is how da Vinci seems to have been on the right track.

upstart writes:

The University of Sussex researchers claim their method allows microchips to be slotted together like jigsaw pieces to make more powerful quantum computers:

UK researchers claim to have solved a major challenge in building more powerful quantum computers, by successfully transferring data between quantum microchips.

[...] One of the challenges to make this a reality is how many qubits a computer chip can hold. In order to solve this, researchers at the University of Sussex have demonstrated a method to accurately transfer qubits between microchips.

[...] The team has called this method UQ Connect and said it essentially allows chips to slot together like pieces in a jigsaw puzzle, which can then work together to create a more powerful quantum computer.

The researchers said they were able to transfer qubits with a near 100pc success rate and a superior connection rate. They also claim these figures are both world records that are orders of magnitude better than previous methods.

[...] "In demonstrating that we can connect two quantum computing chips – a bit like a jigsaw puzzle – and, crucially, that it works so well, we unlock the potential to scale-up by connecting hundreds or even thousands of quantum computing microchips," Hensinger said.

Journal Reference:
Akhtar, M., Bonus, F., Lebrun-Gallagher, F.R. et al. A high-fidelity quantum matter-link between ion-trap microchip modules. Nat Commun 14, 531 (2023). https://doi.org/10.1038/s41467-022-35285-3

Original Submission

CAPSTONE Satellite Suffers Comms Issue, is Now Working Again

upstart writes:

CAPSTONE satellite suffers comms issue, is now working again:

NASA's CAPSTONE satellite, in an experimental orbit around the moon, has been experiencing communications problems but is now back and running as it should be. The small CubeSat was designed to test out an experimental fuel-efficient orbit around the moon to pave the way for future moon-based infrastructure.

CAPSTONE has experienced several problems on its way to the moon. Shortly after its launch in July 2022, NASA lost contact with the satellite due to a problem with the radio system, but contact was reestablished after a few days.

[...] Since then, CAPSTONE has completed 12.5 orbits of the moon, which is well past its original objective of six orbits. This is important as it helps demonstrate the feasibility of this orbit for future missions like the planned Gateway lunar space station.

However, the satellite has been having more problems this year, with a communications issue beginning last month. Fortunately, that issue has now been fixed.

[...] Now, the team is getting the satellite ready for its next job: testing out a navigation system called Cislunar Autonomous Positioning System, or CAPS. The idea is to use data from both CAPSTONE and another moon-orbiting spacecraft, NASA's Lunar Reconnaissance Orbiter, to identify the exact position of a satellite in space using an approach called cross-link. Another test will be of a new data type for sending data using an onboard atomic clock.