SoylentNews

upstart writes:

Leaving a trail of stars and excited gas after its passage:

Supermassive black holes (SMBH) are some of the most extreme phenomena populating the universe. They usually reside at the center of their host galaxies, but sometimes they can be ejected from their place to start a solitary pilgrimage through the void of deep space.

By observing an unexpected trail in the gas cloud surrounding a dwarf galaxy, an international team of researchers has now found what they consider a potential candidate for a "runaway supermassive black hole" phenomenon. The light emitted by the gargantuan astronomical object traveled more than 7.5 billion years before reaching planet Earth, and it was seemingly traveling at 1,600 kilometers per second.

[...] In their paper, the researchers are offering some explanations about how a SMBH can leave its galactic center to start wandering through the universe. When a pair of galaxies merge, the paper explains, the two SMBH at their centers form a binary system with the two extreme objects orbiting the gravity center of the new formation for potentially billions of years.

If a third SMBH enters the system, the new complex interaction can lead to a slingshot effect through which one of the black hole cores gets ejected and sent toward outer space. Even without a third SMBH, the galaxy merger could be violent and extreme enough to eventually kick one of the two SMBH nuclei out.

The trail of gas and new stars observed with the Hubble Space Telescope could have other explanations, the researchers concede. However, based on the small number of papers previously written on the topic, they think a rogue SMBH could be the best theory for the observed phenomenon. This kind of research would also benefit from "further theoretical work," the researchers say.

arXiv paper

Original Submission

upstart writes:

Competitor markets working to replace Hydra's money-laundering services for cybercriminals:

During the first few months of 2022, business was booming at Hydra Marketplace, the premiere Dark Web destination for cybercrime money laundering and selling narcotics and other illegal goods and services.

In fact, until its takedown in April 2022, Hydra owned a full 93% of all illicit underground economic activities.

[...] Fast forward 10 months after the demise of Russian-based Hydra, and the Dark Web marketplace ecosystem is still struggling to recover. Namely, it's been tough to replicate or replace Hydra's money-laundering services for cybercriminals.

[...] So far, no other marketplace has been able to dominate the Dark Web market like Hydra did in its heyday.

[...] Mounting struggles in the darknet ecosystem present an enormous opportunity to absorb Hydra's user base and reign the underground supreme. But the key to attracting users to these platforms is providing cryptocurrency and fiat currency-laundering services, the research shows.

[...] Dark Web marketplaces are evolving into financial services providers for cybercriminals, Jardine says.

"With Hydra and the evolution of money-laundering services as a feature of the darknet market ecosystem, a number of new financial motivations come into play," Jardine says. "Previous markets, such as Silk Road, largely connected buyers and sellers of drugs, but providing money laundering and fiat currency off-ramp services to cybercriminals ties darknet markets more to the ebb and flow of ransomware and cybercrime than had previously been the case."

Original Submission

upstart writes:

The change comes after early beta testers of the chatbot found that it could go off the rails and discuss violence, declare love, and insist that it was right when it was wrong:

Microsoft's Bing AI chatbot will be capped at 50 questions per day and five question-and-answers per individual session, the company said on Friday.

In a blog post earlier this week, Microsoft blamed long chat sessions of over 15 or more questions for some of the more unsettling exchanges where the bot repeated itself or gave creepy answers.

[...] Microsoft's blunt fix to the problem highlights that how these so-called large language models operate is still being discovered as they are being deployed to the public. Microsoft said it would consider expanding the cap in the future and solicited ideas from its testers. It has said the only way to improve AI products is to put them out in the world and learn from user interactions.

Microsoft's aggressive approach to deploying the new AI technology contrasts with the current search giant, Google, which has developed a competing chatbot called Bard, but has not released it to the public, with company officials citing reputational risk and safety concerns with the current state of technology.

Journalist says he had a creepy encounter with new tech that left him unable to sleep:

New York Times technology columnist Kevin Roose has early access to new features in Microsoft's search engine Bing that incorporates artificial intelligence. Roose says the new chatbot tried to get him to leave his wife.

See also: Bing's AI-Based Chat Learns Denial and Gaslighting

Original Submission

hubie writes:

New study suggests Mayas utilized market-based economics:

More than 500 years ago in the midwestern Guatemalan highlands, Maya people bought and sold goods with far less oversight from their rulers than many archeologists previously thought.

That's according to a new study in Latin American Antiquity that shows the ruling K'iche' elite took a hands-off approach when it came to managing the procurement and trade of obsidian by people outside their region of central control.

[...] While there are extensive written records from the Maya Postclassic Period (1200-1524 AD) on political organization, much less is known about how societal elites wielded economic power. Horowitz set out to address this knowledge gap for the K'iche' by examining the production and distribution of obsidian artifacts, which are used as a proxy by archeologists to determine the level of economic development in a region.

She performed geochemical and technological analysis on obsidian artifacts excavated from 50 sites around the K'iche' capital of Q'umarkaj and surrounding region to determine where the raw material originally came from and techniques of its manufacture.

[...] "For a long time, there has been this idea that people in the past didn't have market economies, which when you think about it is kind of weird. Why wouldn't these people have had markets in the past?" she said. "The more we look into it, the more we realize there were a lot of different ways in which these peoples' lives were similar to ours."

Journal Reference:
Horowitz, R. (2022). Economic Integration and Obsidian Consumption in the Late Postclassic Period K'iche' Region. Latin American Antiquity, 1-19. doi:10.1017/laq.2022.79

Original Submission

upstart writes:

Majority of Ransomware Attacks Last Year Exploited Old Bugs:

Many vulnerabilities that ransomware operators used in 2022 attacks were years old and paved the way for the attackers to establish persistence and move laterally in order to execute their missions.

The vulnerabilities, in products from Microsoft, Oracle, VMware, F5, SonicWall, and several other vendors, present a clear and present danger to organizations that haven't remediated them yet, a new report from Ivanti revealed this week.

Ivanti's report is based on an analysis of data from its own threat intelligence team and from those at Securin, Cyber Security Works, and Cyware. It offers an in-depth look at vulnerabilities that bad actors commonly exploited in ransomware attacks in 2022.

Ivanti's analysis showed that ransomware operators exploited a total of 344 unique vulnerabilities in attacks last year—an increase of 56 compared to 2021. Of this, a startling 76% of the flaws were from 2019 or before. The oldest vulnerabilities in the set were in fact three remote code execution (RCE) bugs from 2012 in Oracle's products: CVE-2012-1710 in Oracle Fusion middleware and CVE-2012-1723 and CVE-2012-4681 in the Java Runtime Environment.

Srinivas Mukkamala, Ivanti's chief product officer, says that while the data shows ransomware operators weaponized new vulnerabilities faster than ever last year, many continued to rely on old vulnerabilities that remain unpatched on enterprise systems.

"Older flaws being exploited is a by-product of the complexity and time-consuming nature of patches," Mukkamala says. "This is why organizations need to take a risk-based vulnerability management approach to prioritize patches so that they can remediate vulnerabilities that pose the most risk to their organization."

Among the vulnerabilities that Ivanti identified as presenting the greatest danger were 57 that the company described as offering threat actors capabilities for executing their entire mission. These were vulnerabilities that allow an attacker to gain initial access, achieve persistence, escalate privileges, evade defenses, access credentials, discover assets they might be looking for, move laterally, collect data, and execute the final mission.

canopic jug writes:

OpenBSD developer, Florian Obser, has written a detailed post on privilege drop, privilege separation, and restricted-service operating mode in OpenBSD. The BSD-derived operating project, OpenBSD, has been at the forefront of mitigation techniques, for decades now. Florian discusses what OpenBSD has now, and how it got there and provides examples.

Prologue

My main focus in OpenBSD are privilege separated network daemons running in restricted-service operation mode. I gave talks at BSDCan and FOSDEM in the past about how I used these techniques to write slaacd(8) and unwind(8). While I do not think of myself as a one-trick pony, I have written some more: slowcgi(8), rad(8), dhcpleased(8), and gelatod(8). I also wrote the first version of what later turned into resolvd(8).

At one point I claimed that it would take me about a week to transmogrify one daemon into a new one.

Why

Privilege drop, privilege separation, and restricted-service operating mode are exploit mitigations. When¹ an attacker finds a bug we try to stop them from causing damage. The mitigations we are talking about here are aimed at attackers that achieved arbitrary code execution. Due to other mitigations that is quite difficult to pull off. These are the last line of defence. We try to remove as many resources from the attacker to play with and try to crash the program as quickly as possible if an attacker touches something they are not supposed to.

Previously:
(2022) Fuzzing Ping(8) ... and Finding a 24 Year Old Bug
(2021) Recent and Not So Recent Changes in OpenBSD That Make Life Better
(2018) OpenBSD Chief De Raadt Says No Easy Fix For New Intel CPU Bug
(2017) Kernel Address Randomized Link in OpenBSD
(2014) Bob Beck gives a 30-day status update on LibreSSL

And many more.

Original Submission

upstart writes:

A court put strict limits on pulling innocent bystanders into big data investigations:

Britta Eder's list of phone contacts is full of people the German state considers to be criminals. As a defense lawyer in Hamburg, her client list includes anti-fascists, people who campaign against nuclear power, and members of the PKK, a banned militant Kurdish nationalist organization.

[...] But when Hamburg passed new legislation in 2019 allowing police to use data analytics software built by the CIA-backed company Palantir, she feared she could be pulled further into the big data dragnet. A feature of Palantir's Gotham platform allows police to map networks of phone contacts, placing people like Eder—who are connected to alleged criminals but are not criminals themselves—effectively under surveillance., she feared she could be pulled further into the big data dragnet. A feature of Palantir's Gotham platform allows police to map networks of phone contacts, placing people like Eder—who are connected to alleged criminals but are not criminals themselves—effectively under surveillance.

"I thought, this is the next step in police trying to get more possibilities to observe people without any concrete evidence linking them to a crime," Eder says. So she decided to become one of 11 claimants trying to get the Hamburg law annulled. Yesterday, they succeeded.

A top German court ruled the Hamburg law unconstitutional and issued strict guidelines for the first time about how automatic data analysis tools like Palantir's can be used by police, and it warned against the inclusion of data belonging to bystanders, such as witnesses or lawyers like Eder. The ruling said that the Hamburg law, and a similar law in Hesse, "allow police, with just one click, to create comprehensive profiles of persons, groups, and circles," without differentiating between suspected criminals and people who are connected to them.

Original Submission

hubie writes:

Mounting evidence suggests that prolonged sitting—a staple of modern-day life—is hazardous to your health:

Few studies have compared multiple options to come up with the answer most office workers want: What is the least amount of activity needed to counteract the health impact of a workday filled with sitting?

Now a study by Columbia University exercise physiologists has an answer: just five minutes of walking every half hour during periods of prolonged sitting can offset some of the most harmful effects.

[...] Unlike other studies that test one or two activity options, Diaz's study tested five different exercise "snacks": one minute of walking after every 30 minutes of sitting, one minute after 60 minutes; five minutes every 30; five minutes every 60; and no walking.

"If we hadn't compared multiple options and varied the frequency and duration of the exercise, we would have only been able to provide people with our best guesses of the optimal routine," Diaz says.

[...] The optimal amount of movement, the researchers found, was five minutes of walking every 30 minutes. This was the only amount that significantly lowered both blood sugar and blood pressure. In addition, this walking regimen had a dramatic effect on how the participants responded to large meals, reducing blood sugar spikes by 58% compared with sitting all day.

[...] Taking a walking break every 30 minutes for one minute also provided modest benefits for blood sugar levels throughout the day, while walking every 60 minutes (either for one minute or five minutes) provided no benefit.

upstart writes:

Changes in pH make the protein open and close in different environments:

A close look at one protein shows how it moves molecular passengers into cells in the kidneys, brain and elsewhere.

The protein LRP2 is part of a delivery service, catching certain molecules outside a cell and ferrying them in. Now, 3-D maps of LRP2 reveal the protein's structure and how it captures and releases molecules, researchers report February 6 in Cell. The protein adopts a more open shape, like a net, at the near-neutral pH outside cells. But in the acidic environment inside cells, the protein crumples to drop off any passengers.

The shape of LRP2's structure — and how it enables so many functions — has stumped scientists for decades. The protein helps the kidneys and brain filter out toxic substances, and it operates in other places too, like the lungs and inner ears. When the protein doesn't function properly, a host of health conditions can occur, including chronic kidney disease and Donnai-Barrow syndrome, a genetic disorder that affects the kidneys and brain.

[...] To understand this shuttle system, Barasch and colleagues collected LRP2 from 500 mouse kidneys. The researchers put some of the protein in a solution at the extracellular pH of 7.5, and some in an endosome-mimicking solution at pH 5.2. Using a cryo-electron microscope, they captured images of the proteins and then stitched the images together in a computer, rendering 3-D maps of the protein at both open and closed formations.

The researchers suggest that charged calcium atoms hold the protein open at extracellular pH. But as pH drops due to hydrogen ions flowing into the endosome, the hydrogen ions displace the calcium ions, causing the protein to contract.

Watch a model of the protein LRP2 open and close

Journal Reference:
Andrew Beenken, Gabriele Cerutti, Julia Brasch, et al., Structures of LRP2 reveal a molecular machine for endocytosis, Cell, 186, 2023. (DOI: 10.1016/j.cell.2023.01.016)

Original Submission

upstart writes:

For decades, coders wrote critical systems in C and C++. Now they turn to Rust:

Many software projects emerge because—somewhere out there—a programmer had a personal problem to solve.

That's more or less what happened to Graydon Hoare. In 2006, Hoare was a 29-year-old computer programmer working for Mozilla, the open-source browser company. Returning home to his apartment in Vancouver, he found that the elevator was out of order; its software had crashed. This wasn't the first time it had happened, either.

Hoare lived on the 21st floor, and as he climbed the stairs, he got annoyed. "It's ridiculous," he thought, "that we computer people couldn't even make an elevator that works without crashing!" Many such crashes, Hoare knew, are due to problems with how a program uses memory. [...]

Most of us, if we found ourselves trudging up 21 flights of stairs, would just get pissed off and leave it there. But Hoare decided to do something about it. He opened his laptop and began designing a new computer language, one that he hoped would make it possible to write small, fast code without memory bugs. He named it Rust, after a group of remarkably hardy fungi that are, he says, "over-engineered for survival."

Seventeen years later, Rust has become one of the hottest new languages on the planet—maybe the hottest. There are 2.8 million coders writing in Rust, and companies from Microsoft to Amazon regard it as key to their future. The chat platform Discord used Rust to speed up its system, Dropbox uses it to sync files to your computer, and Cloudflare uses it to process more than 20% of all internet traffic.

An Anonymous Coward writes:

Switchzilla hardware and software need attention, unless you fancy arbitrary remote code execution:

Antivirus software is supposed to be an important part of an organization's defense against the endless tide of malware.

Cisco's open source ClamAV can fill that role – once you patch the 9.8/10 rated arbitrary code execution flaw the networking giant revealed on Wednesday.

A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code," states Cisco's security advisory, which identifies the issue as CVE-2023-20032.

[...] ClamAV's blog reveals a second flaw in the software: CVE-2023-20052.

Both are patched in version 1.01 of the application, available here.

[...] But fixing ClamAV is not the end of the story. Addressing the faulty file parser also requires updates to other Cisco products, including the Secure Web Appliance hardware. The Secure Endpoint Private Cloud also needs a fix, as does Cisco's Secure Endpoint product (formerly known as Advanced Malware Protection for Endpoints) for Linux, Windows, and macOS.

Original Submission

upstart writes:

The capital injection is part of the $40 billion investment announced in December:

Taiwan Semiconductor Manufacturing Company (TSMC) board has approved a plan of capital injection of up to $3.5 billion to TSMC Arizona, the company said.

In December, the foundry behemoth announced its plans to open a second chip factory in Arizona, boosting its investment in the US threefold to $40 billion. This represented "the largest foreign direct investment in Arizona history and one of the largest foreign direct investments in the history of the United States," the company said.

The capital injection is part of the $40 billion investment announced in December.

"When complete, TSMC Arizona's two fabs will manufacture over 600,000 wafers per year, with estimated end-product value of more than US$40 billion," the company announced in its December statement.

TSMC's US investments are part of the chipmaker's strategic move to expand beyond Taiwan, due to the country's political tensions with China.

Last month, the company said it is considering opening its first plant in Europe and a second one in Japan. The Europe plant is likely to come up in the German city of Dresden.

Related: TSMC Triples Arizona Chip Plant Investment, Apple Confirms to Only Use Chips Made in the US

Original Submission

upstart writes:

Oh, Good: A Flying Robotic SPIDAR:

Robots with multimodal locomotion capability are almost always a compromise, because usually they're a hodgepodge of mobility systems that don't really work together. It'd be possible to make a legged robot fly by stapling a bunch of propellers to it, but at any given time, either the legs or the propellers are going to be mostly just awkward extra mass. Some robots make this compromise more elegantly than others, but it's still a compromise.

A new quadrupedal robot under development at the University of Tokyo called SPIDAR aims to minimize this compromise by combining legs and propellers and relying on that combination for both walking and flying locomotion: Instead of leg actuators, it's got vectorable leg thrusters that can both move leg joints individually and get the entire robot completely airborne.

SPIDAR, in what is perhaps one of the worst backronyms of all time, stands for "SPherIcally vectorable and Distributed rotors assisted Air-ground amphibious quadruped Robot." It is absolutely not a spider, since it has four legs rather than eight, but it does look sufficiently leggy to set off a similar squick response.

[...] Each of SPIDAR's limb sections has a spherically vectorable dual thruster attached. These thrusters can "roll" around the limb as well as rotating orthogonally to it, providing thrust in any direction. The joints do currently have small servos to actuate them a little bit, but this is mainly to simplify the dynamics of the system in order to run everything on board. The servos aren't strong enough to support the weight of the robot, and its mobility does depend primarily on the thruster system. In total, SPIDAR has eight links with 16 joints, and weighs in at a hefty 15 kilograms, which includes eight batteries distributed along the links. Total flight time is 9 minutes, and the robot can walk for more than double that.

Original Submission

An Anonymous Coward writes:

Australian science people and a bunch of teachers have discovered three new spider species in a remote alpine region. Given Australia has so many spiders, and indeed other deadly creatures, it is a wonder they look for more. One of the new spiders discovered is a 'jumping spider' that 'looks like a "liquorice-all-sort" and is a "ferocious hunter" that camouflages as a tree branch'. In typical Australian style, another looks like an eight eyed puppy. No, really.

Twenty scientists and teachers have travelled to the region near the border between Victoria and New South Wales on a 11-day 'Alpine Bush Blitz' to catalogue species and broadcast the expedition into Australian classrooms.

Three previously undescribed spider species were found by Museums Victoria Research Institute arachnologist Joseph Schubert who said he hoped to find more before the Blitz concludes.

[...] "Discovering and documenting undescribed species is crucial for their conservation and may prevent invisible species from becoming extinct.

"If a species is not known, it cannot be adequately protected."

A quote by an Australian minister in response to this find was that "Around three-quarters of Australia's biodiversity is still waiting to be discovered by science" which just makes Australia just that much more a joyful place to live (for the fauna).

Remind me, how exactly do Australians get through life without being eaten alive, poisoned, trapped or just killed by the wildlife?

Original Submission

owl writes:

Somewhat related to a recent journal article, this comes across the WSJ:

WSJ direct link

Archive line to above WSJ article

You can own a gadget, but its fate might well be controlled by the company that makes it.

In January, Arlo Technologies Inc. sent an email to customers of its internet-connected security cameras about a new "end-of-life policy." Starting April 1, the company would no longer support models that included no-fee seven-day rolling storage of video clips—a well-advertised selling point.

End-of-life policies for tech products are becoming more common. Apple Inc. and Samsung Electronics Co. have similar ones. But Arlo's abrupt announcement aggravated some customers. Forty days later, the company recanted, keeping the free video storage and extending software support.

[...] In late 2018, Ms. Clum spotted a five-pack of Arlo security cameras at Best Buy, with enticing offers printed on the packaging: "Including FREE cloud recording" and "With rolling seven days of FREE cloud recordings."

She purchased 30 cameras, totaling over $6,000, and spent hours wiring and mounting them throughout the kennel herself. Today, 26 are still running.

[...] This year, on New Year's Day, Ms. Clum received Arlo's email explaining that her five-year-old cameras would move to their "end-of-life stage" in April. Firmware updates, as well as the seven-day no-fee cloud storage benefit, would end. Instead, Arlo device owners could upgrade to one of the company's paid plans, starting at $13 a month or buy an add-on device to store videos.

PS - they recanted -- for now -- but how long do you expect it will be before they try all over again to EOL these cameras?

Previously: Arlo is Taking Away Security Camera Features You Paid for

Original Submission