SoylentNews

upstart writes:

Subsurface tactile tomography can detect details beneath a material's surface:

The human fingertip is an exquisitely sensitive instrument for perceiving objects in our environment via the sense of touch. A team of Chinese scientists has mimicked the underlying perceptual mechanism to create a bionic finger with an integrated tactile feedback system capable of poking at complex objects to map out details below the surface layer, according to a recent paper published in the journal Cell Reports Physical Science.

"We were inspired by human fingers, which have the most sensitive tactile perception that we know of," said co-author Jianyi Luo of Wuyi University. "For example, when we touch our own bodies with our fingers, we can sense not only the texture of our skin, but also the outline of the bone beneath it. This tactile technology opens up a non-optical way for the nondestructive testing of the human body and flexible electronics."

[...] When we touch something with our fingers, the skin experiences mechanical deformation such as compression or stretching, which triggers mechanoreceptors to send out electrical impulses. These impulses travel through the central nervous system to the brain's somatosensory cortex. The brain integrates those electrical impulses to identify the features of the object that we touch. That tactile feedback enables us to recognize a material's shape, surface texture, and stiffness or softness.

The smart bionic finger mimics this feedback system. A metallic cylinder mounted on top of the finger serves as the contact tip, while carbon-fiber beams serve as tactile mechanoreceptors (the sensing unit). These are connected to a signal-processing module. The finger "scans" the target object's surface by periodically applying pressure, akin to a poke or a prod. This compresses the carbon fibers, and how much the material compresses conveys information about its relative stiffness or softness. That information, along with where on the surface it was recorded, is then sent to a computer, which translates the data into a 3D map.

Journal Reference:
Yizhou Li, Zhiming Chen, Youbin Chen, et al., A smart bionic finger for subsurface tactile tomography [open], Cell Rep, 4, 2, 2023. (DOI: 10.1016/j.xcrp.2023.101257)

Original Submission

upstart writes:

NASA's NuSTAR Observatory Pinpoints Hottest Spots on the Sun:

Every day, astronomers learn more about the stars spread around the cosmos, but there's still plenty to learn about the star closest to Earth. NASA has released a new composite image of the Sun featuring data from the NuSTAR space telescope. It reveals some of the hottest areas of the Sun, which may help scientists unravel a stellar mystery that has remained unsolved for decades.

[...] NASA believes the NuSTAR data could help scientists understand why the Sun's corona is so hot. While the Sun's surface is a toasty 5,500 degrees Celsius, the corona reaches scorching temperatures of more than 1 million degrees Celsius. The Sun's heat radiates out from the core, so no one is certain how the star's atmosphere ends up so much hotter than the surface. Solar flares don't happen often enough to keep the corona so hot, but nanoflares might be the key. That's what you're seeing in the blue regions above.

Individual nanoflares, small eruptions originating deep inside the Sun, are too faint compared with the blazing brightness of the Sun to appear in today's instruments. However, NuSTAR can detect the high-energy output when multiple nanoflares occur close together. This could help physicists determine how often nanoflares happen and how much energy they release.

NuSTAR mosaic image

Original Submission

upstart writes:

Suggest fundamental semiconductor physics research is needed if China is to build viable local industry:

China's Academy of Science has offered a blueprint to create a semiconductor industry that circumvents the USA's bans on exports of technology to the Middle Kingdom.

In an article from the Proceedings of the Chinese Academy of Sciences titled "Strengthening the construction of basic semiconductor capabilities and lighting the 'beacon' of semiconductor self-reliance and self-improvement, academicians Luo Junwei and Li Shushen argue that all China needs to do is research the right topics, find the talent to do that research, commercialise their work and then sit back and enjoy the benefits of home-grown silicon.

There's a bit more to it than that, of course: the authors identify existing patent portfolios as a barrier to Chinese chip tech, because building and designing with existing techniques will by necessity mean using of protected intellectual property.

The pair therefore call for Chinese semiconductor policy to "Vigorously promote the spirit of scientists pursuing originality, and resist low-level repetitive follow-up research." Instead, [they] want original research, if only to match efforts they've observed in the US, South Korea, and elsewhere, in pursuit of innovations that go beyond well-understood semiconductor physics.

The pair also want physical infrastructure to support researchers, and for academic career paths to reward the long efforts required to produce published work on semiconductor innovations.

upstart writes:

Researchers disagree on how to define burnout. Helping people cope at work still matters:

When New Zealand Prime Minister Jacinda Ardern, who garnered international praise for how she handled the pandemic in her country, recently announced her intention to resign, here's how she summed up her surprise decision: "I know what the job takes, and I know that I no longer have enough in the tank to do it justice."

Social scientists and journalists worldwide largely interpreted Ardern's words in her January 19 speech as a reference to burnout.

"She's talking about an empty tank," says Christina Maslach, a psychological researcher who has been interviewing and observing workers struggling with workplace-related distress for decades. In almost 50 years of interviews, says Maslach of the University of California, Berkeley, "that phrase [has come] up again and again and again."

Numerous studies and media reports suggest that burnout, already high before the pandemic, has since skyrocketed worldwide, particularly among workers in certain professions, such as health care, teaching and service. The pandemic makes clear that the jobs needed for a healthy, functioning society are burning people out, Maslach says.

But disagreement over how to define and measure burnout is pervasive, with some researchers even questioning if the syndrome is simply depression by another name. Such controversy has made it difficult to estimate the prevalence of burnout or identify how to best help those who are suffering.

upstart writes:

It's unclear if the two lawmakers know what messenger RNA is exactly:

Two Republican lawmakers in Idaho have introduced a bill that would make it a misdemeanor for anyone in the state to administer mRNA-based vaccines—namely the lifesaving and remarkably safe COVID-19 vaccines made by Pfizer-BioNTech and Moderna. If passed as written, it would also preemptively ban the use of countless other mRNA vaccines that are now in development, such as shots for RSV, a variety of cancers, HIV, flu, Nipah virus, and cystic fibrosis, among others.

The bill is sponsored by Sen. Tammy Nichols of Middleton and Rep. Judy Boyle of Midvale, both staunch conservatives who say they stand for freedom and the right to life. But their bill, HB 154, proposes that "a person may not provide or administer a vaccine developed using messenger ribonucleic acid [mRNA] technology for use in an individual or any other mammal in this state." If passed into law, anyone administering lifesaving mRNA-based vaccines would be guilty of a misdemeanor, which could result in jail time and/or a fine.

While presenting the bill to the House Health & Welfare Committee last week, Nichols said their anti-mRNA stance stems from the fact that the COVID-19 vaccines were initially allowed under emergency use authorizations (EUAs) from the Food and Drug Administration, not the agency's full regulatory approval. "We have issues that this was fast-tracked," she told fellow lawmakers, according to reporting from local news outlet KXLY.com.

The EUAs for the two mRNA-based COVID-19 vaccines were issued in December 2020, and the FDA has subsequently granted full approval to both (Pfizer-BioNTech's in August 2021 and Moderna's in January 2022). This was pointed out to Nichols in the hearing last week.

upstart writes:

A touchscreen that's always clean:

Touchscreens are a growing part of daily life. Not just on our phones and tablets but laptops, refrigerators, cars, and more. These days, more vehicles are coming with giant touchscreens replacing every button or dial. Eventually, everything will be a dusty screen covered with fingerprints.

The patent, spotted by AutoEvolution, is a "self-cleaning system for displays using light emitting diodes emitting invisible violet light." The idea is pretty technical, but it's essentially a regular display with some extra elements to handle dirty jobs.

Most LED screens have red, green, and blue (RGB) colored pixels, which display everything we see. However, GM's system utilizes a fourth invisible "ultraviolet" pixel. Then, GM would equip screens with a transparent photocatalyst layer that absorbs and interacts with those violet pixels and creates a chemical reaction.

That chemical reaction does several different things, including adding some moisture, then drying out the screen's surface and cleaning it of dirt, dust, debris, fingerprints, grease, and more. If this sounds familiar, a similar technology is available for self-cleaning solar panels.

Original Submission

The Supreme Court Battle for Section 230 Has Begun

upstart writes:

The future of recommendation algorithms could be at stake:

The first shots have been fired in a Supreme Court showdown over web platforms, terrorism, and Section 230 of the Communications Decency Act. Today, the Supreme Court will hear oral arguments in Gonzales v. Google — one of two lawsuits that are likely to shape the future of the internet.

Gonzalez v. Google and Twitter v. Taamneh are a pair of lawsuits blaming platforms for facilitating Islamic State attacks. The court's final ruling on these cases will determine web services' liability for hosting illegal activity, particularly if they promote it with algorithmic recommendations.

The Supreme Court took up both cases in October: one at the request of a family that's suing Google and the other as a preemptive defense filed by Twitter. They're two of the latest in a long string of suits alleging that websites are legally responsible for failing to remove terrorist propaganda. The vast majority of these suits have failed, often thanks to Section 230, which shields companies from liability for hosting illegal content. But the two petitions respond to a more mixed 2021 opinion from the Ninth Circuit Court of Appeals, which threw out two terrorism-related suits but allowed a third to proceed.

Gonzalez v. Google claims Google knowingly hosted Islamic State propaganda that allegedly led to a 2015 attack in Paris, thus providing material support to an illegal terrorist group. But while the case is nominally about terrorist content, its core question is whether amplifying an illegal post makes companies responsible for it. In addition to simply not banning Islamic State videos, the plaintiffs — the estate of a woman who died in the attack — say that YouTube recommended these videos automatically to others, spreading them across the platform.

Google has asserted that it's protected by Section 230, but the plaintiffs argue that the law's boundaries are undecided. "[Section 230] does not contain specific language regarding recommendations, and does not provide a distinct legal standard governing recommendations," they said in yesterday's legal filing. They're asking the Supreme Court to find that some recommendation systems are a kind of direct publication — as well as some pieces of metadata, including hyperlinks generated for an uploaded video and notifications alerting people to that video. By extension, they hope that could make services liable for promoting it.

fliptop writes:

Under the fluorescent lights of a fifth grade classroom in Lexington, Kentucky, Donnie Piercey instructed his 23 students to try and outwit the "robot" that was churning out writing assignments:

The robot was the new artificial intelligence tool ChatGPT, which can generate everything from essays and haikus to term papers within seconds. The technology has panicked teachers and prompted school districts to block access to the site. But Piercey has taken another approach by embracing it as a teaching tool, saying his job is to prepare students for a world where knowledge of AI will be required.

"This is the future," said Piercey, who describes ChatGPT as just the latest technology in his 17 years of teaching that prompted concerns about the potential for cheating. The calculator, spellcheck, Google, Wikipedia, YouTube. Now all his students have Chromebooks on their desks. "As educators, we haven't figured out the best way to use artificial intelligence yet. But it's coming, whether we want it to or not."

The article goes on to describe different exercises Piercey uses and comments from other teachers who are using ChatGPT to enhance their lessons.

[...] The fifth graders seemed unaware of the hype or controversy surrounding ChatGPT. For these children, who will grow up as the world's first native AI users, their approach is simple: Use it for suggestions, but do your own work.

Previously:

• Seattle Public Schools Bans ChatGPT; District 'Requires Original Thought and Work From Students'
• ChatGPT Arrives in the Academic World

Original Submission

upstart writes:

Rather than match iOS's tracking limits, Google built an additional tracking system:

Apple blew up the advertising market in 2020 when it gave tracking an opt-in feature on iOS. Since then, Google—the world's biggest advertiser—has been slow to roll out its solution for Android and Chrome. The idea that Google has come up with is called the "Privacy Sandbox," which sounds like a good thing, but it's a new tracking system for Android and Chrome. Once that is up and running, only then does Google say it will start blocking existing tracking methods like third-party cookies.

[...] Privacy Sandbox, on Chrome and Android, tracks users by interest groups rather than individually, which Google claims is a privacy improvement. Android will soon build an advertising profile of you, and the user interface will let you block "interests" you don't want to see ads for. There's an off switch and a list of apps that plug into the new tracking system—presumably anything using a new build of the Google Ads API.

[...] The "Privacy Sandbox" on Chrome has at least some roundabout argument for improving privacy, since Google claims it will one day block third-party tracking cookies in Chrome once the system rolls out. On Android, the Privacy Sandbox tracking is in addition to all the usual individual tracking methods; it's not being pitched as an alternative to anything. The Privacy Sandbox on Android is toothless, and Google has no plans to reduce tracking on Android. The company said last year: "We plan to support existing ads platform features for at least two years, and we intend to provide substantial notice ahead of any future changes." So even in the best-case scenario, Google has no plans to answer iOS's 2020 tracking reduction until at least 2024.

Original Submission

upstart writes:

Leaving a trail of stars and excited gas after its passage:

Supermassive black holes (SMBH) are some of the most extreme phenomena populating the universe. They usually reside at the center of their host galaxies, but sometimes they can be ejected from their place to start a solitary pilgrimage through the void of deep space.

By observing an unexpected trail in the gas cloud surrounding a dwarf galaxy, an international team of researchers has now found what they consider a potential candidate for a "runaway supermassive black hole" phenomenon. The light emitted by the gargantuan astronomical object traveled more than 7.5 billion years before reaching planet Earth, and it was seemingly traveling at 1,600 kilometers per second.

[...] In their paper, the researchers are offering some explanations about how a SMBH can leave its galactic center to start wandering through the universe. When a pair of galaxies merge, the paper explains, the two SMBH at their centers form a binary system with the two extreme objects orbiting the gravity center of the new formation for potentially billions of years.

If a third SMBH enters the system, the new complex interaction can lead to a slingshot effect through which one of the black hole cores gets ejected and sent toward outer space. Even without a third SMBH, the galaxy merger could be violent and extreme enough to eventually kick one of the two SMBH nuclei out.

The trail of gas and new stars observed with the Hubble Space Telescope could have other explanations, the researchers concede. However, based on the small number of papers previously written on the topic, they think a rogue SMBH could be the best theory for the observed phenomenon. This kind of research would also benefit from "further theoretical work," the researchers say.

arXiv paper

Original Submission

upstart writes:

Competitor markets working to replace Hydra's money-laundering services for cybercriminals:

During the first few months of 2022, business was booming at Hydra Marketplace, the premiere Dark Web destination for cybercrime money laundering and selling narcotics and other illegal goods and services.

In fact, until its takedown in April 2022, Hydra owned a full 93% of all illicit underground economic activities.

[...] Fast forward 10 months after the demise of Russian-based Hydra, and the Dark Web marketplace ecosystem is still struggling to recover. Namely, it's been tough to replicate or replace Hydra's money-laundering services for cybercriminals.

[...] So far, no other marketplace has been able to dominate the Dark Web market like Hydra did in its heyday.

[...] Mounting struggles in the darknet ecosystem present an enormous opportunity to absorb Hydra's user base and reign the underground supreme. But the key to attracting users to these platforms is providing cryptocurrency and fiat currency-laundering services, the research shows.

[...] Dark Web marketplaces are evolving into financial services providers for cybercriminals, Jardine says.

"With Hydra and the evolution of money-laundering services as a feature of the darknet market ecosystem, a number of new financial motivations come into play," Jardine says. "Previous markets, such as Silk Road, largely connected buyers and sellers of drugs, but providing money laundering and fiat currency off-ramp services to cybercriminals ties darknet markets more to the ebb and flow of ransomware and cybercrime than had previously been the case."

Original Submission

upstart writes:

The change comes after early beta testers of the chatbot found that it could go off the rails and discuss violence, declare love, and insist that it was right when it was wrong:

Microsoft's Bing AI chatbot will be capped at 50 questions per day and five question-and-answers per individual session, the company said on Friday.

In a blog post earlier this week, Microsoft blamed long chat sessions of over 15 or more questions for some of the more unsettling exchanges where the bot repeated itself or gave creepy answers.

[...] Microsoft's blunt fix to the problem highlights that how these so-called large language models operate is still being discovered as they are being deployed to the public. Microsoft said it would consider expanding the cap in the future and solicited ideas from its testers. It has said the only way to improve AI products is to put them out in the world and learn from user interactions.

Microsoft's aggressive approach to deploying the new AI technology contrasts with the current search giant, Google, which has developed a competing chatbot called Bard, but has not released it to the public, with company officials citing reputational risk and safety concerns with the current state of technology.

Journalist says he had a creepy encounter with new tech that left him unable to sleep:

New York Times technology columnist Kevin Roose has early access to new features in Microsoft's search engine Bing that incorporates artificial intelligence. Roose says the new chatbot tried to get him to leave his wife.

See also: Bing's AI-Based Chat Learns Denial and Gaslighting

Original Submission

hubie writes:

New study suggests Mayas utilized market-based economics:

More than 500 years ago in the midwestern Guatemalan highlands, Maya people bought and sold goods with far less oversight from their rulers than many archeologists previously thought.

That's according to a new study in Latin American Antiquity that shows the ruling K'iche' elite took a hands-off approach when it came to managing the procurement and trade of obsidian by people outside their region of central control.

[...] While there are extensive written records from the Maya Postclassic Period (1200-1524 AD) on political organization, much less is known about how societal elites wielded economic power. Horowitz set out to address this knowledge gap for the K'iche' by examining the production and distribution of obsidian artifacts, which are used as a proxy by archeologists to determine the level of economic development in a region.

She performed geochemical and technological analysis on obsidian artifacts excavated from 50 sites around the K'iche' capital of Q'umarkaj and surrounding region to determine where the raw material originally came from and techniques of its manufacture.

[...] "For a long time, there has been this idea that people in the past didn't have market economies, which when you think about it is kind of weird. Why wouldn't these people have had markets in the past?" she said. "The more we look into it, the more we realize there were a lot of different ways in which these peoples' lives were similar to ours."

Journal Reference:
Horowitz, R. (2022). Economic Integration and Obsidian Consumption in the Late Postclassic Period K'iche' Region. Latin American Antiquity, 1-19. doi:10.1017/laq.2022.79

Original Submission

upstart writes:

Majority of Ransomware Attacks Last Year Exploited Old Bugs:

Many vulnerabilities that ransomware operators used in 2022 attacks were years old and paved the way for the attackers to establish persistence and move laterally in order to execute their missions.

The vulnerabilities, in products from Microsoft, Oracle, VMware, F5, SonicWall, and several other vendors, present a clear and present danger to organizations that haven't remediated them yet, a new report from Ivanti revealed this week.

Ivanti's report is based on an analysis of data from its own threat intelligence team and from those at Securin, Cyber Security Works, and Cyware. It offers an in-depth look at vulnerabilities that bad actors commonly exploited in ransomware attacks in 2022.

Ivanti's analysis showed that ransomware operators exploited a total of 344 unique vulnerabilities in attacks last year—an increase of 56 compared to 2021. Of this, a startling 76% of the flaws were from 2019 or before. The oldest vulnerabilities in the set were in fact three remote code execution (RCE) bugs from 2012 in Oracle's products: CVE-2012-1710 in Oracle Fusion middleware and CVE-2012-1723 and CVE-2012-4681 in the Java Runtime Environment.

Srinivas Mukkamala, Ivanti's chief product officer, says that while the data shows ransomware operators weaponized new vulnerabilities faster than ever last year, many continued to rely on old vulnerabilities that remain unpatched on enterprise systems.

"Older flaws being exploited is a by-product of the complexity and time-consuming nature of patches," Mukkamala says. "This is why organizations need to take a risk-based vulnerability management approach to prioritize patches so that they can remediate vulnerabilities that pose the most risk to their organization."

Among the vulnerabilities that Ivanti identified as presenting the greatest danger were 57 that the company described as offering threat actors capabilities for executing their entire mission. These were vulnerabilities that allow an attacker to gain initial access, achieve persistence, escalate privileges, evade defenses, access credentials, discover assets they might be looking for, move laterally, collect data, and execute the final mission.

canopic jug writes:

OpenBSD developer, Florian Obser, has written a detailed post on privilege drop, privilege separation, and restricted-service operating mode in OpenBSD. The BSD-derived operating project, OpenBSD, has been at the forefront of mitigation techniques, for decades now. Florian discusses what OpenBSD has now, and how it got there and provides examples.

Prologue

My main focus in OpenBSD are privilege separated network daemons running in restricted-service operation mode. I gave talks at BSDCan and FOSDEM in the past about how I used these techniques to write slaacd(8) and unwind(8). While I do not think of myself as a one-trick pony, I have written some more: slowcgi(8), rad(8), dhcpleased(8), and gelatod(8). I also wrote the first version of what later turned into resolvd(8).

At one point I claimed that it would take me about a week to transmogrify one daemon into a new one.

Why

Privilege drop, privilege separation, and restricted-service operating mode are exploit mitigations. When¹ an attacker finds a bug we try to stop them from causing damage. The mitigations we are talking about here are aimed at attackers that achieved arbitrary code execution. Due to other mitigations that is quite difficult to pull off. These are the last line of defence. We try to remove as many resources from the attacker to play with and try to crash the program as quickly as possible if an attacker touches something they are not supposed to.

Previously:
(2022) Fuzzing Ping(8) ... and Finding a 24 Year Old Bug
(2021) Recent and Not So Recent Changes in OpenBSD That Make Life Better
(2018) OpenBSD Chief De Raadt Says No Easy Fix For New Intel CPU Bug
(2017) Kernel Address Randomized Link in OpenBSD
(2014) Bob Beck gives a 30-day status update on LibreSSL

And many more.

Original Submission