SoylentNews

upstart writes:

Shell Recharge security lapse exposed EV drivers' data:

Security researcher Anurag Sen found a database online that contained close to a terabyte of logging data relating to Shell Recharge, the company's worldwide network of hundreds of thousands of electric vehicle charging stations, which it acquired in part from Greenlots in 2019. Greenlots provided electric vehicle (EV) charging services and technology for customers operating vehicle fleets.

The internal database, hosted on Amazon's cloud, contained millions of logs, said Sen, including details about customers who used the EV charging network. The database had no password, allowing anyone on the internet to access its data from their web browser.

The data, seen by TechCrunch, contained names, email addresses, and phone numbers of fleet customers who use the EV charging network. The database included the names of fleet operators, which identified organizations — such as police departments — with vehicles that recharge on the network. Some of the data included vehicle identification numbers, or VINs.

[...] Shell spokesperson Anna Arata told TechCrunch in a statement: "Shell has taken steps to contain and identify an exposure of Shell Recharge Solutions data. We are investigating the incident, continue to monitor our IT systems, and will take any necessary future actions accordingly."

Original Submission

Freeman writes:

https://arstechnica.com/gadgets/2023/06/autonomous-waymo-car-runs-over-dog-in-san-francisco/

One of Alphabet's Waymo autonomous cars has killed a pet dog. TechCrunch spotted the public report of the incident, which says one of the Waymo Jaguar I-Pace cars ran over a dog in San Francisco while in autonomous mode with a safety driver behind the wheel.

[...] On May 21 in San Francisco, a small dog ran in front of one of our vehicles with an autonomous specialist present in the driver's seat, and, unfortunately, contact was made. The investigation is ongoing, however the initial review confirmed that the system correctly identified the dog which ran out from behind a parked vehicle but was not able to avoid contact.

[...] The incident is Waymo's first reported fatality.

Original Submission

upstart writes:

Hackers can steal cryptographic keys by video-recording power LEDs 60 feet away:

Researchers have devised a novel attack that recovers the secret encryption keys stored in smart cards and smartphones by using cameras in iPhones or commercial surveillance systems to video record power LEDs that show when the card reader or smartphone is turned on.

The attacks enable a new way to exploit two previously disclosed side channels, a class of attack that measures physical effects that leak from a device as it performs a cryptographic operation. By carefully monitoring characteristics such as power consumption, sound, electromagnetic emissions, or the amount of time it takes for an operation to occur, attackers can assemble enough information to recover secret keys that underpin the security and confidentiality of a cryptographic algorithm.

As Wired reported in 2008, one of the oldest known side channels was in a top-secret encrypted teletype terminal that the US Army and Navy used during World War II to transmit communications that couldn't be read by German and Japanese spies. To the surprise of the Bell Labs engineers who designed the terminal, it caused readings from a nearby oscilloscope each time an encrypted letter was entered. While the encryption algorithm in the device was sound, the electromagnetic emissions emanating from the device were enough to provide a side channel that leaked the secret key.

Side channels have been a fact of life ever since, with new ones being found regularly. The recently discovered side channels tracked as Minerva and Hertzbleed came to light in 2019 and 2022, respectively. Minerva was able to recover the 256-bit secret key of a US-government-approved smart card by measuring timing patterns in a cryptographic process known as scalar multiplication. Hertzbleed allowed an attacker to recover the private key used by the post-quantum SIKE cryptographic algorithm by measuring the power consumption of the Intel or AMD CPU performing certain operations. Given the use of time measurement in one and power measurement in the other, Minerva is known as a timing side channel, and Hertzbleed can be considered a power side channel.

[...] Power LEDs are designed to indicate when a device is turned on. They typically cast a blue or violet light that vary in brightness and color depending on the power consumption of the device they are connected to.

Original Submission

hubie writes:

New hypothesis says it's to do with how they harden their shells:

Insects are some of the most successful organisms on the planet. They are said to make up the most biomass of all terrestrial animals and have a significant impact on the global ecosystem. However, their abundance is matched by their startling rarity in the sea. Very few insects call the sea home, even though their biological ancestors came from there. It is a pervading mystery of science, one which scientists have been trying to answer for many years.

Now, researchers from Tokyo Metropolitan University led by Assistant Professor Tsunaki Asano have proposed a solution based on evolutionary genetics. The latest in molecular phylogenetics has taught us that both crustaceans and insects are part of the same family, Pancrustacea, and that insects were a branch that left the sea and adapted to the land. They share an important feature, an exoskeleton consisting of a wax layer and hard cuticle. In previous work, the same team showed that when insects adapted to terrestrial environments, they evolved a unique gene that creates an enzyme called multicopper oxidase-2 (MCO2) that helps them harden their cuticles using oxygen. MCO2 mediates a reaction where molecular oxygen oxidizes compounds called catecholamines in the cuticle, turning them into agents that bind and harden the surface. This is in contrast to crustaceans who harden their cuticles using calcium from sea water instead. The team's claim is that this makes the land far more suitable for insects due to the abundance of oxygen. The sea is now a harsh environment due to both the lack of oxygen and the abundance of better adapted organisms.

takyon writes:

AMD Intros EPYC 97x4 "Bergamo" CPUs: 128 Zen 4c CPU Cores For Servers, Shipping Now

Kicking off a busy day of product announcements and updates for AMD's data center business group, this morning AMD is finally announcing their long-awaited high density "Bergamo" server CPUs. Based on AMD's density-optimized Zen 4c architecture, the new EPYC 97x4 chips offer up to 128 CPU cores, 32 more cores than AMD's current-generation flagship EPYC 9004 "Genoa" chips. According to AMD, the new EPYC processors are shipping now, though we're still awaiting further details about practical availability.

AMD first teased Bergamo and the Zen 4c architecture over 18 months ago, outlining their plans to deliver a higher density EPYC CPU designed particularly for the cloud computing market. The Zen 4c cores would use the same ISA as AMD's regular Zen 4 architecture – making both sets of architectures fully ISA compatible – but it would offer that functionality in a denser design. Ultimately, whereas AMD's mainline Zen 4 EPYC chips are designed to hit a balance between performance and density, these Zen 4c EPYC chips are purely about density, boosting the total number of CPU cores available for a market that is looking to maximize the number of vCPUs they can run on top of a single, physical CPU.

Additionally, AMD has launched Zen 4 Genoa-X Epyc CPUs, stacking a 3D V-Cache chiplet on each core chiplet. That means a total of 1152 MiB L3 cache for the 96-core model using 12 chiplets.

upstart writes:

US moves to block Microsoft's Activision takeover:

The US Federal Trade Commission (FTC) said the deal, which would be the largest in the history of the video games industry, could "substantially lessen competition" in the sector.

The move comes after the UK blocked the deal over concerns it would hurt competition, but the EU approved it.

A trial in the US will begin in August.

The FTC said in a court filing that a "preliminary injunction is necessary to... prevent interim harm" while the regulator determines whether "the proposed acquisition violates US antitrust law".

Microsoft's proposed takeover of Activision has split global regulators, and in order for the deal to go through the parties need approval from regulatory bodies in the UK, the EU and the US.

The European Commission has approved the acquisition, saying that Microsoft's offer of 10-year free licensing deals - which promise European consumers and cloud game streaming services access to Activision's PC and console games - mean there would be fair competition in the market.

But the UK's Competition and Markets Authority (CMA) blocked the deal in April, saying it was concerned the takeover would offer reduced innovation and less choice for gamers.

Microsoft and Activision hit out at the decision and said they would appeal.

Original Submission

upstart writes:

Big Leap for Hard Drive Capacities: 32 TB HAMR Drives Due Soon, 40TB on Horizon:

Offering a brief update on the future of hard drives, Seagate has shared some fresh insights concerning launch of its next generation hard drives featuring its heat-assisted magnetic recording (HAMR) technology. The company's initial commercial HAMR hard drive is set to offer a 32 TB capacity, presumably in the third quarter of 2023, but the new recording technology will enable a relatively quick capacity increase to 40 TB. Meanwhile, high-capacity HAMR HDDs will co-exist with yet-to-be-released 24 TB and 28 TB drives.

[...] "When you go to HAMR, our 32TB is based on 10 disks and 20 heads," said Gianluca Romano, Seagate's chief financial officer, at the Bank of America 2023 Global Technology Conference (via SeekingAlpha). "The following product will be a 36TB and will still be based on 10 disks and 20 heads. So, all the increase is coming through areal density. The following one, 40TB, still the same 10 disks and 20 heads. Also, the 50TB, we said at our earnings release, in our lab, we are already running individual disk at 5TB."

More about HAMR from Seagate.

Ed. Note: What's your biggest storage device? What technology does it use?

Original Submission

hubie writes:

Job seekers in the era of 'social impact framing' are afraid to ask for higher pay:

For many companies today, recruiting employees includes luring them with job postings that tout the organization's altruistic goals, such as to "make an impact" or fulfill a mission or purpose that benefits the greater good.

Appealing to job seekers' altruism isn't just for nonprofits anymore. Both for-profit and nonprofit organizations increasingly employ what has been termed "social impact framing" that emphasizes that their work has welfare benefits for society.

Although companies might have entirely noble intentions when using social impact framing, a recent study by Texas McCombs Assistant Professor of Management Insiya Hussain illustrates how it may work against prospective employees during salary negotiations. Specifically, job candidates exposed to such messaging feel it would be against company norms to ask for higher pay.

"This speaks to a broader social phenomenon about how we view money when it comes to doing good," Hussain says. "There's an implicit assumption that money and altruism don't mix. Money taints attempts to do good. Even if job candidates might not necessarily subscribe to this view, they're assuming that hiring managers will."

[...] The research suggests job applicants might experience a fearful thought process around salary: "I can't even ask. I feel like if I ask, it might be held against me or against the norms of the organization. It might be seen as greedy," Hussain says, paraphrasing the job seekers.

The researchers describe this attitude as a "self-censoring" effect, which Hussain says is a novel finding for research on social impact framing and wage demands. Prior work assumed that candidates sacrificed pay for meaningful work. Hussain and colleagues show this effect may be driven by job candidates feeling uncomfortable with such negotiation.

That mindset was true across the age spectrum and several industries, including education, financial services, food manufacturing, and health care — in both nonprofit and for-profit businesses.

[...] "Job seekers could consider whether companies that stress social impact take care of their own employees — financially or otherwise." Hussain says. "And, companies shouldn't assume that extrinsically motivated workers don't care about the job and aren't willing to work hard to perform well."

Journal Reference:
Insiya Hussain et al., Pay Suppression in Social Impact Contexts: How Framing Work Around the Greater Good Inhibits Job Candidate Compensation Demands, INFORMS, 2023. https://doi.org/10.1287/orsc.2023.1675

Original Submission

Progress is definitely being made, and the different paths are converging. We are not there yet, and there are probably still some significant hurdles to be overcome. There are 3 sides involved, the Board, kolie/replic8tor and the existing staff. NCommander (as the only Board member active on this site) is continuing with his work to containerise everything on the Linode servers. However, for the time being the Rehash repo doesn't always match up with what is actually running the site today. He has an end date in sight and kolie believes that he will 'probably' leave the community at some point, as yet undetermined.

The remaining 2 parties are in frequent discussion. The differences in approach are being identified and compromises on both sides being made where necessary. Yesterday (Tues 13 Jun) a bug appeared on the user comment preferences page. Why it suddenly appeared is anybody's guess. But both kolie and the sysop team set to together to try to resolve it. What became apparent during that session, which will probably resume some time today, is that both sides could better understand the other's position. I will not go into details of where compromises have been made as I do not think that is constructive at this stage - but they are being made. There is a recognition that some of the staff have perfectly acceptable reasons for having shell access to complete their normal voluntary roles, despite NCommander's statement to the contrary.

There is a problem with communication still. I do not think that this is obstructive but represents a different appreciation of the problems we face and what information we each seek from the other. It is not yet overcome but things are slowly getting better. As I speak, there is no increased risk to the safety of your personal information, and that should not change in the future. We have to take statements at face value and accept what is being said to a certain degree, and we are still being wary of what each other means by specific statements. The usual openness of this site and its community is not something that everyone understands at first, and we each come with very different experiences and backgrounds.

acid andy writes:

https://phys.org/news/2023-06-humans-strict-lockdown-wild-mammals.html

At one point in 2020, 4.4 billion people—more than half of the world's population—were under lockdown restrictions to stem the spread of COVID-19. This was such a sudden and substantial event that it has become known as the anthropause.

[...] It was around this time when people started to report animals appearing in unusual places. For example, cougars were seen prowling through the suburbs of Santiago, Chile, golden jackals became more active during the day in Tel Aviv, Israel, and dolphins appeared in the normally busy harbor of Trieste, Italy.

[...] A group of animal movement researchers came together in 2020 and formed the COVID-19 Bio-Logging Initiative, which I joined in 2021.

The initiative includes researchers who were already studying animals before the pandemic, and who were using bio-logging devices, such as GPS tags, to record animal movements.

[...] By pooling data from over 2,300 individual tracked mammals, from 43 species including elephants, giraffes, bears, deer and cougars, we were able to look at how their behavior and movement patterns changed during the lockdowns in 2020 compared to the same period one year earlier.

[...] We found that mammals were 36% closer to roads during lockdown, and that their movement distances over ten days were 73% longer during strict lockdowns compared to the same period one year earlier. It may be that mammals ventured closer to roads with reduced levels of traffic, while the absence of humans in the environment may have allowed them to explore new areas.

[...] These findings are important as they tell us that humans moving in the environment directly influence animal movements and behavior, in addition to the effects of the built environment. With this knowledge we can start to think of new ways to change our behavior that will positively impact wildlife. For example, we could adjust traffic flows in areas important for animal movement—in some national parks you can only drive during the day to avoid disturbing animals at night.

upstart writes:

It's a tantalizing possibility:

You probably think of the Earth's Moon as a dead husk, void of life.

But NASA says the astronauts who are scheduled to touch down on the surface of the Moon as soon as late 2025 — if everything goes according to plan, an increasingly significant "if" — might not be the first organisms in town, Space.com reports.

"One of the most striking things our team has found is that, given recent research on the ranges in which certain microbial life can survive, there may be potentially habitable niches for such life in relatively protected areas on some airless bodies," Prabal Saxena, a planetary researcher at NASA's Goddard Space Flight Center, told the site.

Said microbial life could be harbored by the lunar south pole's permanently shadowed craters. In particular, Saxena wonders whether life forms that originated on Earth may have survived the journey there.

[...] While experts have pointed out that organic molecules could very well have made their way through space via meteors, there's no guarantee microbes could survive the trip.

There's also another possibility: that humans left microbes on the Moon last time were there (or when a failed lunar lander splattered a bunch of hardy tardigrades on its surface in 2019, for that matter).

"We view humans as the most likely vector [of microbes] given the extensive data that we have about our history of exploration and the impact record as a second, albeit less influential, early terrestrial source," NASA Goddard organic geochemist Heather Graham told Space.com.

Also at Space.com

Original Submission

hubie writes:

OSU research shows how hackers can target smart meters to destabilize electricity grid:

A power transmission grid can be destabilized by hackers who manipulate smart meters to create an oscillation in electricity demand, researchers in the Oregon State University College of Engineering have shown.

[...] A smart meter is a digital device that collects electricity usage data and sends it to a local utility through a telecommunications connection. The meters can help customers learn more about their electricity use, and they can also be used to remotely shut off customers' power, such as in the case of unpaid bills.

Like circuit breakers in a household panel, power grid components can "trip" and shut off when demand, or load, is too high or problematic for some other reason. The result is load being passed on to other parts of the grid network, which may also shut down, creating the possibility of a domino effect that can lead to a blackout.

[...] One of the types of attacks made possible by the new technologies involves hacking into the advanced metering infrastructure, often abbreviated as AMI, and controlling the smart meter switches to cause load oscillations.

"Imagine calling everyone you know and saying, 'OK, at 6 p.m. we are all going to turn the lights on," Cotilla-Sanchez said. "Even if you got a couple thousand people to do that, it would be unlikely to cause much instability because the grid is able to absorb fairly big changes in supply and demand – for example solar panels at the end of the day do not produce electricity and we are able to anticipate and compensate for that.

"But if a person were to remotely coordinate a large number of smart meters to switch customers on and off at a particular frequency, that would be a problem."

acid andy writes:

https://www.popularmechanics.com/science/a44128093/what-caused-iowa-apartment-collapse/

The exterior center section of a 100-year-old, six-story building in Davenport, Iowa collapsed on May 29, leaving its apartment interiors exposed to the elements and three people dead. In its previous life, the Renaissance Revival-style brick-and-steel structure was listed on the National Register of Historic Places.

[...] Some residents said they had been experiencing water damage, and several tenants were afraid of the building collapsing. One resident said her bathroom caved in last December.

[...] Inspectors and a private-sector structural engineer discovered on May 23 that the brick façade, painted scarlet red in recent years, was separated from the interior wall and appeared "ready to fall imminently," according to a CNN article about the report. The interior wall was losing stability and causing deformation. A beam possibly bearing down on the affected wall needed a steel column for extra support, the structural engineer recommended. City inspectors took photos on May 25 showing a void between the façade and interior wall; the gap contained crumbled bricks.

Bricks were falling off the building's facade as early as August 2020, so the sidewalk around this area was closed, according to an analysis by The Architect's Newspaper.

"The collapsed wall is the only wall that was painted, and while the brick was clearly damaged prior to this painting, many types of paint that are not breathable can trap moisture in brick," the newspaper reported.

Moisture normally passes through a building's walls. Bricks are like sponges; their porous structure is great at both absorbing water and drying out completely. However, if moisture beneath the brick surface is unable to evaporate—say, because it hits a layer of paint—then the water builds up. Eventually, water erodes brick over a period of years. "Painting over brick is essentially a death sentence for brick," according to McGill Restoration, a repair and restoration company based in Nebraska.

Original Submission

upstart writes:

Man's WW2 codebook unearths St Erth's 'best-kept secret':

Mike Griffiths unearthed the secret existence of the MI6 outstation in St Erth when his late father, Harry Griffiths, left him his code book. He has revealed the role his father and others played in providing intelligence for code-breakers at Bletchley Park. Mr Griffiths said he "couldn't be prouder" of what his father achieved.

The St Erth Radio Security Service Station - which Mr Griffiths said had about 100 employees - was a secret to anyone outside the village, but to those who lived there, it was common knowledge.

"It was quite remarkable," Mr Griffiths said. He added: "I think almost if you like, the boundary of the village, the secret didn't go beyond the boundary of the village."

[...] Mr Griffiths, who lives in Plymouth, said one of the main roles of the station was to listen to the German Secret Service discussing major military campaigns and building a "complete picture of the German war machine".

He said: "At the end of the war, when the German officers were being interrogated, they were staggered by how much the British actually knew. "They knew more about the German war machine than the Germans did themselves - quite staggering."

Harry Griffiths worked at the listening station from 1939 to 1946, when he was in his late twenties. He was recruited because of his aptitude with Morse code.

[...] He described the listening station as "the ears" of Bletchley Park in Milton Keynes, known as the home of the codebreakers.

His son said: "They were being told, home in on this particular agent, wherever they are in Europe, home in on these and find out who they're talking to."

[...] He said his advice to others was to ask their loved ones about their memories while they still could. "I would urge you, if you know somebody who went through the war, sit down with them, make a cup of tea, buy a bun - a saffron bun preferably, talk to them and say 'right actually, what did you do?', because I so wish I'd talked to him about it," Mr Griffiths said, about his late father.

Original Submission

Freeman writes:

https://arstechnica.com/apple/2023/06/apple-has-a-proton-like-game-porting-toolkit-for-getting-windows-games-on-mac/

There was so much packed into Apple's WWDC presentation Monday that it's hard to believe there are still major pieces of it left to uncover. And yet, as part of a developer presentation, Apple has quietly announced what could be major news for PC games on Mac hardware—its own SteamOS-like Windows compatibility initiative, but for millions of Apple Silicon Macs instead of Steam Decks.

"Bring your game to Mac" is laid out over three videos covering a game controller guide, a Game Porting Toolkit (Apple developers only), and a converter for making games' shaders work with Apple's Metal hardware acceleration API. Apple claims you "have everything you need to deliver an amazing gaming experience" with Apple-Silicon-based Macs and that its toolkit provides "an emulation environment to run your existing, unmodified Windows game."
[...]
At the core of Apple's Game Porting Toolkit is CodeWeavers' open source code for CrossOver. CodeWeavers writes on its site that the company is "ecstatic" that Apple "is recognizing that Wine is a fantastic solution for running Windows games on MacOS." CodeWeavers "did not work with Apple on this tool, but we would be delighted to work with any game developers" who want to work with the company's PortJump team to refine their Windows-to-Mac translation.

Original Submission