SoylentNews

looorg writes:

AARO (All-domain Anomaly Resolution Office) have released a report on the most common UFO observation spots going back 27 years. So what happened 28 years ago?

Also there seems to be a band around the earth where they appear to like to visit. Japan, Saudi Arabia, northern Florida, California, Arizona and Nevada.

The most common shape are various forms of round shapes such as orbs, spheres and circles.

No info on which alien type, what they are doing here or what they like for dinner and entertainment -- but from previous news/stories/eyewitnesses I guess they are into probing and BBQ.

https://www.aaro.mil/
https://www.telegraph.co.uk/world-news/2023/09/04/japan-hotspot-ufos-pentagon-website/

Original Submission

NASA Finally Admits What Everyone Already Knows: SLS is Unaffordable

Freeman writes:

https://arstechnica.com/space/2023/09/nasa-finally-admits-what-everyone-already-knows-sls-is-unaffordable/

In a new report, the federal department charged with analyzing how efficiently US taxpayer dollars are spent, the Government Accountability Office, says NASA lacks transparency on the true costs of its Space Launch System rocket program.

Published on Thursday, the new report (see .pdf) examines the billions of dollars spent by NASA on the development of the massive rocket, which made a successful debut launch in late 2022 with the Artemis I mission. Surprisingly, as part of the reporting process, NASA officials admitted the rocket was too expensive to support its lunar exploration efforts as part of the Artemis program.

"Senior NASA officials told GAO that at current cost levels, the SLS program is unaffordable," the new report states.
[...]
NASA recently said that it is working with the primary contractor of the SLS rocket's main engines, Aerojet, to reduce the cost of each engine by 30 percent, down to $70.5 million by the end of this decade.

However, NASA's inspector general, Paul Martin, said this claim was dubious. According to Martin, when calculating the projected cost savings of the new RS-25 engines, NASA and Aerojet only included material, engineering support, and touch labor, while project management and overhead costs are excluded.

And even at $70.5 million, these engines are very, very far from being affordable compared to the existing US commercial market for powerful rocket engines. Blue Origin manufactures an engine of comparable power and size, the BE-4, for less than $20 million. And SpaceX is seeking to push the similarly powerful Raptor rocket engine costs even lower, to less than $1 million per engine.

FAA grounds Starship until SpaceX takes 63 'corrective actions'

Arthur writes:

Arthur T Knackerbracket has processed the following story:

"The vehicle’s structural margins appear to be better than we expected," SpaceX CEO Elon Musk joked with reporters in the wake of the late April test launch. Per the a report from the US Fish and WIldlife Service, however, the failed launch resulted in a 385-acre debris field that saw concrete chunks flung more than 2,600 feet from the launchpad, a 3.5-acre wildfire and "a plume cloud of pulverized concrete that deposited material up to 6.5 miles northwest of the pad site.”

"Corrective actions include redesigns of vehicle hardware to prevent leaks and fires, redesign of the launch pad to increase its robustness, incorporation of additional reviews in the design process, additional analysis and testing of safety critical systems and components including the Autonomous Flight Safety System, and the application of additional change control practices," the FAA release reads. Furthermore, the FAA says that SpaceX will have to not only complete that list but also apply for and receive a modification to its existing license "that addresses all safety, environmental and other applicable regulatory requirements prior to the next Starship launch." In short, SpaceX has reached the "finding out" part.

[...] "SpaceX is also implementing a full suite of system performance upgrades unrelated to any issues observed during the first flight test," the blog reads. Those improvements include a new hot-stage separation system which will more effectively decouple the first and second stages, a new electronic "Thrust Vector Control (TVC) system" for its Raptor heavy rockets, and "significant upgrades" to the orbital launch mount and pad system which just so happened to have failed in the first test but is, again, completely unrelated to this upgrade. Whether those improvements overlap with the 63 that the FAA is imposing, could not be confirmed at the time of publication as the FAA had not publically released them.

Original Submission

fliptop writes:

A buzzy startup offering financial infrastructure to crypto companies has found itself bankrupt primarily because it can't gain access to a physical crypto wallet with $38.9 million in it. The company also did not write down recovery phrases, locking itself out of the wallet forever in something it has called "The Wallet Event" to a bankruptcy judge:

Prime Trust pitches itself as a crypto fintech company designed to help other startups offer crypto retirement plans, know-your-customer interfaces, ensure liquidity, and a host of other services. It says it can help companies build crypto exchanges, payment platforms, and create stablecoins for its clients. The company has not had a good few months. In June, the state of Nevada filed to seize control of the company because it was near insolvency. It was then ordered to cease all operations by a federal judge because it allegedly used customers' money to cover withdrawal requests from other companies.

The company filed for bankruptcy, and, according to a filing by its interim CEO, which you really should read in full, the company offers an "all-in-one solution for customers that remains unmatched in the marketplace." A large problem, among more run-of-the-mill crypto economy problems such as "lack of operational and spending oversight" and "regulatory issues," is the fact that it lost access to a physical wallet it was keeping a tens of millions of dollars in, and cannot get back into it.

"In March of 2018, the Company created cold-storage wallets for purposes of maintaining cryptocurrency assets that included ETH, BTC, and ERC-20 compliant cryptocurrencies," the company wrote in its filing. It called one of these wallets the "98f Wallet," because its address ended in "98f."

"To enhance security, the Company set up the 98f Wallet so that those who can 'sign' (i.e., approve) transactions would need to be in physical possession of hand-held Trezor or Ledger hardware devices," the filing says.

The filing then states that, if the wallet is lost, most users create "seed phrases" that serve as backup codes that allow people to get into the wallet virtually: "Many users store seed phrases on hard copies of handwritten paper, images, and pictures. If a user loses both the hardware device and the seed phrases, it is virtually impossible for that user to regain access to the digital wallet."

You can probably see where this is going.

Originally spotted on Schneier on Security.

Original Submission

NotSanguine writes:

Ars Technica is reporting on the dismissal of a lawsuit against YouTube by one of its "content creators."

From the Ars Technica piece:

A prominent anti-vaccine activist, Joseph Mercola, yesterday lost a lawsuit attempting to force YouTube to provide access to videos that were removed from the platform after YouTube banned his channels.

Mercola had tried to argue that YouTube owed him more than $75,000 in damages for breaching its own user contract and denying him access to his videos. However, in an order dismissing Mercola's complaint, US magistrate judge Laurel Beeler wrote that according to the contract Mercola signed, YouTube was "under no obligation to host" Mercola's content after terminating his channel in 2021 "for violating YouTube's Community Guidelines by posting medical misinformation about COVID-19 and vaccines."

"The court found no breach because 'there is no provision in the Terms of Service that requires YouTube to maintain particular content' or be a 'storage site for users' content,'" Beeler wrote.

Because Mercola's contract with YouTube was found to be enforceable and "YouTube had the discretion to take down content that harmed its users," Beeler said that Mercola did not plausibly plead claims for breach of contract or unjust enrichment.

Mercola's complaint was dismissed without leave to amend.
[...]
In his complaint, Mercola described himself as "a board-certified physician and leader in the field of natural health" who "was an early user of YouTube and began sharing video content in or around 2005, the year YouTube was founded."

Freeman writes:

https://arstechnica.com/information-technology/2023/09/ai-generated-child-sex-imagery-has-every-us-attorney-general-calling-for-action/

On Wednesday, American attorneys general from all 50 states and four territories sent a letter to Congress urging lawmakers to establish an expert commission to study how generative AI can be used to exploit children through child sexual abuse material (CSAM). They also call for expanding existing laws against CSAM to explicitly cover AI-generated materials.

"As Attorneys General of our respective States and territories, we have a deep and grave concern for the safety of the children within our respective jurisdictions," the letter reads. "And while Internet crimes against children are already being actively prosecuted, we are concerned that AI is creating a new frontier for abuse that makes such prosecution more difficult."

In particular, open source image synthesis technologies such as Stable Diffusion allow the creation of AI-generated pornography with ease, and a large community has formed around tools and add-ons that enhance this ability. Since these AI models are openly available and often run locally, there are sometimes no guardrails preventing someone from creating sexualized images of children, and that has rung alarm bells among the nation's top prosecutors. (It's worth noting that Midjourney, DALL-E, and Adobe Firefly all have built-in filters that bar the creation of pornographic content.)

"Creating these images is easier than ever," the letter reads, "as anyone can download the AI tools to their computer and create images by simply typing in a short description of what the user wants to see. And because many of these AI tools are 'open source,' the tools can be run in an unrestricted and unpoliced way."

As we have previously covered, it has also become relatively easy to create AI-generated deepfakes of people without their consent using social media photos.

Original Submission

DannyB writes:

Employees report a rare round of layoffs at Jeff Bezos' Blue Origin space venture

Several employees at Kent, Wash.-based Blue Origin are reporting that they've been laid off, marking a rare turnabout in the rapid growth of Jeff Bezos' space venture.

The reduction in force appears to be focused in the areas of human resources and talent acquisition [ . . . . ]

[ . . . . ] it looked as if "some (but not all) folks were given the opportunity to find another role" within the privately held company.

[ . . . . ] The company's workforce tally was less than 1,000 as recently as 2018. Two years ago, that count was reported at nearly 4,000 employees, and the figure rose to 6,000 by July 2022. Blue Origin's current number of employees — including workers in Kent as well as in Alabama, California, Florida, Texas, the Washington, D.C., area and other locales — is said to have hit nearly 11,000.

[ . . . . ] Blue Origin is continuing to hire employees for other types of jobs, primarily in technical fields.

Blue Origin needs to produce their BE-4 engine in volume and reusable. Their New Glenn rocket needs that engine and ULA's Vulcan Centaur rocket needs that same engine.

Original Submission

Arthur T Knackerbracket has processed the following story:

Microsoft is alerting users and system administrators that Windows will soon phase out support for older TLS specifications. TLS 1.0 and TLS 1.1 will be disabled in upcoming Windows releases, as announced in the Windows message center. This change is only for future versions of Windows and newer Windows 11 releases, as indicated by Redmond. It applies to both client and server editions, but current versions of Windows will remain unaffected.

[...] TLS 1.0 (introduced in 1999) and TLS 1.1 (introduced in 2006) have long been outperformed by TLS 1.2 and 1.3. Modern internet software's TLS implementations are engineered to attempt a connection using the highest available protocol version. Data indicates that the usage of TLS 1.0 and 1.1 is relatively low currently. Microsoft is evidently striving to enhance the security of the Windows platform by promoting the adoption of contemporary protocols.

Consequently, starting with the Windows 11 Insider Preview builds set for release in September 2023, TLS versions 1.0 and 1.1 will be disabled by default. This change will also be seen in Windows 12 and subsequent versions. Microsoft has conducted tests on TLS deprecation and identified a "non-exhaustive" list of applications that are dependent on TLS 1.0 or 1.1. This list features older versions of SQL Server, Turbo Tax, BlueStacks, ACDSee Photo Studio, among others.

Microsoft clarified that most contemporary applications support TLS 1.2 or higher versions, so the majority of users should face no issues. However, if an application does encounter problems, forthcoming updates for Windows 11 and Windows 12 will offer an option to reactivate the older protocols through a modification to the System Registry.

Original Submission

Freeman writes:

https://arstechnica.com/cars/2023/09/connected-cars-are-a-privacy-nightmare-mozilla-foundation-says/

Today, the Mozilla Foundation published its analysis of how well automakers handle the privacy of data collected by their connected cars, and the results will be unlikely to surprise any regular reader of Ars Technica. The researchers were horrified by their findings, stating that "cars are the worst product category we have ever reviewed for privacy."
[...]
For example, Nissan's privacy policy says it can collect "sensitive personal information, including driver's license number, national or state identification number, citizenship status, immigration status, race, national origin, religious or philosophical beliefs, sexual orientation, sexual activity, precise geolocation, health diagnosis data, and genetic information," although it's unlikely your car knows whether you're getting busy in the back seat. While this might be technically possible with a car fitted with a camera-based driver-monitoring system, Nissan's privacy policy notes the data source for the quoted paragraph as "direct contact with users and Nissan employees."

(Although more sophisticated driver-monitoring systems that claim to detect emotional states have been demonstrated at shows like CES, we're unaware of any that are in production.)

Mozilla found plenty more to worry about. Eighty-four percent of the brands they analyzed said they can share your data, and 76 percent said they can sell it. And more than half say they'll share data with the government and law enforcement by request.

Original Submission

Arthur T Knackerbracket has processed the following story:

The Screen Actors Guild – American Federation of Television and Radio Artists has authorized its members employed in the interactive media industry at giant games studios – including Activision, Epic Games, and Electronic Arts – to strike.

[...] In its announcement, Guild president Fran Drescher said AI is partly to blame for the impasse. The statement explains that plenty of work covered by the Interactive Media Agreement is "performance capture" in which artists, some of them stunt performers, "provide digitally captured performances used to give expressive movement to video game characters."

Using AI to replace those performances "poses an enormous threat to these artists' professions," the Guild asserts.

[...] The Guild wants AI protections for its members, and an initial wage rise of 11 percent dated to the expiration of the current deal, plus four percent increases in the second and third years of a new deal. The Guild argues those hikes are "necessary for members' wages to keep up with inflation."

Authorizing the strike doesn't mean it will happen – the Guild's announcement simply means members head into their next round of negotiations, from late September, with approval to withdraw labor.

A representative of the games companies whose staff could strike told CNN the outfits she represents want to reach a fair deal that reflects the value Guild workers bring to games – and sort it out soon.

[...] The concurrent strikes by actors and writers are already kicking holes in broadcasters' and streamers' schedules. Some shows have been suspended indefinitely and others – like the planned Apple TV series Metropolis, based on the classic sci-fi film – have been cancelled outright.

If games suffer the same fate, that could make for a poor holiday season – the peak sales period for game publishers – if not this year, then perhaps in 2024 given the long development cycle required to produce premium games.

Original Submission

Arthur T Knackerbracket has processed the following story:

The risk of running obsolete code and hardware was highlighted after attackers exfiltrated data from a UK supplier of high-security fencing for military bases. The initial entry point? A Windows 7 PC.

While the supplier, Wolverhampton-based Zaun, said it believed that no classified information was downloaded, reports indicated that attackers were able to obtain data that could be used to gain access to some of the UK's most sensitive military and research sites.

The LockBit Ransom group conducted the attack on the company's network, and Zaun admitted the group may have exfiltrated 10GB of data. The company also confessed that the attack might have reached its server beyond the Windows 7 entry point.

[...] Zaun specializes in high-security perimeter fencing. It isn't a government-approved security contractor, although is approved for government use via the Centre for the Protection of National Infrastructure (CPNI). The fact it has fallen victim to a cyberattack and had data downloaded is a reminder for enterprises and organizations to be vigilant regarding every link in the supply chain.

The company boasts: "All our fencing systems can be designed and manufactured with a wide variety of security additions, including toppings and detection technology to complete your perimeter." Unless, it appears, your perimeter is running some distinctly outdated kit.

[...] Paul Brucciani, Cyber Security Advisor at WithSecure, noted the success of LockBit, saying: "The significance of this attack is that by undermining IT security, it is also possible to undermine the physical security of its [the supplier] customers."

Original Submission

Arthur T Knackerbracket has processed the following story:

It seems intuitive that forests would provide better habitat for forest-dwelling wildlife than farms. Yet, in one of the longest-running studies of tropical wildlife populations in the world, Stanford researchers found that over 18 years, smaller farms with varying crop types—interspersed with patches or ribbons of forest—sustain many forest-dependent bird populations in Costa Rica, even as populations decline in forests.

In a paper published Sept. 4 in the Proceedings of the National Academy of Sciences, Nicholas Hendershot and colleagues compared trends in specific bird populations across three landscape types in Costa Rica: forests, diversified farms, and intensive agriculture.

The steepest declines were found in forests, then in intensive agriculture (and the species succeeding in intensive agriculture were often invasive). But on diversified farms, a significant subset of bird species typically found in forests, including some of conservation concern, actually increased over time.

"Birds are kind of a proxy we use to track the health of ecosystems. And the birds we're seeing today aren't the same as we saw 18 to 20 years ago. This paper really documents this pattern," said Hendershot, a postdoctoral fellow at the time of this research in Stanford's Department of Biology in the School of Humanities and Sciences (H&S), the Stanford Center for Conservation Biology (CCB), and the Stanford-based Natural Capital Project (NatCap).

While this research implies that diversified farming could be key for biodiversity, the relationship goes both ways: biodiversity is key for food security. In this case, that means having a variety of types of birds feeding on insects and helping to pollinate crops.

Arthur T Knackerbracket has processed the following story:

Gigabyte has released new firmware and an updated version of the Gigabyte Control Center (GCC) software for the company's Intel motherboards to solve a peculiar bug that corrupts the SPD (serial presence detect) on DDR5 memory modules. Fortunately, the issue only affects the information on the SPD and will not damage the integrity of the memory modules.

There were some user reports on the Baidu Tieba community in China about persistent memory issues with Gigabyte motherboards based on Intel's 600- and 700-series chipsets. After a month of usage, one user stated how his Z790 Aorus Elite AX motherboard stopped detecting one of the DDR5 memory modules. When he finally got it to recognize the memory module, it was showing as having a capacity of 384GB, which was hilarious and scary at the same time. Later, one of the memory kit's XMP profiles disappeared, and then the DDR5-6000 profile had its timings replaced to 1-36-104-194. According to the user, he had replaced the "faulty" memory times, but the outcome was the same. The problem was erratic. Sometimes, it would present itself after a month, sometimes after a week, or after a couple of days.

Another Gigabyte motherboard owner reported similar behaviors on his system. He constantly suffered from system crashes and noted that after one of the incidents, his memory lost the AMD EXPO profile. In another episode, the motherboard corrupted the DDR5-6800 XMP profile with ludicrous timings, such as 34-153-0-0.

The Chinese netizens had labeled the problem as the notorious "burning memory issue" because, at first, many thought that Gigabyte motherboards were burning up and killing the DDR5 memory modules since the system got to a point where it wouldn't boot properly. It may sound like an overreaction at the time, but luckily, the issue only botches the memory timings and not the DRAM voltage. If it did, the result would have been different. As per Gigabyte, the memory should be fine. It's just that the SPD is messed up, and obviously, the wrong parameters prevent the system from posting correctly.

[...] Gigabyte advises its Intel 600- and 700-series motherboard owners to update their motherboard's firmware and GCC to the latest versions to prevent the issue.

[...] If you own an Intel 600- or 700-series motherboard from Gigabyte, don't forget to bring your firmware and GCC to the latest versions to avoid headaches.

Original Submission

Freeman writes:

https://arstechnica.com/tech-policy/2023/09/apple-details-reasons-to-abandon-csam-scanning-tool-more-controversy-ensues/

In December, Apple said that it was killing an effort to design a privacy-preserving iCloud photo scanning tool for detecting child sexual abuse material (CSAM) on the platform. Originally announced in August 2021, the project had been controversial since its inception. Apple first paused it that September in response to concerns from digital rights groups and researchers that such a tool would inevitably be abused and exploited to compromise the privacy and security of all iCloud users. This week, a new child safety group known as Heat Initiative told Apple that it is organizing a campaign to demand that the company "detect, report, and remove" child sexual abuse material from iCloud and offer more tools for users to report CSAM to the company.

Today, in a rare move, Apple responded to Heat Initiative, outlining its reasons for abandoning the development of its iCloud CSAM scanning feature and instead focusing on a set of on-device tools and resources for users known collectively as "Communication Safety" features.
[...]
In 2021, Thorn lauded Apple's plan to develop an iCloud CSAM scanning feature. Gardner said in an email to CEO Tim Cook on Wednesday, which Apple also shared with WIRED, that Heat Initiative found Apple's decision to kill the feature "disappointing."
[...]
Apple maintains that, ultimately, even its own well-intentioned design could not be adequately safeguarded in practice, and that on-device nudity detections for features like Messages, FaceTime, AirDrop, the Photo picker are a safer alternatives. Apple has also begun offering an application programming interface (API) for its Communication Safety features so third-party developers can incorporate them into their apps. Apple says that the communication platform Discord is integrating the features and that app makers broadly have been enthusiastic about adopting them.

Original Submission

Freeman writes:

https://arstechnica.com/information-technology/2023/09/ai-took-my-job-literally-gizmodo-fires-spanish-staff-amid-switch-to-ai-translator/

Last week, Gizmodo parent company G/O Media fired the staff of its Spanish-language site Gizmodo en Español and began to replace their work with AI translations of English-language articles, reports The Verge.

Former Gizmodo writer Matías S. Zavia publicly mentioned the layoffs, which took place via video call on August 29, in a social media post. On August 31, Zavia wrote, "Hello friends. On Tuesday they shut down @GizmodoES to turn it into a translation self-publisher (an AI took my job, literally)."

Previously, Gizmodo en Español had a small but dedicated team who wrote original content tailored specifically for Spanish-speaking readers, as well as producing translations of Gizmodo's English articles. The site represented Gizmodo's first foray into international markets when it launched in 2012 after being acquired from Guanabee.

Newly published articles on the site now contain a link to the English version of the article and a disclaimer stating (via our translation from Google Translate), "This content has been automatically translated from the source material. Due to the nuances of machine translation, there may be slight differences. For the original version, click here."

Original Submission

hubie writes:

In politics, tailored ads make sense, but with real limits to the tailoring:

Recent U.S. elections have raised the question of whether "microtargeting," the use of extensive online data to tailor persuasive messages to voters, has altered the playing field of politics.

Now, a newly-published study led by MIT scholars finds that while targeting is effective in some political contexts, the "micro" part of things may not be the game-changing tool some have assumed.

"In a traditional messaging context where you have one issue you're trying to convince people on, we found that targeting did have a substantial persuasive advantage," says David Rand, an MIT professor and co-author of the study.

Indeed, the study found that tailoring political ads based on one attribute of their intended audience — say, party affiliation — can be 70 percent more effective in swaying policy support than simply showing everyone the single ad that is expected to be most persuasive across the entire population. But targeting political ads using multiple attributes — for instance, ideology, age, and moral values — did not add any further benefit, in the study.
[...] Political microtargeting became the subject of extended attention after the 2016 U.S. elections, when it became widely known that the firm Cambridge Analytica had used data from Facebook to craft highly targeted messages to voters. What scholars have found less clear since then is: Did those ads work?

[...] "There has been a lot of speculation about the promises and perils of microtargeting for the functioning of our democratic system," Berinsky says. "Our study allows us to evaluate in a rigorous way the potential impact of political microtargeting in the real world."