SoylentNews

upstart writes:

I received the new gene-editing drug for sickle cell disease. It changed my life.:

I'd lived with sickle cell my whole life—experiencing chronic pain, organ damage, and hopelessness. To me, this opportunity meant finally taking control of my life and having the opportunity to be a present father.

The drug I received, called exa-cel, could soon become the first CRISPR-based treatment to win approval from the US Food and Drug Administration, following the UK's approval in mid-November. I'm one of only a few dozen patients who have ever taken it. In late October, I testified in favor of approval to the FDA's advisory group as it met to evaluate the evidence. The agency will make its decision about exa-cel no later than December 8.

[...] I feel very fortunate to have received exa-cel, but undergoing the treatment itself was an intense, monthslong journey. Doctors extracted stem cells from my own bone marrow and used CRISPR to edit them so that they would produce healthy hemoglobin. Then they injected those edited stem cells back into me.

It was an arduous process, from collecting the stem cells, to conditioning my body to receive the edited cells, to the eventual transplant. The collection process alone can take up to eight hours. For each collection, I sat next to an apheresis machine that vigorously separated my red blood cells from my stem cells, leaving me weakened. In my case, I needed blood transfusions after every collection—and I needed four collections to finally amass enough stem cells for the medical team to edit.

KritonK writes:

As reported on the Vivaldi browser blog:

Just when you thought the Do-Not-Track (DNT) privacy setting was gathering dust, a court in Berlin, Germany decided to exhume it. The Berlin Regional court ruled in favor of the Federation of German Consumer Organization (Verbraucherzentrale Bundesverband, vzbv), in their lawsuit against LinkedIn for ignoring users who had enabled 'Do-Not-Track' in their browsers. According to the German judge, companies must respect DNT settings under the General Data Protection Regulation or GDPR.

Different from the highly intrusive, often full-screen, GDPR consent pop-ups that need to be addressed on each website you visit, DNT is a single setting in your web browser that works across all websites.

In a time where your every click is often scrutinized for data collection or targeted ads, DNT puts the power of privacy back in your hands. With this privacy flag, you're able to browse the web on your terms while not having to worry about who gets access to your personal information in the process.

Ideally, websites should only prompt for permissions contextually. For instance, it makes sense to ask for permissions to share data with YouTube when you click play on an embedded YouTube video. Also, well-designed websites would ideally host videos themselves or use embedding services that offer more control over privacy and data collection than Google and its services.

Also, DNT does have its limitations because of its voluntary nature because at the end of the day, websites can choose whether or not to respect your request. It creates a scenario similar to having a 'Keep Out' sign – some will respect the warning and others will ignore it.

However, in light of the recent ruling in the Berlin Regional Court against LinkedIn, this is a huge turning point in the DNT initiative. This means LinkedIn can no longer ignore its users' tracking preferences.

This ruling potentially creates a legal implication that a DNT signal is legally binding and must be respected by websites.

Original Submission

Freeman writes:

https://arstechnica.com/tech-policy/2023/12/us-regulators-will-now-have-access-to-years-of-binance-transaction-data/

One attraction of Binance, as the company grew from its 2017 founding into the biggest cryptocurrency exchange in the world, was the firm's freewheeling flouting of rules. As it amassed well over 100 million crypto-trading users globally, it openly told the United States government that, as an offshore operation, it didn't have to comply with the country's financial regulations and money-laundering laws.

Then, late last month, those years of brushing off US regulators caught up with the company in the form of one the most punitive money-laundering criminal settlements in the history of the US Justice Department.
[...]
When the Department of Justice announced on November 21 that Binance's executives had agreed to plead guilty to criminal money-laundering charges, much of the attention on that settlement focused on founder Changpeng Zhao giving up his CEO role and on the company's record-breaking $4.3 billion fine. But Binance's settlement agreements with the DOJ and the US Treasury Department also stipulate a strict new regime of data-sharing with law enforcement and regulators.
[...]
Digital civil liberties nonprofit the Electronic Frontier Foundation, too, has historically called on cryptocurrency exchanges to stop giving up users' transaction data to law enforcement and regulators without notifying those users. Now, the Binance settlement would create perhaps the most extreme case yet of that crypto exchange data-sharing, giving the US government wholesale access to the records of a crypto hub that at some points processed billions of transactions a day.
[...]
US law enforcement has proven that even troves of exchange data that lack users' names can nonetheless be highly revealing of their financial history—especially in combination with blockchain data and information from other exchanges that usually do comply with know-your-customer laws. In the case of the Welcome to Video child sexual abuse materials dark-web site in 2017, for instance, one alleged abuser was identified and arrested after his email address was tied to an account on the cryptocurrency exchange BTC-e, which authorities had seized months earlier.

In another case, BTC-e's data allowed IRS criminal investigators to identify a hacker who had taken nearly 70,000 bitcoins from the Silk Road dark-web drug market—worth more than $3 billion today—and then track them down and seize the funds.

Original Submission

Arthur T Knackerbracket has processed the following story:

The CRA was proposed by the European Commission in September 2022 and imposes mandatory cyber security requirements for all hardware and software products – from baby monitors to routers, as the EU Commission put it.

Once in force, which will happen 20 days after its adoption by Parliament and the Council, the CRA will require hardware and software makers to meet some intimidating targets. Included in the rule is a 24-hour disclosure period for any newly-discovered security flaw under active exploitation, five years of security patch support, thorough documentation of all security features, and more.

Manufacturers, importers and distributors will have 36 months to adopt the requirements or face fines up to €15 million or 2.5 percent of total worldwide annual turnover.

While better security is all well and good, concerns have been raised over the potential effect the CRA could have on open source software, which is often maintained by few people despite the importance it can often have to larger products. Open source maintainers may find it hard to meet short deadlines for patches, documentation and disclosure.

Fears over the CRA were voiced as recently as October, when it was apparent that the Commission had largely ignored the open source community as it finalized the Act.

Luckily, the latest version of the CRA appears to address those concerns.

"In order not to hamper innovation or research, free and open source software developed or supplied outside the course of a commercial activity should not be covered by this Regulation," the proposed version of the CRA reads.

"We have ensured support for micro and small enterprises and better involvement of stakeholders, and addressed the concerns of the open source community," lead member of the European parliament (MEP) Nicola Danti explained regarding the CRA agreement. "Only together will we be able to tackle successfully the cyber security emergency that awaits us in the coming years."

Original Submission

DannyB writes:

SpaceX acquires parachute supplier

A federal bankruptcy court in Florida approved an agreement Nov. 22 whereby SpaceX would acquire Pioneer Aerospace for $2.2 million. The deal was first reported by The Information.

[....] Connecticut-based Pioneer has developed parachutes for space and other applications for decades. That work ranged from parafoils developed in the 1960s for potential use on Gemini spacecraft to parachutes flown on Mars lander missions and the OSIRIS-REx sample return capsule. It also supplied drogue chutes for SpaceX's Crew Dragon and its cargo variant.

[....] One industry source, speaking on background, said the deal was likely an effort to preserve SpaceX's supply chain, speculating that the cost to acquire Pioneer out of bankruptcy may have been less than what SpaceX would have spent on finding a new drogue chute supplier and requalifying that component for use on crewed missions.

Both SpaceX and Boeing, the other company with a NASA commercial crew contract, struggled to develop parachutes for their spacecraft, suffering test setbacks at times. Even after entering service, there were incidents such as "lagging" parachutes that opened later than expected but did not jeopardize safety.

"Parachutes turned out to be way harder than we thought," said Phil McAlister, director of the commercial spaceflight division at NASA Headquarters [....]

Will Boeing have to pull strings to get parachutes from Pioneer Aerospace, or will their efforts fall flat?

Original Submission

canopic jug writes:

Several sites are reporting on the 40^th anniversary of Turbo Pascal.

At the vintage computing web blog, Byte Cellar:

November marked the 40th anniversary of Turbo Pascal, the first Integrated Development Environment (or IDE), which allowed a user to quickly and easily write a program in the Pascal programming language and see it compiled and linked — all in one go — with an executable dropped to disk at the end. Much simpler a process than the traditional model of programming in a text editor, using a compiler to convert the source into object code (often over several passes), and running a linker to integrate any required libraries, Turbo Pascal was friendly, fast, and cheap. Created by Anders Hejlsberg, the development package was released by Borland in November 1983 at a price of $49.99 for both CP/M and DOS-based systems.

Created by Niklaus Wirth in 1970, Pascal is a small and efficient procedural programming language that is easy to use and, thanks to its structured programming nature, was often employed as a language for learning programming concepts at a level higher than traditional, early BASIC. It is in this capacity that I had my first hands-on experiences with the language in an A.P. Computer Science class I took in high school during the late ’80s. Here, at its 40th anniversary, I thought I would share some memories I have with Turbo Pascal.

— Thinking Back on 'Turbo Pascal' as It Turns 40

And over at The Register:

Arthur T Knackerbracket has processed the following story:

The CRA was proposed by the European Commission in September 2022 and imposes mandatory cyber security requirements for all hardware and software products – from baby monitors to routers, as the EU Commission put it.

Once in force, which will happen 20 days after its adoption by Parliament and the Council, the CRA will require hardware and software makers to meet some intimidating targets. Included in the rule is a 24-hour disclosure period for any newly-discovered security flaw under active exploitation, five years of security patch support, thorough documentation of all security features, and more.

Manufacturers, importers and distributors will have 36 months to adopt the requirements or face fines up to €15 million or 2.5 percent of total worldwide annual turnover.

While better security is all well and good, concerns have been raised over the potential effect the CRA could have on open source software, which is often maintained by few people despite the importance it can often have to larger products. Open source maintainers may find it hard to meet short deadlines for patches, documentation and disclosure.

[...] "We have ensured support for micro and small enterprises and better involvement of stakeholders, and addressed the concerns of the open source community," lead member of the European parliament (MEP) Nicola Danti explained regarding the CRA agreement. "Only together will we be able to tackle successfully the cyber security emergency that awaits us in the coming years."

Original Submission

canopic jug writes:

Retired self-proclaimed ordinary guy Bryce Wray has written an analysis of the situation with Mozilla's Firefox, the tipping point it is rapidly approaching, and the factors behind it heading towards that tipping point as it descends towards 2%. The U.S. Web Design System (USWDS) guides those building US government web sites, but the influence extends much further in practice:

With such a continuing free-fall, Firefox is inevitably nearing the point where USWDS will remove it, like Internet Explorer before it, from the list of supported browsers.

"So what?" you may wonder. "That's just for web developers in the U.S. government. It doesn't affect any other web devs."

Actually, it very well could. Here's how I envision the dominoes falling:

1. Once Firefox slips below the 2% threshold in the government's visitor analytics, USWDS tells government web devs they don't have to support Firefox anymore.
2. When that word gets out, it spreads quickly to not only the front-end dev community but also the corporate IT departments for whom some web devs work. Many corporations do a lot of business with the government and, thus, whatever the government does from an IT standpoint is going to influence what corporations do.
3. Corporations see this change as an opportunity to lower dev costs and delivery times, in that it provides an excuse to remove some testing (and, in rare cases, specific coding) from their development workflow.²

. . . and just like that, in less time than you might think, Firefox — the free/open-source browser that was supposed to save the world from the jackboots of Internet Explorer (which had killed Firefox's ancestor, Netscape Navigator) — is reduced to permanent status as a shrinking part of the fractured miscellany that litters the bottom of browser market-share charts.

It also matters a lot in another way because without push back, due to either lack of will or lack of ability, there is not a counter balance to Google's Chromium / Chrome and thus the web has started to become[sic] under full control of a single entity, and a[sic] one which is a corporation at that.

For those that have been following the saga, the CEO of Mozilla Corporation has maneuvered the once great browser from being a major presence to being barely a statistical error in market share. During that time Mozilla has also shifted from having a diverse funding base to being more or less fully financially dependent on its most serious competitor, Google.

Previously:

SN has covered various aspects of Mozilla a lot in the past.

Original Submission

upstart writes:

Tesla whistleblower casts doubt on car safety:

A former Tesla employee has told the BBC he believes the technology powering the firm's self-driving vehicles is not safe enough to be used on public roads.

Lucasz Krupski leaked data, including customer complaints about Tesla's braking and self-driving software, to German newspaper Handelsblatt in May.

He said attempts to highlight his concerns internally had been ignored.

Tesla did not respond to requests for comment.

Elon Musk, the chief executive of Tesla, has championed its self-driving technology.

"Tesla has by far the best real-world AI," Mr Musk said in a post on X, formerly Twitter, on Saturday.

But, in his first UK interview, Mr Krupski told the BBC's technology editor, Zoe Kleinman, he was concerned about how AI was being used - to power Tesla's autopilot service.

Its autopilot feature, for example, includes assisted steering and parking - but, despite its name, it does still require someone in the driver's seat with their hands on the wheel.

"I don't think the hardware is ready and the software is ready," he said.

"It affects all of us because we are essentially experiments in public roads. So even if you don't have a Tesla, your children still walk in the footpath."

fliptop writes:

Hackers have been able to gain access to personal information from about 6.9 million users of genetic testing company 23andMe, using customers' old passwords:

In some cases this included family trees, birth years and geographic locations, the company said.

After weeks of speculation the firm has put a number on the breach, with more than half of its customers affected.

The stolen data does not include DNA records.

[...] As was first reported by Tech Crunch, the company has acknowledged that by accessing those accounts, hackers were then able to find their way into "a significant number of files containing profile information about other users' ancestry".

The criminals downloaded not just the data from those accounts but the private information of all other users they had links to across the sprawling family trees on the website.

The stolen data includes information like names, how each person is linked and in some cases birth years, locations, pictures, addresses and the percentage of DNA shared with relatives.

I'm with Bill Burr on this.

See also: 23andMe Says Private User Data is Up for Sale After Being Scraped

Original Submission

fliptop writes:

One of the oldest distinctions in information access is between searching and browsing. Does a user initiate an information-seeking journey by typing keywords into a search box, or by browsing a category hierarchy?

Search vs. browse is a false dichotomy, since users employ both strategies to achieve highly overlapping goals. For example, a user looking for men's shoes on an ecommerce site can either type the query "mens shoes" into the search box or browse through the category hierarchy.

In fact, the strategies that users employ often depend as much on application design as on their personal preferences. A larger, more prominent search box encourages search, while a more prominent link to to view the category hierarchy encourages browse. Autocomplete design can have a big impact too — particularly the decision of whether or not to present category browse pages as autocomplete suggestions. Also, some applications redirect common keyword queries to browse pages.

So we should not assume that users set out to search vs. browse.

The author explains how it's important to focus on the user's intent while supporting their journey, concluding with:

One of the worse consequences of the sharp distinction between search and browse is that two different teams tend to be responsible for them — and sometimes those teams even compete for glory and resources. Remember: it's not about you or your organization. It's about helping users find what they are looking for. So make sure that your org structure, analytics, and other internal processes don't get in the way of helping your users achieve their goals — through search, browse, or both.

See also: How to Satisfy User intent for Search vs. Browse

Original Submission

In the early days of autonomous driving development, there was some press about researchers using the "trolley problem" (kill one person "on purpose" vs "do nothing" and kill many) to think about how robot cars should work. Now researchers at North Carolina State U have broken that big moral question down into smaller, more mundane pieces, in an attempt to see what ordinary human drivers think and do. Press release at: https://www.autonomousvehicleinternational.com/news/adas/ncsu-researchers-ditch-the-trolley-problem-to-help-autonomous-vehicles-make-moral-decisions.html and full paper at https://link.springer.com/article/10.1007/s00146-023-01813-y

... "The typical situation comprises a binary choice for a self-driving car between swerving left, hitting a lethal obstacle, or proceeding forward, hitting a pedestrian crossing the street. However, these trolley-like cases are unrealistic. Drivers have to make many more realistic moral decisions every day. Should I drive over the speed limit? Should I run a red light? Should I pull over for an ambulance?"
[...]
"For example, if someone is driving 20mph over the speed limit and runs a red light, then they may find themselves in a situation where they have to either swerve into traffic or get into a collision. There's currently very little data in the literature on how we make moral judgments about the decisions drivers make in everyday situations."

To address that lack of data, the researchers developed a series of experiments designed to collect data on how humans make moral judgments about decisions that people make in low-stakes traffic situations. The researchers created seven different driving scenarios, such as a parent who has to decide whether to violate a traffic signal while trying to get their child to school on time. Each scenario is programmed into a virtual reality environment, so that study participants engaged in the experiment have audiovisual information about what drivers are doing when they make decisions, rather than simply reading about the scenario.

For this work, the researchers built on something called the Agent Deed Consequence (ADC) model, which posits that people take three things into account when making a moral judgment: the agent, which is the character or intent of the person who is doing something; the deed, or what is being done; and the consequence, or the outcome that resulted from the deed.

Researchers created eight different versions of each traffic scenario, varying the combinations of agent, deed and consequence. For example, in one version of the scenario where a parent is trying to get the child to school, the parent is caring, brakes at a yellow light, and gets the child to school on time. In a second version, the parent is abusive, runs a red light, and causes an accident. The other six versions alter the nature of the parent (the agent), their decision at the traffic signal (the deed), and/or the outcome of their decision (the consequence).

To date they have done small pilot studies, next is a much larger study with thousands of human subjects.

Do we want robot cars to make the same routine decisions that some average human makes? I think it's a given that following some traffic rules (eg, speed limit) to the letter is likely to foul up traffic in many situations. How about in other situations?

Original Submission

upstart writes:

IBM releases first-ever 1,000-qubit quantum chip:

IBM has unveiled the first quantum computer with more than 1,000 qubits — the equivalent of the digital bits in an ordinary computer. But the company says it will now shift gears and focus on making its machines more error-resistant rather than larger.

For years, IBM has been following a quantum-computing road map that roughly doubled the number of qubits every year. The chip unveiled on 4 December, called Condor, has 1,121 superconducting qubits arranged in a honeycomb pattern. It follows on from its other record-setting, bird-named machines, including a 127-qubit chip in 2021 and a 433-qubit one last year.

Quantum computers promise to perform certain computations that are beyond the reach of classical computers. They will do so by exploiting uniquely quantum phenomena such as entanglement and superposition, which allow multiple qubits to exist in multiple collective states at once.

But these quantum states are also notoriously fickle, and prone to error. Physicists have tried to get around this by coaxing several physical qubits — each encoded in a superconducting circuit, say, or an individual ion — to work together to represent one qubit of information, or ‘logical qubit’.

As part of its new tack, the company also unveiled a chip called Heron that has 133 qubits, but with a record-low error rate, three times lower than that of its previous quantum processor.

mcgrew writes:

        I decided a few years ago that I was sick of standing in the snow at a gas station waiting for the person inside the building to finish selling that lottery ticket and turn the pump on so I can stand there some more babysitting it while it fills up and I freeze. The answer, of course, was to buy a car that didn't need gasoline, one I could plug into the house and go inside where it's warm.

        I'm not a rich man, I'm a pensioner who is still paying a mortgage, so I looked for an affordable EV. Used ones are almost nonexistent, and I found out why when I finally bought one: it has a ten year warranty. They haven't been making them much longer than that.

        I swore off new cars decades ago when my month old VW stranded me ninety miles from home with a bad alternator, but if you want an EV, new is your only choice. I kept seeing the Chevy Bolt advertised, but could never find one for sale at all. Then I found that they had stopped making them two years earlier.

        Why? Well, battery problems, they claimed. Why just the not so expensive one, $30,000? GM is still selling electric Cadillacs and Corvettes, why no cheap cars?

        I discovered after buying an EV that the only two advantages of a piston car to an electric one are the lack of infrastructure for long trips, and the high purchase price of the vehicle. Why high? Because only their flagship autos have electric motors, the ones that formerly had V8s.

Arthur T Knackerbracket has processed the following story:

It was back in 2022 when Broadcom, known for designing and manufacturing semiconductor products, announced plans to buy cloud computing and virtualization technology company VMware in a cash-and-stock transaction valued at approximately $61 billion. The deal also sees Broadcom assuming VMware's $8 billion in debt.

Broadcom said it had completed the acquisition of VMware last November 22. As is often the case with mergers, one of the first actions being taken by Broadcom is to implement mass layoffs across the company it's just bought.

[...] If that isn't enough to anger VMware employees, those who aren't being fired have been given an ultimatum by Broadcom CEO Hock Tan: "If you live within 50 miles of an office, you get your butt in here," he said.

"Collaboration is important and a key part of sustaining a culture with your peers, with your colleagues," Tan added.

VMware has long been a remote-friendly company, a stark contrast to Broadcom, which is so anti-work-from-home that it ordered some employees back into the office in April 2020, despite California's stay-at-home orders.

Original Submission