SoylentNews

takyon writes:

Houthis launch more drone attacks as shipping companies suspend Red Sea operations

The American military said one of its ships deployed to the Red Sea has successfully shot down more than a dozen drones launched from areas of Yemen controlled by the Houthi militant group.

[...] Britain's defense minister, Grant Shapps, said in a statement that the U.K. naval vessel HMS Diamond had also recently shot down what he termed a "suspected attack drone" that had targeted merchant shipping. "The recent spate of illegal attacks," Shapps wrote, "represent a direct threat to international commerce and maritime security in the Red Sea."

The Houthis, who control large swaths of northern Yemen, have said they will continue to attack vessels that are either owned or operated by Israeli firms, or are in transit to Israel.

[...] The impact on the international shipping business has been seismic, with Northern European companies Maersk and Hapag-Lloyd on Friday telling their ship captains to avoid the region or hold in place while the threat persists.

The Swiss-headquartered cargo giant MSC said on Saturday its vessels would cease transit through the Suez Canal for the foreseeable future after one of its ships, Palatium III, was attacked Friday morning.

Cracks Form In New Naval Coalition, Drone Strikes Spread To Indian Ocean

Operation Prosperity Guardian, the American-led coalition to defend shipping through the Red Sea, the Bab el-Mandeb Strait, and the Gulf of Aden from Houthi attacks is showing major cracks just as it is forming. At the same time, the latest rash of drone strikes on commercial vessels appears to have spread far from Yemen's shores, to waters off India.

[...] Just hours ago, a Liberian-flagged chemical tanker M/V Chem Pluto that has ties to Israel was struck by a drone while sailing in the Indian Ocean, roughly 120 miles to the southwest of the Indian port city of Veraval.

Enjoy the new war and/or price hikes.

Original Submission

Arthur T Knackerbracket has processed the following story:

Beeper moving on from its attempt to bring iMessage to Android users due to Apple closing all the possible loopholes. But that doesn’t mean the story is about to end here.

After a blog post from the company CEO saying he wants Beeper to be the “best chat app ever,” with or without iMessage support for Android, The New York Times reports that the Department of Justice and the Federal Trade Commission want to understand this Apple vs. Beeper controversy better.

The publication says this duel has “raised questions in Washington about whether Apple has used its market dominance over iMessage to block competition and force consumers to spend more on iPhones than lower-priced alternatives.”

People familiar with the matter told the Justice Department’s antitrust lawyer met with Eric Migicovsky, the co-founder of Beeper, about this possible anticompetitive behavior by Apple. At the same time, the FTC posted in its blog that it would scrutinize “dominant” players that “use privacy and security as a justification to disallow interoperability” between services.

Although ultimately, this fight has more to do with Americans being used to texting through the Messages app instead of WhatsApp, Telegram, or another alternative, the government is worried about anticompetitive behavior from Apple, as it has been questioning the company about the App Store, Apple Pay monopoly, and so on.

Original Submission

canopic jug writes:

Multiple sites are reporting from Reuters that new digital restrictions management requirements in Vista11 will send an estimated 480 million kg of otherwise viable desktops and notebooks prematurely to the landfill as e-waste.

Multiple key barriers prevent Windows 10-compatible PCs from running Windows 10, including a need for a 64-bit processor listed by Microsoft as a 'supported CPU,' at least 4 GB of RAM, a minimum of 64GB storage, and UEFI firmware with Secure Boot capability instead of the older BIOS. Additionally, a crucial requirement is TPM version 2.0 for enhanced security, which supersedes the TPM 1.2 version supported by some Windows 10 devices. In addition, Windows 11 also demands a DirectX 12-compatible GPU with a WDDM 2.x driver, which leaves out many older iGPUs. Many systems are still running outdated CPUs and using BIOS instead of UEFI with no SecureBoot support.

Canalys believes that a staggering 240 million PCs do not comply with Windows 11's requirements and are set to be rendered obsolete by Windows 10's October 14, 2025 support deadline. While recycling remains a viable option for these systems, the lack of compatibility with the latest Windows iteration significantly devalues them, making refurbishment less feasible. Consequently, despite growing capabilities in the refurbishment sector, many of these devices are still destined for landfills. This situation highlights a critical challenge in managing and disposing of electronic waste, Canalys believes. 

The effective lifespan of these devices could be preserved, and the waste reduced, by upgrading to more efficient, open software such as the GNU/Linux distro of your choice.

Via:
Tom's Hardware: Microsoft's draconian Windows 11 restrictions will send an estimated 240 million PCs to the landfill when Windows 10 hits end of life in 2025
NDTV: Microsoft Ending Windows 10 Support To Affect 240 Million Computers: Report
The Economic Times of India: Microsoft ending support for Windows 10 could send 240 million PCs to landfills: report
NeoWin: 240 million PCs could end up in landfills when Windows 10 support ends

Original Submission

canopic jug writes:

Ethan Zuckerman asks, how big is YouTube?. Using a statistical sampling method, their current estimate for the size of YouTube is 13.325 billion videos.

Interesting as Reddit and Twitter are, they are much less widely used than YouTube, which is used by virtually all [I]nternet users. Pew reports that 93% of teens use YouTube – the closest service in terms of usage is Tiktok with 63% and Snapchat with 60%. While YouTube has a good, well-documented API, there’s no good way to get a random, representative sample of YouTube. Instead, most research on YouTube either studies a collection of videos (all videos on the channels of a selected set of users) or videos discovered via recommendation (start with Never Going to Give You Up, objectively the center of the internet, and collect recommended videos.) You can do excellent research with either method, but you won’t get a sample of all YouTube videos and you won’t be able to calculate the size of YouTube.

I brought this problem to Jason Baumgartner, creator of PushShift, and prince of the dark arts of data collection. One of Jason’s skills is a deep knowledge of undocumented APIs, ways of collecting data outside of official means. Most platforms have one or more undocumented APIs, widely used by programmers for that platform to build internal tools. In the case of YouTube, that API is called “Inner Tube” and its existence is an open secret in programmer communities. Using InnerTube, Jason suggested we do something that’s both really smart and really stupid: guess at random URLs and see if there are videos there.

As seen in his charts, the amount of videos there grows exponentially. Thus one could also conclude that the storage costs also grow in proportion.

Original Submission

coolgopher writes:

From https://www.postfix.org/smtp-smuggling.html :

Days before a 10+ day holiday break and associated production change freeze, SEC Consult has published an email spoofing attack that involves a composition of email services with specific differences in the way they handle line endings other than <CR><LF>.

Unfortunately, criticial information provided by the researcher was not passed on to Postfix maintainers before publication of the attack, otherwise we would certainly have convinced SEC Consult to change their time schedule until after people had a chance to update their Postfix systems.

The attack involves a COMPOSITION of two email services with specific differences in the way they handle line endings other than <CR><LF>:

  - One email service A that does not recognize broken line endings in SMTP such as in <LF>.<CR><LF> in an email message from an authenticated attacker to a recipient at email service B, and that propagates those broken line endings verbatim when it forwards that message to:

  - One different email service B that does support broken line endings in SMTP such as in <LF>.<CR><LF>. When this is followed by "smuggled" SMTP MAIL/RCPT/DATA commands and message header plus body text, email service B is tricked into receiving two email messages: one message with the content before the <LF>.<CR><LF>, and one message with the "smuggled" header plus body text after the "smuggled" SMTP commands. All this when email service A sends only one message.

Postfix is an example of email service B. Microsoft's outlook.com was an example of email service A.

The "smuggled" SMTP MAIL/RCPT/DATA commands and header plus body text can be used to spoof email from any sender whose domain is hosted at email service A, to any recipient whose domain is hosted at email service B. Such email will pass SPF-based DMARC checks at email service B, because the smuggled message has a sender address that is hosted at email service A, and because the message was received from email service A.

Original Submission

fliptop writes:

Court holds that state officials violated the First Amendment when they ordered retired engineer Wayne Nutt to stop talking about math in public:

Chief Judge Richard Myers issued an opinion holding that the North Carolina Board of Examiners for Engineers and Surveyors violated the First Amendment when it ordered retired engineer Wayne Nutt to stop expressing opinions about engineering without a state license. Nutt, represented by the Institute for Justice (IJ), filed the lawsuit after the Board sent him a series of threatening letters ordering him to stop publicly offering opinions about engineering without a license, on pain of potential criminal punishment. Today's ruling confirms that those letters—and the law they were based on—violate the First Amendment.

"State licensing boards nationwide increasingly act as if they are boards of censors, deciding who may or may not speak about the topics they regulate," explained IJ Attorney Joe Gay. "Today's ruling is a powerful reminder that in this country we rely on people to decide who they want to listen to. We don't rely on government boards to decide who gets to speak."

[...] "The First Amendment protects everyone's right to speak their minds, whether they're talking about politics or talking about math," explained IJ Deputy Director of Litigation Robert McNamara. "Regulators often seem to forget that basic fact, but we always stand ready to remind them."

Also at MSN.

Original Submission

Snotnose writes:

Come for the Loona bedside urinal, stay for the ShockStop power-dildo, and enjoy the Army Tactical Bra. (Stolen from fark.com)

Here at Popular Science we celebrate innovation. Whether it's a new medical treatment, infrastructure project, consumer product, or big idea, they almost always spring up as the solution to a problem. Some honorees address age-old annoyances while others speak to larger and even existential issues that profoundly affect people around the globe. This year, we've selected honorees that exemplify this desire to improve people's lives, just as we have every year since 1988.

You can read all about it here.

[It looks like quite a few of these have been submitted as SoylentNews stories by our community over the last year, so thank you all -- Ed.]

Original Submission

janrinok writes:

Scientists have been looking for health-promoting microbes in the feces of people from traditional communities—some of whom feel exploited:

We’re all teeming with microbes. We’ve got guts full of them, and they’re crawling all over our skin. These tiny, ancient life forms have evolved with us. And over the last couple of decades, scientists have come to realize just how important they are to our health and well-being. They help extract nutrients from our food, influence the way our immune systems work, and can even send signals to our brains that play a role in our mental health. 

But some researchers believe our microbiomes are in crisis—casualties of an increasingly sanitized, industrialized, and antimicrobial way of life. Disturbances in the collections of microbes we host have been associated with a whole host of diseases, ranging from arthritis to Alzheimer’s.

“It’s very clear in industrialized nations we have lost many species that were probably fundamental to human evolution,” says Justin Sonnenburg, a microbiome scientist at Stanford University. “They’ve just become extinct.” Some have seemingly disappeared before we’ve even had a chance to figure out what they do.

Some might not be completely gone, though. Scientists believe many might still be hiding inside the intestines of people who don’t live in the polluted, processed, and antimicrobial-laden environment that most of the rest of us share. They’ve been studying the feces of people from hunter-gatherer societies like the Yanomami, an Indigenous group in the Amazon, who appear to still have some of the microbes that other people have lost. 

And so the race is on to find those missing microbes. Both academics and companies are building catalogues of microbes seen in hunter-gatherer societies, and attempting to re-create this microbial brew as a treatment for people in industrialized societies. The hope is that with the proper mix of microbes, many people might gain protection from disorders, like depression and metabolic disease, that seem to affect people living in industrialized societies at much higher rates. But there is a rather major catch: we don’t know whether those in hunter-gatherer societies really do have “healthier” microbiomes—and if they do, whether the benefits could be shared with others.

At the same time, members of the communities being studied say some projects aren’t being done ethically or equitably. Even recent research projects have taken biological samples without consent and attempted to artificially manipulate the way hunter-gatherers eat and live, says Shani Mangola, a member of the much-studied Hadza society in Tanzania. He and others are concerned about the risk of what’s called biopiracy—taking natural resources from poorer countries for the benefit of wealthier ones. 

Arthur T Knackerbracket has processed the following story:

Hyperloop One, the futuristic transportation startup that promised to whisk us through nearly airless tubes at airline speeds, is shutting down, according to Bloomberg.

The company is selling off its assets, closing down its offices, and laying off employees. It will formally close at the end of the year, at which point all of its intellectual property will shift to its majority stakeholder, major Dubai port operator DP World. Whoever buys the test track in the Nevada desert will have one hell of a Slip ‘N Slide if they want it.

Since its founding in 2014, the company raised around $450 million in venture capital funds and other investments. While there is still a small smattering of startups trying to build hyperloops, the demise of one of the biggest hyperloop companies signals the end of the dream that originated with Elon Musk’s so-called “alpha paper” in 2013.

Whoever buys the test track in the Nevada desert will have one hell of a Slip ‘N Slide if they want it

Musk theorized that aerodynamic aluminum capsules filled with passengers or cargo could be propelled through a nearly airless tube at speeds of up to 760mph. These tubes, either raised on pylons or sunk beneath the earth, could be built either within or between cities. He called it a “fifth mode of transportation” and argued it could help change the way we live, work, trade, and travel.

The most eye-catching scenario he proposed was a trip from Los Angeles to San Francisco in only 30 minutes. The idea captured the imaginations of engineers and investors across the world.

Arthur T Knackerbracket has processed the following story:

Your snack habit may be even more calorie-dense than you think, recent research suggests. A study estimated that snacking contributes to around 20% of an average American’s daily caloric intake, and these snacks often add little nutritional value. The scientists found, though, that people with type 2 diabetes seem to eat fewer snack-related calories.

The study was led by scientists from The Ohio State University. Research has consistently shown that Americans’ diets have gotten bigger over time. And it’s likely that these extra calories have contributed to a rise in obesity and other metabolic disorders like type 2 diabetes. But the study authors say that little work has been done to specifically quantify the snacking patterns of adults with type 2.

[...] The researchers found that people reported eating an average two snacks a day, no matter their diabetes status. Those without type 2 consumed roughly 500 calories from their snacks, while those with diagnosed diabetes or prediabetes ate slightly fewer. Overall, between 19.5% and 22.4% of a person’s daily calorie intake came from snacking, or about the same amount we might get from a full meal. And people’s snacks were typically not filled with the healthiest ingredients. Nearly half of the calories consumed in-between meals came from foods considered snacks and sweets, for instance, while 15% of these calories were from alcohol beverages in those without diabetes.

[...] The findings suggest that people with diabetes often make a conscious effort to cut down on snacking, and that further indicates that people are willing to listen to and heed advice on what kinds of foods they should eat or avoid, the study authors say. But they note that everyone could benefit from these lessons.

“Diabetes education looks like it’s working, but we might need to bump education back to people who are at risk for diabetes and even to people with normal blood glucose levels to start improving dietary behaviors before people develop chronic disease,” said study author Christopher Taylor, professor of medical dietetics in the School of Health and Rehabilitation Sciences at OSU, in a statement from the university.

Journal Reference:
Kristen Heitman, Sara E. Thomas, Owen Kelly, [et al.]. (2023) Snacks contribute considerably to total dietary intakes among adults stratified by glycemia in the United States. PLOS Glob Public Health 3(10): e0000802. https://doi.org/10.1371/journal.pgph.0000802

Original Submission

upstart writes:

(A bit on the long side, but well worth the read. --Marty)

The secret sauce for Taiwan's chip superstardom:

When 23-year-old Shih Chin-tay boarded a plane for the United States in the summer of 1969, he was flying to a different world.

He grew up in a fishing village surrounded by sugarcane fields. He had attended university in Taiwan's capital Taipei, then a city of dusty streets and grey apartment buildings where people rarely owned cars.

[...] Today's Taipei is rich and hip. High-speed trains zip passengers along the west coast of the island at 350km/h (218mph). Taipei 101 - briefly the tallest building in the world - towers over the city, an emblem of its prosperity.

Much of that is down to a tiny device no larger than a fingernail. The silicon semiconductor - wafer-thin and best-known now as a chip - sits at the heart of every technology we use, from iPhones to airplanes.

Taiwan now makes more than half the chips that power our lives. Its biggest manufacturer, Taiwan Semiconductor Manufacturing Company (TSMC), is the ninth-most valuable business in the world.

That makes Taiwan nearly irreplaceable - and vulnerable. China, fearing it could be cut off from the most advanced chips, is spending billions to steal Taiwan's crown. Or it could take the island, as it has repeatedly threatened to do.

But Taiwan's path to chip superstardom will not be easy to replicate - the island has a secret sauce, honed through decades of laborious work by its engineers. Plus, the manufacturing relies on a web of economic ties that the escalating US-China rivalry is now trying to undo.

[...] Back then, he quickly realised that taking on US and Japanese giants at their own game was a losing proposition. Instead TSMC would only manufacture chips for others, and not design its own.

This "foundry model", which was unheard of in 1987, changed the landscape of the industry and paved the way for Taiwan to become the pack leader.

[...] "Rule number one at TSMC is don't compete with your customers," Dr Shih says.

Arthur T Knackerbracket has processed the following story:

Although China cannot flood the global market with chips produced with cutting-edge fabrication technologies, strong subsidies for the semiconductor sector in China make it possible for the country to flood the market with chips made on legacy process technologies, thus undercutting much-needed sales that generate revenue that is vital for R&D at Western firms. This tactic could spur the U.S. government to impose tariffs on products using mature processing nodes, reports Bloomberg.

[...] China is known for providing hefty funds to its chipmakers. For example, China-based SMIC invested $24 billion in capital expenditures from 2020 to 2023 with support from banks, local governments, and state-controlled funds, far exceeding its earnings in the period, according to Nikkei. Other semiconductor companies also have generous support from the government, which is how they can quickly expand production capacity using tools that they can procure without any limitations and start producing chips like display driver ICs (DDICs) or power management ICs (PMICs) that are sold in billions of units every year.

[...] The survey's findings are set to guide the U.S. in formulating responses that could include the imposition of tariffs or the use of other trade tools to counteract China's aggressive expansion in the semiconductor industry. Commerce Secretary Gina Raimondo has already indicated that the U.S. is ready to use every tool it has to stop China from flooding the market with low-cost legacy chips. However, she clarified that the most stringent export controls would remain reserved for more advanced process technologies and not for these older generation nodes, so Chinese companies will still be able to procure legacy chipmaking tools.

Original Submission

Motor Trend reports on recent gov't. actions that will lead to drunk & drowsy driving detection built into new cars, https://www.motortrend.com/news/nhtsa-anti-drunk-driving-tech-rules-coming/

The National Highway Traffic Safety Administration (NHTSA) has, after years of voicing its intent, officially submitted an advanced notice of proposed rulemaking surrounding anti-drunk-driving technology. This marks the first formal salvo in its bid to ensure every new vehicle sold in America comes with some form of built-in inebriation detection and possibly an interlock that prevents the car from being driven if the driver is determined to be impaired.

Alcohol-related vehicle crashes are among the leading cause of injury and death on America's roadways, which already have seen a precipitous backsliding in term of safety in recent years. After decades of progress reducing roadway deaths, America has seen car-related fatalities soar, leaving policymakers stumped and scrambling for solutions.

[...] Per NHTSA's notice: "This document initiates rulemaking that would gather the information necessary to develop performance requirements and require that new passenger motor vehicles be equipped with advanced drunk and impaired driving prevention technology through a new Federal Motor Vehicle Safety Standard (FMVSS)." The agency adds that:

"The Infrastructure Investment and Jobs Act (Bipartisan Infrastructure Law or BIL) directs NHTSA to issue a final rule establishing a Federal Motor Vehicle Safety Standard (FMVSS) that requires new passenger vehicles to have 'advanced drunk and impaired driving prevention technology' by 2024. The BIL also provides that an FMVSS should be issued only if it meets the requirements of the National Traffic and Motor Vehicle Safety Act."

Most likely solution are cameras that watch the driver for warning signs, these already exist on some cars. It will be interesting to see if other solutions are also put forward.

MotorTrend then opines,

Of course, this opens many cans of worms. Will NHTSA advocate a warning system onboard that alerts the driver that they're impaired? An ignition interlock that prevents the car from starting and driving at all? What if there are false readings? A sober passenger taking whatever onboard test exists in the driver's place? One also could imagine the sort of arguments advocates of unfettered freedom might come up with: Someone eluding an attacker, but who had previously had a drink, being locked out of their means of escape due to technological misunderstanding. Of course, these concerns must be weighed against the more than 10,000 preventable deaths from drunk drivers annually.

Original Submission

fliptop writes:

Lawmakers want HHS to revise health privacy law to require warrants:

All of the big pharmacy chains in the US hand over sensitive medical records to law enforcement without a warrant—and some will do so without even running the requests by a legal professional, according to a congressional investigation.

The revelation raises grave medical privacy concerns, particularly in a post-Dobbs era in which many states are working to criminalize reproductive health care. Even if people in states with restrictive laws cross state lines for care, pharmacists in massive chains, such as CVS, can access records across borders.

Lawmakers noted the pharmacies' policies for releasing medical records in a letter dated Tuesday to the Department of Health and Human Services (HHS) Secretary Xavier Becerra. The letter—signed by Sen. Ron Wyden (D-Ore.), Rep. Pramila Jayapal (D-Wash.), and Rep. Sara Jacobs (D-Calif.)—said their investigation pulled information from briefings with eight big prescription drug suppliers.

All eight of the pharmacies said they do not require law enforcement to have a warrant prior to sharing private and sensitive medical records, which can include the prescription drugs a person used or uses and their medical conditions. Instead, all the pharmacies hand over such information with nothing more than a subpoena, which can be issued by government agencies and does not require review or approval by a judge.

[...] For now, HIPAA regulations grant patients the right to know who is accessing their health records. But, to do so, patients have to specifically request that information—and almost no one does that. "Last year, CVS Health, the largest pharmacy in the nation by total prescription revenue, only received a single-digit number of such consumer requests," the lawmakers noted.

"The average American is likely unaware that this is even a problem," the lawmakers said.

Originally spotted on Schneier on Security.

Related:

• Websites Selling Abortion Pills are Sharing Sensitive Data With Google
• Meta Faces Lawsuit for Allegedly Collecting Patient Health Data Without Consent
• Google has Access to Detailed Health Records on Tens of Millions of Americans

Original Submission

upstart writes:

Novel Terrapin attack uses prefix truncation to downgrade the security of SSH channels:

Sometime around the start of 1995, an unknown person planted a password sniffer on the network backbone of Finland's Helsinki University of Technology (now known as Aalto University). Once in place, this piece of dedicated hardware surreptitiously inhaled thousands of user names and passwords before it was finally discovered. Some of the credentials belonged to employees of a company run by Tatu Ylönen, who was also a database researcher at the university.

The event proved to be seminal, not just for Ylönen's company but for the entire world. Until that point, people like Ylönen connected to networks using tools which implemented protocols such as Telnet, rlogin, rcp, and rsh. All of these transmitted passwords (and all other data) as plaintext, providing an endless stream of valuable information to sniffers. Ylönen, who at the time knew little about implementing strong cryptography in code, set out to develop the Secure Shell Protocol (SSH) in early 1995, about three months after the discovery of the password sniffer.

[...] Ylönen submitted SSH to the Internet Engineering Taskforce in 1996, and it quickly became an almost ubiquitous tool for remotely connecting computers. Today, it's hard to overstate the importance of the protocol, which underpins the security of apps used inside millions of organizations, including cloud environments crucial to Google, Amazon, Facebook, and other large companies.

[...] Now, nearly 30 years later, researchers have devised an attack with the potential to undermine, if not cripple, cryptographic SSH protections that the networking world takes for granted.

Named Terrapin, the new hack works only when an attacker has an active adversary-in-the middle position on the connection between the admins and the network they remotely connect to. Also known as a man-in-the-middle or MitM attack, this occurs when an attacker secretly positioned between two parties intercepts communications and assumes the identity of both the recipient and the sender. This provides the ability to both intercept and to alter communications. While this position can be difficult for an attacker to achieve, it's one of the scenarios from which SSH was thought to have immunity.