Slash Boxes

SoylentNews is people

Log In

Log In

Create Account  |  Retrieve Password

Site News

Join our Folding@Home team:
Main F@H site
Our team page

Funding Goal
For 6-month period:
2022-07-01 to 2022-12-31
(All amounts are estimated)
Base Goal:



Covers transactions:
2022-07-02 10:17:28 ..
2022-10-05 12:33:58 UTC
(SPIDs: [1838..1866])
Last Update:
2022-10-05 14:04:11 UTC --fnord666

Support us: Subscribe Here
and buy SoylentNews Swag

We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.

Why do you post less frequently on internet forums than you used to?

  • I work longer hours.
  • My kids take up my time.
  • I spend more time on a hobby.
  • Due to my physical or mental health.
  • I'm less interested in communicating with others.
  • OK, Boomer. Forums are for Boomers.
  • I post more frequently, you insensitive clod!
  • Other (please specify in comments)

[ Results | Polls ]
Comments:51 | Votes:40

posted by janrinok on Tuesday February 27, @08:19PM   Printer-friendly
from the money-money-money dept.

In an interview with The Hollywood Reporter published Thursday, filmmaker Tyler Perry spoke about his concerns related to the impact of AI video synthesis on entertainment industry jobs. In particular, he revealed that he has suspended a planned $800 million expansion of his production studio after seeing what OpenAI's recently announced AI video generator Sora can do.

"I have been watching AI very closely," Perry said in the interview. "I was in the middle of, and have been planning for the last four years... an $800 million expansion at the studio, which would've increased the backlot a tremendous size—we were adding 12 more soundstages. All of that is currently and indefinitely on hold because of Sora and what I'm seeing. I had gotten word over the last year or so that this was coming, but I had no idea until I saw recently the demonstrations of what it's able to do. It's shocking to me."

[...] "It makes me worry so much about all of the people in the business," he told The Hollywood Reporter. "Because as I was looking at it, I immediately started thinking of everyone in the industry who would be affected by this, including actors and grip and electric and transportation and sound and editors, and looking at this, I'm thinking this will touch every corner of our industry."

You can read the full interview at The Hollywood Reporter

[...] Perry also looks beyond Hollywood and says that it's not just filmmaking that needs to be on alert, and he calls for government action to help retain human employment in the age of AI. "If you look at it across the world, how it's changing so quickly, I'm hoping that there's a whole government approach to help everyone be able to sustain."

Previously on SoylentNews:
OpenAI Teases a New Generative Video Model Called Sora - 20240222

Related stories on SoylentNews:
Microsoft Aims to Equip Two Million People in India With AI Skills by 2025 - 20240218
AI Energy Demands Could Soon Match The Entire Electricity Consumption Of Ireland - 20231014
Tech Industry Leaders Endorse Regulating Artificial Intelligence at Rare Summit in Washington - 20230917
"Meaningful Harm" From AI Necessary Before Regulation, says Microsoft Exec - 20230514
IBM Pauses Hiring to Onboard AI Instead - 20230503
Netflix Stirs Fears by Using AI-Assisted Background Art in Short Anime Film - 20230208
90% of Online Content Could be 'Generated by AI by 2025,' Expert Says - 20230120
Microsoft's New AI Can Simulate Anyone's Voice With Three Seconds of Audio - 20230115
AI Everything, Everywhere - 20230107
Adobe Stock Begins Selling AI-Generated Artwork - 20221209
AI Systems Can't Patent Inventions, US Federal Circuit Court Confirms - 20220809
Robots Might Take Our Jobs, but Maybe We Need Them to - 20210722
Cards Against Humanity Writers Are Battling an AI to Keep Their Jobs, and You Can Watch - 20191211

Original Submission

posted by janrinok on Tuesday February 27, @03:31PM   Printer-friendly

Twitter security staff kept firm in compliance by disobeying Musk, FTC says:

Twitter employees prevented Elon Musk from violating the company's privacy settlement with the US government, according to Federal Trade Commission Chair Lina Khan.

After Musk bought Twitter in late 2022, he gave Bari Weiss and other journalists access to company documents in the so-called "Twitter Files" incident. The access given to outside individuals raised concerns that Twitter (which is currently named X) violated a 2022 settlement with the FTC, which has requirements designed to prevent repeats of previous security failures.

Some of Twitter's top privacy and security executives also resigned shortly after Musk's purchase, citing concerns that Musk's rapid changes could cause violations of the settlement.

FTC staff deposed former Twitter employees and "learned that the access provided to the third-party individuals turned out to be more limited than the individuals' tweets and other public reporting had indicated," Khan wrote in a letter sent today to US Rep. Jim Jordan (R-Ohio). Khan's letter said the access was limited because employees refused to comply with Musk's demands:

The deposition testimony revealed that in early December 2022, Elon Musk had reportedly directed staff to grant an outside third-party individual "full access to everything at Twitter... No limits at all." Consistent with Musk's direction, the individual was initially assigned a company laptop and internal account, with the intent that the third-party individual be given "elevated privileges" beyond what an average company employee might have.

However, based on a concern that such an arrangement would risk exposing nonpublic user information in potential violation of the FTC's Order, longtime information security employees at Twitter intervened and implemented safeguards to mitigate the risks. Ultimately the third-party individuals did not receive direct access to Twitter's systems, but instead worked with other company employees who accessed the systems on the individuals' behalf.

Jordan is chair of the House Judiciary Committee and has criticized the investigation, claiming that "the FTC harassed Twitter in the wake of Mr. Musk's acquisition." Khan's letter to Jordan today argues that the FTC investigation was justified.

"The FTC's investigation confirmed that staff was right to be concerned, given that Twitter's new CEO had directed employees to take actions that would have violated the FTC's Order," Khan wrote. "Once staff learned that the FTC's Order had worked to ensure that Twitter employees took appropriate measures to protect consumers' private information, compliance staff made no further inquiries to Twitter or anyone else concerning this issue."

Khan also wrote that deep staff cuts following the Musk acquisition, and resignations of Twitter's top privacy and compliance officials, meant that "there was no one left at the company responsible for interpreting and modifying data policies and practices to ensure Twitter was complying with the FTC's Order to safeguard Americans' personal data." The letter continued:

Original Submission

posted by janrinok on Tuesday February 27, @10:47AM   Printer-friendly
from the they-still-get-your-digits dept.

Signal now lets you keep your phone number private with the launch of usernames:

Signal is launching usernames, the company announced today. Up until now, you have had to give someone your phone number to chat with them on Signal. Now you can create a unique username that you can use instead. Usernames are currently launching in beta and will be rolling out to all users in the coming weeks. Signal still requires a phone number when registering for the app.

As end-to-end encrypted messaging apps go, Signal stands apart as one with the strongest security and privacy features. By allowing users to now keep their phone numbers private, Signal is closing one of the few loopholes that could allow hacker's access to a victim's messages — where hackers hijack the phone number at the phone carrier level used to register with Signal.

Usernames in Signal do not function like usernames on social media platforms, the company says. For example, Signal usernames are not logins or handles that you'll be known by in the app. Instead, they're just a quick way to connect with someone on the app without sharing your phone number.

If you create a username, your profile name will still display whatever you set it to, and won't show your username. People you message on the app also can't see or find your username unless you have shared it with them. If someone wants to talk to you on the app, they will need to know your exact username because Signal doesn't provide a searchable directory of usernames like X and Instagram do. Or, you have the option to generate a QR code or link that directs people to your username.

Once you create a username, your phone number will no longer be visible in Signal to anyone running the latest version of the app if they don't already have it saved in their contacts. When you message people either directly or in group chats, your phone number won't show up, as users will only see your profile name and image. However, if you still want people to see your phone number when you message them, you can change the default setting in your "Phone Number" settings.

To create a username, go into your "Profile" settings. From there, choose a unique username that has two or more numbers at the end of it. You can change your username as often as you want, and you also have the choice to delete your username altogether if you don't want one anymore. The company says it created usernames to be easily changeable so that you can choose to make a specific username for things like a conference or a group trip, and then change it once it's over.

To start chatting with someone via their username, you need to open the "New Chat" screen in the app and type in their username.

Signal is also introducing a new privacy setting that will let you control who can find you on the app with your phone number. Up until now, anyone who had your phone number, whether they got it on social media or a business card, has been able to find you on Signal. Now you can restrict this by going into your settings and navigating to the "Who can find me by my number" setting and selecting "Nobody."

If you select the "Everybody" option, this means that anyone who has your phone number can type it into Signal and send you a message request, which you can of course reject or block.

I don't trust Signal:

Occasionally when Signal is in the press and getting a lot of favorable discussion, I feel the need to step into various forums, IRC channels, and so on, and explain why I don't trust Signal. Let's do a blog post instead.

Off the bat, let me explain that I expect a tool which claims to be secure to actually be secure. I don't view "but that makes it harder for the average person" as an acceptable excuse. If Edward Snowden and Bruce Schneier are going to spout the virtues of the app, I expect it to actually be secure when it matters - when vulnerable people using it to encrypt sensitive communications are targeted by smart and powerful adversaries.

Making promises about security without explaining the tradeoffs you made in order to appeal to the average user is unethical. Tradeoffs are necessary - but self-serving tradeoffs are not, and it's your responsibility to clearly explain the drawbacks and advantages of the tradeoffs you make. If you make broad and inaccurate statements about your communications product being "secure", then when the political prisoners who believed you are being tortured and hanged, it's on you. The stakes are serious. Let me explain why I don't think Signal takes them seriously.

It is worth a read, but remember that it is only his personal viewpoint.

Original Submission

posted by janrinok on Tuesday February 27, @06:04AM   Printer-friendly

With skull parts that click together like puzzle pieces and a large central tooth, the real-life sandworm is stranger than fiction:

Amphisbaenians are strange creatures. Like worms with vertebrae, scales, a large central tooth and sometimes small forearms, these reptiles live underground, burrowing tunnels and preying on just about anything they encounter, not unlike a miniature version of the monstrous sandworms from "Dune."

Even though they're found around much of the world, little is known about how amphisbaenians behave in the wild because they cannot be observed while in their natural habitat under sand and soil. But thanks to two papers published in the March issue of The Anatomical Record, new light is being shed on these animals and their specialized anatomy.

[...] "You could fit three skulls of the Zygaspis quadrifrons on the nail of my pinky. We can now look at these really small vertebrate organisms in a measure of detail that we never had before," Bell said.

[...] "They wriggle around and try to escape and move in ways that worms just aren't able to. These are much more like little snakes in the way that they move and interact. It's just surprising for something that's so tiny. You just don't expect that behavior," Lewis said.

Some of the most striking imagery to come from these CT scans highlights sutures within the skull: deep, thin waves that "grab" on to each other, Lewis described. The images also render in exquisite details the amphisbaenians' strange singular central tooth, which interlocks with two bottom teeth.

"Combined with the powerful jaw muscles in amphisbaenians, it gives them a ferocious bite for an animal of their size. They can bite and tear out pieces of their prey," Bell said.

Journal References:
    Antonio Meza, Christopher J. Bell, Juan D. Daza, et al., Variation in the cranial osteology of the amphisbaenian genus Zygaspis based on high-resolution x-ray computed tomography, The Anatomical Record, First Published: 17 October 2023
    Christopher J. Bell, Cristhian Cadena, Antonio Meza, et al., Cranial anatomy of the "round-headed" Amphisbaenian Zygaspis quadrifrons (Squamata, Amphisbaenia) based on high-resolution x-ray computed tomography, The Anatomical Record, First Published: 17 October 2023

Original Submission

posted by janrinok on Tuesday February 27, @01:13AM   Printer-friendly
from the Windows-as-a-boot-sector-virus dept.

Ars has a story containing tips and tricks for making Microsoft leave you alone while you use your PC in Windows 11. To wit:

I've written before about my nostalgia for the Windows XP- or Windows 7-era "clean install," when you could substantially improve any given pre-made PC merely by taking an official direct-from-Microsoft Windows install disk and blowing away the factory install, ridding yourself of 60-day antivirus trials, WildTangent games, outdated drivers, and whatever other software your PC maker threw on it to help subsidize its cost.

You can still do that with Windows 11—in fact, it's considerably easier than it was in those '00s versions of Windows, with multiple official Microsoft-sanctioned ways to download and create an install disk, something you used to need to acquire on your own. But the resulting Windows installation is a lot less "clean" than it used to be, given the continual creep of new Microsoft apps and services into more and more parts of the core Windows experience. [...]

[T]his [article] is not a guide about creating a minimally stripped-down, telemetry-free version of Windows that removes anything other than what Microsoft allows you to remove ... but [one that demonstrates how to] remov[e] built-in Windows components can cause unexpected compatibility and security problems...."

I am a long-time macOS user, and willingly pay the hefty Apple "tax" to use it because macOS behaves itself, but I am forced to use Windows 11 at work and I hate it for many of the reasons outlined in this article. Windows, like DOS before it decades ago, has become a boot-sector virus. Windows delenda est!

Original Submission

posted by hubie on Monday February 26, @08:27PM   Printer-friendly

While current diagnostic definitions of attention-deficit hyperactivity disorder (ADHD) are relatively new, the general condition has been identified by clinicians under a variety of names for centuries. Recent genetic studies have revealed the condition to be highly heritable, meaning the majority of those with the condition have genetically inherited it from their parents.

Depending on diagnostic criteria, anywhere from two to 16% of children can be classified as having ADHD. In fact, increasing rates of diagnosis over recent years have led to some clinicians arguing the condition is overdiagnosed.

What is relatively clear, however, is that the behavioural characteristics that underpin ADHD have been genetically present in human populations for potentially quite a long time. And that has led some researchers to wonder what the condition's evolutionary benefits could be.

Imagine you are part of a wandering tribe of early humans. Your group comes across a field full of one kind of fruit and everyone is faced with a big question. Do you settle in the field and exploit the fruit stocks until they are all gone, or do you quickly take what you can and continue to explore for more varied foods?

This exploit or explore trade-off is fundamental to the survival of all animals. At what point is the risk of staying in one place greater than the risk of moving on to find out what is over the next hill?

In the early 2000s a team of scientists set out to study the genetics of a unique tribe of people in Northern Kenya. Known as the Ariaal, this population has traditionally been incredibly nomadic. Some members of the Ariaal settled down in one place over the 20th century and adopted modern methods of agriculture while other tribe members continued to live as nomadic pastoralists.

The scientists compared the genetic and health differences between these two cohorts of Ariaal and discovered something incredibly interesting. Generally, all of the Ariaal people carried a unique genetic mutation, dubbed DRD4/7R. This genetic trait had previously been identified commonly in people with ADHD.

"The DRD4/7R allele has been linked to greater food and drug cravings, novelty-seeking, and ADHD symptoms," explained study leader Dan Eisenberg back in 2008. "It is possible that in the nomadic setting, a boy with this allele might be able to more effectively defend livestock against raiders or locate food and water sources, but that the same tendencies might not be as beneficial in settled pursuits such as focusing in school, farming or selling goods."

So a fascinating hypothesis emerged. Could the genetic traits of ADHD be somewhat beneficial to a tribe by pushing some people to be 'explorers'? What manifests in modern times as fidgety restlessness could actually have been useful to tribes foraging the countryside for food.
Around 450 people participated in the experiment, and all were simultaneously screened for ADHD symptoms. Unsurprisingly, the researchers found those with higher ADHD scores moved on to new bushes sooner than others but more importantly, those with ADHD also tended to collect higher volumes of berries overall.

Writing in the newly published study, Barack and colleagues noted that participants without ADHD characteristics tended to over-harvest single patches. Looking at what would be an optimal harvest strategy for the game it was discovered that players with high ADHD scores were more successful overall.

"In addition, we discovered that participants that screened positive for ADHD more readily abandoned patches and achieved higher reward rates than did participants who screened negative," the researchers concluded. "Given the over-staying displayed by participants overall, those with elevated ASRS scores made exploratory decisions that were more closely aligned with the predictions of optimal foraging theory, and, in this sense, behaved more optimally."

Journal Reference:
Barack David L., Ludwig Vera U., Parodi Felipe, et al., 2024, Attention deficits linked with proclivity to explore while foraging, Proc. R. Soc. B. 2912022258420222584

Original Submission

posted by hubie on Monday February 26, @03:41PM   Printer-friendly
from the Rolling-Stones-and-computers-gather-no-moss dept.

OS/2 was a joint operating system project by IBM and Microsoft, which was intended for IBM's own Personal System/2 (PS/2) PCs. (If you've ever seen the old circular ports used by keyboards and mice on old PCs, those are also called PS/2 ports— because they're inherited from this.)

While OS/2 comes after the original IBM PC DOS and MS-DOS, we know today that the partnership between IBM and Microsoft would not last in that form. Microsoft eventually stopped working with IBM in 1992 when it dropped Windows 3.1, a direct competitor of the OS/2 software IBM paid it to make.

OS/2 was intended as a protected-mode successor of PC DOS targeting the Intel 80286 processor. Notably, basic system calls were modeled after MS-DOS calls; their names even started with "Dos" and it was possible to create "Family Mode" applications – text mode applications that could work on both systems. Because of this heritage, OS/2 shares similarities with Unix, Xenix, and Windows NT.

Up to $990 million per year was spent developing OS/2 and its replacement. OS/2 sales were largely concentrated in networked computing used by corporate professionals; however, by the early 1990s, it was overtaken by Microsoft Windows NT. While OS/2 was arguably technically superior to Microsoft Windows 95, OS/2 failed to develop much penetration in the mass market consumer and stand-alone desktop PC segments.

IBM discontinued its support for OS/2 on December 31, 2006. Since then, OS/2 has been developed, supported and sold by two different third-party vendors under license from IBM – first by Serenity Systems as eComStation since 2001, and later by Arca Noae LLC as ArcaOS since 2017.

If you're reading this before April 15, 2024, and wish to dig into OS/2 computing history, you're also advised to check out the Hobbes OS/2 Archive while it still exists. The Hobbes OS/2 Archive is the longest-lived host of OS/2 software, but the decades have finally caught up to it, and it's set to close in April.

Submitter remembers buying OS/2 Warp ( ) (although, not really sure which version) : The box I bought (if memory serves... which it doesn't Batman...) came with a CD and like 10 diskettes. I didn't have a CD drive at the time, so had to install from the many diskettes, which didn't always install failure free. Finally got it installed and tried it out some, but, again if memory serves, had so little hard-drive space that i couldn't install much else to fool with to test compatibility.

Then Windows Whatever came along (remember "Start me up" from the Rolling Stones?) and then finally found Linux and never looked back.

If only IBM had had better marketers....

Original Submission

posted by hubie on Monday February 26, @10:54AM   Printer-friendly
from the infinite-loops-are-baaaad dept.

Addicted to swiping right? Lawsuit claims Tinder and Hinge are designed to get users hooked.

A new lawsuit claims that dating apps Tinder and Hinge are designed to addict users and lock them into a perpetual loop.

If you're swiping on dating apps for hours, you're not alone — and a new lawsuit claims it's by design.

Dating apps such as Tinder and Hinge are intentionally addictive, a class-action lawsuit filed in federal court in California on Valentine's Day claims.

Hidden algorithms push users to stay on the apps and "gamify dating" — counterintuitive to the apps' intended purpose to help people find connections and form relationships, six plaintiffs contend in the lawsuit.

[....] "The lawsuit is a bit absurd, if I'm honest," psychologist and relationship coach Jo Hemmings told The Washington Post, adding that "responsibility lies in the hands of the user," not the apps or developers.

In the future someday people might venture outside and date actual humans in person.

Original Submission

posted by hubie on Monday February 26, @06:07AM   Printer-friendly

An accretion disk 7 light-years across powers an exceptionally bright galaxy:

Quasars initially confused astronomers when they were discovered. First identified as sources of radio-frequency radiation, later observations showed that the objects had optical counterparts that looked like stars. But the spectrum of these ostensible stars showed lots of emissions at wavelengths that didn't seem to correspond to any atoms we knew about.

Eventually, we figured out these were spectral lines of normal atoms but heavily redshifted by immense distances. This means that to appear like stars at these distances, these objects had to be brighter than an entire galaxy. Eventually, we discovered that quasars are the light produced by an actively feeding supermassive black hole at the center of a galaxy.

[...] J0529−4351 had been observed a number of times, but its nature wasn't recognized until a survey went hunting for quasars and recognized it was one. At the time of the 2023 paper that described the survey, the researchers behind it suggested that it had either been magnified through gravitational lensing, or it was the brightest quasar we've ever identified.

[...] So, how do you take an instance of an incredibly bright object and make it even brighter? The light from a quasar is produced by an accretion disk. While accretion disks can form around black holes with masses similar to stars, quasars require a supermassive black hole like the ones found at the center of galaxies. These disks are formed of material that has been captured by the gravity of the black hole and is in orbit before falling inward and crossing the event horizon. Light is created as the material is heated by collisions of its constituent particles and gives up gravitational energy as it falls inward.

Getting more light out of an accretion disk is pretty simple: You either put more material in it or make it bigger. But there's a limit to how much material you can cram into one. At some point, the accretion disk will produce so much radiation that it drives off any additional material that's falling inward, essentially choking off its own food supply. Called the Eddington limit, this sets ceilings on how bright an accretion disk can be and how quickly a black hole can grow.

Factors like the mass of the black hole and its spin help set the Eddington limit. Plus, the amount of material falling inward can drop below the Eddington limit, leading to a bit less light being produced. Trying various combinations of these factors and checking them against observational data, the researchers came up with several estimates for the properties of the supermassive black hole and its accretion disk.

For the supermassive black hole's size, the researchers propose two possible estimates: one at 17 billion solar masses, and the other at 19 billion solar masses. That's not the most massive one known, but there are only about a dozen thought to be larger. (For comparison, the one at the center of the Milky Way is "only" about 4 million solar masses.) The data is best fit by a moderate spin, with us viewing it from about 45 degrees off the pole of the black hole. The accretion disk would be roughly seven light-years across. Meaning, if the system were centered on our Sun, several nearby stars would be within the disk.

The accretion rate needed to power the brightness is just below the Eddington limit and works out to roughly 370 solar masses of material per year. Or, about a Sun a day. At that rate, it would take about 30 million years to double in size.

[...] The whole accretion disk is also large enough that it should be possible to image it with the Very Large Telescope, which would allow us to track the disk's rotation and estimate the black hole's mass.

The system's extreme nature, then, may actually help us figure out its details despite its immense distance. Meanwhile, the researchers wonder whether other unusual systems might remain undiscovered simply because we haven't considered that an object might be a quasar instead of a star.

Journal Reference:
Wolf, Christian, Lai, Samuel, Onken, Christopher A., et al. The accretion of a solar mass per day by a 17-billion solar mass black hole, Nature Astronomy (DOI: 10.1038/s41550-024-02195-x)

Original Submission

posted by hubie on Monday February 26, @01:18AM   Printer-friendly

How Kybers and ratcheting are boosting the resiliency of Apple's messaging app:

iMessage is getting a major makeover that makes it among the two messaging apps most prepared to withstand the coming advent of quantum computing, largely at parity with Signal or arguably incrementally more hardened.

On Wednesday, Apple said messages sent through iMessage will now be protected by two forms of end-to-end encryption (E2EE), whereas before, it had only one. The encryption being added, known as PQ3, is an implementation of a new algorithm called Kyber that, unlike the algorithms iMessage has used until now, can't be broken with quantum computing. Apple isn't replacing the older quantum-vulnerable algorithm with PQ3—it's augmenting it. That means, for the encryption to be broken, an attacker will have to crack both.

The iMessage changes come five months after the Signal Foundation, maker of the Signal Protocol that encrypts messages sent by more than a billion people, updated the open standard so that it, too, is ready for post-quantum computing (PQC). Just like Apple, Signal added Kyber to X3DH, the algorithm it was using previously. Together, they're known as PQXDH.

iMessage and Signal provide end-to-end encryption, a protection that makes it impossible for anyone other than the sender and recipient of a message to read it in decrypted form. iMessage began offering E2EE with its rollout in 2011. Signal became available in 2014.

[...] Another important part of the iMessage upgrade is automatic key refreshing that happens behind the scenes. By changing the key regularly as messages pass back and forth, messengers become more resilient in the event of a compromise. When an adversary obtains a static key, all messages sent with it are subject to immediate decryption. Key refreshing in the same scenario limits what can be decrypted to only a single message or a small subset of messages.

Signal has always provided key refreshing through a signature innovation in the protocol known as ratcheting. Apple says its key refresh mechanism is modeled on ratcheting. To do this, Apple is replacing the elliptic-curve cryptography used since 2019 with Elliptic-curve Diffie-Hellman.

[...] Another difference between the two apps that privacy-minded people should remember is that, by default, iMessage backs up messages within iCloud with no E2EE. Advanced encryption will do nothing to protect users in this scenario. People should either turn off iCloud backups or turn on E2EE in iCloud. (Signal doesn't back up messages at all.)

Apple said it turned to two outside cryptography teams to verify that PQ3 is secure. Both supplied mathematical proofs, one titled Security Analysis of the iMessage PQ3 Protocol and the other A Formal Analysis of the iMessage PQ3 Messaging Protocol.

Original Submission

posted by hubie on Sunday February 25, @08:35PM   Printer-friendly

Historians have discovered what may be the world's first decimal point, in an ancient manuscript written 150 years before its next known appearance. There have been many ways to split integers, but this little dot has proven uniquely powerful.

The mathematics we all learn at school seems so fundamental that it doesn't feel like individual concepts in it would need "inventing," but these pieces arose separately as scientists and mathematicians realized they were needed. For instance, scientists recently found the oldest written record of the numeral "0," dating back 500 years earlier than previously thought.

Now, it looks like the decimal point is also older than expected. Ever since we've realized we sometimes need to break numbers into smaller fragments, humans have denoted the difference using various symbols – dashes, vertical lines, arcs and underscores have filled the role, but none of those have survived into modern usage. Commas and periods are the most common now, so when did they start?

Previously, the earliest known use of a period as a decimal point was thought to be an astronomical table by the German mathematician Christopher Clavius in 1593. But according to modern scientists, that kind of test is a weird place to introduce such a massive concept to the world, and Clavius didn't really go on to use the idea much in his later writings. Basically, if he realized the need for the concept and invented a neat way to display and work with it, why didn't he brag about it?

The answer, it seems, is that Clavius was just borrowing an older idea that had essentially been lost to time, and wasn't the preferred method in his era. A new study has found that the decimal point dates back to the 1440s – about 150 years earlier – first appearing in the writings of Italian mathematician Giovanni Bianchini.

Bianchini was a professor of mathematics and astronomy at the University of Ferrara, but he also had a background in what we'd now call finance – he was a merchant, and managed assets and investments for a wealthy ruling family of the time. That real-world experience seems to have influenced his mathematical work, since Bianchini was known to have created his own system of dividing measurement units like feet into 10 equal parts to make them easier to work with. As fundamental as it feels to modern sensibilities, it didn't catch on with the 15th century crowd who were used to a base-60 system.

Now, Dr. Glen Van Brummelen, a professor at Trinity Western University in Canada, has discovered that Bianchini illustrated this system with a decimal point, the first ever. Van Brummelen found that in a manuscript called Tabulae primi mobilis B, Bianchini was using numbers with dots in the middle – the first one being 10.4 – and showing how to multiply them, something that was tricky in a base-60 system.

"I realized that he's using this just as we do, and he knows how to do calculations with it," Van Brummelen told Nature. "I remember running up and down the hallways of the dorm with my computer trying to find anybody who was awake, shouting 'look at this, this guy is doing decimal points in the 1440s!'"

Journal Reference:
Glen Van Brummelen, Decimal fractional numeration and the decimal point in 15th-century Italy, Historica Mathematica, In Press, 2024.

Original Submission

posted by hubie on Sunday February 25, @03:47PM   Printer-friendly
from the life-imitating-art-imitating-life dept.

On Monday, Will Smith posted a video on his official Instagram feed that parodied an AI-generated video of the actor eating spaghetti that went viral last year. With the recent announcement of OpenAI's Sora video synthesis model, many people have noted the dramatic jump in AI-video quality over the past year compared to the infamous spaghetti video. Smith's new video plays on that comparison by showing the actual actor eating spaghetti in a comical fashion and claiming that it is AI-generated.
In the Instagram comments section, some people expressed confusion about the new (non-AI) video, saying, "I'm still in doubt if second video was also made by AI or not." In a reply, someone else wrote, "Boomers are gonna loose [sic] this one. Second one is clearly him making a joke but I wouldn't doubt it in a couple months time it will get like that."

We have not yet seen a model with the capability of Sora attempt to create a new Will-Smith-eating-spaghetti AI video, but the result would likely be far better than what we saw last year, even if it contained obvious glitches.

Original Submission

posted by janrinok on Sunday February 25, @11:03AM   Printer-friendly

Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks:

A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities.

"SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández said. "The worm automatically searches through known credential locations and shell history files to determine its next move."

SSH-Snake was first released on GitHub in early January 2024, and is described by its developer as a "powerful tool" to carry out automatic network traversal using SSH private keys discovered on systems.

In doing so, it creates a comprehensive map of a network and its dependencies, helping determine the extent to which a network can be compromised using SSH and SSH private keys starting from a particular host. It also supports resolution of domains which have multiple IPv4 addresses. "It's completely self-replicating and self-propagating – and completely fileless," according to the project's description. "In many ways, SSH-Snake is actually a worm: It replicates itself and spreads itself from one system to another as far as it can."

Sysdig said the shell script not only facilitates lateral movement, but also provides additional stealth and flexibility than other typical SSH worms.

The cloud security company said it observed threat actors deploying SSH-Snake in real-world attacks to harvest credentials, the IP addresses of the targets, and the bash command history following the discovery of a command-and-control (C2) server hosting the data.

"The usage of SSH keys is a recommended practice that SSH-Snake tries to take advantage of in order to spread," Hernández said. "It is smarter and more reliable which will allow threat actors to reach farther into a network once they gain a foothold."

When reached for comment, Joshua Rogers, the developer of SSH-Snake, told The Hacker News that the tool offers legitimate system owners a way to identify weaknesses in their infrastructure before attackers do, urging companies to use SSH-Snake to "discover the attack paths that exist – and fix them." "It seems to be commonly believed that cyber terrorism 'just happens' all of a sudden to systems, which solely requires a reactive approach to security," Rogers said. "Instead, in my experience, systems should be designed and maintained with comprehensive security measures."

"If a cyber terrorist is able to run SSH-Snake on your infrastructure and access thousands of servers, focus should be put on the people that are in charge of the infrastructure, with a goal of revitalizing the infrastructure such that the compromise of a single host can't be replicated across thousands of others."

SSH-Snake: Automated SSH-Based Network Traversal:

Original Submission

posted by janrinok on Sunday February 25, @06:13AM   Printer-friendly
from the Can-it-core-a-apple? dept.

The Driven, an Australian car news site is reporting on a new EV offering from Chinese auto manufacturer BYD

From the article:

At $US15,000, BYD's new Qin EV is already being touted as a "Corolla killer" as the world's second largest EV maker continues to disrupt the global auto market.

Launched earlier this week in China, the all-electric Qin Plus has five models priced between 109,800 RMB to ($A23,300) to 139,800 RMB ($A29,700).

The Qin Plus comes with a 100 kW motor and the option of either a 48 kWh battery providing 420 km CLTC range or a 57.6 kW hour battery with 510 km range.

[...] Indeed, most legacy car makers, at least those that are bothering to make EVs at scale at all, are still focused on the top end of the market, selling premium and heavy and high cost EVs, largely to protect their ICE business. In the US, the major car makers are retreating rapidly on their EV plans.

BYD, which is challenging Tesla as the biggest EV maker in the world, says it's "officially opening a new era where electricity is lower than oil."

Additional reporting on the BYD Qin:

Original Submission

posted by janrinok on Sunday February 25, @01:24AM   Printer-friendly
from the yeah,-no,-yeah dept.

"Cox did not profit from its subscribers' acts of infringement," judges rule:

A federal appeals court today overturned a $1 billion piracy verdict that a jury handed down against cable Internet service provider Cox Communications in 2019. Judges rejected Sony's claim that Cox profited directly from copyright infringement committed by users of Cox's cable broadband network.

Appeals court judges didn't let Cox off the hook entirely, but they vacated the damages award and ordered a new damages trial, which will presumably result in a significantly smaller amount to be paid to Sony and other copyright holders. Universal and Warner are also plaintiffs in the case.

"We affirm the jury's finding of willful contributory infringement," said a unanimous decision by a three-judge panel at the US Court of Appeals for the 4th Circuit. "But we reverse the vicarious liability verdict and remand for a new trial on damages because Cox did not profit from its subscribers' acts of infringement, a legal prerequisite for vicarious liability."

If the correct legal standard had been used in the district court, "no reasonable jury could find that Cox received a direct financial benefit from its subscribers' infringement of Plaintiffs' copyrights," judges wrote.

The case began when Sony and other music copyright holders sued Cox, claiming that it didn't adequately fight piracy on its network and failed to terminate repeat infringers. A US District Court jury in the Eastern District of Virginia found the ISP liable for infringement of 10,017 copyrighted works.

Cox's appeal was supported by advocacy groups concerned that the big-money judgment could force ISPs to disconnect more Internet users based merely on accusations of copyright infringement. Groups such as the Electronic Frontier Foundation also called the ruling legally flawed.

"When these music companies sued Cox Communications, an ISP, the court got the law wrong," the EFF wrote in 2021. "It effectively decided that the only way for an ISP to avoid being liable for infringement by its users is to terminate a household or business's account after a small number of accusations—perhaps only two. The court also allowed a damages formula that can lead to nearly unlimited damages, with no relationship to any actual harm suffered. If not overturned, this decision will lead to an untold number of people losing vital Internet access as ISPs start to cut off more and more customers to avoid massive damages."

In today's 4th Circuit ruling, appeals court judges wrote that "Sony failed, as a matter of law, to prove that Cox profits directly from its subscribers' copyright infringement."

A defendant may be vicariously liable for a third party's copyright infringement if it profits directly from it and is in a position to supervise the infringer, the ruling said. Cox argued that it doesn't profit directly from infringement because it receives the same monthly fee from subscribers whether they illegally download copyrighted files or not, the ruling noted.

Original Submission