SoylentNews

owl writes:

https://qz.com/mcdonalds-broken-ice-cream-machines-federal-regulators-1851339089

Federal regulators want to fix McDonald's broken ice cream machines, and they're asking to expand right-to-repair laws to address the issue. In a letter to the U.S. Copyright Office on Thursday, regulators asked for commercial soft-serve machines to be exempt from current laws making them difficult to repair. The laws also make it more difficult for you to get a McFlurry.

"In the Agencies' view, renewing and expanding repair-related exemptions would promote competition in markets for replacement parts, repair, and maintenance services," said the Department of Justice and the Federal Trade Commission in a joint letter.

The McDonald's broken ice cream machines have found themselves at the center of the right-to-repair movement. The reason McDonald's ice cream machines are always down is because of copyright law. Only technicians licensed by the company that made the device are allowed to touch the machines, and they charge over $300 for a 15-minute servicing, according to the letter. The DOJ and the FTC identified commercial soft-serve machines as one of four device categories that would benefit from an easing of copyright laws.

Original Submission

Runaway1956 writes:

https://news.mit.edu/2023/surprising-finding-light-makes-water-evaporate-without-heat-1031
https://www.pnas.org/doi/full/10.1073/pnas.2312751120 Note that the paper is not paywalled.

A newly identified process could explain a variety of natural phenomena and enable new approaches to desalination.

Evaporation is happening all around us all the time, from the sweat cooling our bodies to the dew burning off in the morning sun. But science's understanding of this ubiquitous process may have been missing a piece all this time.

In recent years, some researchers have been puzzled upon finding that water in their experiments, which was held in a sponge-like material known as a hydrogel, was evaporating at a higher rate than could be explained by the amount of heat, or thermal energy, that the water was receiving. And the excess has been significant — a doubling, or even a tripling or more, of the theoretical maximum rate.

After carrying out a series of new experiments and simulations, and reexamining some of the results from various groups that claimed to have exceeded the thermal limit, a team of researchers at MIT has reached a startling conclusion: Under certain conditions, at the interface where water meets air, light can directly bring about evaporation without the need for heat, and it actually does so even more efficiently than heat. In these experiments, the water was held in a hydrogel material, but the researchers suggest that the phenomenon may occur under other conditions as well.

The findings are published this week in a paper in PNAS, by MIT postdoc Yaodong Tu, professor of mechanical engineering Gang Chen, and four others.

The phenomenon might play a role in the formation and evolution of fog and clouds, and thus would be important to incorporate into climate models to improve their accuracy, the researchers say. And it might play an important part in many industrial processes such as solar-powered desalination of water, perhaps enabling alternatives to the step of converting sunlight to heat first.

The new findings come as a surprise because water itself does not absorb light to any significant degree. That's why you can see clearly through many feet of clean water to the surface below. So, when the team initially began exploring the process of solar evaporation for desalination, they first put particles of a black, light-absorbing material in a container of water to help convert the sunlight to heat.

Freeman writes:

https://arstechnica.com/tech-policy/2024/06/appeals-court-seems-lost-on-how-internet-archive-harms-publishers/

The Internet Archive (IA) went before a three-judge panel Friday to defend its open library's controlled digital lending (CDL) practices after book publishers last year won a lawsuit claiming that the archive's lending violated copyright law.

In the weeks ahead of IA's efforts to appeal that ruling, IA was forced to remove 500,000 books from its collection, shocking users. In an open letter to publishers, more than 30,000 readers, researchers, and authors begged for access to the books to be restored in the open library, claiming the takedowns dealt "a serious blow to lower-income families, people with disabilities, rural communities, and LGBTQ+ people, among many others," who may not have access to a local library or feel "safe accessing the information they need in public."

[...] IA has argued that because copyright law is intended to provide equal access to knowledge, copyright law is better served by allowing IA's lending than by preventing it. They're hoping the judges will decide that CDL is fair use, reversing the lower court's decision and restoring access to books recently removed from the open library. But Gratz said there's no telling yet when that decision will come.

[...] McSherry seemed optimistic that the judges at least understood the stakes for IA readers, noting that fair use is "designed to ensure that copyright actually serves the public interest," not publishers'. Should the court decide otherwise, McSherry warned, the court risks allowing "a few powerful publishers" to "hijack the future of books."

When IA first appealed, Kahle put out a statement saying IA couldn't walk away from "a fight to keep library books available for those seeking truth in the digital age."

Previously on SoylentNews:
Internet Archive Forced to Remove 500,000 Books After Publishers' Court Win - 20240627

Original Submission

upstart writes:

China issues rare earth regulations to further protect domestic supply By Reuters:

China has unveiled a list of rare earth regulations aimed at protecting supplies in the name of national security, laying out rules on the mining, smelting and trade in the critical materials used to make products from magnets in electric vehicles to consumer electronics.

The regulations, issued by the State Council or cabinet on Saturday, say rare earth resources belong to the state, and that the government will oversee the development of the industry around rare earths - a group of 17 minerals of which China has in recent years become the world's dominant producer, accounting for nearly 90% of global refined output.

Their global industrial significance is such that under a law that entered into force in May the EU set ambitious 2030 targets for domestic production of minerals crucial in the green transition - particularly rare earths due to their use in permanent magnets that power motors in EVs and wind energy.

EU demand is forecast to soar sixfold in the decade to 2030 and sevenfold by 2050.

The new Chinese regulations, which will take effect on Oct. 1, say the State Council will establish a rare earth product traceability information system.

Enterprises in rare earth mining, smelting and separation, and the export of rare earth products, shall establish a product flow record system, shall "truthfully" record the flow, and shall enter it into the traceability system, the State Council said.

China already last year introduced restrictions on exports of the elements germanium and gallium, used widely in the chip-making sector, citing the need to protect national security and interests.

It also banned the export of technology to make rare earth magnets, in addition to imposing a ban on technology to extract and separate rare earths.

Original Submission

owl writes:

https://www.locksmithledger.com/keys-tools/article/10229247/unlocking-a-gary-tl-15-round-door-safe

A man once closed and locked a safe, knowing that the combination was written down ... somewhere. Ten years later, the safe remained locked and the combination had not been found. Since the owner of this safe wanted to start using it for his business, the company requested my services as a safecracker.

When I arrived at that business, I was led to the safe shown in Figure 1. It was a red Gary safe with a jeweled steel face and a chrome-plated, spy-proof Sargent & Greenleaf dial. The serial number on the door was 46792. I knew very little about this model of safe. In fact, everything I knew is what I just told you. I simply had not yet had the privilege of working on any hinged round doors made by Gary. It is wonderful, when approaching a job like this, to have good documentation of all relevant details about the safe. This article, however, is intended to demonstrate that a good plan of attack can often be devised even without such information.

Original Submission

Arthur T Knackerbracket has processed the following story:

Understanding the reasons behind our procrastination can help us regain productivity.

Procrastination, the intentional yet harmful delay of tasks, manifests in various forms. Sahiti Chebolu from the Max Planck Institute for Biological Cybernetics employs a precise mathematical framework to analyze its different patterns and underlying causes. Her insights could assist in creating personalized strategies to address this issue.

"Why did I not do this when I still had the time?" – Whether it is filing taxes, meeting a deadline at work, or cleaning the apartment before a family visit, most of us have already wondered why we tend to put off certain tasks, even in the face of unpleasant consequences. Why do we make decisions that are harmful to us – against our better knowledge? This is precisely the conundrum of procrastination. Procrastination, the deliberate but ultimately detrimental delaying of tasks, is not only hampering productivity but has also been linked to a host of mental health issues. So it is certainly worth asking why this much talked-about phenomenon has such a grip on us – and what it actually is.

"Procrastination is an umbrella term for different behaviors," says computational neuroscientist Sahiti Chebolu from the Max Planck Institute for Biological Cybernetics. "If we want to understand it, we need to differentiate between its various types." One common pattern is that we defect on our own decisions: we might, for example, set aside an evening for the tax return, but when the time has come we watch a movie instead. Something else is going on when we do not commit to a time in the first place: we might be waiting for the right conditions. The possible patterns of procrastination are myriad: from starting late to abandoning a task halfway through, Chebolu classified them all and identified possible explanations for each: misjudging the time needed or protecting the ego from prospective failure are just two of them.

Can such a classification really help you get stuff done? Chebolu is convinced that a mathematically precise understanding of the mechanism at play is the first step to tackling it. She frames procrastination as a series of temporal decisions. What exactly happens, for example, when we schedule our tax declaration for Friday night but then succumb to the temptations of a streaming service? One way to think of decision-making is that our brain adds up all the rewards and penalties we expect to gain from the alternative behaviors: watching a movie or doing annoying paperwork. Quite naturally, it then picks the course of action that promises to be most pleasant overall.

Arthur T Knackerbracket has processed the following story:

The New South Wales Crime Commission commenced Project Hakea to investigate the use of tracking and other surveillance devices as an enabler of serious and organized crime in the southeastern Australian state.

The study looked at 5,163 trackers, purchased by 3,147 customers in 4,176 transactions. Using an extensive data matching process, it was discovered that 37% of customers were known to NSW police for criminal behavior. Moreover, 25% of customers had a recorded history of domestic and family violence, 15% were known for involvement in serious and organized crime activity, and 6% had a different criminal background.

It was also found that 126 customers were Apprehended Violence Order (AVO) defendants at the time they purchased a tracking device. An AVO is a court order issued to protect an individual who has a reasonable fear of violence or harassment from a specified person. Some customers bought the trackers days after the AVO was enforced.

The findings state that tracking and other surveillance devices are increasingly used to facilitate organized crime, including murder, kidnapping, and drug trafficking.

[...] The study recommends a change in the law to restrict the sale of tracking devices.

In May, Apple and Google announced that their previously confirmed industry specification for Bluetooth tracking devices was being rolled out to iOS and Android platforms, which should help prevent stalking by alerting users of suspicious Bluetooth trackers.

Original Submission

Freeman writes:

https://arstechnica.com/information-technology/2024/06/toys-r-us-riles-critics-with-first-ever-ai-generated-commercial-using-sora/

On Monday, Toys "R" Us announced that it had partnered with an ad agency called Native Foreign to create what it calls "the first-ever brand film using OpenAI's new text-to-video tool, Sora." OpenAI debuted Sora in February, but the video synthesis tool has not yet become available to the public. The brand film tells the story of Toys "R" Us founder Charles Lazarus using AI-generated video clips.

"We are thrilled to partner with Native Foreign to push the boundaries of Sora, a groundbreaking new technology from OpenAI that's gaining global attention," wrote Toys "R" Us on its website. "Sora can create up to one-minute-long videos featuring realistic scenes and multiple characters, all generated from text instruction. Imagine the excitement of creating a young Charles Lazarus, the founder of Toys "R" Us, and envisioning his dreams for our iconic brand and beloved mascot Geoffrey the Giraffe in the early 1930s."

Previously on SoylentNews:
Tyler Perry Puts $800 Million Studio Expansion on Hold Because of OpenAI's Sora - 20240225
OpenAI Teases a New Generative Video Model Called Sora - 20240222
Toys 'R' Us Files for Bankruptcy Protection in US - 20170919 (Toys 'R' Us is a "zombie brand" now. The entity in Canada was and is separate and still exists.)

Original Submission

Arthur T Knackerbracket has processed the following story:

A team of anthropologists and biologists from Canada, Poland, and the U.S., working with researchers at the American Museum of Natural History, in New York, has found via meta-analysis of data from prior research efforts that homosexual behavior is far more common in other animals than previously thought. The paper is published in PLOS ONE.

For many years, the biology community has accepted the notion that homosexuality is less common in animals than in humans, despite a lack of research on the topic. In this new effort, the researchers sought to find out if such assumptions are true.

[...] The researchers found that 76% of the studies mentioned observations of homosexual behavior, though they also noted that only 46% had collected data surrounding such behavior—and only 18.5% of those who had mentioned such behavior in their papers had focused their efforts on it to the extent of publishing work with homosexuality as it core topic.

They noted that homosexual behavior observed in other species included mounting, intromission and oral contact—and that researchers who identified as LGBTQ+ were no more or less likely to study the topic than other researchers.

The researchers point to a hesitancy in the biological community to study homosexuality in other species, and thus, little research has been conducted. They further suggest that some of the reluctance has been due to the belief that such behavior is too rare to warrant further study.

More information: Karyn A. Anderson et al, Same-sex sexual behaviour among mammals is widely observed, yet seldomly reported: Evidence from an online expert survey, PLOS ONE (2024). DOI: 10.1371/journal.pone.0304885

Original Submission

owl writes:

https://arstechnica.com/gadgets/2024/07/bleeding-subscribers-cable-companies-force-their-way-into-streaming/

It's clear that streaming services are the present and future of video distribution. But that doesn't mean that cable companies are ready to give up on your monthly dollars.

A sign of this is Comcast, the US' second-biggest cable company, debuting a new streaming service today. Comcast already had an offering that let subscribers stream its Xfinity cable live channels and access some titles on demand. NOW TV Latino differs in being a separate, additional streaming service that people can subscribe to independently of Xfinity cable for $10 per month.

However, unlike streaming services like Netflix or Max, you can only subscribe to NOW TV Latino if Xfinity is sold in your area. NOW TV Latino subscriptions include the ability to stream live TV from Spanish-language channels that Xfinity offers, like Sony Cine and ViendoMovies. And because Comcast owns NBCUniversal, people who subscribe to NOW TV Latino get a free subscription to Peacock with commercials, which usually costs $6/month.

Original Submission

upstart writes:

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems:

OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems.

The vulnerability has been assigned the CVE identifier CVE-2024-6387. It resides in the OpenSSH server component, also known as sshd, which is designed to listen for connections from any of the client applications.

"The vulnerability, which is a signal handler race condition in OpenSSH's server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems," Bharat Jogi, senior director of the threat research unit at Qualys, said in a disclosure published today. "This race condition affects sshd in its default configuration."

The cybersecurity firm said it identified no less than 14 million potentially vulnerable OpenSSH server instances exposed to the internet, adding it's a regression of an already patched 18-year-old flaw tracked as CVE-2006-5051, with the problem reinstated in October 2020 as part of OpenSSH version 8.5p1.

"Successful exploitation has been demonstrated on 32-bit Linux/glibc systems with [address space layout randomization]," OpenSSH said in an advisory. "Under lab conditions, the attack requires on average 6-8 hours of continuous connections up to the maximum the server will accept."

[...] The net effect of exploiting CVE-2024-6387 is full system compromise and takeover, enabling threat actors to execute arbitrary code with the highest privileges, subvert security mechanisms, data theft, and even maintain persistent access.

"A flaw, once fixed, has reappeared in a subsequent software release, typically due to changes or updates that inadvertently reintroduce the issue," Jogi said. "This incident highlights the crucial role of thorough regression testing to prevent the reintroduction of known vulnerabilities into the environment."

While the vulnerability has significant roadblocks due to its remote race condition nature, users are recommended to apply the latest patches to secure against potential threats. It's also advised to limit SSH access through network-based controls and enforce network segmentation to restrict unauthorized access and lateral movement.

See also:

• Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack

Original Submission

Arthur T Knackerbracket has processed the following story:

A recent study published in Nature Communications reveals that a massive earthquake 2,500 years ago dramatically shifted the course of one of the world’s largest rivers. This previously undocumented seismic event rerouted the main channel of the Ganges River into present-day, densely populated Bangladesh, an area that continues to be at high risk for significant earthquakes.

Scientists have documented many river-course changes, called avulsions, including some in response to earthquakes. However, “I don’t think we have ever seen such a big one anywhere,” said study coauthor Michael Steckler, a geophysicist at Lamont-Doherty Earth Observatory, which is part of the Columbia Climate School. It could have easily inundated anyone and anything in the wrong place at the wrong time, he said.

[...] Like other rivers that run through major deltas, the Ganges periodically undergo minor or major course changes without any help from earthquakes. Sediments washed from upstream settle and build up in the channel, until eventually, the river bed grows subtly higher than the surrounding flood plain. At some point, the water breaks through and begins constructing a new path for itself. But this does not generally happen all at once—it may take successive floods over years or decades. An earthquake-related avulsion, on the other hand, can occur more or less instantaneously, said Steckler.

[...] Chamberlain and other researchers were exploring this area in 2018 when they came across a freshly dug excavation for a pond that had not yet been filled with water. On one flank, they spotted distinct vertical dikes of light-colored sand cutting up through horizontal layers of mud. This is a well-known feature created by earthquakes: In such watery areas, sustained shaking can pressurize buried layers of sand and inject them upward through overlying mud. The result: literal sand volcanoes, which can erupt at the surface. Called seismites, here, they were 30 or 40 centimeters wide, cutting up through 3 or 4 meters of mud.

owl writes:

https://pluralistic.net/2024/06/27/nuke-first/#ask-questions-never

We're living through one of those moments when millions of people become suddenly and overwhelmingly interested in fair use, one of the subtlest and worst-understood aspects of copyright law. It's not a subject you can master by skimming a Wikipedia article!

I've been talking about fair use with laypeople for more than 20 years. I've met so many people who possess the unshakable, serene confidence of the truly wrong, like the people who think fair use means you can take x words from a book, or y seconds from a song and it will always be fair, while anything more will never be.

Or the people who think that if you violate any of the four factors, your use can't be fair – or the people who think that if you fail all of the four factors, you must be infringing (people, the Supreme Court is calling and they want to tell you about the Betamax!).

You might think that you can never quote a song lyric in a book without infringing copyright, or that you must clear every musical sample. You might be rock solid certain that scraping the web to train an AI is infringing. If you hold those beliefs, you do not understand the "fact intensive" nature of fair use.

Original Submission

Arthur T Knackerbracket has processed the following story:

https://www.sciencealert.com/icelands-volcanic-eruptions-could-continue-for-decades-study-finds

After almost 800 years of relative dormancy, volcanoes on Iceland's Reykjanes Peninsula are returning to life with renewed ferocity. Eight eruptions have occurred since 2021 and new research suggests the upsurge in volcanic activity stems from a shallow pool of magma just 10 kilometers (6.2 miles) wide and only 9-12 kilometers below the surface.

Alerting authorities to this magma source is critical for the ongoing safety of residents in the region, with researchers claiming the magma pool could feed similarly-sized volcanic eruptions in the area for years or maybe decades more.

"A comparison of [current] eruptions with historical events provides strong evidence that Iceland will have to prepare and be ready for this volcanic episode to continue for some time, possibly even years to decades," says geologist Valentin Troll of Uppsala University in Sweden, who led the study.

Troll and his colleagues used seismic wave data from volcanic eruptions and earthquake 'swarms' to map the subsurface of the Reykjanes Peninsula in southwest Iceland, which is home to most of the country's population.

They found the 2021 eruptions of the Fagradalsfjall volcanic system were fed by a pocket of magma that then oozed along geological lines to Sundhnúkur, where volcanoes have been spewing lava since late 2023.

With both eruption zones expelling lavas with similar geochemical 'fingerprints', the findings suggest a "connected magma plumbing system" joins the two volcanic systems. Historical data indicates this shared magma pool likely formed sometime between 2002 and 2020, was recharged again in 2023, and continues to supply magma from shallow depths to surface fissures and vents via slightly sloped pathways. Melting rock deeper in the mantle replenishes the magma pool, so it may fuel eruptions for decades to come.

"There is a need for an improved understanding of the magma supply system that feeds the ongoing eruptive events," Troll and colleagues write in their published paper.

"Increased eruption frequencies should be expected for the foreseeable future."

Now that the magma pool has been identified, it can be mapped and monitored to prepare communities for what might eventuate.

hubie writes:

Chrome will distrust CA certificates from Entrust later this year

A Certification Authority (CA) issues certificates that help guarantee you're visiting a legitimate website. Over the years, Chrome has had to distrust some CAs, and the Google browser is about to do that again with certificates from Entrust.

Over the past six years, we have observed a pattern of compliance failures, unmet improvement commitments, and the absence of tangible, measurable progress in response to publicly disclosed incident reports.

Google points to a list of "publicly disclosed incident reports" that highlight a "pattern of concerning behaviors by Entrust that fall short of the [Chrome Root Program Policy requirements], and has eroded confidence in their competence, reliability, and integrity as a publicly-trusted CA Owner."

When these factors are considered in aggregate and considered against the inherent risk each publicly-trusted CA poses to the Internet ecosystem, it is our opinion that Chrome's continued trust in Entrust is no longer justified.

[...] Google's recommendation to website owners is to "transition to a new publicly-trusted CA Owner as soon as reasonably possible" before November 1. Meanwhile, other Google products might take similar actions in the future.

[...] More details of Google's roadmap and a FAQ can be found here.

Google cuts ties with Entrust in Chrome over trust issues

Google is severing its trust in Entrust after what it describes as a protracted period of failures around compliance and general improvements.

Entrust is one of the many certificate authorities (CA) used by Chrome to verify that the websites end users visit are trustworthy. From November 1 in Chrome 127, which recently entered beta, TLS server authentication certificates validating to Entrust or AffirmTrust roots won't be trusted by default.

Google pointed to a series of incident reports over the past few years concerning Entrust, saying they "highlighted a pattern of concerning behaviors" that have ultimately seen the security company fall down in Google's estimations.

The incidents have "eroded confidence in [Entrust's] competence, reliability, and integrity as a publicly trusted CA owner," Google stated in a blog.

It follows a May publication by Mozilla, which compiled a sprawling list of Entrust's certificate issues between March and May this year. In response, and after an initial reply that was greeted with harsh feedback from the Mozilla community, Entrust acknowledged its procedural failures, Mozilla noted, and said it was treating the feedback as a learning opportunity.

It now seems Google hasn't been as accepting of Entrust's apologetic response.

[...] Tim Callan, chief experience officer at Sectigo, said in an email to The Reg that the news serves as a reminder to CAs that they must hold themselves to the standards the industry expects of them.

"CAs have to hold themselves to the highest of standards, not only for the sake of their business but for all the people and businesses that depend on them. With a shorter lifecycle timeline of 90 days looming, and the implications of Quantum Computing also on the horizon, things aren't getting any less complicated.

[...] A spokeperson at Entrust sent a statement to The Register: "The decision by the Chrome Root Program comes as a disappointment to us as a long-term member of the CA/B Forum community. We are committed to the public TLS certificate business and are working on plans to provide continuity to our customers."

A little web scraping shows that there are some pretty big name websites that currently use Entrust certs.

Original Submission