SoylentNews

Freeman writes:

https://arstechnica.com/tech-policy/2024/08/backpage-founder-michael-lacey-gets-5-years-in-prison-for-money-laundering/

Backpage founder Michael Lacey was sentenced yesterday to five years in prison and fined $3 million after being convicted on one count of money laundering. Lacey, 76, was also sentenced to three years of supervised release, the Department of Justice said in a press release.

[...] Authorities alleged that Backpage generated over $500 million in revenue from running a forum that facilitated prostitution. While Lacey argued that he wasn't involved in day-to-day operations, US District Judge Diane Humetewa "told Lacey during Wednesday's sentencing he was aware of the allegations against Backpage and did nothing," according to the Associated Press.

"In the face of all this, you held fast," Humetewa reportedly said. "You didn't do a thing." The US government recommended 20-year prison sentences for each of the three defendants.

[...] Lacey will fight the sentencing. "Paul Cambria, Mr. Lacey's lawyer, called the sentencing on Wednesday a 'mistake' and said that they would appeal, adding that there was evidence that Mr. Lacey never concealed financial information. A lawyer for Mr. Brunst, Gary Lincenberg, said his client also planned to appeal," The New York Times wrote.

[...] In November 2023, a jury in US District Court for the District of Arizona convicted Lacey of international concealment money laundering but returned no verdict on 85 other charges related to money laundering and facilitation of prostitution. In April, Humetewa acquitted Lacey on 50 of the charges that the jury did not reach a verdict on. Even "after viewing the record in the light most favorable to the Government, the Court finds there is insufficient of evidence to support convictions" on those counts, she wrote.

[...] Backpage co-founder and CEO Carl Ferrer agreed to plead guilty in 2018 and cooperated with authorities on the investigation into Backpage. Ferrer could still go to prison, but his "plea agreement contemplates that he will not be sentenced until the conclusion of his cooperation," the US government has said.

[...] In September 2021, a previous judge handling the Backpage case declared a mistrial, finding that US prosecutors unfairly tainted the jury by focusing too heavily on claims of child sex trafficking in a case that did not involve any charges of child sex trafficking. At the time, Judge Susan Brnovich said she gave the government leeway to mention child sex trafficking, but the "government abused that leeway."

Previously on SoylentNews:
DoJ Lets Cops Know SESTA/FOSTA Is For Shutting Down Websites, Not Busting Sex Traffickers - 20180617
Backpage CEO Takes Plea Deal, Will Testify Against Other Executives; President Signs FOSTA-SESTA - 20180413

Original Submission

owl writes:

https://www.haskellforall.com/2024/08/firewall-rules-not-as-secure-as-you.html

This post introduces some tricks for jailbreaking hosts behind "secure" enterprise firewalls in order to enable arbitrary inbound and outbound requests over any protocol. You'll probably find the tricks outlined in the post useful if you need to deploy software in a hostile networking environment.

The motivation for these tricks is that you might be a vendor that sells software that runs in a customer's datacenter (a.k.a. on-premises software), so your software has to run inside of a restricted network environment. You (the vendor) can ask the customer to open their firewall for your software to communicate with the outside world (e.g. your own datacenter or third party services), but customers will usually be reluctant to open their firewall more than necessary.

For example, you might want to ssh into your host so that you can service, maintain, or upgrade the host, but if you ask the customer to open their firewall to let you ssh in they'll usually push back on or outright reject the request. Moreover, this isn't one of those situations where you can just ask for forgiveness instead of permission because you can't begin to do anything without explicitly requesting some sort of firewall change on their part.

So I'm about to teach you a bunch of tricks for efficiently tunneling whatever you want over seemingly innocuous openings in a customer's firewall.....

We are not condoning such actions, but you cannot secure your own systems unless you know how the opposition will attack them.

Original Submission

Booga1 writes:

TikTok must face lawsuit over 10-year-old girl's death, US court rules.

A U.S. appeals court has revived a lawsuit against TikTok by the mother of a 10-year-old girl who died after taking part in a viral "blackout challenge" in which users of the social media platform were dared to choke themselves until they passed out.

While a federal law typically shields internet companies from lawsuits over content posted by users, the Philadelphia-based 3rd U.S. Circuit Court of Appeals on Tuesday ruled the law does not bar Nylah Anderson's mother from pursuing claims that TikTok's algorithm recommended the challenge to her daughter.

U.S. Circuit Judge Patty Shwartz, writing for the three-judge panel, said that Section 230 of the Communications Decency Act of 1996 only immunizes information provided by third parties and not recommendations TikTok itself made via an algorithm underlying its platform.

She acknowledged the holding was a departure from past court rulings by her court and others holding that Section 230 immunizes an online platform from liability for failing to prevent users from transmitting harmful messages to others.

But she said that reasoning no longer held after a U.S. Supreme Court ruling in July on whether state laws designed to restrict the power of social media platforms to curb content they deem objectionable violate their free speech rights.
In those cases, the Supreme Court held a platform's algorithm reflects "editorial judgments" about "compiling the third-party speech it wants in the way it wants." Shwartz said under that logic, content curation using algorithms is speech by the company itself, which is not protected by Section 230.

"TikTok makes choices about the content recommended and promoted to specific users, and by doing so, is engaged in its own first-party speech," she wrote.

TikTok did not respond to requests for comment.

Original Submission

owl writes:

https://blog.hopefullyuseful.com/blog/advantage-air-ezone-tablet-diy-repair/

Forcing customers to replace an entire system just because the cheapest component failed might be really profitable, I have no idea... But I do know that it annoyed me enough to make me want to fix it myself. While I understand that what I do next is beyond a large number of Advantage Air customers, in my investigation I found that there seems to be only software choices preventing modern tablets from working with older control systems. Adding a simple "system" chooser to their software applications would give solutions to everyone, while the custom POE connector would ensure they still need their hardware.

My family had a new home built in 2019. As part of the build package a large ducted reverse cycle (heatpump) air conditioning system was installed. As it was part of the entire build I am not sure on the specific price of this system but based on other quotes I have seen for a similar sized house I would guess $10k-$12k. The system has two main parts, the actual Daikin airconditioner and an Advantage Air control box in attic that opens the vents to the various zones. This control system is operated by a cheap POE powered Android tablet on the wall of the living room.

[...] E-Zone running perfectly on an ancient Samsung Galaxy Tab 4. I was elated. After I gave up on repairing the original, getting this tablet working took only a few hours and was a hell of a lot of fun. This tablet is 10+ years old and yet still is much snappier than the junk that came with the system, but if I want to upgrade to something more powerful, say to control my homeassistant etc... all I need to do is plug it into the usb. But for turning the AC on and off it is more than enough and I am currently waiting on a nice flush connector to arrive then will mount it on the wall.

He had to spend an interesting few hours fixing it but it makes a good read...

Original Submission

Arthur T Knackerbracket has processed the following story:

A team of scientists from the Department of Energy’s SLAC National Accelerator Laboratory has uncovered new information about the photoelectric effect, a phenomenon first described by Einstein over a century ago. Their method provides a new tool to study electron-electron interactions, which are fundamental to many technologies, including semiconductors and solar cells. The results were published on August 21 in the journal Nature.

When an atom or molecule absorbs a photon of light, it can emit an electron in a process known as the photoelectric effect. Einstein’s description of the photoelectric effect, also known as photoionization, laid the theoretical foundation for quantum mechanics. However, the instantaneous nature of this effect has been a topic of intense study and debate. Recent advancements in attosecond science have provided the tools necessary to resolve the ultrafast time delays involved in photoionization.

“Einstein won the Nobel Prize for describing the photoelectric effect, but a hundred years later, we’ve only just begun to truly understand the underlying dynamics,” said lead author and SLAC scientist Taran Driver. “Our work marks a significant step forward by measuring these delays in the X-ray domain, a feat that has not been achieved before.”

Arthur T Knackerbracket has processed the following story:

The California State Assembly has passed the Safe and Secure Innovation for Frontier Artificial Intelligence Models Act (SB 1047), Reuters reports. The bill is one of the first significant regulations of artificial intelligence in the US.

The bill, which has been a flashpoint for debate in Silicon Valley and beyond, would obligate AI companies operating in California to implement a number of precautions before they train a sophisticated foundation model. Those include making it possible to quickly and fully shut the model down, ensuring the model is protected against “unsafe post-training modifications,” and maintaining a testing procedure to evaluate whether a model or its derivatives is especially at risk of “causing or enabling a critical harm.”

Senator Scott Wiener, the bill’s main author, said SB 1047 is a highly reasonable bill that asks large AI labs to do what they’ve already committed to doing: test their large models for catastrophic safety risk. “We’ve worked hard all year, with open source advocates, Anthropic, and others, to refine and improve the bill. SB 1047 is well calibrated to what we know about forseeable AI risks, and it deserves to be enacted.”

Critics of SB 1047 — including OpenAI and Anthropic, politicians Zoe Lofgren and Nancy Pelosi, and California’s Chamber of Commerce — have argued that it’s overly focused on catastrophic harms and could unduly harm small, open-source AI developers. The bill was amended in response, replacing potential criminal penalties with civil ones, narrowing enforcement powers granted to California’s attorney general, and adjusting requirements to join a “Board of Frontier Models” created by the bill.

After the State Senate votes on the amended bill — a vote that’s expected to pass — the AI safety bill will head to Governor Gavin Newsom, who will have until the end of September to decide its fate, according to The New York Times.

Original Submission

Arthur T Knackerbracket has processed the following story:

With impressive speed and candor, Rocket Factory Augsburg (RFA) has provided an update on the anomaly that caused last week's rocket firing at SaxaVord in Shetland, Scotland, to end explosively.

The first stage of RFA's rocket explodes on the SaxaVord launchpad

Brieschenk described the anomaly as "a very unusual one." The leading theory is that there was a fire in an oxygen pump, which is difficult to contain and certainly more than the systems on the stage and launch pad could handle. The damage rapidly spread to the other engines, and despite the stage triggering an emergency stop, the explosion happened shortly after.

The horizontal jet of flame from the base of the stage was indicative of the severity of the damage. Brieschenk explained that the compromised engines had damaged the manifold to such an extent that kerosene began leaking from the vent lines. "That was really the point of no return," he said.

The kerosene fueled the fire. The flames grew more intense and eventually became an oxygen-fed blaze so severe that "large portions of engines were simply combusted." Brieschenk said the CO₂ and water fire suppression systems were not adequately sized to deal with the unfolding damage.

Despite the inevitable delay following the explosion, Brieschenk was keen to highlight that the stage collapsed in a manner which caused it to topple away from the launch pad's umbilical tower. As a result, the pad remained relatively unscathed, aside from elements like the launch stool that were designed to support the stage.

Although Brieschenk said RFA was confident in the design of the offending turbopump, he also noted that more than 100 improvements were being made to the next first stage, which is currently under construction. Many of these improvements aim to prevent a repeat of the SaxaVord incident, where a single turbopump failure led to the loss of the entire stage.

The need to wait for the completion of this first stage, originally intended for the second flight of the RFA One, means that the inaugural launch has been postponed to 2025. The other components, like the second stage, for example, are already at SaxaVord.

The company said it was being as transparent as possible regarding the mishap and was sharing its own raw footage of the incident. It wrote: "Maybe other companies or prospective engineers can learn from it."

You can watch the vid here. Brieschenk concluded: "Enjoy the footage. It is very spectacular, and it has cost us quite some money to generate."

Original Submission

owl writes:

https://ian.sh/tsa

Like many, Sam Curry and I spend a lot of time waiting in airport security lines. If you do this enough, you might sometimes see a special lane at airport security called Known Crewmember (KCM). KCM is a TSA program that allows pilots and flight attendants to bypass security screening, even when flying on domestic personal trips.

The KCM process is fairly simple: the employee uses the dedicated lane and presents their KCM barcode or provides the TSA agent their employee number and airline. Various forms of ID need to be presented while the TSA agent's laptop verifies the employment status with the airline. If successful, the employee can access the sterile area without any screening at all.

A similar system also exists for cockpit access, called the Cockpit Access Security System (CASS). Most aircraft have at least one jumpseat inside the cockpit sitting behind the flying pilots. When pilots need to commute or travel, it is not always possible for them to occupy a revenue seat, so a jumpseat can be used instead. CASS allows the gate agent of a flight to verify that the jumpseater is an authorized pilot. The gate agent can then inform the crew of the flight that the jumpseater was authenticated by CASS.

The employment status check is the most critical component of these processes. If the individual doesn't currently work for an airline, they have not had a background check and should not be permitted to bypass security screening or access the cockpit. This process is also responsible for returning the photo of the crewmember to ensure the right person is being authorized for access. So how does this work, when every airline presumably uses a different system to store their employee information? That is what we were wondering, and where it gets interesting...

Original Submission

Arthur T Knackerbracket has processed the following story:

Over the past few decades, scientists have generated a pile of evidence suggesting that a diet rich in saturated fats is enough to cause heart diseases. Besides other problems like diabetes and atherosclerosis, saturated fats have also been linked to life-threatening arrhythmias.

Interestingly, based on animal and human studies, certain omega-3 polyunsaturated fatty acids seem to have beneficial effects on cardiovascular health. In particular, eicosapentaenoic acid (EPA), which is found in fish oil, not only has vasodilator and antiplatelet effects, but can even help prevent atrial fibrillation and other arrythmias. Despite EPA being readily available as a dietary supplement, the effect of EPA on cardiomyocytes and their underlying mechanisms of action are not fully understood.

In a recent study published online in the International Journal of Molecular Sciences, a research team from Japan set out to bridge this knowledge gap. Led by Associate Professor Masaki Morishima from Kindai University, they investigated the role of EPA in inducing long-term electrical changes in cultured mouse cardiomyocytes using a variety of bioanalytical techniques. Their research article was co-authored by Dr. Katsushige Ono from Oita University and Dr. Kazuki Horikawa from Tokushima University.

The main focus of this work was on how an oleic acid/palmitic acid mixture (OAPA), two well-studied saturated fats, impact calcium homeostasis in cardiomyocytes by affecting Ca²⁺ ion channels, and whether EPA can rescue these changes and restore normal functioning.

[...] Put together, this study has shed some much needed light on the underlying mechanisms by which EPA could bolster heart health. “Although there are techniques and drugs to control arrythmias, methods to prevent them have not been established,” remarks Dr. Morishima. Adding further, she states, “The results of our study suggest that EPA has a protective effect on cardiomyocytes by normalizing abnormalities caused by the intake of excessive amounts of saturated fatty acids, which occurs in high-fat diets.”

The team envisions that these findings will pave the way for smarter dietary choices and new health guidelines. “While research on nutrients and disease prevention can take a long time, studies like ours lay the groundwork for practical nutritional strategies that could seamlessly fit into everyday diet,” concludes Dr. Morishima, hoping for a healthier future.

Reference: “Eicosapentaenoic Acid Rescues Cav1.2-L-Type Ca2+ Channel Decline Caused by Saturated Fatty Acids via Both Free Fatty Acid Receptor 4-Dependent and -Independent Pathways in Cardiomyocytes” by Masaki Morishima et al., 9 July 2024, International Journal of Molecular Sciences. DOI: 10.3390/ijms25147570

Original Submission

owl writes:

https://martypc.blogspot.com/2024/08/pc-floppy-copy-protection-formaster.html

This is Part 1 of a series of articles investigating various PC floppy protections, as I get them working in MartyPC. It assumes you have a familiarity with the structure of a PC floppy disk and the basic operation of a PC floppy drive.

...

Formaster called their copy protection technology "Copy-Lock," a name which, unfortunately, several other producers of copy-protection technology used for entirely unrelated methods.

The Formaster flavor of Copy-Lock was not used exclusively on PC - the Series One supported many other different computers such as the Apple II and Commodore 64. Copy protection schemes on those platforms could be much more advanced. This article will specifically look at Copy-Lock as it appeared on the IBM PC platform.

Original Submission

Freeman writes:

https://arstechnica.com/culture/2024/08/martin-shkreli-pisses-off-nft-collective-that-bought-his-not-so-unique-wu-tang-album/

The members of PleasrDAO are, well, pretty displeased with Martin Shkreli.

The "digital autonomous organization" spent $4.75 million to buy the fabled Wu-Tang Clan album Once Upon a Time in Shaolin, which had only been produced as a single copy. The album had once belonged to Shkreli, who purchased it directly from Wu-Tang Clan for $2 million in 2015. But after Shkreli became the "pharma bro" poster boy for price gouging in the drug sector, he ended up in severe legal trouble and served a seven-year prison sentence for securities fraud.

He also had to pay a $7.4 million penalty in that case, and the government seized and then sold Once Upon a Time in Shaolin to help pay the bill.
[...]
In a complicated transaction, PleasrDAO purchased the album from an unnamed intermediary, who had first purchased it from the government. As part of that deal, PleasrDAO created a non-fungible token (NFT—remember those?) to show ownership of the album. The New York Times has a good description
[...]
But after purchasing the album and sharing the collective ownership of its NFT, PleasrDAO discovered that its "one of a kind" object wasn't quite as exclusive as it had thought.

Shkreli had, in fact, made copies of the music. Lots of copies. On June 30, 2022, PleasrDAO said that Shkreli played music from the album on his YouTube channel and stated, "Of course I made MP3 copies, they're like hidden in safes all around the world... I'm not stupid. I don't buy something for two million dollars just so I can keep one copy."
[...]
Shkreli claimed on a 2024 podcast that he had "burned the album and sent it to like, 50 different chicks"—and that this had been extremely good for his sex life.

Shkreli even offered to send copies of the album to random Internet commenters if they would just send him their "email addy." He also told people to "look out for a torrent" and hosted listening parties for the album on his X account, which reached "potentially over 4,900 listeners."
[...]
Shkreli's response to all this is, in essence, "so what's the problem?"

An Anonymous Coward writes:

How I Got a Truly Anonymous Signal Account

https://theintercept.com/2024/07/16/signal-app-privacy-phone-number/

The messaging app Signal is described by security professionals as utilizing the gold standard of cryptography. Unlike many competitors, its default is end-to-end encryption — and on top of that, the app minimizes the amount of information it stores about users. This makes it a powerful communication tool for those seeking a private and secure means of chatting, whether it's journalists and their sources, activists and human rights defenders, or just ordinary people who want to evade the rampant data-mining of Big Tech platforms.

Signal continues to introduce privacy-enhancing features such as usernames that can be used in lieu of phone numbers to chat with others — preventing others from finding you by searching for your phone number. But the app still requires users to provide a working phone number to be able to sign up in the first place.

For privacy-conscious individuals, this can be a problem.

In response to subpoena requests, Signal can reveal phone numbers. Relying on phone numbers has also led to security and account takeover incidents. Not to mention that the phone number requirement costs Signal more than $6 million annually to implement.

Signal insists on its site that phone numbers are a requirement for contact discovery and to stymie spam. (Signal did not respond to a request for comment). Other encrypted messaging platforms such as Session and Wire do not require phone numbers.

There are some ways around Signal's phone number policy that involve obtaining a secondary number, such as using temporary SIM cards, virtual eSIMs, or virtual numbers. But these approaches involve jumping through hoops to set up anonymous payment measures to procure the secondary numbers. And sometimes they don't work at all (that was my experience when I tried using a Google Voice number to sign up for Signal).

I wanted a way to get a Signal account without leaving any sort of payment trail — a free and anonymous alternative. And thus began my long and tedious journey of registering Signal with a pay phone.

upstart writes:

A First Look at PyScript: Python in the Web Browser – Real Python:

PyScript is a brand-new framework that caused a lot of excitement when Peter Wang, the CEO and co-founder of Anaconda, Inc., revealed it during his keynote speech at PyCon US 2022. Although this project is just an experiment in an early phase of development, people on social media seem to have already fallen in love with it. This tutorial will get you up to speed with PyScript, while the official documentation is still in the making.

[...] One of the goals of PyScript is to make the Web a friendly place for anyone wanting to learn to code, including kids. The framework achieves that goal by not requiring any installation or configuration process beyond your existing text editor and a browser. A side effect is that PyScript simplifies sharing your work with others.

[...] In other words, PyScript allows you to use Python, with or without JavaScript, to build interactive websites that don't necessarily have to communicate with a server. The main benefit here is that you can leverage your existing knowledge of Python to enter the world of front-end development, lowering the entry barrier and making it more accessible. But there are many other benefits of using PyScript that you'll learn about later.

On a slightly more technical level, PyScript is a single-page application (SPA) written in TypeScript using the Svelte framework, styled with Tailwind CSS, and bundled with rollup.js. According to one of the comments in an early Git commit, the project was based on a template mentioned in a blog post by Sascha Aeppli, which combines those tools.

PyScript wouldn't be possible without building on top of a recent version of Pyodide—a CPython interpreter compiled with emscripten to WebAssembly, enabling Python to run in the browser. PyScript provides a thin abstraction layer over Pyodide by encapsulating the required boilerplate code, which you'd otherwise have to type yourself using JavaScript.

See also:
    •Pyscript.net
    •GitHub: pyscript/pyscript:
    •Try PyScript: https://pyscript.com
    •Examples: https://tinyurl.com/pyscript-examples
    •Community: https://discord.gg/HxvBtukrg2

Original Submission

Arthur T Knackerbracket has processed the following story:

A study of 12 species of highly migratory fish predators—including sharks, tuna, and billfish such as marlin and swordfish—finds that most of them will encounter widespread losses of suitable habitat and redistribution from current habitats in the Northwest Atlantic Ocean (NWA) and the Gulf of Mexico (GOM) by 2100. These areas are among the fastest-warming ocean regions and are projected to increase between 1-6°C (+1-10°F) by the end of the century, a sign of climate-driven changes in marine ecosystems.

In some cases, these iconic, and economically and ecologically important species, could lose upwards of 70% of suitable habitat by the end of the century, and in most cases, the impacts of these climate-induced changes are already observable.

“The ongoing and projected effects of climate change highlight the urgent need to adaptively and proactively manage dynamic marine ecosystems,” according to the study, “Widespread habitat loss and redistribution of marine top predators in a changing ocean,” published in the journal Science Advances.

[...] Scientists used three decades of satellite, oceanographic model, and in situ biological data to develop dynamic species distribution models to assess how climate change has already and will continue to impact the fish species in the NWA and GOM.

“Our research demonstrates that climate-driven changes are happening now, not from projections of climate change, but based on observed empirical data from the last two decades. So while our findings do point to larger species shifts in the near term, it also clarifies the substantial changes in species distributions that have already occurred,” said study co-author Rebecca Lewison. She is professor of biology and a conservation ecologist at the Coastal and Marine Institute at San Diego State University. She added that the research results “highlight the importance of using NASA and other satellite data to understand how a changing ocean is impacting commercially important marine species like swordfish and tunas.”

Arthur T Knackerbracket has processed the following story:

The number of bit barns currently under construction has exploded in the wake of the AI boom, surging nearly 70 percent in North America's top markets over the past year to a record high of 3.87 gigawatts, according to a newly published CBRE report.

The fastest-growing regions include Atlanta, where the number of datacenter developments increased 76 percent year-over-year to roughly 1.3 gigawatts of capacity. Meanwhile, in Austin and San Antonio, Texas, the report clocked 463 megawatts of new capacity under development, more than quadruple that of the previous year.

This rapid expansion of compute resources, however, is being hampered by a shortage of power and extended lead times for critical electrical infrastructure necessary to bring these facilities online, resulting in delays.

When these facilities do come online, only about 20 percent of it will actually be up for grabs for you and I. Nearly 80 percent of the 3.87 gigawatts of new capacity has already been spoken for by the major hyperscalers, cloud providers, and rent-a-GPU operations.

Despite this, CBRE reports that DC capacity in major markets was up 10 percent in the first half of 2024, with 1.1 gigawatts having come online in the past year.

[...] Going forward, CBRE predicts secondary markets in Northern Indiana, Idaho, Arkansas, and Kansas will become hotspots for hyperscale expansion thanks to their abundance of cheap land and power.

Speaking of power, a shortage of transformers, switches, and generators is expected to continue to plague development timelines potentially by as much as four years. If that weren't enough, CBRE notes that if you need that capacity, customers should expect to prelease space between two and four years ahead of time.

Original Submission