SoylentNews

Pope lifts 'pontifical secret' rule in sex abuse cases

The Pope has declared that the rule of "pontifical secrecy" no longer applies to the sexual abuse of minors, in a bid to improve transparency in such cases.

The Church previously shrouded sexual abuse cases in secrecy, in what it said was an effort to protect the privacy of victims and reputations of the accused.

But new papal documents on Tuesday lifted restrictions on those who report abuse or say they have been victims.

Church leaders called for the rule's abolition at a February Vatican summit.

They said the lifting of the rule in such cases would improve transparency and the ability of the police and other civil legal authorities to request information from the Church.

Information in abuse cases should still be treated with "security, integrity and confidentiality", the Pope said in his announcement. He instructed Vatican officials to comply with civil laws and assist civil judicial authorities in investigating such cases.

The Pope also changed the Vatican's definition of child pornography, increasing the age of the subject from 14 or under to 18 or under.

I never thought I would be defending Greta Thunberg...

So news outlets are giving Greta a hard time because she mentioned overcrowding on German trains. From her Twitter page:

Traveling on overcrowded trains through Germany. And I’m finally on my way home!

I have been on that very train line and sat on the floor like in her picture due to overcrowding. It's not a great spot, because you're blocking the train door, so you have to get up and move out of the way at every station for people who are entering and exiting the train, but at least the floor is carpeted. You do get a little peace, because you don't have to be so close to a bunch of other people in the main cabin.

Then German Rail (Deutsche Bahn) got snippy because she was not grateful enough that they provided a seat at some point:

it would have been even nicer if you had also reported how friendly and competently our team served you at your seat in first class.

They probably upgraded her midway through the trip after recognizing her as a VIP. But it would still have been a crappy train ride overall. First class in German trains is nothing special, mostly less crowded because it costs more. I'll give her props for travelling frugally. The media and Deutsche Bahn should not give her a hard time for posting a normal travel photo.

If you comment, please don't write about climate change. This post is not about that.

Of course, my favorite example is from the movie "Willow", where the shaman releases a bird, and says "Follow the bird!" and everyone says, "But it is going back to the village!", whereupon the sage say, "Ignore the bird, follow the river."

Good advice for all, but here I repeat a submission that is still languishing in the queue, only not yet rejected because no editor has actually looked at it, I can only surmise. But it is timely, and needs to get out to all Soylentils post haste. To be clear, I did not say "eat paste", stop that, Runaway1946!! OK, Original submission follows:

Usually, I am not one to believe in "signs". Often they can be used to rally troops before battle, or other such psychological effects. But then just today, this:
Bald Eagle entangled by Octopus, and it struck me, this is a sign.

As with all signs, it needs interpretation.

But the eagle started it.

A bald eagle, probably looking for food, got tangled with a Pacific Octopus in waters off Quatsino, Canada, according to staff from a fishing company that helped rescue the animals and captured video of the incident.

"Our staff at our Mahatta West farm in Quatsino rescued an eagle that had bitten off more than it could chew when it tried to catch an octopus," read a post on Mowi Canada West's Facebook page.

Now, we have precedent, in this report: Trump gets attacked by bald eagle.

So, a large Orange octopus tries to kill an American Bald Eagle, the national bird of the United States? Obviously the Cephalopod is Trump. Think about it, the word means Head-Foot. The Eagle is, then, what it is the symbol of, America. And the Canadians (irony, eh?) are the House beginning impeachment, freeing America from tentacles of the Trump administration. I predict, Trump will lose. It's in the signs!!

Of course, from the article:

The Mowi staff "are used to seeing the wonders of nature around them on a regular basis, but they knew that this was a once in a lifetime experience," the Facebook post said.

The staff retrieved the octopus and the eagle with a pole and separated them.

According to Mowi, the octopus then swam away, unharmed, and the eagle "recovered on a branch for around 10 minutes before it flew away.

Trump may survive to descend into the murky darkness from which he sprang. Signs are always hard to read. But this one is unusual.

Comparisons:

Homer, Iliad Bk. 12:

For a bird had come upon them, as they were eager to cross over, an eagle of lofty flight, skirting the host on the left, and in its talons it bore a blood-red, monstrous snake, still alive as if struggling, nor was it yet forgetful of combat, it writhed backward, and smote him that held it on the breast beside the neck, [205] till the eagle, stung with pain, cast it from him to the ground, and let it fall in the midst of the throng, and himself with a loud cry sped away down the blasts of the wind. And the Trojans shuddered when they saw the writhing snake lying in the midst of them, a portent of Zeus that beareth the aegis. [210]

And, of course, Mexico:

The myth-story tells that the Mexica tribe, originally from Aztlan (mythic place, and why people incorrectly named them “Aztecs”) were looking for the promissed land. The supreme god of the Mexica tribe was Huitzilopochtli, and told them to travel south and establish a big city.

In order to know when they reached the promissed land their god Huitzilopochtli would signal them by placing an eagle devouring a snake on top of a prickly pear.

For sooth, he will be besmirched, anon.

Defeated GOP governor pardoned violent criminals in a spree lawyers are calling an ‘atrocity of justice’

Matt Bevin is no longer the governor of Kentucky, but his decisions continued to send shock waves through the state’s legal system this week after he issued pardons for hundreds of people, some of whom committed violent offenses.

Bevin issued 428 pardons since his defeat to Democrat Andy Beshear in a close election in November, the Louisville Courier Journal reported. His list includes a man convicted of reckless homicide, a convicted child rapist, a man who murdered his parents at age 16 and a woman who threw her newborn in the trash after giving birth in a flea market outhouse.

He also pardoned Dayton Jones, who was convicted in the sexual assault of a 15-year-old boy at a party, Kentucky New Era reported.

It is not unusual for governors to issue pardons as they leave office, but Bevin’s actions boggled some of the state’s attorneys, who questioned his judgment.

[...] Steele said he was particularly disturbed by the pardon of Patrick Brian Baker, whose brother hosted a fundraiser for Bevin and donated to him over the years, the Courier Journal reported.

[...] Not all of Bevin’s pardons stirred controversy. He spared death row inmate Gregory Wilson by commuting his sentence to life with the possibility of parole after 30 years, the Courier Journal reported. Wilson’s 1988 murder trial had been plagued by legal and ethical issues.

Bevin also pardoned Louisville community activist Christopher IIX, who was convicted of possession of a controlled substance in 1990 and theft by failure to make disposition in 1997, according to local reports. In the pardon, Bevin said the activist “has turned his life around after a rocky start many years ago and has paid his debt to society.”

On His Way Out, Kentucky Gov. Matt Bevin Pardons Murderers, Rapists, Hundreds More

Matt Bevin defends his controversial pardons in twenty-tweet-long Twitter thread

So, American Congress having hearings. Seems some folks are not all that happy about it. But today I heard a Doug Collins referring to something, not sure what it was, but I could have swore I heard him say that someone was "besmirking the dead". Does anyone have any idea what this is?

No doubt, it has something to do with "getting to the oranges of the Russia investigation", as the target of the investigations, Suspect #1 put it. Something about a Squid going pro? Go for it, Squidward! He'll make a fine Republican Congress critter, in spite of being an invertebrate.

Move to strike the last word. Ball in your court, Soylentils.

Oh, and Louie Gohmert hates education.

_<no-sarcasm>
Ordinarily, you keep a salted (and maybe peppered) hash function of a user's password in a database record associated with their name, login ID etc.

I have wondered, mused, whether it might be better to keep more than one hash function of the password. Possibly with different salt and pepper.

Database record fields:
* user ID
* user Name
* salt1
* pepper1
* passwordHash1
* salt2
* pepper2
* passwordHash2

Now here is the conjecture. If the database table could somehow be stolen, the attacker must find some plaintext password that hashes to passwordHash1. The plaintext password is prefixed with salt1, suffixed with pepper1, then hashed to the value passwordHash1.

It becomes infeasible to keep precomputed tables of hashed passwords once salt/pepper is introduced. The password "12345" for Jane would have a different hash than the same "12345" password for Joe, because of their different salt/pepper prefix/suffixes.

If there is a second random salt2/pepper2 and a different hash function of the plaintext password, then the attacker must not only find a plaintext that combined with salt1/pepper1 will hash to passwordHash1; but that same plaintext must also work for salt2/pepper2 for passwordHash2. It is important to point out that passwordHash2 is computed using a different hash function as well as different random prefix/suffix.

Would doing this truly increase the security of passwords if the table is stolen? Or is this just spinning wheels and cpu cycles to accomplish little if anything?

Opinions?
^{</no-sarcasm>}

Obviously using 12345 as a password is a well known best practice, no matter what other measures are taken.

But they still take the opportunity to steal time and money from people that have to work.

I started in 2001 with a contract that allowed me to leave at 50. But like everyone else, I got the reforms which pushed back my early retirement age to 52-and-a-half and then, in reality, 57-and-a-half for full pension. Now they want to make us work even longer.

Buffoon or not, a thief is a thief.

Do your part. Don't vote for thieves

AMD ‘Zen 4’ 5nm Products Will Launch In 2021, 5nm Yield Has Already Crossed 7nm

AMD has been on a red hot streak lately and it looks like it can't get anything wrong. If this report from China Times is to be believed (and this is usually a reliable source) then TSMC's 5nm testing is going very well and the first 3 customers have already been locked in - including AMD. According to the schedule obtained by China Times, AMD's 5nm products will be landing in early 2021 with mass production for 5nm scheduled in 2020.

("5nm" yield "crossing" "7nm" seems to refer to when "7nm" was at the same point in its production, around 2 years ago)

I thought it was possible that Zen 4 would slip into 2022. If it doesn't, that's good news since Intel is supposed to be stepping up its game in 2021 (after preordained failure in 2020).

"Early 2021" (March?) is an aggressive target for a Zen 4 release. However, it might make sense. Features can be moved to Zen 4 instead of debuting with Zen 3, something already indicated by previous rumors. A relatively brief duration between the Zen 3 and Zen 4 releases could work since Zen 3 will be the last generation compatible with the AM4 and SP3 sockets. Some people will upgrade to it on their existing motherboards. Zen 4 is likely to support DDR5, perhaps exclusively. Combine with chip shortages, and there won't be a glut of unsold Zen 3 chips.

1.8x density of TSMC "5nm" is a comparison to "7nm" rather than "7nm+" (source). So the core count could double with a slight increase in the size of or area covered by the chiplets.

My guess is that chiplets will continue to have 8 cores, since that is better for yields/binning. They'll just get smaller and more numerous as needed. I am not sure that core counts are going to increase much for the mainstream Ryzen lineup. 24-32 core "mainstream" Ryzen is possible but seems excessive. I will predict the elimination of desktop 6-core Ryzen CPUs with Zen 4. Just include 2 of the bad chiplets with 4 working cores each, or 1 chiplet with 8 cores, whichever is cheapest. The minimum core count for all new Ryzen chips would match PS5/Xbox core count.

One feature I'm looking out for is L4 cache stacked onto the I/O die. This is an interim step before true monolithic 3D designs, but it could be great for performance. Stacking 4 GB of HBM on the I/O die should cost relatively little. Or if HBM prices are still steep by 2021, 1-2 GB stacks or bigger stacks for the more expensive CPUs.

Zen 4: Even bigger performance leap?

This article is an excellent writeup of what is known or suspected for Zen 3 and Zen 4. I linked directly to the section discussing Zen 4 but you might want to read the whole thing. Some things to note:

* It looks like most Zen 3 CPUs will land just short of that magic (marketing) 5 GHz frequency. Although AMD will probably push to make the 16-core flagship turbo to 5 GHz instead of 4.9 GHz.
* AMD has to improve memory latency to beat Intel's slight lead in games (other areas of improvement include higher frequencies and optimization for AMD CPUs).

Update:

AMD: Expect More Cores on Next-Gen Mainstream Ryzen CPUs, No Saturation Point As Software Just Has To Catch-Up

In an interview with Tom's Hardware, AMD's CTO, Mark Papermaster, has revealed that we can expect even more cores on next-generation Ryzen CPUs. AMD recently launched their Ryzen 9 3950X processor, featuring 16 cores, which became an instant hit with entire inventories being cleared away minutes after availability.

There are a lot of interesting details that Mark has mentioned in the interview in particular to the next-generation technologies that would be featured on their processor lineup ranging from Ryzen and EPYC CPUs. The most significant detail and the one I would start this article is with the fact that AMD isn't stopping at just 16 cores. According to AMD, there are now many applications that can scale across multiple cores and threads. The addition of cores is entirely relative to the number of applications that can take advantage of those cores so as long as this balance exists, there would not be a saturation point of cores on next-generation CPUs, whether these be mainstream or the HPC server parts.

I still don't think they will increase core counts for Zen 3. But it's clear that we will see at least a 24-core Ryzen soon.

It makes sense. If an application or game can utilize 2 or 4 cores, I wouldn't think that it could utilize 16, 32, or 64 cores. But with applications and games using 8 or 16 cores, scaling up to use 32+ cores is less of a stretch because there is already significant parallelism. On the gaming front, no less than 8 "real" cores will be used by the next-gen consoles (possibly with background tasks handled by a separate processor). Open world type games with lots of NPCs could take advantage of high core counts.

16 cores is "mainstream" and will become more common after a year or two of price drops. 8 cores is legitimately mainstream and will be coming to AMD's Zen 2 laptop APUs. 6-core CPUs will start to get pushed out of the lineup or become very cheap (such as an Athlon-branded Zen 2 APU).

Far more dangerous for the owner and family than it is for any attacker.

DNS has gone down the toilet.

China may lead DNS Seizing Body
https://soylentnews.org/article.pl?sid=19/12/02/1023208
.org sold to for profit
https://soylentnews.org/article.pl?sid=19/11/15/0041251
Patent insanity
https://soylentnews.org/article.pl?sid=15/03/05/0932248
Price cap removed
https://soylentnews.org/article.pl?sid=19/07/02/0011217
MicroSoft seizes domain names
https://soylentnews.org/article.pl?sid=14/07/01/1353230
US Seizes Chinese domains (presumably that were in compliance with Chinese law, though I don't know the details)
https://soylentnews.org/article.pl?sid=14/03/11/1129256

etc.

I want to start a new alternative for DNS. DRS, Distributed Record System. The intent of DRS is to eliminate or mostly eliminate global TLDs. New TLDs, for countries e.g. ~US.*, ~UK.*, ~CN.*. The objective is to isolate batshit to each country. China will not be able to take down your ~US.* domain because you insulted their leader. Nor will the US be able to take down ~CN.* services where that is legal in that country, etc. Should be backwards compatible with DNS, since ~ isn't legal in a DNS name. Your browser can easily tell if you have a DNS host name or DRS host name, just check for ~. So both can be supported at the same time!

In the long term, I'd like each country's government to manage the domains under DRS. But, as long as this is a tiny project, that wont happen. So we'll start with a transitional phase where members of the community from each country manage the TLDs.

Here's what I need. I can do the software, no problem. But I live in the USA, so I can do ~US. But if I managed ~UK, then ~UK would be subject to US law. That isn't the point. So I need volunteers to help run the administration, at least one per country. That way, each country is subject only to its own laws. We'll have one root server that just says where the root server for each country is, and that's it.

There will be no global governance (except for one ~net.* TLD for technical stuff). A technical organization to strongly suggest management practices, and a charter of general principles, but each country should manage itself, as a sovereign, allowing whatever domains are allowed under that country's law. There might also be some sort of crypto set of domains. e.g. ~crypto.* (mirror or DNScoin?) I don't know about that one yet.

Here's what I'm looking for:

• People to manage administration of domains, run root servers for country TLDs, who are subject only to the laws of that country.
• Anyone who'd like to contribute to open source development of the associated software and adding support to popular open source software (e.g. Firefox)
• People who'd express support for taking back domain resolution from venture capitalists even if they can't contribute. We need users for the software and people to spread the word after all.

Principles:

• Each country runs one TLD.
• Each domain outside of ~*.anon.* should be verified by identification, affidavit, etc. But countries could do it differently if they really wanted. (Like GDPR)

Administration of a domain may be transferred to a country government upon passage of a law similar in substance to the following:

55 U.S. Code § 1234
The DRS TLD ~US.* is hereby declared as a matter of law to have public key "f4 23 ce 67 94 63 a3 2e 5d 14 54 0b 37 81 1e 07 f2 2a ee 84 23 70 16 b2 58 03 14 56 3a 5a 3c 64" effective March 1st 2022. The following IPv4 addresses are designated as DRS resolver servers: 8.8.8.8, 1.1.1.1. The following IPv6 addresses are designated as DRS resolver servers: ccd6:7fc2:bc45:30e6:2444:6f78:4f97:1d2e
(example IP addresses/public key, please edit)

Legal transfer of registrations under the country TLD to the government shall be facilitated by submission of all registration records to the government in question upon formal request for registrations under the applicable domain.

The DRS Technical Administration shall recognize such law, so long as:

1. The Country TLD is managed in the public, and not private, interest.
2. The Country TLD registrations, cancellations, etc. are governed according to principles of law subject to meaningful judicial review.
3. Registration of domains is treated as private speech. That is to say, in countries that recognize "free speech" the right to register a subdomain shall be protected under that principle, and the right to register a domain shall be treated as private speech and not governmental speech subject to governmental discretion.

Technical:

I'd like to switch to strong encryption by default, as well. Something similar to DNSCurve+DNSSEC, but mandatory.

Interested? Comments? Suggestions?

Comment below, and also email exaeta (at) protonmail.com if you are serious about helping.

This effort wont start unless I get at least a few other people on board with it.