×

Submission + - China's Moon atlas is the most detailed ever made (nature.com)

Submitted by AmiMoJo
AmiMoJo writes: The Chinese Academy of Sciences (CAS) has released the highest-resolution geological maps of the Moon yet. The Geologic Atlas of the Lunar Globe, which took more than 100 researchers over a decade to compile, reveals a total of 12,341 craters, 81 basins and 17 rock types, along with other basic geological information about the lunar surface. The maps were made at the unprecedented scale of 1:2,500,000. The CAS also released a book called Map Quadrangles of the Geologic Atlas of the Moon, comprising 30 sector diagrams which together form a visualization of the whole Moon.

China will use the maps to support its lunar ambitions and Liu says that the maps will be beneficial to other countries as they undertake their own Moon missions. Three spacecraft have launched aiming for the Moon so far this year, and in May, China intends to send a craft to collect rocks from the Moon’s far side.

Submission + - Russia vetoes U.N. resolution on nuclear weapons in space (spacenews.com)

Submitted by schwit1
schwit1 writes: Russia cast the only vote against the draft resolution that reaffirmed provisions in the Outer Space Treaty prohibiting the placement of nuclear weapons or other weapons of mass destruction in space. Thirteen other members of the Security Council voted in favor of the resolution while China abstained. As a permanent member of the Security Council, though, Russia’s vote acted as a veto preventing adoption of the resolution.

The Outer Space Treaty already forbids those, so this is basically a symbolic move on both sides. But to the extent that the Outer Space Treaty's prohibition is weakening, the prospects for a nuclear Orion spaceship improve.

Submission + - Open Sourcing DOS 4 (hanselman.com)

Submitted by stikves
stikves writes: Microsoft releases one of the most popular versions of MS-DOS as open source today:

Ten years ago, Microsoft released the source for MS-DOS 1.25 and 2.0 to the Computer History Museum, and then later republished them for reference purposes. This code holds an important place in history and is a fascinating read of an operating system that was written entirely in 8086 assembly code nearly 45 years ago.

Today, in partnership with IBM and in the spirit of open innovation, we're releasing the source code to MS-DOS 4.00 under the MIT license. There's a somewhat complex and fascinating history behind the 4.0 versions of DOS, as Microsoft partnered with IBM for portions of the code but also created a branch of DOS called Multitasking DOS that did not see a wide release.

https://github.com/microsoft/M...

Submission + - US 'Know Your Customer' Proposal Will Put an End to Anonymous Cloud Users (torrentfreak.com)

Submitted by Anonymous Coward
An anonymous reader writes: Late January, the U.S. Department of Commerce published a notice of proposed rulemaking for establishing new requirements for Infrastructure as a Service providers (IaaS) . The proposal boils down to a 'Know Your Customer' regime for companies operating cloud services, with the goal of countering the activities of "foreign malicious actors." Yet, despite an overseas focus, Americans won't be able to avoid the proposal's requirements, which covers CDNs, virtual private servers, proxies, and domain name resolution services, among others. [...] Under the proposed rule, Customer Identification Programs (CIPs) operated by IaaS providers must collect information from both existing and prospective customers, i.e. those at the application stage of opening an account. The bare minimum includes the following data: a customer’s name, address, the means and source of payment for each customer’s account, email addresses and telephone numbers, and IP addresses used for access or administration of the account.

What qualifies as an IaaS is surprisingly broad: "Any product or service offered to a consumer, including complimentary or “trial” offerings, that provides processing, storage, networks, or other fundamental computing resources, and with which the consumer is able to deploy and run software that is not predefined, including operating systems and applications. The consumer typically does not manage or control most of the underlying hardware but has control over the operating systems, storage, and any deployed applications. The term is inclusive of “managed” products or services, in which the provider is responsible for some aspects of system configuration or maintenance, and “unmanaged” products or services, in which the provider is only responsible for ensuring that the product is available to the consumer."

And it doesn’t stop there. The term IaaS includes all ‘virtualized’ products and services where the computing resources of a physical machine are shared, such as Virtual Private Servers (VPS). It even covers ‘baremetal’ servers allocated to a single person. The definition also extends to any service where the consumer does not manage or control the underlying hardware but contracts with a third party for access. “This definition would capture services such as content delivery networks, proxy services, and domain name resolution services,” the proposal reads. The proposed rule, National Emergency with Respect to Significant Malicious Cyber-Enabled Activities, will stop accepting comments from interested parties on April 30, 2024.

Submission + - South Korean military set to ban iPhones over 'security' concerns (straitstimes.com)

Submitted by Kitkoan
Kitkoan writes: South Korea’s military is considering a comprehensive ban on iPhones in military buildings due to increasing concerns about possible leaks of sensitive information through voice recordings, according to multiple sources on April 23.

The sources, a group of ranking officers who wished to speak on condition of anonymity, said that the Air Force headquarters released an internal announcement on the military’s intranet server on April 11, instructing a complete prohibition on any device capable of voice recording and which does not permit third-party apps to control inherent functions, effective June 1, with iPhones cited as items subject to the ban.

According to the document, the decision to ban iPhones in the military came from joint meetings held by the headquarters of the army, navy and air force, located at Gyeryongdae in South Chungcheong province.

Submission + - Ubuntu 24.04 LTS 'Noble Numbat' Officially Released (9to5linux.com) 1

Submitted by prisoninmate
prisoninmate writes: 9to5Linux reports: "Powered by Linux kernel 6.8, Ubuntu 24.04 LTS features the latest GNOME 46 desktop environment, an all-new graphical firmware update tool called Firmware Updater, Netplan 1.0 for state-of-the-art network management, updated Ubuntu font, support for the deb822 format for software sources, increased vm.max_map_count for better gaming, and Mozilla Thunderbird as a Snap by default."

"Ubuntu 24.04 LTS also comes with an updated Flutter-based graphical desktop installer that’s now capable of updating itself and features a bunch of changes like support for accessibility features, guided (unencrypted) ZFS installations, a new option to import autoinstall configurations for templated custom provisioning, as well as new default installation options, such as Default selection (previously Minimal) and Extended selection (previously Normal)."

Submission + - 'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks (wired.com)

Submitted by Anonymous Coward
An anonymous reader writes: Network security appliances like firewalls are meant to keep hackers out. Instead, digital intruders are increasingly targeting them as the weak link that lets them pillage the very systems those devices are meant to protect. In the case of one hacking campaign over recent months, Cisco is now revealing that its firewalls served as beachheads for sophisticated hackers penetrating multiple government networks around the world. On Wednesday, Ciscowarnedthat its so-called Adaptive Security Appliances—devices that integrate a firewall and VPN with other security features—had been targeted by state-sponsored spies who exploited twozero-day vulnerabilitiesin the networking giant's gear to compromise government targets globally in a hacking campaign it's calling ArcaneDoor.

The hackers behind the intrusions, which Cisco's security division Talos is calling UAT4356 and which Microsoft researchers who contributed to the investigation have named STORM-1849, couldn't be clearly tied to any previous intrusion incidents the companies had tracked. Based on the group's espionage focus and sophistication, however, Cisco says the hacking appeared to be state-sponsored. “This actor utilized bespoke tooling that demonstrated a clear focus on espionage and an in-depth knowledge of the devices that they targeted, hallmarks of a sophisticated state-sponsored actor,” a blog post from Cisco's Talos researchers reads. Cisco declined to say which country it believed to be responsible for the intrusions, but sources familiar with the investigation tell WIRED the campaign appears to be aligned with China's state interests.

Cisco says the hacking campaign began as early as November 2023, with the majority of intrusions taking place between December and early January of this year, when it learned of the first victim. “The investigation that followed identified additional victims, all of which involved government networks globally,” the company's report reads. In those intrusions, the hackers exploited two newly discovered vulnerabilities in Cisco's ASA products. One, which it's calling Line Dancer, let the hackers run their own malicious code in the memory of the network appliances, allowing them to issue commands to the devices, including the ability to spy on network traffic and steal data. A second vulnerability, which Cisco is calling Line Runner, would allow the hackers' malware to maintain its access to the target devices even when they were rebooted or updated. It's not yet clear if the vulnerabilities served as the initial access points to the victim networks, or how the hackers might have otherwise gained access before exploiting the Cisco appliances.

Submission + - Updating California's Grid For EVs May Cost Up To $20 Billion (arstechnica.com)

Submitted by Anonymous Coward
An anonymous reader writes: Two researchers at the University of California, Davis—Yanning Li and Alan Jenn—have determined that nearly two-thirds of [California's] feeder lines don't have the capacity that will likely be needed for car charging. Updating to handle the rising demand might set its utilities back as much as 40 percent of the existing grid's capital cost. Li and Jenn aren't the first to look at how well existing grids can handle growing electric vehicle sales; other research has found various ways that different grids fall short. However, they have access to uniquely detailed data relevant to California's ability to distribute electricity (they do not concern themselves with generation). They have information on every substation, feeder line, and transformer that delivers electrons to customers of the state's three largest utilities, which collectively cover nearly 90 percent of the state's population. In total, they know the capacity that can be delivered through over 1,600 substations and 5,000 feeders.[...]

By 2025, only about 7 percent of the feeders will experience periods of overload. By 2030, that figure will grow to 27 percent, and by 2035—only about a decade away—about half of the feeders will be overloaded. Problems grow a bit more slowly after that, with two-thirds of the feeders overloaded by 2045, a decade after all cars sold in California will be EVs. At that point, total electrical demand will be close to twice the existing capacity. The problems aren't evenly distributed, though. They appear first in high-population areas like the Bay Area. And throughout this period, most of the problems are in feeders that serve residential and mixed-use neighborhoods. The feeders that serve neighborhoods that are primarily business-focused don't see the same coordinated surge in demand that occurs as people get home from work and plug in; they're better able to serve the more erratic use of charging stations at office complexes and shopping centers. In terms of the grid, residential services will need to see their capacity expand by about 16 gigawatts by 2045. Public chargers will need nine gigawatts worth of added capacity by the same point. The one wild card is direct current fast charging. Eliminating fast chargers entirely would reduce the number of feeders that need upgrades by 12 percent. Converting all public stations to DC fast charging, in contrast, would boost that number by 15 percent. So the details of the upgrades that will be needed will be very sensitive to the impatience of EV drivers.

Paying for the necessary upgrades will be pricey, but there's a lot of uncertainty here. Li and Jenn came up with a range of anywhere between $6 billion and $20 billion. They put this in context in two ways. The total capital invested in the existing grid is estimated to be $51 billion, so the cost of updating it could be well over a third of its total value. At the same time, the costs will be spread out over decades and only total up to (at most) three times the grid's annual operation and maintenance costs. So in any one year, the costs shouldn't be crippling. All that might be expected to drive the cost of electricity up. But Li and Jenn suggest that the greater volume of electricity consumption will exert a downward pressure on prices (people will pay more overall but pay somewhat less per unit of electricity). Based on a few economic assumptions, the researchers conclude that this would roughly offset the costs of the necessary grid expansion, so the price per unit of electricity would be largely static.

Submission + - Veteran PC game celebrates 40th anniversary (github.io)

Submitted by sfraggle
sfraggle writes: Biplane shoot-'em up is celebrating 40 years today since its first release back in 1984. The game is one of the oldest PC games still in active development today, originating as an MS-DOS game for the original IBM PC. The 40th anniversary site has a detailed history of how the game was written as a tech demo for the now-defunct Imaginet networking system. There is also a video interview with its original authors.

Submission + - Driving Dystopia: Connected Vehicle Data Now Up For Grabs By Intel Agencies (thetruthaboutcars.com)

Submitted by schwit1
schwit1 writes: Connected vehicles now appear to be on the table as a new vector for government surveillance. On Saturday, President Joe Biden signed a bill that reauthorizes Section 702 of the Foreign Intelligence Surveillance Act after the Senate passed it late on Friday (60-34).

The bill saw overwhelming support from Democrat legislators and sufficient Republican backing to be pushed through. Any amendments floated that were intended to shield American citizens from getting scooped up in the net without the government first procuring a warrant were struck down while it was still moving through the House earlier in the week.

Section 702 of FISA is supposed to be a way to quickly gather intel on the communications of foreign individuals. However, it’s long been criticized as being repeatedly abused as a way to push through warrantless spying and the latest incarnation seems to be written to do exactly that. While reauthorization was still under consideration in Congress, Rep. Anna Paulina Luna (R-FL) argued that FISA had been improperly used over 278,000 times by the federal government, often violating the rights of U.S. citizens.

"The original intent of the Foreign Intelligence Surveillance Act was to be able to gather information on bad foreign actors," she said. "However, as we have seen over the years, the program has been abused to spy on American citizens in direct violation of American liberty and the 4th Amendment. The FISA court found that the federal government violated its own rules over 278,000 times."

Senator Ron Wyden (D-OR) likewise opposed the bill, stating it effectively forced any business or person who has the ability to record or store electronic communications to spy on behalf of the federal intelligence agencies. In fact, the bill itself states “any other service provider who has access to equipment that is being or may be used to transmit or store wire or electronic communication” is now legally obligated to comply with clandestine communications monitoring on behalf of said agencies. Wyden claimed that would include “anyone with access to a server, a wire, a cable box, a Wi-Fi router, a phone, or a computer.”

It would also include automakers, who now possess some of the world’s largest data centers that compile the immense amount of information produced by today’s connected cars — many of which now incorporate in-cabin microphones and expansive camera arrays. All of that is now appears to be up for grabs, along with the vehicle's positional data and any calls or text made while using it. Moreover, without any need for warrants, there would be no record of who is being spied on or on what grounds. Intelligence agencies can effectively deputize any business or individual for an impromptu surveillance program and then force them to remain quiet about it.

Submission + - Telegram a 'huge' problem for Ukraine; intel chief (thepressunited.com)

Submitted by Anonymous Coward
An anonymous reader writes: Telegram poses a “huge problem” for Ukraine and must be legally forced to do away with anonymous channels, Kiev’s top spy Kirill Budanov said in an interview with the BBC published on Monday.

Submission + - California lawmakers approve bill to make you show ID for online porn (sacbee.com) 1

Submitted by sarren1901
sarren1901 writes: Look at online porn? Soon, you might have to provide a credit card or government ID in order to do so. Both Democratic and Republican lawmakers on the Assembly Privacy and Consumer Protection Committee last week sided with conservative religious organizations against LGBTQ, reproductive health and civil liberty advocacy groups and voted unanimously in favor of AB 3080, a bill by Assemblyman Juan Alanis, R-Modesto, that would require pornographic websites “to take reasonable steps to ensure” that only adults are looking at them.

Read more at: https://www.sacbee.com/news/po...

Submission + - Windows vulnerability reported by the NSA exploited to install Russian malware (arstechnica.com)

Submitted by echo123
echo123 writes: Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attacks that targeted a vast array of organizations with a previously undocumented tool, the software maker disclosed Monday.

When Microsoft patched the vulnerability in October 2022—at least two years after it came under attack by the Russian hackers—the company made no mention that it was under active exploitation. As of publication, the company’s advisory still made no mention of the in-the-wild targeting. Windows users frequently prioritize the installation of patches based on whether a vulnerability is likely to be exploited in real-world attacks.

On Monday, Microsoft revealed that a hacking group tracked under the name Forest Blizzard has been exploiting CVE-2022-38028 since at least June 2020—and possibly as early as April 2019. The threat group—which is also tracked under names including APT28, Sednit, Sofacy, GRU Unit 26165, and Fancy Bear—has been linked by the US and the UK governments to Unit 26165 of the Main Intelligence Directorate, a Russian military intelligence arm better known as the GRU. Forest Blizzard focuses on intelligence gathering through the hacking of a wide array of organizations, mainly in the US, Europe, and the Middle East.

Microsoft representatives didn't respond to an email asking why the in-the-wild exploits are being reported only now.

Monday’s advisory provided additional technical details:

Read the rest at ArsTechnica.

Submission + - Voyager 1 is sending data back to Earth for the first time in 5 months (cnn.com)

Submitted by Tony Isaac
Tony Isaac writes: Voyager 1 is once again communicating back to Earth and appears to be functioning normally. Kudos to those NASA engineers who figured out how to diagnose that a chip was defective, and rewrite its code to avoid using that chip entirely! I can just imagine what kind of spaghetti code that is by now, but they figured out how to get it to work. I guess V'ger isn't quite here yet!

Submission + - Two lifeforms merge into one organism for first time in a billion years (msn.com)

Submitted by fjo3
fjo3 writes: For the first time in at least a billion years, two lifeforms have merged into a single organism.

The process, called primary endosymbiosis, has only happened twice in the history of the Earth, with the first time giving rise to all complex life as we know it through mitochondria. The second time that it happened saw the emergence of plants.

Now, an international team of scientists have observed the evolutionary event happening between a species of algae commonly found in the ocean and a bacterium.

Slashdot Top Deals