HoleShot - Slashdot User

Almost Everyone in Europe is Breathing Toxic Air (theguardian.com) 114

Posted by msmash on Wednesday September 20, 2023 @03:20PM from the closer-look dept.

Europe is facing a "severe public health crisis," with almost everyone across the continent living in areas with dangerous levels of air pollution, an investigation by the Guardian has found. From the report: Analysis of data gathered using cutting-edge methodology -- including detailed satellite images and measurements from more than 1,400 ground monitoring stations -- reveals a dire picture of dirty air, with 98% of people living in areas with highly damaging fine particulate pollution that exceed World Health Organization guidelines. Almost two-thirds live in areas where air quality is more than double the WHO's guidelines.

The worst hit country in Europe is North Macedonia. Almost two-thirds of people across the country live in areas with more than four times the WHO guidelines for PM2.5, while four areas were found to have air pollution almost six times the figure, including in its capital, Skopje. Eastern Europe is significantly worse than western Europe, apart from Italy, where more than a third of those living in the Po valley and surrounding areas in the north of the country breath air that is four times the WHO figure for the most dangerous airborne particulates.

Space Drugs Factory Denied Reentry To Earth (gizmodo.com) 66

Posted by BeauHD on Wednesday September 20, 2023 @03:00AM from the left-hanging dept.

After manufacturing crystals of an HIV drug in space, the first orbital factory is stuck in orbit after being denied reentry back to Earth due to safety concerns. Gizmodo reports: The U.S. Air Force denied a request from Varda Space Industries to land its in-space manufacturing capsule at a Utah training area, while the U.S. Federal Aviation Administration (FAA) did not grant the company permission to reenter Earth's atmosphere, leaving its spacecraft hanging as the company scrambles to find a solution, TechCrunch first reported. A spokesperson from the FAA told TechCrunch in an emailed statement that the company's request was not granted at this time "due to the overall safety, risk and impact analysis."

Gizmodo reached out to Varda Space to ask which regulatory requirements have not been met, but the company responded with a two-word email that ominously read, "no comment." The California-startup did provide an update on its spacecraft through X (formerly Twitter). "We're pleased to report that our spacecraft is healthy across all systems. It was originally designed for a full year on orbit if needed," Varda Space wrote on X. "We look forward to continuing to collaborate w/ our gov partners to bring our capsule back to Earth as soon as possible." Varda Space Industries launched its first test mission on June 12, "successfully sending a 200-pound (90-kilogram) capsule designed to carry drug research into Earth's orbit," reported CNN. "The experiment, conducted in microgravity by simple onboard machines, aims to test whether it would be possible to manufacture pharmaceuticals in space remotely."

Antarctic Sea-Ice at 'Mind-Blowing' Low Alarms Experts (bbc.com) 200

Posted by msmash on Tuesday September 19, 2023 @04:00PM from the closer-look dept.

The sea-ice surrounding Antarctica is well below any previous recorded winter level, satellite data shows, a worrying new benchmark for a region that once seemed resistant to global warming. BBC: "It's so far outside anything we've seen, it's almost mind-blowing," says Walter Meier, who monitors sea-ice with the National Snow and Ice Data Center. An unstable Antarctica could have far-reaching consequences, polar experts warn. Antarctica's huge ice expanse regulates the planet's temperature, as the white surface reflects the Sun's energy back into the atmosphere and also cools the water beneath and near it.

Without its ice cooling the planet, Antarctica could transform from Earth's refrigerator to a radiator, experts say. The ice that floats on the Antarctic Ocean's surface now measures less than 17 million sq km - that is 1.5 million sq km of sea-ice less than the September average, and well below previous winter record lows. That's an area of missing ice about five times the size of the British Isles. Dr Meier is not optimistic that the sea-ice will recover to a significant degree.

Scientists are still trying to identify all the factors that led to this year's low sea-ice - but studying trends in Antarctica has historically been challenging. In a year when several global heat and ocean temperature records have broken, some scientists insist the low sea-ice is the measure to pay attention to. "We can see how much more vulnerable it is," says Dr Robbie Mallett, of the University of Manitoba, who is based on the Antarctic peninsula. Already braving isolation, extreme cold and powerful winds, this year's thin sea-ice has made his team's work even more difficult. "There is a risk that it breaks off and drifts out to sea with us on it," Dr Mallett says.

US Federal Agencies Seek to Streamline 'Hodgepodge' of Cyber Reporting Rules (bloomberg.com) 7

Posted by msmash on Tuesday September 19, 2023 @01:20PM from the fixing-things dept.

The Department of Homeland Security wants Congress and other federal agencies to help it streamline 52 different cyber reporting requirements to protect critical infrastructure and ease regulatory burdens on hacking victims. On Tuesday, it released a 107-page report that it hopes will serve as a road map to smooth that process. From a report: More than 30 federal agencies and departments, including the Nuclear Regulatory Commission, Comptroller of the Currency and US Secret Service, have met since June 2022 to hammer out how to reduce regulatory overlap as the federal government grapples with the messy state of cyber reporting rules. They are among members of the Cybersecurity Incident Reporting Council, which was set up as part of a new cyber reporting law passed last year and developed the report recommendations.

"Everybody is desperate for some harmonization and standardization here," Robert Silvers, DHS's under secretary for strategy, policy and plans who chairs the council, told Bloomberg News in an interview. "This is a first-of-its-kind effort." Federal agencies know well that cyber reporting requirements have become "too much of a patchwork," Silvers added. There are already 45 existing reporting requirements administered by 22 federal agencies, spanning national and economic security concerns to consumer and privacy protections, according to the report. Seven more requirements are expected, including the reporting law that created the council, and a further five are under consideration, according to the report.

Wireless Carriers Are Messing With Your Autopay Discount (theverge.com) 60

Posted by BeauHD on Thursday August 31, 2023 @06:40PM from the always-read-the-fine-print dept.

According to a new report by The Wall Street Journal, mobile carriers including Verizon, AT&T and T-Mobile are all requiring customers to switch to a debit card or bank account withdrawal in order to receive an autopay discount on their plan. Verizon has included this requirement for years, but in the past few months the other two carriers have quietly added it too. The Verge reports: The new rule goes into effect for AT&T customers on October 2nd, and as a gesture of goodwill, the company will only reduce your discount if you continue to pay with a credit card. Those who register for autopay with a bank or debit card will receive $10 off; a credit card will only get you $5. T-Mobile's change went into effect in July, also eliminating Apple Pay and Google Pay as methods eligible for the $5 discount. Oh, and technically, you can qualify for Verizon's autopay discount with a credit card -- it just has to be a Verizon Visa card.

AT&T and T-Mobile aren't just making this a requirement for new customers -- the change is being applied to all postpaid accounts. Even if you've been receiving the discount for years with a credit card, you'll have to make the switch in order to keep your discount. And it adds up -- the discounts are applied for each line on your plan, so if your whole family is on the same plan, it's a significant amount of money.

Submission + - Russia Targets Ukraine With New Android Backdoor, Intel Agencies Say (arstechnica.com)

Submitted by Anonymous Coward on Thursday August 31, 2023 @06:06PM

An anonymous reader writes: Russia’s military intelligence unit has been targeting Ukrainian Android devices with “Infamous Chisel,” the tracking name for new malware that’s designed to backdoor devices and steal critical information, Western intelligence agencies said on Thursday. “Infamous Chisel is a collection of components which enable persistent access to an infected Android device over the Tor network, and which periodically collates and exfiltrates victim information from compromised devices,” intelligence officials from the UK, US, Canada, Australia, and New Zealand wrote (PDF). “The information exfiltrated is a combination of system device information, commercial application information and applications specific to the Ukrainian military.”

Infamous Chisel gains persistence by replacing the legitimate system component known as netd with a malicious version. Besides allowing Infamous Chisel to run each time a device is restarted, the malicious netd is also the main engine for the malware. It uses shell scripts and commands to collate and collect device information and also searches directories for files that have a predefined set of extensions. Depending on where on the infected device a collected file is located, netd sends it to Russian servers either immediately or once a day. When exfiltrating files of interest, Infamous Chisel uses the TLS protocol and a hard-coded IP and port. Use of the local IP address is likely a mechanism to relay the network traffic over a VPN or other secure channel configured on the infected device. This would allow the exfiltration traffic to blend in with expected encrypted network traffic. In the event a connection to the local IP and port fails, the malware falls back to a hard-coded domain that’s resolved using a request to dns.google.

Infamous Chisel also installs a version of the Dropbear SSH client that can be used to remotely access a device. The version installed has authentication mechanisms that have been modified from the original version to change the way users log in to an SSH session. [...] The report didn’t say how the malware gets installed. In the advisory Ukraine’s security service issued earlier this month (PDF), officials said that Russian personnel had “captured Ukrainian tablets on the battlefield, pursuing the aim to spread malware and abuse available access to penetrate the system.” It’s unclear if this was the vector.

Submission + - Texas Law Requiring Age Verification On Porn Sites Ruled Unconstitutional (arstechnica.com)

Submitted by Anonymous Coward on Thursday August 31, 2023 @05:09PM

An anonymous reader writes: The day before a Texas antiporn law that requires age verification to access adult websites was set to take effect, the state's attorney general, Angela Colmenero, has been at least temporarily blocked from enforcing the law. US District Judge David Alan Ezra granted a preliminary injunction temporarily blocking enforcement after the Free Speech Coalition (FSC) joined adult performers and sites like Pornhub in a lawsuit opposing the law. Today, they convinced Ezra that Texas' law violates the First Amendment and would have "a chilling effect on legally-protected speech," FSC said in a press release.

“This is a huge and important victory against the rising tide of censorship online,” Alison Boden, FSC's executive director, said. “From the beginning, we have argued that the Texas law, and those like it, are both dangerous and unconstitutional. We’re pleased that the court agreed with our view that [the law's] true purpose is not to protect young people, but to prevent Texans from enjoying First Amendment protected expression. The state’s defense of the law was not based in science or technology, but ideology and politics.” Now, Texas will have to wait until this lawsuit is litigated to enforce the law. [...] According to FSC, in addition to free speech concerns, the law needed to be blocked because it would have exposed consumers to "significant privacy risks" by forcing adult-website visitors to show digital IDs.

Comment Re:CorpNet (Score 2) 20

by HoleShot on Friday July 21, 2023 @08:02PM (#63705942) Attached to: Cerebras To Enable 'Condor Galaxy' Network of AI Supercomputers

So this is the new WOPR?

Ukraine Takes Down Massive Bot Farm, Seizes 150,000 SIM Cards (bleepingcomputer.com) 128

Posted by BeauHD on Thursday July 20, 2023 @10:02PM from the another-one-bites-the-dust dept.

The Cyber Police Department of the National Police of Ukraine dismantled another massive bot farm, seizing computer equipment, mobile phones, and roughly 150,000 SIM cards of multiple mobile operators. BleepingComputer reports: The bots were used to push Russian propaganda justifying Russia's war in Ukraine, to disseminate illegal content and personal information, and in various other fraudulent activities. In a joint operation, the cyber police and units of the Ukrainian National Police executed 21 search operations in Vinnytsia, Zaporizhzhia, and Lvivand.

"The cyber police established that the attackers used special equipment and software to register thousands of bot accounts in various social networks and subsequently launch advertisements that violated the norms and legislation of Ukraine," a cyber police press release reads [machine translation]. "In addition to spreading hostile propaganda, the accounts were also used for unauthorized distribution of personal data of Ukrainian citizens on the Internet, in Internet fraud schemes, and for sending known false messages about threats to citizens' safety, destruction or damage to property." Cyber police in Ukraine have busted several pro-Russian bot farms in the last year, including one last month called "Botoferma" and another one late last year that was working for the Russian secret services. Ukraine also traced a Russian propaganda operation to a bot farm that was secretly operating in the country's own capital of Kyiv last August. "The farm operated more than 1 million bot accounts, which helped the propaganda operation build an audience of over 400,000 users on social media," reports PCMag.

Firmware Vulnerabilities In Millions of Computers Could Give Hackers Superuser Status (arstechnica.com) 23

Posted by BeauHD on Thursday July 20, 2023 @09:25PM from the update-ASAP dept.

Researchers have warned that leaked information from a ransomware attack on hardware-maker Gigabyte two years ago may contain critical zero-day vulnerabilities that pose a significant risk to the computing world. The vulnerabilities were found in firmware made by AMI for BMCs (baseboard management controllers), which are small computers integrated into server motherboards allowing remote management of multiple computers. These vulnerabilities, which can be exploited by local or remote attackers with access to Redfish remote management interfaces, could lead to unauthorized access, remote code execution, and potential physical damage to servers. Ars Technica reports: Until the vulnerabilities are patched using an update AMI published on Thursday, they provide a means for malicious hackers -- both financially motivated or nation-state sponsored -- to gain superuser status inside some of the most sensitive cloud environments in the world. From there, the attackers could install ransomware and espionage malware that runs at some of the lowest levels inside infected machines. Successful attackers could also cause physical damage to servers or indefinite reboot loops that a victim organization can't interrupt. Eclypsium warned such events could lead to "lights out forever" scenarios.

The researchers went on to note that if they could locate the vulnerabilities and write exploits after analyzing the publicly available source code, there's nothing stopping malicious actors from doing the same. And even without access to the source code, the vulnerabilities could still be identified by decompiling BMC firmware images. There's no indication malicious parties have done so, but there's also no way to know they haven't. The researchers privately notified AMI of the vulnerabilities, and the company created firmware patches, which are available to customers through a restricted support page. AMI has also published an advisory here.

Submission + - AT&T may have nearly 200,000 miles of lead-covered phone cables across US. (arstechnica.com)

Submitted by Anonymous Coward on Thursday July 20, 2023 @07:11PM

An anonymous reader writes: AT&T's legacy telephone network may have nearly 200,000 miles of lead-covered cables, according to an estimate by AT&T submitted in a court filing. "Based on its records, AT&T estimates that lead-clad cables represent less than 10 percent of its copper footprint of roughly two million sheath miles of cable, the overwhelming majority of which remains in active service," AT&T wrote in a court filing yesterday in US District Court for the Eastern District of California. "More than two thirds of its lead-clad cabling is either buried or in conduit, followed by aerial cable, and with a very small portion running underwater. There are varying costs of installation, maintenance, and removal by cable type (aerial, buried, buried in conduit, underwater)."

Reacting to the court filing, financial analyst firm Raymond James & Associates wrote in a research note, "AT&T is telling us that the total exposure is 200,000 route miles or less." With about two-thirds of the lead cables either buried or installed inside conduit, "We believe the implication for AT&T's data is that the route miles that should be addressed most immediately is about 3.3 percent (or less)," the analyst firm wrote. AT&T's new court filing came in a case filed against AT&T subsidiary Pacific Bell by the California Sportfishing Protection Alliance (CSPA) in January 2021. The sportfishing group sued AT&T over cables that are allegedly "damaged and discharging lead into Lake Tahoe."

The two underwater cables run along the bottom of the western side of Lake Tahoe for a total of eight miles. AT&T "contends that it stopped using the Cables in or around the 1980s or earlier, that the Easements therefore have terminated, and that Defendant no longer owns the Cables," according to a November 2021 settlement. AT&T agreed in that settlement to remove the cables but now says it is at an "impasse" with the CSPA regarding removal. "In this matter, AT&T has always maintained that its lead-clad telecommunications cables pose no danger to those who work and play in the waters of Lake Tahoe, but in 2021, AT&T agreed to remove them simply to avoid the expense of litigation," an AT&T lawyer at the firm Paul Hastings wrote yesterday in a letter to the plaintiff that was attached to the court filing. [...]

AT&T's stance that it won't remove the Lake Tahoe cables any time soon is apparently a surprise to the plaintiff. The CSPA said in a court filing last week that in a Zoom meeting on July 10, "AT&T confirmed that it is prepared to commence the removal process on September 6, 2023, as long as the new permit request that AT&T submitted to State Parks in May is approved by State Park." AT&T's filing said the company never "confirmed" that it is prepared to start the cable removal process on September 6. The CSPA argues that the lead-covered cables "have leached, are leaching, and will continue to leach lead into the waters of Lake Tahoe, and that such leaching may present an imminent and substantial endangerment to human health or the environment."

Comment OK, force for good (Score 1) 67

by HoleShot on Wednesday July 19, 2023 @09:14PM (#63700468) Attached to: More Than 1,300 Experts Call AI a Force For Good

Then if they really are such a force for good, they won't mind some effective regulation to quiet the concerns of many other's that don't think so.

Comment Everything is made of plastic (Score 1) 43

by HoleShot on Tuesday June 06, 2023 @07:57PM (#63582033) Attached to: First Steps Agreed on Plastics Treaty After Breakthrough at Paris Talks

This treaty they are working on is more talk about a subject we have known about for decades. No action, just talk. Treaty maybe in the future. Look at the labels on the cloths you wear. Almost all are made with plastic. Every time it's washed it sheds some of the plastic in the wash water. Just about all the products we use everyday are mostly plastic. We have a long way to go to eliminate micro plastics.

Comment Bring back Clippy (Score 1, Flamebait) 22

by HoleShot on Friday June 02, 2023 @07:48PM (#63572013) Attached to: Microsoft Is Finally Killing Cortana On Windows

as an AI chat bot. Complete with all the animation.

Comment Not really a savings account. Same delays. (Score 2) 59

by HoleShot on Friday June 02, 2023 @06:19PM (#63571829) Attached to: Apple Customers Say It's Hard To Get Money Out of Goldman Sachs Savings Accounts

I transferred a significant amount from my bank to the Goldman-Sachs "savings account". It took five business days to show-up in the G-S account. But what I found is I could not pay my apple card balance, or move money to my Apple cash card either. The only thing I could do is transfer it back to my bank account. That transfer took three and half business days to complete. It did probably trigger a review.

Slashdot Top Deals