Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Submission + - NASA UFO team calls for higher quality data in first public meeting (science.org)

Submitted by sciencehabit
sciencehabit writes: The truth may be out there about UFOs, or what the government currently calls “unidentified anomalous phenomena” (UAPs). But finding it will require collecting data that are more rigorous than the anecdotal reports that typically fuel the controversial sightings, according to a panel of scientists, appointed by NASA to advise the agency on the topic, that held its first public meeting today.

The 16-person panel, created last year at the behest of NASA Administrator Bill Nelson, is not itself evaluating UFO claims. Instead, it is advising NASA on how the agency can contribute to federal investigations that have been led by the Department of Defense (DOD) and intelligence agencies, says panel chair David Spergel, an astrophysicist and president of the Simons Foundation, who spoke to Science ahead of the meeting. “NASA is a public agency, an open agency, that encourages the use of the scientific method for looking at results.” But science can only be done when there are data to work on, he adds. “You’re not going to learn much from fuzzy pictures from the 1950s.”

So far, most “unidentified” phenomena flagged by the military have ended up being weather balloons, drones, camera glitches, or undisclosed military aircraft, Spergel says. “It’s very unlikely there are space aliens that travel through space and use technology that looks remarkably like what we have right now.”

Submission + - Ransomware Attack On US Dental Insurance Giant Exposes Data of 9 Million Patient (techcrunch.com)

Submitted by Anonymous Coward
An anonymous reader writes: An apparent ransomware attack on one of America’s largest dental health insurers has compromised the personal information of almost nine million individuals in the United States. The Atlanta-based Managed Care of North America (MCNA) Dental claims to be the largest dental insurer in the nation for governmentsponsored plans covering children and seniors. In a notice posted on Friday, the company said it became aware of “certain activity in our computer system that happened without our permission” on March 6 and later learned that a hacker “was able to see and take copies of some information in our computer system” between February 26 and March 7, 2023.

The information stolen includes a trove of patients’ personal data, including names, addresses, dates of birth, phone numbers, email addresses, Social Security numbers, and driver’s licenses or other government-issued ID numbers. Hackers also accessed patients’ health insurance data, including plan information and Medicaid ID numbers, along with bill and insurance claim information. In some cases, some of this data pertained to a patient’s “parent, guardian, or guarantor,” according to MCNA Dental, suggesting that children’s personal data was accessed during the breach. According to a data breach notification filed with Maine’s attorney general, the hack affected more than 8.9 million clients of MCNA Dental. That makes this incident the largest breach of health information of 2023 so far, after the PharMerica breach that saw hackers access the personal data of almost 6 million patients.

Submission + - Ubuntu Core as an Immutable OS (ubuntu.com) 1

Submitted by motang
motang writes: Canonical, the sponsor of widely popular Ubuntu Linux plans on shipping the next LTS in two versions. One traditional deb version and another immutable version based on snapd technology for enthusiasts to play with and give feedback. I for one am looking forward, as I am sure immutable is future of Linux distros.

Submission + - Apple's VR Headset is rumoured to pack super high end displays (theverge.com)

Submitted by Anonymous Coward
An anonymous reader writes: According to a tweet from Ross Young , CEO of Display Supply Chain Consultants, Apple's rumored mixed reality headset could have extremely pixel-dense and bright displays. Young says that the headset will be equipped with two 1.41-inch Micro OLED screens, each with 4,000 pixels per inch (ppi). This would make the headset's displays more pixel-dense than any other VR headset on the market, including the Meta Quest Pro, which has a resolution of 2,160 x 2,160 per eye.

In addition to being extremely pixel-dense, Young also says that the headset's displays will be very bright, with a peak brightness of over 5,000 nits. This would make the headset displays brighter than high-end TVs.

The combination of high pixel density and high brightness would make the headset's displays ideal for VR applications that require a high level of detail and realism. For example, the headset's displays would be perfect for playing VR games or watching VR movies.

However, it's important to note that these are just rumors at this point. Apple has not yet officially announced a mixed-reality headset, so it's possible that the headset's specifications could change before it's released. We expect to see the "Reality Pro" headset at the WWDC Conference on June 5th, 2023.

Submission + - IAEA Team in Japan for Final Review of Fukushima Nuclear Plant Water Discharge (apnews.com)

Submitted by Anonymous Coward
An anonymous reader writes: An International Atomic Energy Agency team arrived in Tokyo on Monday for a final review before Japan begins releasing massive amounts of treated radioactive water into the sea from the wrecked Fukushima nuclear plant, a plan that has been strongly opposed by local fishing communities and neighboring countries. The team, which includes experts from 11 countries, will meet with officials from the government and the plant operator, Tokyo Electric Power Company Holdings, and visit the Fukushima Daiichi nuclear power plant during their five-day visit, the economy and industry ministry said.

Japan announced plans in April 2021 to gradually release the wastewater following further treatment and dilution to what it says are safe levels. The release is expected to begin within a few months after safety checks by Japanese nuclear regulators of the newly constructed water discharge facility and a final report by IAEA expected in late June. Japan sought IAEA’s assistance in ensuring the release meets international safety standards and to gain the understanding of other countries.

Japanese officials say the water will be treated to legally releasable levels and further diluted with large amounts of seawater. It will be gradually released into the ocean over decades through an undersea tunnel, making it harmless to people and marine life, they say. Some scientists say the impact of long-term, low-dose exposure to radionuclides is unknown and the release should be delayed.

Submission + - Tackling Plastic Pollution: 'We Can't Recycle Our Way Out of This' (france24.com)

Submitted by Anonymous Coward
An anonymous reader writes: The scale of plastic pollution is growing, relentlessly. The world is producing twice as much plastic waste as two decades ago, reaching 353 million tonnes in 2019, according to OECD figures. The vast majority goes into landfills, gets incinerated or is “mismanaged," meaning left as litter or not correctly disposed of. Just 9 percent of plastic waste is recycled. Ramping up plastic recycling might seem like a logical way to transform waste into a resource. But recent studies suggest that recycling plastic poses its own environmental and health risks, including the high levels of microplastics and harmful toxins produced by the recycling process that can be dangerous for people, animals and the environment. [...]

The share of plastic waste that is recycled globally is expected to rise to 17 percent by 2060, according to figures from the OECD. But recycling more will not address a major issue: after being recycled once or twice, most plastics come to a dead end. “There’s a myth with plastic recycling that if the quality is good enough the plastics can be recycled back into plastic bottles,” says Natalie Fée, the founder of City to Sea, a UK-based environmental charity. “But as it goes through the system, it becomes lower- and lower-grade plastic. It's down-cycled into things like drain pipes or sometimes fleece clothing. But those items can't be recycled afterwards.”

It is therefore difficult to make the case that recycled plastic is a sustainable material, said Graham Forbes, Global Plastics Campaign leader at Greenpeace USA, in a statement this week. “Plastics have no place in a circular economy. It’s clear that the only real solution to ending plastic pollution is to massively reduce plastic production.” And it is impossible for increased recycling to keep pace with the amount of plastic waste being produced – which is expected to almost triple by 2060. “There's no way that we can recycle our way out of this,” added [Therese Karlsson, science and technical adviser at the International Pollutants Elimination Network (IPEN)]. “Not as it works today. Because today, plastic recycling is not working.”

Submission + - Elon Musk's Twitter algorithm changes are 'amplifying anger and animosity', say (standard.co.uk)

Submitted by concertina226
concertina226 writes: Changes in Twitter’s algorithms show users are being shown far more tweets that amplify anger and animosity than before, since Elon Musk took over the social network, according to US researchers.

A new study by computer scientists at Cornell University and University of California, Berkeley (UC Berkeley) published on Friday (May 26) looked at tweets being shown to 806 users in February, comparing the content shown on Twitter’s “For You” personalised timelines, as well as the chronological newsfeed.

“The political tweets shown by the algorithm exhibit greater partisanship and out-group animosity. Moreover, the algorithm slightly increases the ratio of out-group to in-group content (rather than reinforcing filter bubbles or echo chambers),” the researchers wrote.

“However, exposure to these algorithm-selected tweets results in users perceiving their political in-group more positively and the political out-group more negatively, potentially contributing to greater affective polarisation.”

Submission + - Microsoft is Building an Online Streaming Service (donutmail.net)

Submitted by paradepowder18
paradepowder18 writes: Microsoft is working on an online streaming video service that is Netflix-like for video games. It promises to deliver "console-quality gaming on any device'.

The Redmond-based company says that players will be able to stream blockbuster films to their Xbox laptop, computer or smartphone.

It is unclear whether players will need to pay for games individually or whether they will be able to access the entire library for a monthly fee including video on demand.

Microsoft doesn't believe streaming will replace dedicated consoles in the end, but the company teased that a ne

Submission + - Meta to limit how it uses ad data to boost Facebook Marketplace (techcrunch.com)

Submitted by blueeyed
blueeyed writes:

Facebook’s parent Meta has given key assurances to U.K. antitrust regulators as it looks to counter concerns over how it uses advertising data to benefit its own products. ... Now, however, the CMA has given its first indication that it is prepared to drop the case after receiving specific commitments from Meta. These include allowing advertisers to opt-out of their advertising data being used to develop Facebook Marketplace, which Meta said it will do through implementing “new technical systems.” On top of that, Meta said it will train staff to ensure that they don’t use advertiser data when developing new products for use in the U.K. market that may be in direction competition with advertisers.

Submission + - Lawyer gets caught filing ChatGPT made-up citations (theverge.com)

Submitted by david.emery
david.emery writes: TheVerge reports: Lawyers suing the Columbian airline Avianca submitted a brief full of previous cases that were just made up by ChatGPT, The New York Times reported today. Of course, the attorney filing these asked ChatGPT to confirm, which ChatGPT gladly did. The judge in the case has scheduled a hearing to show cause in person..., why he ought not be sanctioned ... This case is worth watching to see if the judge takes any notice of ChatGPT as the source, he could decide that ChatGPT was 'mitigating circumstances,' or he could decide that the filing attorney had a particular obligation to verify -everything- obtained from ChatGPT. What's clear is that depending on ChatGPT will not be sufficient in court to avoid sanctions.

Submission + - US To Give Away Free Lighthouses As GPS Makes Them Unnecessary (theguardian.com)

Submitted by Anonymous Coward
An anonymous reader writes: Ten lighthouses that for generations have stood like sentinels along America’s shorelines protecting mariners from peril and guiding them to safety are being given away at no cost or sold at auction by the federal government. The aim of the program run by the General Services Administration is to preserve the properties, most of which are more than a century old. The development of modern technology, including GPS, means lighthouses are no longer essential for navigation, said John Kelly of the GSA’s office of real property disposition. And while the Coast Guard often maintains aids to navigation at or near lighthouses, the structures themselves are often no longer mission critical.

Yet the public remains fascinated by the evocative beacons, which are popular tourist attractions, beloved local landmarks and the subject of countless photographers and artists, standing lonely but strong against tides and storms, day and night and flashing life-saving beams of light whatever the weather. “People really appreciate the heroic role of the solitary lighthouse keeper,” he said, explaining their allure. “They were really the instruments to provide safe passage into some of these perilous harbors which afforded communities great opportunities for commerce, and they’re often located in prominent locations that offer breathtaking views."

The GSA has been transferring ownership of lighthouses since Congress passed the National Historic Lighthouse Preservation Act in 2000. About 150 lighthouses have been transferred, 80 or so given away and another 70 auctioned, raising more than $10m. This year, six lighthouses are being offered at no cost to federal, state or local government agencies, non-profits, educational organizations or other entities that are willing to maintain and preserve them and make them publicly available for educational, recreational or cultural purposes. [...] Some past lighthouse sales have ended up with them converted into private residences.

Submission + - Phishing Domains Tanked After Meta Sued Freenom (krebsonsecurity.com)

Submitted by Anonymous Coward
An anonymous reader writes: The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta, which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains. Freenom is the domain name registry service provider for five so-called “country code top level domains” (ccTLDs), including .cf for the Central African Republic; .ga for Gabon; .gq for Equatorial Guinea; .ml for Mali; and .tk for Tokelau. Freenom has always waived the registration fees for domains in these country-code domains, but the registrar also reserves the right to take back free domains at any time, and to divert traffic to other sites — including adult websites. And there are countless reports from Freenom users who’ve seen free domains removed from their control and forwarded to other websites.

By the time Meta initially filed its lawsuit in December 2022, Freenom was the source of well more than half of all new phishing domains coming from country-code top-level domains. Meta initially asked a court to seal its case against Freenom, but that request was denied. Meta withdrew its December 2022 lawsuit and re-filed it in March 2023. “The five ccTLDs to which Freenom provides its services are the TLDs of choice for cybercriminals because Freenom provides free domain name registration services and shields its customers’ identity, even after being presented with evidence that the domain names are being used for illegal purposes,” Meta’s complaint charged. “Even after receiving notices of infringement or phishing by its customers, Freenom continues to license new infringing domain names to those same customers." Meta pointed to research from Interisle Consulting Group, which discovered in 2021 and again last year that the five ccTLDs operated by Freenom made up half of the Top Ten TLDs most abused by phishers.

Interisle partner Dave Piscitello said something remarkable has happened in the months since the Meta lawsuit. “We’ve observed a significant decline in phishing domains reported in the Freenom commercialized ccTLDs in months surrounding the lawsuit,” Piscitello wrote on Mastodon. “Responsible for over 60% of phishing domains reported in November 2022, Freenom’s percentage has dropped to under 15%." Piscitello said it’s too soon to tell the full impact of the Freenom lawsuit, noting that Interisle’s sources of spam and phishing data all have different policies about when domains are removed from their block lists.

Submission + - Whistleblower Drops 100 Gigabytes Of Tesla Secrets To German News Site (jalopnik.com)

Submitted by AmiMoJo
AmiMoJo writes: A German news outlet sifted through over 23,000 of Tesla’s internal files and found a disturbing trend of brushing off customers complaining about dangerous Autopilot glitches while covering the company’s ass.

The publication Handelsblatt got its hands on the data through an unnamed informant. Handelsblatt confirmed the data’s authenticity with Fraunhofer Institute for Secure Information Technology, which found no evidence of doctoring or fabrication in the files. Tesla attempted to stop the publication from using this data in its reporting and even threatened legal action against Handelsblatt. The publication, however, decided this was one of the extraordinary circumstances when reporting on such a data breach would be legal under European Union law.

Submission + - A Popular Password Hashing Algorithm Starts Its Long Goodbye (wired.com)

Submitted by Anonymous Coward
An anonymous reader writes: Bcrypt turns 25 this year, and Niels Provos, one of its coinventors, says that looking back, the algorithm has always had good energy, thanks to its open source availability and the technical characteristics that have fueled its longevity. Provos spoke to WIRED about a retrospective on the algorithm that he published this week in Usenix ;login:. Like so many digital workhorses, though, there are now more robust and secure alternatives to bcrypt, including the hashing algorithms known as scrypt and Argon2. Provos himself says that the quarter-century milestone is plenty for bcrypt and that he hopes it will lose popularity before celebrating another major birthday.

A version of bcrypt first shipped with the open source operating system OpenBSD 2.1 in June 1997. At the time, the United States still imposed stringent export limits on cryptography. But Provos, who grew up in Germany, worked on its development while he was still living and studying there. “One thing I found so surprising was how popular it became,” he says. “I think in part it’s probably because it was actually solving a problem that was real, but also because it was open source and not encumbered by any export restrictions. And then everybody ended up doing their own implementations in all these other languages. So these days, if you are faced with wanting to do password hashing, bcrypt is going to be available in every language that you could possibly operate in. But the other thing that I find interesting is that it’s even still relevant 25 years later. That is just crazy.”

Provos developed bcrypt with David Mazieres, a systems security professor at Stanford University who was studying at the Massachusetts Institute of Technology when he and Provos collaborated on bcrypt. The two met through the open source community and were working on OpenBSD. [...] Password security is always lagging, though, and both Provos and Mazieres expressed disbelief and disappointment that the state of passwords broadly has not evolved in decades. Even new schemes like passkeys are only just beginning to emerge. “Bcrypt should have been superseded already,” Provos says. “It’s surprising how much reliance we still have on passwords. If you had asked me 25 years ago, I would not have guessed that.”

Submission + - Unearthed: CosmicEnergy, Malware For Causing Kremlin-Style Power Disruptions (arstechnica.com)

Submitted by Anonymous Coward
An anonymous reader writes: Researchers have uncovered malware designed to disrupt electric power transmission and may have been used by the Russian government in training exercises for creating or responding to cyberattacks on electric grids. Known as CosmicEnergy, the malware has capabilities that are comparable to those found in malware known as Industroyer and Industroyer2, both of which have been widely attributed by researchers to Sandworm, the name of one of the Kremlin’s most skilled and cutthroat hacking groups.

Researchers from Mandiant, the security firm that found CosmicEnergy, wrote: "COSMICENERGY is the latest example of specialized OT malware capable of causing cyber physical impacts, which are rarely discovered or disclosed. What makes COSMICENERGY unique is that based on our analysis, a contractor may have developed it as a red teaming tool for simulated power disruption exercises hosted by Rostelecom-Solar, a Russian cyber security company. Analysis into the malware and its functionality reveals that its capabilities are comparable to those employed in previous incidents and malware, such as INDUSTROYER and INDUSTROYER.V2, which were both malware variants deployed in the past to impact electricity transmission and distribution via IEC-104. The discovery of COSMICENERGY illustrates that the barriers to entry for developing offensive OT capabilities are lowering as actors leverage knowledge from prior attacks to develop new malware. Given that threat actors use red team tools and public exploitation frameworks for targeted threat activity in the wild, we believe COSMICENERGY poses a plausible threat to affected electric grid assets. OT asset owners leveraging IEC-104 compliant devices should take action to preempt potential in the wild deployment of COSMICENERGY."

Right now, the link is circumstantial and mainly limited to a comment found in the code suggesting it works with software designed for training exercises sponsored by the Kremlin. Consistent with the theory that CosmicEnergy is used in so-called Red Team exercises that simulate hostile hacks, the malware lacks the ability to burrow into a network to obtain environment information that would be necessary to execute an attack. The malware includes hardcoded information object addresses typically associated with power line switches or circuit breakers, but those mappings would have to be customized for a specific attack since they differ from manufacturer to manufacturer. “For this reason, the particular actions intended by the actor are unclear without further knowledge about the targeted assets,” Mandiant researchers wrote.

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close