hsthompson69 - Slashdot User

Submission + - Government Surveillance Keeps Us Safe (nytimes.com)

Submitted by Anonymous Coward on Tuesday April 23, 2024 @08:48AM

An anonymous reader writes: This is an extraordinarily dangerous time for the United States and our allies. Israel’s unpreparedness on Oct. 7 shows that even powerful nations can be surprised in catastrophic ways. Fortunately, Congress, in a rare bipartisan act, voted early Saturday to reauthorize a key intelligence power that provides critical information on hostile states and threats ranging from terrorism to fentanyl trafficking.

Civil libertarians argued that the surveillance bill erodes Americans’ privacy rights and pointed to examples when American citizens got entangled in investigations. Importantly, the latest version of the bill adds dozens of legal safeguards around the surveillance in question — the most expansive privacy reform to the legislation in its history. The result preserves critical intelligence powers while protecting Americans’ privacy rights in our complex digital age.

At the center of the debate is the Foreign Intelligence Surveillance Act. Originally passed in 1978, it demanded that investigators gain an order from a special court to surveil foreign agents inside the United States. Collecting the communications of foreigners abroad did not require court approval.

Submission + - Windows vulnerability reported by the NSA exploited to install Russian malware (arstechnica.com)

Submitted by echo123 on Tuesday April 23, 2024 @05:50AM

echo123 writes: Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attacks that targeted a vast array of organizations with a previously undocumented tool, the software maker disclosed Monday.

When Microsoft patched the vulnerability in October 2022—at least two years after it came under attack by the Russian hackers—the company made no mention that it was under active exploitation. As of publication, the company’s advisory still made no mention of the in-the-wild targeting. Windows users frequently prioritize the installation of patches based on whether a vulnerability is likely to be exploited in real-world attacks.

On Monday, Microsoft revealed that a hacking group tracked under the name Forest Blizzard has been exploiting CVE-2022-38028 since at least June 2020—and possibly as early as April 2019. The threat group—which is also tracked under names including APT28, Sednit, Sofacy, GRU Unit 26165, and Fancy Bear—has been linked by the US and the UK governments to Unit 26165 of the Main Intelligence Directorate, a Russian military intelligence arm better known as the GRU. Forest Blizzard focuses on intelligence gathering through the hacking of a wide array of organizations, mainly in the US, Europe, and the Middle East.

Microsoft representatives didn't respond to an email asking why the in-the-wild exploits are being reported only now.

Monday’s advisory provided additional technical details:

Read the rest at ArsTechnica.

Submission + - Two lifeforms merge into one organism for first time in a billion years (msn.com)

Submitted by fjo3 on Monday April 22, 2024 @09:46PM

fjo3 writes: For the first time in at least a billion years, two lifeforms have merged into a single organism.

The process, called primary endosymbiosis, has only happened twice in the history of the Earth, with the first time giving rise to all complex life as we know it through mitochondria. The second time that it happened saw the emergence of plants.

Now, an international team of scientists have observed the evolutionary event happening between a species of algae commonly found in the ocean and a bacterium.

Comment Re:Read the original article (Score 2) 202

by quantaman on Monday April 22, 2024 @11:07AM (#64414282) Attached to: What Happened After Amazon Electrified Its Delivery Fleet?

EVs don't scale well. At a gas station if you have two people in front of you, you wait 20 minutes. At an EV charging stand on the highway, lets say you can get the fastest charger; you may be waiting for an hour before you start to charge. That could be the difference between being relaxed for a flight and getting stressed out making it there just in time. The world has changed since the horse and buggy. Those days are gone, and a lot of times people are just trying to keep their schedule and know they can make it somewhere on time.

The difference is that a gas station requires a massive capital investment to build. An EV charging stand just needs the same electricity as any other business. In the long term it might be efficient for the market to produce an excess of charging stations.

Submission + - Study: Alphabetical order of surnames may affect grading (umich.edu)

Submitted by AmiMoJo on Monday April 22, 2024 @11:06AM

AmiMoJo writes: Knowing your ABCs is essential to academic success, but having a last name starting with A, B or C might also help make the grade. An analysis by University of Michigan researchers of more than 30 million grading records from U-M finds students with alphabetically lower-ranked names receive lower grades. This is due to sequential grading biases and the default order of students’ submissions in Canvas — the most widely used online learning management system — which is based on alphabetical rank of their surnames.

What’s more, the researchers found, those alphabetically disadvantaged students receive comments that are notably more negative and less polite, and exhibit lower grading quality measured by post-grade complaints from students.

Comment Re:The Thought Police Are Coming (Score 1) 125

by JustAnotherOldGuy on Sunday April 21, 2024 @11:47AM (#64412106) Attached to: Creating Sexually Explicit Deepfake Images To Be Made Offense in UK

But she might care ...

She'd laugh and ask for a copy herself.

Comment Re:This should be impossible (Score 1) 90

by hsthompson69 on Sunday April 21, 2024 @11:46AM (#64412104) Attached to: Insufficient Redundancy? Light-Pole Installation Cut Fiber Line, Triggered Three-State 911 Outage

Maybe they just bought into the idea the TCP/IP routes around damage flawlessly - without understanding that's only true if multiple routes exist.

Even when data centers have multiple redundant connections, how many of those physical wires aren't bundled together? And even if you did route one set of cables north of your building to utility poles, and another set south of your building to different utility poles, who knows if the utility company ends up merging those two sets of cables together at some point?

Comment Re:past is no longer a guide to the future, Really (Score 1) 170

by quantaman on Sunday April 21, 2024 @10:33AM (#64411962) Attached to: Could the Earth's Record Hot Streak Signal a New Climate Era?

"this current change isn't really predicted by current models."

Huh? Then what are all those models alarmists have been screaming about?

The models have errors and uncertainties, including about when we might hit various tipping points.

The fear is that the "alarmists" were wrong, and the climate is warming faster than they thought.

Comment Re:Why didn't COVID drop CO2 levels? (Score 1) 170

by quantaman on Sunday April 21, 2024 @10:32AM (#64411954) Attached to: Could the Earth's Record Hot Streak Signal a New Climate Era?

I have read multiple articles in "peer reviewed" journals, trying to explain why atmospheric CO2 didn't drop when emissions plummeted, and why the earth got warmer when atmospheric pollution levels droped. The articles are gibberish.

Atmospheric CO2 takes a very long time to drop (and we're still adding more) and when pollution dropped more sunlight got through and raised temps slightly.

Sorry if that's too complicated for you.

I do remember that the environmental "science" classes I peeked at, then immediately dropped, when course shopping undergrad, contained the stupidist collection of humans I have ever run across.

Don't worry, the average intelligence jumped way up after you dropped.

I remember discussing the effect of the sun on the earth's temps with some enviro science professor, long ago. He said the sun had "no effect."

The prof was assuming you were smart enough to understand that everyone would know the sun warms the earth.

He was saying that sun's output was constant enough to have no effect.

Since I've finally realized how dumb the average person on earth really is, I don't care any more.

The midwit phenomenon is the great truth of our age.

I hope you can take some solace in the fact that the average person is still apparently much smarter than you.

Submission + - GPT-4 can exploit real vulnerabilities by reading security advisories (theregister.com)

Submitted by tippen on Sunday April 21, 2024 @09:35AM

tippen writes: In a newly released paper, four University of Illinois Urbana-Champaign (UIUC) computer scientists – Richard Fang, Rohan Bindu, Akul Gupta, and Daniel Kang – report that OpenAI's GPT-4 large language model (LLM) can autonomously exploit vulnerabilities in real-world systems if given a CVE advisory describing the flaw.

"To show this, we collected a dataset of 15 one-day vulnerabilities that include ones categorized as critical severity in the CVE description," the US-based authors explain in their paper.

"When given the CVE description, GPT-4 is capable of exploiting 87 percent of these vulnerabilities compared to 0 percent for every other model we test (GPT-3.5, open-source LLMs) and open-source vulnerability scanners (ZAP and Metasploit)."

Submission + - Canada's Disastrous ArriveCan App Received a Procurement Award

Submitted by belmolis on Saturday April 20, 2024 @11:54PM

belmolis writes: During Covid, the Canada Border Services Agency created ArriveCan, an app that allows travelers entering Canada to electronically submit travel documents and customs declarations. The app was so buggy that many could not use it, and erroneously ordered thousands of travelers to quarantine. At C$59.5 (US$48.4) million it was far more expensive than the initial C$80,0000 estimate.The procurement process was recently severely criticized by Auditor General Karen Hogan in a scathing report. It has now been reported that the team responsible for ArriveCan received an Unsung Heroes award from the Canadian Institute for Procurement and Material Management for its work.

Comment Re:Smells like static equilibrium to me (Score 1) 258

by quantaman on Saturday April 20, 2024 @11:19PM (#64411360) Attached to: NASA Veteran Behind Propellantless Propulsion Drive Announces Major Discovery

If the test article is not moving it does no work so no violation of conservation of energy. But as you point out you are going to need to carefully eliminate quite a lot, as everything contains electrons, those electrons can move and create polarization which can create electrostatic forces often in unexpected way. When I was playing with electrostatics it was terribly easy to get this wrong even in very simple scenarios. I expect a guy with as much experience as this guy purports to have would know that, but then, even the best of us get excited and overlook things.

The world is full of folks with impressive credentials, it's inevitable a few of them will dive headfirst into crackpot theories for a variety of reasons.

Not to say this guy is a crackpot, but what he's claiming should be pretty easy to demonstrate to credible outside experts. That he hasn't done that rings many alarm bells.

Comment Re:past is no longer a guide to the future, Really (Score 1) 170

by quantaman on Saturday April 20, 2024 @10:11PM (#64411278) Attached to: Could the Earth's Record Hot Streak Signal a New Climate Era?

I'm not saying anything about changing temperatures are man fault or not, blah blah blah, but when has anything in nature stayed the same? It's in constant change. Some are slow, other can be quick, but it's nature. Stuff changes.

I'm just baffled by the statement "the past is no longer a guide to the future." It never has been. Just like investing.

I'm baffled by people who insist on taking statements completely literally when it's obvious that's not what the speaker meant. Especially when the person in question actually explains what the statement means!

"What if the statistical connections that we are basing our predictions on are no longer valid?"

ie, the scientist who obviously understands that nature changes, is worried because this current change isn't really predicted by current models. If the warming keeps up that means the models are wrong in the way we really don't want them to be wrong and that's bad news.

Comment Re:What data is this ban based on? (Score 2) 86

by quantaman on Saturday April 20, 2024 @09:20PM (#64411242) Attached to: British Columbia Bans Level 3 and Above Autonomous Cars

Read the article. No data was mentioned that the ban is based on. So, I googled to see if the British Columbian government was using data, say, from California, which has a lot of autonomous cars.

California has level 4 taxis (which have had problems) but few (if any) level 3 consumer cars. So I'm not sure what data you think BC should be using.

I couldn't find any mention of any data or any specific concern of data in any article.

You really need folks to spell out the concerns with untested level 3 cars?

First, no autonomous level 3 (or above) cars are available for sale in BC. The articles didn't state if this is because they're illegal or there just happens to be zero. That is, why would you ban something that you either can't buy because it's already illegal? In other words, is there already a ban on level 3 cars (or above) in BC, and this is why there are zero types of these cars?

For someone complaining about data it seems to have eluded you that level 3 vehicles are so new that they haven't even made it to the Canadian market.

All that's mentioned is a quote from a BC politician who says that BC takes a "traditional" approach to this type of technology. I don't know what this means.

It means common sense. Before deploying level 3 cars on public roads they want more data.

In any case, I don't understand how a law can be passed, on a product, that may not be more dangerous (or more safe) than most drivers.

When reasonable people have a reasonable expectation that the new product may be more dangerous and they don't want to wait for a bunch of fatalities to occur to stop it.

Comment Re:Linus has become the old man shaking his fist (Score 2) 42

by quantaman on Saturday April 20, 2024 @02:16PM (#64410574) Attached to: Linus Torvalds on 'Hilarious' AI Hype

Linus totally misses the point, which is kind of unusual.

GPT-4/5/6 might not replace him as a kernel architect, but it sure as hell is (and will increasingly be) making a ton of people in a lot of industries waaay more productive. There isn't an infinite supply of work, so a lot of jobs will go away--never to return.

And no, this isn't some millennial/Zoomer potshot: I'm two years older than Linus ...

I'm not sure your intuition is correct. Sure the supply of work isn't infinite but it does increase when productivity goes up.

Look at a website designer, in the early 90s you were writing HTML and CSS by hand, drawing icons with crappy editors, etc, etc.

Now, you've got crazy libraries and full-fledged website builders, I'm guessing a modern web designer is MUCH more productive.

The result? There's waaay more website designer jobs out there, that's partially because the Internet is bigger, but also because you get way more value for your cash buying a website designer now.

Some of the same will be happening with software dev. Sure, some companies that doesn't see any need to do more than they're currently doing may cut staff, but a lot of other companies will realize that the software project/product they were thinking of is now viable.

Slashdot Top Deals