"Just before the end of the Trump administration, an obscure Florida company began announcing routes to IP addresses owned by the Pentagon," writes long-time Slashdot reader whoever57. The Washington Post calls it "a huge unused swath of the Internet that, for several decades, had been owned by the U.S. military." What happened next was stranger still. The company, Global Resource Systems LLC, kept adding to its zone of control. Soon it had claimed 56 million IP addresses owned by the Pentagon. Three months later, the total was nearly 175 million. That's almost 6 percent of a coveted traditional section of Internet real estate — called IPv4 — where such large chunks are worth billions of dollars on the open market... "They are now announcing more address space than anything ever in the history of the Internet," said Doug Madory, director of Internet analysis for Kentik, a network monitoring company, who was among those trying to figure out what was happening...

The change is the handiwork of an elite Pentagon unit known as the Defense Digital Service, which reports directly to the secretary of defense. The DDS bills itself as a "SWAT team of nerds" tasked with solving emergency problems for the department and conducting experimental work to make big technological leaps for the military... Brett Goldstein, the DDS's director, said in a statement that his unit had authorized a "pilot effort" publicizing the IP space owned by the Pentagon. "This pilot will assess, evaluate and prevent unauthorized use of DoD IP address space," Goldstein said. "Additionally, this pilot may identify potential vulnerabilities...."

The specifics of what the effort is trying to achieve remain unclear... What is clear, however, is the Global Resource Systems announcements directed a fire hose of Internet traffic toward the Defense Department addresses...

Russell Goemaere, a spokesman for the Defense Department, confirmed in a statement to The Washington Post that the Pentagon still owns all the IP address space and hadn't sold any of it to a private party.

After 45 years, NBC's popular TV show "Saturday Night Live" has lined up its richest guest host ever. CNN reports: In one of the more surprising announcements in the recent history of "Saturday Night Live," the NBC variety show said Saturday that its next host will be Elon Musk, the eccentric CEO of Tesla and one of the richest people on the planet.
USA Today adds: The coveted slot, usually occupied by British actors like Carey Mulligan or former boy band members like Nick Jonas, is now reserved on May 8 for Tesla CEO and SpaceX chief engineer, Musk.

He'll be joined by musical guest Miley Cyrus...

The official Twitter page for "SNL" announced the news in its usual format, a photo of sticky notes with the guest's name. "SNL" captioned the tweet with three rocket ship emojis.

Long-time Slashdot reader DesertNomad summarizes a report from EE Times: It's been known for a long time that the various Global Navigation Satellite System (GNSS) systems are easily jammed; the more "interesting" problem is the potential to spoof a GNSS signal and by spoofing use that to cause GNSS receivers to determine incorrect positions. The challenge lies in the observation that the navigation messages can be constructed by bad actors on the ground. Work going on for several years now has been to provide crypto signatures that have the potential to authenticate valid transmissions. Current commercial receivers can't take advantage of that, so there may be industry-wide needs to update the receiver devices.
"The vulnerability of the global positioning system, or GPS, is widely acknowledged..." reports EE Times: Spoofing creates all kinds of havoc. For example, it can be used to hijack autonomous vehicles and send them on alternate routes. Spoofing can alter the routes recorded by vehicle monitors, or break geofences used to guard operational areas. It also poses a risk to critical infrastructure, including power, telecommunication and transportation systems. Jan van Hees, business development and marketing director for GNSS receiver maker Septentrio, provided these analogies: "Jamming involves making so much noise that the [satellite signal] disappears. Spoofing is like a phishing attack on the signal."

The U.S. Coast Guard has recently tracked a growing number of high-profile incidents involving GPS interference. For example, the loss of GPS reception in Israeli ports in 2019 left GPS-guided autonomous cranes inoperable, collateral damage from the Syrian civil war. In 2016, more than 20 ships off the Crimean peninsula were thought to be the victim of a GPS spoofing attack which shifted the ships' positions on electronic chart displays to land.
The article recommends real-world auditing, testing, and risk assessment, adding that one pending fix is signal encryption "including a framework called open service navigation message authentication (OSNMA)." The OSNMA anti-spoofing service developed for the European GNSS system, enables secure transmissions from Galileo satellites to encryption-enabled GNSS receivers. In the midst of final testing, OSNMA will soon be available free to users... A secret key on the satellite is used to generate a digital signature. Both the signature and key are appended to navigation data and transmitted to the receiver. OSNMA is designed to be backward-compatible, so that positioning without OSNMA still works.

"An Oklahoma woman was recently informed that she was charged with felony embezzlement of rented property for not returning a VHS tape over 20 years ago," reports Business Insider: Caron McBride reportedly rented the "Sabrina The Teenage Witch" tape at a now closed store in Norman, Oklahoma in 1999, according to KOKH-TV. She was charged a year later, in March 2000, after it was not returned, KOKH-TV reported citing documents. McBride was notified about the charge by the Cleveland County District Attorney's Office when she was attempting to change the name of her license after she got married, the news station reported...

"I had lived with a young man, this was over 20 years ago. He had two kids, daughters that were 8, 10, or 11 years old, and I'm thinking he went and got it and didn't take it back or something. I have never watched that show in my entire life, just not my cup of tea. Meanwhile, I'm a wanted felon for a VHS tape," McBride told the news station.
"Documents show the movie was rented at movie place in Norman, Oklahoma, which closed in 2008..." reports one local news station: McBride said over the last 20 years, she's been let go from several jobs without being given a reason why, and said it now all makes sense. "This is why. Because when they ran my criminal background check, all they're seeing is those two words: felony embezzlement," McBride said.
"The DA's office says the charge was filed under a previous district attorney," reports a local Oklahoma station, "and after reviewing the case, they thought it was fit to dismiss it."

But McBride still has to get an attorney to expunge the incident from her record.

The Associated Press reports: In a ruling that reversed one of the biggest miscarriages of justice in British legal history, 39 people who ran local post offices had their convictions for theft, fraud and false accounting overturned Friday because of what an appeals court said was clear evidence of "bugs, errors or defects" in an IT system.

The decision follows a years-long, complex legal battle that could see Britain's Post Office face a huge compensation bill for its failures following the installation, from 1999, of what turned out to be the defective Horizon computerized accounting system in local branches. Dozens of staff were convicted after the Fujitsu-supplied system pointed to an array of financial misdemeanors that bewildered the postal workers. Six others had their convictions quashed previously, while another 700 or so workers also are believed to have been prosecuted between 2000 and 2014... Jobs, homes and marriages were lost as a result of wrongful convictions, and some did not live long enough to see their names cleared by Britain's Court of Appeals.

Confirmation that the convictions were quashed was met with cheers and tears. A few bottles of bubbly were also popped.
Martin S. (Slashdot reader #98,249) writes, "As a software geek, the part I find most troubling is that blind faith that those in authority placed in the software without proper accounting..." The BBC reports some desperate sub-postmasters even "attempted to plug the gap with their own money, even remortgaging their homes, in an (often fruitless) attempt to correct an error."

The judge in the case complains that for years the Post Office had "consistently asserted that Horizon was robust and reliable" and "effectively steamrolled over any subpostmaster who sought to challenge its accuracy," according to an article in The Scotsman: Nick Read, Post Office chief executive said: "I am in no doubt about the human cost of the Post Office's past failures and the deep pain that has been caused to people affected. Many of those postmasters involved have been fighting for justice for a considerable length of time and sadly there are some who are not here to see the outcome today and whose families have taken forward appeals in their memory. I am very moved by their courage."

There were 73 convictions in Scotland caused by the failure. Although a total of 47 postmasters in England and Wales have had their cases referred to the Appeal Court, there has never been similar action in Scotland.

However, now the Scottish Criminal Cases Review Commission has written to the people it believes may also have been the victims of possible miscarriages of justice in Scotland relating to the Horizon computer system.

From Mike Melanson's "This Week in Programming" column: "The Rustening at Microsoft has begun," tweeted Microsoft distinguished engineer Miguel de Icaza.

What de Icaza is referring to is a newly-offered course by Microsoft on taking the first steps with Rust, which much of the Twitterverse of Rust devotees sees as a sign that the company is further increasing its favor for their crab-themed language of choice. Of course, this isn't the first we've heard of Microsoft looking to Rust to handle the 70% of Microsoft vulnerabilities that it says come from using the memory-unsafe C++ programming language in its software. A few years back now, Microsoft launched Project Verona, a research programming language that takes a bite from Rust in the realm of ownership and is said to be inspired by Rust, among others.

More recently, however, Microsoft announced the preview of Rust for Windows, which "lets you use any Windows API (past, present, and future) directly and seamlessly via the windows crate (crate is Rust's term for a binary or a library, and/or the source code that builds into one)." With Rust for Windows, developers can now not only use Rust on Windows, they can also write apps for Windows using Rust...

According to the project description, the Windows crate "lets you call any Windows API past, present, and future using code generated on the fly directly from the metadata describing the API and right into your Rust package where you can call them as if they were just another Rust module" and that, along with the introduction of a course for learning Rust, is precisely what has all those Rust devotees so excited.
InfoWorld has more information...

Jack Dorsey, the co-founder and CEO of Twitter, tweeted Wednesday that bitcoin "incentivises renewable energy." And Elon Musk responded "True."

The BBC adds that the tweets came "despite experts warning otherwise." The cyrptocurrency's carbon footprint is as large as some of the world's biggest cities, studies suggest. But Mr Dorsey claims that could change if bitcoin miners worked hand-in-hand with renewable energy firms.

One expert said it was a "cynical attempt to greenwash" bitcoin. China, where more than two-thirds of power is from coal, accounts for more than 75% of bitcoin mining around the world...

The tweet comes soon after the release of a White Paper from Mr Dorsey's digital payment services firm Square, and global asset management business ARK Invest. Entitled "Bitcoin as key to an abundant, clean energy future", the paper argues that "bitcoin miners are unique energy buyers", because they offer flexibility, pay in a cryptocurrency, and can be based anywhere with an internet connection. "By combining miners with renewables and storage projects, we believe it could improve the returns for project investors and developers, moving more solar and wind projects into profitable territory," it said.

Author and bitcoin critic David Gerard described the paper as a "cynical exercise in bitcoin greenwashing".

"The reality is: bitcoin runs on coal," he told the BBC.... "Bitcoin mining is so ghastly and egregious that the number one job of bitcoin promoters is to make excuses for it — any excuse at all."

Security researcher Marc Rogers (also a BBC contributor) tweeted this morning "I guess theres no hiding it now. We lost Dan Kaminsky yesterday. One of the brightest lights in infosec and probably the kindest soul I knew. The vacuum he leaves behind is impossible to measure. Please keep speculation to yourself and be respectful of his family and friends."

In later tweets, Rogers says he was proud that Kaminsky was his friend, adding "I could literally wrote a book of Dan Kaminsky tales. From shenanigans at events all over the world, to parties and just crazy stuff that happened at the spur of a moment. But most about his crazy brilliant kind generous ideas and offers of help and support. He was one of a kind."

Even the stories in Kaminsky's Wikipedia entry are impressive: He is known among computer security experts for his work on DNS cache poisoning, and for showing that the Sony Rootkit had infected at least 568,200 computers and for his talks at the Black Hat Briefings.

In June 2010, Kaminsky released Interpolique, a beta framework for addressing injection attacks such as SQL injection and cross-site scripting in a manner comfortable to developers.

On June 16, 2010, he was named by ICANN as one of the Trusted Community Representatives for the DNSSEC root.
"Dan was a force of nature," adds Marc Rogers on Twitter. "A hacker who saw not just 1 or 2 moves ahead but so many you sometimes wondered if he was playing the same game: I asked him for a demo. He brought a record turntable he used to move a VM forwards & backwards in time like a DJ scratching."

The mayor of Los Angeles is proposing the largest universal income pilot program in America, saying he hopes the program will "light a fire across our nation."

Newsweek reports: Los Angeles Mayor Eric Garcetti has proposed giving a "universal basic income" of $1000 a month to 2,000 poor local families for one year... The program would give 2,000 families below the federal poverty line monthly $1,000 checks for 12 months. The families could then spend the money however they please.

Garcetti said he hopes the program could provide a model for similar anti-poverty initiatives in other cities. "We have to end America's addiction to poverty..." Garcetti told LAist, a local news site affiliated with Southern California Public Radio. Similar programs are also being floated in at least four other L.A. county districts, according to the Los Angeles Times...

If approved, Garcetti's program would be at least the 12th time that a U.S. region has offered a basic income to its citizens.
Bloomberg notes that Los Angeles "will be the recipient of more than $1.3 billion in federal stimulus funds from the recently passed American Rescue Plan, which could be used to fund the payouts." Garcetti, a Democrat in his second term, is co-chair of Mayors for a Guaranteed Income, which has been advocating for the policy at the federal level and funding local programs. The group, which has 43 elected officials as members, was founded last year by then-Stockton-mayor Michael Tubbs. It has received $18 million in seed money from Twitter Inc. co-founder Jack Dorsey as well as $200,000 from Bloomberg Philanthropies, the charitable arm of Michael Bloomberg, founder and majority owner of Bloomberg News's parent company.

California cities have been taking a lead with these programs... In San Francisco, grants and some revenue from hotel taxes will fund monthly payments of $1,000 to about 130 artists for six months beginning next month. Organizers said the pilot is the first to solely target artists. Oakland will tap private donations this summer to fund its guaranteed income program, providing $500 monthly to about 600 poor families.

Still, a majority of Americans oppose the federal government providing a guaranteed basic income, according to a survey last year by the Pew Research Center...

Ultimately the costs of such programs will be too big for cities to finance alone, he said. But with data proving it works, Garcetti said states and the federal government could be inspired to fund them.

NASA has tweeted a video showing the arrival of four astronauts from three countries on the International Space Station early Satuday morning.

CNN describes the significance to their arrival — and what the astronauts will do during their six-month stay in space: This mission, dubbed Crew-2, marks the third-ever crewed flight for Elon Musk's company and the first to make use of a previously flown, privately-owned rocket booster and spacecraft... On Saturday morning, the capsule slowly aligned itself and moved in to dock directly with one of the space station's ports.

The crew consists of NASA astronauts Shane Kimbrough and Megan McArthur, Thomas Pesquet of the European Space Agency, and Akihiko Hoshide with Japan's JAXA space agency.

A prime focus of the astronauts' mission will be research with "tissue chips," or "small models of human organs containing multiple cell types that behave much the same as they do in the body" and that NASA hopes will advance the development of drugs and vaccines, according to the space agency. That work will build on years of studying biological and other scientific phenomena aboard the ISS, where the microgravity environment can give scientists a better fundamental understanding of how something works.

Kimbrough, McArthur, Pesquet, and Hoshide joined seven astronauts already on board the station, four of whom arrived on a different SpaceX Crew Dragon capsule in November. That brings the space station's current total of personnel to 11 — one of the largest crews the ISS has ever hosted. But that number will quickly drop back down to seven when four of the astronauts who'd been on board hitch a ride home from the station on April 28.

An anonymous reader quotes a report from South China Morning Post: In a rare public appearance since retiring nearly three years ago, Morris Chang, the 89-year-old founder of the world's largest contract chip maker, said China is not yet a competitor in chipmaking and that Taiwan should defend its leadership in semiconductor manufacturing. "Mainland China has given out subsidies to the tune of tens of billions of US dollars over the past 20 years but it is still five years behind TSMC," Chang said. "Its logic chip design capability is still one to two years behind the US and Taiwan. The mainland is still not yet a competitor."

In his speech, Chang also took a swipe at US chip giant Intel, describing its recent decision to enter the contract chip making market as "very ironic" because it turned down an opportunity to invest in TSMC more than three decades ago. Contract chip makers like TSMC typically take orders from so-called fabless chip makers like Qualcomm, which design their products but outsource the manufacturing. Chang said he was rejected by Intel when he approached it for funding in 1985. "In the past, Intel was the alpha sneering at us and thought that we would never get big," he said. "They never thought the business of [outsourced] wafer fabrication would become so important today."

Chang said the US is also at a disadvantage compared with Taiwan because it lacks engineers dedicated to the semiconductor manufacturing sector, adding that the "US level of dedication to manufacturing was absolutely no match for that of Taiwan." "What I need right now are capable and dedicated engineers, technicians and operators. And they have to be willing to throw themselves into manufacturing," he said. "In the US, doing manufacturing isn't popular. It hasn't been popular for decades."

According to Sacramento CBS affiliate KOVR-TV, Yana Sydnor called the police to report a possible home invasion. Turns out, it was a robovac that her son turned on before leaving for the weekend. Android Police reports: At 1 a.m., she and her 2-year-old daughter woke up to loud booms coming from her stairs disrupting her meditation music. She texted her friends about the sounds before they quickly responded, urging her to call 911. "I hear someone walking down my stairs, so it's like boom, boom, boom, boom, boom," Sydnor recalls telling the dispatcher. Desperate to exit the house and avoid a run-in with the invader, she ran to the bathroom, put her daughter in the tub, and thought about grabbing a ladder to get them both outside to ground level.

Officers arrived within 10 minutes of Sydnor's call. They rammed the front door wide open only to find a poor robovac, fresh from a tumble down a flight of stairs. "My son turned on the vacuum cleaner because he didn't want to do chores before he left for the weekend," she explained to the reporter after a moment of exasperated silence. The vacuum hadn't been used for 2 years and, even after the fall, it still works. We couldn't make out the make and model of the robovac, so we don't quite know if it could stop itself from going over the ledge much less what exactly happened in this case if it did have the ability.

Hmmmmmm shares a report from Politico: The Pentagon has briefed top lawmakers on intelligence surrounding suspected directed-energy attacks against U.S. troops, and officials identified Russia as a likely culprit, according to two people with direct knowledge of the matter. The briefings included information about injuries sustained by U.S. troops in Syria, the people said. The investigation includes one incident in Syria in the fall of 2020 in which several troops developed flu-like symptoms, two people familiar with the Pentagon probe said. After this article was published, Gen. Frank McKenzie, head of U.S. Central Command, told lawmakers during a Senate Armed Services Committee hearing that he has seen "no evidence" of such attacks against U.S. troops in the Middle East.

The investigation is part of a broader effort to look into directed-energy attacks on U.S. officials across multiple agencies in recent years. Since late 2016, close to 50 officials have reported symptoms of a mysterious illness that became known as "Havana syndrome" among U.S. diplomats posted in Cuba. Symptoms included acute ringing and pressure in the ears, as well as loss of hearing and balance, fatigue and residual headaches. Some victims have suffered long-term brain damage. A report commissioned by the State Department and released in December pointed to "directed, pulsed radiofrequency energy" as the most probable cause for the "Havana syndrome" incidents.

An anonymous reader shares an excerpt from a Science Magazine blog, written by Derek Lowe: Excellent news today: we have word of the most effective malaria vaccine yet discovered. A year-long trial in Burkina Faso has shown 77% efficacy, which is by far the record, and which opens the way to potentially relieving a nearly incalculable burden of disease and human suffering.

This new vaccine (R21) uses a circumsporozoite protein (CSP) antigen -- that's a highly conserved protein of the parasite, involved in several functions as the parasite makes the move from mosquito to human and into different human tissues such as the salivary glands. This has been a vaccine ingredient before, such as in the RTS,S vaccine (the first one ever licensed), but R21 has a much higher proportion of CSP assembled into a virus-like particle. It also uses the exact same adjuvant from Novavax (Matrix-M) that they are using in their coronavirus vaccine -- you can't keep a good adjuvant down, and this Chilean-soapbark-based one seems to really kick the immune system up under all circumstances.

The higher-adjuvant cohort showed 77% vaccine efficacy, and the lower-adjuvant one showed 74% with (as you'd expect) overlapping confidence intervals. The first group had significantly higher antibody levels, though, and they're currently doing an additional year of follow-up to see how long the protection lasts and if these doses differentiate themselves. The antibody levels at the one-year mark in both groups were significantly higher than with the RTS,S vaccine, and in particular, antibodies against the repeat section in the middle of the circumsporozite protein seemed to correlate strongly with protection. No safety problems so far. The team is now planning a larger Phase III at five different African site, with varying seasonality and malaria loads.

"Salon reports amateur-hour mistakes in the attempted rollout of FRANK, a social media site envisioned by Mike Lindell of MyPillow," writes Slashdot reader Tom239. "A Drupal expert described the code as 'not even student work.'" From the report: Speaking to Salon on Thursday afternoon about Lindell's site, one "Acquia Certified Drupal Grand Master," who oversees a technology firm that employs numerous other "grandmasters," said that Lindell's site was set up for failure from its inception, noting that its developers -- whom Lindell compared to Navy SEALs -- had failed to carry out basic "Drupal 101" tasks. One coder who spoke to Salon in great detail explained the potential shortcomings of the pillow maven's program code and the patchy work done by his developer team. "Drupal can power high powerful websites, sites with lots of traffic," the expert said, adding that it isn't the right software to build a social media site with, since it's not designed to handle a large amount of user-generated content. "Lindell's website was basically trying to make soup for scratch for everybody," said the expert, who claimed more than 25 years of experience in the IT field.

"In my professional opinion, it will be extremely unlikely, if not impossible, for Lindell to accomplish his vision with Drupal and his own servers," the expert told Salon. "Despite how much I love it, Drupal simply isn't the right tool for the number of users with the features that he wants to provide. It would take a massive effort of 12 to 18 months to build out the needed hosting setup and application architecture, and this would come with an enormous degree of risk. The idea that he could do this in just a couple of months is patently absurd, and I think the results speak for themselves."

"When I was looking at the code, in the browser, they basically launched the site while it was still in development mode," one expert told Salon, citing the fact that developers had failed to check a box to aggregate files on the platform as the first red flag he ran across. "Their files were not aggregated, and by the way, that's a check box in Drupal -- you literally check a box and click save, My jaw dropped when I saw that. I was like, 'They did not try to launch this thing without aggregation turned on!'" The second major red flag another Drupal expert found was that Lindell's site was spitting out coded error messages to users, which leaves the platform vulnerable to attacks. "This is a shit show," the expert said, calling this an "obvious" issue that coders learn how to prevent in "Drupal 101."
Elsewhere it was reported that Lindell's supposed free-speech haven will not allow swearing, pornography, or the use of 'god's name in vain'.