"AWS has provided you with a cloud-optimized Linux distribution since 2010," notes the cloud service's blog. This week they announced the third generation of Amazon's Linux distro: 'Amazon Linux 2023'. Every generation of Amazon Linux distribution is secured, optimized for the cloud, and receives long-term AWS support.... Deploying your workloads on Amazon Linux 2023 gives you three major benefits: a high-security standard, a predictable lifecycle, and a consistent update experience.

Let's look at security first. Amazon Linux 2023 includes preconfigured security policies that make it easy for you to implement common industry guidelines. You can configure these policies at launch time or run time. For example, you can configure the system crypto policy to enforce system-wide usage of a specific set of cipher suites, TLS versions, or acceptable parameters in certificates and key exchanges. Also, the Linux kernel has many hardening features enabled by default....

When looking for a base to serve as a starting point for Amazon Linux 2023, Fedora was the best choice. We found that Fedora's core tenets (Freedom, Friends, Features, First) resonate well with our vision for Amazon Linux. However, Amazon Linux focuses on a long-term, stable OS for the cloud, which is a notably different release cycle and lifecycle than Fedora. Amazon Linux 2023 provides updated versions of open-source software, a larger variety of packages, and frequent releases.

Amazon Linux 2023 isn't directly comparable to any specific Fedora release. The Amazon Linux 2023 GA version includes components from Fedora 34, 35, and 36. Some of the components are the same as the components in Fedora, and some are modified. Other components more closely resemble the components in CentOS Stream 9 or were developed independently. The Amazon Linux kernel, on its side, is sourced from the long-term support options that are on kernel.org, chosen independently from the kernel provided by Fedora.

Like every good citizen in the open-source community, we give back and contribute our changes to upstream distributions and sources for the benefit of the entire community. Amazon Linux 2023 itself is open source.
Their announcement notes that Amazon Linux is the most used Linux distribution on AWS, with hundreds of thousands of their customers already using Amazon Linux 2.

BGR reports: Elon Musk seems to be close to making good on his promise to open-source Twitter's code. Well, at least part of it.

In a post on the social media platform, the Twitter CEO announced that the company will open-source the code used to recommend tweets on March 31. Musk did not provide any other details about how that will work or specifically when on that date the code will be provided.

Musk has been teasing and promising open-sourcing Twitter's code for a while now, so it'll be interesting to see what the impact is...

"The World Health Organization on Friday called on China to release new data linking the Covid pandemic's origins to animal samples at Wuhan Market after the country recently took down the research," reports CNBC.

The existence of the new data was revealed by the Atlantic earlier this week, in an article reporting that the newly-discovered samples showed the virus was present in creatures for sale there near the very beginning of the pandemic: A new analysis of genetic sequences collected from the market shows that raccoon dogs being illegally sold at the venue could have been carrying and possibly shedding the virus at the end of 2019. It's some of the strongest support yet, experts told me, that the pandemic began when SARS-CoV-2 hopped from animals into humans, rather than in an accident among scientists experimenting with viruses....

The genetic sequences were pulled out of swabs taken in and near market stalls around the pandemic's start. They represent the first bits of raw data that researchers outside of China's academic institutions and their direct collaborators have had access to. A few weeks ago, the data appeared on an open-access genomic database called GISAID, after being quietly posted by researchers affiliated with the country's Center for Disease Control and Prevention. By almost pure happenstance, scientists in Europe, North America, and Australia spotted the sequences, downloaded them, and began an analysis.

The samples were already known to be positive for the coronavirus, and had been scrutinized before by the same group of Chinese researchers who uploaded the data to GISAID. But that prior analysis, released as a preprint publication in February 2022, asserted that "no animal host of SARS-CoV-2 can be deduced...." The new analysis, led by Kristian Andersen, Edward Holmes, and Michael Worobey — three prominent researchers who have been looking into the virus's roots — shows that that may not be the case. Within about half a day of downloading the data from GISAID, the trio and their collaborators discovered that several market samples that tested positive for SARS-CoV-2 were also coming back chock-full of animal genetic material — much of which was a match for the common raccoon dog. Because of how the samples were gathered, and because viruses can't persist by themselves in the environment, the scientists think that their findings could indicate the presence of a coronavirus-infected raccoon dog in the spots where the swabs were taken....

The new analysis builds on extensive previous research that points to the market as the source of the earliest major outbreak of SARS-CoV-2: Many of the earliest known COVID-19 cases of the pandemic were clustered roughly in the market's vicinity. And the virus's genetic material was found in many samples swabbed from carts and animal-processing equipment at the venue, as well as parts of nearby infrastructure, such as storehouses, sewage wells, and water drains. Raccoon dogs, creatures commonly bred for sale in China, are also already known to be one of many mammal species that can easily catch and spread the coronavirus. All of this left one main hole in the puzzle to fill: clear-cut evidence that raccoon dogs and the virus were in the exact same spot at the market, close enough that the creatures might have been infected and, possibly, infectious.

That's what the new analysis provides. Think of it as finding the DNA of an investigation's main suspect at the scene of the crime.
The article also notes that the genetic sequences "also vanished from the database shortly after the international team of researchers notified the Chinese researchers of their preliminary findings, without explanation." And it adds that all along China has "vehemently" fought the theory that Covid-19 originated from live animals being sold at Wuhan market. Although "in June 2021, a team of researchers published a study documenting tens of thousands of mammals for sale in wet markets in Wuhan between 2017 and late 2019, including at Huanan."

"The animals were kept in largely illegal, cramped, and unhygienic settings — conditions conducive to viral transmission — and among them were more than 1,000 raccoon dogs." And there's even photos of raccoon dogs for sale at the market in December of 2019.


More coverage of the newly-discovered data is now appearing in numerous news outlets, including the New York Times, NBC News, ABC News, the Guardian, PBS, and Science.

An anonymous reader quotes a report from Bloomberg: Federal agents have arrested a Peekskill, New York, man they say ran the notorious dark web data-breach site "BreachForums" under the name "Pompompurin." Conor Brian Fitzpatrick was arrested by a team of investigators at his home around 4:30 p.m. Wednesday, an FBI agent said in a sworn statement filed in court the next day. Fitzpatrick is charged with a single count of conspiracy to commit access device fraud.

BreachForums hosted the stolen databases of almost 1,000 companies and websites. The databases often includes personal information, such as names, emails and passwords. The information is offered for sale by users of the site and can be used for fraud. Pompompurin's profile on BreachForums describes him as "Bossman" and pictures the Sanrio Co. cartoon dog whose name he used as an online alias. The profile shows Fitzpatrick's most recent visit to the site was Wednesday at 3:53 p.m., shortly before his arrest. The FBI agent, who led the other agents in the arrest, said Fitzpatrick admitted he had used the alias "Pompompurin" and was the owner and operator of BreachForums.

In November 2021, Pompompurin claimed responsibility for sending out fake emails that originated from an "fbi.gov" email address. Pompompurin claimed responsibility for the breach in an interview with Brian Krebs. Details of the charges, filed in federal court in Alexandria, Virginia, have not been made public. A spokeswoman for the US Attorney in Alexandria didn't return phone and email messages seeking comment. Fitzpatrick was presented in federal court in White Plains, New York, and released on a $300,000 unsecured bond, signed by his parents. Fitzpatrick is required to avoid any contact with co-defendant, co-conspirators and witnesses in the case. He's due to appear in court in Alexandria on March 24.

The Brazilian government is studying whether to regulate Internet platforms with content that earns revenue such as advertising, its secretary for digital policies, Joao Brant, said on Friday. Reuters reports: The idea would be for a regulator to hold such platforms, not consumers, accountable for monetized content, Brant told Reuters. Another goal is "to prevent the networks from being used for the dissemination and promotion of crimes and illegal content" especially after the riots by supporters of former far-right President JairBolsonaro in Brasilia in January, fueled by misinformation about the election he lost in October.

Brant said President Luiz Inacio Lula da Silva's government also intends to make companies responsible for stopping misinformation, hate speech and other crimes on their social media platforms. Platforms would not be held responsible for content individually, but for how diligent they are in protecting the "digital environment," he said in an interview. Brant did not detail what the regulatory body would look like, but said the government wants to regulate monetized content and prevent the platforms from spreading misinformation.

The UK Space Agency said Friday it would back research by Rolls-Royce looking at the use of nuclear power on the moon. CNBC reports: In a statement, the government agency said researchers from Rolls-Royce had been working on a Micro-Reactor program "to develop technology that will provide power needed for humans to live and work on the Moon." The UKSA will now provide [around $3.52 million] of funding for the project, which it said would "deliver an initial demonstration of a UK lunar modular nuclear reactor."

Rolls-Royce is set to work with a range of organizations on the project, including the University of Sheffield's Advanced Manufacturing Research Centre and Nuclear AMRC, and the University of Oxford. "Developing space nuclear power offers a unique chance to support innovative technologies and grow our nuclear, science and space engineering skills base," Paul Bate, chief executive of the UK Space Agency, said. Bate added that Rolls-Royce's research "could lay the groundwork for powering continuous human presence on the Moon, while enhancing the wider UK space sector, creating jobs and generating further investment." According to the UKSA, Rolls-Royce [...] is aiming "to have a reactor ready to send to the Moon by 2029."

An anonymous reader quotes a report from Reuters: The geology of Brazil's volcanic Trindade Island has fascinated scientists for years, but the discovery of rocks made from plastic debris in this remote turtle refuge is sparking alarm. Melted plastic has become intertwined with rocks on the island, located 1,140 km (708 miles) from the southeastern state of Espirito Santo, which researchers say is evidence of humans' growing influence over the earth's geological cycles. "This is new and terrifying at the same time, because pollution has reached geology," said Fernanda Avelar Santos, a geologist at the Federal University of Parana.

Santos and her team ran chemical tests to find out what kind of plastics are in the rocks called "plastiglomerates" because they are made of a mixture of sedimentary granules and other debris held together by plastic. "We identified (the pollution) mainly comes from fishing nets, which is very common debris on Trinidade Island's beaches," Santos said. "The (nets) are dragged by the marine currents and accumulate on the beach. When the temperature rises, this plastic melts and becomes embedded with the beach's natural material."

The discovery stirs questions about humans' legacy on the earth, says Santos. "We talk so much about the Anthropocene, and this is it," Santos said, referring to a proposed geological epoch defined by humans' impact on the planet's geology and ecosystems. "The pollution, the garbage in the sea and the plastic dumped incorrectly in the oceans is becoming geological material ... preserved in the earth's geological records."

Microsoft appears to be testing a built-in cryptocurrency wallet for Edge, according to screenshots pulled from a beta build of the browser. Ars Technica reports: The feature, which the screenshots say is strictly for internal testing, was unearthed by Twitter user @thebookisclosed, who has a history of digging up present-but-disabled features in everything from new Windows 11 builds to ancient Windows Vista betas. According to the screenshots, the crypto wallet is "embedded in Edge, making it easy to use without installing any extension," and it can handle multiple types of cryptocurrency. It will also record transactions and the value of your individual currencies as they fluctuate. An "explore" tab offers news stories relevant to cryptocurrency, and an "assets" tab will let you stare lovingly at your NFTs. The wallet is "non-custodial" (also called "self-custodial"), meaning that you have sole ownership of and responsibility for the passwords and recovery keys that allow access to your funds. Microsoft won't be able to let you back in if you lose your credentials.

The open-source, cross-platform Godot Engine has arrived in the Epic Games store. "Starting today, you can choose to use EGS to download the engine and keep it up to date with every release," writes the company in a blog post. From the release: Epic Games is a long-time supporter of Godot, and thanks to their contributions we have been able to improve our rendering pipeline as well as our built-in scripting language, GDScript -- the fruits of that work are now visible in the newly released Godot 4.0!

The Godot build you can download from EGS is the exact same open source release as on other platforms. Being present on more storefronts opens a new convenient avenue for more users to find the engine and begin their game development journey. You can of course still download Godot Engine from other platforms, or clone its source code from the Git repository and build it yourself. And if you do, you are more than welcome to contribute to Godot's development too!

A voiceprint program used by millions of Australians to access data held by government agencies can be fooled by an AI-generated voice, reports the Guardian. From the report: Centrelink and the Australian Taxation Office (ATO) both give people the option of using a "voiceprint", along with other information, to verify their identity over the phone, allowing them to then access sensitive information from their accounts. Using just four minutes of audio, a Guardian Australia journalist was able to generate a clone of their own voice and was then able to use this, combined with their customer reference number, to gain access to their own Centrelink self-service account.

Anyone trying to use voiceprint also needs to know the account-holder's customer reference number, which is not normally publicly available, but the number is not treated as securely as a password and is included in correspondence from Centrelink and other service providers, such as childcare centers. The self-service phone system allows people to access sensitive material such as information on their payment of benefits and to request documents to be sent by mail, including replacement concession or healthcare cards. Services Australia declined to say if the voiceprint technology would be changed or removed from Centrelink.

An anonymous reader quotes a report from The Register: A cancer patient whose nude medical photos and records were posted online after they were stolen by a ransomware gang, has sued her healthcare provider for allowing the "preventable" and "seriously damaging" leak. The proposed class-action lawsuit stems from a February intrusion during which malware crew BlackCat (also known as ALPHV) broke into one of the Lehigh Valley Health Network (LVHN) physician's networks, stole images of patients undergoing radiation oncology treatment along with other sensitive health records belonging to more than 75,000 people, and then demanded a ransom payment to decrypt the files and prevent it from posting the health data online. The Pennsylvania health care group, one of the largest in the US state, oversees 13 hospitals, 28 health centers, and dozens of other physicians' clinics, pharmacies, rehab centers, imaging and lab services. LVHN refused to pay the ransom, and earlier this month BlackCat started leaking patient info, including images of at least two breast cancer patients, naked from the waist up.

According to the lawsuit [PDF] filed this week, here's how one of the patients, identified as "Jane Doe" found out about the data breach -- and that LVHN had stored nude images of her on its network in the first place. On March 6, LVHN VP of Compliance Mary Ann LaRock, called Doe and told her that her nude photos had been posted on the hackers' leak site. "Ms. LaRock offered plaintiff an apology, and with a chuckle, two years of credit monitoring," the court documents say. In addition to swiping the very sensitive photos, the crooks also made off with everything needed for identity fraud.

According to the lawsuit, LaRock also told Doe that her physical and email addresses, along with date of birth, social security number, health insurance provider, medical diagnosis and treatment information, and lab results were also likely stolen in the breach. "Given that LVHN is and was storing the sensitive information of plaintiff and the class, including nude photographs of plaintiff receiving sensitive cancer treatment, LVHN knew or should have known of the serious risk and harm that could occur from a data breach," the lawsuit says. It claims LVHN was negligent in its duty to safeguard patients' sensitive information, and seeks class action status for everyone whose data was exposed with monetary damages to be determined. Pennsylvania attorney Patrick Howard, who is representing Doe and the rest of the plaintiffs in the proposed class action, said he expects the number of patients affected by the breach to be in the "hundreds, if not thousands."

TomTom, the Dutch navigation software company most known for its GPS navigation systems, announced that it's support the OpenStreetMap Foundation (OSMF) as a Platinum Member. It's a U-turn for the company, which launched an article in 2012 on what they called the "negative aspects" of open data projects such as OpenStreetMap. From the press release: Last year, the geolocation company explained the instrumental role that OpenStreetMap (OSM) data is playing in its efforts to build the smartest map on the planet via the TomTom Maps Platform. Its latest move further affirms the company's commitment to the global OSM project. TomTom is contributing 20,000 euros to the OSMF as the first corporate OSM member to join the foundation at the Platinum level.

The OSMF is a not-for-profit organization that supports the OSM project in various ways, such as by running the OSM infrastructure and raising funds, as well as communicating with OSM working groups. With this annual contribution to the foundation, TomTom is providing direct financial support to OSM's operations and infrastructure, including hardware, cloud costs and engineering hours.

An anonymous reader quotes a report from Ars Technica: A public pool in the UK is expected to save [about $24,000] and cut carbon emissions by 25.8 tons annually by warming a 25-meter children's pool with waste heat from a data center from startup Deep Green. UK-based Deep Green is a newcomer in the data-center heat game and is making its entrance notable by putting a monetary figure on potential savings, which are fueled by the heat's low, low rate of free. Deep Green's paying customers are machine-learning and AI firms seeking computing resources. As reported by Datacenter Dynamics on Tuesday, clients can leverage Deep Green's 28 kW system with high-performance computing (HPC) capabilities. The HPC cluster at the Exmouth Leisure Centre swimming pool has 12 four-CPU cards and could eventually be used for cloud services and video rendering, Deep Green CEO Mark Bjornsgaard told the publication. According to the BBC , the server is about the size of a washing machine.

The computers are submerged in mineral oil that captures heat that gets transferred into pool water with a heat exchanger. The pool still has a gas boiler to boost the water's temperature if required. Deep Green claims it's transferring about 96 percent of the energy used by its computers and reducing a pool's gas heat usage by 62 percent. Deep Green is paying the Exmouth Leisure Centre for all the electricity its data center uses, as well as any setup costs, and the Exmouth Leisure Centre gets the heat for free.

Deep Green CTO Mat Craggs told Datacenter Dynamics: "Our expected heat transfer from the kit is 139,284 kWh a year, equivalent to 62 percent of the pool's heat needs." He noted that adding more servers to the tub could extend the figure to 70 or 80 percent. Deep Green's data center can heat the Exmouth Leisure Centre's 25 meter pool to 86 degrees Fahrenheit for about 60 percent of the time, BBC reported. The startup has plans to set up data centers in seven more UK locations and has a 2023 target of 20 locations.

The influential social media app TikTok is flooding the nation's capital with influencers next week as part of an 11th hour lobbying blitz to stave off the forced sale of the company. From a report: The efforts come as the Biden administration urges TikTok's Chinese owners to sell the app to a new owner or face a potential ban in the United States. The Committee on Foreign Investment in the United States, the interagency board that issued the call, has spent years reviewing the potential national security risks posed by TikTok, and the Chinese company that owns it: ByteDance.

Dozens of TikTok creators will descend on Washington for three days next week, according to a person familiar with the plans, who revealed details on condition of anonymity. The creators will hold a press conference on Wednesday on Capitol Hill, the person added. Another person familiar with the plans noted that TikTok was paying for the cost of sending influencers to D.C. It was not clear which influencers would be making the trip.