An anonymous reader quotes a report from Wired: One of the world's most peculiar test beds stretches above Princeton, New Jersey. It's a fiber optic cable strung between three utility poles that then runs underground before feeding into an "interrogator." This device fires a laser through the cable and analyzes the light that bounces back. It can pick up tiny perturbations in that light caused by seismic activity or even loud sounds, like from a passing ambulance. It's a newfangled technique known as distributed acoustic sensing, or DAS. Because DAS can track seismicity, other scientists are increasingly using it to monitor earthquakes and volcanic activity. (A buried system is so sensitive, in fact, that it can detect people walking and driving above.) But the scientists in Princeton just stumbled upon a rather noisier use of the technology.

In the spring of 2021, Sarper Ozharar -- a physicist at NEC Laboratories, which operates the Princeton test bed -- noticed a strange signal in the DAS data. "We realized there were some weird things happening," says Ozharar. "Something that shouldn't be there. There was a distinct frequency buzzing everywhere." The team suspected the "something" wasn't a rumbling volcano -- not inNew Jersey -- but the cacophony of the giant swarm of cicadas that had just emerged from underground, a population known as Brood X. A colleague suggested reaching out to Jessica Ware, an entomologist and cicada expert at the American Museum of Natural History, to confirm it. "I had been observing the cicadas and had gone around Princeton because we were collecting them for biological samples," says Ware. "So when Sarper and the team showed that you could actually hear the volume of the cicadas, and it kind of matched their patterns, I was really excited."

Add insects to the quickly growing list of things DAS can spy on. Thanks to some specialized anatomy, cicadas are the loudest insects on the planet, but all sorts of other six-legged species make a lot of noise, like crickets and grasshoppers. With fiber optic cables, entomologists might have stumbled upon a powerful new way to cheaply and constantly listen in on species -- from afar. "Part of the challenge that we face in a time when there's insect decline is that we still need to collect data about what population sizes are, and what insects are where," says Ware. "Once we are able to familiarize ourselves with what's possible with this type of remote sensing, I think we can be really creative."

James Hunt reports via The Block: A group of FTX U.S.-based employees stumbled across a backdoor for its affiliated trading firm Alameda Research months before the crypto exchange collapsed in Nov. 2022, the Wall Street Journal reported, citing people familiar with the matter. The backdoor allowed Alameda to have a negative balance of up to $65 billion using customer funds, according to previous court filings revealing code buried in FTX's systems. Negative balances were not possible for other FTX users, who would be automatically liquidated if they fell into the red.

The employees reportedly alerted their division boss to the discovery, who discussed it with former FTX CEO Sam Bankman Fried's lieutenant Nishad Singh, but the issue was never resolved. Instead, the leader of the team who raised the concern was sacked, the WSJ said. [...] The backdoor forms a key part of the prosecution's case in Bankman-Fried's trial. Bankman-Fried faces multiple fraud charges and could serve decades in prison. He pleaded not guilty to all charges.

Twenty years ago, a group of friends shot a Matrix fan film on a limited budget. Sharing their creation with the rest of the word initially appeared to be too expensive, but then they discovered a new technology called BitTorrent. Fast forward two decades and their "Fanimatrix" release is the oldest active torrent that's still widely shared today. Ernesto Van der Sar writes via TorreantFreak: The oldest surviving torrent we have seen is a copy of the Matrix fan film "The Fanimatrix." The torrent was created in September 2003 and will turn 20 years old in a few days. A truly remarkable achievement. The film was shot by a group of New Zealand friends. With a limited budget of just $800, nearly half of which was spent on a leather jacket, they managed to complete the project in nine days. While shooting the film was possible with these financial constraints, finding a distribution channel proved to be a major hurdle. Free video-sharing services didn't exist yet and server bandwidth was still very costly. Technically the team could host their own server, but that would cost thousands of dollars, which wasn't an option. Luckily, however, the group's IT guy, Sebastian Kai Frost, went looking for alternatives.

Frost had a bit part in the film and did some other work as well, but the true breakthrough came when he stumbled upon a new technology called BitTorrent. This appeared to be exactly what they were looking for. "It looked promising because it scaled such that the more popular the file became, the more the bandwidth load was shared. It seemed like the perfect solution," Frost told us earlier. After convincing the crew that BitTorrent was the right choice, Frost created a torrent on September 28, 2003. He also compiled a tracker on his own Linux box and made sure everything was running correctly. Today, more than twenty years have passed and the torrent is still up and running with more than a hundred seeders. As far as we know, it's the oldest active torrent on the Internet, one that deserves to be in the history books. "I never expected to become the world's oldest torrent but now it's definitely become a thing I'd love to keep carrying on. So I'll be keeping this active as long as I physically can," Frost tells TorrentFreak. "It's really heartening seeing the community pull together around this torrent, despite its usually low transfer count, and work together to keep it alive and kicking. It warms my heart on the daily."

"We're super pumped that it's still going and that people still take an interest in it. Looking forward to the 25th and having something special to share with the world," Frost concludes.

An anonymous reader quotes a report from The Verge: On the outskirts of the small town of Folschviller in eastern France stand three nondescript sheds. One of these temporary structures has recently become a hive of activity due to a continuous stream of visitors, including scientists, journalists, and the public. The shed sits above a borehole first drilled in 2006 and houses a gas measurement system called SysMoG, which was originally developed to determine the underground methane concentration. While the device did detect almost pure methane (99 percent) at a depth of 650 meters, probing further down, the borehole resulted in an unexpected and surprising discovery: hydrogen in high concentration. "At 1,100 meters, the concentration of dissolved hydrogen is 14 percent. At 3,000 meters, the estimated concentration could be as high as 90 percent," Jacques Pironon, director of research at GeoRessources lab at the University de Lorraine, said. Based on the estimates of methane resources and the concentration of hydrogen detected so far, scientists have conjectured that the Lorraine region in eastern France, of which Folschviller is a part, could contain 46 million tons of white -- or naturally produced -- hydrogen. That would make it one of the world's largest known hydrogen deposits.

This remarkable discovery was not the objective of the project, called Regalor. Instead, it aimed to determine the feasibility of methane production in the Lorraine region and to record the presence of traces of other gases. "Our original research was related to the study of carboniferous sediments in northeast France. This was important as Lorraine was one of France's largest coal-producing regions," Pironon said. [...] Soon, the researchers will start taking measurements in three other boreholes at similar depths to understand if the hydrogen concentration remains high as you move laterally from the site of the original borehole. "If the concentration is similar, the next step, which is being discussed with the authorities, would be to drill a hole 3,000 meters deep to validate the evolution of the hydrogen concentration with depth," he said. The deeper borehole could also throw up another surprise. "Besides knowing the level of hydrogen concentration, we will also know if hydrogen is present in dissolved form or in gaseous state at these depths," Pironon said.

This study could also shed light on the source of this hydrogen. According to Pironon, there are two hypotheses, one of which is related to the presence of the mineral siderite. "Hydrogen could be produced by the reaction between water and siderite, which is made of iron carbonates. We consider that the siderite could be oxidized by water molecules to produce hydrogen. The oxygen then combines with iron to produce iron oxide." According to Pironon, the other hypothesis relates its presence to the chemical processes that form coal, which, along with the release of methane, can also produce hydrogen.

On August 30th a scientific paper discussed lithium in an extinct volcano in the western United States. But would it also increase supplies of a crucial battery-making ingredient?

"The mining industry is seldom that simple," argues Bloomberg's Energy Digest newsletter: The discovery of new deposits — be it the giant Simandou iron ore mine in Guinea or diamonds in Canada's Northwest Territories — rarely turns an industry on its head, and certainly not quickly. For lithium, that's likely to be especially true. Unlike cobalt and nickel, lithium isn't geologically scarce when it comes to economically viable deposits. And while there are short-term bottlenecks as the mining world reacts to a sudden spike in demand, few see long-term shortages. In fact, the supply outlook is so compelling that all but one of the biggest miners — Rio Tinto Group, which accidentally stumbled across a big deposit — decided it's not an industry they want to be in.

Instead, much of the focus is on processing and refining the element into a grade suitable for batteries. "The news is a reminder that lithium isn't rare, but producing battery-grade quantities at scale is the true challenge," said Chris Berry, president of House Mountain Partners, an industry consultant.

After growing "increasingly frustrated" with the Google Maps experience, Fast Company's Michael Grothaus has highlighted five main reasons the app has "become a cluttered, frustrating mess" -- and why he finds himself turning to Apple Maps more often. An anonymous Slashdot reader shares an excerpt from the report: ENOUGH WITH THE HOTEL AND BAR PINS: Whenever I'm in a major metropolitan area, Google Maps seems to have an obsession with displaying as many hotels, bars, and clubs on the map as it can. This happens even when I haven't searched for a single hotel or bar. And it happens not only when I'm on vacation in a new city, but when I'm in my home city. Google knows my home address. So, why on Earth does it default to showing me as many hotels as possible in the city where I live? The same is true of clubs and bars. I see pins for more dance clubs and bars in one small area shown on my smartphone's display than I've ever actually been to in my life. Google knows I'm middle-aged and get up early to work. When I'm just browsing the map, can it really think I might care about the nearest club where patrons normally don't leave until well past midnight? By displaying all these irrelevant hotels and bars, Google makes it much harder to browse and navigate the map, since frequently the pins' labels overlap or obscure more important elements, such as the shape and layout of streets.

TOO MANY ADS CLUTTER THE MAP: The square pins you see in Google Maps are ad pins. They represent a place of business (a hotel, spa, etc.) that is paying Google to make sure it's displayed on the map, despite the business's irrelevance to me. Again, ad pins for hotels dominate, but right behind them are ad pins for restaurants with small text underneath them imploring me to "Order Delivery with Uber Eats," which just further clutters the map. Google is, of course, first and foremost an advertising company. Data compiled by Oberlo showed that 78.2% of its Q1 2023 total revenue of $69.8 billion came from ads. But its enthusiasm for placing ads in every corner of Google Maps just makes it all the more cluttered and increasingly hard to read. And that's before we even get to

PHOTO PINS SIGNIFY WHAT, EXACTLY?: Google Maps identifies points of interest primarily by pin color and glyph: Hotels are represented by a pink pin with an image of a person sleeping in a bed, restaurants get an orange pin with a fork and knife, and so forth. Regular pins, denoting businesses or other points of interest, are reverse teardrop-shaped, while ad pins are square-shaped. But, since last year, there is also now a third form: the photo pin. As best as I can tell, a photo pin is a pin for a business, but instead of a typical category glyph, it shows a large photo ostensibly related to the establishment. These pins don't appear to signify that the business is notable in any way. (I mean, I'm sure I've seen photo pins for muffler repair shops -- not exactly a tourist attraction.) The photo pin might be the ultimate map monopolizer. It's bigger, and the photo, seemingly pulled from a business's Google Maps listing, doesn't always even represent the business well. One photo pin I came across, oddly, seemed to show a photo of the dumpsters behind a restaurant. This just adds to user confusion and more clutter. It isn't helping the business, either.

I HAVE NO INTEREST IN SOMEONE'S WORK-FROM-HOME BUSINESS: Another major contributor to Google Maps being an eyesore these days is a holdover from the pandemic when so many people were stuck working from home -- or decided to begin offering their services from home. It is not uncommon to be browsing a residential area on Google Maps and be faced with a sea of work-from-home business pins. The number of "consultant" businesses I've seen in residential areas on Google Maps has been shocking. The same goes for web designers, app programmers, and handymen -- all of whom operate out of their residential homes. These may all be legitimate businesses run by self-employed people, but why on earth does Google Maps surface their listings on maps if they never have a single client enter their doors and, more important, if I've not searched for a provider of any of these services? Clutter, clutter, clutter.

WHY WON'T YOU SHOW ME THE STREET NAME?: Finally, Google Maps seems more intent today on showing bars, restaurants, ads, and work-from-home businesses than useful map-related features. Sometimes it doesn't even show the most basic information anymore, including street names. Many times I just want to see the name of the street I'm standing on. So, I open Google Maps and zoom in on my current location. Yet no matter how far in I zoom in, Google Maps doesn't always apply a label to the street I'm standing on. It just remains blank. Of course, business pins I have no interest in are still prominently displayed. A workaround I've stumbled upon whenever this happens is to select a business pin on the next street over. When Google Maps centers on that, it for some reason will label the street I'm standing on. Among all the gripes on this list, I think this one is my biggest. If my ad-hoc workaround doesn't work, I often have to open Apple Maps just to look up the name of the street I'm on.

An anonymous reader quotes a report from Wired: The U.S. Department of Justice, Mandiant, and Microsoft stumbled upon the SolarWinds breach six months earlier than previously reported, WIRED has learned, but were unaware of the significance of what they had found. The breach, publicly announced in December 2020, involved Russian hackers compromising the software maker SolarWinds and inserting a backdoor into software served to about 18,000 of its customers. That tainted software went on to infect at least nine US federal agencies, among them the Department of Justice (DOJ), the Department of Defense, Department of Homeland Security, and the Treasury Department, as well as top tech and security firms including Microsoft, Mandiant, Intel, Cisco, and Palo Alto Networks. The hackers had been in these various networks for between four and nine months before the campaign was exposed by Mandiant.

WIRED can now confirm that the operation was actually discovered by the DOJ six months earlier, in late May 2020 -- but the scale and significance of the breach wasn't immediately apparent. Suspicions were triggered when the department detected unusual traffic emanating from one of its servers that was running a trial version of the Orion software suite made by SolarWinds, according to sources familiar with the incident. The software, used by system administrators to manage and configure networks, was communicating externally with an unfamiliar system on the internet. The DOJ asked the security firm Mandiant to help determine whether the server had been hacked. It also engaged Microsoft, though it's not clear why the software maker was also brought onto the investigation.

It's not known what division of the DOJ experienced the breach, but representatives from the Justice Management Division and the US Trustee Program participated in discussions about the incident. The Trustee Program oversees the administration of bankruptcy cases and private trustees. The Management Division advises DOJ managers on budget and personnel management, ethics, procurement, and security. Investigators suspected the hackers had breached the DOJ server directly, possibly by exploiting a vulnerability in the Orion software. They reached out to SolarWinds to assist with the inquiry, but the company's engineers were unable to find a vulnerability in their code. In July 2020, with the mystery still unresolved, communication between investigators and SolarWinds stopped. A month later, the DOJ purchased the Orion system, suggesting that the department was satisfied that there was no further threat posed by the Orion suite, the sources say. According to WIRED, the DOJ said it "notified the US Cybersecurity and Infrastructure Agency (CISA) about the breach at the time it occurred -- though a US National Security Agency spokesperson expressed frustration that the agency was not also notified."

"But in December 2020, when the public learned that a number of federal agencies were compromised in the SolarWinds campaign -- the DOJ among them -- neither the DOJ nor CISA revealed to the public that the operation had unknowingly been found months earlier. The DOJ initially said its chief information officer had discovered the breach on December 24."

Federal authorities are making arrests and seizing funds with the help of new tools to identify criminals through cryptocurrency transactions. From a report: James Zhong appeared to have pulled off the perfect crime. In December 2012, he stumbled upon a software bug while withdrawing money from his account on Silk Road, an online marketplace used to hide criminal dealings behind the seemingly bulletproof anonymity of blockchain transactions and the dark web. Mr. Zhong, a 22-year-old University of Georgia computer-science student at the time, used the site to buy cocaine. "I accidentally double-clicked the withdraw button and was shocked to discover that it resulted in allowing me to withdraw double the amount of bitcoin I had deposited," he later said in federal court. After the first fraudulent withdrawal, Mr. Zhong created new accounts and with a few hours of work stole 50,000 bitcoins worth around $600,000, court papers from federal prosecutors show.

Federal officials closed Silk Road a year later on criminal grounds and seized computers that held its transaction records. The records didn't reveal Mr. Zhong's caper at first. Authorities hadn't yet mastered how to track people and groups hidden behind blockchain wallet addresses, the series of letters and numbers used to anonymously send and receive cryptocurrency. One elemental feature of the system was the privacy it gave users. Mr. Zhong moved the stolen bitcoins from one account to another for eight years to cover his tracks. By late 2021, the red-hot crypto market had raised the value of his trove to $3.4 billion. In November 2021, federal agents surprised Mr. Zhong with a search warrant and found the digital keys to his crypto fortune hidden in a basement floor safe and a popcorn tin in the bathroom. Mr. Zhong, who pleaded guilty to wire fraud, is scheduled to be sentenced Friday in New York federal court, where prosecutors are seeking a prison sentence of less than two years.

Mr. Zhong's case is one of the highest-profile examples of how federal authorities have pierced the veil of blockchain transactions. Private and government investigators can now identify wallet addresses associated with terrorists, drug traffickers, money launderers and cybercriminals, all of which were supposed to be anonymous. Law-enforcement agencies, working with cryptocurrency exchanges and blockchain-analytics companies, have compiled data gleaned from earlier investigations, including the Silk Road case, to map the flow of cryptocurrency transactions across criminal networks worldwide. In the past two years, the U.S. has seized more than $10 billion worth of digital currency through successful prosecutions, according to the Internal Revenue Service -- in essence, by following the money. Instead of subpoenas to banks or other financial institutions, investigators can look to the blockchain for an instant snapshot of the money trail.

In every copy of macOS that has shipped since 2018, Apple has included the original Bitcoin whitepaper by Satoshi Nakamoto, and no-one seems to know why. From a report: The baffling discovery (or rediscovery - see below) was recently made by developer and waxy.org writer Andy Baio, who stumbled upon the PDF document while trying to fix a problem with his printer. Anyone with a Mac running macOS Mojave or later can see the PDF for themselves by typing the following command into Terminal:

open /System/Library/Image\ Capture/Devices/VirtualScanner.app/Contents/Resources/simpledoc.pdf

If you're running macOS 10.14 or later, the 184 KB Bitcoin PDF should immediately open in Preview. The document can also be located via Finder: Navigate to Macintosh HD -> System -> Library -> Image Capture -> Devices, then open the Contents -> Resources folder. The whitepaper titled "simpledoc.pdf" should be in there.

An anonymous reader quotes a report from Phys.Org: Like electronics or photonics, magnonics is an engineering subfield that aims to advance information technologies when it comes to speed, device architecture, and energy consumption. A magnon corresponds to the specific amount of energy required to change the magnetization of a material via a collective excitation called a spin wave. Because they interact with magnetic fields, magnons can be used to encode and transport data without electron flows, which involve energy loss through heating (known as Joule heating) of the conductor used. As Dirk Grundler, head of the Lab of Nanoscale Magnetic Materials and Magnonics (LMGN) in the School of Engineering explains, energy losses are an increasingly serious barrier to electronics as data speeds and storage demands soar. "With the advent of AI, the use of computing technology has increased so much that energy consumption threatens its development," Grundler says. "A major issue is traditional computing architecture, which separates processors and memory. The signal conversions involved in moving data between different components slow down computation and waste energy."

This inefficiency, known as the memory wall or Von Neumann bottleneck, has had researchers searching for new computing architectures that can better support the demands of big data. And now, Grundler believes his lab might have stumbled on such a "holy grail". While doing other experiments on a commercial wafer of the ferrimagnetic insulator yttrium iron garnet (YIG) with nanomagnetic strips on its surface, LMGN Ph.D. student Korbinian Baumgaertl was inspired to develop precisely engineered YIG-nanomagnet devices. With the Center of MicroNanoTechnology's support, Baumgaertl was able to excite spin waves in the YIG at specific gigahertz frequencies using radiofrequency signals, and -- crucially -- to reverse the magnetization of the surface nanomagnets. "The two possible orientations of these nanomagnets represent magnetic states 0 and 1, which allows digital information to be encoded and stored," Grundler explains.

The scientists made their discovery using a conventional vector network analyzer, which sent a spin wave through the YIG-nanomagnet device. Nanomagnet reversal happened only when the spin wave hit a certain amplitude, and could then be used to write and read data. "We can now show that the same waves we use for data processing can be used to switch the magnetic nanostructures so that we also have nonvolatile magnetic storage within the very same system," Grundler explains, adding that "nonvolatile" refers to the stable storage of data over long time periods without additional energy consumption. It's this ability to process and store data in the same place that gives the technique its potential to change the current computing architecture paradigm by putting an end to the energy-inefficient separation of processors and memory storage, and achieving what is known as in-memory computation. The research has been published in the journal Nature Communications.

An anonymous reader quotes a report from Gizmodo: A team of engineers studying the 500-year-old, backward writings of Leonardo da Vinci have found evidence that the Italian polymath was working out gravity a century before its foundations were established by Galileo Galilei. The team's findings come from a revisit of the Codex Arundel, a compilation of documents written by da Vinci that detail various experiments and personal notes taken down in the latter 40 years of his life. The codex is freely accessible online courtesy of the British Museum. The team's research is published in the MIT Press journal Leonardo. Mory Gharib, an engineer at Caltech, said he stumbled across the writings in 2017 when looking for some of da Vinci's work on flow in hearts. Though the codex was written over a long span of da Vinci's later years, Gharib suspects the gravitational musings were written sometime in the last 15-or-so years of his life. Gharib recruited co-author Flavio Noca, a researcher at the University of Applied Sciences and Arts Western Switzerland, to translate the Italian's backward writing on the subject.

Da Vinci understood some fundamentals of objects in motion. He wanted to make an experiment testing how the motion of a cloud would correspond to the hail it produced, if the cloud's velocity and any changes to it corresponded with the falling hail's velocity. In lieu of control of the weather, da Vinci substituted a pitcher for the cloud and sand or water for the hail. Reliable clocks weren't available until about 140 years after da Vinci's death in 1519, the researchers note, so the inventor was forced to substitute the constant of time with space: by assuming that the time it took each water/sand particle to fall from the pitcher was constant, he just kept the pitcher at the same height throughout the tests. Da Vinci's sketch shows the positions of the falling material over the course of its trajectory toward the ground. By drawing a line through the position of the material at each instance in time, da Vinci realized that a triangle could be formed, with the drawn line being the hypotenuse. By changing the acceleration of the pitcher over the course of the experiment, one would change the shape of the triangle. Leonardo knew that the falling material would accelerate and that the acceleration is downward. What he wasn't wholly certain on -- hence the experiment -- was the relationship between the falling material's acceleration and the pitcher's acceleration.

In one particular case, when the pitcher's motion was accelerated to the same rate as the falling material being affected by gravity, an equilateral triangle was formed. Literally, as Da Vinci noted, an "Equatione di Moti" or an "equalization of motions." The researchers modeled da Vinci's experiment and found that the polymath was wrong in his understanding of the relationship between the falling object and time. "What we saw is that Leonardo wrestled with this, but he modeled it as the falling object's distance was proportional to 2 to the t power [with t representing time] instead proportional to t squared," said Chris Roh, a researcher at Cornell University and a co-author of the researcher, in a Caltech release. "It's wrong, but we later found out that he used this sort of wrong equation in the correct way." The team interpreted tick marks on da Vinci's sketches as data points the polymath made based on his eyeballing of the experiment in action. In lieu of a timepiece, da Vinci found the gravitational constant to nearly 98% accuracy.

Aaron Gordon writes via Motherboard: This past June, Stockholm introduced a new shared bicycle service to replace Stockholm City Bikes, which operated from 2006 until 2018. Since that service shut down, the city was one of many around the world swamped by shared e-scooters that littered sidewalks and streets. As a result, the city wanted to reboot a bikeshare program with a more modern approach without succumbing to the trappings of the dockless scooter and bike craze. The new service, Stockholm eBikes, started relatively small, with just over a thousand bikes this past summer, but will grow to more than 5,000 for this coming summer. However, this is not just another bikeshare program. First, all of the bikes are electric. And second, it is ridiculously, ludicrously, almost impossibly cheap to use.

The first time I stumbled on the Stockholm eBikes website and did a currency conversion, I figured there must be some mistake. The website says a 24-hour plan "just to unlock a bike and enjoy Stockholm eBikes for 24 hours" costs 11 Krona, or 98 cents at current conversion rates. A 7-day plan is 26 Krona ($2.32). A 30-day plan is 35 Krona ($3.12). And a whole year of unlimited 90-minute e-bike rides costs a measly 157 Krona, or just about $14. If you want to ride more than 90 minutes in one trip, you will be charged an extra 11 Krona (about $1) per extra hour. This is not simply cheap by e-bike rental standards. It is several orders of magnitude cheaper. And it is a story with global implications for the bikeshare industry and urban transportation in general. Because bikeshare systems have entered a paradox. The invention and proliferation of e-bikes have the potential to make bikeshare systems even more useful thanks to the effortless pedaling including on hills and higher speeds. But virtually every system has surcharges to ride an e-bike, making it expensive to use over time. "It's a truly unique system," [said Daniel Mohlin, Nordics Regional Manager for Inurba Mobility, the company that won the seven-year contract for the new bikeshare program]. "Both in terms of the technology and the setup and the pricing in combination with it." So I asked Mohlin the obvious question: How can Stockholm offer essentially the same product and service for so much less than basically every other city? The obvious assumption would be that, unlike most every bikeshare system in the world which is expected to break even without public subsidies in contrast to traditional public transportation like buses and subways, the government is helping to foot the bill of Stockholm eBikes. [...] But Mohlin said that isn't the case in Stockholm. The city isn't giving Inurba any money.

Mohlin says they plan to run a profitable bikeshare system by doing one thing most other systems do and another thing he says is too often missing. The first thing, the one that everyone does, is advertising. Inurba will be selling advertisements on the bikes and on 350 advertising locations near where the bikes are parked. But the brand will remain Stockholm eBikes. [...] Advertising will only get them so far. The entire bikeshare system, Mohlin said, has been designed to be as efficient and cost-effective as possible. And this, he says, is the biggest difference between Stockholm's system and the ones other cities offer. [...] Inurba adopted a hybrid solution that some e-scooter companies have piloted in a few cities. Instead of traditional docks, there are virtual stations, painted lines on the ground with a sign post. Users lock and unlock the bikes via an app. Locking the bikes requires being within one of the station's geofenced zones. These virtual stations not only save Inurba lots of money not having to outfit and maintain physical docks, but it also provides operational flexibility. Because there is some wiggle room in the geofence by nature of GPS's imprecision, the stations can "swallow a lot more bikes" than traditional docks, as Mohlin put it. This helps avoid the always-empty-or-always-full phenomenon many docked bikeshare systems struggle with.

Mohlin also talked up Inurba's IT infrastructure that helps them learn which stations tend to get full at what time of day and which tend to get empty. He says this enables them to be more efficient with bike-balancing efforts, that it's "basically, do the right task in the right order at the right time." Another smaller money-saver is the company uses cargo e-bikes to go around swapping out batteries, which has to happen about once every three days per bike on average. This means battery swappers aren't stuck in traffic driving a van and can swap out more batteries per worker. So far, the model appears to be working. "55,000 active users took almost 450,000 trips, averaging six per day per bike, which is generally considered high for a bikeshare system," writes Gordon. "Plus, the average trip was almost 40 minutes, much higher than most bikeshare schemes with mechanical bikes, including Helsinki where Inurba also operates the bikeshare system where the average trip is between 12 and 16 minutes."

"We're really looking forward for next year when we can get the full system in operation," Mohlin said. "But I'm confident this is a really unique system that is going to have an impact."

An anonymous reader writes: Posing as a scholar, a Chinese woman spent years writing alternative accounts of medieval Russian history on Chinese Wikipedia, conjuring imaginary states, battles, and aristocrats in one of the largest hoaxes on the open-source platform. The scam was exposed last month by Chinese novelist Yifan, who was researching for a book when he came upon an article on the Kashin silver mine. Discovered by Russian peasants in 1344, the Wikipedia entry goes, the mine engaged more than 40,000 slaves and freedmen, providing a remarkable source of wealth for the Russian principality of Tver in the 14th and 15th centuries as well as subsequent regimes. The geological composition of the soil, the structure of the mine, and even the refining process were fleshed out in detail in the entry.

Yifan thought he'd found interesting material for a novel. Little did he know he'd stumbled upon an entire fictitious world constructed by a user known as Zhemao. It was one of 206 articles she has written on Chinese Wikipedia since 2019, weaving facts into fiction in an elaborate scheme that went uncaught for years and tested the limits of crowdsourced platforms' ability to verify information and fend off bad actors. "The content she wrote is of high quality and the entries were interconnected, creating a system that can exist on its own," veteran Chinese Wikipedian John Yip told VICE World News. "Zhemao single-handedly invented a new way to undermine Wikipedia."

Yifan was tipped off when he ran the silver mine story by Russian speakers and fact-checked Zhemao's references, only to find that the pages or versions of the books she cited did not exist. People he consulted also called out her lengthy entries on ancient conflicts between Slavic states, which could not be found in Russian historical records. "They were so rich in details they put English and Russian Wikipedia to shame," Yifan wrote on Zhihu, a Chinese site similar to Quora, where he shared his discovery last month and caused a stir. The scale of the scam came to light after a group of volunteer editors and other Wikipedians, such as Yip, combed through her past contributions to nearly 300 articles. "As a punishment, Zhemao and her affiliated accounts were suspended permanently," adds VICE World News. "Most of her articles were deleted based on community consensus. Some Wikipedians even wrote to experts, seeking help to separate the wheat from the chaff." A spokesperson of the Wikimedia Foundation told VICE World News in an email that volunteers are still "continuing to review additional articles that may have been affected."

The report goes on to say that Zhemao speaks neither English nor Russian and is a housewife with only a high school degree. She came clean in an apology letter issued on her Wikipedia account last month. "The hoax started with an innocuous intention," reports VICE. "Unable to comprehend scholarly articles in their original language, she pieced sentences together with a translation tool and filled in the blanks with her own imagination. [...] Before long, they had accumulated into tens of thousands of characters, which she was reluctant to delete."

"The alternative accounts were imaginary friends she 'cosplayed' as she was bored and alone, given her husband was away most of the time and she didn't have any friends. She also apologized to actual experts on Russia, whom she had attempted to cozy up to and later impersonated."

ZDNet reports there's more than just the one Microsoft-created Linux distribution for internal use only called CBL (Common Base Linux) Mariner.

"It turns out there's another Microsoft-developed Linux distribution that's also for internal use that's known as CBL-Delridge or CBL-D." I discovered the existence of CBL-D for the first time this week in a rather round-about way. I stumbled onto a February 2 blog post from Hayden Barnes. a Senior Engineering Manager at SuSE who led the Windows on Rancher engineering team, which traced his steps in discovering and building his own image of CBL-D. Barnes noted that Microsoft published CBL-Delridge in 2020, the same year that it also published CBL-Mariner. The main difference between the two: Delridge is a custom Debian derivative, while Mariner is a custom Linux From Scratch-style distribution.

CBL-D powers Azure's Cloud Shell. The Azure Cloud Shell provides a set of cloud-management tools packaged in a container. In a note on the GitHub repo for the Cloud Shell, officials noted that "the primary difference between Debian and CBL-D is that Microsoft compiles all the packages included in the CBL-D repository internally. This helps guard against supply chain attacks...."

CBL-Mariner and CBL-Delridge are just two of the Microsoft-developed Linux-related deliverables from the Linux Systems Group. Others include the Windows Subsystem for Linux version 2 (WSL2), which is part of Windows 10; an Azure-tuned Linux kernel which is designed for optimal performance as Hyper-V guests; and Integrity Policy Enforcement (IPE), a proposed Linux Security Module (LSM) from the Enterprise and Security team.

SpaceNews reports: The launch was the latest in a series of Electron launches of BlackSky satellites arranged by Spaceflight. That deal included launches of pairs of BlackSky satellites in November and December 2021 as well as a failed Electron launch in May 2021....

Rocket Lab did not attempt to recover the first stage of the Electron after this launch. The company said in November that, after three launches where it recovered Electron boosters after splashing down in the ocean, it was ready to attempt a midair recovery of a booster by catching it with a helicopter, the final step before reusing those boosters. The company has not announced when that recovery will take place, but hinted it would take place soon....

Lars Hoffman, senior vice president of global launch services at Rocket Lab, during a panel session at the Satellite 2022 conference March 22...added that the company has a "full manifest" of Electron launches this year, including the first from Launch Complex 2 at Wallops Island, Virginia, with a goal of launching on average once per month. "We're keeping pace with the market. We're trying not to get too far ahead."
Meanwhile, in mid-March Space.com reported that the launch-service provider Astra "bounced back from last month's launch failure with a groundbreaking success, deploying satellites in Earth orbit for the first time ever" with its low-cost two-stage launch vehicle, LV0009. (Watch video of the launch here.) It was a huge moment for Astra, which suffered a failure last month during its first-ever launch with operational payloads onboard.... Astra aims to break into the small-satellite launch market in a big way with its line of cost-effective, easily transported and ever-evolving rockets.

The company had conducted five orbital flights before today, four of them test missions from Kodiak. Astra reached orbit successfully on the most recent of those four test flights, a November 2021 mission that carried a non-deployable dummy payload for the U.S. Department of Defense. But the company stumbled on its next mission, its first with operational payloads onboard...

Astra investigators soon got to the bottom of both problems, tracing the fairing issue to an erroneous wiring diagram and the tumble to a software snafu. The company instituted fixes, clearing LV0009's path to the pad... LV0009 rose into the Alaska sky smoothly and ticked off its early milestones as planned. Stage separation and fairing deploy went well, and the rocket's second stage cruised to the desired orbit with no apparent issues. LV0009 deployed its payloads successfully about nine minutes after liftoff....

One of the known payloads is OreSat0, a tiny cubesat built by students at Portland State University in Oregon that is designed to serve as a testbed for future cubesats that will study Earth's climate and provide STEM (science, technology, engineering and math) outreach opportunities.

"I don't know if you know a lot about what is actually happening right now in Ukraine...."

CNN reports: There's silence on the other end of the line. "The real truth is that it is a terrible invasion..."

This is one of dozens of cold calls that Marija Stonyte and her husband make every day to people in Russia from their home in Lithuania as part of a volunteer initiative aimed at penetrating Russia's so-called digital iron curtain.... [M]any Russians know little about what is unfolding....

Desperate to break through, people around the world are trying creative ways to connect with Russians. Online activists Anonymous claim to have hacked Russian TV channels to broadcast footage from Ukraine. Others, like Stonyte, are trying a more individual approach. They're cold calling or messaging strangers in Russia, hoping their personal pleas will disrupt the Kremlin's propaganda — and potentially even help put an end to the deadly war.... The couple began calling businesses, museums and restaurants in Moscow and St. Petersburg, hoping to tell them about what was happening. Days later they stumbled across CallRussia.org, an initiative launched March 8 with the tagline: "Make the most important call of your life."

Co-founded by Lithuania-based creative agency director Paulius Senuta, the initiative aims to cold call 40 million phone numbers across Russia. The team gathered publicly available phone numbers in Russia and created a platform that randomly generates a phone number from the list. A user can opt to call over the phone, Telegram, or WhatsApp, and at the end of the call, a site pop-up asks the user whether they got through, and if so, if the call went well. The idea is based on Senuta's belief that Russian people have the power to end the war if they have access to free information and understand the human suffering in Ukraine.... With the help of psychologists, Senuta's team of about 30 people put together a script to guide the calls. They didn't want to get into a confontation — instead the goal is to "convey the human tragedy and the fact that they don't know about it."

In just one week after the CallRussia launch, thousands of volunteers made 84,000 phone calls, he said....

Henkka, a Finnish man based in Estonia, who asked to only be identified by his first name, set his location on dating app Tinder to St. Petersburg, got tipsy, and went on a mission to tell Russians about the war in Ukraine. Although Instagram and Facebook have been blocked, dating apps are still accessible. "How To" guides have sprung up on social media platform Reddit, advising people how to use Tinder's passport feature — which allows users to connect with people in other countries — to share information about Ukraine with Russians. Users share tips on how to create a credible fake account and match with as many people as possible without getting banned by the Tinder algorithm — Tinder says it may delete accounts using the app to promote messages.
CNN actually has a two-minute audio recording of one of Stonyte's phone calls. "I know that it is not safe in Russia to speak about these things. So I will just tell you, and I really hope that you can spread this message in private or to the circles of people you know...." (Stonyte's voice seems to quaver.) "The thing is that, I know that there is a lot of propaganda that is happening..."

"I agree with you," responds the person on the other end of the line.

Stonyte eventually says "So just — as much as you feel safe, and as much as you feel comfortable, please just silently, but, spread this message, so that people know..."

CNN reports that "Stonyte says few people hang up. Instead, most fall into one of two categories — those who argue back, and those who listen, she said. Stonyte believes many people may not want to respond out of fear the call could be monitored and they could face punishment...."

An anonymous reader quotes a report from Gizmodo: It's been less than a month since the New York Times bought Wordle, but it's wasting no time in ruining everyone's favorite word game in all the shitty ways you'd expect from a billion-dollar behemoth. And -- you guessed it -- that means your little daily puzzles are being loaded with ad trackers now, too. Most of us assumed that this was going to happen eventually. I mean, the Times dropped a cool seven-figure sum on a game that's still free to play (at least for right now), so those profits would need to be recouped from somewhere. And this week, some code-savvy Worlders stumbled onto where that "somewhere" was: a dozen different trackers shoved into places where there were literally zero before. Taking a look for ourselves, Gizmodo found that some of the trackers were from the New York Times proper, but most were used to send data to third-party players like Google. [...]

Here's just one nightmare scenario out of the bajillion or so that could come out of a system like this: Ad trackers were created to shove t-shirts and mugs onto all of our timelines, but they can also be used for outright surveillance. There are countless cases of cops using the data gleaned from those shitty ads to track protestors, immigrants, and anyone else they'd want completely warrant-free. And two of the companies that officers tap on the regular for this work -- Google and Oracle (via its infamous Bluekai subsidiary) -- are tied up in Wordle's shiny new trackers. Every time you open the page to see the day's puzzle to complain about how hard it is, the page pings details back to those companies -- and the data it shares can be extremely detailed, as Bluekai's own documents (PDF) lay out. At the very least, it's likely sending broad strokes to say you were on the site at a certain time, while your device was at a certain location.

Sure, adtech players can (and will) pull much shadier shit to share more data on the regular. But as a for instance, if a cop wanted to set a geofence warrant around your neighborhood -- tracking which devices are caught in a specific area at a specific time -- they could easily tap into Bluekai's ad data to get those wheres and whens. And now the fact that you Wordle'd at your local coffee shop on a Tuesday becomes one of the reasons that you ended up on some fed's watch list for a crime you didn't commit but will somehow end up jailed for anyway. This absolute nightmare is almost certainly not what's happening on Wordle right now (phew). And again, this scenario applies to most of the sites you likely visit every day, not just Wordle. But the real scary part about all of this -- at least to me -- is that it can.

Slashdot reader DevNull127 writes: It's a newspaper puzzle that's like Sudoku, except it's impossible. [Sort of...] They call it "The Challenger" puzzle — but when the newspaper leaves out a crucial instruction, you can end up searching forever for a unique solution which doesn't exist!

"If you're thinking 'This could be a 9 or an 8....' — you're right!" complains Lou Cabron. "Everyone's a winner today! Just start scribbling in numbers! And you'd be a fool to try to keep narrowing them down by, say, using your math and logic skills. A fool like me..." (Albeit a fool who once solved a Sudoku puzzle entirely in his head.) But two hours of frustration later — and one night of bad dreams — he's stumbled onto the web page of Dr. Robert J. Lopez, an emeritus math professor in Indiana, who's calculated that in fact Challenger puzzles can have up to 190 solutions... and there's more than one solution for more than 97% of them!

At the end of the day, it becomes an appreciation for the local newspaper, and the puzzles they run next to the funnies. But with a friendly reminder "that they ought to honor and respect that love — by always providing the complete instructions."

An anonymous reader quotes a report from KrebsOnSecurity: In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for all of their online customers. This week, Signet subsidiary Zales.com updated its website to remediate a nearly identical customer data exposure. Last week, KrebsOnSecurity heard from a reader who was browsing Zales.com and suddenly found they were looking at someone else's order information on the website, including their name, billing address, shipping address, phone number, email address, items and total amount purchased, delivery date, tracking link, and the last four digits of the customer's credit card number. The reader noticed that the link for the order information she'd stumbled on included a lengthy numeric combination that -- when altered -- would produce yet another customer's order information. When the reader failed to get an immediate response from Signet, KrebsOnSecurity contacted the company.

In a written response, Signet said, "A concern was brought to our attention by an IT professional. We addressed it swiftly, and upon review we found no misuse or negative impact to any systems or customer data." Their statement continues: "As a business principle we make consumer information protection the highest priority, and proactively initiate independent and industry-leading security testing. As a result, we exceed industry benchmarks on data protection maturity. We always appreciate it when consumers reach out to us with feedback, and have committed to further our efforts on data protection maturity."

When Signet fixed similar weaknesses with its Jared and Kay websites back in 2018, the reader who found and reported that data exposure said his mind quickly turned to the various ways crooks might exploit access to customer order information. "My first thought was they could track a package of jewelry to someone's door and swipe it off their doorstep," said Brandon Sheehy, a Dallas-based Web developer. "My second thought was that someone could call Jared's customers and pretend to be Jared, reading the last four digits of the customer's card and saying there'd been a problem with the order, and if they could get a different card for the customer they could run it right away and get the order out quickly. That would be a pretty convincing scam. Or just targeted phishing attacks."

A 2014 breach at Twitch "was so bad that Twitch essentially had to rebuild much of its code infrastructure because the company eventually decided to assume most of its servers were compromised," reports Vice. "They figured it would be easier to just label them 'dirty,' and slowly migrate them to new servers, according to three former employees who saw and worked with these servers."

Slashdot reader em1ly shares Vice's report (which Vice based on interviews with seven former Twitch employees who'd worked there when the breach happened): The discovery of the suspicious logs kicked off an intense investigation that pulled nearly all Twitch employees on deck. One former employee said they worked 20 hours a day for two months, another said he worked "three weeks straight." Other employees said they worked long hours for weeks on end; some who lived far from the office slept in hotel rooms booked by the company. At the time, Twitch had few, if any, dedicated cybersecurity engineers, so developers and engineers from other teams were pulled into the effort, working together in meeting rooms with glass windows covered, frantically trying to figure out just how bad the hack was, according to five former Twitch employees who were at the company at the time...

Twitch's users would only find out about the breach six months after its discovery, on March 23, 2015, when the company published a short blog post that explained "there may have been unauthorized access to some Twitch user account information," but did not let on nearly how damaging the hack was to Twitch internally.... When Twitch finally disclosed the hack in March of 2015, security engineers at Twitch and Amazon, who had come to help with the incident response, concluded that the hack had started at least eight months before the discovery in October of 2014, though they had no idea if the hackers had actually broken in even earlier than that, according to the former employee. "That was long enough for them to learn entirely how our whole system worked and the attacks they launched demonstrated that knowledge," the former employee said...

For months after the discovery and public announcement, several servers and services were internally labeled as "dirty," as a way to tell all developers and engineers to be careful when interacting with them, and to make sure they'd get cleaned up eventually. This meant that they were still live and in use, but engineers had put restrictions on them in the event that they were still compromised, according to three former employees. "The plan apparently was just to rebuild the entire infra[structure] from known-good code and deprecate the old 'dirty' environment. We still, years later, had a split between 'dirty' services (servers or other things that were running when the hack took place) and 'clean' services, which were fired up after," one of the former employees said. "We celebrated office-wide the day we took down the last dirty service!"
Another former employees tells Vice that the breach came as a surprise, even though the company hadn't invested in keeping itself secure. "Security efforts kept getting cancelled or deprioritized with the argument that 'everyone loves Twitch; no one wants to hack us.'" The Twitch engineer who'd first stumbled onto the breach described his reaction to Vice. " 'Oh fuck.' But I remember thinking that there was so much 'I told you so' here."

One former employee added later that a more recent incident just this month "demonstrates that they didn't learn anything from the incident in 2014." But not everyone agrees. Other former employees, however, said that the damage of this new data breach appears to be less severe than the 2014 hack. And that it's likely thanks to Twitch taking security more seriously since then.