Aria Alamalhodaei reports via TechCrunch: Hubble Network has become the first company in history to establish a Bluetooth connection directly to a satellite -- a critical technology validation for the company, potentially opening the door to connecting millions more devices anywhere in the world. The Seattle-based startup launched its first two satellites to orbit on SpaceX's Transporter-10 ride-share mission in March; since that time, the company confirmed that it has received signals from the onboard 3.5mm Bluetooth chips from over 600 kilometers away.

The sky is truly the limit for space-enabled Bluetooth devices: the startup says its technology can be used in markets including logistics, cattle tracking, smart collars for pets, GPS watches for kids, car inventory, construction sites, and soil temperature monitoring. Haro said the low-hanging fruit is those industries that are desperate for network coverage even once per day, like remote asset monitoring for the oil and gas industry. As the constellation scales, Hubble will turn its attention to sectors that may need more frequent updates, like soil monitoring, to continuous coverage use cases like fall monitoring for the elderly. Once its up and running, a customer would simply need to integrate their devices' chipsets with a piece of firmware to enable connection to Hubble's network.

Microsoft has confirmed that the April 2024 Windows security updates break VPN connections across client and server platforms. From a report: The company explains on the Windows health dashboard that "Windows devices might face VPN connection failures after installing the April 2024 security update or the April 2024 non-security preview update."

"We are investigating user reports, and we will provide more information in the coming days," Redmond added. The list of affected Windows versions includes Windows 11, Windows 10, and Windows Server 2008 and later.

Women Who Code (WWC), a U.S.-based organization of 360,000 people supporting women who work in the tech sector, is shutting down due to a lack of funding. "It is with profound sadness that, today, on April 18, 2024, we are announcing the difficult decision to close Women Who Code, following a vote by the Board of Directors to dissolve the organization," the organization said in a blog post. "This decision has not been made lightly. It only comes after careful consideration of all options and is due to factors that have materially impacted our funding sources -- funds that were critical to continuing our programming and delivering on our mission. We understand that this news will come as a disappointment to many, and we want to express our deepest gratitude to each and every one of you who have been a part of our journey." The BBC reports: WWC was started 2011 by engineers who "were seeking connection and support for navigating the tech industry" in San Francisco. It became a nonprofit organization in 2013 and expanded globally. In a post announcing its closure, it said it had held more than 20,000 events and given out $3.5m in scholarships. A month before the closure, WWC had announced a conference for May, which has now been cancelled.

A spokesperson for WWC said: "We kept our programming moving forward while exploring all options." They would not comment on questions about the charity's funding. The most recent annual report, for 2022, showed the charity made almost $4m that year, while its expenses were just under $4.2m. WWC said that "while so much has been accomplished," their mission was not complete. It continued: "Our vision of a tech industry where diverse women and historically excluded people thrive at every level is not fulfilled."

According to Bloomberg's Mark Gurman, Apple's initial set of AI-related features in iOS 18 "will work entirely on device," and won't connect to cloud services. AppleInsider reports: In practice, these AI features would be able to function without an internet connection or any form of cloud-based processing. AppleInsider has received information from individuals familiar with the matter that suggest the report's claims are accurate. Apple is working on an in-house large language model, or LLM, known internally as "Ajax." While more advanced features will ultimately require an internet connection, basic text analysis and response generation features should be available offline. [...] Apple will reveal its AI plans during WWDC, which starts on June 10.

An anonymous reader quotes a report from Ars Technica: Federal prosecutors indicted a Nebraska man on charges he perpetrated a cryptojacking scheme that defrauded two cloud providers -- one based in Seattle and the other in Redmond, Washington -- out of $3.5 million. The indictment, filed in US District Court for the Eastern District of New York and unsealed on Monday, charges Charles O. Parks III -- 45 of Omaha, Nebraska -- with wire fraud, money laundering, and engaging in unlawful monetary transactions in connection with the scheme. Parks has yet to enter a plea and is scheduled to make an initial appearance in federal court in Omaha on Tuesday. Parks was arrested last Friday. Prosecutors allege that Parks defrauded "two well-known providers of cloud computing services" of more than $3.5 million in computing resources to mine cryptocurrency. The indictment says the activity was in furtherance of a cryptojacking scheme, a term for crimes that generate digital coin through the acquisition of computing resources and electricity of others through fraud, hacking, or other illegal means.

Details laid out in the indictment underscore the failed economics involved in the mining of most cryptocurrencies. The $3.5 million of computing resources yielded roughly $1 million worth of cryptocurrency. In the process, massive amounts of energy were consumed. [...] Prosecutors didn't say precisely how Parks was able to trick the providers into giving him elevated services, deferring unpaid payments, or failing to discover the allegedly fraudulent behavior. They also didn't identify either of the cloud providers by name. Based on the details, however, they are almost certainly Amazon Web Services and Microsoft Azure. If convicted on all charges, Parks faces as much as 30 years in prison.

In the view of Jim VandeHei, CEO of Axios, artificial intelligence will eviscerate the weak, the ordinary, the unprepared in media," reports the New York Times: VandeHei says the only way for media companies to survive is to focus on delivering journalistic expertise, trusted content and in-person human connection. For Axios, that translates into more live events, a membership program centered on its star journalists and an expansion of its high-end subscription newsletters. "We're in the middle of a very fundamental shift in how people relate to news and information," he said, "as profound, if not more profound, than moving from print to digital." "Fast forward five to 10 years from now and we're living in this AI-dominated virtual world — who are the couple of players in the media space offering smart, sane content who are thriving?" he added. "It damn well better be us."

Axios is pouring investment into holding more events, both around the world and in the United States. VandeHei said the events portion of his business grew 60% year over year in 2023. The company has also introduced a $1,000-a-year membership program around some of its journalists that will offer exclusive reporting, events and networking. The first one, announced last month, is focused on Eleanor Hawkins, who writes a weekly newsletter for communications professionals. Her newsletter will remain free, but paying subscribers will have access to additional news and data, as well as quarterly calls with Hawkins... Axios will expand Axios Pro, its collection of eight high-end subscription newsletters focused on specific niches in the deals and policy world. The subscriptions start at $599 a year each, and Axios is looking to add one on defense policy...

"The premium for people who can tell you things you do not know will only grow in importance, and no machine will do that," VandeHei said....VandeHei said that although he thought publications should be compensated for original intellectual property, "that's not a make-or-break topic." He said Axios had talked to several AI companies about potential deals, but "nothing that's imminent.... One of the big mistakes a lot of media companies made over the last 15 years was worrying too much about how do we get paid by other platforms that are eating our lunch as opposed to figuring out how do we eat people's lunch by having a superior product," he said.
"VandeHei said Axios was not currently profitable because of the investment in the new businesses," according to the article.

But "The company has continued to hire journalists even as many other news organizations have cut back."

Terraform Labs and its founder Do Kwon have been found liable on civil fraud charges on Friday by a jury in Manhattan. The jury agreed with the SEC that the two misled investors before their stablecoin's 2022 collapse shocked crypto markets around the world. Reuters reports: The SEC accused the company and Kwon of misleading investors in 2021 about the stability of TerraUSD, a stablecoin designed to maintain a value of $1. The regulator also accused them of falsely claiming Terraform's blockchain was used in a popular Korean mobile payment app. SEC attorney Laura Meehan said during closing arguments that the platform's success story was "built on lies." "If you swing big and you miss, and you don't tell people that you came up short, that is fraud," Meehan said.

Louis Pellegrino, an attorney for Terraform, told the jury on Friday the SEC's case relied on statements taken out of context and that Terraform and Kwon had been truthful about their products and how they worked, even when they failed. "Terraform is still out there, trying to rebuild and make purchasers whole," he said. The regulator is seeking civil financial penalties and orders barring Kwon and Terraform from the securities industry. Kwon, who was arrested in Montenegro in March 2023, did not attend the trial, which began March 25. Both the U.S. and South Korea, where Kwon is a citizen, have sought his extradition on criminal charges.

An anonymous reader quotes a report from Kotaku: A new patent recently filed by TV and streaming device manufacturer Roku hints toward a possible future where televisions could display ads when you pause a movie or game. For Roku, the time in which the TV is on but users aren't doing anything is valuable. The company has started leasing out ad space in its popular Roku City screensaver -- which appears when your TV is idle -- to companies like McDonald's and movies like Barbie. As tech newsletter Lowpass points out, Roku finds this idle time and its screensaver so valuable that it forbids app developers from overriding the screensaver with their own. But, if you plug in an Xbox or DVD player into the HDMI port on a Roku TV, you bypass the company's screensaver and other ads. And so, Roku has been figuring out a way to not let that happen.

As reported by Lowpass on April 4, Roku recently filed a patent for a technology that would let it inject ads into third-party content -- like an Xbox game or Netflix movie -- using an HDMI connection. The patent describes a situation where you are playing a video game and hit pause to go check your phone or grab some food. At this point, Roku would identify that you have paused the content and display a relevant ad until you unpaused the game. Roku's tech isn't designed to randomly inject ads as you are playing a game or watching a movie, it knows that would be going too far and anger people. Instead, the patent suggests several ways that Roku could spot when your TV is paused, like comparing frames, to make sure the user has actually paused the content. Roku might also use the HDMI's audio feed to search for extended moments of silence. The company also proposes using HDMI CEC -- a protocol designed to help devices communicate better -- to figure out when you pause and unpause content. Similarly, Roku's patent explains that it will use various methods to detect what people are playing or watching and try to display relevant ads. So if it sees you have an Xbox plugged in, it might try to serve you ads that it thinks an Xbox owner would be interested in.

An anonymous reader shares a PC Gamer report: PCI Express 7.0 is coming. But don't feel as though you need to start saving for a new motherboard anytime soon. The PCI-SIG has just released the 0.5 version, with the final version set for release in 2025. That means supporting devices are not likely to land until 2026, with 2027-28 likely to be the years we see a wider rollout. PCIe 7.0 will initially be far more relevant to the enterprise market, where bandwidth-hungry applications like AI and networking will benefit. Anyway, it's not like the PC market is saturated with PCIe 5.0 devices, and PCIe 6.0 is yet to make its way into our gaming PCs.

PCI Express bandwidth doubles every generation, so PCIe 7.0 will deliver a maximum data rate up to 128 GT/s. That's a whopping 8x faster than PCIe 4.0 and 4x faster than PCIe 5.0. This means PCIe 7.0 is capable of delivering up to 512GB/s of bi-directional throughput via a x16 connection and 128GB/s for an x4 connection. More bandwidth will certainly be beneficial for CPU to chipset links, which means multiple integrated devices like 10G networking, WiFi 7, USB 4, and Thunderbolt 4 will all be able to run on a consumer motherboard without compromise. And just imagine what all that bandwidth could mean for PCIe 7.0 SSDs. In the years to come, a PCIe 7.0 x4 SSD could approach sequential transfer rates of up to 60GB/s. We'll need some serious advances in SSD controller and NAND flash technologies to see speeds in that range, but still, it's an attractive proposition. Further reading: PCIe 7.0 first official draft lands, doubling bandwidth yet again.

An anonymous reader quotes a report from Popular Science: In the average American house, any download rate above roughly 242 Mbs is considered a solidly speedy broadband internet connection. That's pretty decent, but across the Atlantic, researchers at UK's Aston University recently managed to coax about 1.2 million times that rate using a single fiber optic cable -- a new record for specific wavelength bands. As spotted earlier today by Gizmodo, the international team achieved a data transfer rate of 301 terabits, or 301,000,000 megabits per second by accessing new wavelength bands normally unreachable in existing optical fibers -- the tiny, hollow glass strands that carry data through beams of light. According to Aston University's recent profile, you can think of these different wavelength bands as different colors of light shooting through a (largely) standard cable.

Commercially available fiber cabling utilizes what are known as C- and L-bands to transmit data. By constructing a device called an optical processor, however, researchers could access the never-before-used E- and S-bands. "Over the last few years Aston University has been developing optical amplifiers that operate in the E-band, which sits adjacent to the C-band in the electromagnetic spectrum but is about three times wider," Ian Phillips, the optical processor's creator, said in a statement. "Before the development of our device, no one had been able to properly emulate the E-band channels in a controlled way." But in terms of new tech, the processor was basically it for the team's experiment. "Broadly speaking, data was sent via an optical fiber like a home or office internet connection," Phillips added. What's particularly impressive and promising about the team's achievement is that they didn't need new, high-tech fiber optic lines to reach such blindingly fast speeds. Most existing optical cables have always technically been capable of reaching E- and S-bands, but lacked the equipment infrastructure to do so. With further refinement and scaling, internet providers could ramp up standard speeds without overhauling current fiber optic infrastructures.

A CNN opinion piece looks at "the moaning about manual transmission's demise," noting that "it's not just Europeans (literally) clinging on. In the U.S., there's apparently a young (also predominantly male) demographic that is embracing manual driving — championing it as retro, much like Gen Z's affinity to typewriters and vintage cameras.

"They feel there's something authentic about it: a connection between driver and vehicle that automatization cuts out." But CNN's writer argues the case against stick shifts... [Automatic vehicles] chalk up better mileage and drive faster than their stick-shift counterparts. The explanation: automatics select the right gear for the vehicle, usually the highest gear possible. The average manual driver is not always so proficient. In getting the gear right, automatics consume less fuel, save money and emit fewer emissions.

These are among the reasons why it's ever harder to buy a new manual-transmission model of any kind in many countries. In the US, less than 1% of new models have stick shifts (compared to 35% in 1980), according to the Environmental Protection Agency. It's really only sports cars, off-road truck SUVs and a handful of small pickups that still have clutches.... While all gasoline-run cars and trucks are climate killers with stick shifts being the slightly worse of two evils, combustion-engine automatics themselves are on their way out. They are tooling along the highway side-by-side with their stick-and-clutch counterparts toward the junkyard of history. Electric vehicles have gear systems, too: a single speed transmission that transmits energy from the motor to the wheels. But because only one gear exists, there is no switching of gears, neither automatically nor manually...

Road transportation accounts for 15% of the world's greenhouse gas emissions, according to Our World Data, as well as being a huge contributor to the air pollution that claims around nine million deaths a year from respiratory and lung diseases. Transportation noise, though less deadly, also contributes to stress and sleep disorders. Thankfully, there's a convenient way to circumvent these blights: electric vehicles...

But for those aficionados who really can't go without a clutch and gear shifter, Toyota is planning a realistic-feeling fake manual transmission for some EV models. It serves no purpose whatsoever — save to comfort bruised egos.

The Baffler says a new publishing house launched earlier this month "brings Silicon Valley-style startup disruption to the business of books."

Authors Equity has "a tiny core staff, offloading its labor to a network of freelancers," and like a handful of other publishers "is upending the way that authors get paid, eschewing advances and offering a higher percentage of profits instead." It is worth watching because its team includes several of the most important publishing people of the twenty-first century. And if it works, it will offer a model for tightening the connection between book culture and capitalism, a leap forward for the forces of efficiency and the fantasies of frictionless markets, ushering in a world where literature succeeds if and only if it sells....

Authors Equity's website presents its vision in strikingly neoliberal corporatespeak. The company has four Core Principles: Aligned Incentives; Bespoke Teams; Flexibility and Transparency; and Long-Term Collaboration. What do they mean by these MBA keywords? Aligned Incentives is explained in the language of human capital: "Our profit-share model rewards authors who want to bet on themselves." Authors, that is, take on more of the financial risk of publication. At a traditional publishing house, advances provide authors with guaranteed cash early in the process that they can use to live off while writing. With Authors Equity, nothing is guaranteed and nothing given ahead of time; an author's pay depends on their book's profits.

In an added twist, "Profit participation is also an option for key members of the book team, so we're in a position to win together." Typically, only an author's agent's income is directly tied to an author's financial success, but at Authors Equity, others could have a stake. This has huge consequences for the logic of literary production. If an editor, for example, receives a salary and not a cut of their books' profits, their incentives are less immediately about profit, offering more wiggle room for aesthetic value. The more the people working on books participate in their profits, the more, structurally, profit-seeking will shape what books look like.

"Bespoke Teams" is a euphemism for gigification. With a tiny initial staff of six, Authors Equity uses freelance workers to make books, unlike traditional publishers, which have many employees in many departments... Their fourth Core Principle — Long-Term Collaboration — addresses widespread frustration with a systemic problem in traditional publishing: the fetishization of debut authors who receive decent or better advances, fail to earn out, and then struggle to have a career. It's a real problem and one where authors' interests and capitalist rationalization are, as it were, aligned. Authors Equity sees that everyone might profit when an author can build a readership and develop their skill.
The article concludes with this prediction. "It's not impossible that we'll look back in twenty years and see its founding as auguring the beginning of the startup age in publishing."

Food for thought... Pulp-fiction mystery writer Mickey Spillane once said, "I'm a writer, not an author. The difference is, a writer makes money."

Jessica Lyons reports via The Register: Vulnerabilities in common Electronic Logging Devices (ELDs) required in US commercial trucks could be present in over 14 million medium- and heavy-duty rigs, according to boffins at Colorado State University. In a paper presented at the 2024 Network and Distributed System Security Symposium, associate professor Jeremy Daily and systems engineering graduate students Jake Jepson and Rik Chatterjee demonstrated how ELDs can be accessed over Bluetooth or Wi-Fi connections to take control of a truck, manipulate data, and spread malware between vehicles. "These findings highlight an urgent need to improve the security posture in ELD systems," the trio wrote [PDF].

The authors did not specify brands or models of ELDs that are vulnerable to the security flaws they highlight in the paper. But they do note there's not too much diversity of products on the market. While there are some 880 devices registered, "only a few tens of distinct ELD models" have hit the road in commercial trucks. A federal mandate requires most heavy-duty trucks to be equipped with ELDs, which track driving hours. These systems also log data on engine operation, vehicle movement and distances driven -- but they aren't required to have tested safety controls built in. And according to the researchers, they can be wirelessly manipulated by another car on the road to, for example, force a truck to pull over.

The academics pointed out three vulnerabilities in ELDs. They used bench level testing systems for the demo, as well as additional testing on a moving 2014 Kenworth T270 Class 6 research truck equipped with a vulnerable ELD. [...] For one of the attacks, the boffins showed how anyone within wireless range could use the device's Wi-Fi and Bluetooth radios to send an arbitrary CAN message that could disrupt of some of the vehicle's systems. A second attack scenario, which also required the attacker to be within wireless range, involved connecting to the device and uploading malicious firmware to manipulate data and vehicle operations. Finally, in what the authors described as the "most concerning" scenario, they uploaded a truck-to-truck worm. The worm uses the compromised device's Wi-Fi capabilities to search for other vulnerable ELDs nearby. After finding the right ELDs, the worm uses default credentials to establish a connection, drops its malicious code on the next ELD, overwrites existing firmware, and then starts the process over again, scanning for additional devices. "Such an attack could lead to widespread disruptions in commercial fleets, with severe safety and operational implications," the researchers warned.

An anonymous reader quotes a report from KrebsOnSecurity: The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep's CEO to admit that he has founded dozens of people-search networks over the years. Mozilla only began bundling Onerep in Firefox last month, when it announced the reputation service would be offered on a subscription basis as part of Mozilla Monitor Plus. Launched in 2018 under the name Firefox Monitor, Mozilla Monitor also checks data from the website Have I Been Pwned? to let users know when their email addresses or password are leaked in data breaches. On March 14, KrebsOnSecurity published a story showing that Onerep's Belarusian CEO and founder Dimitiri Shelest launched dozens of people-search services since 2010, including a still-active data broker called Nuwber that sells background reports on people. Onerep and Shelest did not respond to requests for comment on that story.

But on March 21, Shelest released a lengthy statement wherein he admitted to maintaining an ownership stake in Nuwber, a consumer data broker he founded in 2015 -- around the same time he launched Onerep. Shelest maintained that Nuwber has "zero cross-over or information-sharing with Onerep," and said any other old domains that may be found and associated with his name are no longer being operated by him. "I get it," Shelest wrote. "My affiliation with a people search business may look odd from the outside. In truth, if I hadn't taken that initial path with a deep dive into how people search sites work, Onerep wouldn't have the best tech and team in the space. Still, I now appreciate that we did not make this more clear in the past and I'm aiming to do better in the future." The full statement is available here (PDF).

In a statement released today, a spokesperson for Mozilla said it was moving away from Onerep as a service provider in its Monitor Plus product. "Though customer data was never at risk, the outside financial interests and activities of Onerep's CEO do not align with our values," Mozilla wrote. "We're working now to solidify a transition plan that will provide customers with a seamless experience and will continue to put their interests first." KrebsOnSecurity also reported that Shelest's email address was used circa 2010 by an affiliate of Spamit, a Russian-language organization that paid people to aggressively promote websites hawking male enhancement drugs and generic pharmaceuticals. As noted in the March 14 story, this connection was confirmed by research from multiple graduate students at my alma mater George Mason University.

Shelest denied ever being associated with Spamit. "Between 2010 and 2014, we put up some web pages and optimize them -- a widely used SEO practice -- and then ran AdSense banners on them," Shelest said, presumably referring to the dozens of people-search domains KrebsOnSecurity found were connected to his email addresses (dmitrcox@gmail.com and dmitrcox2@gmail.com). "As we progressed and learned more, we saw that a lot of the inquiries coming in were for people." Shelest also acknowledged that Onerep pays to run ads on "on a handful of data broker sites in very specific circumstances." "Our ad is served once someone has manually completed an opt-out form on their own," Shelest wrote. "The goal is to let them know that if they were exposed on that site, there may be others, and bring awareness to there being a more automated opt-out option, such as Onerep."

An Internet service provider that admitted lying to the FCC about where it offers broadband will pay a $10,000 fine and implement a compliance plan to prevent future violations. ArsTechnica: Jefferson County Cable (JCC), a small ISP in Toronto, Ohio, admitted that it falsely claimed to offer fiber service in an area that it hadn't expanded to yet. A company executive also admitted that the firm submitted false coverage data to prevent other ISPs from obtaining government grants to serve the area. Ars helped expose the incident in a February 2023 article.

The FCC announced the outcome of its investigation on March 15, saying that Jefferson County Cable violated the Broadband Data Collection program requirements and the Broadband DATA Act, a US law, "in connection with reporting inaccurate information or data with respect to the Company's ability to provide broadband Internet access service." The FCC said: "To settle this matter, Jefferson County Cable agrees to pay a $10,000 civil penalty to the United States Treasury. Jefferson County Cable also agrees to implement enhanced compliance measures. This action will help further the Commission's efforts to bridge the digital divide by having accurate data of locations where broadband service is available."

Google's second developer preview for Android 15 has arrived, bringing long-awaited support for satellite connectivity alongside several improvements to contactless payments, multi-language recognition, volume consistency, and interaction with PDFs via apps. From a report: These developer-focused betas are a proving ground for features that will likely make it into the final public release scheduled for later this year. According to Google, public beta releases should be available to test between April and July. The latest developer preview addresses some nuisances and security concerns experienced by Android users, such as making apps more aware of why some services might be unavailable when devices are using a satellite connection. This is also the first official confirmation that Android 15 will come with satellite messaging, with Google's press release saying that the new preview includes support for "preloaded RCS applications to use satellite connectivity for sending and receiving messages."