In response to new EU regulations, Apple on Thursday outlined plans to allow iOS developers to distribute apps outside the App Store starting in March, though developers must still submit apps for Apple's review and pay commissions. Now critics say the changes don't go far enough and Apple retains too much control.

Epic Games CEO Tim Sweeney: They are forcing developers to choose between App Store exclusivity and the store terms, which will be illegal under DMA (Digital Markets Act), or accept a new also-illegal anticompetitive scheme rife with new Junk Fees on downloads and new Apple taxes on payments they don't process. 37signals's David Heinemeier Hansson, who is also the creator of Ruby on Rails: Let's start with the extortion regime that'll befell any large developer who might be tempted to try hosting their app in one of these new alternative app stores that the EU forced Apple to allow. And let's take Meta as a good example. Their Instagram app alone is used by over 300 million people in Europe. Let's just say for easy math there's 250 million of those in the EU. In order to distribute Instagram on, say, a new Microsoft iOS App Store, Meta would have to pay Apple $11,277,174 PER MONTH(!!!) as a "Core Technology Fee." That's $135 MILLION DOLLARS per year. Just for the privilege of putting Instagram into a competing store. No fee if they stay in Apple's App Store exclusively.

Holy shakedown, batman! That might be the most blatant extortion attempt ever committed to public policy by any technology company ever. And Meta has many successful apps! WhatsApp is even more popular in Europe than Instagram, so that's another $135M+/year. Then they gotta pay for the Facebook app too. There's the Messenger app. You add a hundred million here and a hundred million there, and suddenly you're talking about real money! Even for a big corporation like Meta, it would be an insane expense to offer all their apps in these new alternative app stores.

Which, of course, is the entire point. Apple doesn't want Meta, or anyone, to actually use these alternative app stores. They want everything to stay exactly as it is, so they can continue with the rake undisturbed. This poison pill is therefore explicitly designed to ensure that no second-party app store ever takes off. Without any of the big apps, there will be no draw, and there'll be no stores. All of the EU's efforts to create competition in the digital markets will be for nothing. And Apple gets to send a clear signal: If you interrupt our tool-booth operation, we'll make you regret it, and we'll make you pay. Don't resist, just let it be. Let's hope the EU doesn't just let it be. Coalition of App Fairness, an industry body that represents over 70 firms including Tinder, Spotify, Proton, Tile, and News Media Europe: "Apple clearly has no intention to comply with the DMA. Apple is introducing new fees on direct downloads and payments they do nothing to process, which violates the law. This plan does not achieve the DMA's goal to increase competition and fairness in the digital market -- it is not fair, reasonable, nor non-discriminatory," said Rick VanMeter, Executive Director of the Coalition for App Fairness.

"Apple's proposal forces developers to choose between two anticompetitive and illegal options. Either stick with the terrible status quo or opt into a new convoluted set of terms that are bad for developers and consumers alike. This is yet another attempt to circumvent regulation, the likes of which we've seen in the United States, the Netherlands and South Korea. Apple's 'plan' is a shameless insult to the European Commission and the millions of European consumers they represent -- it must not stand and should be rejected by the Commission."

cusco writes: After three years and 72 flights of its 5-flight mission the mission of the Ingenuity helicopter on Mars is finally over. Images show that Ingenuity suffered damage to one of its rotor blades and will not be able to take off again. NASA's press release, also shared by cusco: Ingenuity landed on Mars Feb. 18, 2021, attached to the belly of NASA's Perseverance rover and first lifted off the Martian surface on April 19, proving that powered, controlled flight on Mars was possible. After notching another four flights, it embarked on a new mission as an operations demonstration, serving as an aerial scout for Perseverance scientists and rover drivers. In 2023, the helicopter executed two successful flight tests that further expanded the team's knowledge of its aerodynamic limits.

[...] Over an extended mission that lasted for almost 1,000 Martian days, more than 33 times longer than originally planned, Ingenuity was upgraded with the ability to autonomously choose landing sites in treacherous terrain, dealt with a dead sensor, cleaned itself after dust storms, operated from 48 different airfields, performed three emergency landings, and survived a frigid Martian winter.

Designed to operate in spring, Ingenuity was unable to power its heaters throughout the night during the coldest parts of winter, resulting in the flight computer periodically freezing and resetting. These power "brownouts" required the team to redesign Ingenuity's winter operations in order to keep flying.

With flight operations now concluded, the Ingenuity team will perform final tests on helicopter systems and download the remaining imagery and data in Ingenuity's onboard memory. The Perseverance rover is currently too far away to attempt to image the helicopter at its final airfield.

Gummy vitamin supplements have surged in popularity, with sales projected to double to $14 billion by 2027. However, experts warn that the candy-like taste and texture increase risks of overdosing, especially among children, as calls to Poison Control for melatonin overdoses have jumped 530% in a decade. Formulating vitamins into gummies also leads to faster nutrient degradation from heat, light and moisture than pills. Testing shows gummy vitamins often contain far more or less of ingredients than labels state. While some sweetness makes supplements appealing, gummies mimic candy too closely at the expense of safety and reliability. The Atlantic: A recent analysis of melatonin and CBD gummies yielded similar results: Some contained as much as 347 percent the amount of those substances stated on the label. Because the FDA generally does not regulate supplements as drugs, such wild variability is accepted in a way that it isn't for actual pharmaceuticals. (In 2020, the FDA granted the first-ever Investigational New Drug Application for a gummy medication, though no such product appears to have come to market.) "If you have something that you need a specific amount of every time you take it, gummies are not the way to go," says Pieter Cohen, a doctor at Cambridge Health Alliance, in Somerville, Massachusetts, and the lead author of the melatonin-CBD research. Taking too much of a supplement is generally not as dangerous as taking too much of a prescription drug, but, as Breuner noted, many supplements taken in sufficient excess can still be toxic. When I asked Cooperman what advice he had for people trying to navigate all of this, his answer was simple: "Don't buy a gummy."

Perhaps the rise of gummy supplements was inevitable. The supplement industry has become so big in part because it can promote its products as, say, boosting the immune system or supporting healthy bones, without subjecting them to the strict regulatory demands imposed on pharmaceuticals. Supplements blur the line between food and drug, and gummy supplements -- designed and marketed on the premise that healthy stuff can and should taste as good as candy -- only intensify that blurring. Cohen, for one, thinks the distinction is worth preserving. Calcium supplements should not go down as easy as Haribos. That may be a bitter pill to swallow, but not everything can taste like candy.

NASA announced Friday that it finally got a canister of asteroid dust open, four months after it parachuted down through the Earth's atmosphere into the Utah desert. The Guardian reports: The space administration announced Friday that it had successfully removed two stuck fasteners that had prevented some of the samples collected in 2020 from the 4.6bn-year-old asteroid Bennu, which is classified as a "potentially hazardous" because it has one in 1,750 chance of crashing into Earth by 2300. Most of the rock samples collected by Nasa's Osiris-Rex mission were retrieved soon after the canister landed in September, but additional material remaining inside a sampler head that proved difficult to access.

After months of wrestling with the last two of 35 fasteners, scientists in Houston managed to get them dislodged. "It's open! It's open!" Nasa's planetary science division posted on Twitter/X. The division also posted a photograph of dust and small rocks inside the canister. According to the Los Angeles Times, the team designed custom tools made from a specific grade of surgical, non-magnetic stainless steel to pry it open -- all without the samples being contaminated by Earthly air. Nasa said it will now analyze the nine-ounce sample.

Japan has become the fifth country in the world to soft-land a spacecraft on the Moon, using precision technology that allowed it to touch down closer to its target landing site than any mission has before. However the spacecraft might have survived on the lunar surface for just a few hours due to power failure. Nature: Telemetry showed that the Smart Lander for Investigating Moon, or SLIM, touched down in its target area near Shioli crater, south of the lunar equator early Saturday morning, four months after lifting off from the Tanegashima Space Centre, off the south coast of Japan. [...] According to [Hitoshi] Kuninaka (VP of Kanegawa-based Japan Aerospace Exploration Agency), SLIM has very likely achieved its primary goal -- to land on the Moon with an unprecedented accuracy of 100 metres, which is a big leap from previous ranges of a few to dozens of kilometres. SLIM carried vision-based navigation technology, which was intended to image the surface as it flew over the Moon, and locate itself quickly by matching the images with onboard maps.

It remains unclear if the car-sized, 200-kilogram spacecraft actually touched down in the planned, two-step manner with its five legs. Unlike previous Moon landers, which used four legs to simultaneously reach a relatively flat area, SLIM was designed to hit a 15-degree slope outside Shioli crater first with one leg at the back, and then tip forward to stabilize on the four front legs. Observers suggest that SLIM might have rolled during its touch-down, preventing its solar cells from facing the Sun. Kuninaka said not enough data were available to establish the probe's posture or orientation. However, if some sunlight is able to reach the solar cells there is a chance that SLIM could come back to life.

"It's ridiculous just how virulent some of these bacteria get over time," says Dwayne Roach, assistant professor of bacteriophages, infectious disease and immunology at San Diego State University.

But now CNN says doctors are fighting multi-drug-resistant superbugs with "nature's oldest predators — tiny tripod-looking viruses called phages designed to find, attack and gobble up bacteria." The microscopic creatures have saved the lives of patients dying from superbug infections and are being used in clinical trials as a potential solution to the growing problem of antibiotic resistance...

In labs around the country, phage scientists are taking research and discovery to the next level... [Yale scientists] are busy mapping which phages and antibiotics are most symbiotic in the fight against a pathogen. Roach's San Diego State lab is investigating the body's immune response to phages while developing new phage purification techniques to prepare samples for intravenous use in patients. Currently, clinical trials are underway to test the effectiveness of phages against intractable urinary tract infections, chronic constipation, joint infections, diabetic foot ulcers, tonsillitis and the persistent, reoccurring infections that occur in patients with cystic fibrosis. The chronic infections common in cystic fibrosis are typically due to various strains of drug-resistant Pseudomonas aeruginosa — the same pathogen responsible for Horton's ear infection and the artificial tears outbreak.

A number of labs are developing libraries of phages, stockpiled with strains found in nature that are known to be effective against a particular pathogen. In Texas, a new facility is taking that a step further — speeding up evolution by creating phages in the lab. "Rather than just sourcing new phages from the environment, we have a bioreactor that in real time creates billions upon billions of phages," said Anthony Maresso, associate professor at Baylor College of Medicine in Houston. "Most of those phages won't be active against the drug-resistant bacteria, but at some point there will be a rare variant that has been trained, so to speak, to attack the resistant bacteria, and we'll add that to our arsenal," Maresso said. "It's a next-generation approach on phage libraries." Maresso's lab published a study last year on the treatment of 12 patients with phages customized to each patient's unique bacterial profile. It was a qualified success: The antibiotic-resistant bacteria in five patients were eradicated, while several more patients showed improvements.

"There's a lot of approaches right now that are happening in parallel," Roach said. "Do we engineer phages? Do we make a phage cocktail, and then how big is the cocktail? Is it two phages or 12 phages? Should phages be inhaled, applied topically or injected intravenously? There's a lot of work underway on exactly how to best do this...." Genetically engineering phages would allow scientists to target each person's unique mix of antibiotic-resistant pathogens instead of searching sewage, bogs, ponds, the bilge of boats and other prime breeding grounds for bacteria to find just the right phage for the job.

Along with phage libraries, genetic engineering is also a key to churning out phages in mass, to distribute on a wider scale. In Russia and the country of Georgia, where phage therapy has been used for decades, patients can buy phage cocktails off the shelf in pharmacies.

It's "a free and open-source, software-defined storage platform," according to Wikipedia, providing object storage, block storage, and file storage "built on a common distributed cluster foundation". The charter advisory board for Ceph included people from Canonical, CERN, Cisco, Fujitsu, Intel, Red Hat, SanDisk, and SUSE.

And Nite_Hawk (Slashdot reader #1,304) is one of its core engineers — a former Red Hat principal software engineer named Mark Nelson. (He's now leading R&D for a small cloud systems company called Clyso that provides Ceph consulting.) And he's returned to Slashdot to share a blog post describing "a journey to 1 TiB/s". This gnarly tale-from-Production starts while assisting Clyso with "a fairly hip and cutting edge company that wanted to transition their HDD-backed Ceph cluster to a 10 petabyte NVMe deployment" using object-based storage devices [or OSDs]...) I can't believe they figured it out first. That was the thought going through my head back in mid-December after several weeks of 12-hour days debugging why this cluster was slow... Half-forgotten superstitions from the 90s about appeasing SCSI gods flitted through my consciousness...

Ultimately they decided to go with a Dell architecture we designed, which quoted at roughly 13% cheaper than the original configuration despite having several key advantages. The new configuration has less memory per OSD (still comfortably 12GiB each), but faster memory throughput. It also provides more aggregate CPU resources, significantly more aggregate network throughput, a simpler single-socket configuration, and utilizes the newest generation of AMD processors and DDR5 RAM. By employing smaller nodes, we halved the impact of a node failure on cluster recovery....

The initial single-OSD test looked fantastic for large reads and writes and showed nearly the same throughput we saw when running FIO tests directly against the drives. As soon as we ran the 8-OSD test, however, we observed a performance drop. Subsequent single-OSD tests continued to perform poorly until several hours later when they recovered. So long as a multi-OSD test was not introduced, performance remained high. Confusingly, we were unable to invoke the same behavior when running FIO tests directly against the drives. Just as confusing, we saw that during the 8 OSD test, a single OSD would use significantly more CPU than the others. A wallclock profile of the OSD under load showed significant time spent in io_submit, which is what we typically see when the kernel starts blocking because a drive's queue becomes full...

For over a week, we looked at everything from bios settings, NVMe multipath, low-level NVMe debugging, changing kernel/Ubuntu versions, and checking every single kernel, OS, and Ceph setting we could think of. None these things fully resolved the issue. We even performed blktrace and iowatcher analysis during "good" and "bad" single OSD tests, and could directly observe the slow IO completion behavior. At this point, we started getting the hardware vendors involved. Ultimately it turned out to be unnecessary. There was one minor, and two major fixes that got things back on track.
It's a long blog post, but here's where it ends up:

• Fix One: "Ceph is incredibly sensitive to latency introduced by CPU c-state transitions. A quick check of the bios on these nodes showed that they weren't running in maximum performance mode which disables c-states."

• Fix Two: [A very clever engineer working for the customer] "ran a perf profile during a bad run and made a very astute discovery: A huge amount of time is spent in the kernel contending on a spin lock while updating the IOMMU mappings. He disabled IOMMU in the kernel and immediately saw a huge increase in performance during the 8-node tests." In a comment below, Nelson adds that "We've never seen the IOMMU issue before with Ceph... I'm hoping we can work with the vendors to understand better what's going on and get it fixed without having to completely disable IOMMU."

• Fix Three: "We were not, in fact, building RocksDB with the correct compile flags... It turns out that Canonical fixed this for their own builds as did Gentoo after seeing the note I wrote in do_cmake.sh over 6 years ago... With the issue understood, we built custom 17.2.7 packages with a fix in place. Compaction time dropped by around 3X and 4K random write performance doubled."

The story has a happy ending, with performance testing eventually showing data being read at 635 GiB/s — and a colleague daring them to attempt 1 TiB/s. They built a new testing configuration targeting 63 nodes — achieving 950GiB/s — then tried some more performance optimizations...

A resident in Virginia has urged the Federal Communications Commission to reconsider canceling $886 million in federal funding for SpaceX's Starlink system. But rival satellite company Viasat has gone out of its way to oppose the citizen-led petition.ÂPCMag: On Jan. 1, the FCC received a petition from the Virginia resident Greg Weisiger asking the commission to reconsider denying the $886 million to SpaceX. "Petitioner is at an absolute loss to understand the Commission's logic with these denials," wrote Weisiger, who lives in Midlothian, Virginia. "It is abundantly clear that Starlink has a robust, reliable, affordable service for rural and insular locations in all states and territories."

The petition arrived a few weeks after the FCC denied SpaceX's appeal to receive $886 million from the commission's Rural Digital Opportunity Fund, which is designed to subsidize 100Mbps to gigabit broadband across the US. SpaceX wanted to use the funds to expand Starlink access in rural areas. But the FCC ruled that "Starlink is not reasonably capable of offering the required high-speed, low latency service throughout the areas where it won auction support." Weisiger disagrees. In his petition, he writes that the FCC's decision will deprive him of federal support to bring high-speed internet to his home. "Thousands of other Virginia locations were similarly denied support," he added.

An anonymous reader quotes a report from Wired: Stablecoins, cryptocurrencies pegged to a stable value like the US dollar, were created with the promise of bringing the frictionless, border-crossing fluidity of Bitcoin to a form of digital money with far less volatility. That combination has proved to be wildly popular, rocketing the total value of stablecoin transactions since 2022 past even that of Bitcoin itself. It turns out, however, that as stablecoins have become popular among legitimate users over the past two years, they were even more popular among a different kind of user: those exploiting them for billions of dollars of international sanctions evasion and scams.

As part of itsannual crime report, cryptocurrency-tracing firm Chainalysis today released new numbers on the disproportionate use of stablecoins for both of those massive categories of illicit crypto transactions over the last year. By analyzing blockchains, Chainalysis determined that stablecoins were used in fully 70 percent of crypto scam transactions in 2023, 83 percent of crypto payments to sanctioned countries like Iran and Russia, and 84 percent of crypto payments to specifically sanctioned individuals and companies. Those numbers far outstrip stablecoins' growing overall use -- including for legitimate purposes -- which accounted for 59 percent of all cryptocurrency transaction volume in 2023.

In total, Chainalysis measured $40 billion in illicit stablecoin transactions in 2022 and 2023 combined. The largest single category of that stablecoin-enabled crime was sanctions evasion. In fact, across all cryptocurrencies, sanctions evasion accounted for more than half of the $24.2 billion in criminal transactions Chainalysis observed in 2023, with stablecoins representing the vast majority of those transactions. [...] Chainalysis concedes that the analysis in its report excludes some cryptocurrencies like Monero and Zcash that are designed to be harder or impossible to trace with blockchain analysis. It also says it based its numbers on the type of cryptocurrency sent directly to an illicit actor, which may leave out other currencies used in money laundering processes that repeatedly swap one type of cryptocurrency for another to make tracing more difficult. "Whether it's an individual located in Iran or a bad guy trying to launder money -- either way, there's a benefit to the stability of the US dollar that people are looking to obtain," says Andrew Fierman, Chainalysis' head of sanctions strategy. "If you're in a jurisdiction where you don't have access to the US dollar due to sanctions, stablecoins become an interesting play."

Fierman points to Nobitex, the largest cryptocurrency exchange operating in the sanctioned country of Iran, as well as Garantex, a notorious exchange based in Russia that has been specifically sanctioned for its widespread criminal use. According to Chainalysis, "Stablecoin usage on Nobitex outstrips bitcoin by a 9:1 ratio, and on Garantex by a 5:1 ratio," reports Wired. "That's a stark difference from the roughly 1:1 ratio between stablecoins and bitcoins on a few nonsanctioned mainstream exchanges that Chainalysis checked for comparison."

Microsoft today made Reading Coach, its AI-powered tool that provides learners with personalized reading practice, available at no cost to anyone with a Microsoft account. From a report: As of this morning, Reading Coach is accessible on the web in preview -- a Windows app is forthcoming. And soon (in late spring), Reading Coach will integrate with learning management systems such as Canva, Microsoft says. Reading Coach builds on Reading Progress, a plug-in for the education-focused version of Microsoft Teams, Teams for Education, designed to help teachers foster reading fluency in their students. Inspired by the success of Reading Progress (evidently), Microsoft launched Reading Coach in 2022 as a part of Teams for Education and Immersive Reader, the company's cross-platform assistive service for language and reading comprehension.

An anonymous reader quotes a report from Wired: As more companies ramp up development of artificial intelligence systems, they are increasingly turning to graphics processing unit (GPU) chips for the computing power they need to run large language models (LLMs) and to crunch data quickly at massive scale. Between video game processing and AI, demand for GPUs has never been higher, and chipmakers are rushing to bolster supply. In new findings released today, though, researchers are highlighting a vulnerability in multiple brands and models of mainstream GPUs -- including Apple, Qualcomm, and AMD chips -- that could allow an attacker to steal large quantities of data from a GPU's memory. The silicon industry has spent years refining the security of central processing units, or CPUs, so they don't leak data in memory even when they are built to optimize for speed. However, since GPUs were designed for raw graphics processing power, they haven't been architected to the same degree with data privacy as a priority. As generative AI and other machine learning applications expand the uses of these chips, though, researchers from New York -- based security firm Trail of Bits say that vulnerabilities in GPUs are an increasingly urgent concern. "There is a broader security concern about these GPUs not being as secure as they should be and leaking a significant amount of data," Heidy Khlaaf, Trail of Bits' engineering director for AI and machine learning assurance, tells WIRED. "We're looking at anywhere from 5 megabytes to 180 megabytes. In the CPU world, even a bit is too much to reveal."

To exploit the vulnerability, which the researchers call LeftoverLocals, attackers would need to already have established some amount of operating system access on a target's device. Modern computers and servers are specifically designed to silo data so multiple users can share the same processing resources without being able to access each others' data. But a LeftoverLocals attack breaks down these walls. Exploiting the vulnerability would allow a hacker to exfiltrate data they shouldn't be able to access from the local memory of vulnerable GPUs, exposing whatever data happens to be there for the taking, which could include queries and responses generated by LLMs as well as the weights driving the response. In their proof of concept, as seen in the GIF below, the researchers demonstrate an attack where a target -- shown on the left -- asks the open source LLM Llama.cpp to provide details about WIRED magazine. Within seconds, the attacker's device -- shown on the right -- collects the majority of the response provided by the LLM by carrying out a LeftoverLocals attack on vulnerable GPU memory. The attack program the researchers created uses less than 10 lines of code. [...] Though exploiting the vulnerability would require some amount of existing access to targets' devices, the potential implications are significant given that it is common for highly motivated attackers to carry out hacks by chaining multiple vulnerabilities together. Furthermore, establishing "initial access" to a device is already necessary for many common types of digital attacks. The researchers did not find evidence that Nvidia, Intel, or Arm GPUs contain the LeftoverLocals vulnerability, but Apple, Qualcomm, and AMD all confirmed to WIRED that they are impacted. Here's what each of the affected companies had to say about the vulnerability, as reported by Wired:

Apple: An Apple spokesperson acknowledged LeftoverLocals and noted that the company shipped fixes with its latest M3 and A17 processors, which it unveiled at the end of 2023. This means that the vulnerability is seemingly still present in millions of existing iPhones, iPads, and MacBooks that depend on previous generations of Apple silicon. On January 10, the Trail of Bits researchers retested the vulnerability on a number of Apple devices. They found that Apple's M2 MacBook Air was still vulnerable, but the iPad Air 3rd generation A12 appeared to have been patched.
Qualcomm: A Qualcomm spokesperson told WIRED that the company is "in the process" of providing security updates to its customers, adding, "We encourage end users to apply security updates as they become available from their device makers." The Trail of Bits researchers say Qualcomm confirmed it has released firmware patches for the vulnerability.
AMD: AMD released a security advisory on Wednesday detailing its plans to offer fixes for LeftoverLocals. The protections will be "optional mitigations" released in March.
Google: For its part, Google says in a statement that it "is aware of this vulnerability impacting AMD, Apple, and Qualcomm GPUs. Google has released fixes for ChromeOS devices with impacted AMD and Qualcomm GPUs."

AI tools already allow people to generate eerily convincing voice clones and deepfake videos. Soon, AI could also be used to mimic a person's handwriting style. Bloomberg: Researchers at Abu Dhabi's Mohamed bin Zayed University of Artificial Intelligence (MBZUAI) say they have developed technology that can imitate someone's handwriting based on just a few paragraphs of written material. To accomplish that, the researchers used a transformer model, a type of neural network designed to learn context and meaning in sequential data. The team at MBZUAI, which calls itself the world's first AI university, has been granted a patent by the US Patent and Trademark Office for the artificial intelligence system.

The researchers have not yet released the feature, but it represents a step forward in an area that has drawn interest from academics for years. There have been apps and even robots that can generate handwriting, but recent advances in AI have accelerated character recognition techniques dramatically. As with other AI tools, however, it's unclear if the benefits will outweigh the harms. The technology could help the injured to write without picking up a pen, but it also risks opening the door to mass forgeries and misuse. The tool will need to be deployed thoughtfully, two of the researchers said in an interview.

Ken Fritz turned his home into an audiophile's dream -- the world's greatest hi-fi. What would it mean in the end? From a report: Ken Fritz was years into his quest to build the world's greatest stereo when he realized it would take more than just gear. It would take more than the Krell amplifiers and the Ampex reel-to-reel. More than the trio of 10-foot speakers he envisioned crafting by hand. And it would take more than what would come to be the crown jewel of his entire system: the $50,000 custom record player, his "Frankentable," nestled in a 1,500-pound base designed to thwart any needle-jarring vibrations and equipped with three different tone arms, each calibrated to coax a different sound from the same slab of vinyl. "If I play jazz, maybe that cartridge might bloom a little more than the other two," Fritz explained to me. "On classical, maybe this one."

No, building the world's greatest stereo would mean transforming the very space that surrounded it -- and the lives of the people who dwelt there. The faded photos tell the story of how the Fritz family helped him turn the living room of their modest split-level ranch on Hybla Road in Richmond's North Chesterfield neighborhood into something of a concert hall -- an environment precisely engineered for the one-of-a-kind acoustic majesty he craved. In one snapshot, his three daughters hold up new siding for their expanding home. In another, his two boys pose next to the massive speaker shells. There's the man of the house himself, a compact guy with slicked-back hair and a thin goatee, on the floor making adjustments to the system. He later estimated he spent $1 million on his mission, a number that did not begin to reflect the wear and tear on the household, the hidden costs of his children's unpaid labor.

Japanese startup EX-Fusion plans to eliminate small pieces of space junk with laser beams fired from the ground. Nikkei Asia reports: EX-Fusion stands apart in that it is taking the ground-based approach, with the startup tapping its arsenal of laser technology originally developed in pursuit of fusion power. In October, EX-Fusion signed a memorandum of understanding with EOS Space Systems, an Australian contractor that possesses technology used to detect space debris. EX-Fusion plans to place a high-powered laser inside an observatory operated by EOS Space outside of Canberra. The first phase will be to set up laser technology to track debris measuring less than 10 cm. Pieces of this size have typically been difficult to target from the ground using lasers.

For the second phase, EX-Fusion and EOS Space will attempt to remove the space debris by boosting the power of the laser beams fired from the surface. The idea is to fire the laser intermittently against the debris from the opposing direction of its travel in order to slow it down. With a decreased orbiting speed, the debris will enter the Earth's atmosphere to burn up. High-powered lasers are often associated with weapons that blast objects into smithereens. Indeed, the EOS Space group supplies laser weapon systems used to destroy drones. But lasers designed to remove space debris are completely different from weapon-grade lasers, EOS Space's executive vice president James Bennett said during a visit to Japan in November.

Current laser weaponry often uses fiber lasers, which are capable of cutting and welding metal and can destroy targets like drones through heat created from continuous firing. Capturing and removing space junk instead involves diode-pumped solid-state (DPSS) lasers, which are pulsed to apply force to fast moving debris, stopping it like a brake. EX-Fusion's signature laser fusion process also involves DPSS lasers, which strike the surface of a hydrogen fuel pellet just millimeters in diameter, compressing it to trigger a fusion reaction. This makes space debris removal a useful test along the path to commercializing the fusion technology.

jd (Slashdot reader #1,658) shared this story from BleepingComputer. The article notes that "Multiple implementations of the Kyber key encapsulation mechanism for quantum-safe encryption, are vulnerable to a set of flaws collectively referred to as KyberSlash, which could allow the recovery of secret keys."

jd explains that Crystals-Kyber "was chosen to be the U.S. government's post-quantum cryptography system of choice last year, but a side-channel attack has been identified. But in the article, NIST says that this is an implementation-specific attack (the reference implementation) and not a vulnerability in Kyber itself."

From the article: CRYSTALS-Kyber is the official implementation of the Kyber key encapsulation mechanism (KEM) for quantum-safe algorithm (QSA) and part of the CRYSTALS (Cryptographic Suite for Algebraic Lattices) suite of algorithms. It is designed for general encryption... The KyberSlash flaws are timing-based attacks arising from how Kyber performs certain division operations in the decapsulation process, allowing attackers to analyze the execution time and derive secrets that could compromise the encryption. If a service implementing Kyber allows multiple operation requests towards the same key pair, an attacker can measure timing differences and gradually compute the secret key...

In a KyberSlash1 demo on a Raspberry Pi system, the researchers recovered Kyber's secret key from decryption timings in two out of three attempts...

On December 30, KyberSlash2 was patched following its discovery and responsible reporting by Prasanna Ravi, a researcher at the Nanyang Technological University in Singapore, and Matthias Kannwischer, who works at the Quantum Safe Migration Center.

"For months, bits of an asteroid collected by a U.S. probe during a billion-mile trek were out of reach to scientists," reports Space.com, "locked inside a return capsule in a NASA facility with two stuck fasteners preventing access to the rocky space treasure.

"This week, NASA won its battle against those fasteners."

More details from CNN: The space agency already harvested about 2.5 ounces (70 grams) of rocks and dust from its OSIRIS-REx mission, which traveled nearly 4 billion miles to collect the unprecedented sample from the near-Earth asteroid called Bennu. But NASA revealed in October that some material remained out of reach in a capsule hidden inside an instrument called the Touch-and-Go Sample Acquisition Mechanism — a robotic arm with a storage container at one end that collected the sample from Bennu. The sampler head is held shut by 35 fasteners, according to NASA, but two of them proved too difficult to open.

Prying the mechanism loose is no simple task. The space agency must use preapproved materials and tools around the capsule to minimize the risk of damaging or contaminating the samples. These "new tools also needed to function within the tightly-confined space of the glovebox, limiting their height, weight, and potential arc movement," said Dr. Nicole Lunning, OSIRIS-REx curation lead at NASA's Johnson Space Center in Houston, in a statement. "The curation team showed impressive resilience and did incredible work to get these stubborn fasteners off the TAGSAM head so we can continue disassembly. We are overjoyed with the success."
To address the issue, NASA said they designed and fabricated two new, multi-part tools out of surgical steel. NASA says that a "few additional disassembly steps" still remain, but there's a video on their web site showing the operation (along with some pictures).

NASA adds that "Later this spring, the curation team will release a catalog of the OSIRIS-REx samples, which will be available to the global scientific community." But CNN notes that an analysis of material from last fall "already revealed the samples from the asteroid contained abundant water in the form of hydrated clay minerals as well as carbon," CNN reports. And they add that scientists believe this bolsters the theory that water arrived on Earth billions of years ago on an asteroid...

At CES 2024 this week, Micron demonstrated its next-gen LPCAMM2 memory modules based on LPDDR5X memory. Not only are they smaller and more powerful than traditional SODIMMs, they can be "serviced during the manufacturing process and upgraded by the user," says Micron. Tom's Hardware reports: Micron's LPCAMM2 are industry-standard memory modules that will be available in 16 GB, 32 GB, and 64 GB capacities as well as with speed bins of up to a 9600 MT/s data transfer rate. These modules are designed to replace conventional SODIMMs as well as soldered-down LPDDR5X memory subsystem while offering the best of both worlds: flexibility, repairability, and upgradeability of modular memory solutions as well as high performance and low power consumption of mobile DRAM. Indeed, a Micron LPCAMM2 module is smaller than a traditional SODIMM despite the fact that it has a 128-bit memory interface and up to 64 GB of LPDDR5X memory onboard. Needless to say, the module is massively smaller than two SODIMM memory sticks that offer a 128-bit memory interface both in terms of height and in terms of physical footprint.

PC and microchip companies struggling to get consumers to replace pandemic-era laptops offered a new feature to crowds this week at CES: AI. From a report: PC and chipmakers including AMD and Intel are betting that the so-called "neural processing units" now found in the latest chip designs will encourage consumers to once again pay for higher-end laptops. Adding additional AI capabilities could help take market share from Apple. "The conversations I'm having with customers are about 'how do I get my PC ready for what I think is coming in AI and going to be able to deliver,'" said Sam Burd, Dell Technologies' president of its PC business. Chipmakers built the NPU blocks because they can achieve a high level of performance for AI functions with relatively modest power needs. Today there are few applications that might take full advantage of the new capabilities, but more are coming, said David McAfee, corporate vice president and general manager of the client channel business at AMD.

Among the few applications that can take advantage of such chips is the creative suite of software produced by Adobe. Intel hosted an "open house" where a handful of PC vendors showed off their latest laptops with demos designed to put the new capabilities on display. Machines from the likes of Dell and Lenovo were arrayed inside one of the cavernous ballrooms at the Venetian Convention Center on Las Vegas Boulevard.

SonicSpike shares a report from Forbes: X, the social media site formerly known as Twitter, announced it would begin rolling out a peer-to-peer payment service similar to Venmo or PayPal this year -- a feature the social media site's billionaire owner Elon Musk has long pushed as part of his plan to develop an "everything app." X officially announced the new feature in a blog post, touting the new service designed to enhance "user utility and new opportunities for commerce." The company did not give a timeframe on when the new service would be available, but Musk previously told Ark Invest CEO Cathie Wood it could launch as early as "mid-2024."

According to the company, the new payment service will "showcas[e] the power of living more of your life in one place," as owner Elon Musk continues to promote X as a future "everything app" capable of handling social media, video and other original content on the same site. X Payments has registered to do business in at least 32 states, according to public records, and has acquired a money transmitter license needed to process payments in 10, TechCrunch reported in December.

An anonymous reader quotes a report from TechCrunch: Polestar CEO Thomas Ingenlath couldn't be happier with the integration of Google built-in, the branded product that embeds Google apps and services directly into the company's EVs. But don't expect the EV maker to drop Android Auto or Apple CarPlay as a result. On the sidelines of CES 2024, Ingenlath committed to sticking with Android Auto and Apple CarPlay, the middleware that allows drivers to project their smartphone onto the car's infotainment display. He went a step further and questioned automakers that have. GM, for instance, decided not to make the new 2024 Chevy Blazer EV compatible with Android Auto or Apple CarPlay.

"It's still too important for our customers to have the choice," Ingenlath said during an interview at CES 2024. He later added that, in his view, removing the option isn't the right way of treating customers. "Our priority is very clear; We have a really fantastic system together with Google," he said. While Ingenlath admitted that adding that Google Built-in provides the best experience, he asked "why would we try to dogmatically educate our customers?" Polestar has been a champion of Google built-in. However, it's willingness to keep Android Auto and Apple CarPlay is notable because it illustrates the complexity of appeasing customers even if it might overshadow the native technology in the vehicle. "Ingenlath seems convinced that as Google built-in improves and continues to add apps and services, consumers will give up Android Auto or Apple CarPlay on there own," adds TechCrunch. "And the updates do keep coming."

"At CES 2024, for instance, Polestar announced that the Chrome browser would start rolling out to Polestar 2 in beta, allowing drivers to surf the internet via the central vehicle display while parked. Ingenlath hinted of more improvements in the future, including more precise navigation in Google Maps that drills down to the specific lane as well as customized features designed for Polestar customers."