An anonymous reader quotes a report from The New York Times: The European Union unveiled strict regulations on Wednesday to govern the use of artificial intelligence, a first-of-its-kind policy that outlines how companies and governments can use a technology seen as one of the most significant, but ethically fraught, scientific breakthroughs in recent memory. The draft rules would set limits around the use of artificial intelligence in a range of activities, from self-driving cars to hiring decisions, bank lending, school enrollment selections and the scoring of exams. It would also cover the use of artificial intelligence by law enforcement and court systems -- areas considered "high risk" because they could threaten people's safety or fundamental rights.

Some uses would be banned altogether, including live facial recognition in public spaces, though there would be several exemptions for national security and other purposes. The108-page policy is an attempt to regulate an emerging technology before it becomes mainstream. The rules have far-reaching implications for major technology companies that have poured resources into developing artificial intelligence, including Amazon, Google, Facebook and Microsoft, but also scores of other companies that use the software to develop medicine, underwrite insurance policies and judge credit worthiness. Governments have used versions of the technology in criminal justice and the allocation of public services like income support. Companies that violate the new regulations, which could take several years to move through the European Union policymaking process, could face fines of up to 6 percent of global sales.

The European Union regulations would require companies providing artificial intelligence in high-risk areas to provide regulators with proof of its safety, including risk assessments and documentation explaining how the technology is making decisions. The companies must also guarantee human oversight in how the systems are created and used. Some applications, like chatbots that provide humanlike conversation in customer service situations, and software that creates hard-to-detect manipulated images like "deepfakes," would have to make clear to users that what they were seeing was computer generated. [...] Release of the draft law by the European Commission, the bloc's executive body, drew a mixed reaction. Many industry groups expressed relief that the regulations were not more stringent, while civil society groups said they should have gone further.

An anonymous reader quotes a report from Ars Technica: Extreme weather has become the new normal -- whether it's precipitation, drought, wind, heat, or cold. The question of how the ever-shrinking layer of Arctic sea ice has contributed to any of these changes has prompted some lively discussion over the past few years. Researchers have proposed that a weakened jet stream driven by vanishing Arctic sea ice might play a large role in extreme winter events like the descending polar vortex that struck North America earlier this year. But the idea hasn't held up well in light of more recent evidence.

But now, researchers have identified a direct link between extreme winter weather and sea ice loss. The 2018 "Beast of the East" winter storm hit Europe with record-breaking snowfall and low temperatures. And potentially as much as 88 percent of that snowfall originated from increased evaporation of the Barents Sea.

The working hypothesis is that Arctic sea ice acts as a cap for Arctic waters, limiting evaporation. Less sea ice and warmer Arctic temperatures mean more evaporation, potentially explaining the increased severity of winter storms like the Beast of the East. Until now, it's been tough to measure direct evidence linking sea ice loss to extreme European winters, but recent advances in technology are making this a little less challenging.

An anonymous reader quotes a report from TechCrunch: Facebook's lead data supervisor in the European Union has opened an investigation into whether the tech giant violated data protection rules vis-a-vis the leak of data reported earlier this month. Here's the Irish Data Protection Commission's statement:

"The Data Protection Commission (DPC) today launched an own-volition inquiry pursuant to section 110 of the Data Protection Act 2018 in relation to multiple international media reports, which highlighted that a collated dataset of Facebook user personal data had been made available on the internet. This dataset was reported to contain personal data relating to approximately 533 million Facebook users worldwide. The DPC engaged with Facebook Ireland in relation to this reported issue, raising queries in relation to GDPR compliance to which Facebook Ireland furnished a number of responses.

The DPC, having considered the information provided by Facebook Ireland regarding this matter to date, is of the opinion that one or more provisions of the GDPR and/or the Data Protection Act 2018 may have been, and/or are being, infringed in relation to Facebook Users' personal data. Accordingly, the Commission considers it appropriate to determine whether Facebook Ireland has complied with its obligations, as data controller, in connection with the processing of personal data of its users by means of the Facebook Search, Facebook Messenger Contact Importer and Instagram Contact Importer features of its service, or whether any provision(s) of the GDPR and/or the Data Protection Act 2018 have been, and/or are being, infringed by Facebook in this respect." "We are cooperating fully with the IDPC in its enquiry, which relates to features that make it easier for people to find and connect with friends on our services," Facebook said in a statement. "These features are common to many apps and we look forward to explaining them and the protections we have put in place."

HealthITSecurity writes: The patient data from multiple providers appears to have been captured and subsequently leaked on the data repository GitHub Arctic Code Vault by third-party vendor MedData, according to a new collaborative report from security researcher Jelle Ursem and Dissent Doe of DataBreaches.net.

Through his research, Ursem detected troves of protected health information tied to a single developer... The databases were taken down on December 17. MedData recently released a notice that detailed the massive patient data breach, which involved information provided to the vendor for processing services... Officials discovered that an employee had saved files to personal folders created on the GitHub repository between December 2018 and September 2019, during their employment...

The impacted data included patient names combined with one or more data elements, such as subscriber ID,Social Security numbers, diagnoses, conditions, claims data, dates of services, medical procedure codes, insurance policy numbers, provider names, contact details, and dates of birth. All affected patients will receive free credit monitoring and identity protection services... This is the second report from Ursem and Dissent on GitHub repositories leaking patient data in the last six months. In August, they reported that at least nine GitHub repositories leveraging improper access controls leaked data from more than 150,000 to 200,000 patients. The data belonged to multiple providers.

The incidents highlight the importance of vendor management and the need to ensure security policies are aligned. Previous reports have shown about one-third of healthcare databases stored in the cloud, or even locally, are actively leaking data online. What's worse, misconfigured databases can be hacked in about eight hours.
DataBreaches.net wonders what happened after Med-Data reached out to GitHub about the vault's logs and removal of the code. Did GitHub provide the logs? If so, what did they show? Is anyone's Protected Health Information in GitHub's Arctic Code Vault? And if so, what happens? Will GitHub remove it...? Or will code just be left there for researchers to explore in 1,000 years so they can wade through the personal and protected health information or other sensitive information of people who trusted others to protect their privacy?

In November, 2020, Ursem posed the question to GitHub on Twitter. They never replied.

Both monsters have grown in size over the years, and they reach new heights in Godzilla vs. Kong. But could they ever exist in real life? From a report: The last time the pair squared off, in the 1962 Japanese stop-motion release King Kong vs. Godzilla, Kong was 148 feet tall, compared to just 25ft tall in Peter Jackson's 2005 film King Kong, according to online estimates. In 2017's Kong: Skull Island, the great primate was around 104ft; almost four times smaller than the current iteration of Godzilla, who clocks in at 393ft. While the skeletons of Kong's parents in Skull Island suggest 100ft is roughly their species' genetic limit, the producers of the series have retconned the franchise by explaining that Kong is an adolescent in that film, leaving room for him to grow into a worthy opponent for Godzilla some 40 years down the movie timeline. Scaling up Kong to match Godzilla makes sense. It would be a short film if Godzilla stomped the big ape to death in the opening minutes. But how does that explain Godzilla's own growth spurt from 328ft in 2014 to 393ft today? And, crucially, is any of this based in science?

There are some things the films get right. James Rosindell from the faculty of natural sciences at Imperial College London points to a theory called 'Cope's Rule' which holds that evolution will increase a species body size over time. "[Being larger] gives competitive advantages and is often naturally selected for," he explains. However, larger creatures need more food and typically reproduce at a slower rate, meaning few individuals can be supported by any one ecosystem. So Kong and Godzilla being the last of their species -- and Kong slowly maturing over 40 years -- fits the science. But that's about the only thing that holds together. It turns out that Godzilla and Kong's biggest foe may not be each other, but physics. Specifically, the laws of gravity and biomechanics. The largest animal alive today, the blue whale, is found in our oceans. "The size limit of aquatic animals is closely tied to the ability to eat enough food to sustain their chonky bodies," explains David Labonte, a researcher in the department of bioengineering, also at Imperial College. Labonte has a specific interest in the interaction between physical laws and body size. For example, why there are no climbing animals heavier than geckos that can cling upside down to smooth surfaces? When it comes to the blue whale, Labonte explains that their large mouths and a technique known as 'lunge feeding' enables them to obtain enough food to sustain their bodies. This has allowed some blue whales to grow up to 180 tonnes (Kong was around 158 tonnes in his last film). An aquatic environment bestows other advantages, namely, buoyancy. Having its weight suspended in water is one of the key reasons why the blue whale is able to grow so large. It's also the reason that when whales beach, the most common cause of death is internal damage from the weight of their own bodies. Gravity, then, is a problem our terrestrial animals are yet to overcome. It's the reason our largest land animal, the African elephant tips the scales at a relatively puny six tonnes.

Parler confirmed Saturday that it had referred dozens of violent posts to America's Federal Bureau of Investigation, reports Newsweek. But even after a blog post explaining its reasons, "some of the platform's users were less than impressed." Parler, which faced significant backlash in the wake of the January 6 attack on the U.S. Capitol by former President Donald Trump's supporters, referred violent content to the FBI at least 50 times prior to the pro-Trump riot, The Wall Street Journal reported on Thursday. The social media site shared a link to the article, drawing backlash from some members of the online platform. Parler has built its platform by positioning itself as being opposed to censorship and staunchly in favor of free speech.

"In reaction to yesterday's news stories, some users have raised questions about the practice of referring violent or inciting content to law enforcement. The First Amendment does not protect violence inciting speech, nor the planning of violent acts. Such content violates Parler's TOS. Any violent content shared with law enforcement was posted publicly and brought to our attention primarily via user reporting. And, as it is posted publicly, it can properly be referred to law enforcement by anyone. Parler remains steadfast in protecting your right to free speech," Parler posted on Saturday in response to criticism.

But some users of the site were still unhappy with Parler's decision.

"I don't like snitches," user MelodySuarez wrote in response to the explanation.
Users "vented their fury at the site's apparent willingness to report its users despite its pitch of protecting free speech," Newsweek reported in an earlier article.

"Parler is a fraud," one user had complained.

An anonymous reader quotes a report from The Register: In a ruling issued on Thursday, the US National Labor Relations Board (NLRB) concluded that Tesla violated federal labor law in its efforts to discourage workers from unionizing. It directed the company to cease various anti-union actions and policies like claiming workers would lose benefits if they vote for union representation. The NLRB found that Tesla violated labor law by coercively interrogating employees, threatening them with the loss of stock options if they supported unionization, and enacting unlawful policies like a confidentiality agreement that banned speaking to the press.

The ruling directs the vehicle maker to offer to rehire plaintiff and former employee Richard Ortiz and pay him lost wages, and to strike unlawful disciplinary information from the record of both Ortiz and another employee, Jose Moran. It further requires Tesla to rescind portions of its 2016 confidentiality agreement that disallow lawful union-related activity under Sections 7 and 8 of the National Labor Relations Act, which the NLRB acknowledged "protects employees when they speak with the media about working conditions, labor disputes, or other terms and conditions of employment." The decision also directs self-styled "Technoking" Musk to delete a May 20, 2018, tweet because it implies workers must give up their stock options if they unionize. Finally, the NLRB is requiring Tesla to post a notice at its Fremont, Calif., facility explaining that workers have the right to organize under the law and stating that the company will not enact rules that interfere with protected union activity.

A new filing with the U.S. Securities and Exchange Commission indicates that asset management giant Fidelity is seeking to create a bitcoin exchange-traded fund (ETF). The Block reports: The Wise Origin Bitcoin ETF is the latest entrant in a growing race to launch a bitcoin exchange-traded product in the United States. According to the filing, a firm called FD Funds Management LLC is the sponsor of the fund, with Fidelity Service Company, Inc. serving as administrator. Per the document, FD Funds Management LLC shares the same Boston, MA address as Fidelity's headquarters. Fidelity Digital Assets, the asset manager's crypto-focused arm, will serve as custodian. The ETF, if approved, will also employ Fidelity's in-house bitcoin price index, per the filing.

"The Trust's investment objective is to seek to track the performance of bitcoin, as measured by the performance of the Fidelity Bitcoin Index PR (the "Index"), adjusted for the Trust's expenses and other liabilities," the filing notes, explaining elsewhere: "The Trust provides direct exposure to bitcoin, and the Shares of the Trust are valued on a daily basis using the same methodology used to calculate the Index. The Trust provides investors with the opportunity to access the market for bitcoin through a traditional brokerage account without the potential barriers to entry or risks involved with holding or transferring bitcoin directly, acquiring it from a bitcoin spot market, or mining it."

On Fortune's Leadership Next podcast yesterday, Visa CEO Alfred Kelly said that the payment processing behemoth is willing to facilitate not only bitcoin purchases, but also spending functionalities. "We're trying to do two things," said Kelly. "One is to enable the purchase of Bitcoin on Visa credentials. And secondly, working with Bitcoin wallets to allow the Bitcoin to be translated into a fiat currency and therefore immediately be able to be used at any of the 70 million places around the world where Visa is accepted." BTC Times reports: According to Kelly, Visa is working hard to earn its role as an intermediary in financial transactions even after Bitcoin sees mainstream adoption. Other than Bitcoin, the payment processor also plans to allow for the use of stablecoins. He admitted that the company recognizes "a strong potential for those to become a new payment vehicle." Kelly said Visa is collaborating with about 35 partners involved with stablecoins, explaining that "these are currencies that are fiat-backed, but we're allowing this translation, if you will, into a fiat currency and in a wallet where there's a Visa card and again that Visa card can be used with the translated digital currency over to the fiat currency to purchase at any one of our 70 million locations."

This is seemingly referring to Visa's partnership with Circle, the firm behind the USDC stablecoin. According to a report released by Forbes at the end of 2020, the payment processing giant partnered with Circle to integrate USDC into its infrastructure and allow credit card issuers to use USD Coin on their platforms and send and receive USDC payments. Visa's head of crypto Cuy Sheffield said at the time: "We continue to think of Visa as a network of networks. [...] Blockchain networks and stablecoins, like USDC, are just additional networks. So we think that there's a significant value that Visa can provide to our clients, enabling them to access them and enabling them to spend at our merchants."

Oceans' worth of water may remain buried in the crust of Mars, and not lost to space as previously long thought, a new study finds. Space.com reports: Data from NASA's MAVEN (Mars Atmosphere and Volatile EvolutioN) mission and the European Space Agency's Mars Express orbiter revealed that at the rate water disappears from the Red Planet's atmosphere, Mars would have lost a global ocean of water only about 10 to 82 feet (3 to 25 m) deep over the course of 4.5 billion years. Now scientists find that much of the water Mars once had may remain hidden in the crust of the Red Planet, locked away in the crystal structures of rocks beneath the Martian surface. They detailed their findings online March 16 in the journal Science and at the Lunar Planetary Science Conference.

In the new study, the scientists found chemical reactions may have led between 30% to 99% of the water that Mars initially had to get locked into minerals and buried in the planet's crust. Any remaining water was then lost to space, explaining the hydrogen-to-deuterium ratios seen on Mars. All in all, the researchers suggested Mars lost 40% to 95% of its water during its Noachian period about 4.1 billion to 3.7 billion years ago. Their model suggested the amount of water on the Red Planet reached its current levels by about 3 billion years ago.

Microsoft has once again reiterated that VR support for Xbox was not a focus for the company, following reports earlier today that hinted it was working on a VR headset compatible with the Xbox Series X/S. The Verge reports: The rumor first surfaced after IGN Italy reported that some Italian Xbox users received messages, which translated to "[a]n update for the VR headset is available" and "[u]pdate VR headset," when connecting the recently released Xbox Wireless Headset to their Xbox Series X or Series S consoles. A Microsoft representative told The Verge that "the copy in this error message is inaccurate due to a localization bug," while again reiterating that "VR for console is not a focus for us at this time."

Microsoft has yet to explore the VR space for its Xbox consoles. In 2018, the company pulled back on plans to support virtual reality headsets for Xbox in 2018, explaining that it wanted to focus "primarily on experiences you would play on your TV." In late 2019, Xbox boss Phil Spencer tweeted out that although he played "some great VR games" such as Half-Life: Alyx, console VR was not Xbox's focus ahead of the Xbox Series X / S release.

RoccamOccam writes: The developers at Discord have seen success with Rust on their video encoding pipeline for Go Live and on their Elixir NIFs' server. Recently, they penned a post explaining how they have drastically improved the performance of a service by switching its implementation from Go to Rust.

From the post, "Remarkably, we had only put very basic thought into optimization as the Rust version was written. Even with just basic optimization, Rust was able to outperform the hyper hand-tuned Go version. This is a huge testament to how easy it is to write efficient programs with Rust compared to the deep dive we had to do with Go."

Peter Daszak is part of the World Health Organization's 14-member team investigating the origins of the coronavirus. This weekend on Twitter he described "explaining key findings of our exhausting month-long work in China" to journalists — only to see team members "selectively misquoted to fit a narrative that was prescribed before the work began."

Daszak was responding to a New York Times article which painted China as uncooperative for failing to hand over some raw data. But ironically, the next day the Times published a longer interview they'd done with Daszak, which acknowledges that Daszak "said that the visit had provided some new clues..."

The Times had even specifically asked him if China's attitude made their work difficult, to which Daszak had explicitly answered: no. "You've got a task to do. You've volunteered. You know what it's going to be like. You get caught up in the historical importance. I don't know if we were the first foreigners to walk around the Huanan seafood market, which is blocked off even to Chinese citizens. The only people that have been in there have been the Chinese disease investigators. We met with the doctors that treated the first known Covid patients."
The Times also asked if they'd learned anything they didn't know before. Daszak's response: From Day 1, the data we were seeing were new that had never been seen outside China. Who were the vendors in the Huanan seafood market? Where did they get their supply chains? And what were the contacts of the first cases? How real were the first cases? What other clusters were there? When you asked for more, the Chinese scientists would go off, and a couple of days later, they've done the analysis, and we've got new information. It was extremely useful.
The team also learned how extensively China's disease-control center had investigated the Wuhan market: They'd actually done over 900 swabs in the end, a huge amount of work. They had been through the sewage system. They'd been into the air ventilation shaft to look for bats. They'd caught animals around the market. They'd caught cats, stray cats, rats, they even caught one weasel. They'd sampled snakes. People had live snakes at the market, live turtles, live frogs. Rabbits were there, rabbit carcasses... Animals were coming into that market that could have carried the coronavirus. They could have been infected by bats somewhere else in China and brought it in. So that's clue No. 1... Some of these are coming from places where we know the nearest relatives of the virus are found. So there's the real red flag...

There were other markets. And we do know that some of the patients had links to other markets. We need to do some further work, and then the Chinese colleagues need to do some further work...

What is the next step?

For the animals chain, it's straightforward. The suppliers are known. They know the farm name; they know the owner of the farm. You've got to go down to the farm and interview the farmer and the family. You've got to test them. You've got to test the community. You've got to go and look and see if there are any animals left at any farms nearby and see if they've got evidence of infection, and see if there is any cross-border movement.
The Times' interview begins by specifically acknowledging Daszak's statement about new information obtained on the visit, "which all of the scientists, Chinese and international, agreed most likely pointed to an animal origin within China or Southeast Asia.

"The scientists have largely discounted claims that the virus originated in a lab, saying that possibility was so unlikely that it was not worth further investigation."

Friday the New York Times (following up on reports from the Wall Street Journal) wrote that China had "refused to hand over" important raw data to a 14-member World Health Organization team investigating the origins of the coronavirus, reporting that "their Chinese counterparts were frustrated by the team's persistent questioning and demands for data."

But Saturday two of those 14 team members disputed that characterization, posting on Twitter that "This was NOT my experience" — even though the Times had quoted both of them to support its article.

First Peter Daszak, president of the U.S. national science academy's microbial threats forum, weighed in. "As lead of animal/environment working group I found trust and openness with my China counterparts. We DID get access to critical new data throughout. We DID increase our understanding of likely spillover pathways. New data included env. & animal carcass testing, names of suppliers to Huanan Market, analyses of excess mortality in Hubei, range of covid-like symptoms for months prior, sequence data linked to early cases & site visits w/ unvetted live Q&A etc. All in report coming soon!"

Then Thea Kølsen Fischer, a Danish epidemiologist on the team, tweeted that the Times hadn't accurately described her experience either. "We DID build up a good relationship in the Chinese/Int Epi-team! Allowing for heated arguments reflects a deep level of engagement in the room. Our quotes are intendedly twisted casting shadows over important scientific work."

Daszak reappeared to respond to her tweet, writing "Hear! Hear! It's disappointing to spend time with journalists explaining key findings of our exhausting month-long work in China, to see our colleagues selectively misquoted to fit a narrative that was prescribed before the work began. Shame on you @nytimes!"

Ironically, the next day the Times published a longer interview they'd done with Daszak, which acknowledges that Daszak "said that the visit had provided some new clues..."

The Times had even specifically asked him if China's attitude made their work difficult, to which Daszak explicitly had answered: no.

All the content at TheDonald.win has now been replaced with a single post, explaining that the mod team had been struggling to deal with a flood of content from "a small group of extremists."

The Washington Post tells the story of the 41-year-old Army veteran who owned the domain — and ended up hosting the entire community that had been banned from Reddit's TheDonald forum.

"You might be happy being some ethno-nationalist, but I'm not," said Williams, recalling his exchanges with a handful of particularly hardcore moderators. "I don't want anything to do with this...."

Williams finally took decisive action on Jan. 21, two weeks after the Capitol assault, after waking to news that a group of other moderators had started their own site and used it to attack him. Soon, Williams used his power as the Web address owner to knock TheDonald offline. Then he defended himself publicly against his former compatriots, who had criticized him as a "rogue" and a selfish coward. Williams, who lives in Texas and has three young children, also endured death threats, online harassment and FBI questioning, he said...

The November election, followed by Trump's baseless claims of widespread electoral fraud, further intensified the viciousness on TheDonald. Williams said he'd become increasingly aware of what he believed were intentional efforts by nefarious actors to push the site's boundaries...

[E]ven as a Trump loyalist, scenes of Trump's supporters — some of whom almost certainly met and organized themselves on TheDonald — overrunning the Capitol depressed Williams, he said. The site soon featured in critical news reports, criminal investigations and articles of impeachment for Trump. The domain registrar, Epik, warned that the site would get kicked offline after a flood of complaints about hateful, threatening content. Incoming queries from the FBI, Epik and journalists writing about TheDonald's role in the Capitol attack inundated Williams, for whom moderating the site already had become something of a full-time job. Williams also knew that members of TheDonald community had indeed used the site to instigate the assault. "People definitely used the site to communicate and coordinate," he said, echoing the conclusions of independent researchers...

He now is spending his time caring for family and trying to get a new site, America.win, up and running. Unlike TheDonald, it will not offer unfettered discussion. It will be, he said, more of an aggregator of what Williams considers important content about free markets, individual liberty and other "common patriotic causes."

He has a parting message for those who might still be caught up in the roiling forums of the sort he once joined, then moderated, then killed off: Things often are not as they seem. QAnon is not real. What may look online like a magical, mystical voice of secret wisdom may just be a guy hiding behind the Internet's veil, trying to keep it all going, hoping it doesn't spin out of control.

Legendary programmer Jamie Zawinski has worked on everything from the earliest releases of the Netscape Navigator browser to XEmacs, Mozilla, and, of course, the XScreenSaver project.

Now Slashdot reader e432776 writes: JWZ continues to track issues with screensavers on Linux (since 2004!), and discusses a new bug in cinnamon-screensaver. Long-standing topics like X11, developer interaction, and code licensing all feature. Solutions to these long-standing issues remain elusive.
Jamie titled his blog post "I told you so, 2021 edition": You will recall that in 2004 , which is now seventeen years ago, I wrote a document explaining why I made the design trade-offs that I did in XScreenSaver, and in that document I predicted this exact bug as my example of, "this is what will happen if you don't do it this way."

And they went and made that happen.

Repeatedly.

Every time this bug is re-introduced, someone pipes up and says something like, "So what, it was a bug, they've fixed it." That's really missing the point. The point is not that such a bug existed, but that such a bug was even possible. The real bug here is that the design of the system even permits this class of bug. It is unconscionable that someone designing a critical piece of security infrastructure would design the system in such a way that it does not fail safe .

Especially when I have given them nearly 30 years of prior art demonstrating how to do it right, and a two-decades-old document clearly explaining What Not To Do that coincidentally used this very bug as its illustrative strawman!

These bugs are a shameful embarrassment of design -- as opposed to merely bad code...
ZDNet reports that Linux Mint has issued a patch for Cinnamon that fixes the screensaver bug. But HotHardware notes that it was discovered when "one Dad let the kids play with the keyboard. This button-mashing actually crashed the machine's screensaver by sheer luck, allowing them onto the desktop, ultimately leading to the discovery of a high priority security vulnerability for the Linux Mint team."

But that's not the only thing bothering Jamie Zawinski: Just to add insult to injury, it has recently come to my attention that not only are Gnome-screensaver, Mint-screensaver and Cinnamon-screensaver buggy and insecure dumpster fires, but they are also in violation of my license and infringing my copyright.

XScreenSaver was released under the BSD license, one of the oldest and most permissive of the free software licenses. It turns out, the Gnome-screensaver authors copied large parts of XScreenSaver into their program, removed the BSD license and slapped a GPL license on my code instead -- and also removed my name. Rude...

Mint-screensaver and Cinnamon-screensaver, being forks and descendants of Gnome-screensaver, have inherited this license violation and continue to perpetuate it. Every Linux distro is shipping this copyright- and license-infringing code.

I eagerly await hearing how they're going to make this right.

chicksdaddy shares a report from The Security Ledger: Independent security researchers testing the security of the United Nations were able to compromise public-facing servers and a cloud-based GitHub development account used by the U.N. and lift data on more than 100,000 staff and employees, according to a report by The Security Ledger. Researchers affiliated with Sakura Samurai, a newly formed collective of independent security experts, exploited an exposed GitHub repository belonging to the International Labour Organization and the U.N.'s Environment Programme (UNEP) to obtain "multiple sets of database and application credentials" for UNEP applications, according to a blog post by one of the Sakura Samurai researchers, John Jackson, explaining the group's work.

Specifically, the group was able to obtain access to database backups for private UNEP projects that exposed a wealth of information on staff and operations. That includes a document with more than 1,000 U.N. employee names, emails; more than 100,000 employee travel records including destination, length of stay and employee ID numbers; more than 1,000 U.N. employee records and so on. The researchers stopped their search once they were able to obtain personally identifying information. However, they speculated that more data was likely accessible.

Alphabet's Google this year moved to tighten control over its scientists' papers by launching a "sensitive topics" review, and in at least three cases requested authors refrain from casting its technology in a negative light, Reuters reported Wednesday, citing internal communications and interviews with researchers involved in the work. From a report: Google's new review procedure asks that researchers consult with legal, policy and public relations teams before pursuing topics such as face and sentiment analysis and categorizations of race, gender or political affiliation, according to internal webpages explaining the policy. "Advances in technology and the growing complexity of our external environment are increasingly leading to situations where seemingly inoffensive projects raise ethical, reputational, regulatory or legal issues," one of the pages for research staff stated. Reuters could not determine the date of the post, though three current employees said the policy began in June. The "sensitive topics" process adds a round of scrutiny to Google's standard review of papers for pitfalls such as disclosing of trade secrets, eight current and former employees said. For some projects, Google officials have intervened in later stages. A senior Google manager reviewing a study on content recommendation technology shortly before publication this summer told authors to "take great care to strike a positive tone," according to internal correspondence read to Reuters.

Carnegie's Robert Hazen and Shaunna Morrison teamed up with CU Boulder philosophy of science professor Carol Cleland to propose that scientists adopt a new "evolutionary system" of mineral classification -- one that includes historical data and reflects changes in the diversity and distribution of minerals through more than 4 billion years of Earth's history. Their work is published by the Proceedings of the National Academy of Sciences. Phys.Org reports: The IMA classification system for minerals dates to the 19th century when geologist James Dwight Dana outlined a way to categorize minerals on the basis of unique combinations of idealized compositions of major elements and geometrically idealized crystal structure. "For example, the IMA defines quartz as pure silicon dioxide, but the existence of this idealized version is completely fictional," said Morrison. "Every specimen of quartz contains imperfections -- traces of its formation process that makes it unique." This approach to the categorization system means minerals with distinctly different historical origins are lumped together [...] while other minerals that share a common causal history are split apart.

"The IMA system is typical," said lead author Cleland, explaining that most classification systems in the natural sciences, such as the periodic table of the elements, are time independent, categorizing material things "solely on the basis of manifest similarities and differences, regardless of how they were produced or what modifications they have undergone." For many researchers, a time-independent system is completely appropriate. But this approach doesn't work well for planetary and other historically oriented geosciences, where the emphasis is on understanding the formation and development of planetary bodies. Differences in a diamond or quartz crystal's formative history are critical, Cleland said, because the conditions under which a sample was formed and the modifications it has undergone "are far more informative than the mere fact that a crystal qualifies as diamond or quartz." She, Hazen, and Morrison argue that what planetary scientists need is a new system of categorizing minerals that includes historical "natural kinds."

Because a universal theory of "mineral evolution" does not exist, creating such a classification system for the geosciences is challenging. Hazen, Morrison, and Cleland's proposed solution is what they call a "bootstrap" approach based on historically revelatory, information-rich chemical, physical, and biological attributes of solid materials. This strategy allows scientists to build a historical system of mineral kinds while remaining agnostic about its underlying theoretical principles.

theodp writes: Q. How many AP Computer Science Principles 'exam takers' would you have if you cancelled the AP CSP exam due to the coronavirus? A. More than 116,000!

That's according to the math behind a new College Board press release, which boasts, "In 2020, more than 116,000 students took the AP CSP Exam -- more than double the number of exam takers in the course's first year, and a 21% increase over the previous year. In 2020, 39,570 women took the AP CSP exam, nearly three times the number who tested in 2017." Which is somewhat confusing, since the College Board actually cancelled the 2020 AP CSP Exam last spring, explaining to students, "This year, there will be no end-of-year multiple-choice exam in Computer Science Principles [the exam was to have counted for 60% of students' scores] -- your AP score will be computed from the Create and Explore performance tasks only."

Still, Sunday's Washington Post reported the good PR news, as did tech-bankrolled College Board partner Code.org, which exclaimed, "Young women set records in computer science exams, again!" In 2018, Code.org lamented that many students enrolled in AP CSP wouldn't get college credit for the course "because they don't take the exam", so perhaps an increase in AP CSP scores awarded -- if not AP CSP exams taken -- should be added to the list of silver linings of the pandemic.