Remember those researchers who spent years training AI tools to analyze the reviews drivers left on the smartphone apps where they pay for EV charging?

There was one more unexpected finding. "Rideshare drivers who work for companies such as Uber are increasingly turning to electric vehicles to reduce fuel costs." That trend is boosting demand for conveniently located, publicly accessible EV chargers... "They are mostly relying on public chargers for their daily Uber needs, usually every day or every couple of days, which dramatically increases electric vehicle miles traveled," [climate fellow Omar Asensio told the Institute's blog], explaining that many drivers live in apartments that lack garages or space for a residential EV charger. Uber CEO Dara Khosrowshahi considers the issue so pressing he urged U.S. policymakers to accelerate plans to improve the nation's EV charging infrastructure in a Fast Co. op-ed in January — during the World Economic Forum in Davos, when media messaging can influence policymakers.

Independent Uber drivers, Khosrowshahi said, are converting to electric vehicles seven times faster than the general public and they tend to be disproportionately from low- and middle-income households that need access to public charging stations. "Charging infrastructure must be more equitable," Khosrowshahi wrote. "Many drivers don't have driveways or garages, so access to nearby overnight charging is essential. Yet our data shows us that Uber drivers often live in neighborhoods lacking this infrastructure. These 'charging deserts' hold countless people back from making the switch."

Brandon Vigliarolo reports via The Register: American healthcare provider Geisinger fears highly personal data on more than a million of its patients has been stolen -- and claimed a former employee at a Microsoft subsidiary is the likely culprit. Geisinger on Monday announced the results of a probe into a November computer security breach, placing the blame on Microsoft-owned Nuance Communications for not cutting off one of its employees' access to corporate files after that person was fired. The Pennsylvania-based healthcare giant uses Nuance as an IT provider. We're told that after the Microsoft-owned entity terminated one of its workers, that staffer two days later may have accessed and taken copies of sensitive records on a huge number of Geisinger patients -- for reasons as yet unknown.

Geisinger -- which says it operates 13 hospitals and has more than 600,000 members -- said it discovered the improper access on November 29, informed Nuance, and the IT supplier immediately cut off the former employee from the healthcare group's data before involving police. "Because it could have impeded their investigation, law enforcement investigators asked Nuance to delay notifying patients of this incident until now," Geisinger claimed, explaining why only now this is coming to light. "The former Nuance employee has been arrested and is facing federal charges." It's not immediately clear if or what charges have been laid -- we've asked Geisinger for details.

Speech recognition firm Nuance performed its own probe, according to Geisinger, and determined that the former employee may have stolen information on a million-plus people. That info would include birth dates, addresses, hospital admission and discharge records, demographic information, and other medical data. The ex-employee didn't swipe insurance or other financial information, the multi-billion-dollar healthcare group stated. "We continue to work closely with the authorities on this investigation, and while I am grateful that the perpetrator was caught and is now facing federal charges," Geisinger chief privacy officer Jonathan Friesen alleged, adding: "I am sorry that this happened."

Where is dark matter, the invisible masses which must exist to bind galaxies together? Stephen Hawking postulated they could be hiding in "primordial" black holes formed during the big bang, writes CNN.

"Now, a new study by researchers with the Massachusetts Institute of Technology has brought the theory back into the spotlight, revealing what these primordial black holes were made of and potentially discovering an entirely new type of exotic black hole in the process." Other recent studies have confirmed the validity of Hawking's hypothesis, but the work of [MIT graduate student Elba] Alonso-Monsalve and [study co-author David] Kaiser, a professor of physics and the Germeshausen Professor of the History of Science at MIT, goes one step further and looks into exactly what happened when primordial black holes first formed. The study, published June 6 in the journal Physical Review Letters, reveals that these black holes must have appeared in the first quintillionth of a second of the big bang: "That is really early, and a lot earlier than the moment when protons and neutrons, the particles everything is made of, were formed," Alonso-Monsalve said... "You cannot find quarks and gluons alone and free in the universe now, because it is too cold," Alonso-Monsalve added. "But early in the big bang, when it was very hot, they could be found alone and free. So the primordial black holes formed by absorbing free quarks and gluons."

Such a formation would make them fundamentally different from the astrophysical black holes that scientists normally observe in the universe, which are the result of collapsing stars. Also, a primordial black hole would be much smaller — only the mass of an asteroid, on average, condensed into the volume of a single atom. But if a sufficient number of these primordial black holes did not evaporate in the early big bang and survived to this day, they could account for all or most dark matter.

During the making of the primordial black holes, another type of previously unseen black hole must have formed as a kind of byproduct, according to the study. These would have been even smaller — just the mass of a rhino, condensed into less than the volume of a single proton... "It's inevitable that these even smaller black holes would have also formed, as a byproduct (of primordial black holes' formation)," Alonso-Monsalve said, "but they would not be around today anymore, as they would have evaporated already." However, if they were still around just ten millionths of a second into the big bang, when protons and neutrons formed, they could have left observable signatures by altering the balance between the two particle types.
Professer Kaiser told CNN the next generation of gravitational detectors "could catch a glimpse of the small-mass black holes — an exotic state of matter that was an unexpected byproduct of the more mundane black holes that could explain dark matter today."

Nico Cappelluti, an assistant professor in the physics department of the University of Miami (who was not involved with the study) confirmed to CNN that "This work is an interesting, viable option for explaining the elusive dark matter."

Visa's and Mastercard's proposed $30 billion antitrust settlement to limit credit and debit card fees for merchants is in peril, after a New York judge signaled she was preparing to reject the accord. From a report: U.S. District Judge Margo Brodie in Brooklyn told lawyers for the card networks and objectors at a hearing on Thursday that she will "likely not approve the settlement," according to court records.

She plans to write an opinion explaining her decision and reasoning. Both card networks said they were disappointed. Mastercard called the settlement a "fair resolution" that gave businesses more flexibility in managing card transactions, and Visa called it an "appropriate resolution" to the nearly 19-year-old case.

A new study by astrophysicist Richard Lieu suggests that gravity can exist without mass, proposing thin, shell-like layers of 'topological defects' as an alternative to dark matter for explaining the gravitational binding of galaxies. This theory posits that these defects create a gravitational force without detectable mass, potentially eliminating the need for dark matter in current cosmological models. Clare Watson reports via ScienceAlert: Lieu started out trying to find another solution to the Einstein field equations, which relate the curvature of space-time to the presence of matter within it. As Einstein described in his 1915 theory of general relativity, space-time warps around bundles of matter and streams of radiation in the Universe, depending on their energy and momentum. That energy is, of course, related to mass in Einstein's famous equation: E=mc2. So an object's mass is linked to its energy, which bends space-time -- and this curvature of space-time is what Einstein described as gravity, a notch more sophisticated than Newton's 17th-century approximation of gravity as a force between two objects with mass. In other words, gravity seems inextricably linked to mass. Not so, posits Lieu.

In his workings, Lieu set about solving a simplified version of the Einstein field equations that allows for a finite gravitation force in the absence of any detectable mass. He says his efforts were "driven by my frustration with the status quo, namely the notion of dark matter's existence despite the lack of any direct evidence for a whole century." Lieu's solution consists of shell-shaped topological defects that might occur in very compact regions of space with a very high density of matter. These sets of concentric shells contain a thin layer of positive mass tucked inside an outer layer of negative mass. The two masses cancel each other out, so the total mass of the two layers is exactly zero. But when a star lies on this shell, it experiences a large gravitational force dragging it towards the center of the shell. "The contention of my paper is that at least the shells it posits are massless," Lieu says. If those contentious suggestions bear any weight, "there is then no need to perpetuate this seemingly endless search for dark matter," Lieu adds.

The next question, then, is how to possibly confirm or refute the shells Lieu has proposed through observations. "The increasing frequency of sightings of ring and shell-like formation of galaxies in the Universe lends evidence to the type of source being proposed here," Lieu writes in his paper. Although he admits that his proposed solution is "highly suggestive" and cannot alone discredit the dark matter hypothesis. "It could be an interesting mathematical exercise at best," Lieu concludes. "But it is the first [mathematical] proof that gravity can exist without mass." The study has been published in Monthly Notices of the Royal Astronomical Society.

"Concrete and steel production are major sources of CO2 emissions," writes New Atlas, "but a new solution from Cambridge could recycle both at the same time." Throwing old concrete into steel-processing furnaces not only purifies iron but produces "reactivated cement" as a byproduct. If done using renewable energy, the process could make for completely carbon-zero cement.

Concrete is the world's most used building material, and making it is a particularly dirty business — concrete production alone is responsible for about 8% of total global CO2 emissions. Unfortunately it's not easy to recycle back into a form that can be used to make new concrete structures... For the new study, Cambridge researchers investigated how waste concrete could be converted back into clinker, the dry component of cement, ready to be used again. "I had a vague idea from previous work that if it were possible to crush old concrete, taking out the sand and stones, heating the cement would remove the water, and then it would form clinker again," said Dr. Cyrille Dunant, first author of the study...

An electric arc furnace needs a "flux" material, usually lime, to purify the steel. This molten rocky substance captures the impurities, then bubbles to the surface and forms a protective layer that prevents the new pure steel from becoming exposed to air. At the end of the process, the used flux is discarded as a waste material. So for the Cambridge method, the lime flux was swapped out for the recycled cement paste. And sure enough, not only was it able to purify the steel just fine, but if the leftover slag is cooled quickly in air, it becomes new Portland cement.

The resulting concrete has similar performance to the original stuff. Importantly, the team says this technique doesn't add major costs to either concrete or steel production, and significantly reduces CO2 emissions compared to the usual methods of making both. If the electric arc furnace was powered by renewable sources, it could essentially make for zero-emission cement.
"The first industrial-scale trials are underway this month," the article adds. "Producing zero emissions cement is an absolute miracle, but we've also got to reduce the amount of cement and concrete we use," said Professor Julian Allwood, who led the research.

And the professor has also recorded a thoughtful video visualizing the process — and explaining the significance of their breakthrough.

After Adobe threatened legal action, the Delta Emulator said it'll abandon its current logo for a different, yet-to-be-revealed mark. The issue centers around Delta's stylized letter "D", which the digital media giant says is too similar to its stylized letter "A". The Verge reports: On May 7th, Adobe's lawyers reached out to Delta with a firm but kindly written request to go find a different icon, an email that didn't contain an explicit threat or even use the word infringement -- it merely suggested that Delta might "not wish to confuse consumers or otherwise violate Adobe's rights or the law." But Adobe didn't wait for a reply. On May 8th, one day later, Testut got another email from Apple that suggested his app might be at risk because Adobe had reached out to allege Delta was infringing its intellectual property rights.

"We responded to both Apple and Adobe explaining our icon was a stylized Greek letter delta -- not an A -- but that we would update the Delta logo anyway to avoid confusion," Testut tells us. The icon you're seeing on the App Store now is just a temporary one, he says, as the team is still working on a new logo. "Both the App Store and AltStore versions have been updated with this temporary icon, but the plan is to update them to the final updated logo with Delta 1.6 once it's finished."

An anonymous reader quotes a report from Ars Technica: Within approximately 12 seconds, two highly educated brothers allegedly stole $25 million by tampering with the ethereum blockchain in a never-before-seen cryptocurrency scheme, according to an indictment that the US Department of Justice unsealed Wednesday. In a DOJ press release, US Attorney Damian Williams said the scheme was so sophisticated that it "calls the very integrity of the blockchain into question."

"The brothers, who studied computer science and math at one of the most prestigious universities in the world, allegedly used their specialized skills and education to tamper with and manipulate the protocols relied upon by millions of ethereum users across the globe," Williams said. "And once they put their plan into action, their heist only took 12 seconds to complete." Anton, 24, and James Peraire-Bueno, 28, were arrested Tuesday, charged with conspiracy to commit wire fraud, wire fraud, and conspiracy to commit money laundering. Each brother faces "a maximum penalty of 20 years in prison for each count," the DOJ said. The indictment goes into detail explaining that the scheme allegedly worked by exploiting the ethereum blockchain in the moments after a transaction was conducted but before the transaction was added to the blockchain. To uncover the scheme, the special agent in charge, Thomas Fattorusso of the IRS Criminal Investigation (IRS-CI) New York Field Office, said that investigators "simply followed the money."

"Regardless of the complexity of the case, we continue to lead the effort in financial criminal investigations with cutting-edge technology and good-ol'-fashioned investigative work, on and off the blockchain," Fattorusso said.

A "one-of-a-kind" Google Cloud "misconfiguration" resulted in the deletion of UniSuper's account last week, disrupting the financial services provider's more than half a million members. "Services began being restored for UniSuper customers on Thursday, more than a week after the system went offline," reports The Guardian. "Investment account balances would reflect last week's figures and UniSuper said those would be updated as quickly as possible." From the report: The UniSuper CEO, Peter Chun, wrote to the fund's 620,000 members on Wednesday night, explaining the outage was not the result of a cyber-attack, and no personal data had been exposed as a result of the outage. Chun pinpointed Google's cloud service as the issue. In an extraordinary joint statement from Chun and the global CEO for Google Cloud, Thomas Kurian, the pair apologized to members for the outage, and said it had been "extremely frustrating and disappointing." They said the outage was caused by a misconfiguration that resulted in UniSuper's cloud account being deleted, something that had never happened to Google Cloud before.

While UniSuper normally has duplication in place in two geographies, to ensure that if one service goes down or is lost then it can be easily restored, because the fund's cloud subscription was deleted, it caused the deletion across both geographies. UniSuper was able to eventually restore services because the fund had backups in place with another provider. "Google Cloud CEO, Thomas Kurian has confirmed that the disruption arose from an unprecedented sequence of events whereby an inadvertent misconfiguration during provisioning of UniSuper's Private Cloud services ultimately resulted in the deletion of UniSuper's Private Cloud subscription," the pair said. "This is an isolated, 'one-of-a-kind occurrence' that has never before occurred with any of Google Cloud's clients globally. This should not have happened. Google Cloud has identified the events that led to this disruption and taken measures to ensure this does not happen again."

"Without San Francisco, Star Wars wouldn't exist," says David Reat, the culture studies director of the architecture department at Glasgow's University of Strathclyde.

SFGate reports: Lucas was born and raised in Modesto, where his father expected him to run the family stationery store once he turned 18, but Lucas instead left for Los Angeles, where he studied film production at the University of Southern California, before moving to San Francisco. Despite all that these cities had to offer, Lucas constantly found himself conflicted over his feelings toward them. "The battle of living in the country versus living in the city is huge with Lucas," says Reat, who notes that this theme runs throughout the likes of "THX 1138," "American Graffiti" and the "Star Wars" series. "He sees cities as the givers and takers of things. He's fascinated by cities. He doesn't actually want to live in one. He now lives in a ranch near one. He wants to orbit them. He's a paradox."

When Lucas moved to San Francisco in the late 1960s, there were a number of huge building projects taking place across the city that piqued the burgeoning filmmaker's interest, most notably the construction of BART and a new terminal at San Francisco airport. "Infrastructure really fascinated Lucas. They were these big huge alienating spaces," says Reat. "I think Lucas was driving around San Francisco, looking at them, and seeing that they looked alien." There's a reason why Lucas was particularly interested in the architecture in San Francisco: "He's on record as saying he wanted to be an architect," says Reat. "He has referred to himself as a frustrated architect." Lucas' interest provoked him and his creative team to put extra care and thought into each of the "Star Wars" buildings, vehicles, houses, villages, cities, worlds and galaxies, especially when it came to what they symbolized and represented.

"The architecture in the films play a key role for younger viewers," says Reat, explaining that it helps to indicate who is good and who is evil. When it comes to the Death Star there are "no women, no plants, no signs of life, and it's basically the Nazis in space," continues Reat. "Lucas doesn't like modernism. He always uses it for bad things, a bit like every James Bond baddie." Meanwhile, Luke Skywalker and the rest of the light side of the Force are seen living in "exaggerated domesticity" as they sit around drinking blue milk, surrounded by creatures. "There's a care and a weirdness to their architecture, plus it's loaded with color," says Reat, who adds that these choices help to make those characters more appealing and relatable....

The San Francisco International Airport also played a key role in the making of "Phantom Menace." A tour of its maintenance bay gave the film's creative designers a jolt of inspiration when they were creating Anakin's podracer and other vehicles.
The article also adds that the inspiration for the Theed Royal Palace on Naboo in The Phantom Menace was "the Marin County Civic Center, where Lucas once served jury duty."

The National Archives and Records Administration (NARA) told employees Wednesday that it is blocking access to ChatGPT on agency-issued laptops to "protect our data from security threats associated with use of ChatGPT," 404 Media reported Wednesday. From the report: "NARA will block access to commercial ChatGPT on NARANet [an internal network] and on NARA issued laptops, tablets, desktop computers, and mobile phones beginning May 6, 2024," an email sent to all employees, and seen by 404 Media, reads. "NARA is taking this action to protect our data from security threats associated with use of ChatGPT."

The move is particularly notable considering that this directive is coming from, well, the National Archives, whose job is to keep an accurate historical record. The email explaining the ban says the agency is particularly concerned with internal government data being incorporated into ChatGPT and leaking through its services. "ChatGPT, in particular, actively incorporates information that is input by its users in other responses, with no limitations. Like other federal agencies, NARA has determined that ChatGPT's unrestricted approach to reusing input data poses an unacceptable risk to NARA data security," the email reads. The email goes on to explain that "If sensitive, non-public NARA data is entered into ChatGPT, our data will become part of the living data set without the ability to have it removed or purged."

An anonymous reader shares a report: iPerf is a fairly popular cross-platform tool that is used by many to measure network performance and diagnose any potential issues in this area. The open-source utility is maintained by an organization called Energy Sciences Network (ESnet) and officially supports Linux, Unix, and Windows. However, Microsoft has now published a detailed blog post explaining why you should not use the latest version, iPerf3, on Windows installations.

Microsoft has highlighted three key reasons to discourage the use of iPerf3 on Windows. The first is that ESnet does not support this version on Windows, and recommends iPerf2 instead. On its website, ESnet has emphasized that CentOS 7 Linux, FreeBSD 11, and macOS 10.12 are the only supported platforms. Another very important reason not to use iPerf3 on Windows is that it does not make native OS calls. Instead, it leverages Cygwin as an emulation layer, which obviously comes with a performance penalty. This alone means that iPerf3 on Windows isn't really an ideal candidate for benchmarking your network. While Microsoft has praised the maintainers who are trying to get iPerf3 to run on Windows via emulation, another flaw with this approach is that some advanced networking options simply aren't available on Windows or may behave in unexpected ways.

America's FCC votes on net neutrality April 25th. And the director of Stanford Law School's "Center for Internet and Society" (also a law professor) says mostly there's "much to celebrate" in the draft rules released earlier this month. Mobile carriers like T-Mobile, AT&T and Verizon that have been degrading video quality for mobile users will have to stop. The FCC kept in place state neutrality protections like California's net neutrality law, allowing for layers of enforcement. The FCC also made it harder for ISPs to evade net neutrality at the point where data enters their networks.
However, the draft rules also have "a huge problem." The proposed rules make it possible for mobile ISPs to start picking applications and putting them in a fast lane — where they'll perform better generally and much better if the network gets congested.

T-Mobile, AT&T and Verizon are all testing ways to create these 5G fast lanes for apps such as video conferencing, games, and video where the ISP chooses and controls what gets boosted. They use a technical feature in 5G called network slicing, where part of their radio spectrum gets used as a special lane for the chosen app or apps, separated from the usual internet traffic. The FCC's draft order opens the door to these fast lanes, so long as the app provider isn't charged for them.
They warn of things like cellphone plans "Optimized for YouTube and TikTok... Or we could see add-ons like Enhanced Video Conferencing for $10 a month, or one-time 24-hour passes to have Prioritized Online Gaming." This isn't imagination. The ISPs write about this in their blogs and press releases. They talk about these efforts and dreams openly at conferences, and their equipment vendors plainly lay out how ISPs can chop up internet service into all manner of fast lanes.

These kinds of ISP-controlled fast lanes violate core net neutrality principles and would limit user choice, distort competition, hamper startups, and help cement platform dominance. Even small differences in load times affect how long people stay on a site, how much they pay, and whether they'll come back. Those differences also affect how high up sites show in search results. Thus, letting ISPs choose which apps get to be in a fast lane lets them, not users, pick winners and losers online... [T]he biggest apps will end up in all the fast lanes, while most others would be left out. The ones left out would likely include messaging apps like Signal, local news sites, decentralized Fediverse apps like Mastodon and PeerTube, niche video sites like Dropout, indie music sites like Bandcamp, and the millions of other sites and apps in the long tail.
One subheading emphasizes that "This is not controversial," noting that "Even proposed Republican net neutrality bills prohibited ISPs from speeding up and slowing down apps and kinds of apps..." Yet "While draft order acknowledges that some speeding up of apps could violate the no-throttling rule, it added some unclear, nebulous language suggesting that the FCC would review any fast lanes case-by-case, without explaining how it would do that... Companies that do file complaints will waste years litigating the meaning of "unreasonably discriminatory," all the while going up against giant telecoms that stockpile lawyers and lobbyists."

"Net neutrality means that we, the people who use the internet, get to decide what we do online, without interference from ISPs. ISPs do not get to interfere with our choices by blocking, speeding up or slowing down apps or kinds of apps..."

They urge the FCC to edit their draft order before April 24 to clarify "that the no-throttling rule also prohibits ISPs from creating fast lanes for select apps or kinds of apps."

Personal data from 73 million AT&T customers has leaked onto the dark web, reports CNN — both current and former customers.

AT&T has launched an investigation into the source of the data leak... In a news release Saturday morning, the telecommunications giant said the data was "released on the dark web approximately two weeks ago," and contains information such as account holders' Social Security numbers. ["The information varied by customer and account," AT&T said in a statement, " but may have included full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number and passcode."]

"It is not yet known whether the data ... originated from AT&T or one of its vendors," the company added. "Currently, AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set."

The data seems to have been from 2019 or earlier. The leak does not appear to contain financial information or specifics about call history, according to AT&T. The company said the leak shows approximately 7.6 million current account holders and 65.4 million former account holders were affected.
CNN says the first reports of the leak came two weeks ago from a social media account claiming "the largest collection of malware source code, samples, and papers. Reached for a comment by CNN, AT&T had said at the time that "We have no indications of a compromise of our systems."

AT&T's web site now includes a special page with an FAQ — and the tagline that announces "We take cybersecurity very seriously..."

"It has come to our attention that a number of AT&T passcodes have been compromised..."

The page points out that AT&T has already reset the passcodes of "all 7.6 million impacted customers." It's only further down in the FAQ that they acknowledge that the breach "appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and 65.4 million former account holders." Our internal teams are working with external cybersecurity experts to analyze the situation... We encourage customers to remain vigilant by monitoring account activity and credit reports. You can set up free fraud alerts from nationwide credit bureaus — Equifax, Experian, and TransUnion. You can also request and review your free credit report at any time via Freecreditreport.com...

We will reach out by mail or email to individuals with compromised sensitive personal information and offering complimentary identity theft and credit monitoring services... If your information was impacted, you will be receiving an email or letter from us explaining the incident, what information was compromised, and what we are doing for you in response.

The Record reports: Ross Anderson, a professor of security engineering at the University of Cambridge who is widely recognized for his contributions to computing, passed away at home on Thursday according to friends and colleagues who have been in touch with his family and the University.

Anderson, who also taught at Edinburgh University, was one of the most respected academic engineers and computer scientists of his generation. His research included machine learning, cryptographic protocols, hardware reverse engineering and breaking ciphers, among other topics. His public achievements include, but are by no means limited to, being awarded the British Computer Society's Lovelace Medal in 2015, and publishing several editions of the Security Engineering textbook.
Anderson's security research made headlines throughout his career, with his name appearing in over a dozen Slashdot stories...

• 2023: Researchers Warn of 'Model Collapse' As AI Trains On AI-Generated Content

• 2021: 'Trojan Source' Bug Threatens the Security of All Code

• 2015: Factory Reset On Millions of Android Devices Doesn't Wipe Storage

• 2012: UK Web Snooping Plan Invades Privacy, Despite Claims To the Contrary

• 2010: Why "Verified By Visa" System Is Insecure

• 2008: Researchers Expose New Credit Card Fraud Risk

• 2006: "Security Engineering" Is Now Online. [The link from that 2006 post still works. Slashdot called Anderson's book "arguably the best information security book ever written" in one of two reviews, published in 2002 and 2010.]

• 2002:Security of Open vs. Closed Source Software.

• 2002: Analyzing Palladium

My favorite story? UK Banks Attempt To Censor Academic Publication.

"Cambridge University has resisted the demands and has sent a response to the bankers explaining why they will keep the page online..."

The U.S. Air Force paid for a test version of an AI-powered chatbot to assist in intelligence and surveillance tasks as part of a $1.2 million deal, according to internal Air Force documents obtained by 404 Media. From the report: The news provides more insight into what military agencies are currently exploring using AI for, and comes as more AI companies eye the military space as a business opportunity. OpenAI, for instance, quietly removed language that expressly prohibited its technology for military purposes in January. "Edge Al Platform for Space and Unmanned Aerial Imagery Intelligence," a section of one of the documents reads. The contract is between the Air Force and a company called Misram LLC, which also operates under the name Spectronn.

Included in a "milestone schedule" explaining the specifics of the deal are the items "ISR chatbot design" and "ISR chatbot software." ISR refers to intelligence, surveillance, and reconnaissance, a common military term. Other items in the schedule include "data ingestion tool" and "data visualization tool." 404 Media obtained the documents through a Freedom of Information Act (FOIA) request with the Air Force. On its website, Spectronn advertises an "AI Digital Assistant for Analytics." It says the bot can take data such as images and videos, and then answer plain English questions about that information. "Current analytics dashboard solutions are complex and not human-friendly. It leads to severe latency (from hours to days), cognitive load on the data analyst, false alarms, and frustrated decision makers or end-users," it reads.

schwit1 shares a report from ScienceAlert: Sound waves fossilized in the maps of galaxies across the Universe could be interpreted as signs of a Big Bang that took place 13 billion years earlier than current models suggest. Last year, theoretical physicist Rajendra Gupta from the University of Ottawa in Canada published a rather extraordinary proposal that the Universe's currently accepted age is a trick of the light, one that masks its truly ancient state while also ridding us of the need to explain hidden forces. Gupta's latest analysis suggests oscillations from the earliest moments in time preserved in large-scale cosmic structures support his claims. "The study's findings confirm that our previous work about the age of the Universe being 26.7 billion years has allowed us to discover that the Universe does not require dark matter to exist," says Gupta. "In standard cosmology, the accelerated expansion of the Universe is said to be caused by dark energy but is in fact due to the weakening forces of nature as it expands, not due to dark energy." [...]

Current cosmological models make the reasonable assumption that certain forces governing the interactions of particles have remained constant throughout time. Gupta challenges a specific example of this 'coupling constant', asking how it might affect the spread of space over exhaustively long periods of time. It's hard enough for any novel hypothesis to survive the intense scrutiny of the scientific community. But Gupta's suggestion isn't even entirely new -- it's loosely based on an idea that was shown the door nearly a century ago. In the late 1920s, Swiss physicist Fritz Zwicky wondered if the reddened light of far distant objects was a result of lost energy, like a marathon runner exhausted by a long journey across the eons of space. His 'tired light' hypothesis was in competition with the now-accepted theory that light's red-shifted frequency is due to the cumulative expansion of space tugging at light waves like a stretched spring.

The consequences of Gupta's version of the tired light hypothesis -- what is referred to as covarying coupling constants plus tired light, or CCC+TL -- would affect the Universe expansion, doing away with mysterious pushing forces of dark energy and blaming changing interactions between known particles for the increased stretching of space. To replace existing models with CCC+TL, Gupta would need to convince cosmologists his model does a better job of explaining what we see at large. His latest paper attempts to do that by using CCC+TL to explain fluctuations in the spread of visible matter across space caused by sound waves in a newborn Universe, and the glow of ancient dawn known as the cosmic microwave background. While his analysis concludes his hybrid tired light theory can play nicely with certain features of the Universe's residual echoes of light and sound, it does so only if we also ditch the idea that dark matter is also a thing. The research has been published in The Astrophysical Journal.

Connor Jones reports via The Register: Stanford University says the cybersecurity incident it dealt with last year was indeed ransomware, which it failed to spot for more than four months. Keen readers of El Reg may remember the story breaking toward the end of October 2023 after Akira posted Stanford to its shame site, with the university subsequently issuing a statement simply explaining that it was investigating an incident, avoiding the dreaded R word. Well, surprise, surprise, ransomware was involved, according to a data breach notice sent out to the 27,000 people affected by the attack.

Akira targeted the university's Department of Public Safety (DPS) and this week's filing with the Office of the Maine Attorney General indicates that Stanford became aware of the incident on September 27, more than four months after the initial breach took place. According to Monday's filing, the data breach occurred on May 12 2023 but was only discovered on September 27 of last year, raising questions about whether the attacker(s) was inside the network the entire time and why it took so long to spot the intrusion.

It's not fully clear what information was compromised, but the draft letters include placeholders for three different variables. However, the filing with Maine's AG suggests names and social security numbers are among the data types to have been stolen. All affected individuals have been offered 24 months of free credit monitoring, including access to a $1 million insurance reimbursement policy and ID theft recovery services. Akira's post dedicated to Stanford on its leak site claims it stole 430 GB worth of data, including personal information and confidential documents. It's all available to download via a torrent file and the fact it remains available for download suggests the research university didn't pay whatever ransom the attackers demanded.

Space.com describes it as "a nearly 3-ton leftover tossed overboard from the International Space Station" — which crashed back to earth today. One satellite tracker claims to have filmed it passing over the Netherlands...

"A couple minutes later reentry and it would have reached Fort Meyers" in Florida, posted astronomer Jonathan McDowell of the Harvard-Smithsonian Center for Astrophysics. But instead it re-entered the earth's atmosphere "over the Gulf of Mexico between Cancun and Cuba," Friday afternoon. "This was within the previous prediction window but a little to the northeast of the 'most likely' part of the path."

From Space.com: The multi-ton Exposed Pallet 9 (EP9) was jettisoned from the space station back in March 2021. At the time, it was reported to be the most massive object ever tossed overboard from the International Space Station. Disposing of used or unnecessary equipment in such a way is common practice aboard the space station, as the objects typically burn up harmlessly in Earth's atmosphere.

Ahead of EP9's reentry, the Federal Office for Civil Protection and Disaster Relief, National Warning Center 1 in Bonn, Germany issued this information... "The object is battery packs from the International Space Station. Luminous phenomena or the perception of a sonic boom are possible...." EP9 is loaded with old Nickel-Hydrogen batteries, NASA explained at the time it was jettisoned, also explaining that EP9 has the approximate mass of a large SUV and predicting it would re-enter Earth's atmosphere in two-to-four years.
"A large space object reenters the atmosphere in a natural way approximately once per week," the European Space Agency points out, "with the majority of the associated fragments burning up before reaching the ground.

"Most spacecraft, launch vehicles and operational hardware are designed to limit the risks associated with a reentry."

An anonymous reader quotes a report from Ars Technica: VMware is urging customers to patch critical vulnerabilities that make it possible for hackers to break out of sandbox and hypervisor protections in all versions, including out-of-support ones, of VMware ESXi, Workstation, Fusion, and Cloud Foundation products. A constellation of four vulnerabilities -- two carrying severity ratings of 9.3 out of a possible 10 -- are serious because they undermine the fundamental purpose of the VMware products, which is to run sensitive operations inside a virtual machine that's segmented from the host machine. VMware officials said that the prospect of a hypervisor escape warranted an immediate response under the company's IT Infrastructure Library, a process usually abbreviated as ITIL.

"In ITIL terms, this situation qualifies as an emergency change, necessitating prompt action from your organization," the officials wrote in a post. "However, the appropriate security response varies depending on specific circumstances." Among the specific circumstances, one concerns which vulnerable product a customer is using, and another is whether and how it may be positioned behind a firewall. A VMware advisory included the following matrix showing how the vulnerabilities -- tracked as CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255 -- affect each of the vulnerable products [...]. Three of the vulnerabilities affect the USB controller the products use to support peripheral devices such as keyboards and mice.

Broadcom, the VMware parent company, is urging customers to patch vulnerable products. As a workaround, users can remove USB controllers from vulnerable virtual machines, but Broadcom stressed that this measure could degrade virtual console functionality and should be viewed as only a temporary solution. In an article explaining how to remove a USB controller, officials wrote: "The workaround is to remove all USB controllers from the Virtual Machine. As a result, USB passthrough functionality will be unavailable. In addition, virtual/emulated USB devices, such as VMware virtual USB stick or dongle, will not be available for use by the virtual machine. In contrast, the default keyboard/mouse as input devices are not affected as they are, by default, not connected through USB protocol but have a driver that does software device emulation in the guest OS.

IMPORTANT:
Certain guest operating systems, including Mac OS, do not support using a PS/2 mouse and keyboard. These guest operating systems will be left without a mouse and keyboard without a USB controller."