With the debut of the Pirate Bay TV series in Sweden, international viewers are finding it surprisingly difficult to pirate. TorrentFreak reports: The series premiered at the on-demand platform of the Swedish national broadcaster SVT a few hours ago. International deals haven't been announced, but pirates can generally get access anyway. Soon after the first two episodes of The Pirate Bay series came out, scene release copies started circulating online. As one would expect.

The Scene group OLLONBORRE, which specializes in Swedish content, was the first to pick the show up. Within minutes, the first 1080p WEB-rips were posted on private scene servers and 720p copies followed a few hours later. Interestingly, pirate releases have yet to make their way to The Pirate Bay. We haven't seen any other copies on other public pirate sites either, which is surprising given the topic of the series.

It's common knowledge that The Scene -- a secretive network of release groups -- prefers to keep its releases private. Therefore, it wasn't happy with The Pirate Bay's public nature and rise to prominence in the early 2003s, which is highlighted in the first episodes of the TV series. However, we expected non-scene release groups would be eager to pick up the show. Apparently that's not the case, yet.

A security update mislabeling by Microsoft led to Windows Server 2022 systems unexpectedly upgrading to Windows Server 2025, impacting 7 percent of Heimdal customers and leaving administrators scrambling to manage unexpected licensing and configuration challenges. The Register reports: It took Heimdal a while to trace the problem. According to a post on Reddit: "Due to the limited initial footprint, identifying the root cause took some time. By 18:05 UTC, we traced the issue to the Windows Update API, where Microsoft had mistakenly labeled the Windows Server 2025 upgrade as KB5044284." It added: "Our team discovered this discrepancy in our patching repository, as the GUID for the Windows Server 2025 upgrade does not match the usual entries for KB5044284 associated with Windows 11. This appears to be an error on Microsoft's side, affecting both the speed of release and the classification of the update. After cross-checking with Microsoft's KB repository, we confirmed that the KB number indeed references Windows 11, not Windows Server 2025."

As of last night, Heimdal estimated that the unexpected upgrade had affected 7 percent of customers -- it said it had blocked KB5044284 across all server group policies. However, this is of little comfort to administrators finding themselves receiving an unexpected upgrade. Since rolling back to the previous configuration will present a challenge, affected users will be faced with finding out just how effective their backup strategy is or paying for the required license and dealing with all the changes that come with Windows Server 2025.

Long-time Slashdot reader samj — also a long-time Debian developer — tells us there's some opposition to the newly-released Open Source AI definition. He calls it a "fork" that undermines the original Open Source definition (which was originally derived from Debian's Free Software Guidelines, written primarily by Bruce Perens), and points us to a new domain with a petition declaring that instead Open Source shall be defined "solely by the Open Source Definition version 1.9. Any amendments or new definitions shall only be recognized with clear community consensus via an open and transparent process."

This move follows some discussion on the Debian mailing list: Allowing "Open Source AI" to hide their training data is nothing but setting up a "data barrier" protecting the monopoly, disabling anybody other than the first party to reproduce or replicate an AI. Once passed, OSI is making a historical mistake towards the FOSS ecosystem.
They're not the only ones worried about data. This week TechCrunch noted an August study which "found that many 'open source' models are basically open source in name only. The data required to train the models is kept secret, the compute power needed to run them is beyond the reach of many developers, and the techniques to fine-tune them are intimidatingly complex. Instead of democratizing AI, these 'open source' projects tend to entrench and expand centralized power, the study's authors concluded."

samj shares the concern about training data, arguing that training data is the source code and that this new definition has real-world consequences. (On a personal note, he says it "poses an existential threat to our pAI-OS project at the non-profit Kwaai Open Source Lab I volunteer at, so we've been very active in pushing back past few weeks.")

And he also came up with a detailed response by asking ChatGPT. What would be the implications of a Debian disavowing the OSI's Open Source AI definition? ChatGPT composed a 7-point, 14-paragraph response, concluding that this level of opposition would "create challenges for AI developers regarding licensing. It might also lead to a fragmentation of the open-source community into factions with differing views on how AI should be governed under open-source rules." But "Ultimately, it could spur the creation of alternative definitions or movements aimed at maintaining stricter adherence to the traditional tenets of software freedom in the AI age."

However the official FAQ for the new Open Source AI definition argues that training data "does not equate to a software source code." Training data is important to study modern machine learning systems. But it is not what AI researchers and practitioners necessarily use as part of the preferred form for making modifications to a trained model.... [F]orks could include removing non-public or non-open data from the training dataset, in order to train a new Open Source AI system on fully public or open data...

[W]e want Open Source AI to exist also in fields where data cannot be legally shared, for example medical AI. Laws that permit training on data often limit the resharing of that same data to protect copyright or other interests. Privacy rules also give a person the rightful ability to control their most sensitive information — like decisions about their health. Similarly, much of the world's Indigenous knowledge is protected through mechanisms that are not compatible with later-developed frameworks for rights exclusivity and sharing.
Read on for the rest of their response...

An anonymous reader quotes a report from The Guardian: More than 50 US lawmakers are calling on the Environmental Protection Agency (EPA) to join dozens of other countries in banning a widely used weedkiller linked to Parkinson's disease and other health dangers. In a October 31 letter (PDF) to the agency, seven US senators said that paraquat, a weedkiller commonly applied on US farms, was a "highly toxic pesticide whose continued use cannot be justified given its harms to farmworkers and rural communities". The call for a ban from the senators came after 47 members of the US House of Representatives sent a similar letter (PDF) to the EPA calling for a ban earlier in October.

The lawmakers cite scientific links between paraquat use and development of Parkinson's and other "life threatening diseases" as well as "grave impacts on the environment". "Health risks include a higher risk of Parkinson's disease, with some studies finding a 64% increase in the likelihood of developing Parkinson's, non-Hodgkin's Lymphoma, thyroid cancer, and other thyroid issues," they wrote. The New Jersey senator Cory Booker, organizer of the Senate letter, said the risks of paraquat exposure were "well documented" and that it was "irresponsible" for the EPA to continue to allow its use. "I hope the EPA will follow the science and ban paraquat," Booker said. The EPA has long maintained that there is no "clear link" between paraquat exposure and Parkinson's disease, though the agency does have a number of restrictions on use of the chemical due to its acute toxicity. The agency issued a draft report earlier this year affirming its position. Still, the agency said at that time that it would be reviewing more scientific studies and would issue a final report by January 17, 2025.

British cybersecurity firm Sophos revealed this week that it waged a five-year battle against Chinese hackers who repeatedly targeted its firewall products to breach organizations worldwide, including nuclear facilities, military sites and critical infrastructure. The company told Wired that it traced the attacks to researchers in Chengdu, China, linked to Sichuan Silence Information Technology and the University of Electronic Science and Technology.

Sophos planted surveillance code on its own devices used by the hackers, allowing it to monitor their development of sophisticated intrusion tools, including previously unseen "bootkit" malware designed to hide in the firewalls' boot code. The hackers' campaigns evolved from mass exploitation in 2020 to precise attacks on government agencies and infrastructure across Asia, Europe and the United States. Wired story adds: Sophos' report also warns, however, that in the most recent phase of its long-running conflict with the Chinese hackers, they appear more than ever before to have shifted from finding new vulnerabilities in firewalls to exploiting outdated, years-old installations of its products that are no longer receiving updates. That means, company CEO Joe Levy writes in an accompanying document, that device owners need to get rid of unsupported "end-of-life" devices, and security vendors need to be clear with customers about the end-of-life dates of those machines to avoid letting them become unpatched points of entry onto their network. Sophos says it's seen more than a thousand end-of-life devices targeted in just the past 18 months.

"The only problem now isn't the zero-day vulnerability," says Levy, using the term "zero-day" to mean a newly discovered hackable flaw in software that has no patch. "The problem is the 365-day vulnerability, or the 1,500-day vulnerability, where you've got devices that are on the internet that have lapsed into a state of neglect."

Australian mathematicians have proven the famous "infinite monkey theorem" impossible within the universe's lifespan. The theorem suggests monkeys typing randomly would eventually produce Shakespeare's complete works. Scientists Stephen Woodcock and Jay Falletta calculated that even 200,000 chimpanzees typing one character per second until the universe's heat death would fail to reproduce Shakespeare's writings.

A single chimp has only a 5% chance of typing "bananas" in its lifetime, with more complex phrases facing astronomically lower odds. "This finding places the theorem among other probability puzzles and paradoxes... where using the idea of infinite resources gives results that don't match up with what we get when we consider the constraints of our universe," Associate Prof Woodcock was quoted as saying by BBC.

A post shared Saturday on social media acknowledges those admins and developers at the Internet Archive working "literally round the clock... They have taken no days off this past week. They are taking none this weekend... they are working with all of their energy and considerable talent."

It describes people "working so incredibly hard... putting their all in," with a top priority of "getting the site back secure and safe".

But there's new and continuing problems, reports The Verge's weekend editor: Early this morning, I received an email from "The Internet Archive Team," replying to a message I'd sent on October 9th. Except its author doesn't seem to have been the digital archivists' support team — it was apparently written by the hackers who breached the site earlier this month and who evidently maintain some level of access to its systems.

I'm not alone. Users on the Internet Archive subreddit are reporting getting the replies, as well. Here is the message I received:

It's dispiriting to see that even after being made aware of the breach 2 weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets.

As demonstrated by this message, this includes a Zendesk token with perms to access 800K+ support tickets sent to info@archive.org since 2018.

Whether you were trying to ask a general question, or requesting the removal of your site from the Wayback Machine — your data is now in the hands of some random guy. If not me, it'd be someone else.
The site BleepingComputer believes they know the larger context, starting with the fact that they've also "received numerous messages from people who received replies to their old Internet Archive removal requests... The email headers in these emails also pass all DKIM, DMARC, and SPF authentication checks, proving they were sent by an authorized Zendesk server."

BleepingComputer also writes that they'd "repeatedly tried to warn the Internet Archive that their source code was stolen through a GitLab authentication token that was exposed online for almost two years."

And that "the threat actor behind the actual data breach, who contacted BleepingComputer through an intermediary to claim credit for the attack," has been frustrated by misreporting. (Specifically, they insist there were two separate attacks last week — a DDoS attack and a separate data breach for a 6.4-gigabyte database which includes email addresses for the site's 33 million users.) The threat actor told BleepingComputer that the initial breach of Internet Archive started with them finding an exposed GitLab configuration file on one of the organization's development servers, services-hls.dev.archive.org. BleepingComputer was able to confirm that this token has been exposed since at least December 2022, with it rotating multiple times since then. The threat actor says this GitLab configuration file contained an authentication token allowing them to download the Internet Archive source code. The hacker say that this source code contained additional credentials and authentication tokens, including the credentials to Internet Archive's database management system. This allowed the threat actor to download the organization's user database, further source code, and modify the site.

The threat actor claimed to have stolen 7TB of data from the Internet Archive but would not share any samples as proof. However, now we know that the stolen data also included the API access tokens for Internet Archive's Zendesk support system. BleepingComputer attempted contact the Internet Archive numerous times, as recently as on Friday, offering to share what we knew about how the breach occurred and why it was done, but we never received a response.
"The Internet Archive was not breached for political or monetary reasons," they conclude, "but simply because the threat actor could...

"While no one has publicly claimed this breach, BleepingComputer was told it was done while the threat actor was in a group chat with others, with many receiving some of the stolen data. This database is now likely being traded amongst other people in the data breach community, and we will likely see it leaked for free in the future on hacking forums like Breached."

Netflix has begun raising prices in several countries, including Japan, parts of Europe, and Africa, as it seeks to sustain growth following its crackdown on password sharing. While its recent financial results show strong revenue growth, the company faces challenges in finding new subscribers and aims to boost future growth through advertising and fresh content. The BBC reports: In its latest results, Netflix announced that it had added 5.1 million subscribers between July and September - ahead of forecasts but the smallest gain in more than a year. The company is under pressure to show investors what will power growth in the years ahead, as its already massive reach makes finding new subscribers more difficult. The last time Netflix saw signs of slowdown, in 2022, it launched measures to stop password sharing and said it would offer a new streaming option with advertisements.

The crackdown unleashed a new wave of growth. The firm has added more than 45 million new members since last year and has 282 million subscribers globally. Analysts also expect advertisements to eventually become big business for Netflix. For now, however, Netflix has said it remains "early days" and warned it did not expect it to start driving growth until next year, despite many subscribers opting for the ad-supported plan. The plan, which is the company's least expensive option, accounted for 50% of new sign-ups in the places where it is offered in the most recent quarter, Netflix said. Even without a boost from advertising, Netflix said revenue in the July-September period was up 15% compared with the same period last year, to more than $9.8 billion. Profit also rose from $1.6 billion in the same period last year to $2.3 billion.

An anonymous reader quotes a report from The Verge: Donald Trump said Apple CEO Tim Cook called him to discuss the billions of dollars that Apple has been fined in the European Union. Trump made the statement during his appearance on the PBD Podcast -- and said that he won't let the EU "take advantage" of US companies like Apple if reelected. "Two hours ago, three hours ago, he [Cook] called me," Trump said. "He said the European Union has just fined us $15 billion... Then on top of that, they got fined by the European Union another $2 billion." In March, the EU fined Apple around $2 billion after finding that Apple used its dominance to restrict music streaming apps from telling customers about cheaper subscription deals outside the App Store. The EU later won its fight to make Apple pay $14.4 billion in unpaid taxes.

"He [Cook] said something that was interesting," Trump said. "He said they're using that to run their enterprise, meaning Europe is their enterprise. "I said, 'That's a lot... But Tim, I got to get elected first, but I'm not going to let them take advantage of our companies -- that won't, you know, be happening.'" Trump has talked to several Big Tech executives over the past several months. "During an interview this week, Trump said he spoke with Google CEO Sundar Pichai to complain about all the 'bad stories' the search engine shows about him," notes The Verge. "Elon Musk recently spoke at a Trump rally in Pennsylvania, while Meta CEO Mark Zuckerberg called Trump over the summer 'a few times,' according to the former president."

An anonymous reader quotes a report from Ars Technica: This fall, thousands of fake albums were added to Spotify, with some appearing on real artist pages, where they're positioned to lure unsuspecting listeners into streaming by posing as new releases from favorite bands. An Ars reader flagged the issue after finding a fake album on the Spotify page of an UK psych rock band called Gong. The Gong fan knew that the band had begun touring again after a surprise new release last year, but the "latest release" listed by Spotify wasn't that album. Instead, at the top of Gong's page was a fake self-titled album supposedly released in 2024.

The real fan detected the fake instantly, and not just because the generic electronic music sounded nothing like Gong's experimental sounds. The album's cover also gave the scheme away, using a generic font and neon stock image that invoked none of the trippy imagery that characterized Gong's typical album covers. Ars confirmed with Gong member Dave Sturt that the self-titled item was an obvious fake on Monday. At that time, Sturt said the band was working to get the junk album removed from its page, but as of Tuesday morning, that album remained online, along with hundreds of other albums uploaded by a fake label that former Spotify data "alchemist" Glenn McDonald flagged in a social media post that Spotify seemingly ignored.

On his site, McDonald gathered the junk album data by label, noting that Beat Street Music, which has no web presence but released the fake Gong album, uploaded 240 junk albums on Friday alone. Similarly, Ancient Lake Records uploaded 471 albums on Friday. And Gupta Music added 483 just a few days prior, along with 600 junk albums from Future Jazz Records uploaded between September 30 and October 8. These junk albums don't appear to be specifically targeting popular artists, McDonald told Ars. Rather, generic music is uploaded under a wide range of one-word artist names. However, by using that tactic, some of these fake albums appeared on real artist pages, such as Gong, experimental rock band Swans, and English rock bands Asia and Yes. And that oversight is on Spotify, McDonald suggested. "We are aware of the issue, have relocated the content in question, and are considering our further options against the providing licensor," a Spotify spokesperson said. "When we identify or are alerted to attempts by bad actors to game the system, we take action that may include removing stream counts and withholding royalties. Spotify invests heavily in automated and manual reviews to prevent, detect, and mitigate the impact of bad actors attempting to collect unearned royalties."

Many U.S. states now require candidates to disclose when political ads used generative AI, reports the Washington Post.

Unfortunately, researchers at New York University's Center on Technology Policy "found that people rated candidates 'less trustworthy and less appealing' when their ads featured AI disclaimers..." In the study, researchers asked more than 1,000 participants to watch political ads by fictional candidates — some containing AI disclaimers, some not — and then rate how trustworthy they found the would-be officeholders, how likely they were to vote for them and how truthful their ads were. Ads containing AI labels largely hurt candidates across the board, with the pattern holding true for "both deceptive and more harmless uses of generative AI," the researchers wrote. Notably, researchers also found that AI labels were more harmful for candidates running attack ads than those being attacked, something they called the "backfire effect".

"The candidate who was attacked was actually rated more trustworthy, more appealing than the candidate who created the ad," said Scott Babwah Brennen, who directs the center at NYU and co-wrote the report with Shelby Lake, Allison Lazard and Amanda Reid.
One other interesting finding... The article notes that study participants in both parties "preferred when disclaimers were featured anytime AI was used in an ad, even when innocuous."

The man identified as Bitcoin creator Satoshi Nakamoto in a new HBO documentary has something to say: Wrong again, world. From a report: In the just-released HBO film on the history of the world's biggest digital currency -- Money Electric: The Bitcoin Mystery -- documentary filmmaker Cullen Hoback comes to the conclusion that the anonymous creator of Bitcoin was none other than a long-time member of the community and early Bitcoin developer Peter Todd. Todd dismissed the claim in the documentary, released yesterday, and denied it again when asked by The Register.

"[Hoback's] evidence for me being Satoshi is the same kind of coincidence-based, circumstantial thinking that fuels conspiracies like QAnon," Todd told us in an email. "Which is ironic, given that [Hoback's] previous big project was a documentary on QAnon. He clearly didn't try to debunk his theories either." Hoback's previous project -- Q: Into the Storm -- aimed to unmask the person behind QAnon, perhaps giving him an interest in uncovering the identity of Satoshi Nakamoto. Todd, however, thinks Hoback was just trying to drum up interest in his new film.

"I think [Hoback] only included the Satoshi claim as a marketing ploy: he was really creating a documentary about Bitcoin, and needed a hook to get media attention," Todd said. "He picked me to accuse mainly because I was an unlikely candidate, which helped drum up even more attention. I don't think he had any interest in finding the real truth."

U.S. public utility giant American Water says it has disconnected some of its systems after discovering that hackers breached its internal networks last week. From a report: American Water, which supplies drinking water and wastewater services to more than 14 million people across the United States, confirmed the security incident in an 8-K regulatory filing with the U.S. Securities and Exchange Commission on Monday. The New Jersey-based company said in its filing that its water and wastewater facilities are "at this time" not affected and continue to operate without interruption, though the company noted that it's currently "unable to predict the full impact of this incident." American Water said it also notified law enforcement of the intrusion.

The company said it discovered "unauthorized activity" within its networks on October 3 and promptly moved to disconnect affected systems. In a statement on its website, American Water said it is "pausing billing until further notice." "In an effort to protect our customers' data and to prevent any further harm to our environment, we disconnected or deactivated certain systems," Ruben E. Rodriguez, a spokesperson for American Water, told TechCrunch in a statement. "There will be no late charges for customers while these systems are unavailable." Rodriguez declined to state which systems were unavailable and also declined to comment on the nature of the cybersecurity incident.

An anonymous reader shared this report from the Washington Post: Hundreds of Americans have been arrested after being connected to a crime by facial recognition software, a Washington Post investigation has found, but many never know it because police seldom disclose their use of the controversial technology...

In fact, the records show that officers often obscured their reliance on the software in public-facing reports, saying that they identified suspects "through investigative means" or that a human source such as a witness or police officer made the initial identification... The Coral Springs Police Department in South Florida instructs officers not to reveal the use of facial recognition in written reports, according to operations deputy chief Ryan Gallagher. He said investigative techniques are exempt from Florida's public disclosure laws... The department would disclose the source of the investigative lead if it were asked in a criminal proceeding, Gallagher added....

Prosecutors are required to inform defendants about any information that would help prove their innocence, reduce their sentence or hurt the credibility of a witness testifying against them. When prosecutors fail to disclose such information — known as a "Brady violation" after the 1963 Supreme Court ruling that mandates it — the court can declare a mistrial, overturn a conviction or even sanction the prosecutor. No federal laws regulate facial recognition and courts do not agree whether AI identifications are subject to Brady rules. Some states and cities have begun mandating greater transparency around the technology, but even in these locations, the technology is either not being used that often or it's not being disclosed, according to interviews and public records requests...

Over the past four years, the Miami Police Department ran 2,500 facial recognition searches in investigations that led to at least 186 arrests and more than 50 convictions. Among the arrestees, just 1 in 16 were told about the technology's use — less than 7 percent — according to a review by The Post of public reports and interviews with some arrestees and their lawyers. The police department said that in some of those cases the technology was used for purposes other than identification, such as finding a suspect's social media feeds, but did not indicate in how many of the cases that happened. Carlos J. Martinez, the county's chief public defender, said he had no idea how many of his Miami clients were identified with facial recognition until The Post presented him with a list. "One of the basic tenets of our justice system is due process, is knowing what evidence there is against you and being able to challenge the evidence that's against you," Martinez said. "When that's kept from you, that is an all-powerful government that can trample all over us."

After reviewing The Post's findings, Miami police and local prosecutors announced plans to revise their policies to require clearer disclosure in every case involving facial recognition.
The article points out that Miami's Assistant Police Chief actually told a congressional panel on law enforcement AI use that his department is "the first to be completely transparent about" the use of facial recognition. (When confronted with the Washington Post's findings, he "acknowledged that officers may not have always informed local prosecutors [and] said the department would give prosecutors all information on the use of facial recognition, in past and future cases".

He told the Post that the department would "begin training officers to always disclose the use of facial recognition in incident reports." But he also said they would "leave it up to prosecutors to decide what to disclose to defendants."

The Washington Post on scientists who "discovered that bacteria commonly found in wastewater can break down plastic to turn it into a food source, a finding that researchers hope could be a promising answer to combat one of Earth's major pollution problems." In a study published Thursday in Environmental Science and Technology, scientists laid out their examination of Comamonas testosteroni, a bacteria that grows on polyethylene terephthalate, or PET, a plastic commonly found in single-use food packaging and water bottles. PET makes up about 12 percent of global solid waste and 90 million tons of the plastic produced each year... Unlike most other bacteria, which thrive on sugar, C. testosteroni has a more refined palate, including chemically complex materials from plants and plastics that take longer to decompose.

The researchers are the first to demonstrate not only that this bacteria can break down plastic, but they also illuminate exactly how they do it. Through six meticulous steps, involving complex imaging and gene editing techniques, the authors found that the bacteria first physically break down plastic by chewing it into smaller pieces. Then, they release enzymes — components of a cell that speed up chemical reactions — to chemically break down the plastic into a carbon-rich food source known as terephthalate...

The bacteria take a few months to break down chunks of plastic, according to Rebecca Wilkes [a lead author on the study and postdoctoral researcher at the National Renewable Energy Laboratory]. As a result, if the bacteria are going to be efficient tools, a lot of optimization needs to take place to speed up the rate at which they decompose pollutants. One approach is to promote bacterial growth by providing them with an additional food source, such as a chemical known as acetate.
A senior author on the study (and associate professor of civil and environmental engineering at Northwestern University) tells the Washington Post that "The machinery in environmental microbes is still a largely untapped potential for uncovering sustainable solutions we can exploit."

A study published in Nature has found that conservative social media users were more likely to face sanctions, but attributes this to their higher propensity to share low-quality news rather than political bias. Researchers analyzed 9,000 Twitter users during the 2020 U.S. election, finding pro-Trump users were 4.4 times more likely to be suspended than pro-Biden users.

However, they also shared significantly more links from sites rated as untrustworthy by both politically balanced groups and Republican-only panels. Similar patterns were observed across multiple datasets spanning 16 countries from 2016 to 2023. The study concludes that asymmetric enforcement can result from neutral policies when behavior differs between groups.

An anonymous reader quotes a report from 404 Media: Somewhere over the streets of San Francisco's Mission, a microphone sits surveilling ... for banger songs. Bop Spotter is a project by technologist Riley Walz in which he has hidden an Android phone in a box on a pole, rigged it to be solar powered, and has set it to record audio and periodically sends it to Shazam's API to determine which songs people are playing in public. Walz describes it as ShotSpotter, but for music. "This is culture surveillance. No one notices, no one consents. But it's not about catching criminals," Walz's website reads. "It's about catching vibes. A constant feed of what's popping off in real-time."

ShotSpotter, of course, is the microphone-based, "gunshot detection" surveillance company that cities around the country have spent millions of dollars on. ShotSpotter is often inaccurate, and sometimes detects things like fireworks or a car backfiring as gunshots. Chicago, one of ShotSpotter's biggest clients, is finally allowing its contract with the company to end. Bop Spotter, on the other hand, is designed to figure out what cool music people are blasting from their cars or as they walk down the street. "I am a chronic Shazam-er. Most songs I listen to come from first hearing them at a party, store, or on the street," Walz told 404 Media. "Years ago I had the thought that it'd be cool to Shazam 24/7 from a fixed location, and I recently learned about ShotSpotter, and thought it'd be amusing to do what they do with music instead of gunshots. Was a great weekend project."

Walz said that the phone itself is rigged to a solar panel, and that it records audio in 10-minute blocks while in airplane mode. "Then it connects to WiFi to send the file to my server, which then split it into 20-second chunks that get passed to Shazam's API. The device doesn't Shazam directly, that would use way too much power. Probably $100 of parts," he said. BopSpotter's website has a constant feed of songs it hears, as well as links to play the songs in Spotify or Apple Music. As I'm writing this, BopSpotter has picked up "Not Like Us" by Kendrick Lamar, "The Next Episode" by Dr. Dre, and "Never Gonna Give You Up" by Rick Astley (a Rick Roll already?) among dozens of songs in the last few hours. The site also has a constant feed of the device's power levels. So far in three days, it has detected 380 songs. "I thought the solar panel would be annoying but it provides 4 times more power than the phone needs," Walz said. "The hardest part was scoping out which pole to actually put it up on. I had to balance finding a busy location where lots of music could be picked up, with enough sunlight, and good connection to a public wifi network."

Walz didn't say where exactly the phone is located.

Researchers propose a "deceptively simple" way to sequester carbon, reports the Washington Post: burying wood underground: Forests are Earth's lungs, sucking up six times more carbon dioxide (CO2) than the amount people pump into the atmosphere every year by burning coal and other fossil fuels. But much of that carbon quickly makes its way back into the air once insects, fungi and bacteria chew through leaves and other plant material. Even wood, the hardiest part of a tree, will succumb within a few decades to these decomposers. What if that decay could be delayed? Under the right conditions, tons of wood could be buried underground in wood vaults, locking in a portion of human-generated CO2 for potentially thousands of years.

While other carbon-capture technologies rely on expensive and energy-intensive machines to extract CO2, the tools for putting wood underground are simple: a tractor and a backhoe.

Finding the right conditions to impede decomposition over millennia is the tough part. To test the idea, [Ning Zeng, a University of Maryland climate scientist] worked with colleagues in Quebec to entomb wood under clay soil on a crop field about 30 miles east of Montreal... But when the scientists went digging in 2013, they uncovered something unexpected: A piece of wood already buried about 6½ feet underground. The craggy, waterlogged piece of eastern red cedar appeared remarkably well preserved. "I remember standing there looking at other people, thinking, 'Do we really need to continue this experiment?'" Zeng recalled. "Because here's the evidence...."

Radiocarbon dating revealed the log to be 3,775 years old, give or take a few decades. Comparing the old chunk of wood to a freshly cut piece of cedar showed the ancient log lost less than 5 percent of its carbon over the millennia. The log was surrounded by stagnant, oxygen-deprived groundwater and covered by an impermeable layer of clay, preventing fungi and insects from consuming the wood. Lignin, a tough material that gives trees their strength, protected the wood's carbohydrates from subterranean bacteria...

The researchers estimate buried wood can sequester up 10 billion tons of CO2 per year, which is more than a quarter of annual global emissions from energy, according to the International Energy Agency.

An anonymous reader quotes a report from Reuters: A federal judge in California has ordered the U.S. Environmental Protection Agency to strengthen regulations for fluoride in drinking water, saying the compound poses an unreasonable potential risk to children at levels that are currently typical nationwide. U.S. District Judge Edward Chen in San Francisco on Tuesday sided (PDF) with several advocacy groups, finding the current practice of adding fluoride to drinking water supplies to fight cavities presented unreasonable risks for children's developing brains.

Chen said the advocacy groups had established during a non-jury trial that fluoride posed an unreasonable risk of harm sufficient to require a regulatory response by the EPA under the Toxic Substances Control Act. "The scientific literature in the record provides a high level of certainty that a hazard is present; fluoride is associated with reduced IQ," wrote Chen, an appointee of Democratic former President Barack Obama. But the judge stressed he was not concluding with certainty that fluoridated water endangered public health. [...] The EPA said it was reviewing the decision. "The court's historic decision should help pave the way towards better and safer fluoride standards for all," Michael Connett, a lawyer for the advocacy groups, said in a statement on Wednesday.

Black hole jets, which spew near-light-speed particle beams, can trigger nearby white dwarf stars to explode by igniting hydrogen layers on their surfaces. "We don't know what's going on, but it's just a very exciting finding," said Alec Lessing, an astrophysicist at Stanford University and lead author of a new study describing the phenomenon, in an ESA release. Gizmodo reports: In the recent work -- set to publish in The Astrophysical Journal and is currently hosted on the preprint server arXiv -- the team studied 135 novae in the galaxy M87, which hosts a supermassive black hole of the same name at its core. M87 is 6.5 billion times the mass of the Sun and was the first black hole to be directly imaged, in work done in 2019 by the Event Horizon Telescope Collaboration. The team found twice as many novae erupting near M87's 3,000 light-year-long plasma jet than elsewhere in the galaxy. The Hubble Space Telescope also directly imaged M87's jet, which you can see below in luminous blue detail. Though it looks fairly calm in the image, the distance deceives you: this is a long tendril of superheated, near-light speed particles, somehow triggering stars to erupt.

Though previous researchers had suggested there was more activity in the jet's vicinity, new observations with Hubble's wider-view cameras revealed more of the novae brightening -- indicating they were blowing hydrogen up off their surface layers. "There's something that the jet is doing to the star systems that wander into the surrounding neighborhood. Maybe the jet somehow snowplows hydrogen fuel onto the white dwarfs, causing them to erupt more frequently," Lessing said in the release. "But it's not clear that it's a physical pushing. It could be the effect of the pressure of the light emanating from the jet. When you deliver hydrogen faster, you get eruptions faster." The new Hubble images of M87 are also the deepest yet taken, thanks to the newer cameras on Hubble. Though the team wrote in the paper that there's between a 0.1% to 1% chance that their observations can be chalked up to randomness, most signs point to the jet somehow catalyzing the stellar eruptions.