Eric Raymond has been working on a tool called reposurgeon for editing version-control repository histories -- those "risky operations that version-control systems don't want to let you do." But this led to some interesting thoughts about documentation: "Why doesn't reposurgeon have easy introductory documentation" would normally have a simple answer: because the author, like all too many programmers, hates writing documentation, has never gotten very good at it, and will evade frantically when under pressure to try. But in my case none of that description is even slightly true. Like Donald Knuth, I consider writing good documentation an integral and enjoyable part of the art of software engineering. If you don't learn to do it well you are short-changing not just your users but yourself...

If you go looking for gdb intro documentation, you'll find it's also pretty terrible. Examples of a few basic commands is all they can do; you never get an entire worked example of using gdb to identify and fix a failure point. And why is this....? High-quality introductory software documentation depends on worked examples that are understandable and reproducible. If your software's problem domain features serious technical barriers to mounting and stuffing a gallery of reproducible examples, you have a problem that even great willingness and excellent writing skills can't fix.

Of course my punchline is that reposurgeon has this problem, and arguably an even worse example of it than gdb's. How would you make a worked example of a repository conversion that is both nontrivial and reproducible? What would that even look like...? Having identified the deep problem, I'd love to be able to say something revelatory and upbeat about how to solve it.... Unfortunately, at this point I am out of answers. Perhaps the regulars on my blog will come up with some interesting angle.

The Go team is planning for a February release of Go 1.14, and "Per the process outlined in the Go 2, here we come! blog post, it is again the time in our development and release cycle to consider if and what language or library changes we might want to include for our next release, Go 1.15, scheduled for August of this year."
The primary goals for Go remain package and version management, better error handling support, and generics. Module support is in good shape and getting better with each day, and we are also making progress on the generics front (more on that later this year).

Our attempt seven months ago at providing a better error handling mechanism, the try proposal, met good support but also strong opposition and we decided to abandon it. In its aftermath there were many follow-up proposals, but none of them seemed convincing enough, clearly superior to the try proposal, or less likely to cause similar controversy. Thus, we have not further pursued changes to error handling for now. Perhaps some future insight will help us to improve upon the status quo.

Given that modules and generics are actively being worked on, and with error handling changes out of the way for the time being, what other changes should we pursue, if any? There are some perennial favorites such as requests for enums and immutable types, but none of those ideas are sufficiently developed yet, nor are they urgent enough to warrant a lot of attention by the Go team, especially when also considering the cost of making a language change.

After reviewing all potentially viable proposals, and more importantly, because we don't want to incrementally add new features without a long-term plan, we concluded that it is better to hold off with major changes this time. Instead we concentrate on a couple of new vet checks and a minor adjustment to the language...

We believe that none of these three proposals are controversial but there's always a chance that we missed something important. For that reason we plan to have the proposals implemented at the beginning of the Go 1.15 release cycle (at or shortly after the Go 1.14 release) so that there is plenty of time to gather experience and provide feedback. Per the proposal evaluation process, the final decision will be made at the end of the development cycle, at the beginning of May, 2020.

An anonymous reader quotes a report from Motherboard: On the night of December 30, Sergeant Vince Iovinella of the Morgan County Sheriff's Department in rural Colorado was on patrol when the calls started coming in about drones. "Residents began calling in reports of drones of unknown origin moving above houses and farms," Iovinella wrote in a statement obtained by Motherboard via a public records request. "The numbers would range from 4 to 10 drones in an area at a time. Some were reported to be low and at least 6 ft. long." Iovinella further reported the drones had white and red flashing lights as he and other deputies made "several attempts" to follow the drones. The drones were moving "very fast at times" but could also "sustain a hover over an area for long periods of time."

"There were many sighting's [sic] coming in and at the same time," Iovinella continued. "It is believed that there could have been up to 30 drones moving around the county if not more and appeared to be working in a search pattern across the county." This was yet another night on eastern Colorado's new drone patrol, following a slate of reports on mysterious fixed-wing drones in the area. They'd come out at night between approximately 7 to 10 p.m. The story, which was first reported by the Denver Post, got international press attention. "In all of these cases," Iovinella wrote in this statement, "it is unknown who owns the drone or what their purpose is." That's because the drones never existed. The Colorado Department of Public Safety (CDPS) "confirmed no incidents involving criminal activity, nor have investigations substantiated reports of suspicious or illegal drone activity."

"Of the 23 reports between January 6 and January 13 when the investigation was underway, 13 were determined to be 'planets, stars, or small hobbyist drones,'" reports Motherboard. "Six were commercial aircraft, and four remain unconfirmed. None of the 90 reports from November 23 onward were confirmed instances of illegal drone activity."

chicksdaddy writes: The Security Ledger is reporting that more than 50 Emergency Alert System (EAS) devices made by Monroe Electronics (now Digital Alert Systems) are un-patched and accessible from the public Internet, seven years after security researchers alerted the public about security flaws in the devices. More than 50 EAS deployments across the United States still use a shared SSH key, a security vulnerability first discovered and reported by IOActive in 2013, according to a warning posted by the security researcher Shawn Merdinger on January 19, seven years after the initial vulnerability report was issued.

Security Ledger viewed the exposed web interfaces for Monroe/Digital Alerts Systems EAS hardware used by two FM broadcasters in Texas and an exposed EAS belonging to a broadband cable provider in North Carolina. Also publicly accessible: EAS systems for two stations (FM and AM) serving the Island of Hawaii. Residents there received a false EAS alert about an incoming ICBM in 2018. That incident was found to be the result of human error but prompted the FCC to issue new guidance about securing EAS systems. Digital Alert Systems said it is aware of the problem and is contacting the customers whose gear is exposed. However, a search using the Shodan search engine suggests that few have taken steps to remove their EAS systems from the public Internet in the past week. Security Ledger is withholding the names of the broadcasters whose EAS systems were exposed for security reasons. None of the stations contacted for the story was able to provide comment prior to publication.

"During its Q4 earnings call, Netflix shot down the idea of an ad-supported option for its service," writes Slashdot reader saccade.com. TechCrunch reports: "Google and Facebook and Amazon are tremendously powerful at online advertising because they're integrating so much data from so many sources. There's a business cost to that, but that makes the advertising more targeted and effective. So I think those three are going to get most of the online advertising business," Netflix CEO Reed Hastings said. To grow a $5 billion to $10 billion advertising business, you'd need to "rip that away" from the existing providers [such as Facebook, Amazon Google], he continued. And stealing online advertising business from [them] is "quite challenging," Hastings added, saying "there's not easy money there."

"We've got a much simpler business model, which is just focused on streaming and customer pleasure," he said. The CEO also noted that Netflix's strategic decision to not enter the ad business has its upsides, in terms of the controversies that surround companies that collect personal data on their users. To compete, Netflix would have to track more data on its subscribers, including things like their location -- that's not something it's interested in doing, he said, calling it "exploiting users." "We don't collect anything. We're really focused on just making our members happy," Hastings stated. "We think with our model that we'll actually get to larger revenue, larger profits, larger market cap because we don't have the exposure to something that we're strategically disadvantaged at -- which is online advertising against those big three," he said. TechCrunch points out that Netflix does track viewership data, overall viewing trends, and users' own interactions with its service. It also recently introduced a new "chose to watch" viewership metric.

"However, none of this viewership tracking is on the scale of big tech's data collection practices, which is what Hastings meant by his comment," the report says.

Quincy Larson, founder of freeCodeCamp, a non-profit organization that runs an open-source community for learning to code, writes in a blog post: I tucked my son under my arm and jogged to my desk. I'd been up until 2 a.m. finishing the announcement for our new #AWSCertified Challenge. And so far, the launch was going well. Our new Twitter bot was tweeting, and our Discord chatroom was abuzz with ambitious developers eager to earn their AWS certifications. I was getting ready to meet with my team when I noticed two strange emails -- both of which arrived within minutes of one another. "Your a fraud" read one of the emails in typo-riddled English. "That's exactly what I'm thinking since I see a charge on my financial institution from you and since I've never heard of you. Yes you need to resolve this." The other email was... well, let's just say it was also an angry letter and let's leave it at that. freeCodeCamp is a donor-supported nonprofit, and we have thousands of people around the world who donate to us each month. Once in a while, there are misunderstandings -- usually when one family member donates without telling the other. But this felt different.

So I tabbed over to Stripe, the credit card processing service our nonprofit uses for donations. On a typical day, we'd have 20 or 30 new donors. But here's what I saw instead: Stripe's dashboard showing 11,000 new customers and $60,000 in revenue for a single 24 hour period. It took me a moment to process what was happening. Our nonprofit -- which operates on an annual budget of less than $400,000 -- had just received more than $60,000 in 24 hours - and from thousands of donors. And my heart began to sink. There was no way those were real donations. We've had spikes in donations from articles in major newspapers. Heck -- I've even been interviewed on Good Morning America. But none of those spikes caused such a surge in donations. No. There was only one thing that could cause a surge in donations like this. Fraud. Extensive, programmatic credit card fraud. I'd heard about this technique before. It's called "card testing." Here's how it works: 1. A fraudster finds a website with a relatively simple credit card form. 2. Then they run scripts to test thousands of stolen credit card numbers in rapid succession. 3. That way they can see which cards are still valid and which ones have been cancelled. Then they turn around and sell those valid card numbers on the dark web. In this case, I'd detected the fraud much faster than a lot of other websites would have. So I had a window.

"Last month, astronomers noticed Betelgeuse had faded much more than usual," writes the Steamboat Pilot & Today. "This is the faintest it has been in over a century of observations.

"What's up with Betelgeuse?"

The Grim Reefer quotes their report:
Well, probably nothing. It is most likely experiencing a super minimum as two of its variability cycles sync up and reach minimum brightness at the same time. On the other hand, stars like Betelgeuse are well advanced in age and are destined to explode as supernovas at the end of their lives.

There hasn't been a bright supernova in our Milky Way galaxy since the supernova of 1604. Sure, we've seen supernovas in galaxies far, far away, but none have been seen close to home. So, there is some excitement in the astronomical community, warranted or not, that Betelgeuse might be ready to pop. Astrophysicists theorize that a pronounced fading might presage an impending supernova explosion. If Betelgeuse continues to fade into January and beyond, then look out -- the end might be near.
A Forbes science writer remains skeptical, but points out that "some astronomers now think there's a much closer star that could 'nova'..."
A star called V Sagittae, 7,800 light years distant in the tiny constellation of Sagitta (just below Cygnus in the famous "Summer Triangle" asterism of stars) is barely visible even in mid-sized telescopes, but new research suggests that it could explode around the year 2083... "Around the year 2083, its accretion rate will rise catastrophically, spilling mass at incredibly high rates onto the white dwarf, with this material blazing away," says Professor Emeritus Bradley E. Schaefer, LSU Department of Physics & Astronomy. "In the final days of this death-spiral, all of the mass from the companion star will fall onto the white dwarf, creating a super-massive wind from the merging star, appearing as bright as Sirius, possibly even as bright as Venus."

The uncertainty of the prediction is plus or minus 16 years, so it could happen between 2067 and 2099, most likely near the middle of this range. It promises to be a wonderful sight.

According to contracts posted on a federal spending database, the U.S. military is working to develop facial recognition technology that reads the pattern of heat being emitted by faces in order to identify specific people. OneZero reports: Now, the military wants to develop a facial recognition system that analyzes infrared images to identify individuals. The Army Research Lab has previously publicized research in this area, but these contracts, which started at the end of September 2019 and run until 2021, indicate the technology is now being actively developed for use in the field. "Sensors should be demonstrable in environments such as targets seen through automotive windshield glass, targets that are backlit, and targets that are obscured due to light weather (e.g., fog)," the Department of Defense indicated when requesting proposals.

The DoD is calling for the technology to be incorporated into a device that is small enough to be carried by an individual. The device should be able to operate from a distance of 10 to 500 meters and match individuals against a watchlist. According to the details of the request, the Defense Forensics and Biometrics Agency is directly overseeing work on the technology. Two companies are working on this technology on behalf of the DFBA, Cyan Systems, Inc. and Polaris Sensor Technologies.

Charter Comunications' Spectrum cable service includes a home security service, and -- whoops. No it doesn't.

"Spectrum customers who are also users of the company's home security service are about a month away from being left with a pile of useless equipment that in many cases cost them hundreds of dollars," reports Gizmodo: On February 5, Spectrum will no longer support customers who've purchased its Spectrum Home Security equipment. None of the devices -- the cameras, motion sensors, smart thermostats, and in-home touchscreens -- can be paired with other existing services. In a few weeks, it'll all be worthless junk.

While some of the devices may continue to function on their own, customers will soon no longer be able to access them using their mobile devices, which is sort of the whole point of owning a smart device... Spectrum is hoping to smooth things over with "exclusive offers" from other home security companies, including Ring, which is owned by Amazon...

Spectrum apparently believes it can afford to aggravate these customers, some if not most of whom will have no choice but to continue paying Spectrum for internet service.
Spectrum "inherited" the business after acquiring Time Warner Cable and Bright House Networks in 2016, Gizmodo reports.

"It's not offering refunds, though... The firmware on the devices doesn't allow switching to other services, either."

Rog Srigley, writer who teaches at Humber College and Laurentian University, offered his students extra credit if they would give him their phones for nine days and write about living without them. "What they wrote was remarkable, and remarkably consistent," he writes. "These university students, given the chance to say what they felt, didn't gracefully submit to the tech industry and its devices." An anonymous Slashdot reader shares what some of them said: "Believe it or not, I had to walk up to a stranger and ask what time it was. It honestly took me a lot of guts and confidence to ask someone," Janet wrote. (Her name, like the others here, is a pseudonym.) She describes the attitude she was up against: "Why do you need to ask me the time? Everyone has a cell phone. You must be weird or something." Emily went even further. Simply walking by strangers "in the hallway or when I passed them on the street" caused almost all of them to take out a phone "right before I could gain eye contact with them."

To these young people, direct, unmediated human contact was experienced as ill-mannered at best and strange at worst. James: "One of the worst and most common things people do nowadays is pull out their cell phone and use it while in a face-to-face conversation. This action is very rude and unacceptable, but yet again, I find myself guilty of this sometimes because it is the norm." Emily noticed that "a lot of people used their cell phones when they felt they were in an awkward situation, for an example [sic] being at a party while no one was speaking to them." The price of this protection from awkward moments is the loss of human relationships, a consequence that almost all the students identified and lamented. Without his phone, James said, he found himself forced to look others in the eye and engage in conversation. Stewart put a moral spin on it. "Being forced to have [real relations with people] obviously made me a better person because each time it happened I learned how to deal with the situation better, other than sticking my face in a phone." Ten of the 12 students said their phones were compromising their ability to have such relationships. Peter: "I have to admit, it was pretty nice without the phone all week. Didn't have to hear the fucking thing ring or vibrate once, and didn't feel bad not answering phone calls because there were none to ignore." "It felt so free without one and it was nice knowing no one could bother me when I didn't want to be bothered," wrote William.

Emily said that she found herself "sleeping more peacefully after the first two nights of attempting to sleep right away when the lights got shut off." Stewart: "Actually I got things done much quicker without the cell because instead of waiting for a response from someone (that you don't even know if they read your message or not) you just called them [from a land line], either got an answer or didn't, and moved on to the next thing."

Tobi Lutke, the founder and CEO of $48 billion e-commerce cloud-software company Shopify, took to Twitter to remind us all that we don't need to work 80 hours a week to be successful. Business Insider reports: "I realize everyone's twitter feed looks different. But I'll go ahead and subtweet two conversations that I see going by right now: a) How the heck did Shopify get so big this decade and b) You have to work 80 hours a week to be successful," he tweeted. He says he and his cofounders have grown this company from a profitable bootstrap to its multibillion-dollar status without him ever sleeping under his desk. "I've never worked through a night. The only times I worked more than 40 hours in a week was when I had the burning desire to do so. I need 8ish hours of sleep a night. Same with everybody else, whether we admit it or not," he tweeted.

Shopify has had a spectacular few years. Its revenues have doubled since 2017, solidly beating Wall Street estimates quarter after quarter, growing from over $171 million in Q3 September, 2017, to over $390 million in Q3 September 2019, its latest complete quarter. It's expected to finish the year at about $1.5 billion in revenues. And Wall Street has noticed. Shopify went public in 2015. In the past year, the stock has soared over 200% from around $134 to about $407 giving the company a $47.6 billion market cap. But even at the scale of its current operations, he says he doesn't let his job overshadow the rest of his life. "I'm home at 5:30pm every evening. I don't travel on the weekend. I play video games alone, with my friends, and increasingly with my kids. My job is incredible, but it's also just a job. Family and personal health rank higher in my priority list," he tweeted. "For creative work, you can't cheat. My belief is that there are five creative hours in everyone's day. All I ask of people at Shopify is that four of those are channeled into the company," he wrote. "What's even better than people are teams," he wrote. "We don't burn out people. We give people space. We love real teams with real friendship forming." He adds: "None of that is even about product, or market fit, or timing. It's all about people. Treating everyone with dignity."

"We are not moist robots. We are people and people are awesome."

Public facial recognition terminals in China can be fooled with just a mask, as some recent experiments have shown. The Verge reports: An AI company, Kneron, shared a video with The Verge of tests it ran at facial recognition terminals in China where it appeared to fool the systems. Kneron asked us not to publish the video, so we will describe what we saw -- and it looked pretty convincing. In two examples, a tester approaches AliPay and WeChat terminals at shops in China while wearing a 3D mask of his face, and the facial recognition system identifies the mask as his face, allowing the purchase. In another example, the same person feeds his ID card into a train station turnstile while wearing his mask, and the turnstile's facial recognition system accepts the mask as his face.

There are definitely limitations to this type of test, though. The video only shows one person making attempts with their mask, and it's unclear if that one mask worked in every single attempt, or if another mask would work for each one of these tests as well. It's also worth noting that none of the systems were relying entirely on facial recognition for identification. Both the AliPay and WeChat terminals required the person to enter digits of the phone number associated with their identity, and at the train station, you have to present a physical ID card before the facial recognition system even starts scanning. Also, you might hope another human would intervene if a person pulled out a mask of another human's face while trying to pay for groceries?

"A massive database storing tens of millions of SMS text messages, most of which were sent by businesses to potential customers, has been found online," reports TechCrunch. The database belongs to a company that works with over 990 cell phone operators and reaches more than 5 billion subscribers around the world, according to the researchers.

TechCrunch writes: The database is run by TrueDialog, a business SMS provider for businesses and higher education providers, which lets companies, colleges, and universities send bulk text messages to their customers and students. The Austin, Texas-based company says one of the advantages to its service is that recipients can also text back, allowing them to have two-way conversations with brands or businesses.

The database stored years of sent and received text messages from its customers and processed by TrueDialog. But because the database was left unprotected on the internet without a password, none of the data was encrypted and anyone could look inside. Security researchers Noam Rotem and Ran Locar found the exposed database earlier this month as part of their internet scanning efforts... Many of the messages we reviewed contained codes to access online medical services to obtain, and password reset and login codes for sites including Facebook and Google accounts...

One table alone had tens of millions of messages, many of which were message recipients trying to opt-out of receiving text messages.

A lawsuit filed in federal court claims that Burger King is falsely advertising that its "Impossible Whopper" is "100% Whopper, 0% beef." "[Phillip Williams, the plaintiff in the Florida lawsuit] says he is a vegan who purchased an Impossible Whopper because of that zero percent promise, only to learn later that the patty was cooked on the same broiler as regular meat burgers, and thus was actually 'coated in meat by-products.'" Stephen L. Carter writes in a Bloomberg column that courts used to be skeptical of cases like this, "but times may be changing." From the report: Now, I'm as quick as anybody to condemn frivolous litigation, but if the allegations are true, Williams might well have a case. Vibrant free markets rely on truthful advertising, at least when the advertising influences the purchase decision. If a consumer happens to be vegetarian or vegan (or even, like me, pesce-pollotarian), the claim that the Impossible Whopper contains no meat will be crucial to the choice whether to give the sandwich a try. Not long ago, courts turned skeptical eyes to arguments by vegans that they'd been snookered. Back in 2003, for instance, a California judge dismissed a lawsuit by a "strict ethical vegan" against the maker of a tuberculosis test that, according to the plaintiff, was said to be vegan-friendly but actually contained animal products. The plaintiff lost not because the claim was ridiculous, but because, according to the court, the class of "strict ethical vegans" was too small. A reasonably prudent seller, wrote the court, possessed "no duty to warn of the possibility of rare, idiosyncratic, hypersensitive, or unusual reactions to an otherwise safe and useful product."

The court's reasoning is dated, the product of an era when veganism seemed quirky. No longer. According to a 2018 Gallup survey, some 3 percent of U.S. adults say they are vegan. Using current census data, this works out to around 7.6 million vegans. One doubts therefore that a present-day court would so blithely conclude that the class of those likely to be influenced by a claim of vegan content is small, or that its preferences are idiosyncratic. And, indeed, recent results have trended the other way.

Puffery -- "a mere puff," as the courts used to say -- is an extravagant advertising claim made in a context where no reasonable consumer would take it to be a factual assertion. Exaggeration, hyperbole, and absurdity are often puffery's ingredients. (Think "service second to none" or "best-built car on the planet.") Had Burger King advertised its Impossible Whopper as containing "so little meat a vegan won't care," a court would certainly have deemed the claim puffery. But the statement that the sandwich contains "0% beef" isn't puffery; it's a clear and precise assertion about the existence of a fact. If it was foreseeable that the claim would encourage those who eat no meat to try the product, and if the claim turns out to be false, it should be actionable. Don't get me wrong. I'm not suggesting that the claim is actually false. As Impossible Foods has pointed out, the customer can ask Burger King to microwave the burger, thus avoiding any contamination with meat products. This proposition, if it turns out to have been properly advertised, might well allow the restaurant to avoid liability altogether. And let's not forget that the burden of proof rests on the plaintiff. Nevertheless, the lawsuit is potentially important.

Thelasko shared this article from the Atlantic about a surprising medical observation on the International Space Station: An astronaut was carrying out an ultrasound on their own body as part of a new study, guided in real time by a specialist on the ground. A similar test before the astronaut launched to space had come back normal. But now the scan showed a clump of blood...

Before the astronauts launched, researchers measured blood flow in their jugular vein in seated, supine, and tilted positions. The readings looked normal. The researchers had the astronauts repeat the ultrasounds during their missions on the ISS. Scans showed that blood flow in the vein stalled in five of the 11 astronauts. "Sometimes it was sloshing back and forth a bit, but there was no net-forward movement," Marshall-Goebel says. Seeing stagnant blood flow in this kind of vein is rare, she says; the condition usually occurs in the legs, such as when people sit still for hours on a plane...

All the astronauts were considered to be in good health before they launched. And when they came home, the conditions vanished in nearly all of them. When the researchers analyzed the data, they found that a second astronaut may have developed a blood clot no one had seen while they were in orbit. But no one experienced any health troubles. "None of the crew members actually had any negative clinical outcomes," Marshall-Goebel says.
An associate professor of space medicine at the International Space University in France tells the Atlantic that the findings were compelling. "I think we need to understand this before we embark on long-duration missions where the astronaut would be so far away that we wouldn't be able to help them in the case of a medical emergency."

Slashdot reader dryriver writes: More and more professional 3D software like 3DMax, Maya, AutoCAD (Autodesk) and Substance Painter (Adobe) is now only available on a monthly or yearly subscription basis — you cannot buy any kind of perpetual license for these industry standard 3D tools anymore, cannot offline install or activate the tools, and the tools also phone home every few days over the internet to see whether you have "paid your rent". Stop paying your rent, and the software shuts down, leaving you unable to even look at any 3D project files you may have created with software.

This has caused so much frustration, concern and anxiety among 3D content creators that, increasingly, everybody is trying to replace their commercial 3D software with Open Source 3D tools. Thankfully, open source 3D tools have grown up nicely in recent years. Some of the most popular FOSS 3D tools are the complete 3D suite Blender, polygon modeling tool Wings 3D, polygon modeling tool Dust3D, CAD modeling tool FreeCAD, PBR texturing tool ArmorPaint, procedural materials generator Material Maker, image editing tool GIMP, painting tool Krita, vector illustration tool Inkscape and the 2D/3D game engine Godot Engine.

Along with these tools comes a beguiling possibility — while working with commercial 3D tools pretty much forced you to use Windows X in terms of OS choice in the past, all of the FOSS 3D tool alternatives have Linux versions. This means that for the first time, professional 3D users can give Windows a miss and work with Linux as their OS instead.
In a comment on the original submission, dryriver offers some anecdotal evidence: Go on any major 3D software forum on the Internet and it is filled with enraged 3D users revolting against forced software subscriptions and threatening to switch to FOSS Blender as soon as possible.

Some major 3D animation studios are also working Blender into their CGI pipeline. Companies like EPIC and Nvidia have begun donating to the Blender foundation. Its happening. The move away from commercial closed source tools - which are expensive, stagnant and don't offer you permanent licenses anymore - is in full swing. The fact that Blender has an innovative GPU accelerated realtime render engine called EEVEE that none of the commercial software has has only accelerated this trend.

Blender is widely believed to have 2 - 3 million active users already, and the fact that V 2.80 comes with a much more usable UI is only accelerating things.

Freshly Exhumed shares a report from Securelist: Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium (named after a password to one of the self-executable archives). Titanium is the final result of a sequence of dropping, downloading and installing stages. The malware hides at every step by mimicking common software (protection related, sound drivers software, DVD video creation tools).

The Titanium APT has a very complicated infiltration scheme. It involves numerous steps and requires good coordination between all of them. In addition, none of the files in the file system can be detected as malicious due to the use of encryption and fileless technologies. One other feature that makes detection harder is the mimicking of well-known software. One of the methods Titanium uses to infect its targets and spread is via a local intranet that has already been compromised with malware. Another is via an SFX archive containing a Windows task installation script. A third is shellcode that gets injected into the winlogon.exe process (it's still unknown how this happens).

A coalition that includes Netflix, HBO and cable-industry titans is stepping up efforts to crack down on password sharing, discussing new measures to close a loophole that could be costing companies billions of dollars in lost revenue each year, Bloomberg reported Friday. From the report: Programmers and cable-TV distributors are considering an array of tactics to cut off people who borrow credentials from friends and relatives to access programming without paying for it. The possible measures include requiring customers to change their passwords periodically or texting codes to subscribers' phones that they would need to enter to keep watching, according to people familiar with the matter. Some TV executives want to create rules governing which devices can be used to access a cable-TV subscription outside the home. While someone logging in from a phone or tablet would be fine, someone using a Roku device at a second location could be considered a likely freeloader, one person said. If none of those tactics work, pay-TV subscribers could someday be required to sign into their accounts using their thumbprints.

"A Michigan family was shocked to find a space satellite in their yard Saturday morning," reports a local TV station: Nancy Mumby-Welke shared the video on Facebook, walking up to a satellite lying on its side. "You never know what's going to happen," Welke says in the video. "This baby fell out of the sky and landed in our yard," she went on to say.

According to the Gratiot County Herald, Welke heard the crash around 8:45 a.m. just before they were going to let their horses out. "Thank God none of the horses were out and it didn't land on the house," Welke explained in the video. Welke says when she walked up to it, the satellite was still humming and whirring...

The Herald says Samsung representatives will pick up the equipment from the Welkes' property.
In an announcement last week Samsung said their satellite "pushes the boundaries of innovation." That announcement also promised a "bold, out-of-this-world mission... demonstrating the pioneering spirit of its brand and setting a new standard for the potential of mobile technology."

The announcement said the satellite "will showcase the strength of Samsung's innovations and how it continues to design products that make what was previously impossible, possible." And it quotes their chief marketing officer for Europe as promising "we will show that amazing things continue to happen using Samsung technology."

In a statement to the Detroit Free Press, Samsung blamed the "early soft landing" during the satellite's planned descent on the weather. "We regret any inconvenience this may have caused."

Scott K. Johnson from Ars Technica reports on how Flagstaff, Arizona, switched to energy-efficient LEDs without giving astronomers a headache from the harsh blue-rich light they produce. An anonymous reader shares several excerpts from the report: Flagstaff became the first city to earn a designation from the International Dark Sky Association in 2001. That came as a result of its long history of hosting astronomy research at local Lowell Observatory, as well as facilities operated by the U.S. Navy. The city has an official ordinance governing the use of outdoor lighting -- public and private. A few years ago, though, a problem arose. The type of dark-sky-friendly streetlight that the city had been using was going extinct, largely as a casualty of low demand. In fact, as of this summer, there are none left to buy. Meanwhile, the age of the LED streetlight has arrived with a catch: limited night-sky-friendly LED options. The problem with LEDs boils down to blue light. Older streetlights are high-pressure sodium bulbs, which produce a warm yellow glow around a color temperature of 2,000 K. The bulbs Flagstaff relied on for most of its streetlights were low-pressure sodium -- a variant that only emits light at a single wavelength (589 nanometers) near that yellow color, producing something resembling candlelight. Many of the LED streetlights on the market have much cooler color temperatures of 3,000 or even 4,000 K.

[...] Narrow-band amber (NBA) LEDs [...] actually use a type of LED that only emits warmer colors from the start. In this way, they actually compare pretty well to the low-pressure sodium streetlights that recently went extinct. The range of wavelengths emitted is a little broader, but the practical effect is about the same. Separately from all this wavelength wrangling, though, LEDs do have a strong natural advantage -- they're highly directional. That is, LED streetlights do a much better job of only lighting the street (rather than the adjacent homes). That means that fewer lumens coming out of the fixture can give the same result you had before. Flagstaff's plan is generally to swap in NBA LEDs for all the low-pressure sodium lights, and PCA LEDs [lights known as phosphor-converted amber (PCA) shift all the light out of the blue and into the yellow part of the spectrum at the cost of some efficiency] for the high-pressure sodium lights that are used along the busier streets (as they're a little brighter). The better directionality of LEDs -- combined with resident requests for slightly dimmer lighting on residential streets -- actually means that the total output of the city's streetlights is going to drop from about 29 million lumens to about 19 million lumens. That's not unusual. In closing, Johnson says Flagstaff's hope is to produce the first dark-sky ordinance updated to deal with LEDs that could give other cities an example to follow.