Amazon is developing smart eyeglasses for delivery drivers to improve efficiency by offering turn-by-turn navigation. "Such directions could shave valuable seconds off each delivery by providing left or right directions off elevators and around obstacles such as gates or aggressive dogs," reports Reuters. "With millions of packages delivered daily, seconds add up. The glasses would also free drivers from using handheld Global Positioning System devices, allowing them to carry more packages." From the report: Amazon's delivery glasses, the people warned, could be shelved or delayed indefinitely if they do not work as envisioned, or for financial or other reasons. The sources said they may take years to perfect. "We are continuously innovating to create an even safer and better delivery experience for drivers," an Amazon spokesperson said, when asked about the driver eyeglasses. "We otherwise don't comment on our product roadmap." [...]

The delivery glasses in development build on Amazon's Echo Frames smart glasses, which allow users to listen to audio and use voice commands from Alexa, Amazon's virtual assistant, the people said. Known by the internal code name Amelia, the delivery glasses would rely on a small display on one of the lenses and could take photos of delivered packages as proof for customers, the sources said. Amazon released in September an unrelated chatbot for third-party sellers that is also known as Amelia. But the technology is still in development and Amazon has had trouble making a battery that can last a full eight-hour shift, and still be light enough to wear all day without causing fatigue, the people said. As well, gathering complete data on each house, sidewalk, street, curb and driveway could take years, they said.

Delivery drivers visit more than 100 customers per shift, Amazon has said. With increased efficiency, Amazon could ask drivers to ferry more packages and visit more homes. The Seattle company could face other obstacles, including convincing its thousands of drivers to use the eyeglasses, which may be uncomfortable, distracting or unsightly, the people said, not to mention the fact some drivers already wear corrective glasses. However, much of Amazon's delivery force consists of outside companies, meaning Amazon could make wearing the glasses a contractual requirement, the people said. [...] The embedded screen in development is also slated for a future generation of the Echo Frames that could be released as soon as 2026's second quarter, two of the people said.

Amazon has confirmed that employee data was compromised after a "security event" at a third-party vendor. From a report: In a statement given to TechCrunch on Monday, Amazon spokesperson Adam Montgomery confirmed that employee information had been involved in a data breach. "Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon. The only Amazon information involved was employee work contact information, for example work email addresses, desk phone numbers, and building locations," Montgomery said.

Amazon declined to say how many employees were impacted by the breach. It noted that the unnamed third-party vendor doesn't have access to sensitive data such as Social Security numbers or financial information and said the vendor had fixed the security vulnerability responsible for the data breach. The confirmation comes after a threat actor claimed to have published data stolen from Amazon on notorious hacking site BreachForums. The individual claims to have more than 2.8 million lines of data, which they say was stolen during last year's mass-exploitation of MOVEit Transfer.

An anonymous reader shares a report: AMD has gained a substantial 5.7 percentage points of share of the desktop x86 CPU market in the third quarter compared to Q2, the largest quarterly share gain since we began tracking the market share reports in 2016. It also represents an incredible ten percentage point improvement over the prior year. AMD also raked in a strong increase in revenue share, jumping 8.5 percentage points over the prior quarter, indicating that it is selling a strong mix of higher-end CPU models.

During the quarter, AMD launched its new Ryzen 9000-series family of processors amid a scandal related to stability issues with Intel's Raptor Lake chips, which generated a flood of negative press for the company over the course of several months, and inventory adjustments for one of Intel's customers. AMD now commands 28.7% of the desktop processor market. AMD also continued to gain share in the laptop and server markets, though its gains on the desktop side of the business were the most impressive, according to Mercury Research.

The James Webb Space Telescope has made groundbreaking discoveries, detecting the most distant galaxy yet and capturing an image of the closest directly-imaged exoplanet. "Judging by astronomers' interest in using Webb, there are many more to come," writes Ars Technica's Stephen Clark. With immense demand for observation time, Webb is set to explore a vast array of cosmic targets -- from early galaxies to exoplanet atmospheres -- offering insights that extend far beyond Hubble's reach. From the report: The Space Telescope Science Institute, which operates Webb on behalf of NASA and its international partners, said last week that it received 2,377 unique proposals from science teams seeking observing time on the observatory. The institute released a call for proposals earlier this year for the so-called "Cycle 4" series of observations with Webb. This volume of proposals represents around 78,000 hours of observing time with Webb, nine times more than the telescope's available capacity for scientific observations in this cycle. The previous observing cycle had a similar "oversubscription rate" but had less overall observing time available to the science community.

More than 600 scientists will review the proposals and select the most promising ones for time on Webb. The largest share of proposals would involve observing "high-redshift" galaxies among the first generation of galaxies that formed after the Big Bang. Galaxies this old and distant have their light stretched to longer wavelengths due to the expansion of the Universe. Research involving exoplanet atmospheres and stars and stellar populations were the second- and third-most popular science categories in this cycle. [...] It seems astronomers have no shortage of ideas about where to look. Maybe one day, new super heavy-lift rockets or advancements in in-space assembly will make it possible to deploy space telescopes even more sensitive than Webb. Until then, we can be thankful that Webb is performing well and has a good shot of far outliving its original five-year design life. Let's continue enjoying the show.

OpenAI has acquired the chat.com domain name, likely for well over $10 million. OpenAI CEO Sam Altman posted a one-word tweet this morning, simply stating, "chat.com." Domain Name Wire reports: The chat.com domain name has changed hands for the third time in two years. HubSpot founder Dharmesh Shah kicked off the buying last year, plunking down over $15.5 million for the domain name. He turned around and sold the domain shortly thereafter for a profit.

First we had friends. Then we had influencers. And if Mark Zuckerberg is correct, the next big thing in our social media feeds will be AI generated content. Lots of it. Fortune: Zuckerberg described our future feeds during Facebook-parent company Meta's third quarter earnings conference call on Wednesday, describing it as a natural evolution. "I think were going to add a whole new category of content which is AI generated or AI summarized content, or existing content pulled together by AI in some way," the Meta CEO said. "And I think that that's gonna be very exciting for Facebook and Instagram and maybe Threads, or other kinds of feed experiences over time."

Zuckerberg touted the company's Llama large language model and the success of products it powers, such as the Meta AI chatbot that is now used by more than 500 million users every month. But Llama will increasingly play a role across Meta's business, Zuckerberg said, including tools for business customers and advertisers. As AI tools become more widespread, AI content will proliferate within social media feeds. Such feeds are actively being worked on inside Meta, Zuckerberg noted. "It's something we're starting to test different things around." "I don't know if we know what's exactly going to work really well yet, but some things are really promising," he added. "I have high confidence that over the next several years, this will be one of the important trends and one of the important applications."

An anonymous reader shares a report: A disgruntled former Disney employee allegedly repeatedly hacked into a third-party menu creation software used by Walt Disney World's restaurants and changed allergy information on menus to say that foods that had peanuts in them were safe for people with allergies, added profanity to menus, and at one point changed all fonts used on menus to Wingdings, according to a federal criminal complaint.

The suspect in the case, Michael Scheuer, broke into a proprietary menu creation and inventory system that was developed by a third-party company exclusively for Disney and is used to print menus for its restaurants, the complaint alleges. The complaint alleges he did this soon after being fired by Disney using passwords that he still had access to on several different systems. Once inside the systems, he allegedly altered menus and, in once case, broke the software for several weeks.

"The threat actor manipulated the allergen information on menus by adding information to some allergen notifications that indicated certain menu items were safe for individuals with peanut allergies, when in fact they could be deadly to those with peanut allergies," the criminal complaint states. According to the complaint, the menus were caught by Disney after they were printed but before they were distributed to Disney restaurants. Disney's menus have extensive "allergy friendly" sections.

An anonymous reader quotes a report from TechCrunch: LinkedIn, the social platform used by professionals to connect with others in their field, hunt for jobs, and develop skills, is taking the wraps off its latest effort to build artificial intelligence tools for users. Hiring Assistant is a new product designed to take on a wide array of recruitment tasks, from ingesting scrappy notes and thoughts to turn into longer job descriptions, through to sourcing candidates and engaging with them. LinkedIn is describing Hiring Assistant as a milestone in its AI trajectory: it is, per the Microsoft-owned company, its first "AI agent" And one that happens to be targeting one of LinkedIn's most lucrative categories of users (recruiters).

LinkedIn said the AI assistant is now live with a "select group" of customers (large enterprises such as AMD, Canva, Siemens and Zurich Insurance among them). It's slated to be rolling out more widely in the coming months. [...] "It's designed to take on a recruiter's most repetitive task so they can spend more time on the most impactful part of their jobs," Hari Srinivasan, LinkedIn's VP of product, said in an interview -- "a big statement," he admitted. The product includes the ability to upload full job descriptions, or just note what you want it to have, along with job postings that you like the look of from other companies or roles. In turn, that becomes a list of qualifications you're looking for, as well as an initial pipeline of candidates that you can interact with -- to look for more potential hires that are similar to some, or less like others -- with algorithms designed to search based on skills rather than other indicators (such as where a person lives or went to school), per Srinivasan.

The AI assistant also integrates with third-party application tracking systems, although ultimately, the whole system is trained on LinkedIn data, which spans 1 billion users, 68 million companies and 41,000 skills. LinkedIn said Hiring Assistant is due to get more features soon, such as messaging and scheduling support for interviews, as well as handle follow-ups when candidates have questions before or after interviews. Basically the aim is for it to cover a lot of (time-consuming) admin-style tasks, plus take on some of the thinking, that recruiters have to do daily. Second, unlike many of the other AI features that LinkedIn has released, Hiring Assistant is very squarely aimed at LinkedIn's B2B business, the products it sells to the recruitment industry. "We're really focused on making Hiring Assistant great," said Erran Berger, VP of engineering, in an interview. "This is all bleeding edge, and I mean everything from the experience and how our users are going to interact with it, to the technology that backs it. And so we're really focused on nailing that a lot of the technology we've built is applicable to problems that we're trying to solve for our members and customers. But right now, you know, we really just want to nail this, and then we can figure out where we go from there."

Longtime Slashdot reader AmiMoJo shares a report from the Associated Press: Tech behemoth OpenAI has touted its artificial intelligence-powered transcription tool Whisper as having near "human level robustness and accuracy." But Whisper has a major flaw: It is prone to making up chunks of text or even entire sentences, according to interviews with more than a dozen software engineers, developers and academic researchers. Those experts said some of the invented text -- known in the industry as hallucinations -- can include racial commentary, violent rhetoric and even imagined medical treatments. Experts said that such fabrications are problematic because Whisper is being used in a slew of industries worldwide to translate and transcribe interviews, generate text in popular consumer technologies and create subtitles for videos.

The full extent of the problem is difficult to discern, but researchers and engineers said they frequently have come across Whisper's hallucinations in their work. A University of Michigan researcher conducting a study of public meetings, for example, said he found hallucinations in eight out of every 10 audio transcriptions he inspected, before he started trying to improve the model. A machine learning engineer said he initially discovered hallucinations in about half of the over 100 hours of Whisper transcriptions he analyzed. A third developer said he found hallucinations in nearly every one of the 26,000 transcripts he created with Whisper. The problems persist even in well-recorded, short audio samples. A recent study by computer scientists uncovered 187 hallucinations in more than 13,000 clear audio snippets they examined. That trend would lead to tens of thousands of faulty transcriptions over millions of recordings, researchers said. Further reading: AI Tool Cuts Unexpected Deaths In Hospital By 26%, Canadian Study Finds

Amazon has reached its goal set earlier this year to completely get rid of plastic air pillows at its warehouses by the end of the year. "As of October 2024, we've removed all plastic air pillows from our delivery packaging used at our global fulfillment centers," the e-commerce giant said in an October 9th blog post. The Verge reports: It's a welcome change following years of pressure from environmental groups to stop plastic pollution flooding into oceans. The company is still working to reduce the use of single-use plastics more broadly in its packaging. The most prolific type of plastic litter near coastlines is plastic film -- a material that makes up those once ubiquitous air pillows, according to Oceana. That film also happens to be the "deadliest" type of plastic pollution for large mammals like whales and dolphins that might ingest it, Oceana says.

The company swapped out plastic air pillows and single-use delivery bags for paper and cardboard alternatives in Europe in 2022. It also ditched plastic film packaging at its facilities in India in 2020. The US is Amazon's largest market, and the company hasn't managed to fully eliminate plastic packaging in North America just yet. It says it plans to reduce the amount of deliveries containing "Amazon-added plastic delivery packaging" in North America to just one-third of shipments by December, down from two-thirds in December 2023.

According to an internal Border Patrol memo, nearly one-third of the surveillance cameras along the U.S.-Mexico border don't work. "The nationwide issue is having significant impacts on [Border Patrol] operations," reads the memo. NBC News reports: The large-scale outage affects roughly 150 of the 500 cameras perched on surveillance towers along the U.S.-Mexico border. It was due to "several technical problems," according to the memo. The officials, who spoke on the condition of anonymity to discuss a sensitive issue, blamed outdated equipment and outstanding repair issues.

The camera systems, known as Remote Video Surveillance Systems, have been used since 2011 to "survey large areas without having to commit hundreds of agents in vehicles to perform the same function." But according to the internal memo, 30% were inoperable. It is not clear when the cameras stopped working.Two Customs and Border Protections officials said that some repairs have been made this month but that there are still over 150 outstanding requests for camera repairs. The officials said there are some areas that are not visible to Border Patrol because of broken cameras.

A Customs and Border Protection spokesperson said the agency has installed roughly 300 new towers that use more advanced technology. "CBP continues to install newer, more advanced technology that embrace artificial intelligence and machine learning to replace outdated systems, reducing the need to have agents working non-interdiction functions," the spokesperson said. The agency points the finger at the Federal Aviation Administration (FAA), which is responsible for servicing the systems and repairing the cameras. "The FAA, which services the systems and repairs the cameras, has had internal problems meeting the needs of the Border Patrol, the memo says, without elaborating on what those problems are," reports NBC News. While the FAA is sending personnel to work on the cameras, Border Patrol leaders are considering replacing them with a contractor that can provide "adequate technical support for the cameras."

Further reading: U.S. Border Surveillance Towers Have Always Been Broken (EFF)

Cybersecurity startup Watchtowr "was founded by hacker-turned-entrepreneur Benjamin Harris," according to a recent press release touting their Fortune 500 customers and $29 million investments from venture capital firms. ("If there's a way to compromise your organization, watchTowr will find it," Harris says in the announcement.)

This week they shared their own research on a Fortinet FortiGate SSLVPN appliance vulnerability (discovered in February by Gwendal Guégniaud of the Fortinet Product Security team — presumably in a static analysis for format string vulnerabilities). "It affected (before patching) all currently-maintained branches, and recently was highlighted by CISA as being exploited-in-the-wild... It's a Format String vulnerability [that] quickly leads to Remote Code Execution via one of many well-studied mechanisms, which we won't reproduce here..."

"Tl;dr SSLVPN appliances are still sUpEr sEcurE," their post begains — but the details are interesting. When trying to test an exploit, Watchtowr discovered instead that FortiGate always closed the connection early, thanks to an exploit mitigation in glibc "intended to hinder clean exploitation of exactly this vulnerability class." Watchtowr hoped to "use this to very easily check if a device is patched — we can simply send a %n, and if the connection aborts, the device is vulnerable. If the connection does not abort, then we know the device has been patched... " But then they discovered "Fortinet added some kind of certificate validation logic in the 7.4 series, meaning that we can't even connect to it (let alone send our payload) without being explicitly permitted by a device administrator." We also checked the 7.0 branch, and here we found things even more interesting, as an unpatched instance would allow us to connect with a self-signed certificate, while a patched machine requires a certificate signed by a configured CA. We did some reversing and determined that the certificate must be explicitly configured by the administrator of the device, which limits exploitation of these machines to the managing FortiManager instance (which already has superuser permissions on the device) or the other component of a high-availability pair. It is not sufficient to present a certificate signed by a public CA, for example...

Fortinet's advice here is simply to update, which is always sound advice, but doesn't really communicate the nuance of this vulnerability... Assuming an organisation is unable to apply the supplied workaround, the urgency of upgrade is largely dictated by the willingness of the target to accept a self-signed certificate. Targets that will do so are open to attack by any host that can access them, while those devices that require a certificate signed by a trusted root are rendered unexploitable in all but the narrowest of cases (because the TLS/SSL ecosystem is just so solid, as we recently demonstrated)...

While it's always a good idea to update to the latest version, the life of a sysadmin is filled with cost-to-benefit analysis, juggling the needs of users with their best interests.... [I]t is somewhat troubling when third parties need to reverse patches to uncover such details.
Thanks to Slashdot reader Mirnotoriety for sharing the article.

Last month C dropped from 3rd to 4th in TIOBE's ranking of programming language popularity (which tries to calculate each language's share of search engine results). Java moved up into the #3 position in September, reports TechRepublic, which notes that by comparison October "saw relatively little change" — though percentages of search results increased slightly. "At number one, Python jumped from 20.17% in September to 21.9% in October. In second place, C++ rose from 10.75% in September to 11.6%. In third, Java ascended from 9.45% to 10.51%..."

Is there a larger trend? TIOBE CEO Paul Jansen writes that the need to harvest more data increases demand for fast data manipulation languages. But they also need to be easy to learn ("because the resource pool of skilled software engineers is drying up") and secure ("because of continuous cyber threats.") King of all, Python, is easy to learn and secure, but not fast. Hence, engineers are frantically looking for fast alternatives for Python. C++ is an obvious candidate, but it is considered "not secure" because of its explicit memory management. Rust is another candidate, although not easy to learn. Rust is, thanks to its emphasis on security and speed, making its way to the TIOBE index top 10 now. [It's #13 — up from #20 a year ago]

The cry for fast, data crunching languages is also visible elsewhere in the TIOBE index. The language Mojo [a faster superset of Python designed for accelerated hardware like GPUs]... enters the top 50 for the first time. The fact that this language is only 1 year old and already showing up, makes it a very promising language.
In the last 12 months three languages also fell from the top ten:

• PHP (dropping from #8 to #15)

• SQL (dropping from #9 to #11)

• Assembly language (dropping from #10 to #16)

Amazon is "embedding pharmacies in same-day delivery facilities often clustered around major metro areas," reports CNBC.

This will enable "a coming expansion of its same-day prescription delivery service," according to Engadget, "with 20 more cities and affiliated metro areas entering the program next year. This expansion will open up the feature to nearly half of US residents."

"In most cases, that means a customer can order medication by 4 p.m. and receive it at home by 10 p.m.," Amazon said in their announcement — making the case that their service (and its 24/7 pharmacists) "ensures customers can get care within hours, bridging health care accessibility divides..." A recent study found nearly half of U.S. counties have communities over 10 miles from the nearest pharmacy, limiting their access to medications and pharmacist care. Traditional mail-order prescriptions can take up to 10 days to arrive, leaving many underserved... As of 2019, seven in 10 hospitals relied on fax machines and phone lines to transfer and retrieve patient records or order prescriptions. Nearly a third of physicians have said they spend 20 hours or more a week on paperwork and administrative tasks...

The new, smaller pharmacies complement Amazon Pharmacy's existing, highly automated pharmacy fulfillment sites that feature robotic arms and other automation, overseen by a team of highly trained, licensed pharmacists and pharmacy technicians.
CNBC adds that in the last year Amazon has also tested prescription deliveries by drone in one Texas city.

TechCrunch's Carly Page reports: Fidelity Investments, one of the world's largest asset managers, has confirmed that over 77,000 customers had personal information compromised during an August data breach, including Social Security numbers and driver's licenses. The Boston, Massachusetts-based investment firm said in a filing with Maine's attorney general on Wednesday that an unnamed third party accessed information from its systems between August 17 and August 19 "using two customer accounts that they had recently established."

"We detected this activity on August 19 and immediately took steps to terminate the access," Fidelity said in a letter sent to those affected, adding that the incident did not involve any access to customers' Fidelity accounts. Fidelity confirmed that a total of 77,099 customers were affected by the breach, and its completed review of the compromised data determined that customers' personal information was affected. When reached by TechCrunch, Fidelity did not say how the creation of two Fidelity customer accounts allowed access to the data of thousands of other customers.

In another data breach notice filed with New Hampshire's attorney general, Fidelity revealed that the third party "accessed and retrieved certain documents related to Fidelity customers and other individuals by submitting fraudulent requests to an internal database that housed images of documents pertaining to Fidelity customers." Fidelity said the data breach included customers' Social Security numbers and driver's licenses, according to a separate data breach notice filed by Fidelity with the Massachusetts' attorney general. No information about the breach was found on Fidelity's website at the time of writing.

Microsoft is enhancing passkey support in Windows 11 with a redesigned Windows Hello experience that allows users to sync passkeys to their Microsoft account or third-party providers like 1Password and Bitwarden. The Verge reports: A new API for third-party password and passkey managers means developers can plug directly into the Windows 11 experience, so you can use the same passkey from your mobile device to authenticate on your PC. Right now it's possible in some apps to do this through QR codes and other ways to authenticate from a mobile device, but Microsoft's full support means the passkeys experience on Windows is about to get a lot better.

Microsoft is also redesigning the Windows Hello prompt, including the ability to setup syncing of passkeys to your Microsoft account or saving them elsewhere. Once you've completed a one-time setup process you can use facial recognition, fingerprint, or PIN to authenticate with a passkey across multiple Windows 11 devices. Windows Insiders will get access to these new passkey features "in the coming months."

Amazon launched "cashierless checkout" stores In 2018, reports CNBC — but by 2020 it was licensing the "Just Walk Out" technology to other stores in airports, hospitals, and stadiums. In April, Amazon announced it was removing cashierless checkout from its U.S. Fresh stores and Whole Foods locations... In place of Just Walk Out, which typically requires ceiling-mounted cameras, shelf sensors and gated entry points, Amazon Fresh stores and Whole Foods supermarkets will feature Dash Carts. The carts track and tally up items as shoppers place them in bags, enabling people to skip the checkout line. Amazon continues to use Just Walk Out in its grab-and-go marts and UK Fresh stores...

While it's no longer featuring Just Walk Out as prominently in its own stores, Amazon says it has inked deals with a growing list of customers. More than 200 third-party stores have paid Amazon to install the cashierless system. The company expects to double the number of third-party Just Walk Out stores this year, Jon Jenkins, who previously served as vice president of Amazon's Just Walk Out technology, said in a recent interview... Amazon's "primary focus" is selling the technology to third-party businesses and deploying it in small to medium-sized store formats, where the system "tends to generate a little better [return on investment]," Jenkins said...

At one Just Walk Out store, inside Seattle's Lumen Field, home to the NFL's Seahawks, the company said it boosted sales by 112% last season, with 85% more transactions during the course of a game.
Two interesting points from the article:

• "Earlier this year, Amazon also began selling its connected grocery carts to third parties."

• "With Just Walk Out, Amazon faces the challenge of convincing retailers that they can trust one of their biggest competitors with handling valuable shopper data..."

"Scientists can't agree on the exact rate of expansion of the universe, dictated by the Hubble constant," a new article at Space.com reminds us: The rate can be measured starting from the local (and therefore recent) universe, then going farther back in time — or, it can be calculated starting from the distant (and therefore early) universe, then working your way up. The issue is both methods deliver values that don't agree with each other. This is where the James Web Space Telescope (JWST) comes in. Gravitationally lensed supernovas in the early cosmos the JWST is observing could provide a third way of measuring the rate, potentially helping resolve this "Hubble trouble." "The supernova was named 'supernova Hope' since it gives astronomers hope to better understand the universe's changing expansion rate," Brenda Frye, study team leader and a University of Arizona researcher, said in a NASA statement.

This investigation of supernova Hope began when Frye and her global team of scientists found three curious points of light in a JWST image of a distant, densely packed cluster of galaxies. Those points of light in the image were not visible when the Hubble Space Telescope imaged the same cluster, known as PLCK G165.7+67.0 or, more simply, G165, back in 2015. "It all started with one question by the team: 'What are those three dots that weren't there before? Could that be a supernova?'" Frye said.
The team noted a "high rate of star formation... more than 300 solar masses per year," according to NASA's statement: Dr. Frye: "Initial analyses confirmed that these dots corresponded to an exploding star, one with rare qualities. First, it's a Type Ia supernova, an explosion of a white dwarf star. This type of supernova is generally called a 'standard candle,' meaning that the supernova had a known intrinsic brightness. Second, it is gravitationally lensed. Gravitational lensing is important to this experiment. The lens, consisting of a cluster of galaxies that is situated between the supernova and us, bends the supernova's light into multiple images...

To achieve three images, the light traveled along three different paths. Since each path had a different length, and light traveled at the same speed, the supernova was imaged in this Webb observation at three different times during its explosion... Trifold supernova images are special: The time delays, supernova distance, and gravitational lensing properties yield a value for the Hubble constant... The team reports the value for the Hubble constant as 75.4 kilometers per second per megaparsec, plus 8.1 or minus 5.5... This is only the second measurement of the Hubble constant by this method, and the first time using a standard candle.
Their result? "The Hubble constant value matches other measurements in the local universe, and is somewhat in tension with values obtained when the universe was young."

The one-and-done nature of 23andMe is "indicative of a core business problem with the once high-flying biotech company that is now teetering on the brink of collapse," reports NPR. As 23andMe struggles for survival, many of its 15 million customers are left wondering what the company plans to do with all the data it has collected since it was founded in 2006. An anonymous reader shares an excerpt from the report: Andy Kill, a spokesperson for 23andMe, would not comment on what the company might do with its trove of genetic data beyond general pronouncements about its commitment to privacy. "For our customers, our focus continues to be on transparency and choice over how they want their data to be managed," he said. When signing up for the service, about 80% of 23andMe's customers have opted in to having their genetic data analyzed for medical research. "This rate has held steady for many years," Kill added. The company has an agreement with pharmaceutical giant GlaxoSmithKline, or GSK, that allows the drugmaker to tap the tech company's customer data to develop new treatments for disease. Anya Prince, a law professor at the University of Iowa's College of Law who focuses on genetic privacy, said those worried about their sensitive DNA information may not realize just how few federal protections exist. For instance, the Health Insurance Portability and Accountability Act, also known as HIPAA, does not apply to 23andMe since it is a company outside of the health care realm. "HIPAA does not protect data that's held by direct-to-consumer companies like 23andMe," she said.

Although DNA data has no federal safeguards, some states, like California and Florida, do give consumers rights over their genetic information. "If customers are really worried, they could ask for their samples to be withdrawn from these databases under those laws," said Prince. According to the company, all of its genetic data is anonymized, meaning there is no way for GSK, or any other third party, to connect the sample to a real person. That, however, could make it nearly impossible for a customer to renege on their decision to allow researchers to access their DNA data. "I couldn't go to GSK and say, 'Hey, my sample was given to you -- I want that taken out -- if it was anonymized, right? Because they're not going to re-identify it just to pull it out of the database," Prince said.

Vera Eidelman, a staff attorney with the American Civil Liberties Union who specializes in privacy and technology policy, said the patchwork of state laws governing DNA data makes the generic data of millions potentially vulnerable to being sold off, or even mined by law enforcement. "Having to rely on a private company's terms of service or bottom line to protect that kind of information is troubling -- particularly given the level of interest we've seen from government actors in accessing such information during criminal investigations," Eidelman said. She points to how investigators used a genealogy website to identify the man known as the Golden State Killer, and how police homed in on an Idaho murder suspect by turning to similar databases of genetic profiles. "This has happened without people's knowledge, much less their express consent," Eidelman said.

Neither case relied on 23andMe, and spokesperson Kill said the company does not allow law enforcement to search its database. The company has, however, received subpoenas to access its genetic information. According to 23andMe's transparency report, authorities have sought genetic data on 15 individuals since 2015, but the company has resisted the requests and never produced data for investigators. "We treat law enforcement inquiries, such as a valid subpoena or court order, with the utmost seriousness. We use all legal measures to resist any and all requests in order to protect our customers' privacy," Kill said. [...] In a September filing to financial regulators, [23andMe CEO Anne Wojcicki] wrote: "I remain committed to our customers' privacy and pledge," meaning the company's rules requiring consent for DNA to be used for research would remain in place, as well as allowing customers to delete their data. Wojcicki added that she is no longer considering offers to buy the company after previously saying she was.

The world's oldest and largest cancer research association "found excessive levels of alcohol consumption increase the risk for six different types of cancer," reports CBS News: "Some of this is happening through chronic inflammation. We also know that alcohol changes the microbiome, so those are the bacteria that live in your gut, and that can also increase the risk," Dr. Céline Gounder, CBS News medical contributor and editor-at-large for public health at KFF Health News, recently said on "CBS Mornings."

But how much is too much when it comes to drinking? We asked experts what to know. "Excessive levels of alcohol" equates to about three or more drinks per day for women and four or more drinks per day for men, Gounder said... Other studies have shown, however, there is no "safe amount" of alcohol, Gounder said, particularly if you have underlying medical conditions. "If you don't drink, don't start drinking. If you do drink, really try to keep it within moderation," she said.

Dr. Amy Commander, medical director of the Mass General Cancer Center specializing in breast cancer, told CBS News alcohol is the third leading modifiable risk factor that can increase cancer risk after accounting for cigarette smoking and excess body weight. [Other factors include physical inactivity — and diet]. "There really isn't a safe amount of alcohol for consumption," she said. "In fact, it's best to not drink alcohol at all, but that is obviously hard for many people. So I think it's really important for individuals to just be mindful of their alcohol consumption and certainly drink less."
The article also includes an interesting statistic from the association's latest Cancer Progress Report: from 1991 to 2021 there's been a 33% reduction in overall cancer deaths in the U.S. That's 4.1 million lives saved — roughly 136,667 lives saved each year.

"So that is hopeful," Commander said, adding that when it comes to preventing cancer, alcohol is just "one piece of the puzzle."