An anonymous reader quotes a report from The New York Times: There's a big debate in the tech world over whether artificial intelligence models should be "open source." Elon Musk, who helped found OpenAI in 2015, sued the startup and its chief executive, Sam Altman, on claims that the company had diverged from its mission of openness. The Biden administration is investigating the risks and benefits of open source models. Proponents of open source A.I. models say they're more equitable and safer for society, while detractors say they are more likely to be abused for malicious intent. One big hiccup in the debate? There's no agreed-upon definition of what open source A.I. actually means. And some are accusing A.I. companies of "openwashing" -- using the "open source" term disingenuously to make themselves look good. (Accusations of openwashing have previously been aimed at coding projects that used the open source label too loosely.)

In a blog post on Open Future, a European think tank supporting open sourcing, Alek Tarkowski wrote, "As the rules get written, one challenge is building sufficient guardrails against corporations' attempts at 'openwashing.'" Last month the Linux Foundation, a nonprofit that supports open-source software projects, cautioned that "this 'openwashing' trend threatens to undermine the very premise of openness -- the free sharing of knowledge to enable inspection, replication and collective advancement." Organizations that apply the label to their models may be taking very different approaches to openness. [...]

The main reason is that while open source software allows anyone to replicate or modify it, building an A.I. model requires much more than code. Only a handful of companies can fund the computing power and data curation required. That's why some experts say labeling any A.I. as "open source" is at best misleading and at worst a marketing tool. "Even maximally open A.I. systems do not allow open access to the resources necessary to 'democratize' access to A.I., or enable full scrutiny," said David Gray Widder, a postdoctoral fellow at Cornell Tech who has studied use of the "open source" label by A.I. companies.

"What is lost when billionaires with no background nor interest in a civic mission, who are only concerned with profiteering, take over our most influential news organizations? What new models of news gathering, and dissemination show promise for our increasingly digital age? What can the public do to preserve and support vibrant journalism?"

That's a synopsis posted about the documentary Stripped for Parts: American Journalism on the Brink, cited by the long-standing news industry magazine Editor and Publisher (which dates back to 1901). This week its podcast interviewed filmmaker Rick Goldsmith about his 90-minute documentary, which they say "tells the tale" of how hedge fund Alden Global Capital clandestinely entered into the news publishing industry in a big way — and then "dismantled local newspapers 'piece by piece,' creating a crises within the communities they serve, leaving 'news deserts' and 'ghost papers' in their wake." [Goldsmith] spent more than 5-years creating his latest work... a film that tells the tale of how newspapers business model is faltering, not just because of the loss of advertising and digital disruption; but also to capitalist greed, as hedge funds and corporate America buy them, sell their assets and leave the communities they serve without their local "voice" and a final check on power.
On the podcast, Goldsmith notes that in many cases a paper's assets "were the newspaper buildings and the printing presses... These were worth in many cases more than the newspapers themselves." After laying off staff, the hedge fund could also downsize out of those buildings.

By 2021 Alden owned 100 newspapers and 200 more publications — and then acquired Tribune Publishing to become America's second-largest newspaper publisher.

The hedge fund currently owns several newspapers in the San Francisco Bay Area, according to SFGate: At first, Goldsmith's documentary might seem like it's delivering more bad news. But it avoids despair, offering hope on the horizon for news deserts where aggressive reporting is needed. It introduces the notion that the traditional capitalist business model is failing the news industry, and that nonprofit organizations must be providers of local coverage.

Long-time Slashdot reader destinyland writes: The Linux Foundation recently funded a new "security developer in residence" position for Python. (It's funded through the Linux Foundation's own "Open Software Security foundation", which has a stated mission of partnering with open source project maintainers "to systematically find new, as-yet-undiscovered vulnerabilities in open source code, and get them fixed to improve global software supply chain security.") The position went to the lead maintainer for the HTTP client library urllib3, the most downloaded package on the Python Package Index with over 10 billion downloads. But he hopes to create a ripple effect by demonstrating the impact of security investments in critical communities — ultimately instigating a wave of improvements to all software supply chains. (And he's also documenting everything for easy replication by other communities...)

So far he's improved the security of Python's release processes with signature audits and security-hardening automation. But he also learned that CVE numbers were being assigned to newly-discovered vulnerabilities by the National Cyber Security Division of the America's Department of Homeland Security — often without talking to anyone at the Python project. So by August he'd gotten the Python Software Foundation authorized as a CVE Numbering Authority, which should lead to more detailed advisories (including remediation information), now reviewed and approved by Python's security response teams.

"The Python Software wants to help other Open Source organizations, and will be sharing lessons learned," he writes in a blog post. And he now says he's already been communicating with the Curl program about his experiences to help them take the same step, and even authored a guide to the process for other open source projects.

This week the Microsoft Security Response Center celebrated the 20th anniversary of Patch Tuesday updates.

In a blog post they call the updates "an initiative that has become a cornerstone of the IT world's approach to cybersecurity." Originating from the Trustworthy Computing memo by Bill Gates in 2002, our unwavering commitment to protecting customers continues to this day and is reflected in Microsoft's Secure Future Initiative announced this month. Each month, we deliver security updates on the second Tuesday, underscoring our pledge to cyber defense. As we commemorate this milestone, it's worth exploring the inception of Patch Tuesday and its evolution through the years, demonstrating our adaptability to new technology and emerging cyber threats...

Before this unified approach, our security updates were sporadic, posing significant challenges for IT professionals and organizations in deploying critical patches in a timely manner. Senior leaders of the Microsoft Security Response Center (MSRC) at the time spearheaded the idea of a predictable schedule for patch releases, shifting from a "ship when ready" model to a regular weekly, and eventually, monthly cadence...

This led to a shift from a "ship when ready" model to a regular weekly, and eventually, monthly cadence. In addition to consolidating patch releases into a monthly schedule, we also organized the security update release notes into a consolidated location. Prior to this change, customers had to navigate through various Knowledge Base articles, making it difficult to find the information they needed to secure themselves. Recognizing the need for clarity and convenience, we provided a comprehensive overview of monthly releases. This change was pivotal at a time when not all updates were delivered through Windows Update, and customers needed a reliable source to find essential updates for various products.

Patch Tuesday has also influenced other vendors in the software and hardware spaces, leading to a broader industry-wide practice of synchronized security updates. This collaborative approach, especially with hardware vendors such as AMD and Intel, aims to provide a united front against vulnerabilities, enhancing the overall security posture of our ecosystems. While the volume and complexity of updates have increased, so has the collaboration with the security community. Patch Tuesday has fostered better relationships with security researchers, leading to more responsible vulnerability disclosures and quicker responses to emerging threats...

As the landscape of security threats evolves, so does our strategy, but our core mission of safeguarding our customers remains unchanged.

An anonymous reader quotes a report from The Guardian: Ten lighthouses that for generations have stood like sentinels along America's shorelines protecting mariners from peril and guiding them to safety are being given away at no cost or sold at auction by the federal government. The aim of the program run by the General Services Administration is to preserve the properties, most of which are more than a century old. The development of modern technology, including GPS, means lighthouses are no longer essential for navigation, said John Kelly of the GSA's office of real property disposition. And while the Coast Guard often maintains aids to navigation at or near lighthouses, the structures themselves are often no longer mission critical.

Yet the public remains fascinated by the evocative beacons, which are popular tourist attractions, beloved local landmarks and the subject of countless photographers and artists, standing lonely but strong against tides and storms, day and night and flashing life-saving beams of light whatever the weather. "People really appreciate the heroic role of the solitary lighthouse keeper," he said, explaining their allure. "They were really the instruments to provide safe passage into some of these perilous harbors which afforded communities great opportunities for commerce, and they're often located in prominent locations that offer breathtaking views."

The GSA has been transferring ownership of lighthouses since Congress passed the National Historic Lighthouse Preservation Act in 2000. About 150 lighthouses have been transferred, 80 or so given away and another 70 auctioned, raising more than $10m. This year, six lighthouses are being offered at no cost to federal, state or local government agencies, non-profits, educational organizations or other entities that are willing to maintain and preserve them and make them publicly available for educational, recreational or cultural purposes. [...] Some past lighthouse sales have ended up with them converted into private residences.

Two years ago Slashdot covered "the ad-free, privacy-first search engine from ex-Googlers" — with a $4.95 monthly subscription fee.

Today long-time Slashdot reader imcdona brings the news that "Neeva" is now shutting down. From Neeva's announcement: We started Neeva with the mission to take search back to its users. Having worked on search and search ads for over a decade, we sincerely believed that there was space for a model of search that put user and not advertiser interests first — a private, ads-free experience.

Building search engines is hard. It is even harder to do with a tiny team of 50 people who are up against entrenched organizations with endless resources. We overcame these obstacles and built a search stack from the ground up, running a crawl that fetched petabytes of information from the web and used that to power an independent search stack.

In early 2022, the upcoming impact of generative AI and LLMs became clear to us. We embarked on an ambitious effort to seamlessly blend LLMs into our search stack. We rallied the Neeva team around the vision to create an answer engine. We are proud of being the first search engine to provide cited, real-time AI answers to a majority of queries early this year.

But throughout this journey, we've discovered that it is one thing to build a search engine, and an entirely different thing to convince regular users of the need to switch to a better choice. From the unnecessary friction required to change default search settings, to the challenges in helping people understand the difference between a search engine and a browser, acquiring users has been really hard. Contrary to popular belief, convincing users to pay for a better experience was actually a less difficult problem compared to getting them to try a new search engine in the first place.

These headwinds, combined with the different economic environment, have made it clear that there is no longer a path towards creating a sustainable business in consumer search.

As a result, over the next few weeks, we will be shutting down neeva.com and our consumer search product, and shifting to a new area of focus.
"As part of the shutdown, we are deleting all user data..." the announcement emphasizes. "We are truly grateful to our community, and we are truly sorry that we aren't able to continue to provide the search engine that you want and deserve."

So what happens next? Many of the techniques we have pioneered with small models, size reduction, latency reduction, and inexpensive deployment are the elements that enterprises really want, and need, today. We are actively exploring how we can apply our search and LLM expertise in these settings, and we will provide updates on the future of our work and our team in the next few weeks.

An anonymous reader quotes a report from TechCrunch: AI, specifically generative AI, has the potential to transform healthcare. At least, that's the sales pitch from Hippocratic AI, which emerged from stealth today with a whopping $50 million in seed financing behind it and a valuation in the "triple-digit millions." The tranche, co-led by General Catalyst and Andreessen Horowitz, is a big vote of confidence in Hippocratic's technology, a text-generating model tuned specifically for healthcare applications.

Hippocratic -- hatched out of General Catalyst -- was founded by a group of physicians, hospital administrators, Medicare professionals and AI researchers from organizations including Johns Hopkins, Stanford, Google and Nvidia. After co-founder and CEO Munjal Shah sold his previous company, Like.com, a shopping comparison site, to Google in 2010, he spent the better part of the next decade building Hippocratic. "Hippocratic has created the first safety-focused large language model (LLM) designed specifically for healthcare," Shah told TechCrunch in an email interview. "The company mission is to develop the safest artificial health general intelligence in order to dramatically improve healthcare accessibility and health outcomes."

Shah emphasized that Hippocratic isn't focused on diagnosing. Rather, he says, the tech -- which is consumer-facing -- is aimed at use cases like explaining benefits and billing, providing dietary advice and medication reminders, answering pre-op questions, onboarding patients and delivering "negative" test results that indicate nothing's wrong. [...] Shah claims that Hippocratic's AI outperforms leading language models including GPT-4 and Claude on more than 100 healthcare certifications, including the NCLEX-RN for nursing, the American Board of Urology exam and the registered dietitian exam. Hippocratic aims to have its LLM detect tone and communicate empathy better than its rivals -- in part by "building in" good bedside manner, says Shah. They have designed a benchmark to evaluate their model's humanistic qualities, and it scored higher than other models, including GPT-4.

As for whether or not it can replace a healthcare worker, Hippocratic argues that their models, trained under medical professionals' supervision, possess high capabilities.

"We're only releasing each role -- dietician, billing agent, genetic counselor, etc. -- once the people who actually do that role today in real life agree the model is ready," Shah said. "In the pandemic, labor costs went up 30% for most health systems, but revenue didn't. Hence, most health systems in the country are financially struggling. Language models can help them reduce costs by filling their current large level of vacancies in a more cost-effective way."

The Python Software Foundation is "concerned that proposed EU cybersecurity laws will leave open source organizations and individuals unfairly liable for distributing incorrect code," according to the Register. The PSF reviewed the EU's proposed "Cyber Resilience Act" and "Product Liability Act" and reports "issues that put the mission of our organization and the health of the open-source software community at risk."

From the Register's report: "If the proposed law is enforced as currently written, the authors of open-source components might bear legal and financial responsibility for the way their components are applied in someone else's commercial product," the PSF said in a statement shared on Tuesday by executive director Deb Nicholson. "The existing language makes no differentiation between independent authors who have never been paid for the supply of software and corporate tech behemoths selling products in exchange for payments from end-users...."

The PSF argues the EU lawmakers should provide clear exemptions for public software repositories that serve the public good and for organizations and developers hosting packages on public repositories. "We need it to be crystal clear who is on the hook for both the assurances and the accountability that software consumers deserve," the PSF concludes. The PSF is asking anyone who shares its concerns to convey that sentiment to an appropriate EU Member of Parliament by April 26, while amendments focused on protecting open source software are being considered.

Bradley Kuhn, policy fellow at the Software Freedom Conservancy, told The Register that the free and open source (FOSS) community should think carefully about the scope of the exemptions being sought. "I'm worried that many in FOSS are falling into a trap that for-profit companies have been trying to lay for us on this issue," he said. "While it seems on the surface that a blanket exception for FOSS would be a good thing for FOSS, in fact, this an attempt for companies to get the FOSS community to help them skirt their ordinary product liability. For profit companies that deploy FOSS should have the same obligations for security and certainty for their users as proprietary software companies do."
The article points out that numerous tech organizations are urging clarifications in the proposed regulations, including NLnet Labs and the Eclipse Foundation.

An anonymous reader shares this report from Dark Reading: In recent weeks, hackers have been deploying the "IceFire" ransomware against Linux enterprise networks, a noted shift for what was once a Windows-only malware.

A report from SentinelOne suggests that this may represent a budding trend. Ransomware actors have been targeting Linux systems more than ever in cyberattacks in recent weeks and months, notable not least because "in comparison to Windows, Linux is more difficult to deploy ransomware against, particularly at scale," Alex Delamotte, security researcher at SentinelOne, tells Dark Reading....

"[M]any Linux systems are servers," Delamotte points out, "so typical infection vectors like phishing or drive-by download are less effective." So instead, recent IceFire attacks have exploited CVE-2022-47986 — a critical remote code execution (RCE) vulnerability in the IBM Aspera data transfer service, with a CVSS rating of 9.8.

Delamotte posits a few reasons for why more ransomware actors are choosing Linux as of late. For one thing, she says, "Linux-based systems are frequently utilized in enterprise settings to perform crucial tasks such as hosting databases, Web servers, and other mission-critical applications. Consequently, these systems are often more valuable targets for ransomware actors due to the possibility of a larger payout resulting from a successful attack, compared to a typical Windows user."

A second factor, she guesses, "is that some ransomware actors may perceive Linux as an unexploited market that could yield a higher return on investment."
While previous reports had IceFire targetting tech companies, SentinelLabs says they've seen recent attacks against organizations "in the media and entertainment sector," impacting victims "in Turkey, Iran, Pakistan, and the United Arab Emirates, which are typically not a focus for organized ransomware actors."

With more lunar missions than ever on the horizon, the European Space Agency wants to give the moon its own time zone. The Associated Press reports: This week, the agency said space organizations around the world are considering how best to keep time on the moon. The idea came up during a meeting in the Netherlands late last year, with participants agreeing on the urgent need to establish "a common lunar reference time," said the space agency's Pietro Giordano, a navigation system engineer. "A joint international effort is now being launched towards achieving this," Giordano said in a statement.

For now, a moon mission runs on the time of the country that is operating the spacecraft. European space officials said an internationally accepted lunar time zone would make it easier for everyone, especially as more countries and even private companies aim for the moon and NASA gets set to send astronauts there. [...] The international team looking into lunar time is debating whether a single organization should set and maintain time on the moon, according to the European Space Agency.

There are also technical issues to consider. Clocks run faster on the moon than on Earth, gaining about 56 microseconds each day, the space agency said. Further complicating matters, ticking occurs differently on the lunar surface than in lunar orbit. Perhaps most importantly, lunar time will have to be practical for astronauts there, noted the space agency's Bernhard Hufenbach. "This will be quite a challenge" with each day lasting as long as 29.5 Earth days, Hufenbach said in a statement. "But having established a working time system for the moon, we can go on to do the same for other planetary destinations."

An anonymous reader quotes a report from BleepingComputer: The United Kingdom's National Cyber Security Centre (NCSC), the government agency that leads the country's cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities. The goal is to assess UK's vulnerability to cyber-attacks and to help the owners of Internet-connected systems understand their security posture. "These activities cover any internet-accessible system that is hosted within the UK and vulnerabilities that are common or particularly important due to their high impact," the agency said. "The NCSC uses the data we have collected to create an overview of the UK's exposure to vulnerabilities following their disclosure, and track their remediation over time."

NCSC's scans are performed using tools hosted in a dedicated cloud-hosted environment from scanner.scanning.service.ncsc.gov.uk and two IP addresses (18.171.7.246 and 35.177.10.231). The agency says that all vulnerability probes are tested within its own environment to detect any issues before scanning the UK Internet. "We're not trying to find vulnerabilities in the UK for some other, nefarious purpose," NCSC technical director Ian Levy explained. "We're beginning with simple scans, and will slowly increase the complexity of the scans, explaining what we're doing (and why we're doing it)." The NCSC says it will "take steps to remove [any sensitive or personal data] and prevent it from being captured again in the future."

British organizations can opt out of having their servers scanned by emailing a list of IP addresses they want to be excluded at scanning@ncsc.gov.uk.

America's Department of Agriculture and NASA recently announced the Artemis Moon Trees Program. After the first launch of its SLS super-heavy-lift launch vehicle, "the seeds carried on Artemis I will be grown into seedlings by the Forest Service and distributed to locations across the U.S."

But it's just part of a larger initiative. The U.S. government announced Friday that it's working with "a new coalition of space companies that will focus on increasing the space industry's capacity to meet the rising demand for the skilled technical workforce" — partly by inspiring and educating the next generation. This coalition includes Lockheed Martin, Northrop Grumman, Boeing, Blue Origin, Jacobs, L3Harris, Planet Labs PBC, Rocket Lab, Sierra Space, Space X and Virgin Orbit.

Long-time Slashdot reader theodp writes: Yesterday at the second convening of America's National Space Council, Vice President Kamala Harris announced "new commitments from the U.S. government, private sector companies, education and training providers, and philanthropic organizations to support space-related STEM initiatives to inspire, prepare, and employ the next generation of the space workforce..." according to a statement from the White House, "to address the challenges of today and prepare for the discoveries of tomorrow...."

Among those anchoring the Administration's efforts to increase the space industry's capacity to meet the rising demand for the skilled technical workforce is Amazon founder Jeff Bezos' space tourism company Blue Origin, which will be joined by industry partner Amazon to inspire youth to pursue space STEM careers. "Blue Origin's Club for the Future," the White House explains, "is launching Space Days to engage millions of students, teachers and school administrators in the excitement of space and space careers." Club for the Future, as reported earlier on Slashdot, is the Blue Origin founded-and-funded tax-exempt foundation that received the $28 million proceeds of a single auctioned ticket to accompany Bezos on Blue Origin's maiden 11-minute space tourism flight in June 2021. The nonprofit's mission is "to inspire future generations to pursue careers in STEM and to help invent the future of life in space."

The White House also announced that Amazon and Bezos-funded nonprofit Code.org "will highlight connections between computer science and space exploration in the 2022 Hour of Code. Students will have the opportunity to explore and develop coding skills through engaging, space-themed tutorials and create shareable projects. Through a collaboration with NASA, the U.S. Space Force, America's Department of Energy, and the U.S. Geological Survey, students will also learn about different careers and pathways for space careers in these agencies. Code.org reaches approximately 15 million students annually." Amazon reported in 2018 on its efforts to accelerate K-12 CS education in the U.S. with Code.org to "support the much-needed pipeline for workers who are well versed in computer science."
The coalition's other efforts include three pilot programs collaborating with community colleges, unions and others "to demonstrate a replicable and scalable approach to attracting, training and creating employment opportunities." Federal agencies and the Smithsonian Institute also launched a new web site with free space-related resources for K-12 educators which also promotes career awareness.

And NASA also released an educator resources hub that includes a LEGO Build to Launch Series — plus $4 million in educational grants.

An anonymous reader quotes a report from Forbes: According to cyber security firm Volexity, the threat research team has found the North Korean 'SharpTongue' group, which appears to be part of, or related to, the Kimsuky advanced persistent threat group, deploying malware called SHARPEXT that doesn't need your Gmail login credentials at all. Instead, it "directly inspects and exfiltrates data" from a Gmail account as the victim browses it. This quickly evolving threat, Volexity says it is already on version 3.0 according to the malware's internal versioning, can steal email from both Gmail and AOL webmail accounts, and works across three browsers: Google Chrome, Microsoft Edge, and a South Korean client called Whale.

The U.S. Cybersecurity & Infrastructure Security Agency, CISA, reports that Kimsuky has been operating since 2012, and is "most likely tasked by the North Korean regime with a global intelligence gathering mission." While CISA sees Kimsuky most often targeting individuals and organizations in South Korea, Japan, and the U. S., Volexity says that the SharpTongue group has frequently been seen targeting South Korea, the U. S. and Europe. The common denominator between them is that the victims often " work on topics involving North Korea, nuclear issues, weapons systems, and other matters of strategic interest to North Korea."

The report says that SHARPEXT differs from previous browser extensions deployed by these hacking espionage groups in that it doesn't attempt to grab login credentials but bypasses the need for these and can grab email data as the user reads it. The good news is that your system needs to be compromised by some means before this malicious extension can be deployed. Unfortunately, we know all too well that system compromise is not as difficult as it should be. Once a system has been compromised by phishing, malware, unpatched vulnerabilities, whatever, the threat actors can install the extension using a malicious VB script that replaces the system preference files. Once that's done and the extension runs quietly in the background, it is tough to detect. The user logs in to their Gmail account from their normal browser on the expected system. The security researchers recommend "enabling and analyzing PowerShell ScriptBlock logging" to detect whether you've been targeted by this attack, reports Forbes. Additionally, they recommend reviewing installed extensions regularly, especially looking for ones you don't recognize or are not available from the Chrome Web Store.

This week Amazon announced that "Approximately 1,500 local Amazon employees will operate and work with innovative robotics technology" at a new fulfillment center that's a first of its kind for Central New York.

Amazon's press release says they've created 39,000 jobs in New York since 2010 — and "invested over $14 billion in the state of New York" — though they're counting what they paid workers as "investing" (as well as what they paid to build Amazon's infrastructure).

Long-time Slashdot reader theodp writes: In 2019, Onondaga County (New York) officials unanimously approved $71 million in tax breaks to support the development of a giant warehouse in the Town of Clay... "I am very excited to see this tremendous investment in Central New York coming to fruition," said U.S. Representative John Katko. "The new Fulfillment Center will be revolutionary for our region, creating over 1,500 jobs and making significant contributions to the local economy."

Driving home Katko's point, the press release added, "In April of 2021, Amazon furthered its commitment to invest in education programs that will drive future innovation in the communities it serves by donating $1.75 million to construct a new STEAM (Science, Technology, Engineering, Arts, and Math) high school in Onondaga County. Amazon's donation will fund robotics and computer science initiatives at the new school [presumably using Amazon-supported curriculum providers]." Unlike Amazon's Fulfillment Center, the new STEAM high school is unlikely to open before Fall 2023 at the earliest, as the $74-million-and-counting project (that Amazon is donating $1.75M towards) to repurpose a school building that has sat empty since 1975 has experienced delays and cost increases.
Amazon's press release notes the company also donated $150,000 to be "the presenting sponsor" for the three-day Syracuse Jazz Fest. And it also touts Amazon's support for these other central New York organizations (without indicating the amount contributed):

• Rescue Mission Alliance: Working to end homelessness and hunger in greater Syracuse.
• Milton J. Rubenstein Museum of Science and Technology (MOST): Supporting the "Be the Scientist" program for Syracuse-area public school students to visit the museum and learn about STEM careers and sponsor planetarium shows for area students.
• The Good Life Foundation, a nonprofit serving youth in downtown Syracuse
• DeWitt Rotary Club

An anonymous reader quotes a report from ZDNet, written by Steven Vaughan-Nichols: Mainframes and AI? Isn't that something like a Model-T Ford with a Tesla motor? Actually, no. Mainframes are as relevant in 2022 as they were in the 1960s. IBM's new IBM z16, with its integrated on-chip Telum AI accelerator, is ready to analyze real-time transactions, at scale. This makes it perfect for mainframe mission-critical workloads such as healthcare and financial transactions. This 21st century Big Iron AI accelerator is built onto its core Telum processor. With this new dual-processor 5.2 GHz chip and its 16 cores, it can perform 300 billion deep-learning inferences per day with one-millisecond latency. Can you say fast? IBM can.

Anthony Saporito, a senior technical staff member for IBM Z hardware development, said "One of the Telum design's key innovations is we built an AI accelerator right onto the silicon of the chip and we directly connected all of the cores and built an ecosystem up the stack. Through the hardware design, firmware, the operating systems, and the software, deep learning is built into all of the transactions." According to Patrick Moorhead, Moor Insights & Strategy's chief analyst, "The AI accelerator is a game-changer. The z16 with z/OS has a 20x response time with 19x higher throughput when inferencing compared to a comparable x86 cloud server with 60ms average network latency."

The new model z16 also includes a so-called quantum-safe system to protect organizations from near-future threats that might crack today's encrypted files. This is done with the z16's support of the Crypto Express8S adapter. Built around a CCA cryptographic coprocessor and a PKCS #11 cryptographic coprocessor, it enables users to develop quantum-safe cryptography. It also works with classical cryptography. If you want your data and transactions to be safe both today and tomorrow, this deserves your attention.

Google's Threat Analysis Group announced on Thursday that it had discovered a pair of North Korean hacking cadres going by the monikers Operation Dream Job and Operation AppleJeus in February that were leveraging a remote code execution exploit in the Chrome web browser. From a report: The blackhatters reportedly targeted the US news media, IT, crypto and fintech industries, with evidence of their attacks going back as far as January 4th, 2022, though the Threat Analysis Group notes that organizations outside the US could have been targets as well.

"We suspect that these groups work for the same entity with a shared supply chain, hence the use of the same exploit kit, but each operate with a different mission set and deploy different techniques," the Google team wrote on Thursday. "It is possible that other North Korean government-backed attackers have access to the same exploit kit." Operation Dream Job targeted 250 people across 10 companies with fraudulent job offers from the likes of Disney and Oracle sent from accounts spoofed to look like they came from Indeed or ZipRecruiter. Clicking on the link would launch a hidden iframe that would trigger the exploit.

An anonymous reader quotes a report from Ars Technica: This week, the US Air Force Research Laboratory released a video on YouTube that didn't get much attention. But it made an announcement that is fairly significant -- the US military plans to extend its space awareness capabilities beyond geostationary orbit, all the way to the Moon. "Until now, the United States space mission extended 22,000 miles above Earth," a narrator says in the video. "That was then, this is now. The Air Force Research Laboratory is extending that range by 10 times and the operations area of the United States by 1,000 times, taking our reach to the far side of the Moon into cislunar space."

The US military had previously talked about extending its operational domain, but now it is taking action. It plans to launch a satellite, likely equipped with a powerful telescope, into cislunar space. According to the video, the satellite will be called the Cislunar Highway Patrol System or, you guessed it, CHPS. The research laboratory plans to issue a "request for prototype proposals" for the CHPS satellite on March 21 and announce the contract award in July. The CHPS program will be managed by Michael Lopez, from the lab's Space Vehicles Directorate. (Alas, we were rooting for Erik Estrada).

This effort will include the participation of several military organizations, and it can be a little confusing to keep track of. Essentially, though, the Air Force lab will oversee the development of the satellite. The US Space Force will then procure this capability for use by the US Space Command, which is responsible for military operations in outer space. Effectively, this satellite is the beginning of an extension of operations by US Space Command from geostationary space to beyond the Moon. [...] So why is US Space Command interested in expanding its theater of operations to include the Moon? The primary reason cited in the video is managing increasing space traffic in the lunar environment, including several NASA-sponsored commercial missions, the space agency's Artemis program, and those of other nations. Another strategic element includes the ability to detect space objects, such as those placed into cislunar space by other governments, that could swing around the Moon and potentially come back to attack a U.S. military satellite in geostationary space.

"I think that's far fetched, but it is feasible from a physics perspective and would definitely exploit a gap in their current space domain awareness," said Brian Weeden, director of program planning for the Secure World Foundation. "I think they are far more concerned about that than any actual threats in cislunar space because the US doesn't have any military assets in cislunar space right now."

The 111-year-old tech institution today announced it will offer the Z mainframe platform on the IBM Cloud, by offering virtual machines running z/OS as-a-service. The Register reports: These VMs are intended for mainframe test and development environments, rather than have Big Blue care for and feed virtual production mainframes in the cloud for you. The service will be tied to Wazi -- an IBM development environment for mainframe applications. Test and dev was one of the first workloads suggested as an ideal candidate to run in the cloud. Before elastic infrastructure-as-a-service, organizations often found themselves building and operating replicas of their production stacks for their developers. Renting such environments as and when needed in the cloud was often -- and often remains -- cheaper than owning and operating the necessary infrastructure.

This infrastructure-as-a-service offering is therefore pitched as a way to reduce the time and resources required to develop mainframe applications. IBM said the new offering is currently a "closed experimental" technology -- we think that means closed beta. It's certainly not mentioned in the catalog of the IBM Cloud account your correspondent maintains, so information on cost or specs is not available at the time of writing. The service will become generally available in the second half of 2022 -- after IBM's 112th birthday.

Smithsonian magazine explores the many Mars simulation facilities around the world, including the Mars Desert Research Station — which is located in Utah, four hours south of Salt Lake City, "but everyone spoke and acted as though they were actually on Mars." A group of six people lived in a two-story cylindrical building. The commander, a former member of the Army National Guard, kept the participants on a strict schedule of fixing electrical systems, taking inventory, tidying up the facilities and sampling the soil. Everyone was assigned a special role: [photographer] Klos' was to prepare reports to share with the public. The health safety officer kept tabs on the crew's well-being, and the engineer monitored levels of carbon dioxide and solar power. Before stepping outside in a spacesuit, Klos and the others had to get permission from mission control back on "Earth" (actually a coordinator stationed in a nearby town). That person would send information about the winds and weather, and determine how long each person could stay outside the base. Sometimes dust storms rolled in, cutting off the solar power supply just as they would on Mars...

There are about a dozen such habitats around the globe, hosting simulations that run anywhere from two weeks to a full year. One of these is run by NASA's Human Research Program at the Johnson Space Center in Houston. But other facilities are funded by private organizations. The Mars Society, established by Brooklyn-born aerospace engineer Robert Zubrin, operates the habitat in Utah, where Klos returned for another mission in 2017, and another in the Canadian Arctic. Klos also took part in a mission at the Hawaii Space Exploration Analog and Simulation, or HI-SEAS. The facility is run by the International MoonBase Alliance, a group founded by the Dutch entrepreneur Henk Rogers.

HI-SEAS is located on Hawaii's big island at 8,200 feet above sea level, on top of the active volcano Mauna Loa. NASA's Goddard Space Flight Center is collaborating with the facility to gather information about volcanic caves and the microbes that live in those Mars-like conditions. HI-SEAS is also studying the limitations of doing that kind of work while wearing heavy spacesuits. It's hard enough for astronauts to hold a screwdriver in a gloved hand while repairing the International Space Station, but if people are going to be clambering on Martian rocks looking for microbes, they'll need the right gear.
The article notes these missions "are open to people who have no background in science, engineering or astronaut training. After all, the goal is to send ordinary folks into space, so it's worth finding out whether ordinary folks can coexist in Mars-like conditions here on Earth." (Some are even recruited off the internet.) "Sometimes people make the critique that we're role-playing too much," the photographer tells the magazine. "But the goal is to really live the way people are going to live on Mars so scientists can figure out how to make it work when we get there."

And the article also points out that "The data we're gathering now about surviving on solar power, conserving water and growing plants in arid conditions could be useful here at home as our climate changes."

After the U.S. Copyright Office's once-every-three-years review of allowed exemptions, "We have some good news to share...." reads a new announcement this week from the Free Software Foundation: The FSF was one of several activist organizations pushing for exemptions to the anticircumvention rules under the Digital Millennium Copyright Act (DMCA) that make breaking Digital Restrictions Management (DRM) illegal, even for ethical and legitimate purposes. We helped bring public awareness to a process that is too often only a conversation between lawyers and bureaucrats.

As of late last week, there are now multiple new exemptions that will help ease some of the acute abuse DRM inflicts on users.

However, the main lesson to be learned here is that we should and must keep pushing. Individual, specific exemptions are not enough. The entire anticircumvention law needs to be repealed. We want to thank the 230 individuals who co-signed their names to our comments supporting exemptions across the board. We should take this as a sign that even though it can be difficult, anti-DRM activism yields practical results.

Section 1201 is one of the most nefarious sections of the DMCA. The provisions contained in 1201 impose legal penalties against anyone trying to circumvent the DRM on their software and devices or, in other words, anyone who tries to control that software or device themselves instead of leaving it up to its corporate overlords.... It takes the hard work of hundreds to secure the anticircumvention use exemptions we already have, and even more work to eke out a few more. Yet thanks to the support of citizens, activists, and researchers around the world, the U.S. Copyright Office has approved a few more, while at the same time demonstrating the DMCA's serious flaws.

In coverage of the new round of anticircumvention exemptions we've seen so far, something that stands out is the U.S. Copyright Office's approval for blind users to break the digital restrictions preventing any ebooks from being processed through a screen reader. At least at first glance, it looks like a big win for all of us concerned with user freedom, but a closer look shows something more sinister, as the U.S. Copyright Office refused to make this exemption permanent. The message this sends to all user freedom activists, but especially the visually impaired among us, is: "we're giving you this now because it would seem inhumane otherwise, but we hope that you'll forget to fight for it later so we can allow corporations to keep on restricting you...."

[P]articipating organizations have been able to make progress on other important exemptions, whether that's the right to install free software on wireless routers or the right to repair dedicated devices like game consoles. It's the coalescing of groups like these that is "chipping away" at Section 1201. At the same time, it's telling that we're forced to fight tooth and nail for the meager exemptions we're granted, even with such a broad base of support. The corporations who have a vested interest in the DMCA and Congress itself are content with the status quo, but we shouldn't be content with patches on a broken system. Incremental progress against Section 1201 is of course a good thing, but we shouldn't lose sight of our goal as user freedom activists: a complete repeal of Section 1201, and all other laws that codify or mandate DRM.

The Defective by Design campaign takes a radical stance when it comes to DRM and the laws that support it. We believe that they should not exist at all, under any circumstance, and we need your help to support this mission....