The popular nutrition and weight loss app MyFitnessPal is moving its free barcode scanning feature behind the paywall. The Verge reports: For years, users with free accounts have been able to use this tool to scan food barcodes for easy logging and tracking of daily calorie intake, but the company recently announced that beginning October 1st, a premium account will be required. MyFitnessPal's daily calorie counting is a key component of the app, with the barcode scanner offering a shortcut to finding nutritional value for a specific food item in the app's vast database of food. Much of that database is user-generated, with both free and premium users able to add any food by entering the nutrition facts and barcode off a label. Once October 1st rolls around, free users will still be able to search the database for their food entries, but the barcode scanner will cost $19.99 per month or $79.99 for an annual plan, along with other premium features. And any new users that create a free account on or after September 1st will be shut out from scanning barcodes even earlier unless they pay. "By losing the barcode scanner, MyFitnessPal is doing its users an egregious disservice," writes The Verge's Antonio G. Di Benedetto. "Losing weight and being cognizant of what you eat is hard enough."

"MyFitnessPal is obviously looking to maximize profits, but if the popular r/loseit subreddit is any indication, many users may consider switching to competing apps like Cronometer, Loseit, or Macros over this loss."

Matt Edmondson, a hacker and digital forensics expert, built a Raspberry Pi-powered anti-tracking tool that "scans for nearby devices and alerts you if the same phone is detected multiple times within the past 20 minutes," reports Wired. The device, which can be carried around or placed in a car, consists of parts that cost around $200 in total. From the report: The homemade system works by scanning for wireless devices around it and then checking its logs to see whether they also were present within the past 20 minutes. It was designed to be used while people are on the move rather than sitting in, say, a coffee shop, where it would pick up too many false readings. The anti-tracking tool, which can sit inside a shoebox-sized case, is made up of a few components. A Raspberry Pi 3 runs its software, a Wi-Fi card looks for nearby devices, a small waterproof case protects it, and a portable charger powers the system. A touchscreen shows the alerts the device produces. Each alert may be a sign that you are being tailed. The device runs Kismet, which is a wireless network detector, and is able to detect smartphones and tablets around it that are looking for Wi-Fi or Bluetooth connections. The phones we use are constantly looking for wireless networks around them, including networks they've connected to before as well as new networks.

Edmondson says Kismet makes a record of the first time it sees a device and then the most recent time it was detected. But to make the anti-tracking system work, he had to write code in Python to create lists of what Kismet detects over time. There are lists for devices spotted in the past five to 10 minutes, 10 to 15 minutes, and 15 to 20 minutes. If a device appears twice, an alert flashes up on the screen. The system can show a phone's MAC address, although this is not much use if it's been randomized. It can also record the names of Wi-Fi networks that devices around it are looking for -- a phone that's trying to connect to a Wi-Fi network called Langley may give some clues about its owner. "If you have a device on you, I should see it," he says. In an example, he showed WIRED that a device was looking for a network called SAMSUNGSMART.

To stop the system from detecting your own phone or those of other people traveling with you, it has an "ignore" list. By tapping one of the device's onscreen buttons, it's possible to "ignore everything that it has already seen." Edmondson says that in the future, the device could be modified to send a text alert instead of showing them on the screen. He is also interested in adding the capability to detect tire-pressure monitoring systems that could show recurring nearby vehicles. A GPS unit could also be added so you can see where you were when you were being tracked, he says. [...] Edmondson has no plans to make the device into a commercial product, but he says the design could easily be copied and reused by anyone with some technical knowledge. Many of the parts involved are easy to obtain or may be lying around the homes of people in tech communities. For those interested, Edmondson open-sourced its underlying code and plans to present the research project at the Black Hat security conference in Las Vegas this week.

An anonymous reader quotes a report from Ars Technica: Amazon will expand its Amazon One palm print checkout system to dozens of Whole Foods locations, marking the most significant expansion of the technology that was introduced in 2020. Amazon One allows customers to speedily check out at retail locations using only their palm prints after storing a scan of their hand via an interface at Amazon's kiosks. The palm print data is encrypted and stored on Amazon's servers. And before you worry too much about COVID-19 transmission or future pandemics, Amazon One works when you hover your palm over the scanner -- unlike some handprint tech.

Amazon initially added the technology in its Amazon Go stores and the now-shuttered Amazon Books retail locations. It then made its way to several Whole Foods locations in the Seattle area. (Amazon has owned the Whole Foods grocery chain since 2017.) Now, Amazon Go will expand to 65 Whole Foods stores across California. The rollout starts in Malibu and Santa Monica, with more locations adopting it in Los Angeles, Santa Cruz, and the Bay Area over the next few weeks. Amazon previously rolled the tech out to a few select locations in California, but never at this scale.

Today saw the release of Linux Mint 21 "Vanessa" Cinnamon Edition, a long term support release (supported until 2027).

Release notes at LinuxMint.com promise that it comes with "refinements and many new features to make your desktop experience more comfortable." Among the highlights: its Bluetooth manager is now Blueman (instead of Blueberry). Blueberry depended on gnome-bluetooth, which was developed exclusively for GNOME. In contrast, Blueman relies on the standard Bluez stack which works everywhere and can even be used or queried from the command line. The Blueman manager and tray icon provide many features that weren't available in Blueberry and a lot more information which can be used to monitor your connection or troubleshoot Bluetooth issues.

Out of the box Blueman features better connectivity, especially when it comes to headsets and audio profiles. In preparation for Linux Mint 21 the Blueman user interface was improved and received support for symbolic icons. Upstream, Blueman and Bluez are actively developed and used in many environments.

The lack of thumbnails for some common file types was identified as a usability issue. To address it a new Xapp project called xapp-thumbnailers was started and is now featured in Linux Mint 21. The project brings support for the following mimetypes:

- AppImage
- ePub
- MP3 (album cover)
- RAW pictures (most formats)
- Webp

Automated tasks are great to keep your computer safe but they can sometimes affect the system's performance while you're working on it. A little process monitor was added to Linux Mint to detect automated updates and automated system snapshots running in the background. Whenever an automated task is running the monitor places an icon in your system tray. Your computer might still become slow momentarily during an update or a snapshot, but with a quick look on the tray you'll immediately know what's going on....

Linux Mint 21 uses IPP, also known as Driverless Printing and Scanning (i.e. a standard protocol which communicates with printers/scanners without using drivers). For most printers and scanners no drivers are needed, and the device is detected automatically.
And there's also a fabulous collection of new backgrounds.

"In what's being hailed as an important first for chemistry, an international team of scientists has developed a new technology that can selectively rearrange atomic bonds within a single molecule," reports New Atlas. "The breakthrough allows for an unprecedented level of control over chemical bonds within these structures, and could open up some exciting possibilities in what's known as molecular machinery."

"Selective chemistry — the ability to steer reactions at will and to form exactly the chemical bonds you want and no others — is a long-standing quest in chemistry," adds the announcement from IBM Research. "Our team has been able to achieve this level of selectivity in tip-induced redox reactions using scanning probe microscopy." Our technique consisted in using the tip of a scanning probe microscope to apply voltage pulses to single molecules. We were able to target specific chemical bonds in those molecules, breaking those bonds and forging new, different ones to switch back and forth at will among three different molecular structures.

The molecules in our experiment all consisted of the same atoms, but differed in the way those atoms were bonded together and arranged in space... Our findings were published today and featured on the cover of Science.

Our demonstration of selective and reversible formation of intramolecular covalent bonds is unprecedented. It advances our understanding of chemical reactions and opens a route towards advanced artificial molecular machines.... Imagine one could rearrange bonds inside a molecule at will, transforming one structural isomer into various other ones in a controlled manner. In this paper, we describe a system and a method to make exactly that possible — including the control of the direction of the atomic rearrangements by means of an external driving voltage, and without the use of reagents.
Thanks to Slashdot reader Grokew for sharing the story!

Tech companies should move ahead with controversial technology that scans for child abuse imagery on users' phones, the technical heads of GCHQ and the UK's National Cybersecurity Centre have said. From a report: So-called "client-side scanning" would involve service providers such as Facebook or Apple building software that monitors communications for suspicious activity without needing to share the contents of messages with a centralised server. Ian Levy, the NCSC's technical director, and Crispin Robinson, the technical director of cryptanalysis -- codebreaking -- at GCHQ, said the technology could protect children and privacy at the same time.

"We've found no reason why client-side scanning techniques cannot be implemented safely in many of the situations one will encounter," they wrote in a discussion paper published on Thursday, which the pair said was "not government policy." They argued that opposition to proposals for client-side scanning -- most famously a plan from Apple, now paused indefinitely, to scan photos before they are uploaded to the company's image-sharing service -- rested on specific flaws, which were fixable in practice. They suggested, for instance, requiring the involvement of multiple child protection NGOs, to guard against any individual government using the scanning apparatus to spy on civilians; and using encryption to ensure that the platform never sees any images that are passed to humans for moderation, instead involving only those same NGOs.

An anonymous reader quotes a report from Ars Technica: Google's developer deadline for the Play Store's new "Data Safety" section is next week (July 20), and we're starting to see what the future of Google Play privacy will look like. The actual Data Safety section started rolling out in April, but now that the developer deadline is approaching... Google is turning off the separate "app permissions" section? That doesn't sound like a great move for privacy at all.

The Play Store's new Data Safety section is Google's answer to a similar feature in iOS 14, which displays a list of developer-provided privacy considerations, like what data an app collects, how that data is stored, and who the data is shared with. At first blush, the Data Safety entries might seem pretty similar to the old list of app permissions. You get items like "location," and in some ways, it's better than a plain list of permissions since developers can explain how and why each bit of data is collected.

The difference is in how that data ends up in Google's system. The old list of app permissions was guaranteed to be factual because it was built by Google, automatically, by scanning the app. The Data Safety system, meanwhile, runs on the honor system. Here's Google's explanation to developers of how the new section works: "You alone are responsible for making complete and accurate declarations in your app's store listing on Google Play. Google Play reviews apps across all policy requirements; however, we cannot make determinations on behalf of the developers of how they handle user data. Only you possess all the information required to complete the Data safety form. When Google becomes aware of a discrepancy between your app behavior and your declaration, we may take appropriate action, including enforcement action."

In a game called GeoGuessr, competitors try to pinpoint where in the world a Google Street View image has been taken. Some can do it in seconds. From a report: An unremarkable stretch of highway and trees, as seen on Google Maps' Street View, appeared on the screen. It could have been anywhere from Tasmania to Texas. "This is going to be south Philippines, somewhere on this road down here," Trevor Rainbolt said instantly, clicking on a location on a map of the world that was less than 11 miles from the spot. A road winding through woods was up next. Lake Tahoe? Siberia? "It looks like we're going to be in Switzerland here, unless we're in Japan. Yeah, we have to be in Japan here," Mr. Rainbolt said, correctly pinpointing the country.

Mr. Rainbolt has become the face of a fast-growing community of geography fanatics who play a game called GeoGuessr. The premise is simple: As you stare at a computer or phone, you're plopped down somewhere in the world in Google Street View and must guess, as quickly as you can, exactly where you are. You can click to travel down roads and through cities, scanning for distinguishable landmarks or language. The closer you guess, the more points you score. To some, Mr. Rainbolt's snap answers seem like wizardry. To him, they are simply the result of countless hours of practice and an insatiable thirst for geographic knowledge.

The U.K. government has tabled an amendment (PDF) to the Online Safety Bill that could put it on a collision course with end-to-end encryption. TechCrunch reports: It's proposing to give the incoming internet regulator, Ofcom, new powers to force messaging platforms and other types of online services to implement content-scanning technologies, even if their platform is strongly encrypted -- meaning the service/company itself does not hold keys to decrypt and access user-generated content in the clear. The home secretary, Priti Patel, said today that the governments wants the bill to have greater powers to tackle child sexual abuse.

"Child sexual abuse is a sickening crime. We must all work to ensure criminals are not allowed to run rampant online and technology companies must play their part and take responsibility for keeping our children safe," she said in a statement -- which also offers the (unsubstantiated) claim that: "Privacy and security are not mutually exclusive -- we need both, and we can have both and that is what this amendment delivers." The proposed amendment is also being targeted at terrorism content -- with the tabled clause referring to: "Notices to deal with terrorism content or CSEA [child sexual exploitation & abuse] content (or both)."

These notices would allow Ofcom to order a regulated service to use "accredited" technology to identify CSEA or terrorism content which is being publicly shared on their platform and "swiftly" remove it. But the proposed amendment goes further -- also allowing Ofcom to mandate that regulated services use accredited technical means to prevent users from encountering these types of (illegal) content -- whether it's being shared publicly or privately via the service, raising questions over what the power might mean for E2E encryption.

"Paige Thompson worked as a software engineer in Seattle and ran an online community for other programmers," remembers the New York Times. [Alternate URL here and here.]

"In 2019, she downloaded personal information belonging to more than 100 million Capital One customers, the Justice Department said..." It included 140,000 Social Security numbers and 80,000 bank account numbers (drawn from applications for credit cards). Nearly three years after the disclosure of one of the largest data breaches in the United States, the former Amazon employee accused of stealing customers' personal information from Capital One is standing trial in a case that will test the power of a U.S. anti-hacking law.... She faces 10 counts of computer fraud, wire fraud and identity theft in a federal trial that began Tuesday in Seattle.... Thompson, 36, is accused of violating an anti-hacking law known as the Computer Fraud and Abuse Act, which forbids access to a computer without authorization. Thompson has pleaded not guilty, and her lawyers say her actions — scanning for online vulnerabilities and exploring what they exposed — were those of a "novice white-hat hacker."

Critics of the computer fraud law have argued that it is too broad and allows for prosecutions against people who discover vulnerabilities in online systems or break digital agreements in benign ways, such as using a pseudonym on a social media site that requires users to go by their real names. In recent years, courts have begun to agree. The Supreme Court narrowed the scope of the law last year, ruling that it could not be used to prosecute people who had legitimate access to data but exploited their access improperly. And in April, a federal appeals court ruled that automated data collection from websites, known as web scraping, did not violate the law. Last month, the Justice Department told prosecutors that they should no longer use the law to pursue hackers who engaged in "good-faith security research."

Thompson's trial will raise questions about how far security researchers can go in their pursuit of cybersecurity flaws before their actions break the law. Prosecutors said Thompson had planned to use the information she gathered for identity theft and had taken advantage of her access to corporate servers in a scheme to mine cryptocurrency... The Justice Department has argued that Thompson had no interest in helping Capital One plug the holes in its security and that she cannot be considered a "white hat" hacker. Instead, she chatted with friends online about how she might be able to profit from the breach, according to legal filings.... Some security researchers said Thompson had ventured too far into Capital One's systems to be considered a white-hat hacker.... "Legitimate people will push a door open if it looks ajar," said Chester Wisniewski, a principal research scientist at Sophos, a cybersecurity firm.... But downloading thousands of files and setting up a cryptocurrency mining operation were "intentionally malicious actions that do not happen in the course of testing security," Wisniewski said....

"Thompson scanned tens of millions of AWS customers looking for vulnerabilities," Brown wrote in a legal filing.
The article notes that Capitol One ultimately agreed to pay $80 million in 2020 "to settle claims from federal bank regulators that it lacked the security protocols needed to protect customers' data" and another $190 million to settle a class-action lawsuit representing people whose data was exposed.

"C++ allows for writing high-performance applications but this comes at a price, security..." So says Google's Chrome security team in a recent blog post, adding that in general, "While there is appetite for different languages than C++ with stronger memory safety guarantees, large codebases such as Chromium will use C++ for the foreseeable future."

So the post discusses "our journey of using heap scanning technologies to improve memory safety of C++." The basic idea is to put explicitly freed memory into quarantine and only make it available when a certain safety condition is reached. Microsoft has shipped versions of this mitigation in its browsers: MemoryProtector in Internet Explorer in 2014 and its successor MemGC in (pre-Chromium) Edge in 2015. In the Linux kernel a probabilistic approach was used where memory was eventually just recycled. And this approach has seen attention in academia in recent years with the MarkUs paper. The rest of this article summarizes our journey of experimenting with quarantines and heap scanning in Chrome.
In essence the C++ memory allocator (used by new and delete) is "intercepted." There are various hardening options which come with a performance cost:


- Overwrite the quarantined memory with special values (e.g. zero);

- Stop all application threads when the scan is running or scan the heap concurrently;

- Intercept memory writes (e.g. by page protection) to catch pointer updates;

- Scan memory word by word for possible pointers (conservative handling) or provide descriptors for objects (precise handling);

- Segregation of application memory in safe and unsafe partitions to opt-out certain objects which are either performance sensitive or can be statically proven as being safe to skip;

- Scan the execution stack in addition to just scanning heap memory...


Running our basic version on Speedometer2 regresses the total score by 8%. Bummer...

To reduce the regression we implemented various optimizations that improve the raw scanning speed. Naturally, the fastest way to scan memory is to not scan it at all and so we partitioned the heap into two classes: memory that can contain pointers and memory that we can statically prove to not contain pointers, e.g. strings. We avoid scanning memory that cannot contain any pointers. Note that such memory is still part of the quarantine, it is just not scanned....

[That and other] optimizations helped to reduce the Speedometer2 regression from 8% down to 2%.
Thanks to Slashdot reader Hari Pota for sharing the link

An anonymous reader quotes a report from Tom's Hardware: From now on, Russian and Belarusian entities can only buy CPUs operating at below 25 MHz and offering performance of up to 5 GFLOPS from Taiwanese companies. This essentially excludes all modern technology, including microcontrollers for more or less sophisticated devices. Due to restrictions imposed on exports to Russia by the United States, United Kingdom, and the European Union, leading Taiwanese companies were among the first to cease working with Russia after the country started full-scale war against Ukraine in late February. This week Taiwan's Ministry of Economic Affairs (MOEA) formally published its list of high-tech products that are banned from exportation to Russia and Belarus, which prevents all kinds of Taiwan-produced high-tech devices as well as tools used to make chips (whether or not they use technologies originated from the U.S., U.K., or E.U., which were already covered by restrictions) to be exported to the aggressive nation. [...]

Starting today, Russian entities cannot buy chips that meet one of the following conditions from Taiwanese companies, reports DigiTimes:

- Has performance of 5 GFLOPS. To put it into context, Sony's PlayStation 2 released in 2000 had peak performance of around 6.2 FP32 GFLOPS.
- Operates at 25 MHz or higher.
- Has an ALU that is wider than 32 bits.
- Has an external interconnection with a data transfer rate of 2.5 MB/s or over.
- Has more than 144 pins.
- Has basic gate propagation delay time of less than 0.4 nanosecond.

In addition to being unable to buy chips from Taiwanese companies, Russian entities will not be able to get any chip production equipment from Taiwan, which includes scanners, scanning electron microscopes, and all other types of semiconductor tools that can be used to make chips locally or perform reverse engineering (something that the country pins a lot of hopes on).

Northwestern University engineers have developed the smallest-ever remote-controlled walking robot -- and it comes in the form of a tiny, adorable peekytoe crab. From the report: Just a half-millimeter wide, the tiny crabs can bend, twist, crawl, walk, turn and even jump. The researchers also developed millimeter-sized robots resembling inchworms, crickets and beetles. Although the research is exploratory at this point, the researchers believe their technology might bring the field closer to realizing micro-sized robots that can perform practical tasks inside tightly confined spaces.

Smaller than a flea, the crab is not powered by complex hardware, hydraulics or electricity. Instead, its power lies within the elastic resilience of its body. To construct the robot, the researchers used a shape-memory alloy material that transforms to its "remembered" shape when heated. In this case, the researchers used a scanned laser beam to rapidly heat the robot at different targeted locations across its body. A thin coating of glass elastically returns that corresponding part of structure to its deformed shape upon cooling.

As the robot changes from one phase to another -- deformed to remembered shape and back again -- it creates locomotion. Not only does the laser remotely control the robot to activate it, the laser scanning direction also determines the robot's walking direction. Scanning from left to right, for example, causes the robot to move from right to left. The research was published in the journal Science Robotics.

An anonymous reader quotes a report from ZDNet: Securing the open-source software supply chain is a huge deal. Last year, the Biden administration issued an executive order to improve software supply chain security. This came after the Colonial Pipeline ransomware attack shut down gas and oil deliveries throughout the southeast and the SolarWinds software supply chain attack. Securing software became a top priority. In response, The Open Source Security Foundation (OpenSSF) and Linux Foundation rose to this security challenge. Now, they're calling for $150 million in funding over two years to fix ten major open-source security problems.

The government will not be paying the freight for these changes. $30 million has already been pledged by Amazon, Ericsson, Google, Intel, Microsoft, and VMWare. More is already on the way. Amazon Web Services (AWS) has already pledged an additional $10 million. At the White House press conference, OpenSSF general manager Brian Behlendorf said, "I want to be clear: We're not here to fundraise from the government. We did not anticipate needing to go directly to the government to get funding for anyone to be successful."

Here are the ten goals the open-source industry is committed to meeting:

1. Security Education: Deliver baseline secure software development education and certification to all.
2. Risk Assessment: Establish a public, vendor-neutral, objective-metrics-based risk assessment dashboard for the top 10,000 (or more) OSS components.
3. Digital Signatures: Accelerate the adoption of digital signatures on software releases.
4. Memory Safety: Eliminate root causes of many vulnerabilities through the replacement of non-memory-safe languages.
5. Incident Response: Establish the OpenSSF Open Source Security Incident Response Team, security experts who can step in to assist open source projects during critical times when responding to a vulnerability.
6. Better Scanning: Accelerate the discovery of new vulnerabilities by maintainers and experts through advanced security tools and expert guidance.
7. Code Audits: Conduct third-party code reviews (and any necessary remediation work) of up to 200 of the most-critical OSS components once per year.
8. Data Sharing: Coordinate industry-wide data sharing to improve the research that helps determine the most critical OSS components.
9. Software Bill of Materials (SBOMs): Everywhere Improve SBOM tooling and training to drive adoption.
10. Improved Supply Chains: Enhance the 10 most critical open-source software build systems, package managers, and distribution systems with better supply chain security tools and best practices.

The European Commission has proposed controversial new regulation that would require chat apps like WhatsApp and Facebook Messenger to selectively scan users' private messages for child sexual abuse material (CSAM) and "grooming" behavior. The proposal is similar to plans mooted by Apple last year but, say critics, much more invasive. From a report: After a draft of the regulation leaked earlier this week, privacy experts condemned it in the strongest terms. "This document is the most terrifying thing I've ever seen," tweeted cryptography professor Matthew Green. "It describes the most sophisticated mass surveillance machinery ever deployed outside of China and the USSR. Not an exaggeration." Jan Penfrat of digital advocacy group European Digital Rights (EDRi) echoed the concern, saying, "This looks like a shameful general #surveillance law entirely unfitting for any free democracy." (A comparison of the PDFs shows differences between the leaked draft and final proposal are cosmetic only.) The regulation would establish a number of new obligations for "online service providers" -- a broad category that includes app stores, hosting companies, and any provider of "interpersonal communications service."

An anonymous reader quotes a report from TorrentFreak: The U.S. Copyright Office has launched a public consultation to evaluate whether it's wise to make certain technical protection measures mandatory under the DMCA. The Office hopes to hear all relevant stakeholders and the public at large in what may become a de facto review of the recently introduced SMART Copyright Act. [...] Following repeated nudges from Senators Thom Tillis and Patrick Leahy, the Copyright Office started looking into automated tools that online services can use to ensure that pirated content can't be easily reuploaded. This "takedown and staydown' approach relies on technical protection tools, which include upload filters. This is a sensitive subject that previously generated quite a bit of pushback when the EU drafted its Copyright Directive. To gauge the various options and viewpoints, the Copyright Office launched a consultation last year, which triggered a wave of objections and opposition.

Last week, the Office followed up with yet another consultation, asking for input on shortcomings in the current DMCA legislation and what alternatives could help to improve things. As things stand, online services are allowed to implement their own upload filters, which many do. Scanning uploads for potentially copyright-infringing content isn't mandatory but that could change in the future. The consultation outline mentions several potential changes to the DMCA's Section 512, such as online services losing their safe harbor protection if they fail to implement specific "standard technical measures" (STMs). "Is the loss of the section 512 safe harbors an appropriate remedy for interfering with or failing to accommodate STMs?" the Copyright Office asks. "Are there other obligations concerning STMs that ought to be required of internet service providers?" the list of questions continues.

Stakeholders are asked to share their views on these matters. While it is uncertain whether any measures will be made mandatory, the Copyright Office is already looking ahead. For example, who gets to decide what STMs will be mandatory, and how would the rulemaking process work? "What entity or entities would be best positioned to administer such a rulemaking? What should be the frequency of such a rulemaking? What would be the benefits of such a rulemaking? What would be the drawbacks of such a rulemaking?"

A special ESPN+ show Saturday brought back John McEnroe "to face his ultimate opponent. Himself." TechCrunch reports: The 45-minute film will showcase how the match was created using a combination of artificial intelligence and machine learning, plus five virtual avatars of John McEnroe from pivotal points of his career. The team at [technology/production company] Unit 9 spent a day with John in order to bring the vision to life via full-body scanning, motion capture and Unreal Engine MetaHuman technology (a cloud-based app that creates photorealistic digital humans). The avatar game system will be projected on a hologram particle screen and will be a simulation of gameplay with a system of ball launchers and ball return robots.

When McEnroe sends the ball over the net, the avatar responds to the direction of the real ball. As the avatar swings, a new ball is fired from the ball cannon and then flies through a smokescreen at a precise point in space to make it appear from the avatar's racket position.... Unit 9's team analyzed hours of footage from John's matches throughout his entire career and recorded hundreds of shots, strokes and movements. In total, they recorded 308 shots with over 259 loops and blends to really capture his footwork and well-known shot-making and volleying skills.

The best part about this is the team recorded numerous key phrases and statements so McEnroe could talk smack to his virtual self (and maybe even smash a couple of rackets).
As McEnroe himself pointed out to Forbes.... "I can't lose." But he also sounds like he enjoyed the experience: The most interesting recreation of his playing style to him is the 1979 version of him because professional tennis was all so new to him at the time. "That was the year I may have enjoyed the most on the circuit," he says, "I was just coming up, and on the way up and you are so excited and want to travel the world."

From there, he thinks the 1992 version of himself will offer the other end of his career, after having three kids. He knows that 1984 was the best year on tour, but "I have more interest in the young and old opposed to (1984)."
McEnroe also wanted the sport of tennis to get extra exposure — and that it would be good "If we have a way where we project something different and have some fun with it and peoples can laugh with it..."

Or, as AdWeek quotes McEnroe as saying, "Who wouldn't want an opportunity to literally be able to look back at where you started and celebrate how much you've grown and learned along the way?"

Ukrainian officials "have run more than 8,600 facial recognition searches on dead or captured Russian soldiers in the 50 days since Moscow's invasion began, using the scans to identify bodies and contact hundreds of their families," reports the Washington Post.

Ukraine's IT Army (taking direction from Ukraine's government) "says it has used those identifications to inform the families of the deaths of 582 Russians, including by sending them photos of the abandoned corpses." The Ukrainians champion the use of face-scanning software from the U.S. tech firm Clearview AI as a brutal but effective way to stir up dissent inside Russia, discourage other fighters and hasten an end to a devastating war. But some military and technology analysts worry that the strategy could backfire, inflaming anger over a shock campaign directed at mothers who may be thousands of miles from the drivers of the Kremlin's war machine.

The West's solidarity with Ukraine makes it tempting to support such a radical act designed to capitalize on family grief, said Stephanie Hare, a surveillance researcher in London. But contacting soldiers' parents, she said, is "classic psychological warfare" and could set a dangerous new standard for future conflicts. "If it were Russian soldiers doing this with Ukrainian mothers, we might say, 'Oh, my God, that's barbaric,' " she said. "And is it actually working? Or is it making them say: 'Look at these lawless, cruel Ukrainians, doing this to our boys?' "

Clearview AI's chief executive, Hoan Ton-That, told The Washington Post that more than 340 officials across five Ukrainian government agencies now can use its tool to run facial recognition searches whenever they want, free of charge. Clearview employees now hold weekly, sometimes daily, training calls over Zoom with new police and military officials looking to gain access. Ton-That recounted several "'oh, wow' moments" as the Ukrainians witnessed how much data — including family photos, social media posts and relationship details — they could gather from a single cadaver scan.

Some of them are using Clearview's mobile app to scan faces while on the battlefield, he said. Others have logged in for training while stationed at a checkpoint or out on patrol, the night sky visible behind their faces. "They're so enthusiastic," Ton-That said. "Their energy is really high. They say they're going to win, every call...."
About 10% of Clearview's database came from Russia's biggest social network, the Post learns from Clearview's chief executive, ""making it a potentially useful tool for battlefield scans." Ukrainian agencies, Ton-That said, have used the app to confirm the identities of people at military checkpoints and to check whether a Ukrainian is a possible Russian infiltrator or saboteur. He argued that the system could deter Russian soldiers from committing war crimes, for fear of being identified, and said the Ukrainians are considering using the tool to verify the identities of Ukrainian refugees and their hosts as they flee for safety.... Beyond scanning corpses, Ukraine also is using facial recognition to identify Russian soldiers caught on camera looting Ukrainian homes and storefronts, an official with Ukraine's Digital Transformation Ministry told The Post. Mykhailo Fedorov, the head of that ministry, this month shared on Twitter and Instagram the name, hometown and personal photo of a man he said was recorded shipping hundreds of pounds of looted clothes from a Belarus post office to his home in eastern Russia. "Our technology will find all of them," he wrote.
The article asks what happens if software makes a mistake in its identification — but Clearview's chief executive argues their tool is accurate Ton-That said the company's sole ambition is to help defend a besieged country. But he also acknowledged the war has helped provide a "good example for other parts of the U.S. government to see how these use cases work."

"This is a new war," he said. And the Ukrainians are "very creative with what they've been able to do."
Thanks to Slashdot readers fbobraga and schwit1 for submitting the article.

Worldcoin -- the billion-dollar startup that wants to give cryptocurrency to every living human by imaging their eyes -- has recently halted operations in at least seven countries due to a host of logistical hurdles that have prompted it to redraw its launch plans. From a report: Co-founded in 2020 by former Y Combinator chief Sam Altman, Worldcoin aims to photograph the irises of everyone on earth in order to identify them so it can distribute its new digital money fairly. So far, the company has collected images of the eyes of hundreds of thousands of people in about 20 countries. But the process has been bedeviled by problems such as uneven smartphone access, confused users and fraud attempts.

Worldcoin has suspended its work in multiple countries after local contractors departed or regulations made doing business impossible. After technical challenges, it also instituted a new requirement that anyone signing up must have a smartphone -- limiting its reach in developing nations, which have been key to the company's vision. Worldcoin has also repeatedly delayed its target launch date, which is now set for later this year. Worldcoin co-founder and Chief Executive Officer Alex Blania said in an interview last week that these setbacks are the natural result of "very aggressive testing" for a young startup. The company has grown from 10 employees to 100 in the last year, Blania said, and it's still experimenting as it hones its operations. "You're still talking to a Series A company, not an Uber," he said. "Things are not perfect."

Walgreens and other retailers replaced some fridge and freezer doors with iPad-like screens, reports CNN. "And some shoppers absolutely hate it." The screens, which were developed by the startup Cooler Screens, use a system of motion sensors and cameras to display what's inside the doors — as well as product information, prices, deals and, most appealing to brands, paid advertisements. The tech provides stores with an additional revenue stream and a way to modernize the shopping experience. But for customers who just want to peek into the freezer and grab their ice cream, Walgreens risks angering them by solving a problem that shoppers didn't know existed. The company wants to engage more people with advertising, but the reaction, so far, is annoyance and confusion.

"Why would Walgreens do this?" one befuddled shopper who encountered the screens posted on TikTok. "Who on God's green earth thought this was a good idea?"

"The digital cooler screens at Walgreens made me watch an ad before it allowed me to know which door held the frozen pizzas," said someone on Twitter....

Walgreens began testing the screens in 2018 and has since expanded the pilot to a couple thousand locations nationwide. Several other major retailers are launching their own tests with Cooler Screens, including Kroger, CVS, GetGo convenience stores and Chevron gas stations. "I hope that we will one day be able to expand across all parts of the store," said Cooler Screens co-founder and CEO Arsen Avakian in an interview with CNN Business. Currently the startup has about 10,000 screens in stores, which are viewed by approximately 90 million consumers monthly, according to the company....

Politifact last month debunked a viral Facebook video that claimed "Walgreens refrigerators are scanning shoppers' hands and foreheads for 'the mark of the beast.'"

Avakian insists the tech is "identity-blind" and protects consumers' privacy. The freezers have front-facing sensors used to anonymously track shoppers interacting with the platform, while internally facing cameras track product inventory...

The items on display don't always match up with what's inside because products are out of stock.....

"This is the future of retail and shopping," Avakian said.
CNN notes that major corporations are backing the company Cooler Screens, which "has raised more than $100 million from backers including Microsoft and Verizon." But long-time Slashdot reader davidwr points out it's been done before. "Some gas stations have had video ads at the pump for years now. I boycott those stations on principle."

And Slashdot reader quonset wonders if we're one step closer to Futurama's vision of a world where advertisers enter our dreams.