Researchers at Northwestern University have devised a new method for recording information to DNA that takes minutes rather than hours or days. Interesting Engineering reports: The researchers utilized a novel enzymatic system to synthesize DNA that records rapidly changing environmental signals straight into its sequences, and this method could revolutionize how scientists examine and record neurons inside the brain. To record intracellular molecular and digital data to DNA, scientists currently rely on multipart processes that combine new information with existing DNA sequences. This means that, for an accurate recording, they must stimulate and repress the expression of specific proteins, which can take over 10 hours to complete.

The new study's researchers hypothesized they could make this process faster by utilizing a new method they call "Time-sensitive Untemplated Recording using Tdt for Local Environmental Signals," or TURTLES. This way, they would synthesize completely new DNA rather than copying a template of it. The method enabled the data to be recorded into the genetic code in a matter of minutes. "Nature is good at copying DNA, but we really wanted to be able to write DNA from scratch," Northwestern engineering professor Keith E.J. Tyo, the paper's senior author, said, in the press release. "The ex vivo (outside the body) way to do this involves a slow, chemical synthesis. Our method is much cheaper to write information because the enzyme that synthesizes the DNA can be directly manipulated. State-of-the-art intracellular recordings are even slower because they require the mechanical steps of protein expression in response to signals, as opposed to our enzymes which are all expressed ahead of time and can continuously store information."

Telegram-powered bots are being utilized to steal the one-time passwords required in two-factor authentication (2FA) security. From a report: The ransomware threat is growing: What needs to happen to stop attacks getting worse? On Wednesday, researchers from Intel 471 said that they have seen an "uptick" in the number of these services provided in the web's underground, and over the past few months, it appears the variety of 2FA circumvention solutions is expanding -- with bots becoming a firm favorite. [...] While 2FA can improve upon the use of passwords alone to protect our accounts, threat actors were quick to develop methods to intercept OTP, such as through malware or social engineering. According to Intel 471, since June, a number of 2FA-circumventing services are abusing the Telegram messaging service. Telegram is either being used to create and manage bots or as a 'customer support' channel host for cybercriminals running these types of operations. "In these support channels, users often share their success while using the bot, often walking away with thousands of dollars from victim accounts," the researchers say.

An anonymous reader quotes a report from Popular Mechanics, written by Laura Rider: After four long years of planning, the world's first 3D-printed steel bridge debuted in Amsterdam last month. If it stands up to the elements, the bridge could be a blueprint for fixing our own structurally deficient infrastructure in the U.S. -- and we sorely need the help. Dutch Company MX3D built the almost 40-foot-long bridge for pedestrians and cyclists to cross the city's Oudezijds Achterburgwal canal. It relied on four robots, fit with welding torches, to 3D-print the structure. To do it, the machines laid out 10,000 pounds of steel, heated to 2,732 degrees Fahrenheit, in an intricate layering process. The result? An award-winning design, pushing the boundaries of what steel can do.

Designers first came up with the concept for the bridge in 2015, with the goal of making an exceptionally efficient structure. To do so, they had to emphasize two things: simplicity and safety. To monitor the efficiency of their design, scientists at Imperial College London engineered the bridge to be a "living laboratory." A team of structural engineers, computer scientists, and statisticians developed a system of over one dozen embedded sensors for the bridge, which send live data to the university for further analysis of the bridge's performance. They monitor the bridge's movement, vibration, temperature, strain (the change in shape and size of materials under applied forces), and displacement (the amount an object shifts in a specific direction) over time. From that data, scientists built a "digital twin" -- computer science parlance for an identical, virtual rendering -- of the bridge that gets more accurate over time. With machine learning, they can now look for trends that might suggest modifications are in order.

For this bridge, designers utilized two methods of 3D printing -- Direct Energy Deposit (DED) and Powder Bed Fusion (PBF). With DED, the printer feeds material (typically in powder or wire form) through a pen-like nozzle, and an intense heat source (typically a laser, but sometimes an electron beam) melts the metal on contact. PBF works similarly in that a laser or electron beam melts powder down to build each layer. The main advantage of PBF, though, is that it operates with much smaller (and more expensive) parts, resulting in a higher-resolution project than DED could accomplish on its own. This allows designers to take their visions a step further.

The U.S. and a coalition of allies on Monday formally attributed the sweeping campaign against Microsoft Exchange email servers to hackers affiliated with China's Ministry of State Security. From a report: The group assessed with "high confidence" that Beijing-linked digital operators carried out the attack that ensnared hundreds of thousands of systems worldwide, a senior Biden administration official told reporters on Sunday. In addition, the partners alleged the ministry -- which oversees the civilian arm of Beijing's intelligence gathering operations -- has utilized contract hackers to conduct other malicious cyber activities around the globe, including a ransomware attack on an American company, and other pursuits to line the pockets of MSS officials.

The use of such hired muscle "was really eye-opening and surprising for us," said the official, who was only authorized to speak anonymously. The coalition includes the U.S., the so-called "Five Eye" nations, Japan, the European Union and NATO. Monday's announcement marks the first time the transatlantic alliance has condemned Chinese digital activities, the official said. The massive Exchange hack was first disclosed in March -- at the same time the Biden administration was dealing with the SolarWinds breach that has since been formally attributed to Russia's foreign intelligence service.

"When Red Hat killed off CentOS Linux in a highly controversial December 2020 announcement, Gregory Kurtzer immediately announced his intention to recreate CentOS with a new distribution named after his deceased mentor," Ars Technica reported in February.

And this week, "The Rocky Enterprise Software Foundation has announced general availability (GA) of Rocky Linux 8.4," reports ZDNet. "It's an important milestone because it's the first Rocky Linux general availability release ever." Huge companies, including Disney, GoDaddy, Rackspace, Toyota and Verizon, relied on CentOS, and they were reportedly not happy about RedHat's decision... It turns out that Kurtzer's decision has been a popular one. Besides quickly building up an army of hundreds of contributors for the project, Rocky Linux 8.4 - which follows the May 18 release of Red Hat's RHEL 8.4 - was downloaded at least 10,000 times within half a day of its release... "If we extrapolate the count to include our other mirrors we are probably at least 3-4x that (if not even way more)!" boasts Kurtzer in a LinkedIn post. "Lots of reports coming in of people and organizations already replacing their CentOS systems (and even other Linux distributions) with Rocky. The media is flying off the hook and business analysts also validating to me personally that Rocky Linux might soon be the most utilized Linux operating system used in enterprise and cloud!"

Rocky Linux 8.4 took seven months for the newly formed community to release, and is available for x86_64 and ARM64 (aarch64) architecture hardware in various ISOs.
"Sufficient testing has been performed such that we have confidence in its stability for production systems," explains a blog post at RockyLinux.org, adding that free community support is available through the forums as well as live chat avaiable through IRC and Rocky Linux Mattermost. "Paid commercial support is currently available through CIQ..."

"Corporations come and go, their interests as transient as they are self-serving. But a community persists, and that's who we dedicate Rocky Linux to: you." Rocky is more than the next free and open, community enterprise operating system. It's a community. A commitment to an ideal bigger than the sum of its parts, and a promise that our principles — embedded even within our repositories and ISOs — are immutable...

This is just the beginning, and the Rocky Enterprise Software Foundation is more than just Rocky Linux — it's a home for those that believe that open source isn't just a switch that can be toggled at will, and that projects that many rely on not be subject to the whims of a few. To this point, you can easily find all of our sources, our build infrastructure, Git repositories, and everything else anyone would need to fork our work and ensure that it continues if need be...

When we announced our release candidate, we asked you to come build the next free, open, community enterprise operating system with us. Now we're asking you for more: join us as we build our community.
They also thanked 11 sponsors and partners for contributing "resources, financial backing, software, and infrastructure."

An anonymous reader quotes a report from New Atlas: A fascinating new study from a team of US researchers has used machine learning techniques to develop algorithms that can analyze naturalistic driving data and detect mild cognitive impairment and dementia in a driver. The work is still in the preliminary stages, however, the researchers claim it could be possible in the future to detect early signs of dementia using either a smartphone app or devices incorporated into car software systems. The research utilized data from a novel long-term study called LongROAD (The Longitudinal Research on Aging Drivers), which tracked nearly 3,000 older drivers for up to four years, offering a large longitudinal dataset.

Over the course of the LongROAD study, 33 subjects were diagnosed with MCI and 31 with dementia. A series of machine learning models were trained on the LongROAD data, tasked with detecting MCI and dementia from driving behaviors. "Based on variables derived from the naturalistic driving data and basic demographic characteristics, such as age, sex, race/ethnicity and education level, we could predict mild cognitive impairment and dementia with 88 percent accuracy," says Sharon Di, lead author on the new study. Although age was the number one factor for detecting MCI or dementia, a number of driving variables closely followed. These include, "the percentage of trips traveled within 15 miles (24 km) of home ... the length of trips starting and ending at home, minutes per trip, and number of hard braking events with deceleration rates 0.35 g." Using driving variables alone, the models could still predict those MCI or dementia drivers with 66 percent accuracy. The new study was published in the journal Geriatrics.

Google "has utilized a secret program to track bids on its ad-buying platform," writes the New York Post, "and has been accused of using the information to gain an unfair market advantage that raked in hundreds of millions of dollars annually, according to a report." The initiative — dubbed "Project Bernanke" in an apparent reference to former Federal Reserve chairman Ben Bernanke — was detailed in court filings in an ongoing Texas-led antitrust suit, which were initially uploaded to an online docket with incomplete redactions, The Wall Street Journal reported Saturday... Lawyers for the Lone Star State argue, however, that the program was tantamount to insider trading, particularly when combined with Google's complicated, multi-layered role in the online advertising marketplace.

The company operates simultaneously as the operator of a major ad exchange, a representative of both buyers and sellers on the exchange — and a buyer in its own right, according to the suit. By using Project Bernanke's inside information on what other ad buyers were willing to pay for space, Google could tailor its operations to beat out rivals and bid the bare minimum to secure ad inventory, the state reportedly alleges...

Separately, the filings reveal more details about Jedi Blue — an alleged hush-hush deal in which Google allegedly guaranteed that Facebook would win a fixed percentage of advertising deals in which the social media giant bid... Google also admitted that the deal required Facebook to spend $500 million or more in Google's Ad Manager or AdMob bids in the pact's fourth year, and that Facebook agreed to make efforts to win 10 percent of the auctions in which it competed, the WSJ said.

The arrangement appeared "to allow Facebook to bid and win more often in auctions," lawyers for Texas alleged in their filings.

An anonymous reader quotes a report from The Hill: A coalition of health and technology organizations are working to develop a digital COVID-19 vaccination passport to allow businesses, airlines and countries to check if people have received the vaccine. The Vaccination Credential Initiative, announced on Thursday, is formulating technology to confirm vaccinations in the likelihood that some governments will mandate people provide proof of their shots in order to enter the nation. The organization hopes the technology will allow people to "demonstrate their health status to safely return to travel, work, school and life while protecting their data privacy."

The initiative, which includes members like Microsoft, Oracle and U.S. nonprofit Mayo Clinic, is using the work from member Commons Project's international digital document that verifies a person has tested negative for COVID-19, the Financial Times reported. The Commons Project's technology, created in partnership with the Rockefeller Foundation, is being utilized by three major airline alliances. The coalition is reportedly in discussions with several governments to create a program requiring either negative tests or proof of vaccination to enter, Paul Meyer, the chief executive of The Commons Project, told the Times. The technology will need to allow patients to keep their data secure while being available in a digital wallet or a physical QR code for them to regulate who sees the information.

An anonymous reader shares a report: A ten-year longitudinal study published in the Journal of Cyberpsychology, Behavior, and Social Networking on a group in early adolescence from as young as ten years old, investigated how playing violent video games at an early age would translate into adulthood behavior (23 years of age). Titled "Growing Up with Grand Theft Auto: A 10-Year Study of Longitudinal Growth of Violent Video Game Play in Adolescents" the study found no correlation between growing up playing video games and increased levels of aggression ten years later. This particular study utilized a more contemporary approach for analyzing its data, known as the person-centered approach. Traditional studies use a variable-centered approach whereby researchers treat each variable, or characteristic, as related to another variable. An example would be that exercising is related to a reduced incidence of heart disease. This has been particularly valuable when comparing groups. In a person-centered approach researchers combine various algorithms across variables to determine how these variables compare among individuals. This approach provides a more accurate depiction of how variables relate to the individual.

Last week, some Goodreads users received a disappointing message: The popular book tracking website is disabling access to its API for users who haven't used the product in more than 30 days. The company says it "plans to retire these tools" altogether and that, as of December 8, it will no longer issue new keys. It's unclear when or if Goodreads will close off its API to active users. From a report: "When I found out, I was pretty upset," says Karen Ellett, a software developer in South Carolina who uses the Goodreads API to power a private tool that tracks book series. The tool, which she had hoped to eventually release for other people to use, keeps track of new releases in book series she reads, which is a function Goodreads doesn't currently offer. When a new book gets added to the series, Ellett's tool updates automatically, so she doesn't have to go looking for it on her own when she's ready to dive back into the series. Since she's read 172 books this year, it's not easy for her to mentally juggle all the new additions she wants to get to on her own.

"I've put so many hours into developing this tool not just for myself, but with an eye towards it being utilized by other people. I'd say I was probably about 70 to 80% done, and now there's just no point," she says. As Goodreads is a stagnant product that has barely improved its functionality and features since it was acquired by Amazon in 2013, thousands of readers with basic coding skills use the Goodreads API to power their own better features and tools. On a thread about the change for Goodreads Developers, one user says the Discord book recommendations bot he was in the process of building suddenly stopped working. Another says his tool, which analyzes statistics related to the authors on a Goodreads user's "read" list, will be shut down, nullifying countless hours of work he put into the feature. Ellett still uses the API daily, so her access to the API hasn't been shut down -- yet. She heard about it from a friend who forwarded the email to her. Many Goodreads API users complain that the communication from Goodreads has been terrible, with people only hearing about the change from intermittent users whose access was suddenly terminated.

Foxconn plans to assemble key components for Google servers from its plant in Wisconsin, people familiar with the matter said, finally breathing life into a factory Donald Trump hailed as crucial to bringing manufacturing back to the U.S. Bloomberg reports: The Taiwanese company has decided to locate production for this new contract at the existing complex rather than make the components at home or in China, the people said, asking not to be identified discussing a sensitive move. The under-utilized factory should start mass production in the first quarter, timed with the release of Intel Corp.'s Ice Lake server chips, they said. Foxconn is setting up surface-mount technology assembly lines that it will use to place semiconductors onto circuit boards, they added. A Foxconn representative confirmed it's developing data center infrastructure and high-performance computing "capabilities" in Wisconsin, but declined to name any customers.

Taiwan counts Washington as an essential diplomatic, economic and military ally amid rising tensions with Beijing. Foxconn, which operates most of its factories in central and southern China, won Google's business because it was the only contract manufacturer capable of establishing a surface-mount technology line on American soil, one of the people said. Shanghai-listed Foxconn Industrial Internet Co., its cloud business unit, will oversee the server business in Wisconsin, another person familiar with Foxconn's operations said.

The Google Cloud team revealed today a previously undisclosed DDoS attack that targeted Google service back in September 2017 and which clocked at 2.54 Tbps, making it the largest DDoS attack recorded to date. From a report: In a separate report published at the same time, the Google Threat Threat Analysis Group (TAG), the Google security team that analyzes high-end threat groups, said the attack was carried out by a state-sponsored threat actor. TAG researchers said the attack came from China, having originated from within the network of four Chinese internet service providers (ASNs 4134, 4837, 58453, and 9394). Damian Menscher, a Security Reliability Engineer for Google Cloud, said the 2.54 Tbps peak was "the culmination of a six-month campaign" that utilized multiple methods of attacks to hammer Google's server infrastructure.

Airbus just completed its Autonomous Taxi, Take-Off, and Landing project that saw one of its jets perform normally pilot-flown maneuvers entirely on its own. Business Insider reports: The European manufacturer just completed flight testing for its Autonomous Taxi, Take-off, and Landing project in June after its flagship aircraft successfully navigated each phase of flight on its own as pilots simply watched. Over 500 flights were conducted with the new Airbus A350-1000 XWB that successfully utilized "image recognition technology" to essentially give the plane a pair of eyes. The technology, integrated with the A350's exterior cameras, allowed it to perform the phases of flight entirely on its own, Airbus announced. The first milestone of the flight testing campaign occurred in December when Airbus was able to successfully demonstrate autonomous take-offs from Toulouse-Blagnac Airport in France. All pilots had to do in the first test was line up the plane with the runway and then sit back and watch as the plane barreled down the runway, lifting off on its own. With Airbus proving that its jet can also land and taxi on its own, the door is now open to fully autonomous flights.

The Diet enacted a bill Wednesday to create "super cities" where artificial intelligence, big data and other technologies are utilized to resolve social problems. The Japan Times reports: The bill revising the national strategic special zone law passed the House of Councilors by a majority vote with support mainly from the ruling coalition. The revision stipulates procedures to speed up the changing of regulations in various fields to facilitate the creating of such smart cities. The government hopes to utilize cutting-edge technologies to address issues such as depopulation and the aging of society. In such cities, data-linking platforms to collect and organize various kinds of data from administrative organizations and companies will be established for autonomous driving, cashless payments, telemedicine and other services.

Under the revised law, local governments to be selected will launch forums with the central government and private companies, draw up city development plans and make applications to the state after winning understanding from local residents. The government hopes to realize such city development plans swiftly after discussions at related government agencies.

Epic Games' Unreal is already one of the most widely used game engines on the planet, utilized by game developers, advertisers and filmmakers alike. And it's ready to take the next step. From a report: Epic Games announced its new Unreal Engine 5 today and we finally have an idea of what graphics will look like on next generation hardware. The first gameplay footage from Microsoft's Xbox Series X was underwhelming, but the first run of games on new hardware typically is. The nine minutes of footage from Epic, which is running a tech demo on PlayStation 5 hardware, offered our first real glimpse of what may be the future of video game visuals. The clip features a video game protagonist exploring a cave system then skysurfing through a mountain pass as ruins crumble around her. Epic designed it to showcase two new features of Unreal Engine 5 -- nanite and lumen. Epic Games says that nanite allows game designers to render an incredible amount of polygons on screen, leading to photo-realistic environments. Lumen is a new lighting engine that renders light and fills space similarly to Nvidia's RTX tech.

In the demo, the two new technologies add up to a beautiful scene with complicated textures, animation, and lighting. Epic Games is selling these new technologies, and Unreal Engine 5 in general, as tools developers can use to save time in the development process. According to Epic Games, Unreal Engine 5 comes with a suite of tools that allow developers to rely less on hand crafting environments and animations. The demo is gorgeous, but it doesn't show off the developer's version of the software and it's hard to know what the software will look like for its target audience -- people making video games.

Remember when BlackBerry reported Advanced Persistent Threat groups have been infiltrating critical Linux servers for at least eight years? What's the lesson to be learned?

LinuxSecurity Founder Dave Wreski argues "Although it may be easy to blame the rise in attacks targeting Linux in recent years on security vulnerabilities in the operating system as a whole, this is simply not the truth. The majority of exploits on Linux systems can be attributed to misconfigured servers and poor administration."

Writing for Linux Security, Slashdot reader b-dayyy gathered some additional responses: Some experts argue that it is the popularity of Linux that makes it a target. Joe McManus, Director of Security at Canonical, explains: "Linux and, particularly Ubuntu, are incredibly secure systems but, that being said, it is their popularity that makes them a target." Ian Thornton-Trump, a threat intelligence expert and the CISO at Cyjax, adds: "From an economic and mission perspective, it makes sense for a threat actor to invest in open-source skills for flexibility and the ability to target the systems where the good stuff is happening."

Despite the increasing number of threats targeting Linux systems, there is still a sound argument for the inherent security of Linux, which can be attributed to the core fundamentals of Open Source. Due to the transparency of open-source code and the constant scrutiny that this code undergoes by a vibrant global community, vulnerabilities are identified and remedied quicker than flaws that exist in the opaque source code of proprietary software and operating systems. Threat actors recognize this, and are still directing the majority of their attacks at proprietary operating systems.

These attacks do; however, serve as a much-needed wakeup call for the security community that more needs to be done to protect Linux servers. BlackBerry's report reveals that security solutions and defensive coverage available within Linux environments is "immature at best". Endpoint protection, detection and response products are inadequately utilized by too many Linux users, and endpoint solutions available for Linux systems are often insufficient in combating advanced exploits. Eric Cornelius, Chief Product Officer at BlackBerry, evaluates: "Security products and services that support Linux, offerings that might detect and give us insight into a threat like this, are relatively lacking compared to other operating systems, and security research about APT use of Linux malware is also relatively sparse."

Nation-state hackers breached the networks of two US municipalities last year, the FBI said in a security alert sent to private industry partners last week. An anonymous reader writes: The hacks took place after attackers used the CVE-2019-0604 vulnerability in Microsoft SharePoint servers to breach the two municipalities' networks. The FBI says that once attackers got a foothold on these networks, "malicious activities included exfiltration of user information, escalation of administrative privileges, and the dropping of webshells for remote/backdoor persistent access." "Due to the sophistication of the compromise and Tactics, Techniques, and Procedures (TTPs) utilized, the FBI believes unidentified nation-state actors are involved in the compromise," the agency said in its security alert. The FBI could not say if both intrusions were carried out by the same group. The agency also did not name the two hacked municipalities; however, it reported the two breaches in greater detail, listing the attackers' steps in each incident.

Apple's recent purchase of Seattle-based AI company Xnor.ai is leaving Wyze's affordable cameras without the people detection feature. The Verge reports: Cameras from fellow Seattle-based company Wyze, including the Wyze Cam V2 and Wyze Cam Pan, have utilized Xnor.ai's on-device people detection since last summer. But now that Apple owns the company, it's no longer available. Some people on Wyze's forum are noting that the beta firmware removing the people detection has already started to roll out. Oddly enough, word of this lapse in service isn't anything new. Wyze issued a statement in November 2019 saying that Xnor.ai had terminated their contract (though its reason for doing so wasn't as clear then as it is today), and that a firmware update slated for mid-January 2020 would remove the feature from those cameras.

There's a bright side to this loss, though, even if Apple snapping up Xnor.ai makes Wyze's affordable cameras less appealing in the interim. Wyze says that it's working on its own in-house version of people detection for launch at some point this year. And whether it operates on-device via "edge AI" computing like Xnor.ai's does, or by authenticating through the cloud, it will be free for users when it launches. That's good and all, but the year just started, and it's a little worrying Wyze hasn't followed up with a specific time frame for its replacement of the feature. Two days ago, Wyze's social media community manager stated that the company was "making great progress" on its forums, but they didn't offer up when it would be available.

An anonymous reader quotes Bloomberg News: A Russia-linked group is believed to have utilized Iranian tools to conduct cyber attacks against dozens of countries, in an apparent effort to mask their identities, according to joint advisories by the U.S. and the U.K.

The group, known as Turla, used tools from suspected Iran-based hacking groups and deployed them against old and new targets. In order to acquire the tools, Turla "comprised the suspected Iran-based hacking groups themselves," according to the U.S. National Security Agency and the U.K.'s National Cyber Security Centre, which released the advisories on Monday. The original owners of the tools "were almost certainly not aware of, or complicit with, Turla's use of their implants," the agencies said. The attacks, against more than 35 countries, would appear to the victims as coming from Iran.

New submitter RhettLivingston writes: Real plans for the move of Starship Mk 2 from its current construction site in Cocoa to the Kennedy Space Center have finally emerged. A News 6 Orlando report identifies permit applications and observed preparations for the move,which will take a land and sea route. Barring some remarkably hasty road compaction and paving, the prototype will start its journey off-road, crossing a recently cleared path through vacant land to reach Grissom Parkway. It will then travel east in the westbound lanes of SR 528 for a short distance before loading to a barge in the Indian river via a makeshift dock. The rest of the route is relatively conventional, including offloading at KSC at the site previously used for delivery of the Space Shuttle's external fuel tanks. Given the recent construction of new facilities at the current construction site, it is likely that this will not be the last time this route is utilized. SpaceX declined to say how the company will transport the spacecraft or when the relocation will occur.

SpaceX's "Mk2" orbital Starship prototype is designed to test out the technologies and basic design of the final Starship vehicle -- a giant passenger spacecraft that SpaceX is making to take people to the Moon and Mars.