An anonymous reader quotes a report from Peoples Dispatch: Mexico has officially nationalized its lithium industry. On April 21, the bill, proposed by President Andres Manuel Lopez Obrador (AMLO), that modified the mining law to give the state the exclusive right to explore, exploit and use the valuable metal entered into force. According to the law, published in the Official Gazette of the Federation, the executive or the president now has 90 days to create a decentralized state company that will deal with all lithium-related matters. [...] The new mining law recognizes lithium as a heritage of the nation, and reserves it for the benefit of the people of Mexico. It elevates lithium to the category of "strategic mineral," and prohibits granting concessions, licenses, contracts, permits, assignments or authorizations for its exploitation to private corporations.

The president emphasized that lithium is a strategic element for the development of the nation, and its effective exploitation can contribute to economic growth. He said that his administration would work to develop necessary technology to take the best advantage of their lithium, ensuring that it does not harm the health of the population, the environment, or the rights of Indigenous people. He also took the opportunity to reiterate that his administration would review all lithium contracts. He requested that the shareholders and managers of the companies and corporations begin to establish a dialogue with their legal representatives. There is only one lithium mine in Mexico, operated by Chinese firm Ganfeng Lithium, which is slated to produce 35,000 tons of the metal per year starting in 2023. In the coming days, it will be discussed if that will be taken over by the government.

Meanwhile, the right-wing opposition criticized nationalization of lithium. Some legislators from the opposition National Action Party (PAN) and Institutional Revolutionary Party (PRI), who voted against the reform, said that it would severely affect the development in the mining of the metal, arguing that the Mexican government has no experience in mining lithium. Others criticized that it violated the United States-Mexico-Canada Agreement and would bring trade tensions. Nevertheless, the people of Mexico have expressed their approval of the president and his policies. A number of social organizations and trade unions have praised the president and the ruling center-left MORENA party, recalling that the nationalization of lithium in Bolivia during former president Evo Morales' rule helped the country achieve high levels of economic and social growth. "Lithium is considered an important resource due to its importance for the development of batteries used for electric cars," notes the report. "According to data from the US Geological Survey, Mexico has 1.7 million tons of lithium mining reserves."

Arqit says its encryption system can't be broken by quantum computers, but former employees and people outside the company question the relevance of its technology. The Wall Street Journal: A U.K. cybersecurity startup rocketed to a multibillion-dollar valuation when it listed publicly last fall on the promise of making encryption technology that would protect the defense industry, corporations and consumers alike from the prying eyes of next-generation computer systems. Founder and Chief Executive David Williams told investors at the time that his company, Arqit Quantum had an "impressive backlog" of revenue and was ready "for hyperscale growth." But Arqit has given investors an overly optimistic view of its future revenue and the readiness and workability of its signature encryption system, according to former employees and other people familiar with the company, and documents viewed by The Wall Street Journal.

While the company says it has a solution to a quantum-computing security challenge that U.S. intelligence last year said "could be devastating to national security systems and the nation," government cybersecurity experts in the U.S. and the U.K. have cast doubt on the utility of Arqit's system. Arqit's stock price reached its highest level to date of $38.06 on Nov. 30 and has since fallen, to $15.06 on April 14, amid a broad pullback of young tech stocks. When the company secured its Nasdaq listing last autumn, its revenue consisted of a handful of government grants and small research contracts, and its signature product was an early-stage prototype unable to encrypt anything in practical use, according to the people. The encryption technology the company hinges on -- a system to protect against next-generation quantum computers -- might never apply beyond niche uses, numerous people inside and outside the company warned, unless there were a major overhaul of internet protocols. Arqit disputed that its encryption system was only a prototype at the company's market debut. "This was a live production software release and not a demonstration or trial," said a company representative. "It was being used by enterprise customers on that day and subsequently for testing and integration purposes, because they need to build Arqit's software into their products."

"Cryptocurrency has changed the game of cybercrime," argues Vice's Christian Devolu, in a new episode of their video series CRYPTOLAND. "Hackers and cybergangs have been locking down the data of large corporations, police departments, and even hospitals, and demanding ransom — and guess what they're asking for? Cryptocurrency!"

In short, argues an article accompanying the episode, cryptocurrency "gave birth to the ransomware epidemic."

Slashdot reader em1ly shares one highlight from the video: The team visits a school district in Missouri ["just one of around 1,000 U.S. schools hacked last year with ransomware"] that was the victim of a ransomware attack. ["Luckily, the school's backups were not impacted...."]
Another interesting observation from the article: When ransom payments do happen, companies like Chainalysis can track the Bitcoin through the blockchain, identifying the hackers' wallets and collaborating with law enforcement in an attempt to recover the funds or identify the hackers themselves.

UPDATE: Jeff Bezos and Marc Andreessen have now responded to Elon Musk's suggestion to create a homeless shelter out of Twitter's San Francisco headquarters, "since no one shows up anyway."

And at some point over the weekend, Musk also suggested a new way that Twitter could use Dogecoin...

It all started when the newest member of Twitter's board of directors — Elon Musk — began tweeting new ideas for improving Twitter last night. "Everyone who signs up for Twitter Blue (i.e. pays $3/month) should get an authentication checkmark," Musk suggested, adding later that "It would massively expand the verified pool & make bot armies too expensive to maintain." Musk clarified that this checkmark "should be different from 'public figure' or 'official account' checkmark." And he also noted that Twitter Blue subscribers already get special features like a modifiable 20 second time window in which they can edit their tweets.

"And no ads," Musk suggested in another tweet. "The power of corporations to dictate policy is greatly enhanced if Twitter depends on advertising money to survive." Musk later offered suggestions about how to implement that subscription fee, according to the Associated Press. Musk suggested it "should be proportionate to affordability and in local currency."

And he added, "Maybe even an option to pay in Doge?" referring to Dogecoin cryptocurrency.

But moments later Musk tweeted a poll, asking his followers to vote Yes or No to this idea:

Convert Twitter's San Francisco headquarters to a homeless shelter since no one shows up anyway.

Within 16 hours 1,425,937 people had voted "Yes!" — a whopping 91.3% of all votes cast. (Versus just 135,877 votes for "No.")

Sunday night Bloomberg reported that Jeff Bezos, "a fellow billionaire, responded Sunday with a link to a report about an [8-story] homeless shelter attached to an Amazon office building, noting that a portion of Twitter's space could be converted, making it easier for employees who want to volunteer. Musk called the suggestion a "great idea...."

Homelessness is a particularly visible problem at Twitter's headquarters, located in a part of San Francisco where residents have grappled with urban decay and drug addiction.
Silicon valley entrepreneur/investor Marc Andreessen then posted his own three-word reply. Apparently in response to Bezos's suggestion that employees could volunteer more easily if if a portion of their building were a homeless shelter, Andreessen joked, "Every other desk?"

And five hours after Musk's homeless shelter poll, he'd moved on to yet another question, polling his followers for "Yes" or "No" votes on this idea:

Delete the w in Twitter?

Twitter co-founder/former CEO Jack Dorsey made a remarkable statement Saturday on Twitter. "The days of Usenet, IRC, the web...even email (with PGP)...were amazing.

"Centralizing discovery and identity into corporations really damaged the internet.

"I realize I'm partially to blame, and regret it." Within two hours, his statement had been retweeted or quote-tweeted 4,700 times — while his original tweet drew 22,900 likes (and attracted over 2,000 comments). But it's not clear why 45-year-old Dorsey is reflecting nostalgically on 1990s-era bullletin board and chat technologies.

The only thing in the news today about Jack Dorsey is a small blurb from The Information linking to a larger (paywalled) article titled "Jack Dorsey, Marc Andreessen and the Makings of a Crypto Holy War" The war of words, blocks, and memes between Jack Dorsey and Marc Andreessen wasn't only fascinating because of the billionaire egos at play. They really did seem to be grappling with an important question: Is there a superior economic system waiting to be rolled out, and if so, who should control it...? [T]he debate was an important one, with roots in both men's pasts and hints of a continuing war between Dorsey's Bitcoin maximalists and Andreessen's "crypto polyamorists."

Mumbai announced detailed plans to zero out carbon emissions by 2050, a target that puts it two decades ahead of India's national goal and makes it the first city in South Asia to set such a timeline. From a report: In the plan announced Sunday, India's financial center, home to south Asia's biggest corporations, stock bourses and the central bank, has proposed exhaustive changes to the way it manages energy, water, air, waste, green spaces and transport for its 19 million residents. "We don't have the luxury of time," said Aaditya Thackeray, environment minister of the state of Maharashtra of which Mumbai is the capital. Without intervention, the effects of climate change could cost India $35 trillion over the next 50 years. India's richest city, Mumbai is also home to tremendous poverty, with slums and fishing villages along the southern coast that date to British rule. By 2050, rising sea levels are expected to flood those parts of the city. In total, unabated climate change could cost the city $920 million.

Princeton University has a research center studying "digital technologies in public life," which runs a web site with commentary and analysis "from the digital frontier, written by the Center's faculty, students, and friends."

Long-time Slashdot reader theodp summarizes the site's recent warning on the dangers of "philanthrocapitalism," in a piece noting ominously that "The tech industry controls CS conference funding." "Research about the influence of computing technologies, such as artificial intelligence (AI), on society relies heavily upon the financial support of the very companies that produce those technologies," writes Princeton Research Fellow Klaudia Jazwinska of the dangers of 'philanthrocapitalism'. "Corporations like Google, Microsoft, and IBM spend millions of dollars each year to sponsor labs, professorships, PhD programs, and conferences in fields like computer science (CS) and AI ethics at some of the world's top institutions. Industry is the main consumer of academic CS research, and 84% percent of CS professors receive at least some industry funding."

"Relying on large companies and the resources they control can create significant limitations for the kinds of CS research that are proposed, funded and published. The tech industry plays a large hand in deciding what is and isn't worthy of examination, or how issues are framed. [...] The scope of what is reasonable to study is therefore shaped by what is of value to tech companies. There is little incentive for these corporations to fund academic research about issues that they consider more marginal or which don't relate to their priorities."

Jazwinska concludes, "Given the extent of financial entanglement between Big Tech and academia, it might be unrealistic to expect CS scholars to completely resist accepting any industry funding—instead, it may be more practicable to make a concerted effort to establish higher standards for and greater transparency regarding sponsorship.

Walgreens and other retailers replaced some fridge and freezer doors with iPad-like screens, reports CNN. "And some shoppers absolutely hate it." The screens, which were developed by the startup Cooler Screens, use a system of motion sensors and cameras to display what's inside the doors — as well as product information, prices, deals and, most appealing to brands, paid advertisements. The tech provides stores with an additional revenue stream and a way to modernize the shopping experience. But for customers who just want to peek into the freezer and grab their ice cream, Walgreens risks angering them by solving a problem that shoppers didn't know existed. The company wants to engage more people with advertising, but the reaction, so far, is annoyance and confusion.

"Why would Walgreens do this?" one befuddled shopper who encountered the screens posted on TikTok. "Who on God's green earth thought this was a good idea?"

"The digital cooler screens at Walgreens made me watch an ad before it allowed me to know which door held the frozen pizzas," said someone on Twitter....

Walgreens began testing the screens in 2018 and has since expanded the pilot to a couple thousand locations nationwide. Several other major retailers are launching their own tests with Cooler Screens, including Kroger, CVS, GetGo convenience stores and Chevron gas stations. "I hope that we will one day be able to expand across all parts of the store," said Cooler Screens co-founder and CEO Arsen Avakian in an interview with CNN Business. Currently the startup has about 10,000 screens in stores, which are viewed by approximately 90 million consumers monthly, according to the company....

Politifact last month debunked a viral Facebook video that claimed "Walgreens refrigerators are scanning shoppers' hands and foreheads for 'the mark of the beast.'"

Avakian insists the tech is "identity-blind" and protects consumers' privacy. The freezers have front-facing sensors used to anonymously track shoppers interacting with the platform, while internally facing cameras track product inventory...

The items on display don't always match up with what's inside because products are out of stock.....

"This is the future of retail and shopping," Avakian said.
CNN notes that major corporations are backing the company Cooler Screens, which "has raised more than $100 million from backers including Microsoft and Verizon." But long-time Slashdot reader davidwr points out it's been done before. "Some gas stations have had video ads at the pump for years now. I boycott those stations on principle."

And Slashdot reader quonset wonders if we're one step closer to Futurama's vision of a world where advertisers enter our dreams.

theodp writes: In the just-published March 2022 issue Communications of the ACM, former CACM Editor-in-Chief Moshe Y. Vardi takes tech companies -- and their officers and technical leaders -- to task over the societal risk posed by surveillance capitalism in "ACM, Ethics, and Corporate Behavior." Vardi writes: "Surveillance capitalism is perfectly legal, and enormously profitable, but it is unethical, many people believe, including me. After all, the ACM Code of Professional Ethics starts with 'Computing professionals' actions change the world. To act responsibly, they should reflect upon the wider impacts of their work, consistently supporting the public good.' It would be extremely difficult to argue that surveillance capitalism supports the public good."

"The biggest problem that computing faces today is not that AI technology is unethical -- though machine bias is a serious issue -- but that AI technology is used by large and powerful corporations to support a business model that is, arguably, unethical. Yet, with the exception of FAccT, I have seen practically no serious discussion in the ACM community of its relationship with surveillance-capitalism corporations. For example, the ACM Turing Award, ACM's highest award, is now accompanied by a prize of $1 million, supported by Google."

"Furthermore, the issue is not just ACM's relationship with tech companies. We must also consider how we view officers and technical leaders in these companies. Seriously holding members of our community accountable for the decisions of the institutions they lead raises important questions. How do we apply the standard of 'have not committed any action that violates the ACM Code of Ethics and ACM's Core Values' to such people? It is time for us to have difficult and nuanced conversations on responsible computing, ethics, corporate behavior, and professional responsibility."

NBC News tells the story of Rich, a Coca-Cola delivery driver who didn't get a paycheck at Christmas because of a ransomware attack on the payroll company serving Coke's largest distributor.

But then "more than a month after hackers crippled Kronos," paychecks to its employees in Indiana, Ohio and West Virginia "have been sporadic, according to union representatives." Rich, who asked not to be identified by his last name for fear of retaliation from his employer, is among hundreds of workers who deliver Coke products in at least three states who say they're still owed wages — fallout from one of the many ransomware attacks that hit U.S. companies practically every day. Rich, a father of three, said he's had to dip into his savings, which have dwindled down in recent weeks. "They went from $1,100, $1,200 a week to $300, $600," he said of his paychecks. "I got one $300 paycheck, and I called and told them exactly what I needed paid, and they sent me a $46 check...."

"We've got 130 people and they've all got problems," said Max Zemla, the president of the Cleveland-area Teamsters Local 293. "Some are telling me they're not as bad off. I have a guy who's off a thousand dollars. Uses his money for his kid's tuition for school, and he's not able to pay it...."

"The timekeeping vendor Kronos that suffered the attack is in the process of coming back online," [said Josh Gelinas, Coca-Cola Consolidated's vice president of communications February 1st] in an emailed statement. "But, until these digital systems are fully restored, we must continue manually recording work hours for thousands of our teammates. This process is taking longer than we would like and may have resulted in some inconsistencies, but our teammates will be paid for every hour they've worked...."

[NBC reports that a spokesperson for Kronos "noted that the company announced on Jan. 22 that it had finally restored all its services."]

Jeff Combs, the secretary treasurer of Teamsters Local 135 in Indianapolis, said the vast majority of the roughly 200 Coca-Cola Consolidated employees he represents are still owed pay. "Some are still owed as high as $4,700," Combs said.
Rich complains to NBC News that "now my savings have dwindled down because a billion-dollar company can't give you an average paycheck." But it shows ransomware's effects ultimately reach farther than we realize. "It's often assumed that ransomware mainly affects governments and major corporations because it's those incidents that make the news," a ransomware analyst at Emsisoft tells NBC News.

"The reality, however, is that more than half of all ransomware victims are small businesses and individuals. And, unfortunately, they are usually not as well prepared to deal with the problem as larger organizations and probably feel more pain as a result."

At least 26 public corporations are holding bitcoin on their balance sheets, according to data compiled by cryptocurrency analytics firm CoinGecko. Since the price of cryptocurrencies began to plummet in November, they've collectively lost nearly $7 billion. Quartz reports: The price of Bitcoin peaked above $67,000 on Nov. 8, but has since fallen 46%. Corporate crypto holdings for the largest 26 totaled at least $14.7 billion at the height of the rally. As of Jan. 26, they're worth $8 billion. The companies -- which include electric carmaker Tesla, financial services startup Square, and South Korean video game developer Nexon, along with a slew of crypto miners, exchanges, and investment firms -- hold 217,240 bitcoin. That's a little more than 1% of all the bitcoin in the world.

Mail2World hosts mailboxes for 2,150,000 different domains, according to its web site, offering both "free, reliable email for everyone" and a $29.99-a-year "premium" service with a terabyte of storage (instead of the free level's 25 gigabytes), an ad-free inbox, and "premium"-level support.

"We appreciate your understanding as we work to fully restore email service as soon as possible," reads their most-recent tweet — from Thursday.

Slashdot reader C4st13v4n14 is not a happy customer: Since Tuesday evening local time, I haven't been able to access my primary email account. This is an alumni email account I've had for the last 22 years that's tied to all my accounts ranging from not only social media and IOT devices, but also banking, access to health services and contact with local and countrywide government authorities.

My country is highly digitised and virtually everything from taxes to buying or selling a house, paying bills, access to health records and correspondence with hospitals and GPs, driving licences, applying for welfare, and starting a business are online. I don't even get snail mail anymore, everything is sent to a digital mailbox I can access through a browser or app with two-factor authentication. Fortunately, all access control for public-facing services is via two-factor authentication or smartcards with secure certificates for the highly sensitive stuff.

Regardless, the ordeal has been quite distressing as I was unable to find any information about the outage; a little detective work was only giving vague ERR_CONNECTION_RESET and DNS errors. My main thought was that my account had somehow been compromised and even more worryingly, there were no reports online about it. Turning to Reddit, I was able to gather that the provider, Mail2World, had suffered a ransomware attack but had been very uncommunicative about the event. In terms of news coverage, there was basically none. Only one random news site had a short article about it. During the days without access, I was painstakingly moving accounts to my Gmail address and updating contact information for the really important stuff like governmental services. This morning, I got a tip that Jesse over at BlueScreen Computer had reached out to Mail2World and has been documenting the outage.

Since then, some email has started to show up in my mobile app and I'm able to access the web portal again, but I can't help but feel like the damage has been done. This is an account that I pay an annual fee for and have trusted to work until now. I also find being kept in the dark about something so fundamental in today's world like email to be both very concerning and completely unacceptable. In that regard, I'm hoping this will bring some coverage to the event.

I would also like any input you Slashdotters have on migrating to and navigating Gmail. The interface is unfamiliar to an old-school user like me who still uses Eudora to check and save a backup of everything.

By the way, I'd should also like to point out that both POP and SMTP are handled by servers at pangia.biz, and their website has also been unreachable during this. Instead of Gmail, maybe you would recommend a different provider or service altogether? My work email is fortunately completely separate as of a couple years ago and handled by one.com as they host my website. It works, but they aren't anything special really.
It's interesting to imagine the scope of this particular outage. "Our company's growing list of customers includes prominent organizations from around the world," brags the Mail2World web site, "such as publicly-traded corporations, leading academic institutions and some of the largest and most-recognized service providers."

But long-time Slashdot reader OtisSnerd has experienced even worse: This happened with Newsguy.com's email and NNTP offerings back in early September. I had my email address with them for 25 years, and my wife's email for almost 22. It turns out that Newsguy went chapter 7. Luckily we were using pop3 with MS Outlook, so we both still have all the old email. I already had another email account elsewhere, but my wife didn't. Took days to get all her changes made.

"Users of popular open-source libraries 'colors' and 'faker' were left stunned after they saw their applications, using these libraries, printing gibberish data and breaking.." reports BleepingComputer.

"The developer of these libraries intentionally introduced an infinite loop that bricked thousands of projects that depend on 'colors and 'faker'." The colors library receives over 20 million weekly downloads on npm alone, and has almost 19,000 projects depending on it. Whereas, faker receives over 2.8 million weekly downloads on npm, and has over 2,500 dependents....

Yesterday, users of popular open-source projects, such as Amazon's Cloud Development Kit were left stunned on seeing their applications print gibberish messages on their console. These messages included the text 'LIBERTY LIBERTY LIBERTY' followed by a sequence of non-ASCII characters... The developer, named Marak Squires added a "new American flag module" to colors.js library yesterday in version v1.4.44-liberty-2 that he then pushed to GitHub and npm. The infinite loop introduced in the code will keep running indefinitely; printing the gibberish non-ASCII character sequence endlessly on the console for any applications that use 'colors.' Likewise, a sabotaged version '6.6.6' of faker was published to GitHub and npm....

The reason behind this mischief on the developer's part appears to be retaliation — against mega-corporations and commercial consumers of open-source projects who extensively rely on cost-free and community-powered software but do not, according to the developer, give back to the community. In November 2020, Marak had warned that he will no longer be supporting the big corporations with his "free work" and that commercial entities should consider either forking the projects or compensating the dev with a yearly "six figure" salary....

Some dubbed this an instance of "yet another OSS developer going rogue," whereas InfoSec expert VessOnSecurity called the action "irresponsible," stating: "If you have problems with business using your free code for free, don't publish free code. By sabotaging your own widely used stuff, you hurt not only big business but anyone using it. This trains people not to update, 'coz stuff might break."

GitHub has reportedly suspended the developer's account. And, that too, has caused mixed reactions... "Removing your own code from [GitHub] is a violation of their Terms of Service? WTF? This is a kidnapping. We need to start decentralizing the hosting of free software source code," responded software engineer Sergio Gómez.
"While it looks like color.js has been updated to a working version, faker.js still appears to be affected, but the issue can be worked around by downgrading to a previous version (5.5.3)," reports the Verge: Even more curiously, the faker.js Readme file has also been changed to "What really happened with Aaron Swartz...?"

Squires' bold move draws attention to the moral — and financial — dilemma of open-source development, which was likely the goal of his actions.

China will work to become a leading global player in robotics by 2025 under a five-year plan announced Tuesday as it ramps up efforts to build a high-tech manufacturing sector resilient to American sanctions. From a report: Coming amid what is expected to be a drawn-out rivalry with the U.S., the plan seeks to help Chinese technology companies compete on the world stage. It was compiled by the Ministry of Industry and Information Technology and other agencies. The plan targets revenue growth of more than 20% per year for the Chinese robotics industry. Despite reaching the 100 billion yuan ($15.7 billion) mark in 2020, the industry still lags in foundational technologies and manufacturing advanced robots. The government wants to improve the industry's ability to innovate. China will support restructuring efforts and mergers, particularly among large corporations, to create more competitive players. It will also provide financial assistance and strengthen cooperation between industry, academia and government to develop more advanced materials and core components. The plan promotes the diversification of supply chains, which has emerged as a top priority for economic security amid the Sino-American rivalry.

An anonymous reader quotes a report from Popular Science: The Biden administration has pledged to create a carbon-free energy sector by 2035, but because renewable resources generate only around 19 percent of US electricity as of 2020, climate experts warn that our transition to a green grid future needs to speed up. A group of researchers at Stanford led by Mark Jacobson, professor of civil and environmental engineering, has set out to prove that a 100 percent renewable energy grid by 2050 is not only feasible but can be done without any blackouts and at a lower cost than the existing grid. Jacobson is the lead author of a new paper, published in Renewable Energy, which argues that a complete transition to renewable energy -- defined as wind, water, and solar energy -- would benefit the US as a whole and individuals by saving costs, creating jobs, and reducing air pollution and carbon emissions.

They modeled how wind turbines, tidal turbines, geothermal and hydroelectric power plants, rooftop and utility photovoltaic panels, and other sources could generate energy in 2050. A host of different sources powered these projections: Jacobson used data from a weather-climate-air pollution model he first built in 1990, which has been used in numerous simulations since. Individual state and sector energy consumption was taken from the Energy Information Administration. Current fossil fuel energy sources were converted to electric devices that are powered by wind, water, and solar. This was then used to create projections for energy use in 2050. Time-dependent energy supply was matched with demand and storage in a grid integration model for every 30 second interval in 2050 and 2051. The study authors analyzed US regions and countrywide demand until the model produced a solution with what the authors called zero-load loss -- meaning, essentially, no blackouts with 100 percent renewable energy and storage. According to Jacobson, no other study is conducting this kind of modeling, which is unique in part because it checks conditions for any simulation every 30 seconds.

As the cost of renewables falls, researchers predict power companies and consumers will migrate to using renewables. Solar and wind are already half the cost of natural gas. Policy may also motivate adoption -- or hinder it. While the current administration has set out goals for a renewable energy grid, new permits for gas and drilling in the Gulf of Mexico counteract those same efforts. [...] The researchers quantified these benefits by looking at private costs, such as those to individuals or corporations, and social ones, which also include health and climate costs. Zero-emissions leads to few air pollution related deaths and illness, and a reduced toll on the healthcare system. [...] The model cannot address emissions from things like long-distance shipping or aviation, though the authors argue that green hydrogen could be a possible alternative to explore. They did not include nuclear energy or carbon capture, which [Anna-Katharina von Krauland, a PhD candidate in the Atmosphere/Energy program at Stanford and a co-author of the paper] views as "distractions from getting to 100 percent renewable energy as quickly as possible" because the technologies are costly, unproven, or lacking in their promises. "The best path forward would be to invest in what we know works as quickly as we can," she says -- such as wind, water, and solar energy.

RadioShack.com is now showing visitors a new message: "Bringing cryptocurrency to the mainstream..."

With a 100-year-old brand, "we are going to lead the way for blockchain tech to reach mainstream adoption by other large brands."

The RadioShack home page says they'll start with a "symbiosis" with Atlas USV, a community-driven project to build a universal, decentralized/widely accessible DeFi base layer. Atlas USV's "Barter" mechanism lets users purchase third-party tokens and transfer them to Atlas USV's treasury in return for discounted USV tokens. "The Atlas USV treasury can accumulate any crypto asset of its choice with this dynamic...

"Once the liquidity pool surpasses other exchanges' liquidity level in any token pair, our swap efficiency will be unbeatable for that pair...

"Other decentralized exchanges margins on swap fees are our opportunity.... "

Or, as they explain on a more detailed web page, "We intend RadioShack to be the first protocol to pass over into mainstream usage in the history of DeFI," promising that RadioShack DeFi "will become the first to market with a 100 year old brand name that's recognized in virtually all 190+ countries in the world..."

"RadioShack has one objective: Distribution and usage by millions of individuals but possibly more important, by hundreds of blue-chip, large corporations as their gateway into becoming blockchain companies."

Currently there's a sign-up form for a notification when "RADIO token" launches (as well as links to their channels on Discord and Telegram).

Their "Fundamentals" page explains that "It is our hypothesis that the best way for crypto to be more mainstream is for an established brand name in the tech space to lead the way."

The RadioShack brand was purchased In November of 2020 by e-commerce rehabilitator REV, now listed as a collaborator on RadioShack's home page. (Ironically, the "Fundamentals" page also includes RadioShack's Super Bowl ad where there store is taken back by the 1980s.)

The official Twitter feed of Radio Shack now also has the same new tagline: "Bringing Cryptocurrency To The Mainstream."

The Log4Shell exploit "exposes how a vulnerability in a seemingly simple bit of infrastructure code can threaten the security of banks, tech companies, governments, and pretty much any other kind of organization," writes VentureBeat. But the incident also raises some questions: Should large deep-pocketed companies besides Google, which always seems to be heavily involved in such matters, be doing more to support the cause with people and resources?
Long-time Slashdot reader frank_adrian314159 shares a related article from a programming author on Dev.To, who'd read hot takes like "Open source needs to grow the hell up." and "Open source' is broken". [T]he log4j developers had this massive security issue dumped in their laps, with the expectation that they were supposed to fix it. How did that happen? How did a group of smart, hard-working people get roped into a thankless, high-pressure situation with absolutely no upside for themselves...?

It is this communal mythology I want to talk about, this great open source brainwashing that makes maintainers feel like they need to go above and beyond publishing source code under an open source license — that they need to manage and grow a community, accept contributions, fix issues, follow vulnerability disclosure best practices, and many other things...

In reality what is happening, is that open source maintainers are effectively unpaid outsourcing teams for giant corporations.
The log4j exploit was first reported by an engineer at Alibaba — a corporation with a market capitalization of $348 billion — so the article wonders what would happen if log4j's team had sent back a bill for the time they'd spend fixing the bug.

Some additional opinions (via the "This Week in Programming" column):

• PuTTY maintainer Andrew Ducker: "The internet (and many large companies) are dependent on software maintained by people in their spare time, for free. This may not be sustainable."

• Filippo Valsorda, a Go team member at Google: "The role of Open Source maintainer has failed to mature from a hobby into a proper profession... The status quo is unsustainable.... GitHub Sponsors and Patreon are a nice way to show gratitude, but they are an extremely unserious compensation structure."

Valsorda hopes to eventually see "a whole career path with an onramp for junior maintainers, including training, like a real profession."

Gizmodo's David Nield explains what Web3 is, what it will mean for the future, and how exactly the third-generation internet differs from the first two. An anonymous reader shares an excerpt from his report: Let's cut to the chase: For Web3 evangelists, it's a revolution; for skeptics, it's an overhyped house of cards that doesn't stand up to much scrutiny. [...] As you might remember if you're of a certain age, Web 1.0 was the era of static webpages. Sites displayed news and information, and maybe you had your own little corner of the World Wide Web to show off your personal interests and hobbies. Images were discouraged -- they took up too much bandwidth -- and video was out of the question. With the dawn of the 21st century, Web 1.0 gave way to Web 2.0 -- a more dynamic, editable, user-driven internet. Static was out and webpages became more interactive and app-like (see Gmail, for example). Many of us signed up for social media accounts and blogs that we used to put our own content on the web in vast amounts. Images and video no longer reduced sites to a crawl, and we started sharing them in huge numbers. And now the dawn of Web3 is upon us. People define it in a few different ways, but at its core is the idea of decentralization, which we've seen with cryptocurrencies (key drivers of Web3). Rather than Google, Apple, Microsoft, Amazon, and Facebook (sorry, Meta) hoarding everything, the internet will supposedly become more democratized.

Key to this decentralization is blockchain technology, which creates publicly visible and verifiable ledgers of record that can be accessed by anyone, anywhere. The blockchain already underpins Bitcoin and other cryptocurrencies, as well as a number of fledging technologies, and it's tightly interwoven into the future vision of everything that Web3 promises. The idea is that everything you do, from shopping to social media, is handled through the sane secure processes, with both more privacy and more transparency baked in. In some ways, Web3 is a mix of the two eras that came before it: The advanced, dynamic, app-like tech of the modern web, combined with the decentralized, user-driven philosophy that was around at the start of the internet, before billion- and trillion-dollar corporations owned everything. Web3 shifts the power dynamic from the giant tech entities back to the users -- or at least that's the theory.

In its current form, Web3 rewards users with tokens, which will eventually be used in a variety of ways, including currency or as votes to influence the future of technology. In this brave new world, the value generated by the web will be shared out between many more users and more companies and more services, with much-improved interoperability. NFTs are closely linked to the Web3 vision. [...] For our purposes here, the link between cryptocurrencies, NFTs, and Web3 is the foundation: the blockchain. Throw in some artificial intelligence and some machine learning to do everything from filter out unnecessary data to spot security threats, and you've got just about every emerging digital technology covered with Web3. Right now Ethereum is the blockchain attracting the most Web3 interest (it supports both a cryptocurrency and an NFT system, and you can do everything from make a payment through it to build an app on it).

An anonymous reader quotes a report from Motherboard: Dr. Garry Nolan is a Professor of Pathology at Stanford University. His research ranges from cancer to systems immunology. Dr. Nolan has also spent the last ten years working with a number of individuals analyzing materials from alleged Unidentified Aerial Phenomenon. His robust resume -- 300 research articles, 40 US patents, founding of eight biotech companies, and honored as one of Stanford's top 25 inventors -- makes him, easily, one of the most accomplished scientists publicly studying UAPs. Motherboard sat down with Garry to discuss his work. It has been edited for length and clarity. Motherboard's Thobey Campion starts by asking Dr. Nolan how he first became interested in UAPs. I've always been an avid reader of science fiction, so it was natural at some point that when YouTube videos about UFOs began to make the rounds I might watch a few. I noticed that this guy at the time, Steven Greer, had claimed that a little skeleton might be an alien. I remember thinking, 'Oh, I can prove or disprove that.' And so I reached out to him. I eventually showed that it wasn't an alien, it was human. We explain a fair amount about why it looked the way it did. It had a number of mutations in skeletal genes that could potentially explain the biology. The UFO community didn't like me saying that. But you know, the truth is in the science. So, I had no problem just stating the facts. We published a paper and it ended up going worldwide. It was on the front page of just about every major newspaper. What's more appealing or clickbait than 'Stanford professor sequences alien baby'?

That ended up bringing me to the attention of some people associated with the CIA and some aeronautics corporations. At the time, they had been investigating a number of cases of pilots who'd gotten close to supposed UAPs and the fields generated by them, as was claimed by the people who showed up at my office unannounced one day. There was enough drama around the Atacama skeleton that I had basically decided to forswear all continued involvement in this area. Then these guys showed up and said, 'We need you to help us with this because we want to do blood analysis and everybody says that you've got the best blood analysis instrumentation on the planet.' Then they started showing the MRIs of some of these pilots and ground personnel and intelligence agents who had been damaged. The MRIs were clear. You didn't even have to be an MD to see that there was a problem. Some of their brains were horribly, horribly damaged. And so that's what kind of got me involved. Dr. Nolan expanded on the MRIs, saying they resemble the white matter disease, or scarring, that occurs with multiple sclerosis, with the symptomology that's basically identical to what's now called Havana syndrome. "That still left individuals who had seen UAPs. They didn't have Havana syndrome. They had a smorgasbord of other symptoms."

When asked if there's anything man-made that might have this impact on the brain, Dr. Nolan said: "The only thing I can imagine is you're standing next to an electric transformer that's emitting so much energy that you're basically getting burned inside your body."

As for the UAP fragments, Dr. Nolan said some of the objects are "nondescript," and just "lumps of metal" with nothing particularly unusual about them "except that everywhere you look in the metal, the composition is different, which is odd." He added: "The common thing about all the materials that I've looked at so far, and there's about a dozen, is that almost none of them are uniform. They're all these hodgepodge mixtures. Each individual case will be composed of a similar set of elements, but they will be inhomogeneous."

Of the 10 or 12 UAP fragments he's looked at, "two seem to be not playing by our rules," he says. "That doesn't mean that they're levitating, on my desk or anything, it just means that they have altered isotope ratios."

You can read the full Q&A here.

Before this year, no one worried too much about the global supply chain, beyond specialists in the field. The role of developing nations like Malaysia or the Philippines warranted little attention. From a report: But the coronavirus outbreak has been a wake-up call for chief executives, prime ministers and consumers around the world, as shortages disrupted production of everything from iPhones and F-150 pickups to Nike sneakers. The tragedy in Muar shows the little-understood human cost of keeping supply chains running in a pandemic. While politicians in Washington and Paris urge suppliers to step up production of semiconductors and government officials in countries like Malaysia give special exemptions to powerful corporations, employees like Hani put their lives at risk.

The duty of the government is to look after the workers' interest more than the country's or the companies' interest," said Zaid Ibrahim, a former law minister in Malaysia. "Of the three -- the government, companies and workers -- the most vulnerable are the workers. I wish we could have avoided these tragedies." Malaysia is a case study in the conflict between people and profit. The government spent decades attracting foreign investment and diversifying its economy beyond rubber and tin. The country now accounts for 13% of the world's chip testing and packaging, a key step in producing the semiconductors that go into automobiles, smartphones and other devices. Some 575,000 people were employed in the electrical and electronics industry in 2020, working with global chipmakers such as STMicro, Infineon Technologies AG, Intel Corp. and Renesas Electronics.