"The distant reaches of the Solar System are still mysterious," writes ScienceAlert. "Not much sunlight pierces these regions, and there are strong hints that undiscovered objects lurk there. The objects that astronomers have discovered in these dim reaches are primordial, and their orbits suggest the presence of more undiscovered objects."

And now thanks to the giant 8.2-meter Subaru telescope at Hawaii's Mauna Kea Observatory, astronomers have discovered "a massive new solar system body located beyond the orbit of Pluto," reports Space.com. The weird elongated orbit of the object suggests that if "Planet Nine" exists, it is much further from the sun than thought, or it has been ejected from our planetary system altogether.

The strange orbit of the object, designated 2023 KQ14 and nicknamed "Ammonite," classifies it as a "sednoid." Sednoids are bodies beyond the orbit of the ice giant Neptune, known as trans-Neptunian objects (TNOs), characterized by a highly eccentric (non-circular) orbit and a distant closest approach to the sun or "perihelion." The closest distance that 2023 KQ14 ever comes to our star is equivalent to 71 times the distance between Earth and the sun... This is just the fourth known sednoid, and its orbit is currently different from that of its siblings, though it seems to have been stable for 4.5 billion years.

However, the team behind the discovery, made using Subaru Telescope as part of the Formation of the Outer Solar System: An Icy Legacy (FOSSIL) survey, thinks that all four sednoids were on similar orbits around 4.2 billion years ago. That implies something dramatic happened out at the edge of the solar system around 400 million years after its birth. Not only does the fact that 2023 KQ14 now follows a unique orbit suggest that the outer solar system is more complex and varied than previously thought, but it also places limits on a hypothetical "Planet Nine" theorized to lurk at the edge of the solar system.
There's "no viable transfer mechanisms" to explain the observed orbits "with the current configuration of planets," according to the team's recently-published paper. But since those orbits are stable, it "suggests that an external gravitational influence beyond those of the currently known Solar System planets is required to form their orbits." So where does that leave us? ScienceAlert summarizes the rest of the paper — and where things stand now: Astronomers have proposed many sources for this external gravitational influence, including interactions with a rogue planet or star, ancient stellar interactions from when the Sun was still in its natal cluster, and the capture of objects from other lower-mass stars in the Solar System's early times. But the explanation that gets the most attention is interactions with a hypothetical planet, Planet Nine.

If Planet Nine exists, it has a huge area to hide in. Some astronomers who have studied its potential existence think it could be the fifth largest planet in the Solar System. It would be so far away that it would be extremely dim. However, we may be on the cusp of detecting it, if it exists. The Vera Rubin Observatory recently saw first light and will begin its decade-long Legacy Survey of Space and Time (LSST). The LSST will find transient events and objects in the Solar System like no other telescope before it. It's purpose-built to find hard-to-detect objects, and not even an elusive object like Planet Nine may be able to hide from it.

An anonymous reader quotes a report from ZDNet: The Linux Foundation announced at the Open Source Summit in Denver that it will now host the Agent2Agent (A2A) protocol. Initially developed by Google and now supported by more than 100 leading technology companies, A2A is a crucial new open standard for secure and interoperable communication between AI agents. In his keynote presentation, Mike Smith, a Google staff software engineer, told the conference that the A2A protocol has evolved to make it easier to add custom extensions to the core specification. Additionally, the A2A community is working on making it easier to assign unique identities to AI agents, thereby improving governance and security.

The A2A protocol is designed to solve one of AI's most pressing challenges: enabling autonomous agents -- software entities capable of independent action and decision-making -- to discover each other, securely exchange information, and collaborate across disparate platforms, vendors, and frameworks. Under the hood, A2A does this work by creating an AgentCard. An AgentCard is a JavaScript Object Notation (JSON) metadata document that describes its purpose and provides instructions on how to access it via a web URL. A2A also leverages widely adopted web standards, such as HTTP, JSON-RPC, and Server-Sent Events (SSE), to ensure broad compatibility and ease of integration. By providing a standardized, vendor-neutral communication layer, A2A breaks down the silos that have historically limited the potential of multi-agent systems.

For security, A2A comes with enterprise-grade authentication and authorization built in, including support for JSON Web Tokens (JWTs), OpenID Connect (OIDC), and Transport Layer Security (TLS). This approach ensures that only authorized agents can participate in workflows, protecting sensitive data and agent identities. While the security foundations are in place, developers at the conference acknowledged that integrating them, particularly authenticating agents, will be a hard slog. Antje Barth, an Amazon Web Services (AWS) principal developer advocate for generative AI, explained what the adoption of A2A will mean for IT professionals: "Say you want to book a train ride to Copenhagen, then a hotel there, and look maybe for a fancy restaurant, right? You have inputs and individual tasks, and A2A adds more agents to this conversation, with one agent specializing in hotel bookings, another in restaurants, and so on. A2A enables agents to communicate with each other, hand off tasks, and finally brings the feedback to the end user."

Jim Zemlin, executive director of the Linux Foundation, said: "By joining the Linux Foundation, A2A is ensuring the long-term neutrality, collaboration, and governance that will unlock the next era of agent-to-agent powered productivity." Zemlin expects A2A to become a cornerstone for building interoperable, multi-agent AI systems.

The Louvre Museum will discontinue its use of Nintendo 3DS XL consoles as audio guides by September 2025, replacing them with a new system. NintendoSoup reports: For several years the Louvre has been using specially dedicated New Nintendo 3DS XL consoles to give visitors an audio guided tour of the famous museum. According to the museum's official website however, it seems that the program will be discontinued in September 2025, to be replaced by a new system.

Presumably, this is due to Nintendo slowly phasing out the Nintendo 3DS line in general, having stopped supporting repairs for the console in a few countries. The consoles used by the Louvre would have broken down sooner or later, necessitating a change if they could no longer be sent in for repairs. At the time of this writing, it is not known what will become of the unique special edition consoles that were being used for this purpose.

"While general-purpose languages like Python, C++, and Java remain popular in AI development," writes VentureBeat, "the resurgence of AI-first languages signifies a recognition that AI's unique demands require specialized languages tailored to the domain's specific needs... designed from the ground up to address the specific needs of AI development." Bend, created by Higher Order Company, aims to provide a flexible and intuitive programming model for AI, with features like automatic differentiation and seamless integration with popular AI frameworks. Mojo, developed by Modular AI, focuses on high performance, scalability, and ease of use for building and deploying AI applications. Swift for TensorFlow, an extension of the Swift programming language, combines the high-level syntax and ease of use of Swift with the power of TensorFlow's machine learning capabilities...

At the heart of Mojo's design is its focus on seamless integration with AI hardware, such as GPUs running CUDA and other accelerators. Mojo enables developers to harness the full potential of specialized AI hardware without getting bogged down in low-level details. One of Mojo's key advantages is its interoperability with the existing Python ecosystem. Unlike languages like Rust, Zig or Nim, which can have steep learning curves, Mojo allows developers to write code that seamlessly integrates with Python libraries and frameworks. Developers can continue to use their favorite Python tools and packages while benefiting from Mojo's performance enhancements... It supports static typing, which can help catch errors early in development and enable more efficient compilation... Mojo also incorporates an ownership system and borrow checker similar to Rust, ensuring memory safety and preventing common programming errors. Additionally, Mojo offers memory management with pointers, giving developers fine-grained control over memory allocation and deallocation...

Mojo is conceptually lower-level than some other emerging AI languages like Bend, which compiles modern high-level language features to native multithreading on Apple Silicon or NVIDIA GPUs. Mojo offers fine-grained control over parallelism, making it particularly well-suited for hand-coding modern neural network accelerations. By providing developers with direct control over the mapping of computations onto the hardware, Mojo enables the creation of highly optimized AI implementations.

According to Mojo's creator, Modular, the language has already garnered an impressive user base of over 175,000 developers and 50,000 organizations since it was made generally available last August. Despite its impressive performance and potential, Mojo's adoption might have stalled initially due to its proprietary status. However, Modular recently decided to open-source Mojo's core components under a customized version of the Apache 2 license. This move will likely accelerate Mojo's adoption and foster a more vibrant ecosystem of collaboration and innovation, similar to how open source has been a key factor in the success of languages like Python.

Developers can now explore Mojo's inner workings, contribute to its development, and learn from its implementation. This collaborative approach will likely lead to faster bug fixes, performance improvements and the addition of new features, ultimately making Mojo more versatile and powerful.
The article also notes other languages "trying to become the go-to choice for AI development" by providing high-performance execution on parallel hardware. Unlike low-level beasts like CUDA and Metal, Bend feels more like Python and Haskell, offering fast object allocations, higher-order functions with full closure support, unrestricted recursion and even continuations. It runs on massively parallel hardware like GPUs, delivering near-linear speedup based on core count with zero explicit parallel annotations — no thread spawning, no locks, mutexes or atomics. Powered by the HVM2 runtime, Bend exploits parallelism wherever it can, making it the Swiss Army knife for AI — a tool for every occasion...

The resurgence of AI-focused programming languages like Mojo, Bend, Swift for TensorFlow, JAX and others marks the beginning of a new era in AI development. As the demand for more efficient, expressive, and hardware-optimized tools grows, we expect to see a proliferation of languages and frameworks that cater specifically to the unique needs of AI. These languages will leverage modern programming paradigms, strong type systems, and deep integration with specialized hardware to enable developers to build more sophisticated AI applications with unprecedented performance. The rise of AI-focused languages will likely spur a new wave of innovation in the interplay between AI, language design and hardware development. As language designers work closely with AI researchers and hardware vendors to optimize performance and expressiveness, we will likely see the emergence of novel architectures and accelerators designed with these languages and AI workloads in mind. This close relationship between AI, language, and hardware will be crucial in unlocking the full potential of artificial intelligence, enabling breakthroughs in fields like autonomous systems, natural language processing, computer vision, and more.

The future of AI development and computing itself are being reshaped by the languages and tools we create today.
In 2017 Modular AI's founder Chris Lattner (creator of the Swift and LLVM) answered questions from Slashdot readers.

Breached web sites distribute malware to visitors by claiming they need to update their browser. But one group of attackers "have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement," reports security researcher Brian Krebs.

"By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain." [W]hen Cloudflare blocked those accounts the attackers began storing their malicious files as cryptocurrency transactions in the Binance Smart Chain (BSC), a technology designed to run decentralized apps and "smart contracts," or coded agreements that execute actions automatically when certain conditions are met. Nati Tal, head of security at Guardio Labs, the research unit at Tel Aviv-based security firm Guardio, said the malicious scripts stitched into hacked WordPress sites will create a new smart contract on the BSC Blockchain, starting with a unique, attacker-controlled blockchain address and a set of instructions that defines the contract's functions and structure. When that contract is queried by a compromised website, it will return an obfuscated and malicious payload.

"These contracts offer innovative ways to build applications and processes," Tal wrote along with his Guardio colleague Oleg Zaytsev. "Due to the publicly accessible and unchangeable nature of the blockchain, code can be hosted 'on-chain' without the ability for a takedown." Tal said hosting malicious files on the Binance Smart Chain is ideal for attackers because retrieving the malicious contract is a cost-free operation that was originally designed for the purpose of debugging contract execution issues without any real-world impact. "So you get a free, untracked, and robust way to get your data (the malicious payload) without leaving traces," Tal said.

In response to questions from KrebsOnSecurity, the BNB Smart Chain (BSC) said its team is aware of the malware abusing its blockchain, and is actively addressing the issue. The company said all addresses associated with the spread of the malware have been blacklisted, and that its technicians had developed a model to detect future smart contracts that use similar methods to host malicious scripts. "This model is designed to proactively identify and mitigate potential threats before they can cause harm," BNB Smart Chain wrote. "The team is committed to ongoing monitoring of addresses that are involved in spreading malware scripts on the BSC. To enhance their efforts, the tech team is working on linking identified addresses that spread malicious scripts to centralized KYC [Know Your Customer] information, when possible."

Friday America's Department of Energy announced plans to re-purpose some of the land it owns — "portions of which were previously used in the nation's nuclear weapons program" — for generating clean energy. They'll be leasing them out for "utility-scale clean energy projects" in an initiative called "Cleanup to Clean Energy."

The agency has identified 70,000 acres for potential development, in New Mexico, Nevada, South Carolina, Idaho, and Washington: "We are going to transform the lands we have used over decades for nuclear security and environmental remediation by working closely with tribes and local communities together with partners in the private sector to build some of the largest clean energy projects in the world," said U.S. Secretary of Energy Jennifer M. Granholm. "Through the Cleanup to Clean Energy initiative, the Department of Energy will leverage areas that were previously used to protect our national security and will repurpose them to the same end — this time, generating clean energy that will help save the planet and protect our energy independence."
The announcement notes that in December 2021, President Biden directed U.S. federal agencies to "authorize use of their real property assets, including land for the development of new clean electricity generation and storage through leases, grants, permits, or other mechanisms."

"As the leading Federal agency on clean energy research and development, DOE has both a unique opportunity and a clear responsibility to lead by example and identify creative solutions to achieve the President's mandate."

Researchers have discovered a clever piece of malware that stealthily exfiltrates data and executes malicious code from Windows systems by abusing a feature in Microsoft Internet Information Services (IIS). From a report: IIS is a general-purpose web server that runs on Windows devices. As a web server, it accepts requests from remote clients and returns the appropriate response. In July 2021, network intelligence company Netcraft said there were 51.6 million instances of IIS spread across 13.5 million unique domains. IIS offers a feature called Failed Request Event Buffering that collects metrics and other data about web requests received from remote clients. Client IP addresses and port and HTTP headers with cookies are two examples of the data that can be collected. FREB helps administrators troubleshoot failed web requests by retrieving ones meeting certain criteria from a buffer and writing them to disk. The mechanism can help determine the cause of 401 or 404 errors or isolate the cause of stalled or aborted requests.

Criminal hackers have figured out how to abuse this FREB feature to smuggle and execute malicious code into protected regions of an already compromised network. The hackers can also use FREB to exfiltrate data from the same protected regions. Because the technique blends in with legitimate eeb requests, it provides a stealthy way to further burrow into the compromised network. The post-exploit malware that makes this possible has been dubbed Frebniis by researchers from Symantec, who reported on its use on Thursday. Frebniis first ensures FREB is enabled and then hijacks its execution by injecting malicious code into the IIS process memory and causing it to run. Once the code is in place, Frebniis can inspect all HTTP requests received by the IIS server.

The National Institute of Standards and Technology (NIST) announced that ASCON is the winning bid for the "lightweight cryptography" program to find the best algorithm to protect small IoT (Internet of Things) devices with limited hardware resources. BleepingComputer reports: ASCON was selected as the best of the 57 proposals submitted to NIST, several rounds of security analysis by leading cryptographers, implementation and benchmarking results, and feedback received during workshops. The whole program lasted for four years, having started in 2019. NIST says all ten finalists exhibited exceptional performance that surpassed the set standards without raising security concerns, making the final selection very hard.

ASCON was eventually picked as the winner for being flexible, encompassing seven families, energy efficient, speedy on weak hardware, and having low overhead for short messages. NIST also considered that the algorithm had withstood the test of time, having been developed in 2014 by a team of cryptographers from Graz University of Technology, Infineon Technologies, Lamarr Security Research, and Radboud University, and winning the CAESAR cryptographic competition's "lightweight encryption" category in 2019.

Two of ASCON's native features highlighted in NIST's announcement are AEAD (Authenticated Encryption with Associated Data) and hashing. AEAD is an encryption mode that provides confidentiality and authenticity for transmitted or stored data, combining symmetric encryption and MAC (message authentication code) to prevent unauthorized access or tampering. Hashing is a data integrity verification mechanism that creates a string of characters (hash) from unique inputs, allowing two data exchange points to validate that the encrypted message has not been tampered with. Despite ASCON's lightweight nature, NIST says the scheme is powerful enough to offer some resistance to attacks from powerful quantum computers at its standard 128-bit nonce. However, this is not the goal or purpose of this standard, and lightweight cryptography algorithms should only be used for protecting ephemeral secrets. For more details on ASCON, check the algorithm's website, or read the technical paper (PDF) submitted to NIST in May 2021.

"Around 20% of people who survive cardiopulmonary resuscitation (CPR) after cardiac arrest may describe lucid experiences of death that occurred while they were seemingly unconscious and on the brink of death," reports SciTechDaily.

"This is according to new research led by investigators at NYU Grossman School of Medicine and elsewhere." Long-time Slashdot reader InfiniteZero shared their report: Included in the study were 567 men and women whose hearts stopped beating while hospitalized and who received CPR between May 2017 and March 2020 in the United States and the United Kingdom.... Survivors reported having unique lucid experiences, including a perception of separation from the body and observing events without pain or distress. They also reported a meaningful evaluation of life, including of their actions, intentions, and thoughts toward others. The researchers found these experiences of death to be different from hallucinations, dreams, delusions, illusions, or CPR-induced consciousness.

Tests for hidden brain activity were also included in the research. A key finding was the discovery of spikes of brain activity, including so-called gamma, delta, theta, alpha, and beta waves up to an hour into CPR. Some of these brain waves normally occur when people are conscious and performing higher mental functions, including thinking, memory retrieval, and conscious perception. "These recalled experiences and brain wave changes may be the first signs of the so-called near-death experience, and we have captured them for the first time in a large study," says Sam Parnia, MD, PhD, the lead study investigator and an intensive care physician, who is also an associate professor in the Department of Medicine at NYU Langone Health, as well as the organization's director of critical care and resuscitation research."Our results offer evidence that while on the brink of death and in a coma, people undergo a unique inner conscious experience, including awareness without distress...."

"These lucid experiences cannot be considered a trick of a disordered or dying brain, but rather a unique human experience that emerges on the brink of death," says Parnia. As the brain is shutting down, many of its natural braking systems are released. Known as disinhibition, this provides access to the depths of a person's consciousness, including stored memories, thoughts from early childhood to death, and other aspects of reality. While no one knows the evolutionary purpose of this phenomenon, it clearly reveals "intriguing questions about human consciousness, even at death," says Parnia.

An anonymous reader quotes a report from Ars Technica: Velcro is an ingenious hook-and-loop fastener inspired by nature -- specifically, cockleburs. Now scientists at the Italian Institute of Technology are returning the favor. They have created the first biodegradable Velcro -- inspired by climbing plants -- and used it to build small devices to help monitor the health of crop plants and deliver pesticides and medicines as needed, according to a November paper published in the journal Communications Materials. [...] Co-author Isabella Fiorello and her colleagues were interested in developing innovative new technologies for monitoring plants in situ to detect disease, as well as delivering various substances to plants. However, few such devices can be attached directly to plant leaves without damaging them. The best current options are sensors attached with chemical glues, or with clips. There are also micro-needle-based patches under development able to penetrate leaves for disease detection. Fiorello et al. found inspiration in the common catchweed plant (Galium aparine). It can form dense, tangled mats on the ground, and while the plants can grow up to six feet, they can't stand on their own and instead must use other plants for support. For this purpose, catchweed plants rely on a "unique parasitic ratchet-like anchoring mechanism to climb over host plants, using microscopic hooks for mechanical interlocking to leaves," the authors wrote.

The Italian team closely studied that micro-hook structure and then used a high-resolution 3D printer to create artificial versions, using various materials -- including photosensitive and biodegradable materials made from a sugar-like substance known as isomalt. Their artificial reproductions proved quite capable of attaching to many different plant species, just like their natural counterparts. As an initial application, the team designed a device that could penetrate a plant cuticle with minimal invasiveness, thereby enabling the plant to be monitored and treated, if necessary. The isomalt microhooks attach to the vascular system of leaves and then dissolve inside, because isomalt is soluble. Fiorello et al.'s experiments demonstrated that their artificial micro hooks can be used as a plaster for targeted, controlled release of pesticides, bactericides, or pharmaceuticals onto the leaves. This would greatly reduce the need for broad application of pesticides. And since the plaster dissolves once it's applied, there is no additional waste.

The team also printed hooks made out of a photosensitive resin and assembled them together with sensors for light, temperature, and humidity to make intelligent clips to enable wireless monitoring of the plant's heath. The clips attach to individual leaves, transmitting data wirelessly thanks to customized computer software. The prototype proved resistant to windy conditions and was capable of making real-time measurements for up to 50 days. The devices could be used for small-scale botanical applications, or they could be scaled up. For instance, farmers could distribute many such devices to better map and monitor wide cultivation areas, according to the authors. Finally, Fiorello et al. developed a micro-robotic system capable of moving over the surface of leaves using micro steps, copying the ratchet-like motion of the catchweed plant. Similar actuation mechanisms have previously been demonstrated in Stanford University's SpinyBot -- capable of scaling hard, flat surfaces thanks to arrays of miniature spines on its feet -- and the University of California, Berkeley's CLASH robots, which are capable of climbing up loose suspended cloth surfaces, like curtains.

Apple has allowed app developers to collect data from its 1 billion iPhone users for targeted advertising, in an unacknowledged shift that lets companies follow a much looser interpretation of its controversial privacy policy. Financial Times: In May Apple communicated its privacy changes to the wider public, launching an advert that featured a harassed man whose daily activities were closely monitored by an ever-growing group of strangers. When his iPhone prompted him to "Ask App Not to Track," he clicked it and they vanished. Apple's message to potential customers was clear -- if you choose an iPhone, you are choosing privacy.

But seven months later, companies including Snap and Facebook have been allowed to keep sharing user-level signals from iPhones, as long as that data is anonymised and aggregated rather than tied to specific user profiles. For instance Snap has told investors that it plans to share data from its 306m users -- including those who ask Snap "not to track" -- so advertisers can gain "a more complete, real-time view" on how ad campaigns are working. Any personally identifiable data will first be obfuscated and aggregated. Similarly, Facebook operations chief Sheryl Sandberg said the social media group was engaged in a "multiyear effort" to rebuild ad infrastructure "using more aggregate or anonymised data."

These companies point out that Apple has told developers they "may not derive data from a device for the purpose of uniquely identifying it." This means they can observe "signals" from an iPhone at a group level, enabling ads that can still be tailored to "cohorts" aligning with certain behaviour but not associated with unique IDs. This type of tracking is becoming the norm.

Car buyers are discovering that supply chain constraints "have thrusted prices upwards considerably for new and used vehicles alike," notes Jalopnik.

But while last month Fortune ran an article headlined "Chipmakers to carmakers: Time to get out of the semiconductor Stone Age," Jalopnik argues it's not that simple. The implication here is that the auto industry is far too reliant on archaic tech that isn't applicable to other consumer tech fields. It's now finally reckoning with its reluctance to change, and only a fool would invest in shops to pump out the outdated silicon cars require. But is that a fair assessment? As Fortune notes in its own piece, there are reasons why carmakers — some of the largest corporations in the world — choose the chips they do. The comparison to smartphones is moot... The potential ramifications of a glitch in a metal box traveling at many miles per hour are a little more severe. That's especially true if you're talking about modern vehicles with driver-assist functions...

I asked some auto industry veterans to weigh in... What automakers require is somewhat at odds with what chipmakers prefer and are tooled to produce: smaller, more densely packed chips, that can be manufactured at lower cost and yield more units.... However, to suggest as [Intel CEO] Gelsinger did that the burden to adapt should fall squarely on automakers simplifies the issue. General purpose chipmakers don't seem to grasp the unique challenges of the automotive sector — something that became clear to me after chatting with Jon M. Quigley, Society of Automotive Engineers member and columnist at Automotive Industries. "Qualifying a product, specifically testing activities, are costly and requires time, talent, and equipment," Quigley said. "Some of the test equipment requirements are expensive and often not on hand at the OEM but will require an external lab, and booking time at this lab can be a long lead time activity, and is necessary for certain product certifications. Depending upon the vehicle system commonality, this testing might have to be performed on multiple vehicle platforms. Making changes to an existing product, changing an integrated circuit that only has the difference in the manufacturing processes would still require this sort of testing. Unless there are some compelling associated cost improvements to recoup the investment, this is not very plausible."

It's easy for those of us on the outside to miss the many steps of validation automotive components are required to go through before they end up in what we drive. Ultimately, carmakers don't care how small or new a chip is; all that matters is that it works for its intended purpose and is properly vetted... Chipmakers want as much miniaturization as possible to maximize production efficiency, automakers need significant lead time to make sure a chip will work for them. Each industry has reasons for operating the way it does. That doesn't change the fact that someone's going to have to budge to address this shortfall....

Over time, the transition to newer technology may naturally happen, but certainly not quickly enough to Band-Aid the snags of the present moment. That doesn't give anyone a single, solitary scapegoat, and it's not the easy answer anyone likely wants to hear — not prospective shoppers, not automakers and not the CEO of Intel. But it's the most realistic answer nonetheless.
In the meantime, one analyst that Jalopnik spoke to predicted automakers will try strategic partnerships with chipmakers — that is, "find ways to own or control more of the chip supply base going forward by partnering with ASIC design companies who do similar design service for networking companies."

Scientific papers containing lots of specialized terminology are less likely to be cited by other researchers. The New York Times reports: Polje, nappe, vuggy, psammite. Some scientists who study caves might not bat an eye, but for the rest of us, these terms might as well be ancient Greek. Specialized terminology isn't unique to the ivory tower -- just ask a baker about torting or an arborist about bracts, for example. But it's pervasive in academia, and now a team of researchers has analyzed jargon in a set of over 21,000 scientific manuscripts. They found that papers containing higher proportions of jargon in their titles and abstracts were cited less frequently by other researchers. Science communication -- with the public but also among scientists -- suffers when a research paper is packed with too much specialized terminology, the team concluded. These results were published Wednesday in Proceedings of the Royal Society B.

Jargon can be a problem, but it also serves a purpose, said Hillary Shulman, a communications scientist at Ohio State University. "As our ideas become more refined, it makes sense that our concepts do too." This language-within-a-language can be a timesaver, a way to precisely convey meaning, she said. However, it also runs the risk of starkly reminding people -- even some well-educated researchers -- that they aren't "in the know." "It's alienating," said Dr. Shulman.

The Internet Archive: The Internet Archive has reached a new milestone: 2 million. That's how many modern books are now in its lending collection -- available free to the public to borrow at any time, even from home. "We are going strong," said Chris Freeland, a librarian at the Internet Archive and director of the Open Libraries program. "We are making books available that people need access to online, and our patrons are really invested. We are doing a library's work in the digital era." The lending collection is an encyclopedic mix of purchased books, ebooks, and donations from individuals, organizations, and institutions. It has been curated by Freeland and other librarians at the Internet Archive according to a prioritized wish list that has guided collection development. The collection has been purpose-built to reach a wide base of both public and academic library patrons, and to contain books that people want to read and access online -- titles that are widely held by libraries, cited in Wikipedia and frequently assigned on syllabi and course reading lists.

"The Internet Archive is trying to achieve a collection reflective of great research and public libraries like the Boston Public Library," said Brewster Kahle, digital librarian and founder of the Internet Archive, who began building the diverse library more than 20 years ago. "Libraries from around the world have been contributing books so that we can make sure the digital generation has access to the best knowledge ever written," Kahle said. "These wide ranging collections include books curated by educators, librarians and individuals, that they see are critical to educating an informed populace at a time of massive disinformation and misinformation." The 2 million modern books are part of the Archive's larger collection of 28 million texts that include older books in the public domain, magazines, and documents. Beyond texts, millions of movies, television news programs, images, live music concerts, and other sound recordings are also available, as well as more than 500 billion web pages that have been archived by the Wayback Machine. Nearly 1.5 million unique patrons use the Internet Archive each day, and about 17,000 items are uploaded daily.

This week Purism began shipping its mass-produced Librem 5 phone to customers, according to announcement from the company: The Librem 5 is a one-of-a-kind general-purpose computer in a phone form-factor that Purism has designed and built from scratch following a successful crowdfunding campaign that raised over $2.2 million. Both the hardware and software design is focused on respecting the end user's freedom and giving them control over their privacy and security.

The Librem 5 doesn't run Android nor iOS but instead runs the same PureOS operating system as Purism's laptops and mini PC.

The Librem 5 has unique hardware features including a user-removable cellular modem, WiFi card, and battery. Like with Librem laptops, the Librem 5 also features external hardware kill switches that cut power to the cellular modem, WiFi/Bluetooth, and front and back cameras and microphone so that the user can control when these devices are in use. All hardware switches can also be triggered together to enable "lockdown mode" which also disables the GPS, accelerometer and all other sensors...

Another unique feature of the Librem 5 is convergence: the ability to connect the Librem 5 to a monitor or laptop dock and use it as a desktop computer running the same full-sized desktop applications as on Librem laptops. When in a phone form-factor, applications behave much like "responsive websites" and change their appearance for the smaller screen. This allows you to use the Librem 5 as a phone, a desktop, or a laptop with the same applications and same files.
Their announcement notes their work on software making desktop applications "adaptive" to phone form factors, adding "This suite of software has now become the most popular software stack to use on other handheld Linux hardware." And they close with an appreciative comment from Purism's founder and CEO Todd Weaver:

"Shipping the Librem 5 has been an immense multi-year developmental effort. It is the culmination of people's desire to see an alternative to Android and iOS and fund it, coupled with dedication from a team of experts addressing hardware, kernel, operating system, and applications that has turned a lofty near-impossible goal into reality. We have built a strong foundation and with the continued support of customers, the community, and developers, we will continue to deliver revolutionary products like the Librem 5 running PureOS."

Ring isn't just a product that allows users to surveil their neighbors. The company also uses it to surveil its customers. An investigation by EFF of the Ring doorbell app for Android found it to be packed with third-party trackers sending out a plethora of customers' personally identifiable information (PII). From the report, shared by reader AmiMoJo: Four main analytics and marketing companies were discovered to be receiving information such as the names, private IP addresses, mobile network carriers, persistent identifiers, and sensor data on the devices of paying customers. The danger in sending even small bits of information is that analytics and tracking companies are able to combine these bits together to form a unique picture of the user's device. This cohesive whole represents a fingerprint that follows the user as they interact with other apps and use their device, in essence providing trackers the ability to spy on what a user is doing in their digital lives and when they are doing it.

All this takes place without meaningful user notification or consent and, in most cases, no way to mitigate the damage done. Even when this information is not misused and employed for precisely its stated purpose (in most cases marketing), this can lead to a whole host of social ills. Ring has exhibited a pattern of behavior that attempts to mitigate exposure to criticism and scrutiny while benefiting from the wide array of customer data available to them. It has been able to do so by leveraging an image of the secure home, while profiting from a surveillance network which facilitates police departments' unprecedented access into the private lives of citizens, as we have previously covered. For consumers, this image has cultivated a sense of trust in Ring that should be shaken by the reality of how the app functions: not only does Ring mismanage consumer data, but it also intentionally hands over that data to trackers and data miners.

InfoQ reports on surprising results from research sponsored by the Institutes for Application Security and System Security at Germany's Technische UniversitÃt Braunschweig: A study published in June 2019 reveals that in the Alexa Top 1 million websites, one out of 600 sites executes WebAssembly (Wasm) code. The study moreover finds that over 50% of those sites using WebAssembly apply it for malicious deeds, such as cryptocurrency mining and malware code obfuscation....
BR> The team examined the websites in the Alexa sample over a time span of four days, and successfully studied 947,704 websites, eventually visiting 3,465,320 web pages... 1,950 Wasm modules were found on 1,639 sites... The research team manually categorized the Wasm modules in 6 categories, reflecting the purpose behind the use of WebAssembly: Custom, Game, Library, Mining, Obfuscation, and Test. Of these six categories, two (Mining -- 55.6% of website sample, and Obfuscation -- 0.2% of websites sample) represent malicious usage of WebAssembly. The study details, "The largest observed category implements a cryptocurrency miner in WebAssembly, for which we found 48 unique samples on 913 sites in the Alexa Top 1 Million....

"[The study] suggests that we are currently only seeing the tip of the iceberg of a new generation of malware.... In consequence, incorporating the analysis of WebAssembly code hence is going to be of essence for effective future defense mechanisms."

With access to years of data on the purchase activity of hundreds of millions of unique credit and debit cards across millions of small businesses, payments app Square has a window into spending patterns that few other tech companies can match. By supplementing that data with contact details that shoppers provide to Square for the purpose of getting digital receipts, the company is able to assemble expansive profiles of consumer behavior that it can use to run marketing and loyalty programs for its small-business customers. But misfires happen. From a report: Square has forwarded receipts documenting transactions as mundane as a cup of coffee and as sensitive as an obstetrician's visit to people who were uninvolved in the purchases, according to emails reviewed by The Wall Street Journal. In some cases, neither the purchaser nor the recipient could say why Square sent receipts to the people it did. At issue are the methods that tech companies employ to make money off of the financial data of their users, as well as the degree to which those companies disclose or get consent from their users about those efforts. Data on individuals' credit-card transactions can be particularly delicate and more revealing than their social-media posts or web-browsing activity. The Journal reported last year that Facebook requested detailed information from large U.S. banks about their customers as part of an effort to offer new services to users, but that data privacy emerged as a sticking point.

Suren Enfiajyan writes: An Arch Linux based distribution, Antergos, has been discontinued. The project's primary goal was to make Arch Linux available to a wider audience of users by providing a streamlined, user friendly experience including a safe place for users to communicate, learn, and help one another. There have been 931,439 unique downloads of Antergos Linux since 2014. The primary reason for ending support for it was that the developers no longer have enough free time to properly maintain the distribution. They came to this decision because they believe that continuing to neglect the project would be a huge disservice to the community. Taking this action now, while the project's code still works, provides an opportunity for interested developers to take what they find useful and start their own projects.

For existing Antergos users: there is no need to worry about installed systems as they will continue to receive updates directly from Arch. Soon, an update will be released that will remove the Antergos repos from system along with any Antergos-specific packages that no longer serve a purpose due to the project ending. Once that is completed, any packages installed from the Antergos repo that are in the AUR will begin to receive updates from there. The Antergos Forum and Wiki will continue to be available until such time it becomes clear that users have moved on to other projects.

Mozilla has launched a petition today to get Apple to rotate the IDFA unique identifier of iOS users every month. From a report: The purpose of this request is to prevent online advertisers from creating profiles that contain too much information about iOS users. IDFA stands for "IDentifier For Advertisers" and is a per-device unique ID. Apps running on a device can request access to this ID and relay the number to advertising SDKs/partners they use to show ads to their users. As experts from Singular, a mobile marketing firm explain, "IDFAs take the place of cookies in mobile advertising delivered to iOS devices because cookies are problematic in the mobile world." IDFAs are different from UDIDs, which stand for "unique device identifiers," which are permanent and unchangeable device identifiers. Apple added support for IDFAs specifically to replace UDIDs, which many apps were collecting for all sorts of shady reasons, enabling pervasive tracking of iOS users.