couchslug - Slashdot User

Comment Nations belong to citizens, no one else. (Score 1) 3

by couchslug on Tuesday June 03, 2025 @02:44AM (#65423833) Attached to: ICE Taps into Nationwide AI-Enabled Camera Network, Data Shows

Illegals are breaking the law. We understand the ulterior motive which is not privacy but to flood the US with people it does in no way belong to.

To oppose catching them is de-facto support for open borders which is fine if you get open borders by popular vote, less fine just to flood the US with uninvited guests.

There is zero problem if those not citizens stay home and do not consider themselves entitled to what does not belong to them. The US does not belong to anyone not so entitled by law. Refusal by de-facto supporters of open borders to man up and so state is hypocrisy. Nations protect themselves by exclusion. Nations belong to citizens, no one else unless citizens so vote.

Comment Which version numbers will the EU get? (Score 1) 46

by couchslug on Tuesday June 03, 2025 @02:30AM (#65423807) Attached to: Microsoft To Finally Stop Bugging Windows Users About Edge - But Only in Europe

Downloading the version with less fuckery an issue (and checksums can ensure one from an unofficial source is legit).

Disabling MSFT nonsense is a feature not a bug so I collect less vile versions for future installs.

Submission + - Eleanor from Gone in 60 Seconds Can't Be Copyrighted (caranddriver.com)

Submitted by sinij on Monday June 02, 2025 @11:38AM

sinij writes: The ruling states that the Mustang doesn't pass tests that would qualify it as a character.

In the past, studio aggressively went after builders for any Mustang that even remotely approximated Eleanor, making it a hassle to restomod classic Mustangs.

Submission + - A major Canadian battery recycler just declared bankruptcy (www.cbc.ca)

Submitted by sinij on Sunday June 01, 2025 @10:04AM

sinij writes: But just last month, the Toronto-based company filed for bankruptcy protection in the U.S. and Canada after years of struggling to get a facility off the ground in Rochester, N.Y. The company said the planned hub would have been able to extract lithium and other critical minerals from recycled material

While battery recycling is possible, in practice EV battery recycling continues to be undressed problem.

Submission + - ICE Taps into Nationwide AI-Enabled Camera Network, Data Shows (404media.co) 3

Submitted by ArchieBunker on Sunday June 01, 2025 @01:34AM

ArchieBunker writes: Data from a license plate-scanning tool that is primarily marketed as a surveillance solution for small towns to combat crimes like car jackings or finding missing people is being used by ICE, according to data reviewed by 404 Media. Local police around the country are performing lookups in Flock’s AI-powered automatic license plate reader (ALPR) system for “immigration” related searches and as part of other ICE investigations, giving federal law enforcement side-door access to a tool that it currently does not have a formal contract for.

The massive trove of lookup data was obtained by researchers who asked to remain anonymous to avoid potential retaliation and shared with 404 Media. It shows more than 4,000 nation and statewide lookups by local and state police done either at the behest of the federal government or as an “informal” favor to federal law enforcement, or with a potential immigration focus, according to statements from police departments and sheriff offices collected by 404 Media. It shows that, while Flock does not have a contract with ICE, the agency sources data from Flock’s cameras by making requests to local law enforcement. The data reviewed by 404 Media was obtained using a public records request from the Danville, Illinois Police Department, and shows the Flock search logs from police departments around the country.

As part of a Flock search, police have to provide a “reason” they are performing the lookup. In the “reason” field for searches of Danville’s cameras, officers from across the U.S. wrote “immigration,” “ICE,” “ICE+ERO,” which is ICE’s Enforcement and Removal Operations, the section that focuses on deportations; “illegal immigration,” “ICE WARRANT,” and other immigration-related reasons. Although lookups mentioning ICE occurred across both the Biden and Trump administrations, all of the lookups that explicitly list “immigration” as their reason were made after Trump was inaugurated, according to the data.

Submission + - Help wanted to build open source Advanced Data Protection for everyone

Submitted by WaywardGeek on Saturday May 31, 2025 @01:15AM

WaywardGeek writes: Recall that Apple was ordered to back-door Advanced Data Protection in the UK. We need to take action now to protect users.

I helped build Google's Advanced Data Protection (Google Cloud Key VaultService) in 2018, and Google is way ahead of Apple in this area. I know exactly how to build it an can have it done in spare time in a few weeks, at least server side. The whole world would be able to use it for free, protecting backups, passwords, message history, and more, if we can get existing applications to talk to the new data protection service.

However, I need help. I've got the algorithms and server-side covered. This would be a distributed trust based system, so I need folks willing to run the protection service. I'll run mine on a Raspberry PI. Areas where I need help include:

* Running protection servers. This is a T-of-N scheme, where users will need say 9 of 15 nodes to be available to recover their backups.
* Android client app, and preferably tight integration with the platform as an alternate backup service.
* Same with iOS
* Authentication. Users should register, and login before they can use any of their limited guesses to their phone unlock secret.

The scheme splits a secret among N protection servers, and when it is time to recover the secret, which is basically an encryption key, they must be able to get key shares from T of the original N servers. This uses a distributed oblivious pseudo random function algorithm, which is very simple.

In plain English, it provides nation-state resistance to secret back doors, and eliminates secret mass surveillance, at least when it comes to data backed up to the cloud. iOS and Android systems don't currently do that. The UK and similarly confused governments will need to negotiate with operators in multiple countries to get access to any given users's keys. There are cases where rational folks would agree to hand over that data, and I hope we can end the encryption wars and develop sane policies that protect user data while offering a compromise where lives can be saved.

So, nothing too serious :-)

Are you up for this challenge? Are you ready to plunge into this with me?

Submission + - Hugging Face Introduces Two Open-Source Robot Designs (siliconangle.com)

Submitted by Anonymous Coward on Friday May 30, 2025 @09:03PM

An anonymous reader writes: Hugging Face has open-sourced the blueprints of two internally developed robots called HopeJR and Reachy Mini. The company debuted the machines on Thursday. Hugging Face is backed by more than $390 million in funding from Nvidia Corp., IBM Corp. and other investors. It operates a GitHub-like platform for sharing open-source artificial intelligence projects. It says its platform hosts more than 1 million AI models, hundreds of thousands of datasets and various other technical assets.

The company started prioritizing robotics last year after launching LeRobot, a section of its platform dedicated to autonomous machines. The portal provides access to AI models for powering robots and datasets that can be used to train those models. Hugging Face released its first hardware blueprint, a robotic arm design called the SO-100, late last year. The SO-100 was developed in partnership with a startup called The Robot Studio. Hugging Face also collaborated with the company on the HopeJR, the first new robot that debuted this week. According to TechCrunch, it’s a humanoid robot that can perform 66 movements including walking.

HopeJR is equipped with a pair of robotic arms that can be remotely controlled by a human using a pair of specialized, chip-equipped gloves. HopeJR’s arms replicate the movements made by the wearer of the gloves. A demo video shared by Hugging Face showed that the robot can shake hands, point to a specific text snippet on a piece of paper and perform other tasks. Hugging Face’s other new robot, the Reachy Mini, likewise features an open-source design. It’s based on technology that the company obtained through the acquisition of a venture-backed startup called Pollen Robotics earlier this year. Reachy Mini is a turtle-like robot that comes in a rectangular case. Its main mechanical feature is a retractable neck that allows it to follow the user with its head or withdraw into the case. This case, which is stationary, is compact and lightweight enough to be placed on a desk.

Submission + - US Sanctions Cloud Provider 'Funnull' as Top Source of 'Pig Butchering' Scams (krebsonsecurity.com)

Submitted by Anonymous Coward on Friday May 30, 2025 @05:50PM

An anonymous reader writes: The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as “pig butchering.” In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network that catered to cybercriminals seeking to route their traffic through U.S.-based cloud providers. “Americans lose billions of dollars annually to these cyber scams, with revenues generated from these crimes rising to record levels in 2024,” reads a statement from the U.S. Department of the Treasury, which sanctioned Funnull and its 40-year-old Chinese administrator Liu Lizhi. “Funnull has directly facilitated several of these schemes, resulting in over $200 million in U.S. victim-reported losses.”

The Treasury Department said Funnull’s operations are linked to the majority of virtual currency investment scam websites reported to the FBI. The agency said Funnull directly facilitated pig butchering and other schemes that resulted in more than $200 million in financial losses by Americans. Pig butchering is a rampant form of fraud wherein people are lured by flirtatious strangers online into investing in fraudulent cryptocurrency trading platforms. Victims are coached to invest more and more money into what appears to be an extremely profitable trading platform, only to find their money is gone when they wish to cash out. The scammers often insist that investors pay additional “taxes” on their crypto “earnings” before they can see their invested funds again (spoiler: they never do), and a shocking number of people have lost six figures or more through these pig butchering scams.

KrebsOnSecurity’s January story on Funnull was based on research from the security firm Silent Push, which discovered in October 2024 that a vast number of domains hosted via Funnull were promoting gambling sites that bore the logo of the Suncity Group, a Chinese entity named in a 2024 UN report (PDF) for laundering millions of dollars for the North Korean state-sponsored hacking group Lazarus. Silent Push found Funnull was a criminal content delivery network (CDN) that carried a great deal of traffic tied to scam websites, funneling the traffic through a dizzying chain of auto-generated domain names and U.S.-based cloud providers before redirecting to malicious or phishous websites. The FBI has released a technical writeup (PDF) of the infrastructure used to manage the malicious Funnull domains between October 2023 and April 2025.

Submission + - ASUS Router Backdoors Affect 9,000 Devices, Persists After Firmware Updates (scworld.com)

Submitted by Anonymous Coward on Thursday May 29, 2025 @04:50PM

An anonymous reader writes: Thousands of ASUS routers have been compromised with malware-free backdoors in an ongoing campaign to potentially build a future botnet, GreyNoise reported Wednesday. The threat actors abuse security vulnerabilities and legitimate router features to establish persistent access without the use of malware, and these backdoors survive both reboots and firmware updates, making them difficult to remove.

The attacks, which researchers suspect are conducted by highly sophisticated threat actors, were first detected by GreyNoise’s AI-powered Sift tool in mid-March and disclosed Thursday after coordination with government officials and industry partners. Sekoia.io also reported the compromise of thousands of ASUS routers in their investigation of a broader campaign, dubbed ViciousTrap, in which edge devices from other brands were also compromised to create a honeypot network. Sekoia.io found that the ASUS routers were not used to create honeypots, and that the threat actors gained SSH access using the same port, TCP/53282, identified by GreyNoise in their report.

The backdoor campaign targets multiple ASUS router models, with GreyNoise initially detecting attack attempts against their emulated ASUS RT-AC3200 and RT-AC3100 firmware profiles, both with “out-of-the-box” configuration settings. Initial access is gained through a combination of credential brute-forcing and exploitation of authentication bypass flaws, which are patched but have not been assigned CVEs, according to GreyNoise. Authentication bypass techniques used include impersonation of the ASUS user-agent “asusrouter--” and the use of an “asus_token=” cookie followed by a null byte, which may prematurely terminate string parsing during the authentication process and lead to authentication bypass on vulnerable systems, according to GreyNoise’s technical analysis. Sekoia.io also noted the exploitation of CVE-2021-32030 in their observations, an authentication bypass flaw specifically affecting ASUS GT-AC2900 and Lyra Mini devices.

Comment Re:Moviefone? (Score 2) 99

by couchslug on Thursday May 29, 2025 @03:20PM (#65414449) Attached to: There's More Film and Television For You To Watch Than Ever Before - Good Luck Finding It

Boomer here (the real 1965 and prior demographic, not a LARPING GenX'er) who never heard of Moviefone despite decades on da interwebz. I don't do dead tree papers either.

If it's worth watching it's worth pir8ing.

Comment Piracy is the solution (Score 0, Offtopic) 99

by couchslug on Thursday May 29, 2025 @03:15PM (#65414435) Attached to: There's More Film and Television For You To Watch Than Ever Before - Good Luck Finding It

Downmodders go bootlick our rich masters elsewhere. I'm not OP as I give zero fucks about karma.

Conventional morality un-reciprocated is vain wank our masters wisely consider weakness.

Submission + - A fungus that can eat your from the inside out may spread due to rising temps (cnn.com)

Submitted by quonset on Saturday May 24, 2025 @11:49AM

quonset writes: Climate change is generally looked at it terms of rising sea levels and excess heat. As summers become hotter, more people will die. However, something overlooked is that as tempreatures rise, so will the spread of pathogens which are now relegated to specific zones. A recent study, not yet peer reviewed, found that Aspergillus flavus, which prefers warm, tropical areas, has the potential to spread northward. This particular fungus infects the lungs causing aspergillosis and if not treated, effectively eats the person from the inside out.

“Fungi are relatively under-researched compared to viruses and parasites, but these maps show that fungal pathogens will likely impact most areas of the world in the future,” said Norman van Rijn, one of the study’s authors and a climate change and infectious diseases researcher at the University of Manchester.

Aspergillosis has very high mortality rates at around 20% to 40%, he said. It’s also very difficult to diagnose, as doctors don’t always have it on their radar and patients often present with fevers and coughs, symptoms common to many illnesses.

Fungal pathogens are also becoming increasingly resistant to treatment, van Rijn added. There are only four classes of antifungal medicines available.

This all spells bad news as the climate shifts open up new areas for Aspergillus to colonize.

This species can cause severe infections in humans and is resistant to many antifungal medications. It also infects a range of food crops, posing a potential threat to food security. The World Health Organization added Aspergillus flavus to its critical group of fungal pathogens in 2022 because of its public health impact and antifungal resistance risk.

Submission + - UK veterans minister used Xenon in Germany to prepare to climb Everest (telegraph.co.uk)

Submitted by Bruce66423 on Friday May 23, 2025 @03:31AM

Bruce66423 writes: 'A British minister was part of a record-breaking climbing party that reached the summit of Mount Everest in five days.

'Al Carns, the veterans minister, was in a group of ex-British Special Forces soldiers who flew the Union flag on the summit on Wednesday.

'An ascent usually takes around two months with traditional acclimatisation methods, but Mr Carns and his team used xenon gas to help with their acclimatisation.'

Nepal is unhappy because it will reduce the time climbers will spend in the country, but is claiming that it is 'dangerous'.

Submission + - Mozilla is shutting down Pocket (betanews.com)

Submitted by BrianFagioli on Thursday May 22, 2025 @01:45PM

BrianFagioli writes: In a surprising move that will frustrate longtime fans, Mozilla has announced it will shut down Pocket on July 8, 2025. The once-popular âoeread-it-laterâ service, which helped users save and organize web content for later reading, will no longer function as normal after that date. While existing users can continue saving and reading articles until July, the service will switch to export-only mode afterward, with all user data permanently deleted on October 8.

Submission + - Memory-safe sudo to become the default in Ubuntu

Submitted by RoccamOccam on Tuesday May 06, 2025 @10:35AM

RoccamOccam writes: Ubuntu 25.10 is set to adopt sudo-rs by default. Sudo-rs is a memory-safe reimplementation of the widely-used sudo utility, written in the Rust programming language. This move is part of a broader effort by Canonical to improve the resilience and maintainability of core system components.

Slashdot Top Deals