💾 Archived View for kernelzechs.com › feeds › slashdot.gmi captured on 2022-07-16 at 13:45:06. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2022-06-11)
-=-=-=-=-=-=-
Last Updated: 2022-07-16 9:30:01 AM
An anonymous reader quotes a report from Phys.Org: [N]ew research from the University of California, Irvine reports that trees in California's mountain ranges and open spaces are dying from wildfires and other pressures -- and fewer new trees are filling the void. "The forests are not keeping up with these large fires," said study co-author James Randerson, the Ralph J. and Carol M. Cicerone Professor of Earth system science at UCI. Across the entire state, tree cover area has declined 6.7 percent since 1985. "These are big changes in less than four decades," he said. It's the first time that researchers have been able to measure tree population declines in California, and attribute the changes to such pressures as wildfires, drought stress and logging.
For the study, the UCI-led team used satellite data from the USGS and NASA's Landsat mission to study vegetation changes between 1985 and 2021. They found that one of the starkest declines in tree cover was in Southern California, where 14 percent of the tree population in local mountain ranges vanished, potentially permanently. The rate and scale of decline varies across the state. Tree cover in the Sierra Nevada, for instance, stayed relatively stable until around 2010, then began dropping precipitously. The 8.8 percent die-off in the Sierra coincided with a severe drought from 2012 to 2015, followed by some of the worst wildfires in the state's history, including the Creek Fire in 2020.
Fortunately "in the north, there's plenty of recovery after fire," said [Jonathan Wang, a postdoctoral researcher in Randerson's research group, who led the study published in AGU Advances], perhaps because of the region's higher rainfall and cooler temperatures. But even there, high fire years in 2018, 2020 and 2021 have taken a visible toll. The tree decline has also affected carbon storage abilities in the state, said Randerson, who added that the next step is to precisely quantify the impact on forests' ability to absorb anthropogenic carbon dioxide.
Amazon says it will start contacting customers in College Station, Texas, to gauge their interest in receiving orders via Prime Air. Engadget reports: Amazon says it was impressed by many elements of the city, including the research being conducted by Texas A&M University, such as work on drone technology. The US Census Bureau estimates the population of College Station was 120,000 as of last July, so while it isn't the biggest city around, it seems like a decent size for the initially rollout of Prime Air.
"Amazon's new facility presents a tremendous opportunity for College Station to be at the forefront of the development of drone delivery technology," Karl Mooney, the mayor of College Station, said. "We look forward to partnering with Amazon and Texas A&M and are confident that Amazon will be a productive, conscientious, and accountable participant in our community."
A new kind of laser uses tiny moving particles to produce beams of light. The laser is more programmable than standard lasers and the approach could be used to create visual displays that are sharp from all angles. New Scientist reports: Conventional lasers repeatedly bounce light between two mirrors until it becomes bright and focused. Riccardo Sapienza at Imperial College London and his colleagues have built a laser that uses particles that can arrange themselves to carry out a similar process. The new type of laser first requires the use of green light from a traditional laser. The researchers shine this light into a small glass box filled with a liquid solution containing particles of titanium oxide and silicon oxide. This warms up the silicon oxide particles and causes the titanium oxide particles to clump around them.
The green light then bounces between particles in the clump -- similarly to how light bounces between mirrors in conventional lasers -- until the clump itself starts to emit a laser beam, now in the color red. By nudging the particles into different positions with the green light, the team can program the properties of the light emitted by the laser, such as where in the device it originates from and how pure its color is. By comparison, conventional lasers can't be adjusted after manufacturing. The findings have been published in the journal Nature Physics.
An anonymous reader quotes a report from Wired: [R]esearchers from the New Jersey Institute of Technology are warning this week about a novel technique attackers could use to de-anonymize website visitors and potentially connect the dots on many components of targets' digital lives. The findings (PDF), which NJIT researchers will present at the Usenix Security Symposium in Boston next month, show how an attacker who tricks someone into loading a malicious website can determine whether that visitor controls a particular public identifier, like an email address or social media account, thus linking the visitor to a piece of potentially personal data.
When you visit a website, the page can capture your IP address, but this doesn't necessarily give the site owner enough information to individually identify you. Instead, the hack analyzes subtle features of a potential target's browser activity to determine whether they are logged into an account for an array of services, from YouTube and Dropbox to Twitter, Facebook, TikTok, and more. Plus the attacks work against every major browser, including the anonymity-focused Tor Browser. "If you're an average internet user, you may not think too much about your privacy when you visit a random website," says Reza Curtmola, one of the study authors and a computer science professor at NJIT. "But there are certain categories of internet users who may be more significantly impacted by this, like people who organize and participate in political protest, journalists, and people who network with fellow members of their minority group. And what makes these types of attacks dangerous is they're very stealthy. You just visit the website and you have no idea that you've been exposed."
How this de-anonymization attack works is difficult to explain but relatively easy to grasp once you have the gist. Someone carrying out the attack needs a few things to get started: a website they control, a list of accounts tied to people they want to identify as having visited that site, and content posted to the platforms of the accounts on their target list that either allows the targeted accounts to view that content or blocks them from viewing it -- the attack works both ways. Next, the attacker embeds the aforementioned content on the malicious website. Then they wait to see who clicks. If anyone on the targeted list visits the site, the attackers will know who they are by analyzing which users can (or cannot) view the embedded content. [...] Complicated as it may sound, the researchers warn that it would be simple to carry out once attackers have done the prep work. It would only take a couple of seconds to potentially unmask each visitor to the malicious site -- and it would be virtually impossible for an unsuspecting user to detect the hack. The researchers developed a browser extension that can thwart such attacks, and it is available for Chrome and Firefox. But they note that it may impact performance and isn't available for all browsers.
PG&E announced that more than 1,500 Tesla Powerwall owners have already decided to joined the new virtual power plant it launched in partnership with Tesla in California. Electrek reports: A virtual power plant (VPP) consists of distributed energy storage systems, like Tesla Powerwalls, used in concert to provide grid services and avoid the use of polluting and expensive peaker power plants. Last year, Tesla launched a test VPP in California, where Powerwall owners would join in voluntarily without compensation to let the VPP pull power from their battery packs when the grid needed it. Last month, Tesla and PG&E, a large electric utility company in Northern California, announced the launch of a new commercial VPP where homeowners with Powerwalls would get compensated for helping the grid with the energy in their battery packs.
PG&E has now released an update on the virtual power plant and said that more than 1,500 Tesla Powerwall owners have already joined the program: "On June 22, Tesla invited approximately 25,000 PG&E customers with Powerwalls to join the VPP and help form the world's largest distributed battery. In the first two weeks of the new program, more than 3,000 customers have expressed interest in enrolling, with more than 1,500 customers officially in the program." With an average of two Powerwalls per customer, the VPP most likely already has a 13 MW load capacity. PG&E says that if all eligible Powerwall owners join, the VPP would have the available megawatts equivalent to "the energy generated by a small power plant." Tesla Powerwall owners can join through the Tesla app and receive $2 per kWh that they send back to the grid during emergency events. "Enabling Powerwall customers to support the grid and their community is a necessary and important part of accelerating the transition to sustainable energy," said Drew Baglino, senior vice president of Powertrain and Energy Engineering at Tesla. "We seek to partner with utilities and regulators everywhere to unlock the full potential of storage to bring more renewable, resilient, and less costly electricity to everyone."
Bungie, the developer of Destiny 2, is now officially a part of Sony. The Verge reports: The PlayStation maker had announced its intent to acquire the gaming studio in January, and now, that acquisition is complete. At the initial announcement, Sony said (pdf) the deal was worth $3.6 billion, but in an SEC filing on Friday, it said the deal was worth "approximately" $3.7 billion. Though it's now under the Sony umbrella, Bungie will "continue to independently publish and creatively develop our games," Bungie CEO Pete Parsons said in a blog post from the original announcement of the acquisition. And future games in development won't be PlayStation exclusives, Bungie's Joe Blackburn and Justin Truman said.
But Sony does plan to lean on Bungie for its "world-class expertise in multi-platform development and live game services," which "will help us deliver on our vision of expanding PlayStation to hundreds of millions of gamers," Sony Interactive Entertainment president and CEO Jim Ryan said in January. Sony views live service games as a critical part of PlayStation's future, as it plans to launch more than 10 new live service games by March 2026.
TikTok's chief security officer is leaving the role in September amid renewed calls from members of the government to look into the social media app's ties to China. Insider reports: A TikTok spokesperson told the Wall Street Journal that the decision to replace Roland Cloutier as Chief Security Officer is unrelated to any data-privacy concerns. TikTok, which is currently the fastest growing social media company, has often faced scrutiny for being owned by the Chinese company ByteDance. Last month, Buzzfeed News reported that US user data had been repeatedly accessed by TikTok employees in China based on leaked audio from internal company meetings. [...]
CEO Shou Zi Chew sent a note to TikTok employees about Cloutier's exit as chief security officer, writing that "part of our evolving approach has been to minimize concerns about the security of user data in the U.S., including the creation of a new department to manage U.S. user data for TikTok. This is an important investment in our data protection practices, and it also changes the scope of the Global CSO role." Cloutier will officially step down from his role as Chief Security Officer in September and transition to an advisory role at TikTok.
An anonymous reader quotes a report from BleepingComputer: The Tor Project team has announced the release of Tor Browser 11.5, a major release that brings new features to help users fight censorship easier. [...] The updates in Tor Browser 11.5 focus on circumventing censorship, a process that started a year ago in version 10.5 with improving the Tor connection experience. In the new version, users no longer have to manually try out bridge configurations to unblock Tor.
Tor Browser version 11.5 comes with a new feature called "Connection Assist," which assigns automatically the bridge configuration known to work best for the user's location. "Connection Assist works by looking up and downloading an up-to-date list of country-specific options to try using your location (with your consent)," explains the release announcement. "It manages to do so without needing to connect to the Tor Network first by utilizing moat – the same domain-fronting tool that Tor Browser uses to request a bridge from torproject.org." Since Connection Assist is still in an early stage of development (v1.0), the Tor team welcomes user feedback and reports, which would help them iron out any kinks and improve on the system.
Another important new feature in version 11.5 is making 'HTTPS-Only Mode' the default browsing mode, so that the connection is through a secure tunnel. This ensures that all data exchange between the user and the server hosting the website will be encrypted, to defend against man-in-the-middle (MitM) attacks and to protect users from SSL stripping on malicious exit relays. [...] The third significant improvement in Tor Browser 11.5 is a heavily revamped Network Settings menu, now called "Connection Settings," which should make it easier to find and understand specific settings. Most notably, bridge configuration and connection options have been redesigned to enable quick and easy review and management. Using emojis on the saved Bridges, the new interface offers visualization for the configuration for the first time, making it easy to identify the right bridge and select it when needed. You can download the latest Tor Browser from the official download portal.
In an effort to settle accusations by regulators that the company engages in anti-competitive behavior, Amazon leaders have discussed abandoning its private-label "Amazon Basics" business altogether. This follows previously reported concessions including giving more visibility to listings from multiple sellers for a given product to prohibiting the company from using any non-public data from Amazon sellers to boost the company's own retail business. Recode reports: At least as recently as last year, several top Amazon executives, including its current worldwide retail CEO Doug Herrington and its general counsel David Zapolsky, expressed a willingness to make this different but significant change if it meant avoiding potentially harsh remedies resulting from government investigations in the US or abroad, according to a source with knowledge of the discussions.
Amazon's private-label business includes homegrown brands like Amazon Basics, which sells everything from garbage bags to batteries to office chairs, as well as the clothing line Amazon Essentials. The business line also includes brands that don't carry the Amazon name, such as the paper-goods label Presto, the food brand Happy Belly, and the fashion line Goodthreads. Such a concession would not apply to the company's own gadget lines, including Kindle, Echo, and Fire TV devices. Amazon's use of private-label brands has come under fire from politicians and regulators not merely because they exist, but because of the data Amazon leverages to create them and the tactics it uses to favor them in search results on its shopping website and app.
"There was a strong consensus that this could be a viable option if the company was ever pressed into a position where it had to negotiate a settlement," the source told Recode. This person requested anonymity because they were not authorized to disclose internal discussions. [...] The conversations at Amazon around abandoning its private labels occurred on and off for several years as scrutiny of the business line heightened, the source said, with executives expressing a desire to keep this potential remedy under wraps so that it could come across to regulators as a major concession. Leaders in favor of such a decision believed that Amazon had a right to sell private-label brands as many retailers do, but that the business was not strategically crucial enough to defend in the face of more severe potential remedies sought by antitrust enforcers. When a company like Amazon offers such a concession, it does so with the hope of closing down any current investigations. Amazon spokesperson Betsy Harden denies the report, saying the company continues "to invest in this area, just as our many retail competitors have done for decades and continue to do today."
Chairwoman Jessica Rosenworcel has proposed raising the minimum definition of broadband to 100Mbps for downloads and 20Mbps for uploads. Engadget reports: The previous 25/3 benchmark is both outdated and hides just how many low-income and rural internet users are being "left behind and left offline," Rosenworcel said. The chair said multiple pieces of evidence supported the hike, including requirements for new network construction stemming from the Infrastructure Investment and Jobs Act. The FCC had already proposed upgrades to rural speeds through a special program, but this would affect the definition of broadband regardless of where users live in the country.
Rosenworcel also wanted the minimum speed to evolve over time. She proposed setting a much higher standard of 1Gbps down and 500Mbps up for some point in the future. The leader further suggested more criteria for determining the "reasonable and timely" rollout of broadband, including adoption rates, affordability, availability and equitable access.
An anonymous reader quotes a report from Ars Technica: Google's developer deadline for the Play Store's new "Data Safety" section is next week (July 20), and we're starting to see what the future of Google Play privacy will look like. The actual Data Safety section started rolling out in April, but now that the developer deadline is approaching... Google is turning off the separate "app permissions" section? That doesn't sound like a great move for privacy at all.
The Play Store's new Data Safety section is Google's answer to a similar feature in iOS 14, which displays a list of developer-provided privacy considerations, like what data an app collects, how that data is stored, and who the data is shared with. At first blush, the Data Safety entries might seem pretty similar to the old list of app permissions. You get items like "location," and in some ways, it's better than a plain list of permissions since developers can explain how and why each bit of data is collected.
The difference is in how that data ends up in Google's system. The old list of app permissions was guaranteed to be factual because it was built by Google, automatically, by scanning the app. The Data Safety system, meanwhile, runs on the honor system. Here's Google's explanation to developers of how the new section works: "You alone are responsible for making complete and accurate declarations in your app's store listing on Google Play. Google Play reviews apps across all policy requirements; however, we cannot make determinations on behalf of the developers of how they handle user data. Only you possess all the information required to complete the Data safety form. When Google becomes aware of a discrepancy between your app behavior and your declaration, we may take appropriate action, including enforcement action."
Astronomers at MIT and universities across Canada and the United States have detected a strange and persistent radio signal from a far-off galaxy that appears to be flashing with surprising regularity. From a report:The signal is classified as a fast radio burst, or FRB -- an intensely strong burst of radio waves of unknown astrophysical origin, that typically lasts for a few milliseconds at most. However, this new signal persists for up to three seconds, about 1,000 times longer than the average FRB. Within this window, the team detected bursts of radio waves that repeat every 0.2 seconds in a clear periodic pattern, similar to a beating heart. The researchers have labeled the signal FRB 20191221A, and it is currently the longest-lasting FRB, with the clearest periodic pattern, detected to date.
The source of the signal lies in a distant galaxy, several billion light-years from Earth. Exactly what that source might be remains a mystery, though astronomers suspect the signal could emanate from either a radio pulsar or a magnetar, both of which are types of neutron stars -- extremely dense, rapidly spinning collapsed cores of giant stars. There are not many things in the universe that emit strictly periodic signals," says Daniele Michilli, a postdoc in MIT's Kavli Institute for Astrophysics and Space Research. âoeExamples that we know of in our own galaxy are radio pulsars and magnetars, which
A committee in Britain's parliament has told payment firms Visa and Mastercard to justify recent rises in their card transaction fees after the country's payments regulator expressed concerns. From a report: The Payment Systems Regulator (PSR) told the Treasury Committee last week that the increases in card fees showed the market was "not working well", according to correspondence published by the committee on Thursday.
Taiwanese prosecutors on Friday accused a Chinese Apple supplier of stealing commercial secrets from a Taiwanese supplier and poaching its workforce to win orders from the U.S. company, saying it had charged 14 people. From a report: Taiwan has been stepping up efforts to stop what it views as underhand and illegal activities by Chinese firms to steal know-how and poach away talent in what Taipei's government views as a threat to the island's tech prowess. Prosecutors in New Taipei said after a year-and-a-half investigation they had found that China's Luxshare Precision had targeted Taiwanese competitor Catcher Technology "in order to quickly enter the Apple production chain to win orders." Luxshare "lured" Catcher's China based research and development team with promises of high salaries and stole business secrets from the Taiwanese firm, causing them big losses, the prosecutors said in a statement. Luxshare was doing this in order to be able to "quickly build factories and mass produce cases for iPhones, iPads and other products", the statement said.
A Twitch streamer has crowdsourced the manuals for upwards of 850 unique Super Nintendo games and made them free on an online archive. From a report: Video game consoles have come a long way since the Super Nintendo arrived in the U.S. in 1991 and launched a new generation of gamers, but sometimes there is no beating the classics. The console was wildly popular, with more than 700 games released for the system in the U.S., and Kerry Hays (aka "Peebs" on the Twitch streaming platform) has been working on beating every. single. one. "We had wondered, some of these games, had anyone ever even beaten them before? They were so weird and obscure or difficult," he said. And so, Hays turned to the manuals.
For those who weren't playing a lot of video games in the '90s, almost all of them came with a manual inside the case that had lots of helpful information. The manual was where you would find the buttons to push and how the console works. It could also include your lore, backstory, and maybe even a map. "And if you're really lucky, you get a little bit of a walkthrough that would tell you, like, the first 10% of the game," Hays said. [...] The collection is hosted on the Internet Archive and contains upwards of 850 unique Super Nintendo manuals -- and it's all free. Hays says he's not in it for the money.