News

A U.S. government auction site was breached by an Oklahoma man, reports NBC News. So when it came time to pay up on his winning bids, he "falsified the true auction price to $1," according to the U.S. attorney's office. He defrauded the government out of more than $150,000 between Jan. 31 and March 21, 2019, the indictment alleges. Included in the $1-buys were a 2010 Ford Escape Hybrid, for which Coker submitted a bid of $8,327; a Ford F550 pickup, with a bid of $9,000; and a Chevrolet C4500 box truck, bid $22,700; the U.S. attorney's office said... Nineteen items in all were bought through the auctions, according to prosecutors. Coker used eight accounts and pre-paid debit cards with very little balances to make the purchases, the indictment says. "Coker was indicted on three counts of wire fraud in March 2023 and pleaded guilty to one count Wednesday, according to court records." Thanks to Slashdot reader Thelasko for sharing the news.

Read more of this story at Slashdot.

It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or malicious code execution. Due to a technical issue this email was not sent on 2024-02-26 like it should have.

https://security-tracker.debian.org/tracker/DSA-5632-1

In 2019 a SpaceX Falcon 9 rocket launched an Israeli spacecraft carrying a 30-million page archive of human civilization to the moon. Unfortunately, that spacecraft crashed. But thanks to this week's moon landing by the Odysseus, there's now a 30-million page "Lunar Library" on the moon — according to a Medium post by the Arch Mission Foundation. "This historic moment secures humanity's cultural heritage and knowledge in an indestructible archive built to last for up to billions of years." Etched onto thin sheets of nickel, called NanoFiche, the Lunar Library is practically indestructible and can withstand the harsh conditions of space... Some of the notable content includes: The Wikipedia. The entire English Wikipedia containing over 6 million articles on every branch of knowledge. Project Gutenberg. Portions of Project Gutenberg's library of over 70,000 free eBooks containing some of our most treasured literature. The Long Now Foundation's Rosetta Project archive of over 7,000 human languages and The Panlex datasets. Selections from the Internet Archive's collections of books and important documents and data sets. The SETI Institute's Earthling Project, featuring a musical compilation of 10,000 vocal submissions representing humanity united The Arch Lunar Art Archive containing a collection of works from global contemporary and digital artists in 2022, recorded as NFTs. David Copperfield's Magic Secrets — the secrets to all his greatest illusions — including how he will make the Moon disappear in the near future. The Arch Mission Primer — which teaches a million concepts with images and words in 5 languages. The Arch Mission Private Library — containing millions of pages as well as books, documents and articles on every subject, including a broad range of fiction and non-fiction, textbooks, periodicals, audio recordings, videos, historical documents, software sourcecode, data sets, and more. The Arch Mission Vaults — private collections, including collections from our advisors and partners, and a collection of important texts and images from all the world's religions including the great religions and indigenous religions from around the world, collections of books, photos, and a collection of music by leading recording artists, and much more content that may be revealed in the future... We also want to recognize our esteemed advisors, and our many content partners and collections including the Wikimedia Foundation, the Long Now Foundation, The SETI Institute Earthling Project, the Arch Lunar Art Archive project, Project Gutenberg, the Internet Archive, and the many donors who helped make the Lunar Library possible through their generous contributions. This accomplishment would not have happened without the collaborative support of so many... We will continue to send backups of our important knowledge and cultural heritage — placing them on the surface of the Earth, in caves and deep underground bunkers and mines, and around the solar system as well. This is a mission that continues as long as humanity endures, and perhaps even long after we are gone, as a gift for whoever comes next. Space.com has a nice rundown of the other new payloads that just landed on the moon. Some highlights: "Cloud computing startup Lonestar's Independence payload is a lunar data center test mission for data storage and transmission from the lunar surface." LRA is a small hemisphere of light-reflectors built to servce as a precision landmark to "allow spacecraft to ping it with lasers to help them determine their precise distance..." ROLSES is a radio spectrometer for measuring the electron density near the lunar surface, "and how it may affect radio observatories, as well as observing solar and planetary radio waves and other phenomena." "Artist Jeff Koons is sending 125 miniature stainless steel Moon Phase sculptures, each honoring significant human achievements across cultures and history, to be displayed on the moon in a cube. "

Read more of this story at Slashdot.

Since 2010, billionaire tech investor Peter Thiel has offered to pay about 20 students $100,000 to drop out of school each year "to start companies or nonprofits," reports the Wall Street Journal. His program has now backed 271 people, and this year the applicant pool "is bigger than ever." So how's it going? Some big successes include Vitalik Buterin, co-founder of Ethereum, the blockchain network; Laura Deming, a key figure in venture investing in aging and longevity; Austin Russell, who runs self-driving technologies company Luminar Technologies; and Paul Gu, co-founder of consumer lending company Upstart... Thiel and executives of the fellowship acknowledge they have learned painful lessons along the way. Some applicants pursued ambitious ideas that turned out to be unrealistic, for example. "Asteroid mining is great for press releases but maybe we should have pushed back early on," he says. Others were better at applying to be Thiel fellows than they were starting businesses, it turned out... They've also learned that lone geniuses with brilliant ideas aren't usually the kinds of people who can build organizations. "It's a team sport to get something going and build on it, you can't just be a mad genius, you have to have some social skills and emotional intelligence," says Michael Gibson, an early leader of the organization who is co-founder of a venture fund that invests primarily in those who don't have a college degree... Thiel hasn't attempted to build a better education system, which program officials acknowledge has made it harder to develop talent in the program... Thiel fellows say they don't receive much more than funding from the program and have limited contact with Thiel, though access to a network of former Thiel fellows can be useful. "Meeting some of the other members inspires you to think bigger," says Boyan Slat, a 2016 Thiel fellow who is chief executive of The Ocean Cleanup, a Netherlands-based nonprofit developing technologies to remove plastic from oceans. Slat says he has spoken to Thiel "three or four times." As a result, Thiel and other staffers have concluded they can't grow beyond the 20 or so young people chosen as fellows each year. "If you scale the program," Thiel says, "you will have a lot more people who aren't quite ready, you would then have to be super-confident you can develop them" — which Thiel and his colleagues say they aren't skilled at doing... About a quarter of the Thiel fellows eventually returned to college to finish their degrees, suggesting that even the dropouts see enduring value in higher education. Thiel says they "got way more out of it by going back" after launching their businesses. "The other 75% didn't need a college degree," he says.

Read more of this story at Slashdot.

"One London resident watched on CCTV as a thief walked up to his £40,000 car and drove away," reports the Observer. "Now manufacturers say they are being drawn in to a hi-tech 'arms race' with criminals." [H]i-tech devices disguised as handheld games consoles are being traded online for thousands of pounds and are used by organised crime gangs to mimic the electronic key on an Ioniq 5, opening the doors and starting the engine. The device, known as an "emulator", works by intercepting a signal from the car, which is scanning for the presence of a legitimate key, and sending back a signal to gain access to the vehicle... Hyundai says it is looking at measures to prevent the use of emulators "as a priority". But it is not the only carmaker whose vehicles appear to be vulnerable. An Observer investigation found that models by Toyota, Lexus and Kia have also been targeted... British motorists now face an increase in the number of thefts and rising insurance premiums... Car thefts are at their highest level for a decade in England and Wales, rising from 85,803 vehicles in the year to March 2012 to 130,270 in the year to March 2023 — an increase of more than 50%. Part of the reason, say experts, is the rise of keyless entry... Kia did not respond to a request for comment. A spokesperson for Toyota, which owns Lexus, said: "Toyota and Lexus are continuously working on developing technical solutions to make vehicles more secure. Since introducing enhanced security hardware on the latest versions of a number of models, we have seen a significant drop-off in thefts. For older models we are currently developing solutions." Another common attack requires entry to the vehicle first, according to the article, but then uses the vehicle's onboard diagnostic port to program "a new key linked to the vehicle..." "Many owners of Ioniq 5s, which sell from around £42,000, now use steering locks to deter thieves."

Read more of this story at Slashdot.

"The Royal Swedish Academy of Sciences, which selects Nobel laureates in chemistry and physics, last week awarded Dr. Wu its Sjöberg Prize in honor of 'decisive contributions' to cancer research," reports CNN. Their profile of the oncologist from Boston's Dana-Farber Cancer Institute notes Dr. Wu's research "has laid the scientific foundation for the development of cancer vaccines tailored to the genetic makeup of an individual's tumor." It's a strategy looking increasingly promising for some hard-to-treat cancers such as melanoma and pancreatic cancer, according to the results of early-stage trials, and may ultimately be widely applicable to many of the 200 or so forms of cancer... The most common treatments for cancer — radiation therapy and chemotherapy — are like sledgehammers, striking all cells and often damaging healthy tissue. Since the 1950s, cancer researchers have been seeking a way to dial up the body's immune system, which naturally tries to fight cancer but is outsmarted by it, to attack tumor cells. Progress on that front was middling until about 2011 with the arrival of a class of drugs called checkpoint inhibitors, which boost the anti-tumor activity of T cells, an important part of the immune system... These drugs have helped some people with cancer who would have been given months to live survive for decades, but they don't work for all cancer patients, and researchers continue to look for ways to turbocharge the body's immune system against cancer... Wu's research focused on small mutations in cancer tumor cells. These mutations, which occur as the tumor grows, create proteins that are slightly different to those in healthy cells. The altered protein generates what's called a tumor neoantigen that can be recognized by the immune system's T cells as foreign, and therefore susceptible to attack. With thousands of potential neoantigen candidates, Wu used "tour de force lab work" to identify the neoantigens that are on the cell surface, making them a potential target for a vaccine, said Urban Lendahl, professor of genetics at the Karolinska Institutet in Sweden and the secretary of the committee that awarded the prize. "If the immune system is to have a chance to attack the tumor, this difference must be manifested on the surface of the tumor cells. Otherwise, it's pretty pointless," Lendahl added... By sequencing DNA from healthy and cancer cells, Wu and her team identified a cancer patient's unique tumor neoantigens. Synthetic copies of these unique neoantigens could be used as a personalized vaccine to activate the immune system to target the cancer cells... Once it had FDA approval, the team vaccinated six patients with advanced melanoma with a seven-shot course of patient-specific neoantigens vaccines. The breakthrough results were published in an 2017 article in Nature. For some patients, this treatment resulted in the immune system's cells being activated and targeting the tumor cells. The results, along with another paper published the same year led by the founders of mRNA vaccine company BioNTech, provided "proof of principle" that a vaccine can be targeted to a person's specific tumor, Lendahl said. A follow-up by Wu's team four years after the patients received the vaccines published in 2021, showed that the immune responses were effective in keeping cancer cells under control... Since then, Wu's team, other groups of medical researchers and pharmaceutical companies, including Merck, Moderna and BioNTech, have further developed this field of research, with trials underway for vaccines that treat pancreatic and lung cancer as well as melanoma. "All the trials underway are small-scale, typically involving a handful of patients with later-stage disease and a high tolerance for safety risks," adds CNN. "To show that these type of cancer vaccines work, much larger randomized control trials are needed."

Read more of this story at Slashdot.

"If you drive a car in California, you may be in for a payday thanks to a lawsuit alleging privacy violations by a Texas company," report SFGate: The 2021 lawsuit, given class-action status in September, alleges that Digital Recognition Network is breaking a California law meant to regulate the use of automatic license plate readers. DRN, a Fort Worth-based company, uses plate-scanning cameras to create location data for people's vehicles, then sells that data to marketers, car repossessors and insurers. What's particularly notable about the case is the size of the class. The court has established that if you're a California resident whose license plate data was collected by DRN at least 15 times since June 2017, you're a class member. The plaintiff's legal team estimates that the tally includes about 23 million people, alleging that DRN cameras were mounted to cars on public roads. The case website lets Californians check whether their plates were scanned. Barring a settlement or delay, the trial to decide whether DRN must pay a penalty to those class members will begin on May 17 in San Diego County Superior Court... The company's cameras scan 220 million plates a month, its website says, and customers can use plate data to "create comprehensive vehicle stories." A lawyer for the firm representing class members told SFGATE Friday that his team will try to show DRN's business is a "mass surveillance program."

Read more of this story at Slashdot.

On Wednesday Boeing "removed executive Ed Clark, the head of its 737 Max passenger jet program," reports CNN, "after a dramatic — and terrifying — midair blowout in January underscored ongoing problems with the jet." A preliminary report by the National Transportation Safety Board found that the four bolts that should have held the door plug in place were missing when the plane left Boeing's factory. The NTSB report did not assess blame for the missing bolts and the accident but in a statement to investors before the findings were released, Boeing CEO Dave Calhoun assumed responsibility for the incident. "We caused the problem, and we understand that," he told investors during a call after reporting the latest quarterly loss at the company. "Whatever conclusions are reached, Boeing is accountable for what happened." Clark, who had been at Boeing for 18 years, had only been in charge of the Max program since March of 2021, assuming that title after the jets had been returned to service following the crashes. But he had previously held roles related to the 737 Max, including as chief engineer and chief 737 mechanic. With the news of Clark's departure, Boeing also announced a shuffling of a number of executives in its Boeing Commercial Airplanes unit. It created a new executive position, Senior Vice President for BCA Quality, and named Elizabeth Lund to that position.

Read more of this story at Slashdot.

Long-time Slashdot reader theodp writes: In 2012, Microsoft President Brad Smith unveiled Microsoft's National Talent Strategy, which called for K-12 Computer Science education for U.S. schoolchildren to address a "talent crisis [that] endangers long-term growth and prosperity". The following year, tech-backed nonprofit Code.org burst onto the scene to deliver that education to schoolchildren, with Smith and execs from tech giants Google and Amazon on its Board of Directors (and Code.org donors Bill Gates and Mark Zuckerberg as lead K-12 CS instructors). Using a mix of paid individuals, universities and other organizations that it helped to fund, along with online self-paced courses, Code.org boasts it quickly "prepared more than 106,000 new teachers to teach CS across grades K-12" through its professional learning programs. "No computer science experience required," Code.org teases prospective K-12 teachers (as does Code.org partner Amazon Future Engineer). Code.org organized K-12 CS teacher workforce expansion workshops. However, at least one state is taking steps to put an end to the practice of rebranding individuals as K-12 CS teachers in as little as a day, albeit with a generous 10-year loophole for currently uncertified K-12 CS teachers. "At the start of the 2024-2025 academic year," reports GovTech, "the New York State Education Department (NYSED) is honing its credential requirements for computer science teachers, though the state has yet to join the growing list of those mandating computer science instruction for high school graduation. According to the department's website, as of Sept. 1, 2024, educators who teach computer science will need either a Computer Science Certificate issued by the state Board of Regents or a Computer Science Statement of Continued Eligibility (SOCE), which may be given to instructors who don't have the specific certificate but have nonetheless taught computer science since Sept. 1, 2017.... "The NYSED website says the SOCE is a temporary measure that will be phased out after 10 years, at which point all computer science instructors will need a Computer Science Certificate."

Read more of this story at Slashdot.

The Guardian reports: The Covid death toll in the U.S. is likely at least 16% higher than the official tally, according to a new study, and researchers believe the cause of the undercounting goes beyond overloaded health systems to a lack of awareness of Covid and low levels of testing. The second year of the pandemic also had nearly as many uncounted excess deaths as the first, the study found. More than 1.1 million Americans have died from Covid, according to official records. But the actual number is assuredly higher, given the high rates of excess deaths. Demographers wanted to know how many could be attributed to Covid, and they drilled down to data at the county level to discover patterns in geography and time. There were 1.2 million excess deaths from natural causes — excluding deaths from accidents, firearms, suicide and overdoses — between March 2020 and August 2022, the researchers estimated, and about 163,000 of those deaths were not attributed to Covid in any way — but most of them should have been, the researchers say... "The mortality that's not considered Covid starts a little bit before the Covid surges officially start and crests a little bit sooner," said Elizabeth Wrigley-Field, associate professor in the department of sociology and the Minnesota Population Center at the University of Minnesota and one of the study's authors. That indicates some people didn't realize their illness was Covid, due to a lack of awareness about its prevalence and low levels of testing. There was also a rise in out-of-hospital deaths — in homes and nursing homes, for instance — which makes ascertaining the cause of death more difficult... "[W]e find over the first 30 months of the pandemic that serious gaps remained in surveillance," said Andrew Stokes, associate professor of global health and sociology at Boston University and one of the study's authors. "Even though we got a lot better at testing for Covid, we were still missing a lot of official Covid deaths" in the U.S., said Jennifer Dowd, professor of demography and population health at University of Oxford, who was not involved in this research. The phenomenon "underscores how badly the U.S. fared as the pandemic continued," Wrigley-Field said. "It does profoundly reflect failures in the public health system." One of the study's authors told the Guardian that the hardest-hit areas were non-metropolitan counties, especially in the west and the south, with fewer resources for investigating deaths (and lower testing levels) — as well as different methodologies for assembling the official numbers.

Read more of this story at Slashdot.

TechTarget notes it was Linkerd's original developers who coined the term "service mesh" — describing their infrastructure layer for communication between microservices. But "There has to be some way of connecting the businesses that are being built on top of Linkerd back to funding the project," argues Buoyant CEO William Morgan. "If we don't do that, then there's no way for us to evolve this project and to grow it in the way that I think we all want." And so, TechTarget reports... Beginning May 21, 2024, any company with more than 50 employees running Linkerd in production must pay Buoyant $2,000 per Kubernetes cluster per month to access stable releases of the project... The project's overall source code will remain available in GitHub, and edge, or experimental early releases of code, will continue to be committed to open source. But the additional work done by Buoyant developers to backport minimal changes so that they're compatible with existing versions of Linkerd and to fix bugs, with reliability guarantees, to create stable releases will only be available behind a paywall, Morgan said... Morgan said he is prepared for backlash from the community about this change. In the last section of a company blog post FAQ about the update, Morgan included a question that reads, in part, "Who can I yell at...?" But industry watchers flatly pronounced the change a departure from open source. "By saying, 'Sorry but we can no longer afford to hand out a production-ready product as free open source code,' Buoyant has removed the open source character of this project," said Torsten Volk, an analyst at Enterprise Management Associates. "This goes far beyond the popular approach of offering a managed version of a product that may include some additional premium features for a fee while still providing customers with the option to use the more basic open source version in production." Open source developers outside Buoyant won't want to contribute to the project — and Buoyant's bottom line — without receiving production-ready code in return, Volk predicted. Morgan conceded that these are potentially valid concerns and said he's open to finding a way to resolve them with contributors... "I don't think there's a legal argument there, but there's an unresolved tension there, similar to testing edge releases — that's labor just as much as contributing is. I don't have a great answer to that, but it's not unique to Buoyant or Linkerd." And so, "Starting in May, if you want the latest stable version of the open source Linkerd to download and run, you will have to go with Buoyant's commercial distribution," according to another report (though "there are discounts for non-profits, high-volume use cases, and other unique needs.") The Cloud Native Computing Foundation manages the open source project. The copyright is held by the Linkerd authors themselves. Linkerd is licensed under the Apache 2.0 license. Buoyant CEO William Morgan explained in an interview with TNS that the changes in licensing are necessary to continue to ensure that Linkerd runs smoothly for enterprise users. Packaging the releases has also been demanding a lot of resources, perhaps even more than maintaining and advancing the core software itself, Morgan explained. He likened the approach to how Red Hat operates with Linux, which offers Fedora as an early release and maintains its core Linux offering, Red Hat Enterprise Linux (RHEL) for commercial clients. "If you want the work that we put into the stable releases, which is predominantly around, not just testing, but also minimizing the changes in subsequent releases, that's hard hard work" requiring input from "world-leading experts in distributed systems," Morgan said. "Well, that's kind of the dark, proprietary side of things."

Read more of this story at Slashdot.

"Crypto mines will have to start reporting their energy use in the U.S.," wrote the Verge in January, saying America's Energy department would "begin collecting data on crypto mines' electricity use, following criticism from environmental advocates over how energy-hungry those operations are." But then "constitutional freedoms" group New Civil Liberties Alliance (founded with seed money from the Charles Koch Foundation) objected. And "on behalf of its clients" — the Texas Blockchain Council and Colorado bitcoin mining company Riot Platforms — the group said it "looks forward to derailing the Department of Energy's unlawful data collection effort once and for all." While America's Energy department said the survey would take 30 minutes to complete, the complaint argued it would take 40 hours. According to the judge, the complaint "alleged three main sources of irreparable injury..." - Nonrecoverable costs of compliance with the Survey - A credible threat of prosecution if they do not comply with the Survey - The disclosure of proprietary information requested by the Survey, thus risking disclosure of sensitive business strategy But more importantly, the survey was implemented under "emergency" provisions, which the judge said is only appropriate when "public harm is reasonably likely to result if normal clearance procedures are followed." Or, as Semafor.com puts it, the complaint was "seeking to push off the reporting deadline, on the grounds that the survey was rushed through...without a public comment period." The judge, Alan Albright, granted the request late Friday night, blocking the [Department of Energy's Information Administration] from collecting survey data or requiring bitcoin companies to respond to it, at least until a more comprehensive injunction hearing scheduled for Feb. 28. The ruling also concludes that the plaintiffs are "likely to succeed in showing that the facts alleged by the U.S. Energy Information Administration to support an emergency request fall far short of justifying such an action." The U.S. Department of Energy is now... Restrained from requiring Plaintiffs or their members to respond to the SurveyRestrained from collecting data required by the Survey"...and shall sequester and not share any such data that Defendants have already received from Survey respondents." Thanks to long-time Slashdot reader schwit1 for sharing the news.

Read more of this story at Slashdot.

An anonymous reader shared this report from CNN: Dynabook Americas, the company formerly known as Toshiba, has recalled 15.5 million Toshiba laptop AC adapters over potential burn and fire hazards. The company said it received 679 reports of the recalled AC adapters overheating or catching on fire, melting and burning, including 43 reports of minor burn injuries. Consumers should stop using the adapters immediately and contact them for a free replacement, Dynabook Americas said. The recall applies to AC adapters sold both alongside Toshiba personal laptop computers and sold separately, with date codes ranging between April 2008 through December 2012. The adapters were manufactured in China. More than 60 models are part of the recall. The company published a webpage listing the impacted model numbers and serial numbers for the adapters. Gatner points out the adapters are for "very old models," so "it's only a very small percentage of the population that is still using them." The article cites figures from Gartner showing that while Toshiba once led the laptop market, it now makes up about 1%. "Nowadays, Lenovo dominates the category with 25%, followed by HP (22%), Dell (17%) and Apple (9%)."

Read more of this story at Slashdot.

Stack Overflow's blog reports on a new programming language called Mariposa. They call it a "toy" programming language, "created as a way to play around with a novel or odd feature, like variable assignment outside of the normal order of execution — more colloquially, time travel." Computer science has long sought to reason about time in electronic systems, thanks to a consistent interest in concurrency and real-time messaging... Mariposa allows you to manipulate the order of execution by assigning an instant to a variable, then setting the context of that instance. Here's a basic example, taken from the Mariposa readme: x = 1 t = now() print(x) at t: x = 2 According to the normal order of operations, this code should print "1". But because t is assigned to the instance in the second line, any modifications specified within an at t: block are applied immediately, and this code prints "2"... While Mariposa caught a fair amount of attention recently, it's not the first implementation of time travel in programming. There is a Haskell package appropriately called tardis, which creates two state transformers: one travels forward in time and one backward. As the docs explain, "The most concise way to explain it is this: getPast retrieves the value from the latest sendFuture, while getFuture retrieves the value from the next sendPast." One function's past is another one's future. The article explores "the history and future of other programming paradigms" applying logic to time, including interval temporal logic systems as well as "modeling, analysis, and verification languages/tools that allow temporal and state modeling without requiring temporal logic understanding."

Read more of this story at Slashdot.

On Wednesday afternoon "a European Space Agency satellite reentered Earth's atmosphere over the North Pacific Ocean..." reports CNN, "and there have been no reports of damage, according to the agency." The agency's Space Debris Office, along with an international surveillance network, monitored and tracked the Earth-observing ERS-2 satellite throughout February to make predictions about the reentry, which occurred at 12:17 p.m. ET Wednesday. The ESA provided continuous live updates on its website. At around 50 miles (80 kilometers) above Earth's surface, the satellite broke apart due to atmospheric drag, and the majority of the fragments were expected to burn up in the atmosphere. The agency said it was possible that some fragments could reach the planet's surface, but the pieces didn't contain any harmful substances and likely fell into the ocean... The ERS-2 satellite had an estimated mass of 5,057 pounds (2,294 kilograms) after depleting its fuel, according to the agency. "Uncontrolled Atmospheric reentry has long been a common method for disposing of space objects at the end of their mission," said Tim Flohrer, head of the agency's Space Debris Office, in a statement. "We see objects similar in size or larger to ERS-2 reentering the atmosphere multiple times each year." The Earth-observing ERS-2 satellite first launched on April 21, 1995, and it was the most sophisticated satellite of its kind at the time to be developed and launched by Europe... In 2011, the agency decided to end the satellite's operations and deorbit it, rather than adding to the swirl of space junk orbiting the planet. The satellite executed 66 deorbiting maneuvers in July and August of 2011 before the mission officially concluded later that year on September 11. The maneuvers burned through the rest of the satellite's fuel and decreased its altitude, setting ERS-2's orbit on a trajectory to slowly spiral closer to Earth and reenter the atmosphere within 15 years. The chances of an individual person being injured by space debris each year are less than 1 in 100 billion, about 1.5 million times lower than the risk of being killed in an accident at home, according to the agency.

Read more of this story at Slashdot.

It was discovered that iwd, the iNet Wireless Daemon, does not properly handle messages in the 4-way handshake used when connecting to a protected WiFi network for the first time. An attacker can take advantage of this flaw to gain unauthorized access to a protected WiFi network if iwd is operating in Access Point (AP) mode.

https://security-tracker.debian.org/tracker/DSA-5631-1

An anonymous reader quotes a report from TechCrunch: In a press release written with help from ChatGPT, Match Group announced an enterprise agreement with the AI chatbot's maker, OpenAI. The new agreement includes over 1,000 enterprise licenses for the dating app giant and home to Tinder, Match, OkCupid, Hinge and others. The AI tech will be used to help Match Group employees with work-related tasks, the company says, and come as part of Match's $20 million-plus bet on AI in 2024. [...] As for the news itself, Match Group says it will begin using the AI tech, and specifically ChatGPT-4, to aid with coding, design, analysis, build templates, and other daily tasks, including, as you can tell, communications. To keep its corporate data protected, only trained and licensed Match Group employees will have access to OpenAI's tools, it noted. Before being able to use these tools, Match Group employees will also have to undergo mandatory training that focuses on responsible use, the technology's capabilities, as well as its limitations. The use will be guided by the company's existing privacy practices and AI principles, too. The company declined to share the cost of the agreement or how it will impact the tech giant's bottom line, but Match believes that the AI tools will make teams more productive. Match execs recently spoke of the company's plans for AI during the company's fourth-quarter earnings, noting that, this year, the app maker will use AI technology to both evolve its existing products and build new ones. The company's Shareholder letter explained how AI could help to improve various aspects of the dating app journey. For instance, it could help with profile creation, where Match is testing features like an AI-powered photo picker, and generative AI for help making bios. The company said that AI will also improve its matching abilities and post-match guidance, in areas like conversation starters, nudges, and offering date ideas.

Read more of this story at Slashdot.

Ashley Belanger reports via Ars Technica: Canada-based University of Waterloo is racing to remove M&M-branded smart vending machines from campus after outraged students discovered the machines were covertly collecting facial-recognition data without their consent. The scandal started when a student using the alias SquidKid47 posted an image on Reddit showing a campus vending machine error message, "Invenda.Vending.FacialRecognitionApp.exe," displayed after the machine failed to launch a facial recognition application that nobody expected to be part of the process of using a vending machine. "Hey, so why do the stupid M&M machines have facial recognition?" SquidKid47 pondered. The Reddit post sparked an investigation from a fourth-year student named River Stanley, who was writing for a university publication called MathNEWS. [...] MathNEWS' investigation tracked down responses from companies responsible for smart vending machines on the University of Waterloo's campus. Adaria Vending Services told MathNEWS that "what's most important to understand is that the machines do not take or store any photos or images, and an individual person cannot be identified using the technology in the machines. The technology acts as a motion sensor that detects faces, so the machine knows when to activate the purchasing interface -- never taking or storing images of customers." According to Adaria and Invenda, students shouldn't worry about data privacy because the vending machines are "fully compliant" with the world's toughest data privacy law, the European Union's General Data Protection Regulation (GDPR). "These machines are fully GDPR compliant and are in use in many facilities across North America," Adaria's statement said. "At the University of Waterloo, Adaria manages last mile fulfillment services -- we handle restocking and logistics for the snack vending machines. Adaria does not collect any data about its users and does not have any access to identify users of these M&M vending machines." [...] But University of Waterloo students like Stanley now question Invenda's "commitment to transparency" in North American markets, especially since the company is seemingly openly violating Canadian privacy law, Stanley told CTV News. On Reddit, while some students joked that SquidKid47's face "crashed" the machine, others asked if "any pre-law students wanna start up a class-action lawsuit?" One commenter summed up students' frustration by typing in all caps, "I HATE THESE MACHINES! I HATE THESE MACHINES! I HATE THESE MACHINES!"

Read more of this story at Slashdot.

On Thursday, the Odysseus Moon lander made history by becoming the first ever privately built and operated robot to complete a soft lunar touchdown. While the lander is "alive and well," the CEO of Houston-based Intuitive Machines, which built and flew the lander, said it tipped over during its final descent, coming up to rest propped up sideways on a rock. The BBC reports: Its owner, Texan firm Intuitive Machines, says Odysseus has plenty of power and is communicating with Earth. Controllers are trying to retrieve pictures from the robot. Steve Altemus, the CEO and co-founder of IM, said it wasn't totally clear what happened but the data suggested the robot caught a foot on the surface and then fell because it still had some lateral motion at the moment of landing. All the scientific instruments that planned to take observations on the Moon are on the side of Odysseus that should still allow them to do some work. The only payload likely on the "wrong side" of the lander, pointing down at the lunar surface, is an art project. "We're hopeful to get pictures and really do an assessment of the structure and assessment of all the external equipment," Mr Altemus told reporters. "So far, we have quite a bit of operational capability even though we're tipped over. And so that's really exciting for us, and we are continuing the surface operations mission as a result of it." The robot had been directed to a cratered terrain near the Moon's south pole, and the IM team believes it got very close to the targeted site - perhaps within a couple of kilometers. A US space agency satellite called the Lunar Reconnaissance Orbiter will search for Odysseus in the coming days.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: Air pollution from traffic is linked to some of the more severe forms of dementia, and could be a significant cause of the condition among those who are not already genetically predisposed to it, research suggests. Research carried out in Atlanta, Georgia, found that people with higher exposure to traffic-related fine particulate matter air pollution were more likely to have high amounts of the amyloid plaques in their brains that are associated with Alzheimer's. The findings, which will alarm anyone living in a town or city, but particularly those living near busy roads, add to the harms already known to be caused by road traffic pollution, ranging from climate change to respiratory diseases. A team of researchers from Atlanta's Emory University set out to specifically investigate the effects on people's brains of exposure the type of fine particulate matter known as PM2.5. This consists of particles of less than 2.5 microns in diameter -- about a hundredth the thickness of a human hair -- suspended in the air, and is known to penetrate deep into living tissue, including crossing the blood-brain barrier. Traffic-related PM2.5 concentrations are a major source of ambient pollution in the metro-Atlanta area, and also in urban centers across the planet. [...] "We found that donors who lived in areas with high concentrations of traffic-related air pollution exposure, in particular PM2.5 exposure, had higher levels of Alzheimer's disease neuropathology in their brain," said Anke Huels, an assistant professor at Emory University in Atlanta, who was the lead author on the study. "In particular, we looked at a score that is used to evaluate evaluate amyloid plaques in the brain, in autopsy samples, and we showed that donors who live in areas with higher levels of air pollution, and also higher levels of amyloid plaques in their brain." There was a positive relationship between exposure to high levels of PM2.5 and levels of amyloid plaques in the brains of the subjects the team examined. They found that people with a 1 ug/m3 higher PM2.5 exposure in the year before death were nearly twice as likely to have higher levels of amyloid plaques in their brains, while those with higher exposure in the three years before death were 87% more likely to have higher levels of plaques. Huels and her team also investigated whether having the main gene variant associated with Alzheimer's disease, ApoE4, had any effect on the relationship between air pollution and signs of Alzheimer's in the brain. "We found that the association between In air pollution and severity of Alzheimer's disease was stronger among those who did not carry an ApoE4 allele, those who did not have that strong genetic risk for Alzheimer disease," Huels said. "Which kind of suggests that environmental exposures like air pollution may explain some of the Alzheimer's risk in people whose risk cannot be explained by genetic risk factor." The findings have been published in the online issue of Neurology, the medical journal of the American Academy of Neurology.

Read more of this story at Slashdot.