Alterslash

the unofficial Slashdot digest archive
 

Alterslash picks up to the best 5 comments from each of the day’s Slashdot stories, and presents them on a single page for easy reading.

Is Bitcoin More Traceable Than Cash?

Posted by EditorDavidView on SlashDotShareable Link
The New York Times argues that this week changed Bitcoin's reputation as "secure, decentralized and anonymous" (adding "Criminals, often operating in hidden reaches of the internet, flocked to Bitcoin to do illicit business without revealing their names or locations. The digital currency quickly became as popular with drug dealers and tax evaders as it was with contrarian libertarians.")

"But this week's revelation that federal officials had recovered most of the Bitcoin ransom paid in the recent Colonial Pipeline ransomware attack exposed a fundamental misconception about cryptocurrencies: They are not as hard to track as cybercriminals think..." [F]or the growing community of cryptocurrency enthusiasts and investors, the fact that federal investigators had tracked the ransom as it moved through at least 23 different electronic accounts belonging to DarkSide, the hacking collective, before accessing one account showed that law enforcement was growing along with the industry... The Bitcoin ledger can be viewed by anyone who is plugged into the blockchain. "It is digital bread crumbs," said Kathryn Haun, a former federal prosecutor and investor at venture-capital firm Andreessen Horowitz. "There's a trail law enforcement can follow rather nicely." Haun added that the speed with which the Justice Department seized most of the ransom was "groundbreaking" precisely because of the hackers' use of cryptocurrency. In contrast, she said, getting records from banks often requires months or years of navigating paperwork and bureaucracy, especially when those banks are overseas...

Tracking down a user's transaction history was a matter of figuring out which public key they controlled, authorities said. Seizing the assets then required obtaining the private key, which is more difficult. It's unclear how federal agents were able to get DarkSide's private key. Justice Department spokesman Marc Raimondi declined to say more about how the F.B.I. seized DarkSide's private key. According to court documents, investigators accessed the password for one of the hackers' Bitcoin wallets, though they did not detail how. The F.B.I. did not appear to rely on any underlying vulnerability in blockchain technology, cryptocurrency experts said. The likelier culprit was good old-fashioned police work. Federal agents could have seized DarkSide's private keys by planting a human spy inside DarkSide's network, hacking the computers where their private keys and passwords were stored, or compelling the service that holds their private wallet to turn them over via search warrant or other means. "If they can get their hands on the keys, it's seizable," said Jesse Proudman, founder of Makara, a cryptocurrency investment site. "Just putting it on a blockchain doesn't absolve that fact...."

The F.B.I. has partnered with several companies that specialize in tracking cryptocurrencies across digital accounts, according to officials, court documents and the companies. Start-ups with names like TRM Labs, Elliptic and Chainalysis that trace cryptocurrency payments and flag possible criminal activity have blossomed as law enforcement agencies and banks try to get ahead of financial crime. Their technology traces blockchains looking for patterns that suggest illegal activity... "Cryptocurrency allows us to use these tools to trace funds and financial flows along the blockchain in ways that we could never do with cash," said Ari Redbord, the head of legal affairs at TRM Labs, a blockchain intelligence company that sells its analytic software to law enforcement and banks. He was previously a senior adviser on financial intelligence and terrorism at the Treasury Department.

The story includes three intriguing quotes:
  • Justice Department spokesman Marc Raimondi said the Colonial Pipeline ransom seizure was only the latest of "many seizures, in the hundreds of millions of dollars, from unhosted cryptocurrency wallets" used for criminal activity.
  • Hunter Horsley, chief executive of cryptocurrency investment company Bitwise Asset Management, said "The public is slowly being shown, in case after case, that Bitcoin is good for law enforcement and bad for crime — the opposite of what many historically believed."
  • A spokesperson for Chainalysis, a start-up that traces cryptocurrency payments, tells the Times that in the end, "cryptocurrencies are actually more transparent than most other forms of value transfer. Certainly more transparent than cash."

dumbshit questions for a $1000

By bloodhawk • Score: 3 • Thread
of course it is more traceable than cash, and no it is not anonymous nor has it ever been so.

Government lost a lot of the money in the recovery

By Latent Heat • Score: 3 • Thread

It appears by the time the government had recovered to ransom, Bitcoin had declined substantially in value.

YMMV

cash will slowly become more traceable

By OrangeTide • Score: 3 • Thread

the technology to have cameras over cash registers and to detect printed numbers in an image are both here today, it's only a matter of time before they're combined. Once that's done if the feds want to know the last 10 places a dollar bill has been, perhaps to find security footage of the individual. Well the limitations are legal not technical. I'm sure legal limitations are simple to overcome, pass a bill called Protect Americans from __blank__(cyberfruad? identity theft? doesn't matter really). and erode fourth amendment rights further in the name of safety.

NASA Finally Shows Off Assembled 'Space Launch System' Megarocket

Posted by EditorDavidView on SlashDotShareable Link
Slashdot reader ytene writes: The BBC are showing the first set of images of NASA's now-assembled "Space Launch System" (SLS) vehicle, noting that NASA intends to use it to launch a human crew back to the moon later this decade. Testing will take place before astronauts are expected to ride the vehicle to space some time in 2023.
It's enormous. From the BBC's report: On Friday, engineers at Florida's Kennedy Space Center finished lowering the 65m (212ft) -tall core stage in-between two smaller booster rockets... Nasa plans to launch the SLS on its maiden flight later this year. During this mission, known as Artemis-1, the SLS will carry Orion — America's next-generation crew vehicle — towards the Moon. However, no astronauts will be aboard...

The SLS consists of the giant core stage, which houses propellant tanks and four powerful engines, flanked by two 54m (177ft) -long solid rocket boosters.

In early 2020 the BBC reported that "Some in the space community believe it would be better to launch deep space missions on commercial rockets. But supporters of the programme say that NASA needs its own heavy-lift launch capability...

"The SLS was designed to re-use technology originally developed for the space shuttle programme, which ran from 1981-2011."

Not complete

By hackertourist • Score: 3 • Thread

'Assembled' implies it's complete. The photos however show the first stage with the SRBs. Missing are the second stage and payload.

China's 'Zhurong' Rover Takes a Selfie on Mars

Posted by EditorDavidView on SlashDotShareable Link
The BBC reports: China's Zhurong rover has sent back a batch of new images from Mars — including a "selfie". The robot, which landed in May, positioned a wireless camera on the ground and then rolled back a short distance to take the snap. To Zhurong's right is the rocket-powered platform that brought the six-wheeled vehicle to a soft touchdown. Both display prominent Chinese flags...

It weighs some 240kg. A tall mast carries cameras to take pictures and aid navigation; five additional instruments will investigate the mineralogy of local rocks and the general nature of the environment, including the weather. Like the current American rovers (Curiosity and Perseverance), Zhurong has a laser tool to zap rocks to assess their chemistry. It also has a radar to look for sub-surface water-ice - a capability it shares with Perseverance.

Slashdot reader InfiniteZero writes that the mission's " full resolution images including a 360 panoramic view of the landing site, can be found at the official CNSA website."

Re:Meh.

By Iamthecheese • Score: 5, Insightful • Thread
The real story, obviously, is that China has a functioning rover on Mars. I'm happy to see the Chinese rover get some love. It would be different if we saw post after post about it, but most nerds don't even know that China has sent a lander capable of returning moon dust, and completed that mission. The Chinese space effort represents some serious engineering and science and I, for one, would like to see it recognized when it accomplishes something historic.

Re:Always copying something...

By gosso920 • Score: 5, Insightful • Thread
To be honest, our space program copied from Germany...

4+ Years in Prison for Home Security Worker Who Accessed Security Cameras to Spy on Women

Posted by EditorDavidView on SlashDotShareable Link
A security camera installation worker for ADT was sentenced Wednesday to a little more than four years in federal prison for illegally accessing the security cameras of more than 200 North Texas customers, reports the Dallas Morning News: Telesforo Aviles, age 35, faced a maximum of five years in prison for computer fraud under the terms of his plea agreement, in which he admitted to accessing customer accounts over 9,600 times since 2015.

He was cuffed and taken into custody to begin serving his sentence after the hearing.

The quiet and introverted technician, a senior supervisor with 17 years at ADT, was caught last year after the company was alerted by a customer to suspicious activity, said his lawyer, Tom Pappas. Aviles, who is married with five children, turned himself in when he was asked to, Pappas said. "He's mortified by what he did," Pappas said. "He sees what he did as a betrayal of himself, too." Of the nearly 10,000 images Aviles accessed, about 40 were "sexual in nature" and none involved children, Pappas said.

An ADT spokesman said the company had no comment.

Assistant U.S. Attorney Sid Mody had asked Starr to give Aviles the maximum sentence, saying that while 217 accounts were accessed, the total number of victims is much higher given that each household had multiple family members. That violation, he said, destroyed "in the worst way" their sense of feeling safe and secure at home... Starr said he considered Aviles' cooperation with authorities and lack of a criminal history as well as the fact that the conduct involved a "lengthy period of time." Aviles noted the homes that had "attractive women" and repeatedly logged into their accounts to view the footage, prosecutors said...

ADT has since been hit with class-action lawsuits from customers over the breach.

The article also notes the story of one woman who filed a federal lawsuit last month against ADT. She'd told the court Aviles persuaded her to install cameras in her bedrooms after she'd specifically questioned whether it was truly necessary. "Aviles told her that it was necessary because a burglar could enter the house through the bedroom windows, and the cameras would monitor that," her lawsuit says. "Of course, Aviles' placement of the cameras had nothing to do with potential burglars."

In a statement filed with the court, one female homeowner reportedly wrote that "This deliberate and calculated invasion of privacy is arguably more harmful than if I had installed no security system and my house had been burglarized."

Re:5 years seems excessive

By kmoser • Score: 5, Insightful • Thread
He wasn't charged with being a perv. He was charged with computer fraud, which in America is way worse than being a perv.

Re:5 years seems excessive

By The Evil Atheist • Score: 4, Insightful • Thread
He's the scapegoat for his own actions?

Re:5 years seems excessive

By Beryllium Sphere(tm) • Score: 4, Informative • Thread

Even people who agree with the sentence might have reservations about the lifetime of wreckage that follows a conviction. Occupational licenses may be unavailable after a felony conviction, and job hunting is at a severe handicap. Even finding a place to live can be hard.

He's wrecked his whole life, for nothing. If he wanted to see naked women, presumably he had an Internet connection.

The problem is fundamental

By ytene • Score: 3 • Thread
In Season 3 of Babylon 5, in an episode called "Messages from Earth", there is a scene where the station leader of a fascistic little Earth Government outfit called "NightWatch" enters a security station to speak with the 2nd in command of Station Security. After a little conversation, the NightWatch representative, preparing to leave, looks up at a wall of surveillance monitors that are showing scenes of people throughout the station, eyes gleaming.

"You know sometimes, watching them like this, without them even knowing we're here, it makes you feel a little like God, doesn't it?" he asks, before leaving...

The incidents involving Mr Aviles all took place because his employer, ADT, created a situation with a significant power imbalance. In this case, that imbalance enabled and empowered Mr Aviles to abuse the trust and invade the privacy of literally thousands of ADT customers.

But this is no different from the cop who runs a background check on his daughter's boyfriend. It's no different from the tekkie at work who has admin access to your company mail server and who reads all the emails of the girl he fancies, to see if she has a boyfriend. It's no different from the President who orders his Justice Department to obtain the phone records of his political opponents because he believes without proof that they must have been responsible for a leak that harmed his reputation.

What do all these scenarios have in common?

They involve two key ingredients: the first is an operating model or configuration or setup in which one party is granted or takes significant, overwhelming power or authority or control over another party. The second is darkness - the absence of light that would be shone if the operating model or configuration had robust, effective and transparent oversight.

I make these observations not because I'm trying to equate the actions of Mr Aviles spying on women with the former President spying on his political opponents - both are obviously very wrong, but they are different classes of wrong because of the nature of the activity. I make them because they reveal something critical to our understanding of the problem. This is a significant, dark aspect of human nature at work. Now, some people might take a little convincing that humanity can be like this "given half a chance". In support of this view, I'd ask you to consider publications like "National Enquirer" - i.e. the "Gutter Press" - outlets where scandal and long-lens photographs and salacious tell-all stories from "check-book journalism" can be found. If that darker aspect of human nature did not exist, there would be no market for the National Enquirer.

If we can accept, then, that this (is/may well be) the case, then we can move on to asking ourselves what needs to be done about this.

To get that discussion started, I'll suggest that all of the examples I've cited could be addressed through really tough, effective privacy legislation. In some cases - particularly where power is used asymmetrically by someone holding public office [the example I offered was the former President, but it could be mayors, police chiefs, city councillors, school heads, commanding officers] then there could also be "abuse of office" considerations.

But there are at least a couple of things we need to do, if we're willing to accept that this darker side of human nature exists. The first is to actively recognize scenarios in which that aspect of personalities could acquire the potential to abuse. The second is to learn how to design operational practices that enforce checks and balances, so that everyone knows that abuse will be detected and will be dealt with.

As a society, we recognize that there will be times and circumstances in which we need to grant some people extraordinary authority. But that authority doesn't have to be granted "in darkness". We can demand that it is conditionally granted only with "light" - with oversight and supervision. As the US

Remember jail sentences for corporate data leaks?

By ffkom • Score: 3 • Thread
No week is passing without a number of reports on what company exposed what sensitive personal customer data to criminals or business-partners (often both). Yet I cannot remember a single jail sentence for any high ranking person responsible for those data leaks. As if the only true crime regarding data theft / abuse is when some lonely peeping tom peeps.

Seat On Jeff Bezos' Space Trip Sells For $28 Million

Posted by EditorDavidView on SlashDotShareable Link
The auction has ended for a seat with Jeff Bezos and his brother on their first Blue Origin flight into space next month. Slashdot reader ytene writes that a live-streamed auction for the seat "lasted less than 10 minutes after opening at $4.8 million."

The Hill reports: That came after nearly 7,600 people from 159 countries had registered to bid on a seat for the July 20 space flight by the time registration closed Thursday, according to ABC News... Blue Origin said the $28 million would be donated to Club for the Future, Blue Origin's 501(c)(3) nonprofit with a mission to "inspire future generations to pursue careers in STEM and to help invent the future of life in space," according to its website... Blue Origin said the fourth and final crew member of the mission will also be announced when the identity of the auction winner is revealed.
Today CNN ran a story headlined "Jeff Bezos is going to space for 11 minutes. Here's how risky that is." (Or how safe?) They'll be going up and coming right back down, and they'll be doing it in less time — about 11 minutes — than it takes most people to get to work. Suborbital flights differ greatly from orbital flights of the type most of us think of when we think of spaceflight. Blue Origin's New Shepard flights will be brief, up-and-down trips, though they will go more than 62 miles above Earth, which is widely considered to be the edge of outer space.

Orbital rockets need to drum up enough power to hit at least 17,000 miles per hour, or what's known as orbital velocity, essentially giving a spacecraft enough energy to continue whipping around the Earth rather than being dragged immediately back down by gravity. Suborbital flights require far less power and speed. That means less time the rocket is required to burn, lower temperatures scorching the outside of the spacecraft, less force and compression ripping at the spacecraft, and generally fewer opportunities for something to go very wrong.

New Shepard's suborbital fights hit about about three times the speed of sound — roughly 2,300 miles per hour — and fly directly upward until the rocket expends most of its fuel. The crew capsule will then separate from the rocket at the top of the trajectory and briefly continue upward before the capsule almost hovers at the top of its flight path, giving the passengers a few minutes of weightlessness. It works sort of like an extended version of the weightlessness you experience when you reach the peak of a roller coaster hill, just before gravity brings your cart — or, in Bezos' case, your space capsule — screaming back down toward the ground.

The New Shepard capsule then deploys a large plume of parachutes to slow its descent to less than 20 miles per hour before it hits the ground... Blue Origin's New Shepard capsule, which is fully autonomous and does not require a pilot, has never had an explosive mishap in 15 test flights. And the nature of Bezos' flight means it comes with some inherently lower risks than more ambitious space travel attempts.

But that doesn't mean the risk is zero, either.

Going to his "Foundation"

By JoshuaZ • Score: 4, Interesting • Thread
The Club for the Future is nominally a charitable foundation, but they seem to be doing very little. If one looks at their website https://www.clubforfuture.org/, pretty much the major thing they are doing is getting children to send in postcards which are then flown on New Shepherd and returned to the children. So despite being nominally a charity, the only thing they are doing which is supposed to be getting children excited about space is essentially just advertising for Blue Origin. I tried to find out if they were doing more, but there 990-PF form is not listed on the IRS where it should be https://apps.irs.gov/app/eos/allSearch. This may be just because it has only very recently gotten 501 (c) (3) status, so they haven't filed a 990 yet, but it doesn't really look great. My basic reaction is that when people complain about wealthy people making nominal charitable foundations that don't really do any substantial charitable activity, this is pretty close to what they are talking about.

Somebody's desperate ...

By John Cavendish • Score: 3 • Thread

to meet J. Bezos.
Isn't it a price of a ~week stay at ISS with Soyuz seat and training?

Who the hell are these people?

By AlanObject • Score: 5, Insightful • Thread

It always blows me away how many people can show up -- in this case nearly 8,000 -- who have $5M disposable cash they are willing to blow on what amounts to a glorified carnival ride.

Can you imagine what kind of "escorts" they are able to afford?

Yeah, I get it. Historic. True zero G. Curvature of the Earth. Most of all: privilege. And all yours for $28M not $5M.

If anyone wanted proof that we live in a stratified global society with an untouchable overclass here it is.

Roller Coaster

By ghoul • Score: 4, Insightful • Thread
You go up, a few moments of weightlessness and then you go down. How is this joke carnival ride get someone astronaut wings. You should at least make orbit if not leave earth neighborhood to get astronaut wings.

Not paying to fly

By esperto • Score: 3 • Thread

Whomever bought the ticket is not paying to fly, is paying to have access to Bezos for several hours or even days, to take pictures and videos together with him all over the news and etc. the flight is just a side event, this is pretty much like those benefit dinners for the uber rich that on paper is for donating money to charity but in practice is for network building.

Linus Torvalds Tells Anti-Vaxxer To Shut Up On Linux Mailing List

Posted by EditorDavidView on SlashDotShareable Link
Linus Torvalds was "clearly unamused" by a "humanoid conspiracy theory, and also on its discussion in a Linux kernel topic thread," reports Neowin. They add that Torvalds "weighed in quite heavily with some very strong language, mixed with some biology lessons..."

Here's an excerpt from Torvalds' response (as shared by Slashdot reader Hmmmmmm): Please keep your insane and technically incorrect anti-vax comments to yourself.

You don't know what you are talking about, you don't know what mRNA is, and you're spreading idiotic lies. Maybe you do so unwittingly, because of bad education. Maybe you do so because you've talked to "experts" or watched youtube videos by charlatans that don't know what they are talking about.

But dammit, regardless of where you have gotten your mis-information from, any Linux kernel discussion list isn't going to have your idiotic drivel pass uncontested from me.

Vaccines have saved the lives of literally tens of millions of people.

Just for your edification in case you are actually willing to be educated: mRNA doesn't change your genetic sequence in any way. It is the exact same intermediate - and temporary - kind of material that your cells generate internally all the time as part of your normal cell processes, and all that the mRNA vaccines do is to add a dose their own specialized sequence that then makes your normal cell machinery generate that spike protein so that your body learns how to recognize it.

The half-life of mRNA is a few hours. Any injected mRNA will be all gone from your body in a day or two. It doesn't change anything long-term, except for that natural "your body now knows how to recognize and fight off a new foreign protein" (which then tends to fade over time too, but lasts a lot longer than a few days). And yes, while your body learns to fight off that foreign material, you may feel like shit for a while. That's normal, and it's your natural response to your cells spending resources on learning how to deal with the new threat.

And of the vaccines, the mRNA ones are the most modern, and the most targeted - exactly because they do *not* need to have any of the other genetic material that you traditionally have in a vaccine (ie no need for basically the whole - if weakened - bacterial or virus genetic material). So the mRNA vaccines actually have *less* of that foreign material in them than traditional vaccines do. And a *lot* less than the very real and actual COVID-19 virus that is spreading in your neighborhood.

Honestly, anybody who has told you differently, and who has told you that it changes your genetic material, is simply uneducated. You need to stop believing the anti-vax lies, and you need to start protecting your family and the people around you. Get vaccinated...

Get vaccinated. Stop believing the anti-vax lies.

And if you insist on believing in the crazy conspiracy theories, at least SHUT THE HELL UP about it on Linux kernel discussion lists.

Re: Basically keep that stuff out of a technical l

By cjonslashdot • Score: 5, Insightful • Thread
So many incorrect statements here, and each one invalidates your premise. You should do more research on mRNA, and on how COVID-19 infects vascular and nerve cells (unlike influenza). And study the epidemiology of SAR-2, because you donâ(TM)t know what you are talking about with regard to risks, especially if you consider that we have flu vaccines that reduce symptom severity in most people. Clearly you have been reading carefully constructed misinformation, designed to be convincing and sound sophisticated and credible, but I am sorry to tell you that your elaborate web of reasons is an interlinked set of falsehoods.

Re:well put

By jeff4747 • Score: 5, Insightful • Thread

You don't respond to anti-vaxxers to convince them. Their minds are made up, and can not be changed.

You respond because there's other people reading their bullshit, and if you don't counter it those readers may become anti-vaxxers too.

Re:Good for him

By jeff4747 • Score: 5, Informative • Thread

And where is the ‘science’ behind vaccinating people who’ve already had the virus?

The decades of research on immunology.

Long-term immunity depends on a giant list of variables, and none of them can be controlled with a natural infection. As a result, scientists have no idea if someone with a mild case of COVID-19 will generate lasting immunity.

Someone who recovered from a severe case (ie. hospitalized) will probably have long-lasting immunity, but it hasn't been proven yet. If they only had a mild to asymptomatic case, they may not develop a long-lasting immunity. We know it doesn't "stick" with some other diseases in mild-to-asymptomatic cases.

The recommendation to vaccinate people who already had COVID is based on that. The vaccine changes many of those variables to "known values", so scientists have a good idea that you will produce a long-term immunity. And that's also why they only recommend giving only one of the two doses - the natural infection is used as the first dose.

In the long run, it may turn out to not be necessary to get that one-of-two doses in a mild-to-asymptomatic case. We'll find out in a few years when more study can be done. In the meantime, getting that one shot has not been shown to cause harm, and extra doses of other vaccines are known to not be harmful.

So get your fucking shot and stop murdering people with your stupidity.

Re:Basically keep that stuff out of a technical li

By Barsteward • Score: 5, Funny • Thread
i got vaccinated because i wanted enhanced GPS and 5G capability

Re:Basically keep that stuff out of a technical li

By thegarbz • Score: 4, Informative • Thread

None of these are political views.

I didn't say these people's views are political. I said vaccination is a political topic because politicians pander to the views. To pretend otherwise is ignorant of politics. I haven't heard a congressperson come out in favour of pineapple on pizza, but the topic of vaccinations, every aspect of it, how and to whom it should be administered seems to have been quite a talking point on floor of both the house and senate.

If that doesn't make something political then I think you and I are looking up that word in very different dictionaries.

Dartmouth Abandons Controversial Online Cheating Investigation at Medical School

Posted by EditorDavidView on SlashDotShareable Link
Dartmouth's Geisel medical school is dropping its investigation into alleged online cheating, the New York Times reports: In March, Dartmouth charged 17 students with cheating based on a review of certain online-activity data on Canvas — a popular learning-management system where professors post assignments and students submit their work — during remote exams. The school quickly dropped seven of the cases after at least two students argued that administrators had mistaken automated Canvas activity for human cheating. Now Dartmouth is also dropping allegations against the remaining 10 students, some of whom faced expulsion, suspension, course failures and misconduct marks on their academic records that could have derailed their medical careers.

"I have decided to dismiss all the honor code charges," Duane Compton, dean of the medical school, said in an email to the Geisel community Wednesday evening, adding that the students' academic records would not be affected. "I have apologized to the students for what they have been through."

Dartmouth's decision to dismiss the charges followed a software review by The New York Times, which found that students' devices could automatically generate Canvas activity data even when no one was using them. Dartmouth's practices were condemned by some alumni along with some faculty at other medical schools.

A Dartmouth spokesman said the school could not comment further on the dropping of the charges for privacy reasons.

"The moral of the current story is clear," argued the Times reporter on Twitter.

"Colleges that use surveillance tech can end up erroneously accusing some of their best students."

Re:In person exams are the only way.

By AmiMoJo • Score: 4, Insightful • Thread

Just ditch exams. They are a crap way if measuring ability anyway, especially for estimating job performance.

We have better methods, let's use them.

Bring anything but a live friend

By Mrtsquare • Score: 5, Insightful • Thread
The most difficult tests are open book tests. They demonstrate a true understanding of the material. But then, open book tests are also the most difficult for the staff/instructors to develop and grade.

Re:In person exams are the only way.

By Sique • Score: 4, Interesting • Thread
Here we have a case with no cheaters. We have a case of false accusation. What you are doing is some kind of victim blaming. "They had it coming, because cheater will always try to find a way."

No.

Surely an honor code

By Growlley • Score: 3, Insightful • Thread
cuts both ways and means you don't make allegations until you are in a position to prove it to a stringent degree. Peoplewho approved the proescution of this case should resign.

Just Do Open Note Exams or Projects

By strech • Score: 3 • Thread

I'm a grad student (pursuing PhD) and my classes used no cheat detection or surveillance (they even told us to turn our cameras off for bandwidth reasons; some students weren't necessarily even in the country at the time) and dealt with things in two pretty obvious ways:

1. Semester projects.
2. Open Note tests.

Now, this is probably easier for some classes than others; at grad level they can throw you a bunch of previously unanalyzed data and tell you to do analysis on it, and there's not going to be anything online you can just copy the way you could in say an English Literature class. But for tests doing open notes makes more sense. Especially compared to the Canvas detection methods used here, which are not going to catch (say) someone who just downloaded all the stuff that was on Canvas already.

Patch Released for 7-Year-Old Privilege Escalation Bug In Linux Service Polkit

Posted by EditorDavidView on SlashDotShareable Link
Long-time Slashdot reader wildstoo writes: In a blog post on Thursday, GitHub security researcher Kevin Backhouse announced that Polkit, a Linux system service included in several modern Linux distros that provides an organized way for non-privileged processes to communicate with privileged ones, has been harbouring a major security bug for seven years.

The bug, assigned (CVE-2021-3560) allows a non-privileged user to gain administrative shell access with a handful of standard command line tools. The bug was fixed on June 3, 2021 in a coordinated disclosure.

"It's used by systemd," GitHub's blog post points out, "so any Linux distribution that uses systemd also uses polkit..."

"It's very simple and quick to exploit, so it's important that you update your Linux installations as soon as possible. Any system that has polkit version 0.113 (or later) installed is vulnerable. That includes popular distributions such as RHEL 8 and Ubuntu 20.04."

My systemd-free Gentoo is just fine

By AcidFnTonic • Score: 5, Informative • Thread

No issue with my opted out systemd-free Gentoo install....

#Toldyaso.

Seven years!

By 93 Escort Wagon • Score: 4, Funny • Thread

Microsoft says "Bah! Child's play! Hold my beer"...

20 years

17 years

In related news - I didn't realize systemd had been inflicted on us for seven years already! Seems more like 100...

Re:My systemd-free Gentoo is just fine

By Randseed • Score: 5, Insightful • Thread

No issue with my opted out systemd-free Gentoo install....

#Toldyaso.

^^^ This. I know the arguments for systemd vs. the traditional init system, but in reality systemd is more trouble than it's worth in many cases. That entire paradigm of ideas leads to not even having easily accessible logs for processes. I mean, I want to be able to look at syslog and see everything. If I need to filter it, I can either use pipes and shell level tools, or I can write a program that goes off and intelligently filters the logs. Systemd, to me, at least, always seemed like somebody's idea of chasing the badly designed Windows Registry and whatever passes for their error reporting system.

Nope. Nobody said "all bugs are don't exist"

By raymorris • Score: 5, Informative • Thread

ESR didn't say "all bugs are don't exist".

I'm pretty sure I've explained this to you before, so I think you actually know better.

ESR didn't say "all bugs are don't exist", if that's what you thought. He didn't say "there are never any bugs in open source software".

Around that time, Internet Explorer had a known issue that Microsoft had listed on MSDN for two years, with no fix. Two years after publication of CATB, four years after the issue was known, Microsoft released a partial fix - because they couldn't figure out how to actually fix it. It was another three years before the responsible team at Microsoft finally fixed the bug. Seven years from finding the bug to a proper fix.

The "many eyes" quote you referred to is:

--
Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix obvious to someone.

Or, less formally, "Given enough eyeballs, all bugs are shallow.'' I dub this: "Linus's Law''.

My original formulation was that every problem "will be transparent to somebody''. Linus demurred that the person who understands and fixes the problem is not necessarily or even usually the person who first characterizes it. "Somebody finds the problem,'' he says, "and ***somebody else understands it.***"

--

When Shellshock came out, just on one mailing list alone there were about 150 of us looking at it and trying to find the best solution. People were proposing different patches and adjustments to the functionality. We were digging deep into the problem. A few hours after Shellshock came out, Florian Weimer said on the list that the issue could not be "fixed", the feature couldn't be patched to make it safe. He said the feature needed to just be disabled, removed, because it could not be made safe. Over the next two days several people submitted patches to make it safe. For every suggested patch, someone found a way around it. None of the patches made it secure.

About 2 1/2 days in, it became apparent to everyone that every patch was bound to fail; we started to see why you simply couldn't have that function and be secure. We started to see what Florian had seen immediately. We had been digging deep, trying to understand the implications of every possible change. For Florian it was shallow, the fix was obvious to someone, and that time someone was Florian. "Given enough eyeballs, all bugs are shallow; the fix will be obvious to someone". Not "all bugs are not exist".

Contrast the 2 1/2 days to come to a thorough understanding and proper fix for the bug in the open source vs the seven years the issue languished in IE, with a broken half-fix for three years.

For the current issue, it was fixed June 3rd. "Problem will be characterized quickly" - already fixed, not a known vulnerability languishing for years while script kiddies hit it over and over and over.

Well, no systemd here

By gweihir • Score: 3 • Thread

I prefer to use well-written software.

Cryptocurrency Miners Force Changes to Free Tiers at Docker

Posted by EditorDavidView on SlashDotShareable Link
From today's edition of Mike Melanson's "This Week in Programming" column: This week, Docker announced some changes to Docker Hub Autobuilds — the primary one of interest being that autobuilds would no longer be available to free tier users — and much of the internet let out a collective groan to the tune of "this is why we can't have nice things...!"

"As many of you are aware, it has been a difficult period for companies offering free cloud compute," wrote Shaun Mulligan, principal product manager at Docker in the company's blog post, citing an article that explores how crypto-mining gangs are running amok on free cloud computing platforms. Mulligan goes on to explain that Docker has "seen a massive growth in the number of bad actors," noting that it not only costs them money, but also degrades performance for their paying customers. And so, after seven years of free access to their autobuild feature, wherein even all of you non-paying Docker users could set up continuous integration for your containerized projects, gratis, the end is nigh. Like, really, really nigh, as in next week — June 18.

While Docker offered that they already tried to correct the issue by removing around 10,000 accounts, they say that the miners returned the next week in droves, and so they "made the hard choice to remove Autobuilds...." For its part, Docker has tried to again stave off the criticism, offering users a discount on subscriptions, and offering members of its open source program the ability to continue to use autobuilds for free...

Docker says they've also changed Autobuild "to take advantage of BuildKit by default for improved build performance," increased the number of parallel builds for subscribers, and increased the build instance types, "so you get a beefier machine to build on!" While the changes were apparently inspired by their struggles with cryptocurrency miners, "All of these improvements should see a faster and more stable build experience with lower queue times..."

"We really appreciate your support and the community's understanding as the whole industry battles against these abusive few."

Re:Crypto currency ruins everything

By rsilvergun • Score: 5, Insightful • Thread
No but it hasn't been around that long. The additional pollution created by mining Bitcoin is absolutely going to get people killed as it expands and is used more. The alternative is proof of stake. But that's so easily manipulated by top players as to be completely worthless for the purpose crypto is traditionally said to be well suited. That is to say freedom. There is absolutely no valid use case for cryptocurrency. It is an absolutely terrible idea of it needs to go away.

This is obvious, but...

By Randseed • Score: 4, Interesting • Thread
Ideally we'd just go back to a standard based on some physical asset with built-in scarcity, like gold. The problem is that in the modern world it is very difficult to transfer something like that quickly across any distance. You have to worry about how to subdivide it (I don't want to pay $15 in silver coin for a loaf of bread), or have to buy crap I don't need to pad my bill to get to that denomination). I guess the only real way to do this is to go back to a physically-backed currency system. That stops the Federal Reserve from just printing money and devaluing the currency because they would have to have the physical assets to back it. Since the elimination of the gold standard, what we basically did was give the central banks the ability to say "Um, we're borrowing against future production. It'll be there. We're from the government and we're here to help."

Re:Crypto currency ruins everything

By Dutch Gun • Score: 5, Insightful • Thread

Money is the root of all evil.

It's the love of money which is the root of all evil. Money itself is just a tool.

Come on, intelligence agencies

By Applehu Akbar • Score: 3 • Thread

Find a way to break cryptocurrency before it ruins everything else.

Re: This is obvious, but...

By Dixie_Flatline • Score: 4, Insightful • Thread

No, the exact opposite. Money is a way to free yourself from a resource that could otherwise be productive. Trading cattle is inefficient because the cattle have an inherent worth that you could use instead of using it as a store of value. You could eat it, say. But then trading it becomes a struggle of whether you want to eat it or get something else. Money that can be only used for money fixes that.

The problem with cryptocurrency is that we are now taking otherwise useful electricity and churning through it to make...bits that we use to trade. It is a regression, because we already had a system where we trade bits in a database and it didnâ(TM)t have this insane overhead.

Nearly $1 Billion in Funding Restored for California Bullet Train

Posted by EditorDavidView on SlashDotShareable Link
Back in 2009, then-governor of California Arnold Schwarzenegger requested $4.7 billion in federal stimulus money to help build an 800-mile bullet train system from San Diego to San Francisco. "We're traveling on our trains at the same speed as 100 years ago," the governor said. "That is inexcusable. America must catch up."

Nearly 12 years later, " a $929-million federal grant for the California bullet train project was restored Thursday," reports the Los Angeles Times, "reversing a decision by the Trump administration to terminate the funding." But their story (shared by Slashdot reader schwit1) notes this grant has a very long history: The grant was originally made in 2010 after other states backed out of high-speed rail projects and declined to take the federal support. The California project already had won another $2.5-billion grant from the Obama administration's stimulus program, known as the American Recovery and Reinvestment Act. The Trump action to take back the money was highly controversial, and federal grant experts said such terminations were rare in cases that did not involve fraud but were merely behind schedule.

Ronald Batory, then chief of the Federal Railroad Administration, cited California's multiple failures to forecast accurate schedules, among other problems, in taking the action. Along with House Republicans from California, Trump officials were highly critical of the California project, with former Transportation Secretary Elaine Chao calling it a "bait and switch" on promises made to taxpayers. Chao and Trump had issued an even bigger threat, to claw back the much larger $2.5-billion grant that had already been spent. Despite such rhetoric, the Trump administration never made an attempt to get back the funds.

The $929 million is part of a planned $22.8-billion effort aimed at building a 171-mile partial operating system between Bakersfield and Merced [part of the route between San Francisco and Los Angeles], as well as completing environmental planning and making some high-speed rail investments in Southern California and the Bay Area.

In a statement, America's Federal Rail Agency said the settlement "reflects the federal government's ongoing partnership in the development of high-speed rail." And they called their restoration of funding "an important step in advancing an economically transformational project in California."

The Times adds that "Some bullet train advocates believe $10 billion or more from the state and federal government could be added to the project, allowing an expansion of the current construction. But even that much money would not close a roughly $80-billion shortfall needed to connect Los Angeles to San Francisco."

Re:How the west was won via railroads

By cheesybagel • Score: 4, Insightful • Thread

They are building it there first because it is where it is easiest to get the right of way.
Even then they still haven't acquired all the land there either.

They shouldn't be building without acquiring the land first. That is one reason why costs are so high.

Re:USA needs to update...

By Miamicanes • Score: 5, Informative • Thread

The problem in the US isn't "lack of density" per se, it's the fact that ironically, we have too much of the "wrong kind" of density.

In Europe, building HSR involves expensive runs through dense urban areas, but eventually, you break through a semi-invisible line a few kilometers beyond the city center where you HAVE open countryside again. In the US, if you were to route a rail line so it hit the center of every big city along its route, you could conceivably go for HUNDREDS of miles before the tracks ran through anything truly rural.

Consider Florida. For all intents and purposes, the east coast of Florida is a semi-continuous city stretching from Jacksonville to Key Largo. The only visible breaks are basically areas where nothing is ALLOWED to get built. That doesn't necessarily mean the urbanized zone is WIDE... in places like the area north of Titusville, "downtown" is only a mile or two east of open countryside west of I-95... but if you're going to insist upon putting every city's station at the literal downtown, there's only so much meandering you can do before it becomes hopeless to even try avoiding routes that pass through single-family suburbia.

This was a HUGE problem the original planners for Florida's proposed HSR had to contend with. They identified one route that plowed south in a straight line from downtown to downtown, and would have cost hundreds of billions of dollars. They identified a second route that diverted inland south of Boca Raton, followed the Sawgrass Expressway, put "Fort Lauderdale's" station out by Sawgrass Mills & Weston, then basically routed along US-27 and above the existing Tri-Rail tracks to get the train to Miami International Airport. It was ENORMOUSLY cheaper... but would have PROFOUNDLY compromised the train's usefulness in Miami (Fort Lauderdale is a tougher call... Sunrise/Weston would have been about equally useful for residents, but mostly useless for visitors).

The fundamental problem with putting Miami's station at MIA is the fact that development around that station would have been forever constrained by the fact that most of the area is consumed by buildings related to the airport, and new buildings would have been height-limited due to planes taking off and landing overhead... so if you'd taken the train to MIA, you would have still had ANOTHER 30-60 minutes of travel to get to wherever you were actually GOING. The main advantage of putting the station downtown is that you can then build lots of stuff within a few blocks around it, so a company with its HQ there can have people take the train in for a meeting, walk a block or two from the station/ and be there quickly instead of having the train just be the first half of the trip.

As luck would have it, the straight-line ideal route happens to be more or less the exact route that Brightline is now using. Basically, railroad execs read FDOT's papers, realized having passenger rail along that route would someday be a license to print money, politely declined offers to buy their ROW, then launched Brightline instead. Why "license to print money?" Because every business-case analysis done by Florida concluded that the route would lose money IF it were built as a brand new corridor to HSR standards, and would HEMORRHAGE money when you took debt service on the corridor purchase into account... but would turn an outright PROFIT on operation if it ran at 110-125mph on upgraded (but not completely rebuilt) tracks. FEC said, "hey... wait a sec... WE ALREADY OWN THOSE TRACKS, so if we can get the state to get us the corridor to Orlando and Tampa, WE could be the ones making money hand over fist", and the rest is history.

Re:The Bullet Train is a running joke

By Darinbob • Score: 4, Interesting • Thread

Eminent domain is legal, however politically it has a lot of landmines. Few people donating to campaigns care if you tear down a long strip of slums, but don't you dare get anywhere near a middle or upperclass neighborhood!

Things may have changed somewhat.. It used to be that train stations, even light rail, were in the poor areas of town. Now there are hipster apartments that want to be close to the station since they can now do a commute without a car much more easily. Even in some of the new BART stations you are seeing a much more upscale set of apartments and stores being build. Meanwhile, bus stations like Greyhound are still in the poor parts of town, because richer people and hipsters never take the bus.

/SMH - seriously, this is on again?

By kenh • Score: 3 • Thread

The Trump action to take back the money was highly controversial, and federal grant experts said such terminations were rare in cases that did not involve fraud but were merely behind schedule.

Merely behind schedule? Did we forget to mention the tens of billions of dollars in projected cost over-runs?

The $929 million is part of a planned $22.8-billion effort aimed at building a 171-mile partial operating system between Bakersfield and Merced

[part of the route between San Francisco and Los Angeles], as well as completing environmental planning and making some high-speed rail investments in Southern California and the Bay Area.

That's a staggering $131.6 million per mile -to get from Bakersfield to Merced, and another $80 Billion is expected to be needed to complete the trip from SF to LA.

This is a "Bigger than the Big Dig" boondoggle by at least an order of magnitude.

https://en.m.wikipedia.org/wik...

https://en.m.wikipedia.org/wik...

With all the stops along the way, how fast will this "bullet train" trip from SF to LA in 2038 (or whenever they actually finish it) ? Will it still be just $55/one-way?

Trains are obsolete.

By 140Mandak262Jamuna • Score: 3 • Thread
Trains need heavy investment in tracks, track maintenance, rolling stock, signalling, terminals for embarkation and disembarkation.... No way this is going to be really viable. Its time for USA to leap frog over this.

Simple thing to do: Peel off a lane in each direction in existing highways, separate it from rest of traffic using jersey barrier or walls. Mark this special lane with special RFID beacons and other sensors to make self driving vehicles possible. Exits/entrances once in 40 miles or so. Commercial vehicles will be certified and will have authorized software to communicate with other vehicles and road sensors and waystations. For private cars there should self driving skates, you park your car on top and lock the wheels down. Skate leaves one parking lot, and stops at the destination parking lot. Vehicles negotiate with one another to let them merge in from entrances. All completely autonomous driving enabled by the road. We can easily reach 120 mph for such vehicles.

A overnight journey can cover 1200 miles, at your schedule. And you get a car at the destination. You save motel stay and car rental at the destination.

Investment needed is a fraction of what it takes to build a HSR line.

Microsoft's GitHub Releases 'Visual Studio Code' Extension Allowing Editing Without Cloning Repositories

Posted by EditorDavidView on SlashDotShareable Link
A new extension for Microsoft's code-editing tool, Visual Studio Code, "allows you to open, edit, and commit back to source-control repos without having to clone them on your local machine," explains a new video.

A Microsoft blog post calls it "a new experience that we've been building in partnership with our friends at GitHub to enable working with source code repositories quickly and safely inside VS Code." In VS Code, we've offered integrated support for Git from the very beginning, and we've been supporting many other source control management (SCM) providers through extensions. This has allowed developers to clone and work with repositories directly within VS Code.

However, a large part of what developers do every day involves reading other people's code: reviewing pull requests, browsing open-source repositories, experimenting with new technologies or projects, inspecting upstream dependencies to debug applications, etc. What all of these have in common is that as a first step, you usually clone the repository locally and then open the code in your favorite code editor (which we hope is VS Code!). Yet, cloning a repository takes time, may lead you to review an outdated version of the repo if you forget to pull, and can sometimes be a security risk if you're unfamiliar with the code. The new Remote Repositories extension, published by GitHub, makes the experience of opening source code repositories in VS Code instant and safe. With this, you can quickly browse, search, edit, and commit to any remote GitHub repository (and soon, Azure Repos) directly from within VS Code, no clone necessary!

You can work on as many repos as you like without having to save any source code on your machine. Remote Repositories saves you time and local disk space and empowers you to stay entirely within VS Code for all your source control tasks.

Defeats the purpise

By bradley13 • Score: 5, Informative • Thread
One of the big advantages of having two levels of repositories is the ability to work locally, secure your work with a commit, and test locally before pushing. Seems like this defeats the purpose, unless you are just casually browsing. As for forgetting to pull: cry me a river. There is no need to support people who screw up the basics.

GitLab

By awwshit • Score: 3 • Thread

What if I want to do this with GitLab?

You missed the point.

By waspleg • Score: 4, Insightful • Thread

Extend.

Re:Defeats the purpise

By Antique Geekmeister • Score: 4, Insightful • Thread

> There is no need to support people who screw up the basics.

Have you ever noticed that people will pay you to fix those errors, or protect them from such errors? People can, and do, make very foolish mistakes. Protecting people from accidental errors pays quite a lot of my salary.

Git is also vulnerable to developers hiding their work, editing files locally without ever recording them in the source control and deploying code or publishing configuration changes from the edits on their laptop, with no published record of what they deployed. Enforcing the model of "code can only be activated by recording it in the main repo" can be awkward, and it conflicts with some of the distributed development advantages of git. But for a centralized resource such as, say, firewall rules, it can be a lifesaver.

McDonalds Faces Potential Class Action Lawsuit Over Automated Drive-Thru

Posted by EditorDavidView on SlashDotShareable Link
McDonald's equiped 10 of its restaurants in Chicago with automated speech-recognition for their drive-through windows. Now they're facing a potential class-action lawsuit. Long-time Slashdot reader KindMind shares this report from the Register: McDonald's has been accused of illegally collecting and processing customers' voice recordings without their consent in the U.S. state of Illinois... The state has some of the strictest data privacy laws; its Biometric Information Privacy Act (BIPA) states: "No private entity may collect, capture, purchase, receive through trade, or otherwise obtain a person's or a customer's biometric identifier or biometric information." unless it receives written consent.

Shannon Carpenter, a resident of Illinois, sued [PDF] McDonald's in April on behalf of himself and all other affected state residents. He claimed the fast-chow biz has broken BIPA by not obtaining written consent from its customers to collect and process their voice data, nor has it explained in its privacy policy how or if the data is stored or deleted. His lawsuit also stated that McDonald's has been experimenting with AI software taking orders at its drive thrus since last year.

"Plaintiff, like the other class members, to this day does not know the whereabouts of his voiceprint biometrics which defendant obtained," Carpenter's lawsuit stated. Under the BIPA, people can receive up to $5,000 in damages from private entities for each violation committed "intentionally or recklessly," or $1,000 if each violation was from negligence instead.

The suit also claimed the machine-learning software built by McD Tech Labs doesn't just transcribe speech into text, it processes audio samples to glean all sorts of personal information to predict a customer's "age, gender, accent, nationality, and national origin."

Re:Okay

By ShanghaiBill • Score: 5, Insightful • Thread

What's the actual reason to take McD's to court over this?

Here is the reason: $.

Many of these frivolous lawsuits aren't because a client had a grievance and found a lawyer but because a lawyer saw an opportunity and found a client. The lawyer can file a class-action lawsuit, collect a payout from McDonald's to shut up and go away, and the customers get a coupon for free fries with their next Big Mac.

Would it be cool if the drive-thrus just used touch screen kiosks instead of AI software?

Sounds like a great way to spread Covid.

Re:Okay

By jonsmirl • Score: 4, Interesting • Thread

Don't you know that the Illinois BIPA Act is better known as the Billionaire Class Action Lawyers Benefits Act? All it does is funnel billions of dollars to Illinois class action lawyers. Of course they will never repeal this insanity.

I hope the judge points out that the lawyers are free to get out of their car and walk up to the counter. At counter they can pass over their written orders. Wouldn't want anyone hearing their angelic voices. I for one believe that responding to the prompt instead of walking away implies consent. But I am sure they will come up with some legal nonsense saying that is not true.

As for the touchscreen, it is difficult to get it close enough to the cars to reach. And then people would likely run into it with their cars. You have a rear view mirror blocking access to the window.

Re:Slippery slope...

By Solandri • Score: 4, Interesting • Thread

I suppose if they were keeping all the voice data and then tying it to the digital transaction you could potentially build a database of people based on their voice signature. If they put up a camera to take a picture of the drive and add that to the database, you got some cool stuff to sell here.

It seems like the camera would be far more valuable for that purpose. You could take a pic of the license plate, cross-reference it to get an address and name (though you get that anyway if they pay by credit card). The only added value I can see to getting a voiceprint is to sell to other companies wanting to use voiceprint recognition. That may become something in the future (I hope not, but dystopian views all seem to point that way). But it would seem to have little to no marginal value today.

They could just be using this as a way to attack McDs for using automation instead of hiring people. This is just the beginning.

While driving cross-country, I stayed at a motel in a small town in the middle of the desert, New Mexico I think. I went through the drive-thru of a Jack in the Box at midnight to get something to eat. The person who took my order had a southern accent, which I thought was unusual enough that I asked him about it to make some small talk. Turns out he was actually in a call center in Alabama or thereabouts. At night time, each individual Jack in the Box didn't get enough customers to warrant hiring someone to take drive-thru orders. So they'd wired all their drive-thru boxes to connect to a call center in one location. That way one employee could take drive-thru orders from multiple Jack in the Boxes, and punch the order in and transmit it back to that store's computer.

Re:Okay

By suutar • Score: 4, Insightful • Thread

Yeah, it sounds like they've effectively outlawed the answering machine and voicemail.

They'll settle, become blameless

By rsilvergun • Score: 3 • Thread
and carry on with the behavior. Then they'll lobby for an exception to the law. I guess the lawyer will make a few million bucks off it.

Why the Music Industry Doesn't Hate YouTube Any More

Posted by EditorDavidView on SlashDotShareable Link
Today is Record Store Day, an annual event celebrating the culture of independently-owned record stores. And music industry players have said they actually got more money from the sale of vinyl records than they do from YouTube.

But is that changing? The New York Times reports those figures are from a time when YouTube was only selling ads on (or beside) music videos and then sharing that cash with the record labels and performs: Fast forward to last week, when YouTube disclosed that it paid music companies, musicians and songwriters more than $4 billion in the prior year. That came from advertising money and something that the industry has wanted forever and is now getting — a cut of YouTube's surprisingly large subscription business. (YouTube subscriptions include an ad-free version of the site and a Spotify-like service to watch music videos without any ads.) The significance of YouTube's dollar figure is that it's not far from the $5 billion that the streaming king Spotify pays to music industry participants from a portion of its subscriptions. (A reminder: The industry mostly loves Spotify's money, but some musicians ïsay that they're shortchanged by the payouts.)

Subscriptions will always be a hobby for YouTube, but the numbers show that even a side gig for the company can be huge. And it has bought peace by raining some of those riches on those behind the music. Record labels and other industry powers "still don't looooove YouTube," Lucas Shaw, a Bloomberg News reporter, wrote this week. "But they don't hate it anymore."

The YouTube turnabout may also show that complaining works. The music industry has a fairly successful track record of picking a public enemy No. 1 — Pandora for awhile, Spotify, YouTube, and more recently apps like TikTok and Twitch — and publicly browbeating it or playing one rich company against another to get more money or something else they wanted.

While the article cites concerns that YouTube is still paying too little (and failing to stop piracy), "just maybe, YouTube has shown that it's possible for digital companies to both upend an industry and make it stronger."

Enter youtube-dl

By pbry4n • Score: 3 • Thread
And anyone is now a "youtube-dl -x" way from creating their own music collection for free. YouTube has become the largest provider of free music in the world.

Because they control it

By rsilvergun • Score: 5, Interesting • Thread
they did the same thing with MP3.com. Originally MP3.com had some questionable business practices. They pivoted to hosting bands, and the bands were making good money without the help of record companies. For a short while it seemed like the era of mega corporations controlling music was over.

Then they sued, shut everything down and it was business as usual. Because we have a ruling class, they make the rules, and we let them for reasons that escape me.

Re:The Truth About Music Revenue

By UnknowingFool • Score: 5, Informative • Thread

Part of the problem is that most artists used to sign over their copyrights to record companies to get their first albums made. Later in their careers, smart bands and artists try to keep their copyrights for new work as well as buy back their original copyrights. A second problem is that even with copyrights, the artists would only get a portion of the revenue as there are manufacturing and distribution costs; however, digital versions should have lower cots. Many artists like Weird Al Yankovic complained in the early days of digital distribution that the record companies were keeping the same portion even though their costs should have been lower.

The real crux of the issue is that if artists rely on others like record companies to manage different aspects they are going to be charged for it and sometimes disproportionately. Take for example an online music store like Apple Music. If a band signs on with a record company and has the record company manage their account with Apple, there might be all sorts of fees that record company is going to charge them. Also the band may not even know exactly how many sales they got to determine if the charges were ridiculous. A band may not know that they are being charged an outrageous 75% or a more fair 10% . The band could do all the work themselves of setting up with Apple Music but they will have to manage that. These days it may be easy for a band whose primary focus is music to let others manage these things as well as social media presence, etc.

How much of that is from theft?

By Solandri • Score: 5, Interesting • Thread
That is, filing a DMCA notice against someone's video which incidentally contains 10 seconds of your copyrighted music playing in the background, and thus getting the entirety of that 10 minute video's ad revenue sent to you instead of to the video creator. We've swung so far to one extreme on copyright enforcement, that copyright now actually enables stealing money from content creators.

The music labels need to come up with a licensing scheme for YouTube similar to what they do for restaurants and bars. The restaurant pays a fixed amount (usually a few hundred dollars a year) based on their capacity, and that gives them a blanket license to play copyrighted music for their customers to hear. A similar licensing scheme for YouTube would be trivial to implement. Just set the price tiers according to the total numbers of viewing hours that channel receives in a year (analogous to customer dining hours in a restaurant). And a channel which licensed music this way would be exempt from DMCA notices for music violations.

That the industry doesn't do this, suggests that they're making a lot more money by stealing other content creators' ad revenue, than they think they would get from a blanket licensing system. Which in itself would be proof that the DMCA goes too far in protecting copyright (you can use the DMCA to make more money than you can from copyright).

Re:How much of that is from theft?

By acroyear • Score: 5, Interesting • Thread

The problem with the blanket license fee is that it is disproportionally allocated to the latest "hits". In the ASCAP license, radio airplay still dominates how the funds are distributed. Those accounting systems were set up more than 50 years ago and they've never changed.

You, as a nightclub owner, can basically say "we're going to play Simple Minds, non-stop, for 4 hours tonight!", and in spite of that dedicated effort to promote the work of Jim Kerr and company (as well as the writers of Don't You Forget About Me), Justin Bieber and his songwriting team are going to get all the money collected for the night from the venue, because Peaches was number one yet again.

So to introduce the performers side of the site-license model in the same way, you'll end up with the same thing: instead of Spotify and Youtube etc allocating at least something on the basis of the work actually being played, they'll just send the whole thing to the label and say "you figure it out"...and the label will reward its biggest artists and ignore the rest, just like ASCAP does when individual accounting is discarded.

Should there be a standard streaming price "per song per listener, divided by percentage of the song that is actually included, etc etc (all things software can calculate very easily)"? and automatic approval such that works can't be arbitrarily yanked, or the value of the stream owed to an artist is relative to the amount of the stream the artists work actually occupied rather than they get it all?

Of course.

But asking the labels or ASCAP to set it up is asking for the same theft that the current site-license system has in the restaurant model: they'll use their own accounting they already have, and 99.99% of their artists will get screwed, many worse than they already are.

"The history of the music industry is a history of exploitation and theft." -- Robert Fripp

US Launches Task Force To Open Government Data For AI Research

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from The Wall Street Journal: The Biden administration launched an initiative Thursday aiming to make more government data available to artificial intelligence researchers, part of a broader push to keep the U.S. on the cutting edge of the crucial new technology. The National Artificial Intelligence Research Resource Task Force, a group of 12 members from academia, government, and industry led by officials from the White House Office of Science and Technology Policy and the National Science Foundation, will draft a strategy for potentially giving researchers access to stores of data about Americans, from demographics to health and driving habits. They would also look to make available computing power to analyze the data, with the goal of allowing access to researchers across the country. The task force, which Congress mandated in the National Artificial Intelligence Initiative Act of 2020, is part of an effort across the government to ensure the U.S. remains at the vanguard of technological advancements.

Many researchers, particularly in academia, simply don't have access to these computational resources and data, and this is hampering innovation. One example: The Transportation Department has access to a set of data gathered from vehicle sensors about how people drive, said Erwin Gianchandani, senior adviser at the National Science Foundation and co-chairman of the new AI task force. "Because you have very sensitive data about individuals, there are challenges in being able to make that data available to the broader research community," he said. On the other hand, if researchers could get access, they could develop innovations designed to make driving safer. Census data, medical records, and other data sets could also potentially be made available for research by both private companies and academic institutions, officials said. They said the task force will evaluate how to make such data available while protecting Americans' privacy and addressing other ethical concerns.

Good datasets are hard to find

By Okian Warrior • Score: 5, Interesting • Thread

Shouldn't they have to prove they've developed an Artificial Intelligence? I would be a little less excited about AI doing the job than a really good algorithm. I can't trust AI, but if an open algorithm is used (and applied 'as is'), I'd be more comfortable letting it process government data. At least I can depend on people being corrupt. Who knows about AI...

I do a lot of AI research, and finding good training data is really hard.

Here's a suggestion for anyone who wants to enter the field: pick a problem that is difficult for computers but that humans find easy, then try to find a dataset to train on, then think through the steps needed to solve the problem.

Text can sometimes be difficult. I've been on Kaggle and seen text challenges where the data contains snips of HTML tags (not the entire tag, just snips here and there), Project Gutenberg has typos in text and encoding, there's no easy way to distinguish between narrative text and other forms (dictionary, poetry, or inventory lists) which are not narrative, online text from reviews or posts has a ton of abbreviations, mistypos, leet-speek, and has a tone and tenor that isn't representative of normal speech.

The simplest image sources are probably the zipcode digit recognizing images, which are scanned and already hand-labelled so we know what the correct answer is... which is fine, except that for actual V1-style recognition you need greyscale and not binary (1=white, 0=black) images. You can get greyscale versions, but these are greyscale interpolations of the binary original scans! The data is shot through with quantization noise.

An acquaintance was kind enough to send me a set of high-res topo images (example) from mars. The images are X-Y-Z, black-and-white with Z being the ground-level altitude. Craters are obvious in profile, the base of a crater is lower than the surrounding land (and mostly flat). (Mostly - some nuance applies.)

Craters are circles, and a human has no problem identifying the location and size. Craters can overlap, and a human has no problem telling which crater came first, and whether it's old or young depending on the weathering of the edge.

...but just try to come up with an algorithm that detects circles that are invariant to position, size, completeness of edge (overlap), and thickness of edge.

...and isn't an heuristic specific to circles, and would apply to any other trained feature like our visual system does.

I feel lucky to have the Mars image data to play with - having a conceptually simple problem with really good data helps eliminate a lot of proposed algorithms for how AI really works.

But finding good data is surprisingly hard.

(I'm well aware of the myriad AI data corpora online. Many have defects in some form or another, as listed.)

(Apropos of nothing: I scraped slashdot for all comments score 3+, thinking it would have typos and usage representative of quality typing. It mostly is, but the narrative thread doesn't match well. Most comments are responses to other comments, and have missing conceptual bits that need the previous comment for context, and the tree-structure allows multiple responses missing the context and son on.)

How an Army of Goats Could Help Prevent California Wildfires

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from VICE News: California has unleashed an army of goats to munch away at overgrown brush and grass throughout the state in hopes of reducing the risk of wildfires this summer. State agencies have deployed the animals to roam, eat, and wipe out highly flammable vegetation. Recently, in an area near Lake Oroville in Northern California, between 350 and 400 goats cleared nearly five acres of land. And on Sunday, 1,500 goats are scheduled to begin clearing 34 more acres in the area -- by eating everything from invasive species to poison oak to thistle. The animals have also been contracted out to different cities around the state concerned about wildfires, including Anaheim, Oakland, and Los Angeles.

The initiative is part of the state's "Fuel Load Management Plan," started in 2012, which is aimed at reducing large patches of overgrowth throughout the state -- a major source of fuel to wildfire spread. Originally, the state used boots-on-the-ground crews of people armed with chainsaws and wood chippers to clear brush. But California has decided that in some areas, it's goats, not humans, that can help the most. "They eat everything," Kryssy Mache, an environmental scientist at the California Department of Water Resources, told VICE News. And they can also reach up to five feet in the air to nibble tree branches. "It's just another cool concept that we're using. It's not just humans going out and making the difference -- we can also use goats." But the goats are usually just Phase One. In the fall, human crews will come in and trim up area that goats cleared to ensure it remains less vulnerable to fire, according to the DWR.

Re:Goats are great, but...

By HiThere • Score: 4, Interesting • Thread

At various times and places they *did* overpopulate the area. This generally resulted in a collapse of the cities in that area. You can blame this on weather cycles, with several bad decades in succession, but that was only important because the area was populated beyond it's carrying capacity in bad times.

FWIW, we've overpopulated the carrying capacity of the area. Currently of just about every area on earth. Carrying capacity isn't fixed, as it depends on things like technologies used for food storage and irrigation, but we seem to be well beyond the permanent carrying capacity at current levels of technologies (including social engineering).

Re:Goats are great, but...

By theshowmecanuck • Score: 5, Informative • Thread
They didn't live in relative peace. They attacked and fought their neighbours as much as any other people in the world. They just couldn't kill as many without the wheel, horses to ride (they were brought by the Spanish), and with only stone age weapons until Europeans came. You want some reality, look what the Iroquois Nations did to the Hurons once they had European weapons: genocide. They attacked and killed off almost all the Hurons, except for around 1000. There was even some ritualistic canabalism. Warlike tribes like the Haida would go to the south coast of what is BC and northwest Washing State to attack, get slaves, and eat a couple of unfortunates as a show of power, then go back home. Kind of like Viking raiding parties. It's a good thing they didn't have metal tools or guns or there wouldn't be any Salish or Tsawwassen tribes left. And you can be sure the same things happened in what is now the USA. I wish this whole peaceful guardians of the land bullshit would just fuck off. The only reason they didn't rape the land and their neighbours as much as anyone else in the world is no one was smart enough to get out of the stone age. Until Europeans came.

Start more fires

By stikves • Score: 4, Informative • Thread

Yes, heard it right.

Before "the white man cometh", the natives used to start small controlled fires to get rid of the excess fuel in the Yosemite area:
https://atmos.earth/yosemite-i...

With all their wisdom, and "trying to preserve the nature, and reduce greenhouse gases", we have banned the practice. In fact it is said that even collecting dead bushes for camp fires is a punishable offense. You have to bring your tinder with you.

But, forest fires are a required part of the ecosystem. In fact we write articles about how "redwood seeds need fire to grow":
https://www.pbs.org/wnet/natur...

Even then, we go and stop every fire that will get rid off the excess dead wood. And all of a sudden all those combined fuel start ablaze and even the entire state coming together cannot stop it.

Do not fight the nature. You can never win.

Re:Goats are great, but...

By sarren1901 • Score: 5, Informative • Thread

Relative peace? Bullshit. They were a bunch of tribes that fought each other over resources and land, same as today. That was apparent even when we got here in the 1600s. No different in what we now call Latin American.

Heck, had the native tribes actually been on the same page, Columbus would of never secured any kind of a foothold nor would anyone else coming. Instead, some native groups worked with Columbus to gang up on their enemies, not realizing what Columbus would ultimately usher in.

But yeah, mostly peaceful. Sure.

Goats eating undergrowth.

By Oligonicella • Score: 3 • Thread
It works. We use them on kudzu around here. Nothing else eats that crap.

To those worried about them becoming invasive: They're not just "set free". They're tethered to an old tire and moved daily.