Is Bitcoin More Traceable Than Cash?
The New York Times argues that this week
changed Bitcoin's reputation as "secure, decentralized and anonymous" (adding "Criminals, often operating in hidden reaches of the internet, flocked to Bitcoin to do illicit business without revealing their names or locations. The digital currency quickly became as popular with drug dealers and tax evaders as it was with contrarian libertarians.")
"But this week's revelation that federal officials had recovered most of the Bitcoin ransom paid in the recent Colonial Pipeline ransomware attack exposed a fundamental misconception about cryptocurrencies: They are not as hard to track as cybercriminals think..."
[F]or the growing community of cryptocurrency enthusiasts and investors, the fact that federal investigators had tracked the ransom as it moved through at least 23 different electronic accounts belonging to DarkSide, the hacking collective, before accessing one account showed that law enforcement was growing along with the industry... The Bitcoin ledger can be viewed by anyone who is plugged into the blockchain. "It is digital bread crumbs," said Kathryn Haun, a former federal prosecutor and investor at venture-capital firm Andreessen Horowitz. "There's a trail law enforcement can follow rather nicely." Haun added that the speed with which the Justice Department seized most of the ransom was "groundbreaking" precisely because of the hackers' use of cryptocurrency. In contrast, she said, getting records from banks often requires months or years of navigating paperwork and bureaucracy, especially when those banks are overseas...
Tracking down a user's transaction history was a matter of figuring out which public key they controlled, authorities said. Seizing the assets then required obtaining the private key, which is more difficult. It's unclear how federal agents were able to get DarkSide's private key. Justice Department spokesman Marc Raimondi declined to say more about how the F.B.I. seized DarkSide's private key. According to court documents, investigators accessed the password for one of the hackers' Bitcoin wallets, though they did not detail how. The F.B.I. did not appear to rely on any underlying vulnerability in blockchain technology, cryptocurrency experts said. The likelier culprit was good old-fashioned police work. Federal agents could have seized DarkSide's private keys by planting a human spy inside DarkSide's network, hacking the computers where their private keys and passwords were stored, or compelling the service that holds their private wallet to turn them over via search warrant or other means. "If they can get their hands on the keys, it's seizable," said Jesse Proudman, founder of Makara, a cryptocurrency investment site. "Just putting it on a blockchain doesn't absolve that fact...."
The F.B.I. has partnered with several companies that specialize in tracking cryptocurrencies across digital accounts, according to officials, court documents and the companies. Start-ups with names like TRM Labs, Elliptic and Chainalysis that trace cryptocurrency payments and flag possible criminal activity have blossomed as law enforcement agencies and banks try to get ahead of financial crime. Their technology traces blockchains looking for patterns that suggest illegal activity... "Cryptocurrency allows us to use these tools to trace funds and financial flows along the blockchain in ways that we could never do with cash," said Ari Redbord, the head of legal affairs at TRM Labs, a blockchain intelligence company that sells its analytic software to law enforcement and banks. He was previously a senior adviser on financial intelligence and terrorism at the Treasury Department.
The story includes three intriguing quotes:
- Justice Department spokesman Marc Raimondi said the Colonial Pipeline ransom seizure was only the latest of "many seizures, in the hundreds of millions of dollars, from unhosted cryptocurrency wallets" used for criminal activity.
- Hunter Horsley, chief executive of cryptocurrency investment company Bitwise Asset Management, said "The public is slowly being shown, in case after case, that Bitcoin is good for law enforcement and bad for crime — the opposite of what many historically believed."
- A spokesperson for Chainalysis, a start-up that traces cryptocurrency payments, tells the Times that in the end, "cryptocurrencies are actually more transparent than most other forms of value transfer. Certainly more transparent than cash."
NASA Finally Shows Off Assembled 'Space Launch System' Megarocket
The BBC are showing the first set of images of NASA's now-assembled "Space Launch System" (SLS) vehicle, noting that NASA intends to use it to launch a human crew back to the moon later this decade. Testing will take place before astronauts are expected to ride the vehicle to space some time in 2023.
It's enormous. From the BBC's report:
On Friday, engineers at Florida's Kennedy Space Center finished lowering the 65m (212ft) -tall core stage in-between two smaller booster rockets... Nasa plans to launch the SLS on its maiden flight later this year. During this mission, known as Artemis-1, the SLS will carry Orion — America's next-generation crew vehicle — towards the Moon. However, no astronauts will be aboard...
The SLS consists of the giant core stage, which houses propellant tanks and four powerful engines, flanked by two 54m (177ft) -long solid rocket boosters.
In early 2020 the BBC reported that "Some in the space community
believe it would be better to launch deep space missions on commercial rockets. But supporters of the programme say that NASA needs its own heavy-lift launch capability...
"The SLS was designed to re-use technology originally developed for the space shuttle programme, which ran from 1981-2011."
China's 'Zhurong' Rover Takes a Selfie on Mars
The BBC reports:
China's Zhurong rover has sent back a batch of new images from Mars — including a "selfie". The robot, which landed in May, positioned a wireless camera on the ground and then rolled back a short distance to take the snap. To Zhurong's right is the rocket-powered platform that brought the six-wheeled vehicle to a soft touchdown. Both display prominent Chinese flags...
It weighs some 240kg. A tall mast carries cameras to take pictures and aid navigation; five additional instruments will investigate the mineralogy of local rocks and the general nature of the environment, including the weather. Like the current American rovers (Curiosity and Perseverance), Zhurong has a laser tool to zap rocks to assess their chemistry. It also has a radar to look for sub-surface water-ice - a capability it shares with Perseverance.
InfiniteZero writes that the mission's "
full resolution images including a 360 panoramic view of the landing site, can be found at the official CNSA website."
4+ Years in Prison for Home Security Worker Who Accessed Security Cameras to Spy on Women
A security camera installation worker for ADT was
sentenced Wednesday to a little more than four years in federal prison for illegally
accessing the security cameras of more than 200 North Texas customers, reports the
Dallas Morning News:
Telesforo Aviles, age 35, faced a maximum of five years in prison for computer fraud under the terms of his plea agreement, in which he admitted to accessing customer accounts over 9,600 times since 2015.
He was cuffed and taken into custody to begin serving his sentence after the hearing.
The quiet and introverted technician, a senior supervisor with 17 years at ADT, was caught last year after the company was alerted by a customer to suspicious activity, said his lawyer, Tom Pappas. Aviles, who is married with five children, turned himself in when he was asked to, Pappas said. "He's mortified by what he did," Pappas said. "He sees what he did as a betrayal of himself, too." Of the nearly 10,000 images Aviles accessed, about 40 were "sexual in nature" and none involved children, Pappas said.
An ADT spokesman said the company had no comment.
Assistant U.S. Attorney Sid Mody had asked Starr to give Aviles the maximum sentence, saying that while 217 accounts were accessed, the total number of victims is much higher given that each household had multiple family members. That violation, he said, destroyed "in the worst way" their sense of feeling safe and secure at home... Starr said he considered Aviles' cooperation with authorities and lack of a criminal history as well as the fact that the conduct involved a "lengthy period of time." Aviles noted the homes that had "attractive women" and repeatedly logged into their accounts to view the footage, prosecutors said...
ADT has since been hit with class-action lawsuits from customers over the breach.
The article also notes the story of one woman who filed a federal lawsuit last month against ADT. She'd told the court Aviles persuaded her to install cameras in her bedrooms after she'd specifically questioned whether it was truly necessary. "Aviles told her that it was necessary because a burglar could enter the house through the bedroom windows, and the cameras would monitor that," her lawsuit says. "Of course, Aviles' placement of the cameras had nothing to do with potential burglars."
In a statement filed with the court, one female homeowner reportedly
wrote that "This deliberate and calculated invasion of privacy is arguably more harmful than if I had installed no security system and my house had been burglarized."
Seat On Jeff Bezos' Space Trip Sells For $28 Million
The auction has ended for a seat with Jeff Bezos and his brother on
their first Blue Origin flight into space next month. Slashdot reader
ytene writes that a
live-streamed auction for the seat "lasted less than 10 minutes after opening at $4.8 million."
The Hill reports:
That came after nearly 7,600 people from 159 countries had registered to bid on a seat for the July 20 space flight by the time registration closed Thursday, according to ABC News... Blue Origin said the $28 million would be donated to Club for the Future, Blue Origin's 501(c)(3) nonprofit with a mission to "inspire future generations to pursue careers in STEM and to help invent the future of life in space," according to its website... Blue Origin said the fourth and final crew member of the mission will also be announced when the identity of the auction winner is revealed.
Today CNN ran a story headlined "Jeff Bezos is going to space for 11 minutes.
Here's how risky that is." (Or how safe?)
They'll be going up and coming right back down, and they'll be doing it in less time — about 11 minutes — than it takes most people to get to work. Suborbital flights differ greatly from orbital flights of the type most of us think of when we think of spaceflight. Blue Origin's New Shepard flights will be brief, up-and-down trips, though they will go more than 62 miles above Earth, which is widely considered to be the edge of outer space.
Orbital rockets need to drum up enough power to hit at least 17,000 miles per hour, or what's known as orbital velocity, essentially giving a spacecraft enough energy to continue whipping around the Earth rather than being dragged immediately back down by gravity. Suborbital flights require far less power and speed. That means less time the rocket is required to burn, lower temperatures scorching the outside of the spacecraft, less force and compression ripping at the spacecraft, and generally fewer opportunities for something to go very wrong.
New Shepard's suborbital fights hit about about three times the speed of sound — roughly 2,300 miles per hour — and fly directly upward until the rocket expends most of its fuel. The crew capsule will then separate from the rocket at the top of the trajectory and briefly continue upward before the capsule almost hovers at the top of its flight path, giving the passengers a few minutes of weightlessness. It works sort of like an extended version of the weightlessness you experience when you reach the peak of a roller coaster hill, just before gravity brings your cart — or, in Bezos' case, your space capsule — screaming back down toward the ground.
The New Shepard capsule then deploys a large plume of parachutes to slow its descent to less than 20 miles per hour before it hits the ground... Blue Origin's New Shepard capsule, which is fully autonomous and does not require a pilot, has never had an explosive mishap in 15 test flights. And the nature of Bezos' flight means it comes with some inherently lower risks than more ambitious space travel attempts.
But that doesn't mean the risk is zero, either.
Linus Torvalds Tells Anti-Vaxxer To Shut Up On Linux Mailing List
Linus Torvalds was "clearly unamused" by a "humanoid conspiracy theory, and also on its discussion in a Linux kernel topic thread,"
reports Neowin. They add that Torvalds "weighed in quite heavily with some very strong language, mixed with some biology lessons..."
Here's an excerpt
from Torvalds' response (as shared by Slashdot reader
Please keep your insane and technically incorrect anti-vax comments to yourself.
You don't know what you are talking about, you don't know what mRNA is, and you're spreading idiotic lies. Maybe you do so unwittingly, because of bad education. Maybe you do so because you've talked to "experts" or watched youtube videos by charlatans that don't know what they are talking about.
But dammit, regardless of where you have gotten your mis-information from, any Linux kernel discussion list isn't going to have your idiotic drivel pass uncontested from me.
Vaccines have saved the lives of literally tens of millions of people.
Just for your edification in case you are actually willing to be educated: mRNA doesn't change your genetic sequence in any way. It is the exact same intermediate - and temporary - kind of material that your cells generate internally all the time as part of your normal cell processes, and all that the mRNA vaccines do is to add a dose their own specialized sequence that then makes your normal cell machinery generate that spike protein so that your body learns how to recognize it.
The half-life of mRNA is a few hours. Any injected mRNA will be all gone from your body in a day or two. It doesn't change anything long-term, except for that natural "your body now knows how to recognize and fight off a new foreign protein" (which then tends to fade over time too, but lasts a lot longer than a few days). And yes, while your body learns to fight off that foreign material, you may feel like shit for a while. That's normal, and it's your natural response to your cells spending resources on learning how to deal with the new threat.
And of the vaccines, the mRNA ones are the most modern, and the most targeted - exactly because they do *not* need to have any of the other genetic material that you traditionally have in a vaccine (ie no need for basically the whole - if weakened - bacterial or virus genetic material). So the mRNA vaccines actually have *less* of that foreign material in them than traditional vaccines do. And a *lot* less than the very real and actual COVID-19 virus that is spreading in your neighborhood.
Honestly, anybody who has told you differently, and who has told you that it changes your genetic material, is simply uneducated. You need to stop believing the anti-vax lies, and you need to start protecting your family and the people around you. Get vaccinated...
Get vaccinated. Stop believing the anti-vax lies.
And if you insist on believing in the crazy conspiracy theories, at least SHUT THE HELL UP about it on Linux kernel discussion lists.
Dartmouth Abandons Controversial Online Cheating Investigation at Medical School
Dartmouth's Geisel medical school
is dropping its investigation into alleged online cheating, the New York Times reports:
In March, Dartmouth charged 17 students with cheating based on a review of certain online-activity data on Canvas — a popular learning-management system where professors post assignments and students submit their work — during remote exams. The school quickly dropped seven of the cases after at least two students argued that administrators had mistaken automated Canvas activity for human cheating. Now Dartmouth is also dropping allegations against the remaining 10 students, some of whom faced expulsion, suspension, course failures and misconduct marks on their academic records that could have derailed their medical careers.
"I have decided to dismiss all the honor code charges," Duane Compton, dean of the medical school, said in an email to the Geisel community Wednesday evening, adding that the students' academic records would not be affected. "I have apologized to the students for what they have been through."
Dartmouth's decision to dismiss the charges followed a software review by The New York Times, which found that students' devices could automatically generate Canvas activity data even when no one was using them. Dartmouth's practices were condemned by some alumni along with some faculty at other medical schools.
A Dartmouth spokesman said the school could not comment further on the dropping of the charges for privacy reasons.
"The moral of the current story is clear,"
argued the Times reporter on Twitter.
"Colleges that use surveillance tech can end up erroneously accusing some of their best students."
Patch Released for 7-Year-Old Privilege Escalation Bug In Linux Service Polkit
Long-time Slashdot reader
In a blog post on Thursday, GitHub security researcher Kevin Backhouse announced that Polkit, a Linux system service included in several modern Linux distros that provides an organized way for non-privileged processes to communicate with privileged ones, has been harbouring a major security bug for seven years.
The bug, assigned (CVE-2021-3560) allows a non-privileged user to gain administrative shell access with a handful of standard command line tools. The bug was fixed on June 3, 2021 in a coordinated disclosure.
"It's used by systemd," GitHub's blog post points out, "so any Linux distribution that uses systemd also uses polkit..."
"It's very simple and quick to exploit, so it's important that you update your Linux installations as soon as possible. Any system that has polkit version 0.113 (or later) installed is vulnerable. That includes popular distributions such as RHEL 8 and Ubuntu 20.04."
Cryptocurrency Miners Force Changes to Free Tiers at Docker
today's edition of Mike Melanson's "This Week in Programming" column:
This week, Docker announced some changes to Docker Hub Autobuilds — the primary one of interest being that autobuilds would no longer be available to free tier users — and much of the internet let out a collective groan to the tune of "this is why we can't have nice things...!"
"As many of you are aware, it has been a difficult period for companies offering free cloud compute," wrote Shaun Mulligan, principal product manager at Docker in the company's blog post, citing an article that explores how crypto-mining gangs are running amok on free cloud computing platforms. Mulligan goes on to explain that Docker has "seen a massive growth in the number of bad actors," noting that it not only costs them money, but also degrades performance for their paying customers. And so, after seven years of free access to their autobuild feature, wherein even all of you non-paying Docker users could set up continuous integration for your containerized projects, gratis, the end is nigh. Like, really, really nigh, as in next week — June 18.
While Docker offered that they already tried to correct the issue by removing around 10,000 accounts, they say that the miners returned the next week in droves, and so they "made the hard choice to remove Autobuilds...." For its part, Docker has tried to again stave off the criticism, offering users a discount on subscriptions, and offering members of its open source program the ability to continue to use autobuilds for free...
Docker says they've also changed Autobuild "to take advantage of BuildKit by default for improved build performance," increased the number of parallel builds for subscribers, and increased the build instance types, "so you get a beefier machine to build on!" While the changes were apparently inspired by their struggles with cryptocurrency miners, "All of these improvements should see
a faster and more stable build experience with lower queue times..."
"We really appreciate your support and the community's understanding as the whole industry battles against these abusive few."
Nearly $1 Billion in Funding Restored for California Bullet Train
Back in 2009, then-governor of California Arnold Schwarzenegger requested $4.7 billion in federal stimulus money to help
build an 800-mile bullet train system from San Diego to San Francisco. "We're traveling on our trains at the same speed as 100 years ago," the governor said. "That is inexcusable. America must catch up."
Nearly 12 years later, "
a $929-million federal grant for the California bullet train project was restored Thursday," reports the Los Angeles Times, "reversing a decision by the Trump administration to terminate the funding." But their story (shared by Slashdot reader
schwit1) notes this grant has a very long history:
The grant was originally made in 2010 after other states backed out of high-speed rail projects and declined to take the federal support. The California project already had won another $2.5-billion grant from the Obama administration's stimulus program, known as the American Recovery and Reinvestment Act. The Trump action to take back the money was highly controversial, and federal grant experts said such terminations were rare in cases that did not involve fraud but were merely behind schedule.
Ronald Batory, then chief of the Federal Railroad Administration, cited California's multiple failures to forecast accurate schedules, among other problems, in taking the action. Along with House Republicans from California, Trump officials were highly critical of the California project, with former Transportation Secretary Elaine Chao calling it a "bait and switch" on promises made to taxpayers. Chao and Trump had issued an even bigger threat, to claw back the much larger $2.5-billion grant that had already been spent. Despite such rhetoric, the Trump administration never made an attempt to get back the funds.
The $929 million is part of a planned $22.8-billion effort aimed at building a 171-mile partial operating system between Bakersfield and Merced [part of the route between San Francisco and Los Angeles], as well as completing environmental planning and making some high-speed rail investments in Southern California and the Bay Area.
a statement, America's Federal Rail Agency said the settlement "reflects the federal government's ongoing partnership in the development of high-speed rail." And they called their restoration of funding "an important step in advancing an economically transformational project in California."
The Times adds that "Some bullet train advocates believe $10 billion or more from the state and federal government could be added to the project, allowing an expansion of the current construction. But even that much money would not close a roughly $80-billion shortfall needed to connect Los Angeles to San Francisco."
Microsoft's GitHub Releases 'Visual Studio Code' Extension Allowing Editing Without Cloning Repositories
A new extension for Microsoft's code-editing tool, Visual Studio Code, "allows you to open, edit, and commit back to source-control repos without having to clone them on your local machine," explains
a new video.
A Microsoft blog post calls it "a
new experience that we've been building in partnership with our friends at GitHub to enable working with source code repositories quickly and safely inside VS Code."
In VS Code, we've offered integrated support for Git from the very beginning, and we've been supporting many other source control management (SCM) providers through extensions. This has allowed developers to clone and work with repositories directly within VS Code.
However, a large part of what developers do every day involves reading other people's code: reviewing pull requests, browsing open-source repositories, experimenting with new technologies or projects, inspecting upstream dependencies to debug applications, etc. What all of these have in common is that as a first step, you usually clone the repository locally and then open the code in your favorite code editor (which we hope is VS Code!). Yet, cloning a repository takes time, may lead you to review an outdated version of the repo if you forget to pull, and can sometimes be a security risk if you're unfamiliar with the code. The new Remote Repositories extension, published by GitHub, makes the experience of opening source code repositories in VS Code instant and safe. With this, you can quickly browse, search, edit, and commit to any remote GitHub repository (and soon, Azure Repos) directly from within VS Code, no clone necessary!
You can work on as many repos as you like without having to save any source code on your machine. Remote Repositories saves you time and local disk space and empowers you to stay entirely within VS Code for all your source control tasks.
McDonalds Faces Potential Class Action Lawsuit Over Automated Drive-Thru
equiped 10 of its restaurants in Chicago with automated speech-recognition for their drive-through windows. Now they're facing a potential class-action lawsuit. Long-time Slashdot reader
KindMind shares this report from the
McDonald's has been accused of illegally collecting and processing customers' voice recordings without their consent in the U.S. state of Illinois... The state has some of the strictest data privacy laws; its Biometric Information Privacy Act (BIPA) states: "No private entity may collect, capture, purchase, receive through trade, or otherwise obtain a person's or a customer's biometric identifier or biometric information." unless it receives written consent.
"Plaintiff, like the other class members, to this day does not know the whereabouts of his voiceprint biometrics which defendant obtained," Carpenter's lawsuit stated. Under the BIPA, people can receive up to $5,000 in damages from private entities for each violation committed "intentionally or recklessly," or $1,000 if each violation was from negligence instead.
The suit also claimed the machine-learning software built by McD Tech Labs doesn't just transcribe speech into text, it processes audio samples to glean all sorts of personal information to predict a customer's "age, gender, accent, nationality, and national origin."
Why the Music Industry Doesn't Hate YouTube Any More
Record Store Day, an annual event celebrating the culture of independently-owned record stores. And music industry players have said they actually got more money from the sale of vinyl records
than they do from YouTube.
But is that changing? The New York Times reports those figures are from a time when YouTube was only selling ads on (or beside) music videos and then sharing that cash with the record labels and performs:
Fast forward to last week, when YouTube disclosed that it paid music companies, musicians and songwriters more than $4 billion in the prior year. That came from advertising money and something that the industry has wanted forever and is now getting — a cut of YouTube's surprisingly large subscription business. (YouTube subscriptions include an ad-free version of the site and a Spotify-like service to watch music videos without any ads.) The significance of YouTube's dollar figure is that it's not far from the $5 billion that the streaming king Spotify pays to music industry participants from a portion of its subscriptions. (A reminder: The industry mostly loves Spotify's money, but some musicians ïsay that they're shortchanged by the payouts.)
Subscriptions will always be a hobby for YouTube, but the numbers show that even a side gig for the company can be huge. And it has bought peace by raining some of those riches on those behind the music. Record labels and other industry powers "still don't looooove YouTube," Lucas Shaw, a Bloomberg News reporter, wrote this week. "But they don't hate it anymore."
The YouTube turnabout may also show that complaining works. The music industry has a fairly successful track record of picking a public enemy No. 1 — Pandora for awhile, Spotify, YouTube, and more recently apps like TikTok and Twitch — and publicly browbeating it or playing one rich company against another to get more money or something else they wanted.
While the article cites concerns that YouTube is still paying too little (and failing to
stop piracy), "just maybe, YouTube has shown that it's possible for digital companies to both upend an industry and make it stronger."
US Launches Task Force To Open Government Data For AI Research
An anonymous reader quotes a report from The Wall Street Journal:
The Biden administration launched an initiative Thursday aiming to make more government data available to artificial intelligence researchers, part of a broader push to keep the U.S. on the cutting edge of the crucial new technology. The National Artificial Intelligence Research Resource Task Force, a group of 12 members from academia, government, and industry led by officials from the White House Office of Science and Technology Policy and the National Science Foundation, will draft a strategy for potentially giving researchers access to stores of data about Americans, from demographics to health and driving habits. They would also look to make available computing power to analyze the data, with the goal of allowing access to researchers across the country. The task force, which Congress mandated in the National Artificial Intelligence Initiative Act of 2020, is part of an effort across the government to ensure the U.S. remains at the vanguard of technological advancements.
Many researchers, particularly in academia, simply don't have access to these computational resources and data, and this is hampering innovation. One example: The Transportation Department has access to a set of data gathered from vehicle sensors about how people drive, said Erwin Gianchandani, senior adviser at the National Science Foundation and co-chairman of the new AI task force. "Because you have very sensitive data about individuals, there are challenges in being able to make that data available to the broader research community," he said. On the other hand, if researchers could get access, they could develop innovations designed to make driving safer. Census data, medical records, and other data sets could also potentially be made available for research by both private companies and academic institutions, officials said. They said the task force will evaluate how to make such data available while protecting Americans' privacy and addressing other ethical concerns.
How an Army of Goats Could Help Prevent California Wildfires
An anonymous reader quotes a report from VICE News:
California has unleashed an army of goats to munch away at overgrown brush and grass throughout the state in hopes of reducing the risk of wildfires this summer. State agencies have deployed the animals to roam, eat, and wipe out highly flammable vegetation. Recently, in an area near Lake Oroville in Northern California, between 350 and 400 goats cleared nearly five acres of land. And on Sunday, 1,500 goats are scheduled to begin clearing 34 more acres in the area -- by eating everything from invasive species to poison oak to thistle. The animals have also been contracted out to different cities around the state concerned about wildfires, including Anaheim, Oakland, and Los Angeles.
The initiative is part of the state's "Fuel Load Management Plan," started in 2012, which is aimed at reducing large patches of overgrowth throughout the state -- a major source of fuel to wildfire spread. Originally, the state used boots-on-the-ground crews of people armed with chainsaws and wood chippers to clear brush. But California has decided that in some areas, it's goats, not humans, that can help the most. "They eat everything," Kryssy Mache, an environmental scientist at the California Department of Water Resources, told VICE News. And they can also reach up to five feet in the air to nibble tree branches. "It's just another cool concept that we're using. It's not just humans going out and making the difference -- we can also use goats." But the goats are usually just Phase One. In the fall, human crews will come in and trim up area that goats cleared to ensure it remains less vulnerable to fire, according to the DWR.