Alterslash

the unofficial Slashdot digest for 2020-Aug-02 today archive
 

Alterslash picks up to the best 5 comments from each of the day’s Slashdot stories, and presents them on a single page for easy reading.

A 17-Year-Old's Journey: Minecraft, SIM-Swapping Bitcoin Heists, Breaching Twitter

Posted by EditorDavidView on SlashDotShareable Link
The New York Times tells the story of the 17-year-old "mastermind" arrested Friday for the takeover of dozens of high-profile Twitter accounts.

They report that Graham Ivan Clark "had a difficult family life" and " poured his energy into video games and cryptocurrency" after his parents divorced when he was 7, and he grew up in Tampa, Florida with his mother, "a Russian immigrant who holds certifications to work as a facialist and as a real estate broker." By the age of 10, he was playing the video game Minecraft, in part to escape what he told friends was an unhappy home life. In Minecraft, he became known as an adept scammer with an explosive temper who cheated people out of their money, several friends said.... In late 2016 and early 2017, other Minecraft players produced videos on YouTube describing how they had lost money or faced online attacks after brushes with Mr. Clark's alias "Open...."

Mr. Clark's interests soon expanded to the video game Fortnite and the lucrative world of cryptocurrencies. He joined an online forum for hackers, known as OGUsers, and used the screen name Graham$... Mr. Clark described himself on OGUsers as a "full time crypto trader dropout" and said he was "focused on just making money all around for everyone." Graham$ was later banned from the community, according to posts uncovered by the online forensics firm Echosec, after the moderators said he failed to pay Bitcoin to another user who had already sent him money to complete a transaction.

Still, Mr. Clark had already harnessed OGUsers to find his way into a hacker community known for taking over people's phone numbers to access all of the online accounts attached to the numbers, an attack known as SIM swapping. The main goal was to drain victims' cryptocurrency accounts. In 2019, hackers remotely seized control of the phone of Gregg Bennett, a tech investor in the Seattle area. Within a few minutes, they had secured Mr. Bennett's online accounts, including his Amazon and email accounts, as well as 164 Bitcoins that were worth $856,000 at the time and would be worth $1.8 million today... In April, the Secret Service seized 100 Bitcoins from Mr. Clark, according to government forfeiture documents... Mr. Bennett said in an interview that a Secret Service agent told him that the person with the stolen Bitcoins was not arrested because he was a minor... By then, Mr. Clark was living in his own apartment in a Tampa condo complex...

[L]ess than two weeks after the Secret Service seizure, prosecutors said Mr. Clark began working to get inside Twitter. According to a government affidavit, Mr. Clark convinced a "Twitter employee that he was a co-worker in the IT department and had the employee provide credentials to access the customer service portal."

The plan was to sell access to the breached Twitter accounts, but Clark apparently began cheating his customers again, the Times reports — "reminiscent of what Mr. Clark had done earlier on Minecraft..."

"Mr. Clark, who prosecutors said worked with at least two others to hack Twitter but was the leader, is being charged as an adult with 30 felonies."

Re:Charged as an adult

By Dutch Gun • Score: 5, Informative • Thread

Don't throw him in jail. Give him a job at the NSA.

So I guess that gives us an idea of the quality of the individuals working at the NSA then...

No, all it means is that some people on Slashdot have some very silly ideas about the type of people the NSA are actually looking to recruit. Absolutely no one is clamoring to hire an idiot like this.

Re:Charged as an adult

By rtb61 • Score: 4, Informative • Thread

The nature of the crime, reflected the nature of the individuals criminal capabilities, not consideration of the harm caused by the crime, just how readily they believed they could get away with it and how much they could make. People say, divorced parents, bad home life for child, bad child but ignore the other reality the parents got divorced because at least one of them was an arsehole, probably genetic and those bad genes passed onto the child.

Just to remind people, getting married, look at your spouse and remind yourself, that could be your child, the bad boy or girl might be a fun fling but do you want to be stuck with them for 18 years, would you be proud of them as you child, what kind of parent will they make, what kind of parent will their children be. Bad breeding choices will produce bad offspring with all the consequences and we are not talking class, simply the genetics behind the brain that does the thinking for them.

I think you mean "insiders"

By raymorris • Score: 5, Informative • Thread

The initial report from Twitter was that it was probably i aiders, and they were looking into how to reduce the number of people who had access to the relevant internal tools.

Later, they said the insiders had actually been social engineered into giving up access, which is exactly what had happened.

You seem to be the first to mention "state sponsored attackers".

Within three days of the attack, Twitter posted pretty much the whole story:

--

"The attackers successfully manipulated a small number of employees and used their credentials to access Twitter's internal systems, including getting through our two-factor protections. As of now, we know that they accessed tools only available to our internal support teams to target 130 Twitter accounts. For 45 of those accounts, the attackers were able to initiate a password reset, login to the account, and send Tweets."
--

Re:Looks like...

By angel'o'sphere • Score: 5, Informative • Thread

I assume you live in a country where prisoners are all perfect gentlemen and ladies to each other? Please, tell me where that is, and I'll move that we in the US start sending you our prisoners for a stay in your resort-like prisons.
Basically every western prison that is not in the US?

How is "a difficult family life" an excuse?

By Opportunist • Score: 5, Insightful • Thread

So if life treats me bad I get a free pass at being a crook? Wonder what the excuse for a lot of politicians is.

Millions of people live in a difficult situation, yet they pull through and manage to become honest, upstanding people. Many way, way more decent than any of those that are generally considered "pillars of society". Just imagine them all realizing that having a "difficult family life" is enough to gather sympathy when you want to rob, steal, emezzle and swindle.

Will Elon Musk License Tesla's Technology To Other Automakers?

Posted by EditorDavidView on SlashDotShareable Link
Audi's CEO "willingly admits that Tesla is two years ahead of the industry in some critical areas of building electric vehicles," reports Electrek. But where will that lead?

"Earlier this week, Musk made a subtle comment on Twitter that could majorly upend the auto industry," reports Inc. magazine: In response to an article in Teslarati highlighting German automakers' attempts to bridge the gap between Tesla's technology and their own, Musk tweeted the following: "Tesla is open to licensing software and supplying powertrains & batteries," tweeted Musk. "We're just trying to accelerate sustainable energy, not crush competitors!"

Consider for just a moment the brilliant potential of Musk's statement. In addition to leading its rivals in electric vehicle production (and the larger style batteries needed to support these), Tesla is also at the forefront of utilizing modern technology in its vehicles. In fact, many have described Tesla as "a tech company that happens to make cars." In contrast, though, Musk has repeatedly spoken on the challenges of actually manufacturing cars at consistent quality, as well as delivering them. At one point, he described Tesla's journey as going from "production hell to delivery logistics hell...." [L]egacy automakers excel where Tesla is weak: namely, manufacturing and delivery. Since they've been making cars so long, they've developed huge factories, along with consistent and refined processes.

But what if Tesla could reach a deal with automakers to license its strength — software and battery technology? Then everyone benefits...

If you're surprised by Musk's tweet, you shouldn't be. In fact, for years Musk has insisted that his primary goal is not to compete with larger automakers but rather to win them over.... If the legacy automakers are smart, they'll jump at the opportunity to negotiate a licensing deal.

The article cites a 2014 blog post in which Musk promised Tesla wouldn't initiate patent lawsuits against companies who wanted to use its technology, " in the spirit of the open-source movement, for the advancement of electric vehicle technology..."

"Our true competition is not the small trickle of non-Tesla electric cars being produced, but rather the enormous flood of gasoline cars pouring out of the world's factories every day."

Busy trying to figure out how to make cars

By raymorris • Score: 4, Interesting • Thread

A couple years ago Tesla was innovating regarding what kind of car to make, improving their designs, while making tens of thousands of prototypes. Meanwhile, the car companies were each building MILLIONS of cars per year.

Volkswagen, Toyota, GM, etc were (and are) car companies, making millions of cars. Tesla was a car research company, selling basically prototypes.

Then in the last few years Tesla has tried to turn into a car company. They've been trying to figure out how to make cars in production volume like the big boys. That has left them much less time to muck around with nifty little changes to the car design - they're now trying to design a manufacturing process.

Musk is probably smart to try to license what he has to companies who already know how to build and sell millions of cars. Tesla's strength is R&D and taking risks, not production and managing operations in a steady, reliable way.

Computer technology

By LostMyBeaver • Score: 5, Interesting • Thread
Where Tesla does not just exceed but completely dominates other vendors is in software and general computing technology.

I own a BMW i3, it is possibly the worst car I have ever owned. Mechanically, it is ok I guess. If a Toyota Prius is a perfect 10 (it is not, but just setting a point of reference) the i3 is a pretty solid 8. BMW did a great job on comfort, but did not waste time on things like hinges or door locks and such.

Tesla by comparison from my experience with the model S and model X is mechanically around a 6.5 or maybe a 7 on a good day. It is cheap and plasticy. The seats feel... well, it feels like the bought the best materials they could find, but companies like BMW and Toyota would design the right materials for the job. Tesla did not do poorly, this is just one of those places where classic car manufactures with a lot more experience and ... well long term skills excel. I assume in 10 years, Tesla will have their own polymers and fabrics development departments. But for now, they are just far behind. They focused elsewhere.

They made what may be the best drive train and battery technology in the business and also focused on their true core strength... software.

They are decades ahead of BMW on software. They a years ahead of Toyota. The most important thing they have is a platform with a clear understanding of patching. BMW and Toyota and the rest have for decades believed software is something you can get right or good enough and it should last as long as the vehicle and if there is a major problem, you can just plug in a new computer after a recall. If you need proof, BMW does not have progressive software updates... it is all or nothing. The dealership I get my car serviced at refuses to update my software because they are sure it will break more than it fixes and there are too many things broken to begin with. Toyota never even offered software updates for my old Prius.

Tesla started with modules and built modules and used package management. They made agreements from day one with mobile phone providers to ensure all cars with the Tesla name could be updated. They made sure that within reason, all their cars could be diagnosed and managed remotely if needed. It made absolutely no difference how good their software was... because they could fix it and deploy fixes, they were just plain better than everyone else. They also appear to have a strong grasp of quality control in software. I can only assume, but I believe they must have unit tests and integration tests for everything. They probably exceed most every other company in terms of regression testing and code coverage.

If I ever buy a new car... which is less likely now than ever since the car I have should theoretically last me 30 years, I will research the cars on the market closely and will purchase a car from a company that understands software at least as well as Tesla does today.

In the mean time, I will hold out hope for self driving ride sharing services. I believe a properly managed fleet of self driving vehicles is far smarter and more efficient and far more environmentally friendly than everyone owning their own vehicles that are serviced rarely and are just plain wasteful. Thankfully, where I live has dropped far below two cars per family and may already be less than one on average.

Re:Computer technology

By bgordon • Score: 4, Interesting • Thread

They also appear to have a strong grasp of quality control in software. I can only assume, but I believe they must have unit tests and integration tests for everything. They probably exceed most every other company in terms of regression testing and code coverage.

You had me going until here. This doesn't match my experience or that of any other Tesla owner I know. The more typical experience is that the first few updates are great. Then once your car isn't the newest model with the newest hardware inside, every update has a significant chance of introducing bugs that might or might not be fixed in a subsequent update. As far as I can tell, their regression testing doesn't cover anything more than the basics outside of the safety critical systems.

point of software

By world1703 • Score: 3, Informative • Thread
Why do you think there are no updates in a BMW? I got a software update on my BMW X3 a month ago. The navigation software occasionally crashed before (three times in a year), so I asked for the update. The update process is complicated to do by yourself: you have to submit some lengthy vehicle code number to a website, then download a big file to a USB flash drive. But their download software sucks and the car didn't like my USB flash drive, so I went to the dealer and had them do it. No big deal as the next BMW service center is just 5min away. The next Tesla service center is very far away, there are only few. Some cities don't even have one. Of course Tesla must provide a different way for updates. What's the point about Tesla being better in software? I use my car's navigation software, and the radio, and MP3 player. That hasn't changed much in the past 10 years. I know there's some self-parking feature in my car that I haven't even bothered to try yet because I just don't care about those gimmicks.

Re:The brilliance...ze goggles do nothing!

By Mashiki • Score: 4, Interesting • Thread

Saturns were just re-badged Opels and Vauxhalls

Nope. Saturn had their own engine plant which exclusively made all the engines for the S-series vehicles. They were the only company at the time using lost foam casting for the blocks and heads. In '02 GM forced them to switch to the ecotech line(GM had a glut of the ecotech engines - they were shit FYI). The astra was the only model with an Opel engine in it(also was the only rebranded opel). Switching to ecotech was the first nail in the coffin in killing those cars. The second was forcing them away from plastic composite body panels and to metal.

The "grand experiment" of Saturn was far too successful, since it created a fanatical brand loyalty and people held onto them far longer then the normal 5yr period. Saturns with 1m miles were not uncommon.

Microsoft Fixes Edge Bug That Made It Crash When Searching With Google

Posted by EditorDavidView on SlashDotShareable Link
"Microsoft's new Edge browser started randomly crashing when users typed into the address bar," reported the Verge on Thursday.

"The issues appear to have affected Edge users who had selected Google as the default search engine." Microsoft investigated the problem and now says it's believed to have been resolved. The Microsoft Edge crashes started at around 7PM ET, and were affecting macOS and Windows users. Microsoft resolved the problems after around four hours of crashes, but it's not clear why they were only limited to Google search users in Edge.

If users switched to Microsoft's Bing search engine within Edge, the crashes never occured.

It's not done till Lotus won't run

By bd580slashdot • Score: 4, Informative • Thread

Remember ... It's not done until Lotus won't run?

the poo

By awwshit • Score: 4, Insightful • Thread

Predictably, Microsoft took chromium and rubbed the poo on it. You touch Edge and end up with pink eye. Its 2020 and we should all know better by now. I think by picking up chromium Microsoft is really pining for the IE6 days, one browser to rule them all - poo and all.

Windows and Edge

By gavron • Score: 5, Informative • Thread

Microsoft has a history of making their O/S and browser not compatible with others. It started with their version of the open-source Spyglass software turned into the closed-source "Internet Explorer", then mixing that up with their file browser to create "Explorer".

It continued by blocking other search engines (or making it REALLY hard to select them) or lately in Windows 10 making Bing the default no matter what you do requiring a LOT of effort to change it.

Edge is just another coat of paint on the cracked wall.

Windows, Edge, Microsoft... the only real supporter they have is the government wanting them to be the only company "that gets to" buy Tik-Tok.
Everyone else "just has to use them because the software I must have only runs on it."

SAD!!

E

What clever trick did Google use to crash Edge?

By aberglas • Score: 3, Interesting • Thread

Presumably Google changed there incredibly complex JavaScript to do this, probably after Edge was released. And I would be surprised if Google tested on Edge, officially anyway.

Never attribute to malice...

By hcs_$reboot • Score: 4, Funny • Thread
Never attribute to malice that which is adequately explained by incompetence.

Do Animals Really Anticipate Earthquakes? Sensors Hint They Do

Posted by EditorDavidView on SlashDotShareable Link
An anonymous reader quotes Scientific American: For centuries, people have described unusual animal behavior just ahead of seismic events: dogs barking incessantly, cows halting their milk, toads leaping from ponds... Now researchers at the Max Planck Institute of Animal Behavior and the University of Konstanz, both in Germany, along with a multinational team of colleagues, say they have managed to precisely measure increased activity in a group of farm animals prior to seismic activity...

The researchers used highly sensitive instruments that record accelerated movements — up to 48 each second — in any direction. During separate periods totaling about four months in 2016 and 2017, they attached these biologgers and GPS sensors to six cows, five sheep and two dogs living on a farm in an earthquake-prone area of northern Italy. A total of more than 18,000 tremors occurred during the study periods, with more seismic activity during the first one — when a magnitude 6.6 quake and its aftershocks struck the region. The team's work was published in July in Ethology...

Analyzing the increased movements as a whole, the researchers claim, showed a clear signal of anticipatory behavior hours ahead of tremors. "It's sort of a system of mutual influence," Wikelski says. "Initially, the cows kind of freeze in place — until the dogs go crazy. And then the cows actually go even crazier. And then that amplifies the sheep's behavior, and so on...." This "swarm intelligence" can happen within or across species, Wikelski says. For example, "we did a study on Galápagos marine iguanas, and we know that they are actually listening in to mockingbirds' warnings about the Galápagos hawks," he adds. "These kinds of systems exist all over the place. We're just not really tuned in to them yet."

The researchers say the farm animals appeared to anticipate tremors anywhere from one to 20 hours ahead, reacting earlier when they were closer to the origin and later when they were farther away. This finding, the authors contend, is consistent with a hypothesis that animals somehow sense a signal that diffuses outward.

Catfish?

By biggaijin • Score: 4, Interesting • Thread

In Japan, people believe that catfish anticipate earthquakes. It was never explained to me how this was first observed, but it is common lore here.

Re:Any pet owner can tell you that as well

By backslashdot • Score: 5, Funny • Thread

In the this case, I would suspect we are dealing with causation rather than prediction. The cat probably engineered the earthquake to assert domination or teach you a lesson.

Re:Oh my god, animals can sense massive vibrations

By Jeremi • Score: 5, Insightful • Thread

Wow, you mean to say that an animal can sense a massive vibration that quite literally rips the earth apart?

No, it means that animals (allegedly) can predict that massive vibration will occur, well before it happens, which is a completely different and much more interesting thing.

Possibly related...

By BoogieChile • Score: 5, Insightful • Thread

Could be another facet of this https://www.ncbi.nlm.nih.gov/p...

How could this possibly get published?

By Cytotoxic • Score: 3 • Thread

18,000 tremors over 4 months is 6 1/4 times per hour.

They say they can detect anomalous behavior anywhere from 1-20 hours in advance. That's a hell of a window. With an average of 6 1/2 events occurring during their shortest window, and an average of 125 tremors during their longest window, how can they possibly tease a signal out of that noise? Even if they were actually responding to the tremors, how do they know that they are responding to the tremor 4 hours later and not the tremor 4 hours and 12 minutes later, or the tremor 3 hours and 37 minutes later, or the tremor 18 hours and six minutes later....... it just sounds like they came up with a fancy method for going anomaly hunting.

Larry King Duped Into 'Disinfomercial' on Social Media By China (and Possibly Russia)

Posted by EditorDavidView on SlashDotShareable Link
For 25 years, until 2010, Larry King had a live interview show on CNN. But now ProPublica reports "In the twilight of a remarkable radio and television career spanning more than six decades, battling health problems but determined to stay in the public eye, King was ensnared in an international disinformation scheme."

It involved filming Larry King asking questions, and then later splicing in responses from Anastasia Dolgova (an employee of a Russia state-owned broadcaster) — and then widely promoting the footage on social media: Posted on YouTube under the title "Larry King US China Special Conference 2019," and quickly spread by social media accounts linked to Chinese government influence operations, the fake interview went viral across Chinese-language social media, likely reaching hundreds of thousands of users on Twitter, Facebook and YouTube... By conveying Chinese disinformation through a journalist for Russian media, it may exemplify the increasing media cooperation between the two countries...

ProPublica found that the Chinese government was involved in distributing the video. Our analysis of data released by Twitter showed that nearly 250 fake accounts linked to China's government shared nearly 40 different links to the video a total of more than 500 times. Around half of those fake accounts had more than 10,000 followers... In September 2018, six months before King taped the Dolgova video, Putin and Chinese President Xi Jinping attended a ceremony in Vladivostok, Russia. There, the Russian state-controlled Rossiya Segodnya news agency and Chinese state-controlled China Media Group signed an agreement to cooperate in news exchange, joint reporting and distribution, and promotion of each other's reports, especially on social media...

The Russia-China partnership reflects the alignment of the two countries' political messaging, as both promote alternatives to liberal democracy in a post-Cold War world. To achieve that goal, the Kremlin is building a "global media conglomerate," said Nataliya Bugayova, a research fellow at the Institute for the Study of War, a Washington, D.C.-based think tank. Russian media outlets have signed more than 50 cooperation agreements with foreign media since 2015, she said...

In a telephone interview, King expressed remorse and bewilderment.

Larry King

By rossdee • Score: 5, Informative • Thread

The only time I have seen Larry King in the last decade he has been promoting vitamin supplements and prostate cures. I don't think he has any credibility left to sell.

Re:What's the issue?

By SpankiMonki • Score: 5, Insightful • Thread

Russians and Chinese have a large number of freedoms. They are free to own property, start a business, date and marry who they want, criticize the government privately, and most importantly ... free to leave.

You are free to marry who you want in Russia and China - as long as they aren't the same sex as you.

And what the hell does "criticize the government privately" even mean? If you can't publicly criticize the government, the ability to do it in private ain't much of a freedom. You can criticize the government privately in North Korea and Cuba as well, depending on how you define it.

Re:London Bridge is falling down

By larryjoe • Score: 5, Insightful • Thread

And we obsess over foreign "meddling" in our entertainment industry.

Well, shit! Just do the same thing back. Propaganda must work just as well on Chinese and Russians

No, that's not true. Chinese and Russians are shielded from sources of information other than the state-sanctioned propaganda. This meddling to mess with the minds of people only works in the free world.

Re:What's the issue?

By divide overflow • Score: 4, Insightful • Thread

Russians and Chinese have a large number of freedoms. They are free to own property, start a business, date and marry who they want, criticize the government privately, and most importantly ... free to leave.

Perhaps you aren't familiar with the Uyghurs living in Xinjiang province in China. Tell me about their so-called freedoms and how the Chinese government isn't acting like totalitarians in their treatment. I've seen reliable reports that every Uighur home in Xinjiang has a camera pointed at its front door used to track every occupant's entrance and exit to the home. This is only one example of the pure Big Brother-style totalitarianism they are experiencing.

Re:What's the issue?

By divide overflow • Score: 4, Insightful • Thread
Nice way to shift the argument away from China's attempts to eliminate entire ethnic groups totaling 1-3 million people with your lame "whataboutism."

If that makes a country "totalitarian" then every country on earth is totalitarian.

That is probably the most absurd argument I've heard today, and I've been reading Slashdot.

New Repository Leaks Souce Code From Microsoft, Adobe, and Dozens of Other Companies

Posted by EditorDavidView on SlashDotShareable Link
Bleeping Computer reported this week that a new public repository of leaked code includes big names like Microsoft, Adobe, Lenovo, AMD, Qualcomm, Motorola, Roblox, and Disney: The leaks have been collected by Tillie Kottmann, a developer and reverse engineer, from various sources and from their own hunting for misconfigured devops tools that offer access to source code... According to Bank Security, a researcher focused on banking threats and fraud, code from more than 50 companies is published in the repository...

Kottmann told BleepingComputer that they find hardcoded credentials in the easily-accessible code repositories, which they try to remove as best as they can... Kottmann also says that they comply with takedown requests and gladly provide information that would strengthen the security of a company's infrastructure. One leak from Daimler AG corporation behind the Mercedes-Benz brand is no longer present in the repository. Another empty folder has Lenovo in its name. However, judging by the number of DMCA notices received (estimated at up to seven) and direct contact from legal or other representatives, many companies may not be aware of the leaks...

Reviewing some of the code leaked on Kottmann's GitLab server revealed that some of the projects have been made public by their original developer or had been last updated a long time ago. Nevertheless, the developer told us that there are more companies with misconfigured devops tools exposing source code. Furthermore, they are exploring servers running SonarQube, an open-source platform for automated code auditing and static analysis to uncover bugs and security vulnerabilities.

Kottmann believes there are thousands of companies that expose proprietary code by failing to properly secure SonarQube installations.

Tom's Guide considers it a serious breach: Jake Moore, a security specialist at ESET, told Tom's Guide: "Losing control of the source code on the internet is like handing the blueprints of a bank to robbers.

"This list will be viewed by cyber criminals far and wide looking for vulnerabilities as well as confidential information in a scarily short space of time."

Re:Open/Closed Source

By Vlad_the_Inhaler • Score: 4, Informative • Thread

I assume you know the answer to that one but I'll bite.
The idea with open source is that anyone can look and identify vulnerabilities, the idea being that a lot of those eyes will be friendly.
Closed source is "security through obscurity" - because people can't see the source they find it difficult to find the weaknesses. Guess what, the hostile eyes now have access.

Re:Jake Moore is an idiot

By Retired ICS • Score: 5, Insightful • Thread

Banks hand their blueprints to robbers all the time. It is required practice in order to be able to build a building.

Link to repos

By Gravis Zero • Score: 5, Informative • Thread

the repos are here: https://git.rip/exconfidential

Souce code, huh?

By The_mad_linguist • Score: 3 • Thread

Guess none of it was written in 'R'

Re:Jake Moore is an idiot

By 93 Escort Wagon • Score: 4, Funny • Thread

Banks hand their blueprints to robbers all the time. It is required practice in order to be able to build a building.

That's why the wise bank manager kills the entire construction crew immediately after the building is finished.

NASA Astronauts Fire Deorbiting Burn. Watch Splashdown Back to Earth

Posted by EditorDavidView on SlashDotShareable Link
After travelling all night to return from the International Space Station, two NASA astronauts will splashdown in the Gulf of Mexico at 11:48 PT, reports CNET. "There will be about an hour of excitement prior to that moment as Crew Dragon deorbits and re-enters Earth's atmosphere..."

That 11-minute deorbiting burn should begin in five minutes (at 10:56 PT), and you can watch it live on SpaceX's YouTube channel before the splashdown 52 minutes later. CNET notes that "This will be the first crew recovery at sea of NASA astronauts since 1975 at the end of the Apollo moon exploration era, the space agency tweeted on Sunday." The reentry process is dramatic. "Crew Dragon will be traveling at orbital velocity prior to reentry, moving at approximately 17,500 miles per hour. The maximum temperature it will experience on reentry is approximately 3,500 degrees Fahrenheit," said NASA in a statement on July 24...

If Crew Dragon passes these final tests, then SpaceX will be able to provide regular, operational flights to the ISS starting later this year. And it would end NASA's reliance on Russian spacecraft for the first time since the shuttle era.

After splashdown the crew " will spend up to an hour floating inside the capsule before joint recovery teams from SpaceX and NASA retrieve them for a helicopter trip ashore," reports Reuters.

A post-splashdown news conference is then scheduled about 30 minutes later at 1:30 p.m. PT.

Re:How long before the next stage?

By stevelinton • Score: 5, Informative • Thread

SpaceX's Starship is expected to land on its own rockets. Just needs a tough flat surface to land on.

As an old SCTV fan

By 93 Escort Wagon • Score: 3 • Thread

I find myself giggling each time they refer to the astronauts as "Bob and Doug".

I have to admit

By 93 Escort Wagon • Score: 3 • Thread

Watching that splashdown made me smile.

And the experience wouldn't be complete...

By 93 Escort Wagon • Score: 5, Informative • Thread

Without a few morons in private boats trying to get as close to Dragon as possible.

Live stream here ...

By kbahey • Score: 5, Informative • Thread

Live stream of the crew leaving the dragon capsule is here.

And here is a summary of the process until the splashdown event.

Microsoft Edge Accused of Stealing Data From Chrome

Posted by EditorDavidView on SlashDotShareable Link
Some Windows 10 users have complained that when Microsoft sets up its Edge browser, it steals data from Chrome and Firefox without asking first, writes ZDNet columnist Chris Matyszczyk.

But today a reader sent him a new complaint involving Windows 7: "My wife's computer, which is running Windows 7, got a Windows update this morning, which then gave the full-screen welcome page for Edge Chromium. She was terrified as this looked exactly as if malware had taken over the machine... How could any application be running that she hadn't started? How is it that Microsoft can't manage to provide security updates for Windows 7, as it is end of life, but still manage to force a new web browser that isn't wanted on Windows 7 users...?"

"The full-screen welcome page for Chomium Edge did have a faint 'close' gadget in the top right, which was the very first thing we clicked... This still left Edge pinned on the taskbar and when I hovered over it, it showed all the recent sites she had visited on Chrome. So it must have stolen that data from Chrome which is the only browser she ever uses."

The ZDNet columnist shared his own reaction to the story. "Edge is a fine browser. It's quick, effective, and has superior privacy instincts than does Chrome. I have begun to use it and I like it. When you launch a new product, however, you have two choices: You can announce it, make people feel good about it, and then rely on word of mouth. Or you can try ramming it down people's throats.

"The former is often more effective. Microsoft has chosen the latter."

Huh?

By Freischutz • Score: 4, Funny • Thread
So Microsoft stole a bit of data from the mother of all data thieves Google. That's like an MS13 cell hijacking a Sinaloa Cartel cocaine shipment. I see no reason to get upset about this.

Re:Time for bigger hands

By drinkypoo • Score: 4, Interesting • Thread

Apparently they didn't get spanked hard enough from the first anti-trust "agreement". They forgot their lessons.

Do you mean the agreement with the EU? Because the lesson they learned from the USDoJ is that they can get away with anything they want.

"Stolen"... Don't be ridiculous. You sound like an

By BAReFO0t • Score: 4, Insightful • Thread

My dear, you are running an OS without access restrictions between applications. Everything you are running, is treated as if it was you doing the actions. ... Because you *are*.

*You* chose to run the OS that runs arbitrary stuff that Microsoft chose. It is your CPU, my love. It blndly does whatever you shove under its nose. And you went "Here, do everything Microsoft tells you to".
You cannot now claim "it" is doing things you did not want, without being accused of cognitive dissonance.

Yes, it is malware. It says "Microsoft" on the tin. After the last ... frankly, ... decades, ...: How much more obvious do you want it?

If you cannot be bothered to inspect what you allow your CPU to do, you have to bite the bullet and let the nanny do what the nanny chose to do.
And if you want something else, stop being so goddamn lazy and willfully ignorant, man up, and choose your own adventure!
You wouldn't drive a car with that amount of passivity and cluelessness. Let alone a computer, which is closer to an alien spaceship than to a car, in complexity!

TL;DR: If you don't want Microsoft, don't use Microsoft. Boo-hoo.

(Oh boy, wait until I tell you about Google/Chrome!)

Importing settings from Chrome is...

By thegarbz • Score: 5, Informative • Thread

One of the things the popup asks if you would like to do. I'll bet a Marsbar the wife clicked Yes on a window that she didn't even read just to make a popup go away.

Who does Microsoft answer to

By ukoda • Score: 3 • Thread
People who have these issue seem to forget who Microsoft answers to. Here a hint, it is not the users, it the shareholders. If the users could understand this then they would understand why Microsoft does things the user doesn't want.

I do laugh reading some of the answer that involve multi-step processes involving changing registry settings and installing software etc just to try and retain control and these are the same people who say Linux is too hard.

I brought a second hand NUC the other day. It had Windows 10 installed on it so I though I would check out what the current Windows UI looks like before replacing it with Linux. I wasted a whole of time just answering questions, some totally unnecessary, to use the system, before I could reach the start screen. A clear reminder to me of who Microsoft answers to.

Gravity Error Detected?

Posted by EditorDavidView on SlashDotShareable Link
jd (Slashdot reader #1,658) writes: The large scale maps of the universe show something is seriously wrong with current models of gravity and dark matter. The universe simply isn't clumping right and, no, it's not the new improved formula. As you go from the early universe to the present day, gravity should cause things to clump in specific ways.

It isn't. Which means dark matter can't be cold and general relativity may have a problem.

They need more data to prove it's not just a freaky part of the universe they're looking at, which is being collected.

"The new results come from the Kilo-Degree Survey, or KiDS, which uses the European Southern Observatory's Very Large Telescope to map the distribution of matter across our universe," according to the Independent: So far, it has charted roughly 5% of the extragalactic sky, from an analysis of 31 million galaxies that are as much as 10 billion light years away... That allows researchers to build up a picture of all matter in the universe, of which some 90 per cent is invisible, made up of dark matter and tenuous gas.

Re:No Dark Matter

By gtall • Score: 5, Informative • Thread

I see you don't understand dark matter or dark energy. Think of them as placeholders. Whatever we measure those placeholders must have in order for the universe to conform to a theory and observations means nothing more than that...and nothing less. They could have called them green eggs and ham for all the difference it makes. But people like you fixate on the names as though the names were somehow predicting what the phenomenon actually is.

Re: No Dark Matter

By MrL0G1C • Score: 4, Interesting • Thread

We've only failed to DIRECTLY detect dark matter.

That would be because scientists have no idea what dark matter is so far as I'm aware. As a layman dark matter just looks like scientists fudging the numbers because gravity doesn't seem to be working right on larger scales.

Dark matter strikes me as being the modern Aether, a stop gap until something better comes along. https://en.wikipedia.org/wiki/...

Re:No Dark Matter

By ClickOnThis • Score: 5, Insightful • Thread

Phlogiston and the ether were neither "convenient excuses" nor "magic" in their time. They were reasonable conclusions given the knowledge in their day.

Phlogiston seemed a reasonable explanation for the way fire behaved -- as though something was "coming out" of the fuel. But it was disproved after careful experiments showed that burning something caused it to get heavier, not lighter.

The ether seemed a reasonable explanation for the observed behavior of non-EM waves requiring a medium to propagate. It was disproved by the Michelson-Morley experiment.

Science does not move in a stately fashion from one truth to another. It is messy. It progresses by making assumptions that seem to fit observations, and then testing them further. Even wrong assumptions can be useful, because they identify something that can be tested.

Dark matter may very well go the way of phlogiston and the ether. But for now, it's a useful assumption, not a convenient excuse or magic.

Re: No Dark Matter

By dryeo • Score: 5, Informative • Thread

Aether wasn't a stopgap, it was based on serious reasoning and made perfect sense in its time. Waves need a medium to move in and light has the properties of waves.
When instruments got sensitive enough to measure the Aether, the results disagreed with theory. After a bunch of re-measurements and double checking, science moved on. That's how science works.
The neutrino, a type of dark matter, was a fix to make some equations work. Eventually they were detected though we're still learning about them.
A lot of people also get confused by the term "dark", which can mean unknown. Darkest Africa, the dark side of the Moon, dark matter, all unknowns at the time the terms were invented.

Re: No Dark Matter

By apoc.famine • Score: 4, Insightful • Thread

We can detect evidence of those gravitational effects if and only if our current model of gravity is correct. That's the point that's being made here. If our current model of gravity is incomplete, than we need to go back and recalculate a whole lot of stuff, and that may or may not exclude dark matter.

It's only a pretty good indirect detection if the model is correct, and we don't know that for sure.

There's a nice bit of evidence that it is incomplete: The lack of connection between relativity and quantum. One would expect that two models of the physics of the universe with solid observational confirmation wouldn't be incompatible, and yet they are. That suggests to me that at least one of them is incomplete, and of the two, quantum effects are the only ones we can really experiment on. That makes me instantly suspicious of relativity, because we can't easily do experiments on it.

IWAPALTA

While Some Top Creators Abandon TikTok, the ACLU Opposes a Ban

Posted by EditorDavidView on SlashDotShareable Link
Late Friday night, the American Civil Liberties Union tweeted its objections to banning TikTok in the United States. "Banning an app like TikTok, which millions of Americans use to communicate with each other, is a danger to free expression and technologically impractical."

More details from TechCrunch: "With any Internet platform, we should be concerned about the risk that sensitive private data will be funneled to abusive governments, including our own," the ACLU wrote in a subsequent statement. "But shutting one platform down, even if it were legally possible to do so, harms freedom of speech online and does nothing to resolve the broader problem of unjustified government surveillance."
But TechCrunch also reports TikTok is facing another threat: On Tuesday, a clutch of the company's largest celebrities, with a collective audience of some 47 million viewers, abandoned the platform for its much smaller competitor, Triller.

Founded in 2015, two years before TikTok began its explosive rise to prominence, Triller is backed by some of the biggest names in American music and entertainment including Snoop Dogg, The Weeknd, Marshmello, Lil Wayne, Juice WRLD, Young Thug, Kendrick Lamar, Baron Davis, Tyga, TI, Jake Paul and Troy Carter...

[T]he creators say they're leaving TikTok because they've grown wary of the Chinese-owned company's security practices. "After seeing the U.S. and other countries' governments' concerns over TikTok — and given my responsibility to protect and lead my followers and other influencers — I followed my instincts as an entrepreneur and made it my mission to find a solution," Richards, who's assuming the title of Triller's chief strategy officer, told the LA Times.

Re:KIDS (Keep It Diversion, Stupid)

By drinkypoo • Score: 4, Informative • Thread

Also some blame shifting, with the amusing wrinkle that no one has yet produced any evidence Tik Tok has actually done anything to be blamed for.

That's because nerds are expected to be able to use google to inform themselves. e.g. https://www.forbes.com/sites/z... https://www.telegraph.co.uk/te... https://www.usatoday.com/story...

TL;DR: TikTok has been caught employing spying methods (e.g. clipboard access) even after they claimed they stopped, and their story as to why has changed even though their behavior hasn't. That's a sure sign that they are spying. It is well-known both inside and outside of China that the PRC embeds operatives in any Chinese company of size, including social media operations, to tell them what to do. Only a complete ignoramus could believe that TikTok isn't passing on data to China, whether that was the original purpose of their enterprise or not. It's just as dumb as believing that Microsoft doesn't pass on telemetry data to the feds.

Re: technologically impractical

By fafalone • Score: 4, Informative • Thread
After Charlottesville, the ACLU now will consider cases it takes based on whether the content of the speech is harmful to their social justices positions. Note how all your links are before the memo that came out after that event.
https://www.axios.com/aclu-lea...

Banning services??? Who does that???

By Chewbacon • Score: 3 • Thread

1. China
2. Russia
3. Pakistan ... I could list more, but I don't need to. Nice taking a play from the governments who already have done it; the same governments Trump says he's better than. Perfectly fine if companies are selling (or giving) the US data.

I used to be a member of

By oldgraybeard • Score: 4, Informative • Thread
the ACLU. Today's (making profit for lawyers by suing government entities)ACLU is just a shadowy slimy shell of what the organization once stood for.
I put them in the same group as Southern Poverty Law Center,, Legal shills!

Political wanking

By Malays2 bowman • Score: 3 • Thread

This is what all the "oH nOzE! wE mUsT pRoTeCt aMeRiCa fRoM tEh eBil tIk tAc" is really all about.

Wow, if China is so evil and dangerous, surely our manufacturing base will be rushing back into the United States about now, right?

As I said, it's political wanking and possibly a cheap diversion from the real issues, such as Trump & friends holding maskless MAGA rallys, and the feds disappearing people off of the streets in Oregon.

Could Randomness Theory Hold Key To Internet Security?

Posted by EditorDavidView on SlashDotShareable Link
"In a new paper, Cornell Tech researchers identified a problem that holds the key to whether all encryption can be broken — as well as a surprising connection to a mathematical concept that aims to define and measure randomness," according to a news release shared by Slashdot reader bd580slashdot: "Our result not only shows that cryptography has a natural 'mother' problem, it also shows a deep connection between two quite separate areas of mathematics and computer science — cryptography and algorithmic information theory," said Rafael Pass, professor of computer science at Cornell Tech...

Researchers have not been able to prove the existence of a one-way function. The most well-known candidate — which is also the basis of the most commonly used encryption schemes on the internet — relies on integer factorization. It's easy to multiply two random prime numbers — for instance, 23 and 47 — but significantly harder to find those two factors if only given their product, 1,081. It is believed that no efficient factoring algorithm exists for large numbers, Pass said, though researchers may not have found the right algorithms yet.

"The central question we're addressing is: Does it exist? Is there some natural problem that characterizes the existence of one-way functions?" he said. "If it does, that's the mother of all problems, and if you have a way to solve that problem, you can break all purported one-way functions. And if you don't know how to solve that problem, you can actually get secure cryptography...."

In the paper, Pass and doctoral student Yanyi Liu showed that if computing time-bounded Kolmogorov Complexity is hard, then one-way functions exist. Although their finding is theoretical, it has potential implications across cryptography, including internet security.

+1

By hcs_$reboot • Score: 4, Interesting • Thread
Using 3 prime (Mersenne) numbers would make the reverse search even more difficult. https://www.tsijournals.com/ar...

You don't pay much attention to tech, do you?

By raymorris • Score: 5, Informative • Thread

>No one can break this stuff, including the designer

FYI, my 6 year old can come up with a code she can't break. Which is really just another way of saying "write a a math problem you can't solve".

Actually, let's try this. I'll be back in a minute. ... ...

  "Seven thousand times a million!"
That problem can't be cracked by its creator.

  "The person who can up with it (who thought it was secure) doesn't know how easy it can be broken" is not a valid argument for the strength of an encryption scheme.

The designer of Blowfish, a Slashdotter named Bruce Schneier, does understand Blowfish well enough that he was telling people to stop using it a long time ago because he understood it has certain weaknesses.

> Oh, since I'm not aware of it, it doesn't mean it hasn't already been broken, yeah. Sure. No one can break this stuff

The fact that you apparently didn't read Slashdot, Wired, or even turn on CNN the week that it was broken doesn't mean it didn't happen. It was a big enough story that the popular press pick it up in August 2016; maybe you were gone camping.

The attack is called Sweet32. It's not reduced rounds, it a real world practical attack - and not even hard. It's not a complicated attack. The most immediate problem, the thing we had to fix within a couple days, was site-to-site VPNs using Blowfish. IIS servers offering streams downloads of large files using Blowfish were also something we were looking for. What Sweet32 is all about is that Blowfish is fairly simply to break if you 850 GB of data encrypted with the same key. A site-to-site VPN might provide that in minutes, certainly in hours.

AI Distinguishes Birds That Even Experts Can't

Posted by EditorDavidView on SlashDotShareable Link
Slashdot reader sciencehabit quote Science magazine: It's a fact of life for birders that some species are fiendishly difficult to tell apart — in particular, the sparrows and drab songbirds dubbed "little brown jobs." Distinguishing individuals is nearly impossible. Now, a computer program analyzing photos and videos has accomplished that feat. The advance promises to reveal new information on bird behaviors...

The tool, called a convolutional neural network, sifts through thousands of pictures to figure out which visual features can be used to classify a given image; it then uses that information to classify new images. Convolutional neural networks have already been used to identify various plant and animal species in the wild, including 48 kinds of African animals. They have even achieved a more complicated task for elephants and some primates: distinguishing between individuals of the same species. Team member André Ferreira, a Ph.D. student at the University of Montpellier, fed the neural network several thousand photos of 30 sociable weavers that had already been tagged... [W]hen given photos it hadn't seen before, the neural network correctly identified individual birds 90% of the time, they report this week in Methods in Ecology and Evolution. Behavioral ecologist Claire Doutrelant of CNRS, the French national research agency, says that's about the same accuracy as humans trying to spot color rings with binoculars.

Ferreira then tried the approach on two other bird species studied by Damien Farine, a behavioral ecologist at the Max Planck Institute of Animal Behavior. The tool was just as accurate...

Bird's eye view

By rmdingler • Score: 5, Interesting • Thread

Feed a trillion readily available pictures into such an algorithm (most uploaded voluntarily to the interwebz) and improve the accuracy a bit, there won't be a bird on the planet that can't be identified individually in any habitat.

I, for one, welcome our bird watching overlords.

Now make it work for audio.

By willy_me • Score: 5, Interesting • Thread

Most bird identification is done by listening to the bird sounds. It is great if you can also get a visual id but they can be damn hard to spot. My ornithologist friend is constantly listening to audio tracks of various birds to ensure they can identify the birds they encounter when doing field work.

An interesting project I always wanted to do was to set up multiple audio recording devices positioned ~ 10 m apart from one another. Then when analyzing the audio, one can identify the birds and even triangulate their position. Being able to do this in real time would be amazing and would make an ornithologist's job much easier. They can do it for snipers firing at Humvees (a previous Slashdot posting) so it must also be possible for birds.

From ~6 years ago

By Chozabu • Score: 5, Insightful • Thread
oblig XKCD https://xkcd.com/1425/

Justice is finally in sight

By Kohath • Score: 3 • Thread

I thought I'd never find the culprit that made a mess on my windshield, but now there's finally hope! Your days are numbered, you fluttering shitbird!

Re:From ~6 years ago

By ShanghaiBill • Score: 4, Interesting • Thread

oblig XKCD https://xkcd.com/1425/

A lot has changed in six years.

The "virtually impossible" task is now the easier of the two.

You don't even need to train your own CNN. There is a Google Cloud API that can tell you if an image contains a bird in a dozen lines of Python.

Tesla Engineer Reinvents Chocolate Chip for Maximum Taste and Melt

Posted by EditorDavidView on SlashDotShareable Link
"Silicon Valley, long obsessed with computer chips, is now disrupting chocolate ones," writes the New York Post: Remy Labesque, a Los-Angeles based industrial engineer working for Elon Musk's Tesla, has re-engineered the chocolate chip for the optimization-obsessed set.

Thirty bucks gets you 17.6 ounces, or about 142, of the expertly forged chocolate geodes, which are molded to "melt at the right rate," according to Todd Masonis, co-founder of San Francisco's Dandelion Chocolate, which makes and sells the chips... Labesque's flattened pyramid-like structures feature thick middles and thinly tapered edges. A 15-degree slope, according to blueprints for the morsel, creates a glossy finish when baked.

Masonis said it took years to realize Labesque's original multifaceted mold. "We did 3-D renderings of different options for shapes, test prints of a few molds and, of course, baking tests," he said. The goal? To emphasize the complex chips' cacao bean essence, which is said to have notes of chocolate buttercream frosting and banana. "We found that if you take a huge chunk of chocolate and put it in your mouth, that taste can be overwhelming," said Masonis. "The flat shape helps slow down the experience."

The single-origin chocolate is carefully tempered — a process where chocolate is heated then cooled to create a hard shell — and is designed to melt without ruining the structural integrity of its mold-cast hard edge.

The perfect chip weight, according to the engineers, is 4.05 grams.

The primitive shape of our current chocolate chips "isn't a designed shape," Labesque tells Bloomberg. "It's a product of an industrial manufacturing process."

"Maximum" taste?

By technothrasher • Score: 5, Interesting • Thread
How can you engineer a subjective thing like chocolate for "maximum" taste? Already when they described its flavor as buttercream frosting and banana they're well away from my tastes in chocolate flavor. I prefer leather and tobacco flavors to fruity flavors in chocolate. The size of the chips are also way too big for my liking for the right cookie/chocolate balance, which is funny since the article mentions they acknowledge too big of a chunk overwhelms your mouth. Obviously my preferences don't matter any more than theirs do, but it should point out that there's just no way to engineer the perfect chocolate chip because such a thing does not exist.

Re:"Maximum" taste?

By jenningsthecat • Score: 4, Insightful • Thread

The size of the chips are also way too big for my liking for the right cookie/chocolate balance, which is funny since the article mentions they acknowledge too big of a chunk overwhelms your mouth. Obviously my preferences don't matter any more than theirs do, but it should point out that there's just no way to engineer the perfect chocolate chip because such a thing does not exist.

I totally agree - especially with the part about the chips being too big. A good chocolate chip cookie is about balance among flavours - the non-chocolate part is a key component of the overall experience. Big chips degrade the rest of the cookie into a mere vehicle - in which case I'd rather just eat the chocolate.

The shape of the chips isn't even a concern. Size of the chips, the quality of the chocolate used, the quality and flavour of the rest of the cookie, and the degree of 'doneness', are much more important.

click bait check list:

By 140Mandak262Jamuna • Score: 3 • Thread
[ ] Title has Tesla or Elon or Musk

[ ] Summary has Tesla and Elon and Musk

[ ] Summary has keywords close together

Passed, cleared for front page.

And in real units

By Opportunist • Score: 3 • Thread

You get about half a kilogram of chocolate chips for 25.50 Euros.

while I can understand where he's coming from...

By argStyopa • Score: 5, Informative • Thread

...I pretty much repudiate the entire idea.

Chocolate chips exist to symbiotically join with cookie dough to make something much much greater than the sum of its parts.

This "chunk" design (it's hardly a chip) comes from a laudable motivation, but not everything is better when engineered to the nth degree and then offered by some dandified SanFran startup.

Further, have they never had a warm cookie right out of the oven? The last thing I want is a DOUBLE SIZED lava-hot glob of chocolate in my cookie.

A package of chocolate chips is 12oz, and about $10. So I can get 2x the chips, plonk them into the (perfect) Toll House chocolate chip cookie recipe printed directly in the package where even plebians can get it, and have 2x the cookies at the end.

That is a goddamned win even if I somehow am missing the the delicate notes of banana and butter cream frosting in single-sourced chocolate.

Google Starts Testing Its Replacement for Third-Party Cookies for Chrome

Posted by EditorDavidView on SlashDotShareable Link
"Google has taken one step closer to banishing third-party cookies from Chrome," reports Engadget. The internet giant has started testing its trust tokens with developers, with promises that more would move to live tests "soon." As before, the company hoped to phase out third-party cookies in Chrome once it could meet the needs of both users and advertisers.

Trust tokens are meant to foster user trust across sites without relying on persistent identifying data like third-party cookies. They theoretically prevent bot-based ad fraud without tying data to individuals. This would be one framework as part of a larger Privacy Sandbox including multiple open standards.

The company still hopes to eliminate third-party cookies by 2022.

Re:Trust?

By Joce640k • Score: 4, Insightful • Thread

Yep, I think they're much more interested in the "prevent bot-based ad fraud" part of this.

Re:Trust?

By arglebargle_xiv • Score: 4, Interesting • Thread
Oh great, instead of easily blockable and manageable third-party cookies we're now going to get Google-controlled evercookies tracking everything we ever do.

Re:Trust?

By infolation • Score: 5, Insightful • Thread

What am I missing?

What you're missing is any useful information in the summary or linked article about what 'trust tokens' actually are, or how they work from a privacy preserving/destroying perspective in the context of Google's 'privacy sandbox'.

Fortunately the EFF have written a pretty good summary of trust tokens.

I'd advise you to read that link, but the summary is:

Good:
fewer CAPTCHAs, fighting fingerprints

Good:
"privacy budget" for fingerprinting

Bad:
Conversion measurement API.
Apple's version stores 6 bits (1-64)
Google's version stores 64 bits of information (1 to 18 quintillion.
= Profiling tool.

Very bad:
Federated Learning of Cohorts. FLoC allows users to build their own, local machine learning models by sharing little bits of information at a time. A 'behavioral credit score'. Incomprensible to users, reveals incredibly sensitive information to third parties. Trackers will use it to profile build.

There is no repeated token. (Zero-knowledge proof)

By raymorris • Score: 4, Informative • Thread

> What am I missing? Will the token be unique each time it is used but still trusted?

Yep, that's what you were missing - it's the returned value ia different every time, so the site has no way of knowing if it's the same person from yesterday or not.

The underlying cryptography is a called a zero-knowledge proof.

One part of the math gets complicated because it's based on elliptic curves, but we can describe and understand the general idea without delving into the hard math part. Elliptic curves are a way to set up a math problem that's arbitrarily hard to figure out, but easy to check, and vice versa. For now, let's just call the solutions "odd numbers".

The ad network (Google) openly publishes their public key, which I a big number. The client takes a second to compute an "odd number" that is a multiple to of the Google key. That's the proof of work. The client keeps that "odd number" secret. The site wishing to check that the captcha has been done then sends over a large arbitrary number, such as "738384641...739462". The client's task is to multiply this challenge number with their secret odd number and send back the last two digits.

Based on the last two digits, the server can tell if you successly used an odd number in the multiplication, but can't tell which odd number you used. Each time, the last digits (what the client sends) is different, there is no way to tell what the client's secret number is, but we can tell that they do have a secret number.

It's more complicated than that, of course, and the client actually chooses two random numbers that go into the calculation, but that's the general idea. Just like of I tell you this:
( X * 63826281 ) % 10 = 3
You can tell X is odd, and that's all you can tell; you can never have any idea what X is, other than it must be an odd number. Similarly, with zero-knowledge proofs, the receiver can't tell what the secret is, it can only know that the sender does have a secret. Just with much harder math. :)

Elliptic curves are also the state of the art in TLS (SSL) cryptography, so breaking ECC would require the person to be able to read all TLS traffic.

Will China's AI Surveillance State Go Global?

Posted by EditorDavidView on SlashDotShareable Link
China already has hundreds of millions of surveillance cameras in place, reports the Atlantic's deputy editor, and "because a new regulation requires telecom firms to scan the face of anyone who signs up for cellphone services, phones' data can now be attached to a specific person's face."

But the article also warns that when it comes to AI-powered surveillance, China " could also export it beyond the country's borders, entrenching the power of a whole generation of autocrats" and "shift the balance of power between the individual and the state worldwide..." The country is now the world's leading seller of AI-powered surveillance equipment.... China uses "predatory lending to sell telecommunications equipment at a significant discount to developing countries, which then puts China in a position to control those networks and their data," Michael Kratsios, America's CTO, told me. When countries need to refinance the terms of their loans, China can make network access part of the deal, in the same way that its military secures base rights at foreign ports it finances. "If you give [China] unfettered access to data networks around the world, that could be a serious problem," Kratsios said...

Having set up beachheads* in Asia, Europe, and Africa, China's AI companies are now pushing into Latin America, a region the Chinese government describes as a "core economic interest." China financed Ecuador's $240 million purchase of a surveillance-camera system. Bolivia, too, has bought surveillance equipment with help from a loan from Beijing. Venezuela recently debuted a new national ID-card system that logs citizens' political affiliations in a database built by ZTE.

* The article provides these additional examples:
  • In Malaysia, the government is working with Yitu, a Chinese AI start-up, to bring facial-recognition technology to Kuala Lumpur's police...
  • Chinese companies also bid to outfit every one of Singapore's 110,000 lampposts with facial-recognition cameras.
  • In South Asia, the Chinese government has supplied surveillance equipment to Sri Lanka.
  • On the old Silk Road, the Chinese company Dahua is lining the streets of Mongolia's capital with AI-assisted surveillance cameras.
  • In Serbia, Huawei is helping set up a "safe-city system," complete with facial-recognition cameras and joint patrols conducted by Serbian and Chinese police aimed at helping Chinese tourists to feel safe.
  • Kenya, Uganda, and Mauritius are outfitting major cities with Chinese-made surveillance networks...

Re:There are better questions

By MrL0G1C • Score: 4, Insightful • Thread

A better question is when are we going to outlaw governments and businesses from making CCTV or facial recognition mandatory or tying them to financial incentives.

It can easily be argued there are perfectly valid use cases so how do we draw the line?

Re:About Serbia

By keithdowsett • Score: 4, Interesting • Thread

"Which one of the two evils seem worse?"

It all depends who you ask. If you ask a Serbian nationalist then all the neighbouring countries are part of 'Greater Serbia' and should submit to their Serbian Overlords. If you ask the people who live there you get a different answer.

In practice, a coalition of big countries stopped the killing in the Balkans for a few decades, but when their attention wanders elsewhere it'll all kick off again unless the people there can find some way to settle their differences. I don't think the presence or absence of a surveillance state will make a blind bit of difference.

But Europe is full of these ancient tribal and religious disputes, all supported by 'historical' maps. There's Northern Ireland, Catelan Spain, Basques in France, the division of Cyprus, and Russia in the Crimea. Maybe we should just give the whole lot back to the Italians, after all it was all Roman territory originally. Right???

Re:There are better questions

By jenningsthecat • Score: 4, Insightful • Thread

A better question is when are we going to outlaw governments and businesses from making CCTV or facial recognition mandatory or tying them to financial incentives.

"We", kimosabe? "We" have jack shit to say about how this plays out, because we have no power left. Our governments are owned by the corporate elites, except in China, where the corporations are merely happy to be in bed with the government whip-crackers. Elections are a sham because politics has supplanted religion as the opiate of the masses. It's all just a grand magic show - one hand distracts the masses while the other leads them to compliant servitude under the guise of safety, comfort, and above all, order.

Pretty much all of the world is an oligarchy of some flavour - some governments are just more upfront and less apologetic about it.

Re:Exactly this

By jenningsthecat • Score: 5, Interesting • Thread

Well, then, the solution to the problem is clear and simple: FUCK CHINA.

The question is "Who"? Who's going to fuck China? Only the US is possibly positioned to do it - but they're on the verge of 'failed nation' status, and they have their own very strong tendencies toward monitoring and controlling the population. Who else? A group of nations led by the British, who have their own well-advanced surveillance infrastructure? India, which is also an advanced surveillance state? I'll be surprised if we don't see this 'social credit' concept take off there within 5 years. Who else is left?

The days are long past where it's possible to 'fuck China'. Large portions of the world are already bent over and being fucked by China, and the only countries who might be able to turn the tide are too busy jumping on the bandwagon.

It sounds like China is just bidding on contracts

By Dr. Spork • Score: 3 • Thread
In each case mentioned, China and Chinese companies are not responsible for the surveillance project initiated by other countries. For example, it was Singapore's idea, not China's idea, that all the lampposts in Singapore should do facial recognition. It's a pretty chilling idea, but don't blame it on China. Chinese companies are just among the bidders to execute the contract. The angle of the story is "blame China" but actually the reality is scarier: Governments in much of the world - not just China, but also Singapore, Malaysia, Serbia, Kenya, etc. - are pretty eager to set up maximal surveillance. Those governments are escaping the blame they deserve if we frame this phenomenon as somehow a Chinese problem.

InfoWorld Lists 'Four Powerful Features Python is Still Missing'

Posted by EditorDavidView on SlashDotShareable Link
InfoWorld's senior writer calls Python a "living language," citing its recent addition of the "walrus operator" for in-line assignments and the newly-approved pattern matching.

"And they're only two of a slew of useful features that could be added to Python to make the language more expressive, more powerful, more suited to the modern programming world. What else might we wish for?" True constants - Python doesn't really have the concept of a constant value... [E]very time a name is used, Python goes to the trouble of looking up what object it's pointing at. This dynamism is one of the chief reasons Python runs more slowly than some other languages. Python's dynamism offers great flexibility and convenience, but it comes at the cost of runtime performance. One advantage of having true constant declarations in Python would be some reduction in the frequency of object lookups that take place during runtime, and thus better performance. If the runtime knows ahead of time that a given value never changes, it doesn't have to look up its bindings...

True overloading and generics - In many languages, multiple versions of the same function can be written to work with different kinds of input... PEP 3124, advanced in April 2007, proposed a mechanism for decorating functions to indicate they could be overloaded. The proposal was deferred rather than being rejected outright — meaning the idea was fundamentally sound, but the time wasn't right to implement it. One factor that might speed the adoption of overloading in Python — or cause the idea to be ditched entirely — is the implementation of the newly proposed pattern matching system.

In theory, pattern matching could be used under the hood to handle overload dispatch. However, pattern matching could also be given as a rationale for not implementing generics in Python, since it already provides an elegant way to dispatch operations based on type signatures. So we might get true overloading in Python one day, or its advantages might be superseded by other mechanisms.

The article lists two more features Python "probably won't get" — starting with multiline lambdas (anonymous functions). Guido van Rossum had argued in 2006 he couldn't find an acceptable syntax, and the article argues "there is probably no way to do it that doesn't involve creating a special case." And it argues the final missing feature is tail recursion optimizations, "where functions that call themselves don't create new stack frames in the application, and thus risk blowing up the stack if they run for too long.

"Python doesn't do this, and in fact its creators have consistently come out against doing so."

Re:The most powerful feature Python is missing

By youn • Score: 4, Funny • Thread

not entirely true, try:
      from __future__ import braces

Types

By michaelmalak • Score: 5, Insightful • Thread

Or, you know, type safety (even if it's optional, for backward compatibility).

Or a fluent (chaining) API that makes sense and is consistent.

I was pleasantly surprised to see Scala at #15 on the IEEE Spectrum list, given that it's usually in the mid-20's on the TIOBE and other lists. Although Python has a long and storied history, at this point, when it's not used for actual scripting, it's filling the role of Visual-Basic-for-functional-programming and I have to wonder (dare I hope) that some are abandoning Python for Scala.

Re:Types

By fph il quozientatore • Score: 5, Insightful • Thread
But they do nothing without an external type-checking tool. They are defined as just glorified comments.

Case or Switch Statement

By Glasswire • Score: 4, Informative • Thread

[that is all]

Re:Five

By K. S. Kyosuke • Score: 4, Insightful • Thread
Or at least equal opportunity for African-American space?