Alterslash

the unofficial Slashdot digest for 2021-Jul-21 today archive
 

Alterslash picks up to the best 5 comments from each of the day’s Slashdot stories, and presents them on a single page for easy reading.

16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from Threatpost: Researchers have released technical details on a high-severity privilege-escalation flaw in HP printer drivers (also used by Samsung and Xerox), which impacts hundreds of millions of Windows machines. If exploited, cyberattackers could bypass security products; install programs; view, change, encrypt or delete data; or create new accounts with more extensive user rights. The bug (CVE-2021-3438) has lurked in systems for 16 years, researchers at SentinelOne said, but was only uncovered this year. It carries an 8.8 out of 10 rating on the CVSS scale, making it high-severity.

According to researchers, the vulnerability exists in a function inside the driver that accepts data sent from User Mode via Input/Output Control (IOCTL); it does so without validating the size parameter. As the name suggests, IOCTL is a system call for device-specific input/output operations. "This function copies a string from the user input using 'strncpy' with a size parameter that is controlled by the user," according to SentinelOne's analysis, released on Tuesday. "Essentially, this allows attackers to overrun the buffer used by the driver." Thus, unprivileged users can elevate themselves into a SYSTEM account, allowing them to run code in kernel mode, since the vulnerable driver is locally available to anyone, according to the firm.

The printer-based attack vector is perfect for cybercriminals, according to SentinelOne, since printer drivers are essentially ubiquitous on Windows machines and are automatically loaded on every startup. "Thus, in effect, this driver gets installed and loaded without even asking or notifying the user," explained the researchers. "Whether you are configuring the printer to work wirelessly or via a USB cable, this driver gets loaded. In addition, it will be loaded by Windows on every boot. This makes the driver a perfect candidate to target since it will always be loaded on the machine even if there is no printer connected."
Affected models and associated patches can be found here and here.

"While HP is releasing a patch (a fixed driver), it should be noted that the certificate has not yet been revoked at the time of writing," according to SentinelOne. "This is not considered best practice since the vulnerable driver can still be used in bring-your-own-vulnerable-driver (BYOVD) attacks." Some Windows machines may already have the vulnerable driver without even running a dedicated installation file, since it comes with Microsoft Windows via Windows Update.

Re:How the hell are admins supposed to be able..

By gweihir • Score: 5, Informative • Thread

Or rather Linux has no printer drivers in the kernel and user-space drivers are typically _not_ run as root. As it should be in any sane design.

Linux may have _interface_ drivers in the kernel, but these will not be written by the vendor in most cases and they will have gotten at least some review from the kernel team. Not perfect. Kernel drivers are a known and ongoing problem in Linux as well. In theory, drivers should always be sand-boxed. Unfortunately, that is hard to do and may fail its purpose when the sandbox is configured wrongly. And, as drivers may need hardware access, there is no way to just use a generic sandbox.

The bottom line is that Linux makes this kind of screw-up somewhat hard but not impossible. Microsoft more or less invites it though.

100 more drivers on the wall to go

By Canberra1 • Score: 4, Interesting • Thread
Printer drivers - this was known ages ago. HP Network drivers could also be borked to transmit stuff. Graphics cards, with direct DMA and undocumented op codes are rich territory to exploit. The interesting thing is that both win7 and win10, Microsoft drivers were supposed to be stricter. Bzzz afraid not. Many color laser printers also add off color dots, so forgeries can be detected and traced. And some photographic/Camera software is probably even worse. Then webcams. Then trackpad drivers that 'accidently' let key logging in the final product.

Sounds so silly.

By Fly Swatter • Score: 3 • Thread
All these modern system designs and we still don't have separation of data and execution address space. If that existed the data would be corrupted sure, with still bad and risky results, but execution space couldn't be overwritten or changed by something like this.

List of affected printers

By mnassri • Score: 4, Informative • Thread

This https://support.hp.com/us-en/d... is the HP link that actually lists the devices affected. The one in the article makes you search manually.

F'n ugly clunky software.

By slacktide • Score: 4, Insightful • Thread
Gee, who would have thought a 180 megabyte PRINTER DRIVER could possibly have an undetected security hole? Maybe it's been made more complicated than it needs to be?

'Nuclear Football' Safety Procedures To Be Reassessed

Posted by BeauHDView on SlashDotShareable Link
quonset writes: Wherever the president goes, so goes the nuclear football, a 45 pound case which allows the president to to confirm his identity and authorize a nuclear strike. The Football also provides the commander in chief with a simplified menu of nuclear strike options -- allowing him to decide, for example, whether to destroy all of America's enemies in one fell swoop or to limit himself to obliterating only Moscow or Pyongyang or Beijing.

During the attempted insurrection on January 6th, video from inside the capitol showed the mob coming within 100 feet of then-Vice President Mike Pence and his military aide who was carrying a second nuclear football. Had they lost control of the case, no nuclear weapons could have been launched, but the highly classified information within the case could have been leaked, or sold, to nation states.

As a result, members of Congress asked the Pentagon to review procedures for handling and security of the nuclear football. The Department of Defense Inspector General will evaluate the policies and procedures around the Presidential Emergency Satchel, also known as the "nuclear football," in the event that it is "lost, stolen, or compromised," according to an announcement from the DoD IG's office. This would not be the first time procedures for the case have been reviewed. Jimmy Carter, who qualified as a nuclear sub commander, was aware that he would have only a few minutes to decide how to respond to a nuclear strike against the United States. Carter ordered that the war plans be drastically simplified. A former military aide to President Bill Clinton, Col. Buzz Patterson, would later describe the resulting pared-down set of choices as akin to a "Denny's breakfast menu." "It's like picking one out of Column A and two out of Column B," he told the History Channel.

Following Carter, an incident during the Reagan administration led to another review. In the chaos after the attempted assassination, the aide carrying the case was separated from Reagan and did not accompany him to the hospital. When Reagan was stripped of his clothes prior to going into surgery, the biscuit, a card every president is given, which, if needed, can personally identify the president, was found abandoned in a hospital plastic bag. Bill Clinton had his review moment when it was discovered he had lost his biscuit for months, and never told anyone.

Re: You left out a lot of info

By Synonymous Cowered • Score: 5, Informative • Thread

What does that have to do with Ashli Babbitt climbing through the broken out window of a physically barricaded door? Is the lack of bars on those windows an implicit invitation to climb on through?

Re:Are we sure it has to do with Jan 6?

By thegarbz • Score: 5, Insightful • Thread

He made an idle speculation in public.

You're allowed to make an idle speculation in public. The president and leader of a country with a population of 350million people looking to him for guidance is not.

Making idle speculation, or being sarcastic, or whatever excuse the press secretary came up with after the fact is just direct evidence that the man was criminally negligent at his job and as a result people are dead.

Fuck you for defending that shit.

Re:Are we sure it has to do with Jan 6?

By quonset • Score: 4, Insightful • Thread

It's also a great example of why our current system is broken.

The elections are set up in such a way that egregious irregularities can happen. And by the time any challenge to the process fights its way through all the sandbagging and opposition, it's "too late" to remediate anything.

So, the will of the people is meaningless.

It can be overridden at a whim by shenanigans and chicanery.

Ah yes, now the system is broken because of an "irregularity". Funny, this same irregularity happened in 2016 and Republicans fought tooth and nail to prevent any recount. They claimed the voting procedures are secure and the electoral college is the way to go.

It's almost as if when the system works, Republicans have a problem with it.

Re:Are we sure it has to do with Jan 6?

By luis_a_espinal • Score: 4, Interesting • Thread

Donald Trump, for all his faults, was clearly lucid. He attacked questions well informed and engaged. The same thing can not be said of Joe Biden.

One word: covfefe. And remember how George Washington and the Continental Army took over the airfields.

See, I do think Joe Biden is loopy himself, but that doesn't negate what a fucking moron Trump is/was. That you have to go out of your way to defending him in such a pathetic way, it speaks volumes about your own intelligence.

Re:Are we sure it has to do with Jan 6?

By DamnOregonian • Score: 4, Insightful • Thread

No. They're NOT called "antibiotics".

I apologize for the snark, however:
disinfectants are anti-bacterials.
antivirals are not considered disinfectants.
You can look this up if you don't believe me, but I'm right.

This is YOU attempting to insert narrative.

No. I think this is you trying to avoid something laughably stupid that Trump said. I mean who cares? Every President I've lived through has said enough dumb shit to fill a DVD worth of blooper roll. Who cares? Why is this the hill you want to die on?

The substances being discussed at the time were clearly NOT antibiotics.

Well, of course not. That's why my response was snarky as to your use the word disinfectant.
The substances being discussed don't exist. Period. Would be great if they did.
Viruses don't have cell walls, and the ones that are encapsulated are done so with the shattered remains of the host that made them.
This is why antivirals focus on improving your ability to fight a virus, not on destroying the virus, and why the word disinfectant means antibacterial.

Again, please continue trying to blame Trump for the Apple and everything after.

I'm not doing that at all.
I totally agree that it's nearly impossible to objectively evaluate anything about the guy given the hate for him. I also believe that exists toward Biden, and formerly Mrs. Clinton.
But the fact is, what he was.... was stupid. I don't understand the defensiveness. It's not like the guy didn't have a history of saying... well, really stupid shit.

Historical revisionism is the soul of good sophistry.

This is a strawman. I didn't try to revise history. Attempting to label what I did as that as a way to avoid the actual discussion? That's a logical fallacy.
Do better.

Clubhouse Is Now Out of Beta and Open To Everyone

Posted by BeauHDView on SlashDotShareable Link
Clubhouse announced Wednesday that it would end its waitlist and invite system, opening up to everyone. TechCrunch reports: Clubhouse is also introducing a real logo that will look familiar -- it's basically a slightly altered version of the waving emoji the company already used. Clubhouse will still hold onto its app portraits, introducing a new featured icon from the Atlanta music scene to ring in the changes. "The invite system has been an important part of our early history," Clubhouse founders Paul Davison and Rohan Seth wrote in a blog announcement. They note that adding users in waves and integrating new users into the app's community through Town Halls and orientation sessions helped Clubhouse grow at a healthy rate without breaking, "but we've always wanted Clubhouse to be open."

According to new data SensorTower provided to TechCrunch, Clubhouse hit its high point in February at 9.6 million global downloads, up from 2.4 million the month prior. After that, things settled down a bit before perking back up in May when TikTok went live on Android through the Google Play Store. Since May, new Android users have accounted for the lion's share of the app's downloads. In June, Clubhouse was installed 7.7 million times across both iOS and Android -- an impressive number that's definitely in conflict with the perception that the app might not have staying power.

Clubhouse's success is a double-edged sword. The app's meteoric rise came as a surprise to the team, as meteoric rises often do. The social app is still a wild success by normal metrics in a landscape completely dominated by a handful of large, entrenched platforms, but it can be tricky to maintain healthy momentum after such high highs. Opening up the app to everybody should certainly help.

But too late

By ugen • Score: 5, Interesting • Thread

A few months ago, at the peak of the hype, I was curious to check it out. Could not - "invitation only". Now they sent me a message saying "come on in" but, alas, I've read enough about it to know it's a waste of time. So - no, thanks.

Why would I want to be a part of a club

By Glasswire • Score: 3 • Thread

that would have me as a member?

Clubhouse is an audio forum, sort of

By BishopBerkeley • Score: 3 • Thread

Instead of typing, one has conversations, but the platform is dominated by celebrities and established institutions that lead discussions. No doubt, every hate group will soon have Clubhouse rooms to radicalize disciples.

It's just another tool to extract data from people. It's a total waste of time. I really don't know who has time for this nonsense. I joined when it was invitaiton only, and I have yet to spend more than 10 seconds in a room, and that was months ago.

This summary is lazy and here is why

By aepervius • Score: 4, Insightful • Thread
if you do NOT know what clubhouse is, the summary will leave you puzzled. I expect more from a news snippet : a link to a wiki or a one sentence to explain WHAT clubhouse is. This summary is lazy shit because it doers neither. All it does is copy paste some techcrunch paragraph which explains nothing. this is beyond lazy

Steve Jobs' 1973 Job Application Once Again Up For Auction, In Physical and NFT Form

Posted by BeauHDView on SlashDotShareable Link
A London-based entrepreneur is putting a 1973 job application filled out by Steve Jobs up for auction. "The form Jobs apparently filled out for an unspecified position at an unspecified company will be available to buy either as a purportedly authenticated physical good or in digital form, as a nonfungible token, or NFT," reports CNET. From the report: The job application's gone up for auction several times before, selling in 2017 for $18,750, in 2018 for $174,757, and just this last March for a reported $222,400. The auction's organizer, Olly Joshi, is hoping to sweeten the pot by taking bids for the physical and a new NFT version side by side. Bidding starts July 21. "The Steve Jobs hand-written 1973 job application auction aims to highlight the modern shift in perceived value -- the physical or the digital," he said in a statement. The auction will run for seven days, during which people seeking the physical version can bid through Joshi's website, which is being run off an auctioneering app called Snoofa. People hoping to snag the digital version can go to popular NFT marketplace Rarible.

Re:LOL @ bitcoin boomer logic

By Anonyrnous • Score: 4, Funny • Thread
Go ahead genius, invest all your hard earned money in NFTs. You'll get exactly what you deserve.

NFT+

By nullchar • Score: 4, Interesting • Thread

What's stopping the owner of the physical copy from creating another NFT?

Seems the NFT only has "value" (in, as we all know, an exaggerated sense) if the physical copy was destroyed.

Actually a twofer

By Frank Burly • Score: 5, Funny • Thread
Because the handwriting is all Wozniak's

Well this is stupid

By DrXym • Score: 3 • Thread
If you bid on the digital copy, the other winner could just absolutely wreck its value any time they wanted just by selling their own scans.

Audacity's New Owner Is In Another Fight With the Open Source Community

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from Ars Technica: Muse Group -- owner of the popular audio-editing app Audacity -- is in hot water with the open source community again. This time, the controversy isn't over Audacity -- it's about MuseScore, an open source application that allows musicians to create, share, and download musical scores (especially, but not only, in the form of sheet music). The MuseScore app itself is licensed GPLv3, which gives developers the right to fork its source and modify it. One such developer, Wenzheng Tang ("Xmader" on GitHub) went considerably further than modifying the app -- he also created separate apps designed to bypass MuseScore Pro subscription fees. After thoroughly reviewing the public comments made by both sides at GitHub, Ars spoke at length with Muse Group Head of Strategy Daniel Ray -- known on GitHub by the moniker "workedintheory" -- to get to the bottom of the controversy.

While Xmader did, in fact, fork MuseScore, that's not the root of the controversy. Xmader forked MuseScore in November 2020 and appears to have abandoned that fork entirely; it only has six commits total -- all trivial, and all made the same week that the fork was created. Xmader is also currently 21,710 commits behind the original MuseScore project repository. Muse Group's beef with Xmader comes from two other repositories, created specifically to bypass subscription fees. Those repositories are musescore-downloader (created November 2019) and musescore-dataset (created March 2020). Musescore-downloader describes itself succinctly: "download sheet music from musescore.com for free, no login or MuseScore Pro required." Musescore-dataset is nearly as straightforward: it declares itself "the unofficial dataset of all music sheets and users on musescore.com." In simpler terms: musescore-downloader lets you download things from musescore.com that you shouldn't be able to; musescore-dataset is those files themselves, already downloaded. For scores that are in the public domain or that users have uploaded under Creative Commons licenses, this isn't necessarily a problem. But many of the scores are only available by arrangement between the score owner and Muse Group itself -- and this has several important implications.

Just because you can access the score via the app or website doesn't mean you're free to access it anywhere, anyhow, or redistribute that score yourself. The distribution agreement between Muse Group and the rightsholder allows legitimate downloads, but only when using the site or app as intended. Those agreements do not give users carte blanche to bypass controls imposed on those downloads. Further, those downloads can often cost the distributor real money -- a free download of a score licensed to Muse Group by a commercial rightsholder (e.g., Disney) is generally not "free" to Muse Group itself. The site has to pay for the right to distribute that score -- in many cases, based on the number of downloads made. Bypassing those controls leaves Muse Group on the hook either for costs it has no way to monetize (e.g., by ads for free users) or for violating its own distribution agreements with rightsholders (by failing to properly track downloads).

Re:Lesson 1 when you're going to charge for conten

By Ostracus • Score: 4, Interesting • Thread

Indeed. As most music sites do. They first play only a preview (one even says that over the music), and when one buys they get the full thing. In one form or another (from sheet music to samples) NEVER give out the entire thing in a usable form (watermarks, cropped, lower resolution images).

Muse is in the right here

By jonwil • Score: 5, Informative • Thread

The individual wrote a program that scrapes copyrighted content from a web page that would otherwise only be available with a paid subscription. IANAL but a program who's sole purpose is to enable the user of that program to violate copyright by stealing copyrighted sheet music without paying for it is probably going to be illegal somewhere.

But the same individual set up a repository holding copyrighted sheet music. That's definitely illegal and an open and shut case for any copyright lawyer to make.

If the GUI is the limit, it is broken by design

By MessageDrivenBean • Score: 3, Insightful • Thread
In cases like this, where the GUI is suppose to be the limit but it isn't, I feel little sympathy for the designer of the back end.

Money talks so shut up now

By AndyKron • Score: 3 • Thread
I've noticed a lot of artists that had their music online for free are now getting sucked into the pay to play sites.

Re:Muse is in the right here

By thegarbz • Score: 5, Informative • Thread

From what I understand some of the sheet music is user-contributed and is under creative commons.

Some, yes. Those which are can be downloaded freely without a subscription.

The issue here is that he's intentionally scraping copyrighted music which has had paid for licenses attached to it. This is one step more nefarious to the arguments currently about youtube video downloading, since at least youtube provides a stream in original and usable format. In this case someone is effectively back building a product based on available data that requires a license fee to distribute.

The youtube downloader arguments often fail on the fact that no attempt to protect content has been bypassed. This example here would very likely fail that same legal test.

Amazon Promises Most Echo Speakers Will Support the Matter Smart Home Platform

Posted by BeauHDView on SlashDotShareable Link
Today, Amaon said it will be upgrading almost every plug-in Echo smart speaker to support Matter, a cross-platform open-source standard coming later this year. This includes most Echo and Echo Dot speakers and every Echo Studio, Echo Show, Echo Plus, and Echo Flex. "In fact, the only Echo smart speakers that won't get upgraded to Matter are the first-gen Echo, first-gen Echo Dot and Echo Tap," reports The Verge. From the report: While the company doesn't provide a timeline for those upgrades, the general idea is that Matter will launch by late 2021, so it shouldn't be long until Amazon's newest and / or more popular devices receive the capability. A bigger question is whether any of them will work as Matter hubs. Google announced in May that in addition to upgrading its Nest devices to Matter, it would allow its devices that support the Thread protocol (like the Nest Wi-Fi, Nest Hub Max, and second-gen Nest Hub) to double as connection hubs for Matter, too, not simply as a voice assistant to control Matter gadgets. But while Amazon's Eero routers were early to adopt Thread, Amazon's Echo smart speakers were not.

Serial Swatter Who Caused Death Gets Five Years In Prison

Posted by BeauHDView on SlashDotShareable Link
A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that lead to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today. Krebs on Security reports: Shane Sonderman, of Lauderdale County, Tenn. admitted to conspiring with a group of criminals that's been "swatting" and harassing people for months in a bid to coerce targets into giving up their valuable Twitter and Instagram usernames. At Sonderman's sentencing hearing today, prosecutors told the court the defendant and his co-conspirators would text and call targets and their families, posting their personal information online and sending them pizzas and other deliveries of food as a harassment technique.

Other victims of the group told prosecutors their tormentors further harassed them by making false reports of child abuse to social services local to the target's area, and false reports in the target's name to local suicide prevention hotlines. Eventually, when subjects of their harassment refused to sell or give up their Twitter and Instagram usernames, Sonderman and others would swat their targets -- or make a false report to authorities in the target's name with the intention of sending a heavily armed police response to that person's address. [...]

Sonderman might have been eligible to knock a few months off his sentence had he cooperated with investigators and refrained from committing further crimes while out on bond. But prosecutors said that shortly after his release, Sonderman went right back to doing what he was doing when he got caught. Investigators who subpoenaed his online communications found he'd logged into the Instagram account "FreeTheSoldiers," which was known to have been used by the group to harass people for their social media handles. Sonderman was promptly re-arrested for violating the terms of his release, and prosecutors played for the court today a recording of a phone call Sonderman made from jail in which he brags to a female acquaintance that he wiped his mobile phone two days before investigators served another search warrant on his home.
"Although it may seem inadequate, the law is the law," said Judge Norris after giving Sonderman the maximum sentence allowed by law under the statute. "The harm it caused, the death and destruction... it's almost unspeakable. This is not like cases we frequently have that involve guns and carjacking and drugs. This is a whole different level of insidious criminal behavior here."

Re:inadequate sentence

By Anonyrnous • Score: 5, Insightful • Thread
I don't understand the glee Americans have for the knowledge that their terrible jails allow inmates to rape other inmates. Even ignoring basic human rights and the fact that a decent percentage of inmates are innocent, how about the possibility that the perpetrators are meant to be getting punished but instead they're enjoying themselves raping other people? How do you know this guy isn't going to spend the next 6 years raping like a horny pirate?
And then we have to listen to you claiming how the Chinese don't respect human rights.

Shoot first, ask questions later

By aberglas • Score: 5, Insightful • Thread

Sure, SWATing is bad.

But it was the police that did the actual killing. And that is not uncommon. That is the problem.

Re:Shoot first, ask questions later

By sjames • Score: 5, Insightful • Thread

I agree that it's a problem, but there's plenty of blame to go around. The swatter is not an innocent bystander in the deaths.

Re:inadequate sentence

By sg_oneill • Score: 4, Insightful • Thread

Or the grieving human-mountain of a cousin of the victim happens to be in the same cell block serving a life sentence with nothing to lose by adding a prison shanking to the list of crimes.

I once worked wit a guy, oh ten-15 years ago, who was involved in hacking domain name registers and managed to get his hands about 500,000 credit card details, then tried to sell it to an under cover cop. He did 12 months for it, and at the end was utterly terrified of ever going back.

Prison, filled with hardened violent people with antisocial behavior disorders is a very very bad place for a nerd to find himself caged.

Re:Every time the subject of swatting comes up...

By Jason Levine • Score: 4, Informative • Thread

Part of the problem is the training they receive. Way too many officers get training called Killology. In this, they are told that they are going out to war and everyone they encounter is going to try to kill them. In response, they're told, they need to be ready to end the other person's life at a moment's notice. It makes officers look at every action as if it's an upcoming fatal attack. Old lady you stopped reaching for her purse? She must be trying to grab a gun and shoot you, better shoot her first. Kid playing with a Nerf gun in the park? That must be a real gun in disguise and he'll shoot you with it so he's going down first. Handcuffed suspect isn't complying 100%? He must be trying to figure out how to kill you so you'd better take him out first.

Killology courses should be completely banned and better training courses provided to teach police officers 1) how to deescalate a situation and 2) how to tell the difference between a situation where de-escalation will help and one where they are in actual danger. (I don't deny that officers do encounter "he'll kill me if I don't fire first" situations. The issue is that Killology tells them that EVERY situation is one of these.)

FTC Formally Adopts Right To Repair Platform

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from Motherboard: The Federal Trade Commission unanimously voted Wednesday to pursue policies that will make it easier for people to repair their own things. In a vote of 5-0 during a Commission Meeting, the FTC agreed to adopt a policy paper outlining how it planned to enforce rules that keep manufacturers from restricting aftermarket repair. It plans to enforce existing warranty law, coordinate with state and local lawmakers to ensure open markets, and investigate the current repair monopolies for violations of antitrust law. The move comes just weeks after President Joe Biden signed an executive order directing the commission to create right-to-repair rules.

The FTC policy paper outlined a five-pronged approach to the problem. First, it's asking for comments and complaints from the public about bad experiences it's had with repair issues and violated warranty. It's long been illegal under federal law for companies to void warranties based on aftermarket repairs. The problem is that those laws often aren't enforced, though the FTC did take some action on manufacturers who put warranty-void-if-removed stickers on their devices after Motherboard reported on the problem several years ago. "While current law does not provide for civil penalties or redress, the Commission will consider filing suit against violators of the Magnuson-Moss Warranty Act to seek appropriate injunctive relief," the policy paper said.

Next, the FTC said it will look over current repair restrictions for violations of existing antitrust and anti-competition laws. "Finally, the Commission will bring an interdisciplinary approach to this issue, using resources and expertise from throughout the agency to combat unlawful repair restrictions," the policy paper said. "The FTC will also closely coordinate with state law enforcement and policymakers to ensure compliance and to update existing law and regulation to advance the goal of open repair markets."
"Manufacturers, be warned: It's time to clean up your act and let people fix their stuff," Nathan Proctor, U.S. PIRG Right to Repair Senior Campaign Director, told Motherboard in an email. "With unanimous support from commissioners, there's a new sheriff in town. The FTC is ready to act to stop many of the schemes used to undermine repair, while support is increasing for new legislation to further crack down."

void warranties need to add void access to it

By Joe_Dragon • Score: 3 • Thread

void warranties need to add void access to it.
Like can't void access to changing after repairing your car
Like can't void access to parts of the software / hardware after swapping parts.
Like can't void access to parts of the software / hardware after swapping parts
Like can't forced Leased Cars to be dealer repair only.

RtRepair and RtOwn

By lenski • Score: 4, Informative • Thread

Right to Repair is related to "right to own". Devices with software content can be disabled by the manufacturer unless their "owners" cave in to new restrictions imposed by the manufacturers. Failure to pay the ransom reduces device functionality long after the original purcuase that they paid for originally.

Several of the devices that I bought years ago are no longer functional until I submit to the manufacturers' new requirements for "setting up an account", for "improved customer experience". That is a nonstarter.

Imagine buying a cell phone with pulse oxy / heartrate sensor, only to lose access to the functionality until setting up an account. Next step: Taking your pulse more than <n> times per day is a wonderful improvement for which you need to pay only a small monthly fee!

Sounds great on paper,

By jenningsthecat • Score: 4, Insightful • Thread

but unless the legislation has real teeth, (including prison terms for C-levels and direct financial penalties for shareholders), I'm afraid it will have the significance of a fart in a hurricane. With the slap-on-the-wrist penalties I foresee, corporations will consider it all a minor cost of business, increase their prices to compensate for it, and thumb their noses at Right to Repair.

Re:Don't hold your breath.

By rsilvergun • Score: 4, Insightful • Thread
I think at the stage the point is to just raise awareness that the Democrats are the party that support right to repair. From there it's a matter of getting more of them in office so that they have a supermajority they can get past filibuster. Also it's important to get the state legislatures. Assuming that this issue is important to you. Same goes for net neutrality. After the last 4 years there's no longer any question which party supports net neutrality and which party opposes it. the only question remaining is how slashedot readers will vote. And I get that we don't like partisan politics, some issues are just plain partisan and this is one of them.

Re: Dear Apple...

By citizenr • Score: 5, Informative • Thread

>as Samsung didn't do the original fix (replacing a cracked socket) the entire warranty was void

is explicitly illegal under magnusson-moss, but since you didnt even bother to fight it Samsung has no reason to change its policies.

China Rejects Hacking Charges, Accuses US of Cyberspying

Posted by msmashView on SlashDotShareable Link
China has rejected an accusation by Washington and its Western allies that Beijing is to blame for a hack of the Microsoft Exchange email system and complained Chinese entities are victims of damaging U.S. cyberattacks. From a report: A foreign ministry spokesman demanded Washington drop charges announced Monday against four Chinese nationals accused of working with the Ministry of State Security to try to steal U.S. trade secrets, technology and disease research. The announcement that the Biden administration and European allies formally blame Chinese government-linked hackers for ransomware attacks increased pressure over long-running complaints against Beijing but included no sanctions.

"The United States ganged up with its allies to make unwarranted accusations against Chinese cybersecurity," said the spokesman, Zhao Lijian. "This was made up out of thin air and confused right and wrong. It is purely a smear and suppression with political motives. China will never accept this," Zhao said, though he gave no indication of possible retaliation. China is a leader in cyberwarfare research along with the United States and Russia, but Beijing denies accusations that Chinese hackers steal trade secrets and technology. Security experts say the military and security ministry also sponsor hackers outside the government.

Top spying country blame other top spying country

By Pierre Pants • Score: 5, Insightful • Thread
of spying. News at 11.

Trustworthy

By GrBear • Score: 5, Insightful • Thread

This falls into my standard logic of, if you want to know what's happening in China, it's exactly the opposite of what they say.

They've proven this countless times again and again. The truth is the opposite of the published propaganda, which is practically everything.

Accuse the other side of what you are guilty

By schwit1 • Score: 3 • Thread

The US people may be a bit less indignant if there were proof of US hacking or ransomwaring Chinese assets.

Conflating two different things

By raymorris • Score: 4, Insightful • Thread

The US government directly employs top intelligence experts to gather intelligence on the Chinese government. There aren't very many of them, they are good at what they do.

China and Russia sponsor criminal gangs to indiscriminately attack any and all businesses and organizations in the US with ransomware and other malware.

The US spies on the Chinese government, to gather information on government actions and plans.

China attacks US businesses, schools, hospitals, etc, to do damage to civilian institutions.

Australia's Giant Carbon Capture Project Fails To Meet Key Targets

Posted by msmashView on SlashDotShareable Link
The world's largest carbon capture and storage project has failed to meet a crucial target of capturing and burying an average of 80% of the carbon dioxide produced from gas wells in Western Australia over five years. From a report: The energy giant Chevron agreed to the target with the West Australian government when developing its $54 billion Gorgon project to extract and export gas from fields off the WA coast. The five year milestone passed on Sunday. In a statement the energy giant Chevron announced that since operations began in August 2019 it had injected five million tonnes of greenhouse gases underground. According to the independent analyst Peter Milne, that leaves a shortfall of around 4.6 million tonnes, which he estimates would cost about $100 million to offset via carbon credits.

The project has national and even international significance, with the oil and gas industry and the federal government declaring the success of carbon capture and storage to be crucial in tackling climate change while making use of fossil fuels. "It is essential we position Australia to succeed by investing now in the technologies that will support our industries into the future, with lower emissions energy that can support Australian jobs," Prime Minister Scott Morrison said in April while announcing $263.7 million in funding to develop carbon capture and storage technology.

Re:Yet more subsidies for fossil fuels

By Darinbob • Score: 4, Insightful • Thread

If they really are so incredibly valuable then they dont' need public support or subsidies.

It's a 50% success

By Opportunist • Score: 3 • Thread

Just like the North Korean project to turn shit into butter.

Spread is on target, taste is still off, hence 50% success.

Barely a green initiative

By bug_hunter • Score: 4, Informative • Thread

It should be pointed out, this is an environmental initiative under Scott Morrison's government.

As a result, this green initiative was awarded to the single biggest polluting project in the country, run by Chevron, to make it slightly less polluting.
Seems similar to the Great Barrier Reef Project that was awarded a giant bunch of money with no tender. The project is very close with all the big mining companies and has debatable impact.

It’s still political suicide to go against the big mining companies in Australian politics (if their funding can swing 2% of the vote, that’s generally enough) - so we’ll reward them by paying them to clean up their own mess, and not caring when they fail.

Re:Yet more subsidies for fossil fuels

By BoogieChile • Score: 4, Interesting • Thread

> an obscene amount of land

Yeah, none of that in Australia, at all, at all. And what little there is, isn't particularly flat. Or sunny.

Re:Nice tech demo

By BeaverCleaver • Score: 5, Insightful • Thread

Unfortunately, this isn't anything like the "first time" that geological carbon sequestration has been tried. Our government has been using "carbon sequestration" as a magic-bullet excuse for not fixing emissions for almost 20 years now. It has been going at least since John Howard was prime minister. A quick search turns up this example from 2004: https://www.theage.com.au/nati... . They also usually throw around a lot of propaganda about "aussie innovation" and how great our R&D is. A lot of taxpayers' cash gets splashed around, then, just like in this most recent example, the project quietly fails. Meanwhile the natural gas (or coal, in the case of the 2004 article I linked) still gets extracted and Gina Reinhart or her cronies get a little bit richer. Instead of "innovation" leading the world, our researchers look like idiots, still banging away chasing the mythical carbon sequestration fairy. Note also that even if it was 100% successful, this most recent sequestration attempt does NOTHING to offset the emissions when the gas is burned. It was only ever a token effort to offset some of the emissions of _extracting_ the gas. And it didn't even succeed at that.

Meanwhile, real R&D on how to actually make a real difference goes unfunded.

Square To Create New Bitcoin Platform for Financial Services

Posted by msmashView on SlashDotShareable Link
Payments services company Square will open a new business focused on creating an "open developer platform" to make it easier to provide non-custodial, decentralized financial services, CEO Jack Dorsey said Thursday in a series of tweets. From a report: The still to-be-named division's "primary focus" would be bitcoin, he added. The initiative, which will be led by Mike Brock, would feature "open roadmap, open development and open source," Dorsey tweeted. Brock heads the company's strategic development group. The new division will differ from Square Crypto in that Square will provide direction as well as funding for its work, Dorsey tweeted. Square Crypto is working on the Lightning Development Kit.

cool

By OrangeTide • Score: 5, Funny • Thread

Let's all buy shitcoin and see how many of us can pull our money out before it's too late. I always loved the game Hot Potato as a kid, why not play it like an adult with serious money?

Shouldn't you disclose a conflict of interest ?

By alexhs • Score: 3 • Thread

msmash is on fire today ! How much do you think he lost so far ?

Speaking of changing

By quonset • Score: 3 • Thread

When the markets dropped 800 points on Monday, did anyone else notice the sudden change at the Fox tabloid? One of their draft dodging liars suddenly came out and said he'd been vaccinated, people should be vaccinated, and that covid is serious business.

It's almost as if money is more important than people.

Tesla Will 'Most Likely' Restart Accepting Bitcoin As Payments, Says Musk

Posted by msmashView on SlashDotShareable Link
Electric-car maker Tesla will most likely restart accepting bitcoin as payments, Chief Executive Officer Elon Musk said at a conference on Wednesday. From a report: Musk's comments come after Tesla said in May it would stop accepting bitcoin for car purchases. "Tesla would resume accepting bitcoin, it is most likely" Musk said at the B Word conference, where Square's Jack Dorsey also took part. Musk said he personally owned bitcoin, ethereum and dogecoin, apart from bitcoin that Tesla and SpaceX owned. Musk added that neither he nor any of his companies are selling any bitcoin. "If the price of bitcoin goes down, I lose money. I pump but i don't dump. I would like to see bitcoin succeed," he added.

Infinite loop

By DrXym • Score: 5, Funny • Thread
while (people_are_stupid()) { buy_bitcoin(); tweet_positive_thing(); sell_bitcoin(); tweet_negative_thing(); }

Too Volitile.

By jellomizer • Score: 3, Insightful • Thread

Being that it will take weeks/months/years to get your Tesla Car, buying with Bitcoin Is really a gamble (mostly for you).
So Bitcoin right now is down, but at 30k a bitcoin. So say I buy a Model S for 3 Bitcoin today. In about 3 months bitcoin can be valued at 40k. So When I get by car I would had paid 120k for a car vs 90k. Even if I pay bitcoin at delivery if I had 3 Bitcoin saved up, and the Price dropped to 25k a bit coin during that waiting period. Then I would be on the line for an additional 15k to buy the car.

The USD value is much more steady, So for medium wait purchases, say waiting a few months, my $90k may be worth $89,995 in that period. But Tesla may be apt to eat that $5 and or I wouldn't loose sleep having to pay an extra $5.

Guess Tesla still sits on a shitton of BTC

By Lisandro • Score: 3 • Thread

Gotta pump the dump, baby. To the moon! Diamond hands!

Re:Quick newbie question

By jellomizer • Score: 5, Insightful • Thread

While I wouldn't take investing advice from Slashdot, as it mostly either Russian tolls, heavily influenced by said trolls , and/or grumpy old men who hate all things new.

Tesla is a high risk and high reward stock.

Isn't Tesla currently building out three new factories? It is, however after they are built and demand for Tesla cars drop (competition from other companies jumping on the EV band wagon) then their investments in all that overhead will give them expensive mega factories that don't produce. However if they do get such demand and these factories can run at peak than that is a lot of revenue.

And doesn't the cost of those factories reduce their income to nearly zero? Most companies may even go into debt building up infrastructure. If Tesla has income at zero that would be a good thing.

And once those factories come online, won't the sheer volume of cars sold, without the expense of building new factories, catapult Tesla's profits into the stratosphere? If people want those cars. Traditional Automakers are getting into making EVs as well. They too have factories and a lot of infrastructure, that they had already paid for. So they may be making cars that people want. Tesla often takes risks, a lot of people dislike the Cybertruck look, even if it currently the best specs and price for a Pickup truck, the fact that it looks so odd may cause it to fail. The Roadster and Model S Plaid may be too fast for most people, as its speeds could cause people to blackout. Model 3 and Y tend to look a lot a like, and people may get board with them over time. The Semi, is all battery based, Hydrogen Fuel Cells may be a better use for Semi's....

I am not hating on Tesla. I am hoping to get a Tesla for my next car. However lets be honest Tesla isn't the safest stock to invest in. If things work out, you can make a lot of money, but things can go bad too, and bad rather quickly.

Fucking criminals

By Berkyjay • Score: 4, Interesting • Thread

Musk needs to be in jail for all the market manipulation he practices.

Robinhood's Guinea Pig for Upending Public Offerings: Itself

Posted by msmashView on SlashDotShareable Link
When Vlad Tenev and Baiju Bhatt created the stock trading app Robinhood in 2013, the entrepreneurs declared that their mission was to democratize Wall Street and make finance accessible to all. Now as they prepare to make their company public, they are taking that ethos to a new extreme. From a report: Mr. Tenev and Mr. Bhatt have long discussed how Robinhood's initial public offering would be more open than any other offering that came before it, three people close to the company said. This week, the two founders laid out the details: Robinhood plans to sell as much as a third of its offering, or $770 million of shares, directly to customers through its app. The company added that anyone can participate in a special livestream of its investor presentations this Saturday.

The moves are highly unusual and upend the traditional I.P.O. process. No company has ever offered so many shares to everyday investors at the outset; firms typically reserve just 1 or 2 percent of their shares for customers. And investor presentations usually take place behind closed doors with Wall Street firms, which have long had the most access to public offerings. But Mr. Tenev and Mr. Bhatt have made plans since at least 2019 to change the way I.P.O.s are done, said a person familiar with the company who was not authorized to speak publicly. Robinhood also chose Goldman Sachs to lead its offering partly because of the bank's ability to help sell pre-I.P.O. shares -- normally reserved for professionally managed funds -- to thousands of everyday investors on Robinhood's app, another person involved in the offering said.

Re:Desperate POS

By fahrbot-bot • Score: 5, Informative • Thread

If the product is free, you are the product. Specifically, Robinhood is selling your information to the big hedge funds. Stay away.

Noting that Robinhood routes more than half of its customer orders to Citadel Securities, part of Citadel, LLC (a hedge fund and financial services company -- the latter as Citadel Securities), which was founded and 85% owned by Kenneth C. Griffin.

From that WP article:

Robinhood and other brokerages cannot execute trades directly, so they usually work with market-making firms. Robinhood is required by law to work with market makers that can give their users the best market prices for a given trade. When Robinhood directs a transaction to one of these third parties, the market maker learns which security is being bought or sold before the trade happens.

Citadel and other market makers pay Robinhood a small fee for this privilege, which gives the market-making firms information about retail trading patterns. Citadel said it uses this information to improve its trading algorithms. Market makers also take a small profit on the “spread,” or difference in price between what a Robinhood user pays and the price at which the security is being sold in the market.

... Critics of these arrangements say they amount to a hidden tax on unsuspecting mom-and-pop investors.

So, while Robinhood doesn't directly work with/for a hedge fund, one of their suppliers is, let's say, hedge fund adjacent and Robinhood makes a lot of their money from working with them ...

People still use that trash service?

By Scutter • Score: 4, Insightful • Thread

their mission was to democratize Wall Street and make finance accessible to all

Unless, of course, you peons threaten to make money and then they'll just cut you off completely.

Direct Listing

By phalse phace • Score: 3 • Thread

If they really want to make their stock offering more open, wouldn't a direct listing for the stock be better than an IPO since the market (buyers and sellers) determines the stock price and not the underwriters / investment bankers, and everyone has the same opportunity to get shares?

Re:Desperate POS

By Anubis IV • Score: 4, Informative • Thread

If the product is free, you are the product.

Very true...except that Robinhood isn't free.

While they say it's free, the truth—once you cut through the BS—is that you're paying a fee on every transaction. The price you pay is higher than what the stock is actually selling for on the open market. Robinhood's partners make a profit from your overpayment, then share part of that profit with Robinhood as a "thank you" for directing traffic their way.

Because of the back-and-forth arrangement you never actually directly pay Robinhood, but the effective result of these arrangements is that you're paying Robinhood a fee for every transaction you make.

IPO's have a purpose.

By gurps_npc • Score: 3 • Thread

It is very hard to figure out the value of a company - that is the entire purpose of the stock market. So how do you figure out the value before you are part of the stock market?

The value of a company is entirely based on what people think of it. That is how the stock market works, by summarizing the general opinion. But certain people's opinions count more. Specifically, those that have more money. Those that have more money tend to care a lot about financial information.

IPO's do everything they can to take into account both the financial data and the 'demand'. But they also act as 'advertisement', which is why so many IPO's tend to have quick rise followed by a decrease as time passes and the advertisement goes away. Sometimes it ends at a price higher than the IPO offering price, others it ends lower.

Direct Sales tend to have less concentration on financial data and less advertisement. But they are in NO way superior to IPO's. They do not get more accurate prices.

Honestly, if there was a good way to calculate the price the stock market would give, that method would end up replacing the stock market, if only because traders would start using it.

IPO's give more shares to institutions but have to agree to a lock in period. Most IPO's end up lower than the IPO price a year later. While it does makes sense to buy every IPO if you sell it quickly, holding for a long term is not profitable.

Given that, in my personal opinion, IPOs are the right way to do it. Let the Institutions do the hard work of finding out the stock price. Letting average people do it just adds froth to the IPO 'spike', allowing traders to profit while long term investors lose out.

EU Plans To Make Bitcoin Transfers More Traceable

Posted by msmashView on SlashDotShareable Link
Proposed changes to EU law would force companies that transfer Bitcoin or other crypto-assets to collect details on the recipient and sender. From a report: The proposals would make crypto-assets more traceable, the EU Commission said, and would help stop money-laundering and the financing of terrorism. The new rules would also prohibit providing anonymous crypto-asset wallets. The proposals could take two years to become law. The Commission argued that crypto-asset transfers should be subject to the same anti-money-laundering rules as wire transfers. "Given that virtual assets transfers are subject to similar money-laundering and terrorist-financing risks as wire funds transfers... it therefore appears logical to use the same legislative instrument to address these common issues," the Commission wrote. While some crypto-asset service providers are already covered by anti-money-laundering rules, the new proposals would "extend these rules to the entire crypto-sector, obliging all service providers to conduct due diligence on their customers," the Commission explained. Under the proposals, a company transferring crypto-assets for a customer would be obliged to include their name, address, date of birth and account number, and the name of the recipient.

Telegram Founder Listed in Leaked Pegasus Project Data

Posted by msmashView on SlashDotShareable Link
Amid the varied cast of people whose numbers appear on a list of individuals selected by NSO Group's client governments, one name stands out as particularly ironic. Pavel Durov, the enigmatic Russian-born tech billionaire who has built his reputation on creating an unhackable messaging app, finds his own number on the list. From a report: Durov, 36, is the founder of Telegram, which claims to have more than half a billion users. Telegram offers end-to-end encrypted messaging and users can also set up "channels" to disseminate information quickly to followers. It has found popularity among those keen to evade the snooping eyes of governments, whether they be criminals, terrorists or protesters battling authoritarian regimes. In recent years, Durov has publicly rubbished the security standards of competitors, particularly WhatsApp, which he has claimed is "dangerous" to use. By contrast, he has positioned Telegram as a plucky upstart determined to safeguard the privacy of its users at all costs.

Re:What's this world coming to?

By billyswong • Score: 5, Funny • Thread
The game is like this:
if you may talk anti-America and anti-China stuff, chat in Russian software.
If you may talk anti-America and anti-Russia stuff, chat in Chinese software.
If you may talk anti-China and anti-Russia stuff, chat in American software.
If you may anti-all-three of them, chat in whatever software because either you are doomed, or no security agencies take you seriously so you may be safe after all.

NSO are lightweights...

By VeryFluffyBunny • Score: 4, Interesting • Thread

I'm pretty sure that every govt. SIGINT agency has access to accumulated profiles on whoever they deem to be 'persons of interest', including a lot of personal information, known associates, habits & routines, mobile location data, financial & medical info, etc.. They have very, very long lists that encompass anyone & everyone who it might be useful to monitor or manipulate in some way when the need arises. The vast majority of people on these lists are lawyers, journalists, publishers, people who work in media & news, banking & finance, executives, people who work for NGOs, international organisations, etc., within the countries' own borders. This is the day-to-day 'bread & butter' work of SIGINT for national security.

The NSO client list is just a tiny glimpse through the cracks at what govts. & some corporations have been doing as routine & on a much bigger scale for decades. The tools change with the times but the basic principles are the same.

Huh?

By Nrrqshrr • Score: 4, Insightful • Thread

>"It has found popularity among those keen to evade the snooping eyes of governments, whether they be criminals, terrorists or protesters battling authoritarian regimes."

How about just people who like their privacy? Do you have to be a criminal, terrorist, or freedom fighter to deserve private communication?

Idiotic framing

By sinij • Score: 5, Insightful • Thread

whether they be criminals, terrorists or protesters

Might as well add pedophiles to the list to make drive-by smear complete.

Re:That's a seriously pathetic hit-piece attempt.

By Anubis IV • Score: 4, Insightful • Thread

therefore he and everything he's related to has been compromised.

Just to make sure we're on the same page, being on the list means he was a potential target for government surveillance, not that he was aiding in government surveillance. The fact that governments are going after him lends credence to the notion that he's honoring the trust his users are putting in him. Sure, it's possible his phone has been compromised, but it seems like a stretch to assume that "compromised phone" means "compromised Telegram".

Microsoft Acquires Security Startup CloudKnox

Posted by msmashView on SlashDotShareable Link
Microsoft said Wednesday it's acquiring CloudKnox, a start-up whose software helps companies reduce the amount of access they provide to their cloud resources. Terms of the deal weren't disclosed. From a report: The move represents another step Microsoft is taking to expand its security business, in addition to working to keep Windows and its other products secure. In January, Microsoft said it had generated over $10 billion in security revenue in the previous 12 months, up more than 40% year over year, meaning that it's growing faster than most other product areas. Just last week Microsoft announced the acquisition of another security company, RiskIQ, which can spot threats across a given company's entire information-technology footprint. CloudKnox's software works with Microsoft's Azure public cloud, as well as the Amazon and Google clouds. The software spots and can remove cases of permissions for employees and virtual identities that aren't being actively used, and it can show alerts about unusual activity.

Wildfire Smoke Spreads Haze and Health Warnings To East Coast

Posted by msmashView on SlashDotShareable Link
Wildfire smoke from Canada and the Western United States stretched across North America this week, covering skies in a thick haze, tinting the sun a malevolent red and triggering health alerts from Toronto to Philadelphia. Air quality remained in the unhealthy range across much of the East Coast on Wednesday morning. From a report: The map below, based on modeling from the National Oceanic and Atmospheric Administration, shows how the smoke spread across the country. It reflects fine particulate pollution released by wildfires and does not include pollution from other human sources, like power plants and cars. It's not unprecedented to see smoke travel such long distances, said Roisin Commane, an atmospheric scientist at Columbia University, but it doesn't always descend to the surface. The air quality index, a measure developed by the Environmental Protection Agency, spiked across the Midwest and East Coast this week, with numbers hovering around 130 to 160 in New York City, a range where members of sensitive groups and the general public may experience adverse health effects. (The index runs from 0 to 500; the higher the number, the greater the level of air pollution, with readings over 100 considered particularly unhealthy.)

Re:Pink moon

By Salgak1 • Score: 4, Informative • Thread

Yes, here in Ohio I've been noticing that the moon has been pink for most of the last week, even at relatively high elevations.

Yes but "relatively high elevation" in Ohio is not really high at all given that the highest point is 472m above sea level. I doubt tiny changes in elevation like that will have any effect on the amount of smoke. Here in Alberta, a lot closer to the BC fires, we have had smoke thick enough to noticeably reduce visibility over ~100m and which hit the top 10+ rating on our air-quality scale of arbitrary units. and we are at over 700m elevation. I suspect like clouds you'll need mountains of a few thousand metres to rise above it.

I rather suspect the original poster was referring to the degree of elevation of the Moon over the horizon. . . .

Re:Thank you California.

By hey! • Score: 5, Informative • Thread

The fires may be in California, but the cause isn't limited to California. More than half of the wildfires in the west are reasonably attributable to climate change [], which is a global problem.

With respect to forest management practices, there's only so much the state could do, since it only owns about 3% of the forests within its borders. 58% are owned by the Federal Government.

Florida

By phalse phace • Score: 5, Funny • Thread

Looking at the map, I can see that even the smoke doesn't want to go down to Florida.

Re:Two questions for msmash

By gtall • Score: 5, Insightful • Thread

Please try to keep up. The right wingnuts have fingered NOAA for being part of a sneaky science cabal intent on changing their life styles because. . .well, they aren't exactly sure but they know it is a sneaky cabal.

Re:Pink moon

By gtall • Score: 5, Funny • Thread

The West Coast burning, the fires last year in Australia, Siberia burning, glaciers in the Alps melting, glaciers in the Himalayas melting, fish in the North Central Atlantic heading farther north for cooler water causing the East Coast fishermen to burn more fuel having to chase them, Greenland melting.

Yes, I see now why you are skeptical.

Google Maps Will Help You Avoid Crowded Mass Transit in Way More Cities

Posted by msmashView on SlashDotShareable Link
Google is expanding the number of cities where Maps offers information about public transport crowding. The number of cities covered is increasing from around 200 today, to "over 10,000 transit agencies in 100 countries," the company says. As well as crowdedness, Google says Maps is also being updated to offer more information about past travel. From a report: Google Maps' crowdedness information originally launched pre-pandemic in 2019, but over the past year social distancing has made it more important than ever. Crowdedness information is generated from a mixture of historical location data, as well as self-reporting from Maps users on individual trains. Google says it anonymizes the location history data used. As well as expanding the crowdedness predictions to more cities, Google is also making them more granular in New York and Sydney. In these cities users will see how crowded individual train carriages are instead of just general crowding on the transit line. The feature works using data provided by transit agencies themselves, and Google says it plans to expand the capability to more cities soon.

Burke Gilman Bicycle Trail In Seattle

By mallyn • Score: 4, Interesting • Thread
Google:

Can you please tell me when the Burke Gilman Bicycle Trail in Seattle will have the fewest bicycle pace line racers and rollerblade speed skaters so that I can safely walk with my walker on the trail without being hit?

I can see where this would help frail elderly folks like me who are nervous using some of our multi-use-trails.

UK Man Arrested in Spain for Role in Twitter 2020 Hack

Posted by msmashView on SlashDotShareable Link
A 22-year-old UK national was arrested today in Spain for his role in hacking Twitter's internal network and hijacking high-profile accounts in July last year. From a report: Joseph O'Connor, 22, was arrested today in the city of Estepona, in southern Spain, by Spanish National Police pursuant to a US arrest warrant. O'Connor marks the fourth man linked to the Twitter 2020 hack, after three men were charged and detained on July 31, last year. O'Conner, who went online as "j0e," worked with the other three to gain access to one of Twitter's internal Slack channels. The group found credentials in the Slack workplaces that allowed them to gain access to Twitter's moderation panel.

Really

By OpenSourced • Score: 4, Interesting • Thread

I've lost count of the number of British, wanted by the police, that go to the "Costa del Sol" to hide there. And are arrested, of course. Ok, it's another country, and it's chock full of British people so you don't stick out. But it's also the first place they look, apparently.

Re:Really

By monkeyxpress • Score: 4 • Thread

There was a period between 1978 and 1985 when there was no extradition treaty between the UK and Spain. This attracted a LOT of bad people there from the UK.

I imagine those who remained on after the eventual extradition treaty was signed ensured there was an elaborate support network in place to keep themselves hidden. No doubt the legacy of this lives on today.

Tesla Plans To Open Its Charging Network To Other EVs Later This Year

Posted by msmashView on SlashDotShareable Link
Tesla plans to open its network of superchargers to other electric vehicles later this year, Chief Executive Officer Elon Musk said on Twitter. From a report: The electric-car maker's fast charging network, with over 25,000 superchargers globally, has given it a competitive edge. Meanwhile, other carmakers have formed alliances or invested in startups for networks as they rush new electric vehicle entrants to market. "We're making our Supercharger network open to other EVs later this year," Musk said on Tuesday, adding that over time Tesla's charging network will be opened to other electric vehicles in all countries.

Re:and open them to non dealer repaired ones?

By Smidge204 • Score: 5, Interesting • Thread

At least you can understand the liability and public image motivations behind Tesla not wanting vehicles with unauthorized repairs using their superchargers.

If the repair involves the battery pack or its active cooling system, and wasn't done right, trying to supercharge it may result in a vehicle fire. That's damage to their stating AND their brand. If the vehicle was involved in a collision, there's no guarantee the battery wasn't damaged; and following the same reasoning they don't allow vehicles with salvaged Tesla packs to use them either.

There's another car fire reported in the US every ~2 minutes. Car fires are so common that it barely makes it to the local news beyond traffic reports. EVs are far safer in this regard, but despite that any incident of an EV fire makes national news for days... you can hopefully see why Tesla would be extra draconian about this.
=Smidge=

Re:and open them to non dealer repaired ones?

By SpiceWare • Score: 5, Informative • Thread

I've never heard of an ICE vehicle catching fire in an enclosed garage while sitting idle.

Parked BMWs bursting into flames leave owners with questions

An ABC News investigation airing today on Good Morning America, World News Tonight with David Muir and Nightline discovered dozens of incidents in which the luxury cars caught fire even though owners reported they had parked their cars and turned them off.

More Hyundai SUVs Recalled Due to Fire Risk

Over 651,000 Hyundai Tucson SUVs and Kia Stinger sedans should be parked outside until they are repaired

Re:and open them to non dealer repaired ones?

By Kernel Kurtz • Score: 5, Insightful • Thread

At least you can understand the liability and public image motivations behind Tesla not wanting vehicles with unauthorized repairs using their superchargers.

Perhaps, but I'm still glad Shell stations don't care who repairs my car.

Re:and open them to non dealer repaired ones?

By Smidge204 • Score: 5, Informative • Thread

> I've never heard of an ICE vehicle catching fire in an enclosed garage while sitting idle.

If you really haven't heard about that happening, it's only because it's not reported as widely as when it involves an EV. Heck just search "car catches fire in garage" and you'll get plenty of examples.

https://www.nfpa.org/-/media/F...

Per PDF: 16% of all highway vehicle fires occur in a parking area. That includes commercial parking structures and parking lots of course, but point is that about 1 in 6 vehicles that burst into flames are parked and idle... which in 2018 numbers is over 34,000 vehicles.

So yes, it happens. Nobody seems to be blogging about it though...
=Smidge=

What stagnation?

By SpiceWare • Score: 4, Informative • Thread

When the Supercharger was introduced they were 100 KW.

When I got my Model 3 in 2018 the V2 Superchargers were 120 kW. A year later a software update increased that to 150 kW. Over many trips between Houston and Wisconsin we've found the V2 supercharging did not add any additional time over prior trips in a gas car because the charging coincided with meal stops and rest stops that we would have made anyway. What did add time was the route was different due to the location of the Superchargers. This has been resolved with the expansion and infilling* of the Supercharger network.

V3 Superchargers are 250 kW, and are being upgraded to 300 kW with plans for 350 kW in the pipeline.

The charging speed bottleneck is no longer the kW but the charging curve. An example of that can be seen here were the change from 150 to 250 kW only saved ~2 minutes of charging time. Increasing the size of the top of the curve is were the big gains will be found, and that's tied to the batteries themselves.

* expansion = addition of Superchargers on other routes
infilling = addition of Superchargers on existing routes, eliminating the need to charge to 100% which reduces the impact of the charge curve.

15,000-Year-Old Viruses Discovered In Tibetan Glacier Ice

Posted by BeauHDView on SlashDotShareable Link
An anonymous reader quotes a report from Ohio State News: Scientists who study glacier ice have found viruses nearly 15,000 years old in two ice samples taken from the Tibetan Plateau in China. Most of those viruses, which survived because they had remained frozen, are unlike any viruses that have been cataloged to date. The findings, published today in the journal Microbiome, could help scientists understand how viruses have evolved over centuries. For this study, the scientists also created a new, ultra-clean method of analyzing microbes and viruses in ice without contaminating it.

The researchers analyzed ice cores taken in 2015 from the Guliya ice cap in western China. The cores are collected at high altitudes -- the summit of Guliya, where this ice originated, is 22,000 feet above sea level. The ice cores contain layers of ice that accumulate year after year, trapping whatever was in the atmosphere around them at the time each layer froze. Those layers create a timeline of sorts, which scientists have used to understand more about climate change, microbes, viruses and gases throughout history. Researchers determined that the ice was nearly 15,000 years old using a combination of traditional and new, novel techniques to date this ice core. When they analyzed the ice, they found genetic codes for 33 viruses. Four of those viruses have already been identified by the scientific community. But at least 28 of them are novel. About half of them seemed to have survived at the time they were frozen not in spite of the ice, but because of it.

Infections

By JBMcB • Score: 5, Insightful • Thread

The article doesn't make it clear, so just to let everyone know - the odds of these things being infectious to humans are astronomically low. And, even if they were, after thawing their shelf life might be a couple of hours, or a few minutes if exposed to water or sunlight.

A virus is not alive

By gweihir • Score: 4, Informative • Thread

And hence it cannot "survive" either. It can only be "intact".

Re:Wait, I've seen this movie before

By Salgak1 • Score: 5, Funny • Thread

Luckily, in 2021 America, zombies would starve to (un)death.

Brains are nowhere to be found (grin)

Re:Wait, I've seen this movie before

By Jzanu • Score: 4, Informative • Thread
You believe such description is a work of mental gymnastics but it is rather a simple description of the case. Evidence exists of Coronavirus earlier in 2019 - in Spain from March, and in Brazil in November.This means that the Wuhan event was simply the first relaized event. More generally, it is well established that emergence of new viruses is tied to land use changes. Try to understand the concepts here rather than focus on the propaganda that you have absorbed.

Re:Wait, I've seen this movie before

By dgatwood • Score: 4, Insightful • Thread

You believe such description is a work of mental gymnastics but it is rather a simple description of the case. Evidence exists of Coronavirus earlier in 2019 - in Spain from March, and in Brazil in November.

Okay, stop for a moment and think about how absurd that is. The notion that such a rapidly spreading virus with such a high R0 had been spreading since March is just comical. There are only two plausible possibilities there: either A. they accidentally contaminated the samples or B. they used a low-quality test that had a cross reaction with a non-novel coronavirus. There's almost no chance that it was spreading for nine months without anyone noticing. In most countries, the time from the first known case to the first death has been about two weeks.

Brazil is only slightly more plausible, but still very unlikely for the same reason. This virus spreads rapidly through an unvaccinated population even without any superspreader events, with an R0 in the mid 2s. The first death in Brazil was two weeks after the first death in China, and only about two weeks before the first U.S. death (which was actually a couple of weeks before the first definitively known case). For COVID-19 to have started in Brazil a month before China would mean that it took 2 weeks from the first known case in China to the first death, but spread for eight weeks undetected in Brazil. That seems fairly unlikely. A month, maybe. Two months? That's a big stretch.

The other timeline, though, where someone brought it from China to Brazil, lines right up with what one would expect; the first death was about two weeks after when there were enough infected people in China to make transmission to another country start to be likely.

This means that the Wuhan event was simply the first relaized event. More generally, it is well established that emergence of new viruses is tied to land use changes.

Established? The seventh word in the title of that journal article is "hypotheses". Try again.

Land use changes do increase contact between humans and wildlife, and in theory, that could increase the risk of cross-species virus transmission, but IMO, transmission through domesticated animals is a more likely route.

Don't get me wrong. It is possible that it did exist in other countries before it existed in China. But that if the virus in other countries was too weak to become established and start spreading rapidly in the wild enough to cause any deaths, that suggests that it got its start multiple times in multiple places, which implies that its spread was deliberate. I think it is much, much more likely that those test results were simply erroneous.

Or the other possibility is that the Chinese government was covering up the spread of this virus in China for months, and that it's entirely a fluke that somebody finally spilled the beans, and an even bigger fluke that nobody spread the virus to a country with a first-world medical system until late 2019. But again, it's more likely that the test results were simply wrong.

Intel's Mobileye Begins Testing Autonomous Vehicles In New York City

Posted by BeauHDView on SlashDotShareable Link
Mobileye, the company that specializes in chips for vision-based autonomous vehicles, is now testing its AVs in New York City -- a difficult and rare move given the state's restrictions around such testing. The Verge reports: The announcement was made by Amnon Shashua, president and CEO of the Intel-owned company, at an event in the city on Tuesday. Shashua said the company is currently testing two autonomous vehicles in New York City, but plans to increase that number to seven "in the next few months." New York City has some of the most dangerous, congested, and poorly managed streets in the world. They are also chock-full of construction workers, pedestrians, bicyclists, and double- and sometimes even triple-parked cars. In theory, this would make it very difficult for an autonomous vehicle to navigate, given that AVs typically rely on good weather, clear signage, and less aggressive driving from other road users for safe operation. But Shashua said this was part of the challenge in deciding where to test Mobileye's vehicles.

"I think for a human it's very, very challenging to drive in New York City," Shashua said, "not to mention for a robotic car." While other states have become hot beds for AV testing, New York has been a bit of a ghost town. Part of the reason could be the state's strict rules, which include mandating that safety drivers keep their hands on the wheel at all times and requiring state police escort at all times to be paid for by the testing company. A spokesperson for Mobileye says the company has obtained a permit from the state to test its vehicles on public roads and is currently the only AV testing permit holder in the state. The spokesperson also said that police escorts were no longer required.

another example of writer overreach

By nokarmajustviewspls • Score: 5, Informative • Thread

As someone who's been to some of this planet's REALLY congested cities (New Delhi, Bangkok) it's obvious that New York City DOES NOT have "some of the most dangerous, congested, and poorly managed streets in the world", not even remotely close. I used to drive in Seoul at a time when the number of daily traffic deaths in the city were shown on a digital sign board on a major bridge; due to the insane level of drinking and driving then it was in the triple digits. As someone who's spent a LOT of time in traffic in Bangkok, (which is not even the worst in S.E. Asia that would be Jakarta) I can tell you that hours to go less than an a mile in rush hour is common. In India..., well that's another world entirely. I mean c'mon at least New York City has many working traffic lights (I remember when Phnom Penh had ONE) and we aren't even considering the urban disasters that I've heard of in Africa.

In fact, the article it links to doesn't even make that claim, it says "The New York City area officially has the worst traffic in the country, according to the latest survey for Texas A&M’s Transportation Institute.".

As an American, speaking to (presumably) another American, don't assume the biggest or best or baddest or worst in America is it for the world. (Like Los Angeles does not have the largest number of Koreans outside of Seoul or stuff like that).

So for me the true test of a self driving car will be when it can even find the courage to MOVE in the swarm of humanity riding motorbikes sprinkled with cars (driven by people with fake licenses) that is Ho Chi Minh City (the city formerly known as Saigon). Many foreigners who come here, when needing to cross the street are paralyzed with fear unable to step off the curb (they don't know that even the sidewalk won't save them from motorbikes who often drive on it). Some pretty famous people visiting Vietnam have died/been seriously injured trying to cross the street (like the MIT professor Seymour Paypert), The key is to swallow hard and, in a tiny break in the traffic, just step off the curb moving resolutely forward WITHOUT regard to oncoming motorbike traffic (avoid cars like you normally do). I've actually tried this with my eyes closed; unless this is the afterlife, I survived.

It takes courage but the Vietnamese* have that in spades. No wonder why they won the war!

*I'm not Vietnamese but I do have a VN gf :)

China Unveils 'Fastest Ground Vehicle In the World'

Posted by BeauHDView on SlashDotShareable Link
China has unveiled its new maglev train that's being touted as the fastest ground vehicle in the world with a maximum speed of 372 mph (600 kph). USA Today reports: The train uses electro-magnetic force, making it "float" so there is no contact between the rail and the body, Reuters reported. The debut of the super fast train could cut down time for people traveling from Beijing to Shanghai to only 2.5 hours. That's a distance of 754 miles and currently a 4.5-hour train ride on one of China's bullet trains. China's newest train is expected to be ready for commercial use within the next decade.

Exactly, and we fsckd up

By k2r • Score: 4, Insightful • Thread

Exacly, it was developed in Germany and we never built a public track to use it but discussed it (NIMBY and dying industry building cars running on fossil fuels) for a few decades until we sold it out to Shanghai.
The Chinese deserve any credit for actually building, using and improving it.
We can build solid and sometimes innovative things, but we often can‘t make use of them because.

Re: Impressive

By damn_registrars • Score: 4, Informative • Thread

Probably because the constant acceleration and breaking to give priority for freight movement would make it massively uncomfortable.

I will argue that is not actually relevant when talking about true high-speed trains. The tracks that exist in the USA are completely incapable of carrying high-speed trains, we would have to build an entirely new network of completely new tracks to have maglev trains. Maglev tracks are more closely related to the Disney World monorail than they are to what we call trains in the USA.

Hey China!

By VeryFluffyBunny • Score: 3, Funny • Thread
You can take our manufacturing. You can take our economic optimism. You can take our middle classes. You can take our renewable energy & civil infrastructure investment. You can take our leads in scientific research & engineering. But you'll never take our freedumb!!!

in other news ... china buries train

By rbgnr111 • Score: 3 • Thread

somehow I see this going the same as the last time they made an announcement about the speed of their trains.
1. a train derails killing a large number of passengers
2. rather than report it, the government decides it'll just bury the train and passengers
3. they get caught, and now all trains need to go slow.

Re:Impressive

By AmiMoJo • Score: 4, Insightful • Thread

The Shanghai maglev used electromagnetic suspension (EMS) which turned out to be not do great for long distances at very high speeds, or things like significant elevation changes. Basically the train wraps around the track with C shaped arms that contain electromagnets. It's unstable and requires constant feedback and adjustment to keep the train from getting too far off axis and hitting the track. The main advantage is that the train is always levitated in normal operation.

The future looks like it will be electrodynamic suspension (EDS) which is what this new Chinese train uses and what the Japanese Chuo Shinkansen uses. The track is U shaped with magnets in the walls. The big advantage of this is that the whole system is self-centring and doesn't need any feedback system at all, the magnetic forces keep everything aligned. As you can imagine that's quite important in a country where earthquakes are a regular occurrence.

The disadvantage of the EDS system is that levitation only works at speed, so the Chuo Shinkansen has a landing gear (rubber wheels like an aircraft but a lot smaller) that are used below 150km/h. It was judged that the trade off was worth it, especially since the current wheeled shinkansen are regularly inspected and maintained on a fairly tight schedule anyway.