RSS 생중계

A washing-machine-sized satellite is to "name and shame" the worst methane polluters in the oil and gas industry. From a report: MethaneSat will provide the first near-comprehensive global view of leaks of the potent greenhouse gas from the oil and gas sector, and all of the data will be made public. It will provide high-resolution data over wider areas than existing satellites. Methane, also called natural gas, is responsible for 30% of the global heating driving the climate crisis. Leaks from the fossil fuel industry are a major source of human-caused emissions and stemming these is the fastest single way to curb temperature rises. MethaneSat was developed by the Environmental Defense Fund, a US NGO, in partnership with the New Zealand Space Agency and cost $88m to build and launch. Earlier EDF measurements from planes show methane emissions were 60% higher than calculated estimates published by US authorities and elsewhere. More than 150 countries have signed a global methane pledge to cut their emissions of the gas by 30% from 2020 levels by 2030. Some oil and gas companies have made similar pledges, and new regulations to limit methane leaks are being worked on in the US, EU, Japan and South Korea. The EDF's senior vice-president, Mark Brownstein, said: "MethaneSat is a tool for accountability . I'm sure many people think this could be used to name and shame companies who are poor emissions performers, and that's true. But [it] can [also] help document progress that leading companies are making in reducing their emissions." The oil and gas industry knows how to stop leaks and the cost of doing so is usually very modest, said Steven Hamburg, the EDF's chief scientist and MethaneSat project leader: "Some call it low hanging fruit. I like to call it fruit lying on the ground."

Read more of this story at Slashdot.

41 state attorneys general penned a letter to Meta's top attorney on Wednesday saying complaints are skyrocketing across the United States about Facebook and Instagram user accounts being stolen, and declaring "immediate action" necessary to mitigate the rolling threat. Wired: The coalition of top law enforcement officials, spearheaded by New York attorney general Letitia James, says the "dramatic and persistent spike" in complaints concerning account takeovers amounts to a "substantial drain" on governmental resources, as many stolen accounts are also tied to financial crimes -- some of which allegedly profits Meta directly. "We have received a number of complaints of threat actors fraudulently charging thousands of dollars to stored credit cards," says the letter addressed to Meta's chief legal officer, Jennifer Newstead. "Furthermore, we have received reports of threat actors buying advertisements to run on Meta." "We refuse to operate as the customer service representatives of your company," the officials add. "Proper investment in response and mitigation is mandatory."

Read more of this story at Slashdot.

The postmarketOS project, which produces a Linux distribution for phones and mobile devices, has announced that it is in the early stages of adding systemd to make it easier to support GNOME and KDE.

Users who prefer the OpenRC init system are assured they will still have that option when building their own images "as long as OpenRC is in Alpine Linux (on which postmarketOS is based)":

As with text editors, some people are really passionate about their favorite init systems. When discussing this announcement, please keep a friendly tone. Remember that we all share the love for free and open source software, and that our communities work best if we focus on shared values instead of fighting over what implementations to use.

Proof-of-concept images are available now for a limited set of devices. Users are warned these images are "buggy, unreliable, and NOT suitable for use on a device you rely on". Those interested in helping with testing and development are encouraged to follow along and report bugs on the systemd issue at GitLab.

QUIC is a UDP-based transport protocol that forms the foundation of HTTP/3. It was initially developed at Google in 2012, and became an IETF standard in 2021. Work on the protocol did not stop with its standardization, however. The QUIC working group published several follow-up standards. Now, it is working on four more extensions to QUIC intended to patch over various shortcomings in the current protocol — although progress has not been quick.

Epic Games, in a blog post: We recently announced that Apple approved our Epic Games Sweden AB developer account. We intended to use that account to bring the Epic Games Store and Fortnite to iOS devices in Europe thanks to the Digital Markets Act (DMA). To our surprise, Apple has terminated that account and now we cannot develop the Epic Games Store for iOS. This is a serious violation of the DMA and shows Apple has no intention of allowing true competition on iOS devices. The DMA requires Apple to allow third-party app stores, like the Epic Games Store. Article 6(4) of the DMA says: "The gatekeeper shall allow and technically enable the installation and effective use of third-party software applications or software application stores using, or interoperating with, its operating system and allow those software applications or software application stores to be accessed by means other than the relevant core platform services of that gatekeeper." In terminating Epic's developer account, Apple is taking out one of the largest potential competitors to the Apple App Store. They are undermining our ability to be a viable competitor and they are showing other developers what happens when you try to compete with Apple or are critical of their unfair practices. If Apple maintains its power to kick a third party marketplace off iOS at its sole discretion, no reasonable developer would be willing to utilize a third party app store, because they could be permanently separated from their audience at any time. Apple said one of the reasons it terminated Epic's developer account only a few weeks after approving it was because the Fortnite-maker publicly criticized its proposed DMA compliance plan, Epic said.

Read more of this story at Slashdot.

Greg Kroah-Hartman has announced another round of stable kernel updates: 6.7.9, 6.6.21, 6.1.81, 5.15.151, 5.10.212, 5.4.271, and 4.19.309 have all been released. Each contains a set of important fixes.

During a recent Morgan Stanley conference, Warner Bros. Discovery gaming boss J.B. Perrette discussed some of the company's strategy for gaming going forward, and it includes more live-service, mobile, and free-to-play games. From a report: He said, "We're doubling down on games as an area where we think there is a lot more growth opportunity that we can tap into with the IP that we have and some of the capabilities we have on the studio where we're uniquely positioned as both a publisher and a developer of games." Perrette said WBD's recent gaming output has focused on AAA games for console, and that's great when a game like Hogwarts Legacy sells 22 million copies and becomes the best-selling game of the year, but this kind of success is never guaranteed in what Perrette said was a "volatile" market. He pointed out that one of WBD's latest big games, Suicide Squad: Kill the Justice League, was a disappointment for the company. So the plan going forward, he said, is to help reduce volatility by focusing on core franchises and bringing at least some of them to the mobile and free-to-play space, as well as continuing to invest in live-service games that people play--and spend money on--over a long period of time. This will help WBD generate more consistent revenue, he said, going on to tease that WBD had some new mobile free-to-play games coming this year. Also worth noting is that just because WBD may push into new places, that doesn't necessarily mean it will stop making big single-player AAA games.

Read more of this story at Slashdot.

Spain has moved to block Sam Altman's cryptocurrency project Worldcoin, the latest blow to a venture that has raised controversy in multiple countries by collecting customers' personal data using an eyeball-scanning "orb." From a report: The AEPD, Spain's data protection regulator, has demanded that Worldcoin immediately ceases collecting personal information in the country via the scans and that it stops using data it has already gathered. The regulator announced on Wednesday that it had taken the "precautionary measure" at the start of the week and had given Worldcoin 72 hours to demonstrate its compliance with the order. Worldcoin, co-founded by Altman in 2019, has been offering tokens of its own cryptocurrency to people around the world, in return for their consent to have their eyes scanned by an orb. The scans are used as a form of identification as it seeks to create a reliable mechanism to distinguish between humans and machines as artificial intelligence becomes more advanced.

Read more of this story at Slashdot.

Alternative iOS app stores won't work (for long) outside of the EU. From a report: With iOS 17.4, iPhone users in the EU can now access third-party app marketplaces -- pending availability which is expected any day -- but extended overseas travel could change that, according to Apple.

Read more of this story at Slashdot.

Carriers have gotten stricter about how many items you can take on board, no matter how small they are. From a report: Fanny packs. Cross-body bags. Shopping bags. Pillows and blankets. The Southwest Airlines gate agent rattled off so many items that counted toward the two carry-on bag limit on my flight to Baltimore, I thought it might be a playful jab at Spirit and Frontier and their rigid carry-on policing to collect more fees. But this was no joke. Southwest quietly began cracking down on carry-on bags on Feb. 22, ahead of the spring and summer travel rush, advising gate agents of the changes in a memo. This crackdown isn't about bag size. It is about how many bags you have. Southwest isn't alone in putting passengers' personal items in its crosshairs as a way to save precious bin space and speed up boarding. Delta and United agents have also recently asked me to stuff my small Lululemon bag in my backpack. One American Airlines frequent flier told me he watched gate agents in Sacramento, Calif., and Dallas list a litany of items that count as a personal item on weekend flights to Nashville, Tenn., last month. Carting all your stuff to the gate can save you time and often saves money, especially with some airlines' new, higher checked-baggage fees. Delta joined the club on Tuesday, announcing prices of $35 for your first bag and $45 for your second. But testing airlines' carry-on limits is now more likely to backfire, and lose you precious time as airlines make you consolidate items or check a bag at the gate.

Read more of this story at Slashdot.

An anonymous reader shares a report: On a late night in December, Shane Jones, an AI engineer at Microsoft, felt sickened by the images popping up on his computer. Jones was noodling with Copilot Designer, the AI image generator that Microsoft debuted in March 2023, powered by OpenAI's technology. Like with OpenAI's DALL-E, users enter text prompts to create pictures. Creativity is encouraged to run wild. Since the month prior, Jones had been actively testing the product for vulnerabilities, a practice known as red-teaming. In that time, he saw the tool generate images that ran far afoul of Microsoft's oft-cited responsible AI principles. The AI service has depicted demons and monsters alongside terminology related to abortion rights, teenagers with assault rifles, sexualized images of women in violent tableaus, and underage drinking and drug use. All of those scenes, generated in the past three months, have been recreated by CNBC this week using the Copilot tool, which was originally called Bing Image Creator. "It was an eye-opening moment," Jones, who continues to test the image generator, told CNBC in an interview. "It's when I first realized, wow this is really not a safe model." Jones has worked at Microsoft for six years and is currently a principal software engineering manager at corporate headquarters in Redmond, Washington. He said he doesn't work on Copilot in a professional capacity. Rather, as a red teamer, Jones is among an army of employees and outsiders who, in their free time, choose to test the company's AI technology and see where problems may be surfacing. Jones was so alarmed by his experience that he started internally reporting his findings in December. While the company acknowledged his concerns, it was unwilling to take the product off the market. Jones said Microsoft referred him to OpenAI and, when he didn't hear back from the company, he posted an open letter on LinkedIn asking the startup's board to take down DALL-E 3 (the latest version of the AI model) for an investigation.

Read more of this story at Slashdot.

A new report warns that a boom in computer chip manufacturing in the US could fuel demand for dirty energy, despite companies' environmental claims. The solution for manufacturers, surprisingly, might be to act more like other big tech companies chasing climate goals. From a report: New semiconductor factories being built in the US by four of the biggest manufacturers -- Intel, TSMC, Samsung, and Micron -- could use more than twice as much electricity as the city of Seattle once they're operational. These companies claim to run on renewable energy, but according to an analysis by nonprofit Stand.earth, that's not entirely true. Semiconductors happen to make up a big chunk of a device's carbon footprint. And unless companies turn to clean energy, they could wind up driving up greenhouse gas emissions as domestic chip manufacturing makes a comeback. The CHIPS and Science Act, which passed in 2022, set aside $52.7 billion in funding for domestic chip manufacturing. Now, the four companies scrutinized in the report have plans to build megafactories in Arizona, Ohio, Oregon, Idaho, Texas, and New York. Each of those megafactories alone could use as much electricity as a medium-sized town, according to the report. Cumulatively, nine facilities could eventually add 2.1 gigawatts in new electricity demand. "We're not slowing down on any of our sustainability commitments, even with our recently announced investments," Intel said in an email.

Read more of this story at Slashdot.

Security updates have been issued by Debian (libapache2-mod-auth-openidc, libuv1, php-phpseclib, and phpseclib), Red Hat (buildah, cups, curl, device-mapper-multipath, emacs, fence-agents, frr, fwupd, gmp, gnutls, golang, haproxy, keylime, libfastjson, libmicrohttpd, linux-firmware, mysql, openssh, rear, skopeo, sqlite, squid, systemd, and tomcat), Slackware (mozilla), SUSE (kernel-firmware-nvidia-gspx-G06, nvidia-open- driver-G06-signed, postgresql-jdbc, python, python-cryptography, rubygem-rack, wpa_supplicant, and xmlgraphics-batik), and Ubuntu (c-ares, firefox, libde265, libgit2, and ruby-image-processing).

An anonymous reader quotes a report from Krebs on Security: There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. "ALPHV") as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change's network says the crime gang cheated them out of their share of the ransom, and that they still have the sensitive data Change reportedly paid the group to destroy. Meanwhile, the affiliate's disclosure appears to have prompted BlackCat to cease operations entirely. [...] The affiliate claimed BlackCat/ALPHV took the $22 million payment but never paid him his percentage of the ransom. BlackCat is known as a "ransomware-as-service" collective, meaning they rely on freelancers or affiliates to infect new networks with their ransomware. And those affiliates in turn earn commissions ranging from 60 to 90 percent of any ransom amount paid. "But after receiving the payment ALPHV team decide to suspend our account and keep lying and delaying when we contacted ALPHV admin," the affiliate "Notchy" wrote. "Sadly for Change Healthcare, their data [is] still with us." [...] On the bright side, Notchy's complaint seems to have been the final nail in the coffin for the BlackCat ransomware group, which was infiltrated by the FBI and foreign law enforcement partners in late December 2023. As part of that action, the government seized the BlackCat website and released a decryption tool to help victims recover their systems. BlackCat responded by re-forming, and increasing affiliate commissions to as much as 90 percent. The ransomware group also declared it was formally removing any restrictions or discouragement against targeting hospitals and healthcare providers. However, instead of responding that they would compensate and placate Notchy, a representative for BlackCat said today the group was shutting down and that it had already found a buyer for its ransomware source code. [...] BlackCat's website now features a seizure notice from the FBI, but several researchers noted that this image seems to have been merely cut and pasted from the notice the FBI left in its December raid of BlackCat's network. Fabian Wosar, head of ransomware research at the security firm Emsisoft, said it appears BlackCat leaders are trying to pull an "exit scam" on affiliates by withholding many ransomware payment commissions at once and shutting down the service. "ALPHV/BlackCat did not get seized," Wosar wrote on Twitter/X today. "They are exit scamming their affiliates. It is blatantly obvious when you check the source code of their new takedown notice." Dmitry Smilyanets, a researcher for the security firm Recorded Future, said BlackCat's exit scam was especially dangerous because the affiliate still has all the stolen data, and could still demand additional payment or leak the information on his own. "The affiliates still have this data, and they're mad they didn't receive this money, Smilyanets told Wired.com. "It's a good lesson for everyone. You cannot trust criminals; their word is worth nothing."

Read more of this story at Slashdot.

Michelle Lewis reports via Electrek: One of the US's largest nuclear power plants will directly power cloud service provider Amazon Web Services' new data center. Power provider Talen Energy sold its data center campus, Cumulus Data Assets, to Amazon Web Services for $650 million. Amazon will develop an up to 960-megawatt (MW) data center at the Salem Township site in Luzerne County, Pennsylvania. The 1,200-acre campus is directly powered by an adjacent 2.5 gigawatt (GW) nuclear power station also owned by Talen Energy. The 1,075-acre Susquehanna Steam Electric Station is the sixth-largest nuclear power plant in the US. It's been online since 1983 and produces 63 million kilowatt hours per day. The plant has two General Electric boiling water reactors within a Mark II containment building that are licensed through 2042 and 2044. According to Talen Energy's investor presentation, it will supply fixed-price nuclear power to Amazon's new data center as it's built. Amazon has minimum contractual power commitments that ramp up in 120 MW increments over several years. The cloud service giant has a one-time option to cap commitments at 480 MW and two 10-year extension options tied to nuclear license renewals.

Read more of this story at Slashdot.

Andrew Jones reports via SpaceNews: The China Aerospace Science and Technology Corporation (CASC) plans to launch four-meter and five-meter-diameter reusable rockets for the first time in 2025 and 2026 respectively, Wang Wei, a deputy to the National People's Congress, told China News Service March 4. The reports do not clearly identify the two rockets. CASC is known to be developing a new, 5.0m-diameter crew launch vehicle, known as the Long March 10. A single stick version would be used to launch a new-generation crew spacecraft to low Earth orbit and could potentially fly in 2025. A three-core variant will launch the "Mengzhou" crew spacecraft into trans-lunar orbit. The rocket is key to China's plans to put astronauts on the moon before 2030. The Long March 10 lunar variant will be 92 meters long and be able to launch 27 tons into trans-lunar orbit. The 4.0-meter-diameter launcher could be a rocket earlier proposed by CASC's Shanghai Academy of Spaceflight Technology (SAST). That rocket would be able to launch up to 6,500 kg of payload to 700-kilometer sun-synchronous orbit (SSO). It would notably use engines developed by the commercial engine maker Jiuzhou Yunjian. CASC's first move to develop a reusable rocket centered on making a recoverable version of the Long March 8. That plan appears to have been abandoned. SAST also plans to debut the 3.8m-diameter Long March 12 later this year from a new commercial launch site. While the Long March 10 has specific, defined uses for lunar and human spaceflight, the second reusable rocket would appear to be in competition with China's commercial rocket companies. While this suggests duplication of effort, it also fits into a national strategy to develop reusable rockets and support commercial ecosystems. The moves would greatly boost China's options for launch and access to space. It would also provide new capacity needed to help construction planned low Earth orbit megaconstellations.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: The average toddler is missing out on hearing more than 1,000 words spoken by an adult each day due to screen time, setting back their language skills, a first-of-its kind study has found. The research, published on Tuesday in the Journal of the American Medical Association (Jama) Pediatrics, tracked 220 Australian families over two years to measure the relationship between family screen use and children's language environment. Families recorded all the audio around their child using advanced speech recognition technology over a 16-hour period on an average day at home. They repeated this process every six months between the ages of 12 and 36 months. The lead researcher, Dr Mary Brushe from the Telethon Kids Institute, said: "The technology we use is essentially like a Fitbit, but instead of counting the number of steps, this device counts the number of words spoken by, to and around the child." The device also picked up electronic noise, which the researchers analyzed to calculate screen time. The researchers found young children's exposure to screens including TVs and phones was interfering with their language opportunities, with the association most pronounced at three years of age. For every extra minute of screen time, the three-year-olds in the study were hearing seven fewer words, speaking five fewer words themselves and engaging in one less conversation. The study found the average three-year-old in the study was exposed to two hours and 52 minutes of screen time a day. Researchers estimated this led to those children being exposed to 1,139 fewer adult words, 843 fewer child words and 194 fewer conversations. Because the study couldn't capture parents' silent phone use, including reading emails, texting or quietly scrolling through websites or social media, Brushe said they might have underestimated how much screen usage is affecting children. A language-rich home environment was critical in supporting infants and toddlers' language development, Brushe said. While some educational children's shows were designed to help children's language skills, very young kids in the age group of the study could struggle to translate television shows into their own life, she said. This study did not differentiate between whether children were watching high- or low-quality screen content.

Read more of this story at Slashdot.

In a first-of-its-kind prosecution, a California man was arrested and charged Monday with allegedly smuggling potent, greenhouse gases from Mexico. From a report: Michael Hart, a 58-year-old man from San Diego, pleaded not guilty to smuggling hydrofluorocarbons, or HFCs -- commonly used in air conditioning and refrigeration -- and selling them for profit, in a federal court hearing Monday. According to the indictment, Hart allegedly purchased the HFCs in Mexico and smuggled them into the US in the back of his truck, concealed under a tarp and tools. He is then alleged to have sold them for a profit on sites including Facebook Marketplace and OfferUp. [...] Hart has pleaded not guilty to 13 charges including conspiracy, importation contrary to law and sale of merchandise imported contrary to law. The charges carry potential prison sentences ranging from five to 20 years. HFCs, which are also used in building insulation, fire extinguishing systems and aerosols, are banned from import into the US without permission from the Environmental Protection Agency. These greenhouse gases are short-lived in the atmosphere," but powerful -- some are thousands of times more potent than carbon dioxide in the near-term. "The illegal smuggling of hydrofluorocarbons, a highly potent greenhouse gas, undermines international efforts to combat climate change," said David M. Uhlmann, the assistant administrator for the EPA's Office of Enforcement and Compliance Assurance. "Anyone who seeks to profit from illegal actions that worsen climate change must be held accountable," he added. "Today is a significant milestone for our country," said US Attorney Tara McGrath in a statement. "This is the first time the Department of Justice is prosecuting someone for illegally importing greenhouse gases, and it will not be the last."

Read more of this story at Slashdot.

Longtime Slashdot reader SonicSpike shares a report from The Intercept: With the new version of Signal, you will no longer broadcast your phone number to everyone you send messages to by default, though you can choose to if you want. Your phone number will still be displayed to contacts who already have it stored in their phones. Going forward, however, when you start a new conversation on Signal, your number won't be shared at all: Contacts will just see the name you use when you set up your Signal profile. So even if your contact is using a custom Signal client, for example, they still won't be able to discover your phone number since the service will never tell it to them. You also now have the option to set a username, which Signal lets you change whenever you want and delete when you don't want it anymore. Rather than directly storing your username as part of your account details, Signal stores a cryptographic hash of your username instead; Signal uses the Ristretto 25519 hashing algorithm, essentially storing a random block of data instead of usernames themselves. This is like how online services can confirm a user's password is valid without storing a copy of the actual password itself. "As far as we're aware, we're the only messaging platform that now has support for usernames that doesn't know everyone's usernames by default," said Josh Lund, a senior technologist at Signal. The move is yet another piece of the Signal ethos to keep as little data on hand as it can, lest the authorities try to intrude on the company. Whittaker explained, "We don't want to be forced to enumerate a directory of usernames." [...] If Signal receives a subpoena demanding that they hand over all account data related to a user with a specific username that is currently active at the time that Signal looks it up, they would be able to link it to an account. That means Signal would turn over that user's phone number, along with the account creation date and the last connection date. Whittaker stressed that this is "a pretty narrow pipeline that is guarded viciously by ACLU lawyers," just to obtain a phone number based on a username. Signal, though, can't confirm how long a given username has been in use, how many other accounts have used it in the past, or anything else about it. If the Signal user briefly used a username and then deleted it, Signal wouldn't even be able to confirm that it was ever in use to begin with, much less which accounts had used it before. In short, if you're worried about Signal handing over your phone number to law enforcement based on your username, you should only set a username when you want someone to contact you, and then delete it afterward. And each time, always set a different username. Likewise, if you want someone to contact you securely, you can send them your Signal link, and, as soon as they make contact, you can reset the link. If Signal receives a subpoena based on a link that was already reset, it will be impossible for them to look up which account it was associated with. If the subpoena demands that Signal turn over account information based on a phone number, rather than a username, Signal could be forced to hand over the cryptographic hash of the account's username, if a username is set. It would be difficult, however, for law enforcement to learn the actual username itself based on its hash. If they already suspect a username, they could use the hash to confirm that it's real. Otherwise, they would have to guess the username using password cracking techniques like dictionary attacks or rainbow tables.

Read more of this story at Slashdot.

Warner Bros. Discovery said a password crackdown for its Max streaming service is coming later this year, joining competitors Netflix and Disney. TheWrap reports: JB Perrette, WBD's CEO and president of global streaming and games, said the initiative would launch later this year with a broader rollout in 2025. "We think, relative to the scale of our business, it's a meaningful opportunity," Perrette said during Morgan Stanley's 2024 Technology, Media & Telecom Conference in San Francisco on Monday. The push to crack down on password sharing comes as Warner Bros. Discovery narrowed its streaming loss to $55 million during its fourth quarter of 2023, down from a loss of $217 million a year ago. For the full year, it swung to a profit of $103 million, compared to a loss of $1.59 billion in 2022. Looking ahead, WBD said its DTC business would have "modestly negative" EBITDA in the first half of 2024 before turning profitable in the second half. WBD is targeting $1 billion of direct-to-consumer EBITDA in 2025. In its fourth quarter, Warner Bros. Discovery added 1.8 million subscribers in its direct-to-consumer division for a total of 97.7 million. The DTC segment's results include Max, Discovery+ and traditional HBO cable subscriptions. Parrette also discussed interest in transactional ads, notes Ars Technica. Per Perrette: "On the ad format size, we've made lots of improvements from where we were, but we still have a lot of ad format enhancements that will give us more things that we can go to marketers with, [like] shoppable ads [and] other elements of the ad format side of the house that we can improve."

Read more of this story at Slashdot.