Nazis separated me from my parents as a child. The trauma lasts a lifetime: I know from experience that the Trump-sanctioned brutality at the US border with Mexico will scar its child victims for life [Published articles]
Jenny Robins interviews Alex Norris...
... and finds out what the "oh no" voice sounds like.
NORRIS: My comics have always largely been about exploring the link between joy and sadness, and finding humour in despair, so I think when I started this format the mix of heartbreak and silliness just sort of came naturally and I like to take it as far as I can. Interesting things happen when you say two opposing things at the same time. I’ve always seen Webcomic Name as a sort of celebration of failure, and I think the mental twist in that prevents the repeated “oh no” from becoming completely depressing!
NORRIS: This is probably my most-asked question, and I usually say it sounds like someone who is disappointed but used to being disappointed, or reading from a script. If I ever turned Webcomic Name into a video format, I would probably get readers to send in their version of the “oh no” and use a different one each time. I like that the “oh no” speech bubble is basically a visual motif now – because you see it so often as you read my comics it loses the verbal meaning and just becomes a symbol.
We're into the fifth week of the Poor People’s Campaign: A National Call for a Moral Revival, a national uprising over the state of the richest nation in the world, where 140,000,000 people live at or below the poverty line (America is history's first rich poor country). (more…)
Well, this is a strange new chapter in one of the strangest stories in modern film. For decades, famed genre director (and former Monty Python, uh, snake) Terry Gilliam struggled to make The Man Who Killed Don Quixote, his own surreal take on the classic Spanish novel. He succeeded, finally, with a rendition starring…
Days after the historic North Korea-United States summit, the Department of Homeland Security issued a report on Thursday warning of a new variant of North Korean malware to look out for. Called Typeframe, the malware is able to download and install additional malware, proxies and trojans; modify firewalls; and connect to servers for additional instructions. Engadget reports: Since last May, the DHS has issued a slew of alerts and reports about North Korea's malicious cyber activity. The department also pointed out that North Korea has been hacking countries around the world since 2009. And of course, don't forget that the U.S. also labeled that country as the source of Wannacry cyberattack, which notably held data from the UK's National Health Service hostage, and wreaked havoc across Russia and Ukraine. CNN was first to report the news.
Read more of this story at Slashdot.
Frosty Piss writes: The Stanford Prison Experiment was conducted in 1971 by psychology professor Philip Zimbardo using college students to investigate the psychological effects of perceived power by focusing on the struggle between prisoners and prison officers. In the study, volunteers were randomly assigned to be either "guards" or "prisoners" in a mock prison, with Zimbardo serving as the superintendent. The results seemed to show that the students quickly embraced their assigned roles, with some guards enforcing authoritarian measures and ultimately subjecting some prisoners to psychological torture, while many of the prisoners passively accepted psychological abuse and, by the officers' request, actively harassed other prisoners who tried to stop it. After Berkeley graduate Douglas Korpi appeared to have a nervous breakdown while playing the role of an inmate, the experiment was shut down. There's just one problem: Korpi's breakdown was a sham. Dr. Ben Blum took to Medium to publish his claims. "Blum's expose -- based on previously unpublished recordings of Zimbardo, a Stanford psychology professor, and interviews with the participants -- offers evidence that the 'guards' were coached to be cruel," reports New York Post. "One of the men who acted as an inmate told Blum he enjoyed the experiment because he knew the guards couldn't actually hurt him." "There were no repercussions. We knew [the guards] couldn't hurt us, they couldn't hit us. They were white college kids just like us, so it was a very safe situation," said Douglas Korpi, who was 22-years-old when he acted as an inmate in the study. The Berkeley grad now admits the whole thing was fake. Zimbardo also "admitted that he was an active participant in the study, meaning he had influence over the results," reports New York Post. According to an audio recording from the Stanford archive, you can hear Zimbardo encouraging the guards to act "tough."
Read more of this story at Slashdot.
Computer simulations have become so accurate that cosmologists can now use them to study dark matter, supermassive black holes, and other mysteries of the real evolving cosmos.
If you had hopes that it would be smooth sailing ahead for Star Trek: Discovery as the show heads into its second season—well, it seems the waters are still a bit rough. Showrunners Gretchen Berg and Aaron Harberts are out, and executive producer Alex Kurtzman will step in. Kurtzman will also run the show’s writers’…
The National Institutes of Health is paying a St. Louis university to study the effectiveness of flu vaccines. An anonymous reader quotes Fortune: The university wants volunteers to live in "hotel influenza," where they'd be either given a vaccine or a placebo, be exposed to the flu, and be quarantined for 10 days in the Extended Stay Research Unit. Compensation for such an experiment is around $3,500 (for time and travel), according to a SLU release... "In a traditional flu study, we vaccinate people and see if their immune systems respond by creating antibodies that fight flu," Dr. Hoff said in a release. "In a human challenge study, we vaccinate people, then deliberately challenge their bodies by exposing them to flu to see if they get sick"... The 24 volunteers living in the "hotel influenza" would have private rooms and bathrooms, common areas with with chairs and TVs, along with exercise equipment, and catered meals in a dining room. They will be observed, "have blood and lung tests and nose swabs to see if they are infected with flu and shedding the virus." If they come down with the flu, they won't be able to leave until they've tested negative for the virus for two days. Nurses would be available around the clock. One St. Louis newspaper jokes that it will either be a "sickathon" -- or "an indoor vacation complete with catered meals, TV, internet, a gym and views of the Arch".
Read more of this story at Slashdot.
Researchers find that when working memory gets overburdened, dialog between three brain regions breaks down. The discovery provides new support for a broader theory about how the brain operates.
My name's Palmer Keen. I'm a guy who's obsessed with music in a corner of the world that most people never even think about, Indonesia. Indonesia is the fourth most populous country in the world and also perhaps the most musically diverse country on the planet, but so much of this music is unknown or unavailable outside the country. My mission is to share this stuff with the world.
For more than four years I've been traveling around Indonesia researching and recording dozens of Indonesian music styles and sharing it all for free on my website, Aural Archipelago. Without a formal background in ethnomusicology, I've figured it all out as I go: becoming fluent in Indonesian, learning how to do fieldwork, and making connections with musicians and communities across the thousands of islands in the archipelago. I travel with all my gear in a backpack, staying with musicians in their homes, going to remote villages that have never seen foreigners, and finding music that's never been heard outside of these islands. There have been lots of adventures along the way and so, so much great music.
A few notes to answer FAQ:
How do I make money?/Is this my job?: This isn't my job. For most of the time I've been doing this I was supporting myself and the project by teaching English full time. My description may have been a bit misleading, I travel often but it is not a constant thing. This is a passion project, but I don't make a living from this. I receive donations on my site occasionally, but these are forwarded to musicians. I now also do occasional work as a fixer and guide for others looking for music in Indonesia.
How did you get into this field?: To be clear, I have no academic background in ethnomusicology. I studied the traditional music called gamelan as an extracurricular in university, then decided to move to Indonesia to teach English and learn more about the gamelan that I'd fallen in love with. Since then everything I know about ethnomusicology I've figured out along the way. It's a fascinating field for anyone interested in music, but for those who want to make it their career (again, this is not my career, just a passion project!), it has the same pitfalls of any other job in academia.
Do you pay the musicians?/Aren't you exploiting them?: Yes, I always pay musicians a reasonable fee for performances that I commission. I'm not releasing whole albums of their music for free, just a track or two to get people interested, something the musicians are very much on board with. The idea is that rather than put this music on albums that won't be affordable for everyone (especially Indonesians themselves), the music is available online for everyone, especially Indonesians and people from these communities who couldn't afford a proper album.
Ask me anything :)
If you're interested, check out:
The site: Aural Archipelago
EDIT: Okay guys, it's been fun, but it's late here in Indonesia and I've got to go to sleep. If I have time I'll try to get to the rest of the questions tomorrow. I hope those who are interested will go to the site and maybe fall in love with some of this music just as I have. If there's a particular group or artist that you like, you can leave a comment and I will relay it to the musicians, almost all of whom I'm still in touch with. Terima kasih!
The strikes are a lot like on Earth, but they tend to linger toward the poles.
"Thousands of tons of material left curbside for recycling in dozens of U.S. cities and towns -- including several in Oregon -- have gone to landfills," reports the New York Times. Slashdot reader schwit1 summarizes their report: One big reason: China has essentially shut the door to U.S. recyclables. The Times notes that about a third of recyclables gets shipped abroad, with China the biggest importer. But starting this year, China imposed strict rules on what it will accept, effectively banning most of it. That, the Times reports, has forced many recycling companies who can't find other takers to dump recyclables into landfills. "Recyclers in Canada, Australia, Britain, Germany and other parts of Europe have also scrambled to find alternatives," reports the Times, though most major U.S. cities aren't affected, and countries like India, Vietnam and Indonesia are now importing more materials. But at least some recycling companies are simply stockpiling material, "while looking for new processors, or hoping that China reconsiders its policy."
Read more of this story at Slashdot.
EqualCitizens.US reports on growing opposition to the CLASSICS Act proposed by the U.S. Congress, which grants blanket copyright protection to all audio works created before 1972, leaving some of them copyrighted until 2067. Importantly, the Act doesn't require artists or the rights holder to register for the copyright. Rather, any and all pre-1972 sound recordings would be copyrighted, greatly limiting the public's access to these works. Various organizations and scholars have responded. Equal Citizens along with a coalition of internet freedom and democracy reform organizations, is sending this letter to the Senate Judiciary Committee to urge its members to reject this Act in its entirety, or at a minimum, at least require registration of pre-1972 works. Otherwise, if the Act passes as is, famous artists and wealthy corporations will benefit greatly while the public will get absolutely nothing in return, as Professor Lawrence Lessig notes in Wired.... This act will limit access to past works and stifle creativity for new works. It would effectively remove many existing works, including some popular documentaries, podcasts, etc., from the public arena. The Coalition recommends adding a registration requirement to secure the extended copyright term, such that works that nobody claimed could be allowed to enter the public domain. As this TechCrunch report on the coalition letter explains: By having artists and rights owners register, it solves the problem for everyone. Anyone who wants to have their pre-1972 works brought into the new scheme can easily achieve that, but orphan works will enter the public domain as they ought to. "Either way," Lessig writes, "it is finally clear that the Supreme Court's prediction that the copyright owners would be satisfied with the copyright protection provided by the Sonny Bono Act turns out not to be true."
Read more of this story at Slashdot.
An anonymous reader shares a report: At one time, Google Assistant could only be found on a handful of smartphones. Today, Google Assistant is available on 500 million devices -- smartphones, smart speakers, smart watches, tablets, smart televisions, and a broad range of home appliances and cars. But what about the billions of people in the world who still don't have a smartphone? Enter My Line, a phone number you can call to ask Google Assistant questions in parts of Colombia -- without a smartphone or computer or even the internet. When a person calls 6000913, they receive a welcome greeting and invitation to ask any question. After posing a question, users may hear prompts like "Do you have more questions?" or "Feel free to hang up whenever you're done," Cainkade Studio CEO Jeremy Landis told VentureBeat in a phone interview.
Read more of this story at Slashdot.
More than two months after a cyberattack hobbled many of its critical municipal systems, the city of Atlanta is still sorting through the wreckage of what is likely the worst cyberattack targeting a U.S. city to date.
On March 22, Atlanta’s connected systems city-wide were hit with a ransomware message locking their respective files and demanding an approximately $50,000 payment in bitcoin (the price has fluctuated since). The ransomware is believed to be from the group known as SamSam, which has been operating and executing similar attacks since at least 2015.
In the days following the March 22 incident, Atlanta residents were unable to do simple city system-dependent tasks like paying parking tickets or utility bills. City employees didn’t get the all-clear to turn on their computers until five days later and many city systems still have not recovered.
On Wednesday during a budget meeting, Daphne Rackley, Atlanta’s Interim Chief Information Officer and head of Atlanta Information Management, disclosed new details about the extent of the damage. As Reuters reports, at least one third of the 424 software programs that the city runs remain offline or partially inoperable. Almost 30 percent of those programs are deemed “mission critical” by the city meaning that they control crucial city services like the court system and law enforcement. In the meeting, Rackley explained that the city initially believed only 20 percent of the city’s software programs to be affected by the attack, none of which affected critical systems.
While reporting the updated numbers, Rackley estimated that $9.5 million would need to be added to the department’s $35 million budget to address the remaining damage. That amount is on top of the more than two million dollars in emergency procurements sought by Atlanta Information Management following the attack.
TechCrunch has reached out to Atlanta Information Management about how that additional $9.5 million for recovery from the attack would be allocated and will update if we learn further details. Earlier this week, Atlanta’s Police Chief disclosed that the cyberattack destroyed “years” worth of police dash cam video footage.
Atlanta has been regarded as a frontrunner for Amazon’s second headquarters in some analyses, though it’s not immediately clear how the cyberattack will affect the city’s odds.
Edward Snowden has no regrets five years on from leaking the biggest cache of top-secret documents in history. He is wanted by the US. He is in exile in Russia. But he is satisfied with the way his revelations of mass surveillance have rocked governments, intelligence agencies and major internet companies. From a report Snowden, weighing up the changes, said some privacy campaigners had expressed disappointment with how things have developed, but he did not share it. "People say nothing has changed: that there is still mass surveillance. That is not how you measure change. Look back before 2013 and look at what has happened since. Everything changed." The most important change, he said, was public awareness. "The government and corporate sector preyed on our ignorance. But now we know. People are aware now. People are still powerless to stop it but we are trying. The revelations made the fight more even."
Read more of this story at Slashdot.
The Juno spacecraft currently orbiting Jupiter was supposed to end its mission by crashing into the gas giant next month. Not anymore! From a report: It turns out the scientific mission will be extended through at least 2021 so it can meet its goals, as Business Insider first reported yesterday. This will delay the probe's dramatic demise for at least a few years. "NASA has approved Juno to continue through 2022 to finish all of our originally planned science," Scott Bolton, Juno's principle investigator from the Southwest Research Institute, told Gizmodo in an email. "The orbits are longer than planned, and that is why Juno needs more time to gather our planned scientific measurements." Juno departed Earth for Jupiter in 2011 and arrived at the gas giant on July 4, 2016. Since then, it's sent back a host of valuable data that has revealed new insights into Jupiter, like the depth of the red spot, three-dimensional views of the gas below its surface, and how its auroras work.
Read more of this story at Slashdot.
You may remember the FCC explaining that in both 2014 and 2017, its comment system was briefly taken down by a denial of service attack. At least, so it says — but newly released emails show that the 2014 case was essentially fabricated, and the agency has so aggressively redacted documents relating to the 2017 incident that one suspects they’re hiding more than ordinary privileged information.
As a very quick recap: Shortly after the comment period opened for both net neutrality and the rollback of net neutrality there was a rush of activity that rendered the filing system unusable for a period of hours. This was corrected soon afterwards and the capacity of the system increased to cope with the increased traffic.
A report from Gizmodo based on more than 1,300 pages of emails obtained by watchdog group American Oversight shows that David Bray, the FCC’s chief information officer for a period encompassing both events, appears to have advanced the DDoS narrative with no real evidence or official support.
The 2014 event was not called an attack until much later, when Bray told reporters following the 2017 event that it was. “At the time the Chairman [i.e. Tom Wheeler] did not want to say there was a DDoS attack out of concern of copycats,” Bray wrote to a reporter at Federal News Radio. “So we accepted the punches that it somehow crashed because of volume even though actual comment volume wasn’t an issue.”
Gigi Sohn, who was Wheeler’s counsel at the time, put down this idea: “That’s just flat out false,” she told Gizmodo. “We didn’t want to say it because Bray had no hard proof that it was a DDoS attack. Just like the second time.”
And it is the second time that is most suspicious. Differing on the preferred nomenclature for a four-year-old suspicious cyber event would not be particularly damning, but Bray’s narrative of a DDoS is hard to justify with the facts we do know.
In a blog post written in response to the report, Bray explained regarding the 2017 outage:
Whether the correct phrase is denial of service or “bot swarm” or “something hammering the Application Programming Interface” (API) of the commenting system — the fact is something odd was happening in May 2017.
Bray’s analysis appears sincere, but the data he volunteers is highly circumstantial: large amounts of API requests that don’t match comment counts, for instance, or bunches of RSS requests that tie up the servers. Could it have been a malicious actor doing this? It’s possible. Could it have been bad code hammering the servers with repeated or malformed requests? Also totally possible. The FCC’s justification for calling it an attack seems to be nothing more than a hunch.
Later the FCC, via then-CIO Bray, would categorize the event as a “non-traditional DDoS attack” flooding the API interface. But beyond that it has produced so little information of any import that Congress has had to re-issue its questions in stronger words.
No official documentation of either supposed attack has appeared, nor has the FCC released any data on it, even a year later and long after the comment period has closed, improvements to the system have been made and the CIO who evaded senators’ questions departed.
But most suspicious is the extent to which the FCC redacted documents relating to the 2017 event. Having read through the trove of emails, Gizmodo concludes that “every internal conversation about the 2017 incident between FCC employees” has been redacted. Every one!
The FCC stated before that the “ongoing nature” of the threats to its systems meant it would “undermine our system’s security” to provide any details on the improvements it had made to mitigate future attacks. And Bray wrote in his post that there was no “full blown report” because the team was focused on getting the system up and running again. But there is also an FCC statement saying that “our analysis reveals” that a DDoS was the cause.
What analysis? If it’s not a “significant cyber incident,” as the FBI determined, why the secrecy? If there’s no report or significant analysis from the day — wrong or right in retrospect — what is sensitive about the emails that they have to be redacted en masse? Bray himself wrote more technical details into his post than the FCC has offered in the year since the event — was this information sent to reporters at the time? Was it redacted? Why? So little about this whole information play makes no sense.
One reasonable explanation (and just speculation, I should add) would be that the data do not support the idea of an attack, and internal discussions are an unflattering portrait of an agency doing spin work. The commitment to transparency that FCC Chairman Pai so frequently invokes is conspicuously absent in this specific case, and one has to wonder why.
The ongoing refusal to officially document or discuss what all seem to agree was an important event, whether it’s a DDoS or something else, is making the FCC look bad to just about everyone. No amount of redaction can change that.
It’s been just over 15 years since Firefly fans were introduced to Captain Mal and the crew of the Serenity, and almost as long since those same fans began desperately waiting for the show to come back from cancellation. That’s probably really unlikely at this point, but you can dream a little with this gorgeous…
Polygon reports of several prominent YouTube creators who are struggling with burnout. The cause can be attributed to "constant changes to the platform's algorithm, unhealthy obsessions with remaining relevant in a rapidly growing field and social media pressures [that] are making it almost impossible for top creators to continue creating at the pace both the platform and audience want," reports Polygon. From the report: Three weeks ago, Bobby Burns, a YouTuber with just under one million subscribers, sat down on a rock in Central Park to talk about a recent mental health episode. One week ago, Elle Mills, a creator with more than 1.2 million subscribers, uploaded a video that included vulnerable footage during a breakdown. Six days ago, Ruben "El Rubius" Gundersen, the third most popular YouTuber in the world with just under 30 million subscribers, turned on his camera to talk to his viewers about the fear of an impending breakdown and his decision to take a break from YouTube. Burns, Mills and Gundersen aren't alone. Erik "M3RKMUS1C" Phillips (four million subscribers), Benjamin "Crainer" Vestergaard (2.7 million subscribers) and other top YouTubers have either announced brief hiatuses from the platform, or discussed their own struggles with burnout, in the past month. Everyone from PewDiePie (62 million subscribers) to Jake Paul (15.2 million subscribers) have dealt with burnout. Lately, however, it seems like more of YouTube's top creators are coming forward with their mental health problems. In closing, Polygon's Julia Alexander writes: "YouTube offers no clear support system for creators, nor is it clear if the company has offered professional help to some of its top creators who've made their burnout public. Instead, YouTube's only direct reaction is a playlist dedicated to burnout and mental health. The creators are essentially working until they no longer physically can, and apologizing to their fans after believing they've failed. Polygon has reached out to YouTube for more information about services that are provided to creators. The only way to beat burnout is to take breaks. Unfortunately, for many YouTubers, those breaks are rarely planned."
Read more of this story at Slashdot.
As a kid, my favorite photos in the Guinness Book of World Records were the massive McGuire Twins on their motorcycles, the guy with the crazy long fingernails, and of course Robert Wadlow (1918-1940) who at 8'11" is considered the tallest person in human history. Above is amazingly weird film footage of Wadlow taken in the 1930s.
The Ship of Theseus is a thought experiment first posited by Plutarch in Life of Theseus. It goes a little something like this:
A ship goes out in a storm and is damaged. Upon returning to shore, the ship is repaired, with parts of it being replaced in the process. Again and again the ship goes out, and again it is repaired, until eventually every single component of the ship, every plank of wood, has been replaced.
Is the repaired ship still the same ship that first went out into the storm? And if not, then at what point did it become a different ship?
Now, say you collected every part of the ship that was discarded during repairs, and you used these parts to rebuild the ship. With the two ships side-by-side, which one would be the true Ship of Theseus? Or would it be both? Or neither?
There’s no single answer to the problem, no correct one, just the looming question: what is the intrinsic thingness of a thing? But the thought experiment has captured my attention because, even though it is thousands of years old, it’s still relevant today. It’s given me a new way to look at some of my favourite bits of pop-culture, some of the technologies used in science fiction, and by extension, a valid frame by which to look at some of the technologies we may be using in the future.
Mad Max: Fury Road opens with Max overlooking a vast dead vista, with only his haunting memories and Ford V8 Interceptor for company. The car will be familiar to anyone who’s watched any of the Mad Max films—it’s served Max across the decades, and across countless miles of post-apocalyptic desert road. But while Max is busy trying to outrun his memories, something else catches up to him—a War Boy patrol. In attempting to flee, Max’s car is wrecked, flipping side over side, coming to a stop on its roof, chassis mangled, axles likely bent or broken, engine mounts the same.
We cut ahead some indeterminate time later, and Max has been turned into a blood bag for ailing War Boys. Strapped to the front of a pursuit vehicle, Max spies something familiar beside him: the Ford V8 Interceptor.
The Interceptor has been rebuilt—the rear suspension has been raised up, Max’s extra fuel barrels have been removed to make space for weaponry, and the paint job has been cut back to bare metal for that “shiny and chrome” look. Still, Max sees his car in this altered beast—whether it’s the long sweeping shape of the coupe’s body, or in some other, indefinably spiritual aspect of the vehicle. Or perhaps Max simply knows he’s dead without a car, and the rebuilt Interceptor is a familiar set of wheels—any port in a storm.
For another example of the Ship of Theseus paradox from the same film, take Furiosa. Her left arm ends just below the elbow, and for much of the film she wears a prosthetic made from metal—but at no point does the film suggest that the intrinsic nature of Furiosa is defined by this prosthetic limb. Scrapping in the dirt with Max upon their first meeting, Furiosa’s prosthetic arm hangs from the side of the War Rig, but she is in no way hindered by its absence, fighting brutally to protect the women under her charge. This might sound obvious—of course Furiosa is just as fierce, just as much herself with or without the arm—but things aren’t always so clear.
In Return of the Jedi we see the Ship of Theseus rear its much-repaired face yet again. Luke Skywalker and the Force ghost of Obi-Wan Kenobi debate the humanity of Anakin Skywalker/Darth Vader, and in making his point, Obi-Wan states that Vader is beyond redemption because he is “more machine than man.” Whether it’s simply the loss of Anakin’s biological body, or some other change that has happened to the man, Obi-Wan sees Darth Vader as a different person, separate from Anakin Skywalker. As far as Obi-Wan is concerned, too many planks in the Ship of Anakin have been replaced. Luke argues otherwise—that despite the fact that Anakin has lost his limbs and needs to rely on a life-supporting suit of armour, he is at heart, the same man.
Now, Luke himself lost a hand at the end of Empire Strikes Back, and had it replaced with an organic-looking robotic prosthetic, but Obi-Wan doesn’t appear to have any issues with the altered Luke. So apparently, according to Obi-Wan, somewhere between replacing a single hand and replacing four limbs, a person may cease to be their true self.
In Altered Carbon, the society and justice system seem to hold that a person’s digitised consciousness—which is able to be swapped between bodies for a price—is their true self, regardless of what body it may be sleeved inside. Even so, within the world of the book (and television series), there is a Catholic sect that holds that a person’s soul cannot be digitised, and as such, after the death of the original body, a person cannot truly be shifted between bodies—that despite a consistent personality and memories, the person’s soul is not present, and without a soul it is not the same person.
Say I had a heart transplant. Would the presence of that foreign tissue somehow alter who I am? Would I be somehow less “myself,” whatever that means? Or, if a person uses a prosthetic limb, which self is more “them”: the self with four limbs, one of which is prosthetic, or the self with three limbs? I would argue that in terms of a person’s essence (again, difficult to define, but the thing that makes you you), there is no difference. I think that no matter the changes made to a person’s body, if their mind is still functioning in whatever is their own version of “normal,” then they would remain their intrinsic self. Anakin Skywalker became Darth Vader because of his choices, not because of an arbitrary amount of flesh being replaced with machine parts (which is likely the argument Obi-Wan meant to make, but is not the one he actually made).
Now, what if we take this problem into the future. How would an uploaded digital consciousness fare against the Ship of Theseus problem? If my mind was recreated perfectly in a digital format, would it in fact be me? What if my fleshy meatsack self was still alive? Would that change your answer? What if me, in this current body had to argue with my digitised self to decide which me was the real me? Is that a debate I could win? Is that a debate that either of me could win?
What about teleportation? If my body was broken down at Point A and transmitted instantaneously to Point B where it was reconstituted, is the person at the other end still me? Or is it some new person who simply looks like me, acts like me, and indeed believes itself to be me? If the me at Point A and the me at Point B are indistinguishable from one another, then does it matter? If you believe in the concept of the human soul, then can the soul also be broken down and reconstituted post-teleportation? Or does it travel the distance itself in its own unknowable way? Or is the person at the other end a soul-less recreation of the original, now dead, person? And most importantly—how would you know?
What about clones? We’ve been able to clone sheep and other animals for a while now, but what if you cloned a human embryo, and brought both embryos to term? Even if you raised both children as if they were identical twins, would one somehow be lesser than the other? If the clone lived as their own person, would they still be a hollow recreation of the ‘real’ person born from the original embryo, or would they be a person with their own intrinsic, indefinable nature? I’d argue that each Ship of Theseus was the real Ship of Theseus, and each was also something else.
Lastly…what makes you you? Is it your body? If so, what happens when you grow older and things don’t work quite as well as they used to? Is it your memories? If so, what happens when some of those memories fade? Is it entirely arbitrary? Is it somehow indefinable? In what ways could you be altered and changed without it affecting your inherent sense of self? These are the sorts of existential questions that philosophy has me thinking about. Thanks, philosophy.
Shows like The Good Place, Westworld, and Black Mirror make it obvious that they’re posing philosophical and metaphysical questions to the viewer— but if you start looking you’ll find various philosophical conundrums hiding in all sorts of places, giving your favourite bits of pop-culture whole new layers of meaning and depth. Where else have you found philosophical paradoxes hiding (or not) in pop-culture? And what other examples of The Ship of Theseus have I missed?
Note: I have to give credit (blame?) where credit is due: my entire philosophical education is the result of watching The Good Place, and reading the work of Damien Williams and m1k3y. If you also want to occasionally trigger an existential crisis while thinking too deeply about science fiction, and also delve deeper into philosophical concepts without hurting your head too much, I highly recommend you check them out.
Corey J. White is a writer of science fiction, horror, magical realism, and other, harder-to-define stories. He studied writing at Griffith University and is now based in Melbourne, Australia. Killing Gravity and its sequel, Void Black Shadow, are available from Tor.com Publishing. Find him at coreyjwhite.com and on Twitter at @cjwhite.
I’m starting a petition to have Arkady Babchenko henceforth referred to as "Journalism Jesus," Because holy shit, he just returned from the grave. Less than 24 hours after it was reported that the vehemently anti-Putin journalist had died on the way to hospital after being shot in the back outside of his apartment in Kiev, Ukraine, Babchenko strolled into a press conference being thrown by the Ukrainian government, like a boss of all bosses. It seems that a hitman, hired by the Russian government to permanently silence Babchenko for the sum of $40,000, decided that instead of pulling a trigger on the contract, he’d let Ukraine’s security intelligence people in on what was supposed to be happening. I say "supposed to," because things definitely did not go down the way that Mother Russia allegedly wanted them to. From the New York Times:
Mr. Babchenko created a sensation in Kiev on Wednesday by appearing at a news conference, billed as a police briefing about his assassination, at which he was greeted by whoops of surprise and scattered applause. It came less than 24 hours after his wife said she had found him bleeding to death on the floor of their apartment, shot in the back. “First of all, I would like to apologize that all of you had to live through this, because I know the horrible feeling when you have to bury your colleagues,” Mr. Babchenko, 41, told the stunned room. “Separately, I want to apologize to my wife for all the hell she had to go through.”Holy crap. At the press conference, Vasily Gritsak, who heads up Ukraine's security service, announced that his agency had faked Babchenko’s death to catch people who were trying to kill him, using the intelligence gleaned from the Babchenko's would-be hitman. According to Al Jazeera, Ukrainian authorities arrested an individual they believe was responsible for planning the plot against Babchenko earlier today. Babchenko had been aware of threats to his life for some time. The operation with Ukraine's security service had been going on for close to two months. Babchenko is a former Russian solider who saw, most likely, some pretty horrific action in Chechnya during the 1990s. After leaving the military, he became one of Russia's most renowned war correspondents. All that changed when he came out against the Russian military's policies on social media in recent years. In 2017, afraid for his life, he left Russia to set up shop in Kiev. Apparently, he didn't run quite far enough. There's been a rash of murdered journalists in Kiev in recent years that have gone unsolved. Happily, for the time being, at least, Babchenko isn't among them. Image via Wikipedia Commons
There are plenty of connected cameras to record the goings-on in your home or office. But few offer as much value as the $20 WyzeCam. It packs a surprising amount of functionality into a tiny stationary frame. But for those who need more coverage fro...
Today, Twitch begins a seven-week endurance run/celebration of all things old-school Doctor Who, live streaming over 500 episodes worth of adventures in Time and Space. Unless you happen to have seven weeks of free time starting imminently (in which case, I envy you), you likely can’t sit down and watch all of it. So…
You might remember that about a year ago, astrophysicists turned the whole Earth into a telescope to try and get a picture of a black hole. That image isn’t available yet, but the folks behind this “Event Horizon Telescope” just released data from previous observing periods, and it’s making us even antsier for the…
Well, that didn’t take long. Yahoo Finance’s new social savings app Tanda, which launched just this January, is already shutting down. The company announced the news of the app’s closure via a blog post, which vaguely hinted at a lack of traction. That appears to be true – the app isn’t even in the top 1,500 in the Finance category on the App Store, according to Sensor Tower’s data.
It had been installed around 37,000 times to date across both iOS and Android.
Still, tens of thousands in the first few months isn’t an entirely horrible showing for app that received almost no attention, marketing effort or media outreach. (We happened upon it practically by accident – not because Yahoo reached out to press. Yes, even though Yahoo is owned by Oath which also owns us, there wasn’t any internal heads-up. Or even any external pitching. In case you’re wondering!)
The app had allowed people to save money together for short-term goals using the concept of a “money pool” where a group of friends pay a fixed amount to the saving pot monthly, and every month someone takes the pot home. You didn’t “win” this pot, you took turns claiming it. In the end, it was just another way to save money, but the social element helped you stay on track.
Money pools are popular outside the U.S., in places like Mexico and the Philippines, Yahoo notes. It may have been hard to convince the U.S. audience to give them a shot, though.
In any event, Yahoo says Tanda is no more.
“While we garnered valuable insights around how consumers can benefit from financial planning tools and the opportunity for Yahoo Finance to offer a diversified suite of financial products, we’ve made the decision to begin sunsetting Tanda this week,” the blog post reads.
“Every trial run helps brands better optimize, and create a better experience for users. We’ve learned a lot from launching and running Tanda, and then scaling it back. Key learnings around audience segments, engagement rates, consumer preferences, and UX will inform the projects we are creating, and how we improve the ones that are already in the market to fuel future innovation,” it says.
Still, that was a fast learning experience, guys.
In an email sent to Tanda users, the company says the app will be shut down starting on May 29.
Any funds owed to you will be refunded in full, and then your Tanda account will be deactivated, the email states.
Yahoo declined to comment further on the reasons behind the shutdown, but said the Tanda team will continue to support Yahoo Finance.
Just saw on my newsfeed that Gardner Dozois had passed away following hospitalization for what apparently was originally a minor illness. I had looked into updates on his publications yesterday and saw at that time he had serious organ failure which was hoped to be reversible. Very sad to learn this additional update. RIP.
Also, I really don't mean this in poor taste, but I wonder what's going to happen with his upcoming Book of anthologies. I'd assume the Book of Magic will still be coming out, but I'd figure the others (Beasts and Legends IIRC) are going to be scrapped. Edit- Also assume (although less sure) that his upcoming "Very Best of the Very Best" anthology will also come out next year.
TIL that the difference between farther and further is that "farther" refers to an actual physical distance, while "further" is used in a distance that cannot be really observed and measured. For example "He furthered his education", and "The homes were farther apart ". [Published articles]
You should certainly understand the risks of having a smart speaker in your home, but there’s a perfectly good explanation for how that rogue message might have gotten sent.
The ketogenic diet was originally developed a century ago to treat children with severe epilepsy, but how it actually worked was always unclear. Now an exciting and rigorous study from researchers at UCLA suggests the diet can elevate levels of specific gut bacteria that subsequently affect certain neurotransmitters to reduce the risk of seizures... Continue Reading Gut bacteria mechanism behind the anti-seizure effects of ketogenic diet uncovered
VPNFilter is a sophisticated, multi-stage malware package, part of the new breed of boot-persistent malware (software that can survive a reboot); it targets home routers and network-attached storage devices, then steals passwords and logins that traverse the network and exfiltrates it to the creators' servers. (more…)
Tuesday is the planned launch for a SpaceX Falcon 9 carrying two payloads to orbit — and this launch will be an especially interesting one. A set of five communications satellites for Iridium need to get to almost 500 miles up, but a NASA mission has to pop out at the 300 mile mark. What to do? Just make a pit stop, it turns out.
Now, of course it’s not a literal stop — the thing will be going thousands of miles per hour. But from the reference frame of the rocket itself, it’s not too different from pulling over to let a friend out before hitting the gas again and rolling on to the next destination.
What will happen is this: The rocket’s first stage will take it up out of the atmosphere, then separate and hopefully land safely. The second stage will then ignite to take its payload up to orbit. Usually at this point it’ll burn until it reaches the altitude and attitude required, then deploy the payload. But in this case it has a bit more work to do.
When the rocket has reached 305 miles up, it will dip its nose 30 degrees down and roll a bit to put NASA’s twin GRACE-FO satellites in position. One has to point toward Earth, the other toward space. Once in position, the separation system will send the two birds out, one in each direction, at a speed of about a foot per second.
The one on the Earth side will be put into a slightly slower and lower orbit than the one on the space side, and after they’ve spread out to a distance of 137 miles, the lower satellite will boost itself upwards and synchronize with the other.
That will take a few days, but just 10 minutes after it sends the GRACE-FOs on their way, the Falcon-9 will resume its journey, reigniting the second stage engine and bringing the Iridium NEXT satellites to about 485 miles up. There the engine will cut off again and the rest of the payload will be delivered.
So what are these high-maintenance satellites that have to have their own special deployments?
The Iridium NEXT satellites are the latest in a series of deployments commissioned by the space-based communications company; they’re five of a planned 75 that will replace its old constellation and provide worldwide coverage. The last launch, in late March, went off without a hitch. This is the only launch with just five birds to deploy; the previous and pending launches all had 10 satellites each.
GRACE-FO is a “follow-on” mission (hence the FO) to GRACE, the Gravity Recovery and Climate Experiment, and a collaboration with the German Research Centre for Geosciences. GRACE launched in 2002, and for 15 years it monitored the presence and changes in the fresh water on (and below) the Earth’s surface. This has been hugely beneficial for climate scientists and others, and the follow-on will continue where the original left off.
The original mission worked by detecting tiny changes in the difference between the two satellites as they passed over various features — these tiny changes indicate how mass is distributed below them and can be used to measure the presence of water. GRACE-FO adds a laser ranging system that may improve the precision of this process by an order of magnitude.
Interestingly, the actual rocket that will be doing this complicated maneuver is the same one that launched the ill-fated Zuma satellite in January. That payload apparently failed to deploy itself properly after separating from the second stage, though because it was a classified mission no one has publicly stated exactly what went wrong — except to confirm that SpaceX wasn’t to blame.
The launch will take place at Vandenberg Air Force Base at 12:47 tomorrow afternoon Pacific time. If it’s aborted, there’s another chance on Wednesday. Keep an eye out for the link to the live stream of this unique launch!
Former Commissioner Mignon Clyburn, who left the agency this month, has taken aim at it in an interview, saying the agency has abandoned its mission to safeguard consumers and protect their privacy and speech. From her interview with ArsTechnica: "I'm an old Trekkie," Clyburn told Ars in a phone interview, while comparing the FCC's responsibility to the Star Trek fictional universe's Prime Directive. "I go back to my core, my prime directive of putting consumers first." If the FCC doesn't do all it can to bring affordable communications services to everyone in the US, "our mission will not be realized," she said. The FCC's top priority, as set out by the Communications Act, is to make sure all Americans have "affordable, efficient, and effective" access to communications services, Clyburn said. But too often, the FCC's Republican majority led by Chairman Ajit Pai is prioritizing the desires of corporations over consumers, Clyburn said. "I don't believe it's accidental that we are called regulators," she said. "Some people at the federal level try to shy away from that title. I embrace it." Clyburn said that deregulation isn't bad in markets with robust competition, because competition itself can protect consumers. But "that is just not the case" in broadband, she said. "Let's just face it, [Internet service providers] are last-mile monopolies," she told Ars. "In an ideal world, we wouldn't need regulation. We don't live in an ideal world, all markets are not competitive, and when that is the case, that is why agencies like the FCC were constructed. We are here as a substitute for competition." Broadband regulators should strike a balance that protects consumers and promotes investment from large and small companies, she said. "If you don't regulate appropriately, things go too far one way or the other, and we either have prices that are too high or an insufficient amount of resources or applications or services to meet the needs of Americans," Clyburn said.
Read more of this story at Slashdot.
Christopher Ingraham, writing for The Washington Post: China, Russia and other authoritarian countries inflate their official GDP figures by anywhere from 15 to 30 percent in a given year, according to a new analysis of a quarter-century of satellite data. The working paper, by Luis R. Martinez of the University of Chicago, also found that authoritarian regimes are especially likely to artificially boost their gross domestic product numbers in the years before elections, and that the differences in GDP reporting between authoritarian and non-authoritarian countries can't be explained by structural factors, such as urbanization, composition of the economy or access to electricity. Martinez's findings are derived from a novel data source: satellite imagery that tracks changes in the level of nighttime lighting within and between countries over time.
Read more of this story at Slashdot.
This is why the internet was invented.
Watch this squirrel come in like a wrecking ball as it tries to launch itself onto a backyard bird feeder.
Mastering the various buttons, thumbsticks, triggers and touchpads of video game controllers is hard enough, but it can be near impossible for people with limited mobility and forms of disability. To open up gaming to more people who might normally miss out, Microsoft has unveiled the Xbox Adaptive Controller, a versatile new device that can be connected to a range of different accessories to cater to different players' specific needs... Continue Reading Xbox Adaptive Controller lends a helping hand for gamers with disabilities
TIL Nachos are named after their inventor, Ignacio "Nacho" Anaya. The dish was originally called "Nacho's especiales," and eventually the apostrophe disappeared and it was shortened to just "nachos." [Published articles]
Russian cybersecurity software maker Kaspersky Labs has announced it will be moving core infrastructure processes to Zurich, Switzerland, as part of a shift announced last year to try to win back customer trust.
It also said it’s arranging for the process to be independently supervised by a Switzerland-based third party qualified to conduct technical software reviews.
“By the end of 2019, Kaspersky Lab will have established a data center in Zurich and in this facility will store and process all information for users in Europe, North America, Singapore, Australia, Japan and South Korea, with more countries to follow,” it writes in a press release.
“Kaspersky Lab will relocate to Zurich its ‘software build conveyer’ — a set of programming tools used to assemble ready to use software out of source code. Before the end of 2018, Kaspersky Lab products and threat detection rule databases (AV databases) will start to be assembled and signed with a digital signature in Switzerland, before being distributed to the endpoints of customers worldwide.
“The relocation will ensure that all newly assembled software can be verified by an independent organization, and show that software builds and updates received by customers match the source code provided for audit.”
In October the company unveiled what it dubbed a “comprehensive transparency initiative” as it battled suspicion that its antivirus software had been hacked or penetrated by the Russian government and used as a route for scooping up US intelligence.
Being a trusted global cybersecurity firm and operating core processes out of Russia where authorities might be able to lean on your company for access has essentially become untenable as geopolitical concern over the Kremlin’s online activities has spiked in recent years.
Yesterday the Dutch government became the latest public sector customer to announce a move away from Kaspersky products (via Reuters) — saying it was doing so as a “precautionary measure”, and advising companies operating vital services to do the same.
Responding to the Dutch government’s decision, Kaspersky described it as “very disappointing”, saying its transparency initiative is “designed precisely to address any fears that people or organisations may have”.
“We are implementing these measures first and foremost in response to the evolving, ultra-connected global landscape and the challenges the cyber-world is currently facing,” the company adds in a detailed Q&A about the measures. “This is not exclusive to Kaspersky Lab, and we believe other organizations will in future also choose to adapt to these trends. Having said that, the overall aim of these measures is transparency, verified and proven, which means that anyone with concerns will now be able to see the integrity and trustworthiness of our solutions.”
The core processes that Kaspersky will move from Russia to Switzerland over this year and next — include customer data storage and processing (for “most regions”); and software assembly, including threat detection updates.
As a result of the shift it says it will be setting up “hundreds” of servers in Switzerland and establishing a new data center there, as well as drawing on facilities of a number of local data center providers.
Kaspersky is not exiting Russia entirely, though, and products for the Russian market will continue to be developed and distributed out of Moscow.
“In Switzerland we will be creating the ‘worldwide’ (ww) version of our products and AV bases. All modules for the ww-version will be compiled there. We will continue to use the current software build conveyer in Moscow for creating products and AV bases for the Russian market,” it writes, claiming it is retaining a software build conveyor in Russia to “simplify local certification”.
Data of customers from Latin American and Asia (with the exception of Japan, South Korea and Singapore) will also continue to be stored and processed in Russia — but Kaspersky says the list of countries for which data will be processed and stored in Switzerland will be “further extended, adding: “The current list is an initial one… and we are also considering the relocation of further data processing to other planned Transparency Centers, when these are opened.”
Whether retaining a presence and infrastructure in Russia will work against Kaspersky’s wider efforts to win back trust globally remains to be seen.
In the Q&A it claims: “There will be no difference between Switzerland and Russia in terms of data processing. In both regions we will adhere to our fundamental principle of respecting and protecting people’s privacy, and we will use a uniform approach to processing users’ data, with strict policies applied.”
However other pre-emptive responses in the document underline the trust challenge it is likely to face — such as a question asking what kind of data stored in Switzerland that will be sent or available to staff in its Moscow HQ.
On this it writes: “All data processed by Kaspersky Lab products located in regions excluding Russia, CIS, Latin America, Asian and African countries, will be stored in Switzerland. By default only aggregated statistics data will be sent to R&D in Moscow. However, Kaspersky Lab experts from HQ and other locations around the world will be able to access data stored in the Transparency Center. Each information request will be logged and monitored by the independent Swiss-based organization.”
Clearly the robustness of the third party oversight provisions will be essential to its Global Transparency Initiative winning trust.
Kaspersky’s activity in Switzerland will be overseen by an (as yet unnamed) independent third party which the company says will have “all access necessary to verify the trustworthiness of our products and business processes”, including: “Supervising and logging instances of Kaspersky Lab employees accessing product meta data received through KSN [Kaspersky Security Network] and stored in the Swiss data center; and organizing and conducting a source code review, plus other tasks aimed at assessing and verifying the trustworthiness of its products.
Switzerland will also host one of the dedicated Transparency Centers the company said last year that it would be opening as part of the wider program aimed at securing customer trust.
It expects the Swiss center to open this year, although the shifting of core infrastructure processes won’t be completed until Q4 2019. (It says on account of the complexity of redesigning infrastructure that’s been operating for ~20 years — estimating the cost of the project to be $12M.)
Within the Transparency Center, which Kaspersky will operate itself, the source code of its products and software updates will be available for review by “responsible stakeholders” — from the public and private sector.
It adds that the details of review processes — including how governments will be able to review code — are “currently under discussion” and will be made public “as soon as they are available”.
And providing government review in a way that does not risk further undermining customer trust may also provide a tricky balancing act for Kaspersky, given multi-directional geopolitical sensibilities, so the devil will be in the policy detail vis-a-vis “trusted” partners and whether the processes it deploys can reassure all of its customers all of the time.
“Trusted partners will have access to the company’s code, software updates and threat detection rules, among other things,” it writes, saying the Center will provide these third parties with: “Access to secure software development documentation; Access to the source code of any publicly released product; Access to threat detection rule databases; Access to the source code of cloud services responsible for receiving and storing the data of customers based in Europe, North America, Australia, Japan, South Korea and Singapore; Access to software tools used for the creation of a product (the build scripts), threat detection rule databases and cloud services”; along with “technical consultations on code and technologies”.
It is still intending to open two additional centers, one in North America and one in Asia, but precise locations have not yet been announced.
On supervision and review Kaspersky also says that it’s hoping to work with partners to establish an independent, non-profit organization for the purpose of producing professional technical reviews of the trustworthiness of the security products of multiple members — including but not limited to Kaspersky Lab itself.
Which would certainly go further to bolster trust. Though it has nothing firm to share about this plan as yet.
“Since transparency and trust are becoming universal requirements across the cybersecurity industry, Kaspersky Lab supports the creation of a new, non-profit organization to take on this responsibility, not just for the company, but for other partners and members who wish to join,” it writes on this.
Next month it’s also hosting an online summit to discuss “the growing need for transparency, collaboration and trust” within the cybersecurity industry.
Commenting in a statement, CEO Eugene Kaspersky, added: “In a rapidly changing industry such as ours we have to adapt to the evolving needs of our clients, stakeholders and partners. Transparency is one such need, and that is why we’ve decided to redesign our infrastructure and move our data processing facilities to Switzerland. We believe such action will become a global trend for cybersecurity, and that a policy of trust will catch on across the industry as a key basic requirement.”
Astronomers discover a strange pair of rogue planets wandering the Milky Way together. The free-range planets, which are each about 4 times the mass of Jupiter, orbit around each other rather than a star. [Published articles]
Over the past few years, the Hubble Space Telescope has observed what looked to be plumes of water vapor shooting from the surface of one of Jupiter's moons, Europa. Now, scientists have looked over decades-old data from Galileo and discovered that t...
Back in early 2013, the podcasting community was freaking out. A patent troll called Personal Audio LLC had sued comedian Adam Carolla and was threatening a bunch of smaller podcasters. Personal Audio claimed that the podcasters infringed U.S. Patent 8,112,504, which claims a “system for disseminating media content” in serialized episodes. EFF challenged the podcasting patent at the Patent Office in October 2013. We won that proceeding, and it was affirmed on appeal. Today, the Supreme Court rejected Personal Audio’s petition for review. The case is finally over.
We won this victory with the support of our community. More than one thousand people donated to EFF’s Save Podcasting campaign. We also asked the public to help us find prior art. We filed an inter partes review (IPR) petition that showed Personal Audio did not invent anything new, and that other people were podcasting years before Personal Audio first applied for a patent.
Meanwhile, Adam Carolla fought Personal Audio in federal court in the Eastern District of Texas. He also raised money for his defense and was eventually able to convince Personal Audio to walk away. When the settlement was announced, Personal Audio suggested that it would no longer sue small podcasters. That gave podcasters some comfort. But the settlement did not invalidate the patent.
In April 2015, EFF won at the Patent Office. The Patent Trial and Appeal Board (PTAB) invalidated all the challenged claims of the podcasting patent, finding that it should not have been issued in light of two earlier publications, one relating to CNN news clips and one relating to CBC online radio broadcasting. Personal Audio appealed that decision to the Federal Circuit.
The podcasting patent expired in October 2016, while the case was on appeal before the Federal Circuit. But that wouldn’t save podcasters who were active before the patent expired. The statute of limitations in patent cases is six years. If it could salvage its patent claims, Personal Audio could still sue for damages for years of podcasting done before the patent expired.
On August 7, 2017, the Federal Circuit affirmed the PTAB’s ruling invalidating all challenged claims. After this defeat, Personal Audio tried to get the Supreme Court to take its case. It argued that the IPR process is unconstitutional, raising arguments identical to those presented in the Oil States case. The Supreme Court rejected those arguments in its Oil States decision, issued last month. Personal Audio also argued that EFF should be bound by a jury verdict in a case between Personal Audio and CBS—an argument which made no sense, because that case involved different prior art and EFF was not a party.
Today, the Supreme Court issued an order denying Personal Audio’s petition for certiorari. With that ruling, the PTAB’s decision is now final and the patent claims Personal Audio asserted against podcasters are no longer valid. We thank everyone who contributed to EFF’s Save Podcasting campaign.
Original release date: May 14, 2018
The CERT Coordination Center (CERT/CC) has released information on email client vulnerabilities that can reveal plaintext versions of OpenPGP- and S/MIME-encrypted emails. A remote attacker could exploit these vulnerabilities to obtain sensitive information.
NCCIC encourages users and administrators to review CERT/CC’s Vulnerability Note VU #122919, apply the necessary mitigations, and refer to software vendors for appropriate patches, when available.
An anonymous reader quotes a report from Wired: The ubiquitous email encryption schemes PGP and S/MIME are vulnerable to attack, according to a group of German and Belgian researchers who posted their findings on Monday. The weakness could allow a hacker to expose plaintext versions of encrypted messages -- a nightmare scenario for users who rely on encrypted email to protect their privacy, security, and safety. The weakness, dubbed eFail, emerges when an attacker who has already managed to intercept your encrypted emails manipulates how the message will process its HTML elements, like images and multimedia styling. When the recipient gets the altered message and their email client -- like Outlook or Apple Mail -- decrypts it, the email program will also load the external multimedia components through the maliciously altered channel, allowing the attacker to grab the plaintext of the message. The eFail attack requires hackers to have a high level of access in the first place that, in itself, is difficult to achieve. They need to already be able to intercept encrypted messages, before they begin waylaying messages to alter them. PGP is a classic end-to-end encryption scheme that has been a go-to for secure consumer email since the late 1990s because of the free, open-source standard known as OpenPGP. But the whole point of doing the extra work to keep data encrypted from the time it leaves the sender to the time it displays for the receiver is to reduce the risk of access attacks -- even if someone can tap into your encrypted messages, the data will still be unreadable. eFail is an example of these secondary protections failing.
Read more of this story at Slashdot.
via GIPHY ECS is Amazon’s Elastic Container Service. That’s greek for how you get docker containers running in the cloud. It’s sort of like Kubernetes without all the bells and whistles. It takes a bit of getting used to, but This terraform how to, should get you moving. You need an EC2 host to run …