12 new moons discovered orbiting Jupiter [Published articles]

Io, pictured here orbiting Jupiter in 2007, has more company than we thought: astronomers have discovered ...

As the most massive planet in the Solar System by a wide margin, Jupiter has a lot of pull in this neighborhood. With dozens of moons whizzing around it, it makes sense that a few have slipped under the radar, but the latest discovery is still a surprisingly large haul. Astronomers have announced the detection of 12 new moons orbiting Jupiter, including one particularly reckless "oddball."

.. Continue Reading 12 new moons discovered orbiting Jupiter

Category: Space


Nathan Fillion is a fitting star for an 'Uncharted' fan film [Published articles]

Fans have been hoping for years that Nathan Fillion would play Uncharted protagonist Nathan Drake in a film adaptation, but now that the long-delayed official movie has refocused to a prequel story, that hope seemed less and less possible. For those...

Cities from the sky: The best urban drone photography of the year [Published articles]

The Tower

Drone photography is still an incredibly new and emerging art form. Just a few short years ago it would have been nigh on impossible to capture some of the images that we now see on a regular basis. It's easy to become jaded by the onslaught of drone photographs out there but a number of artists are still pushing the envelope, experimenting and finding spectacular ways to exploit this nascent medium.

.. Continue Reading Cities from the sky: The best urban drone photography of the year

Category: Drones


Amazon’s share of the US e-commerce market is now 49%, or 5% of all retail spend [Published articles]

Amazon has already been in the crosshairs of the White House when it comes to threats of antitrust investigations, and while some say this is simply Trumpian bluster that has a slim chance of going anywhere, some new numbers out from the researchers at eMarketer could prove to be a fan to the flames.

Amazon is set to clear $258.22 billion in US retail sales in 2018, according to eMarketer’s figures, which will work out to 49.1 percent of all online retail spend in the country, and 5 percent of all retail sales.

It started as an online bookstore, but today Amazon is a behemoth in all areas of e-commerce, fuelled by a strong Marketplace network of third-party sellers, an ever-expanding range of goods from groceries to fashion, and a very popular loyalty program in the form of Prime.

Now, it is fast approaching a tipping point where more people will be spending money online with Amazon, than with all other retailers — combined. Amazon’s next-closest competitor, eBay, a very, very distant second at 6.6 percent, and Apple in third at 3.9 percent. Walmart, the world’s biggest retailer when counting physical stores, has yet to really hit the right note in e-commerce and comes in behind Apple with 3.7 percent of online sales in the US.

The figures — which eMarketer says are estimates “based on an analysis of quantitative and qualitative data from research firms, government agencies, media firms and public companies, plus interviews with top executives at publishers, ad buyers and agencies” — are also remarkable not because of their size, but because of Amazon’s pace has not slowed down. Its sales are up 29.2 percent versus a year ago, when it commanded 43 percent of all e-commerce retail sales.

The rocket ship for Amazon’s growth at the moment is its Marketplace — the platform where Amazon allows third-party sellers to use its retail and (if they choose) logistics infrastructure to sell and deliver items to Amazon shoppers. It’s currently accounting for 68 percent of all retail sales, working out to nearly $176 billion, versus 32 percent for Amazon’s direct sales, and eMarketer projects that by the end of this year, Marketplace’s share will be more than double that of Amazon’s own sales (it’s already about double).

It’s no wonder that so many other online commerce businesses are chasing the marketplace model, which essentially creates transactions on two fronts for the platform operator, thereby improving margins that might be cut by not selling items directly.

“The continued growth of Amazon’s Marketplace makes sense on a number of levels,” eMarketer principal analyst Andrew Lipsman notes in the eMarketer report. “More buyers transacting more often on Amazon will naturally attract third-party sellers. But because third-party transactions are also more profitable, Amazon has every incentive to make the process as seamless as possible for those selling on the platform.”

In terms of popular categories, consumer electronics and tech continue to be the leading product category: eMarketer projects sales of $65.82 billion, around one-fourth of all turnover. Second will be apparel and accessories, which will pull in $39.88 billion of sales. Third in 2018 are health, personal care and beauty with $16 billion. Fourth is food and beverage at a distant $4.75 billion.

All of these are already up by 38 percent or more over a year ago (see the full table below), but what’s perhaps most notable is how Amazon has been investing in being a direct player in each of the categories as well.

In tech, it has its Kindles and Fire tablets, Fire TV, and of course its huge hit Alexa-powered Echo devices, among many other products. Apparel is being pushed heavily in the company’s private-label efforts. Amazon just the other week announced that it was acquiring online drug seller PillPack for $1 billion, which will be a major lever in its wider health products and services strategy. And lastly, there is Amazon’s acquisition of Whole Foods and its much wider play around meal kits and its server-free physical shops. The physical aspect, eMarketer believes, will play a strong role in Amazon’s growth in this category.

“Amazon’s strategy for food and beverage is no different, in some respects, than it was for books—dominate the category,” eMarketer senior analyst Patricia Orsini notes in the report. “However, e-commerce in the grocery sector is a challenge. Share of online sales in this category is low because most people, for a host of reasons, prefer to buy food in brick-and-mortar stores. Amazon has an advantage because its shopper base is comfortable with shopping online. Along with insights gathered about Whole Foods shoppers, Amazon probably has the best chance of converting in-store grocery buyers to online grocery buyers.”

All of these will not just boost Amazon’s own direct sales but help create an environment for people to come to Amazon to buy either these at price-busting rates, or other-brand alternatives.

So far, people think that it is unlikely that Amazon would stand an antitrust investigation because e-commerce is still a small part of all commerce (as evidenced by the five percent of all retail sales figure), and Amazon would argue that in the world of “omnicommerce” it’s still just a bit player. However, Amazon’s dominance is clear when considering e-commerce alone.

Astronomers Detected a 'Ghost Particle' and Tracked It To Its Source [Published articles]

An anonymous reader quotes a report from Space.com: Astronomers have traced a high-energy neutrino to its cosmic source for the first time ever, solving a century-old mystery in the process. Observations by the IceCube Neutrino Observatory at the South Pole and a host of other instruments allowed researchers to track one cosmic neutrino to a distant blazar, a huge elliptical galaxy with a fast-spinning supermassive black hole at its heart. And there's more. Cosmic neutrinos go hand in hand with cosmic rays, highly energetic charged particles that slam into our planet continuously. So, the new find pegs blazars as accelerators of at least some of the fastest-moving cosmic rays as well. Astronomers have wondered about this since cosmic rays were first discovered, way back in 1912. But they've been thwarted by the particles' charged nature, which dictates that cosmic rays get tugged this way and that by various objects as they zoom through space. Success finally came from using the straight-line journey of a fellow-traveler ghost particle. On Sept. 22, 2017, [...] IceCube picked up another cosmic neutrino. It was extremely energetic, packing about 300 teraelectron volts -- nearly 50 times greater than the energy of the protons cycling through Earth's most powerful particle accelerator, the Large Hadron Collider. Within 1 minute of the detection, the facility sent out an automatic notification, alerting other astronomers to the find and relaying coordinates to the patch of sky that seemed to house the particle's source. The community responded: Nearly 20 telescopes on the ground and in space scoured that patch across the electromagnetic spectrum, from low-energy radio waves to high-energy gamma-rays. The combined observations traced the neutrino's origin to an already-known blazar called TXS 0506+056, which lies about 4 billion light-years from Earth. The IceCube team also went through its archival data and found more than a dozen other cosmic neutrinos that seemed to be coming from the same blazar. These additional particles were picked up by the detectors from late 2014 through early 2015. The findings are reported in two separate studies published in the journal Science.

Share on Google+

Read more of this story at Slashdot.

Python Language Founder Steps Down [Published articles]

After almost 30 years of overseeing the development of the world's most popular language, Python, its founder and "Benevolent Dictator For Life" (BDFL), Guido van Rossum, has decided to remove himself entirely from the decision process. From a report: Van Rossum isn't leaving Python entirely. He said, "I'll still be there for a while as an ordinary core dev, and I'll still be available to mentor people -- possibly more available." It's clear from van Rossum's note he's sick and tired of running the organization. He wrote, "I don't ever want to have to fight so hard for a PEP (Python Enhancement Proposals) [PEP 572 Assignment Expressions] and find that so many people despise my decisions." In addition, van Rossum hints he's not been well. "I'm not getting younger... (I'll spare you the list of medical issues.)" So, "I'm basically giving myself a permanent vacation from being BDFL, and you all will be on your own." From the email: I am not going to appoint a successor. So what are you all going to do? Create a democracy? Anarchy? A dictatorship? A federation? I'm not worried about the day to day decisions in the issue tracker or on GitHub. Very rarely I get asked for an opinion, and usually it's not actually important. So this can just be dealt with as it has always been. At Slashdot, we had the privilege of interviewing Guido van Rossum, a Computer History Museum honoree, in 2013.

Share on Google+

Read more of this story at Slashdot.

Thanos Has Snapped His Fingers and Killed Half of a Subreddit [Published articles]

Perfect balance has been achieved. The r/ThanosDidNothingWrong subreddit is now better equipped to allocate its precious resources after moderators randomly banned half of its members. Was I among those culled? Well, all I can say is: I don’t feel so good right now, Mr. Stark.


Kepler Telescope To Send NASA Its Last Images [Published articles]

We don't yet know if there's life on other worlds, however likely that is, but NASA's Kepler Mission satellite has helped pinpoint the abundance of planets orbiting other stars starting in May 2009. So far, it has provided data that scientists have used to confirm the existence of 2,650 exoplanets in a field of over 150,000 stars that it's examining. But that long service is about to end, as NASA said this week the craft is running out of fuel. From a report: The space agency has put the satellite into a form of hibernation until August 2, when there's time booked on the Deep Space Network -- a global array of receivers for space missions -- to download data from its 18th observational mission. Following that download, NASA will use the remaining fuel to start a 19th session. Fortunately, its successor is already in place and operational. The Transiting Exoplanet Survey Satellite (TESS) launched in April 2018, and produced a test image in May. TESS is a massive upgrade, observing almost 400 times the region of space as Kepler, or about 85% of what's observable from its orbit relative to Earth. Kepler is already a survivor, continuing to operate after part of the gyroscope mechanism failed that let it target star fields. Four wheels rotate in the gyroscope to provide a reaction that allows the necessarily precision in tracking, and two of the four failed by May 2013. NASA mission scientists figured out a clever workaround, in which they used pressure from the Sun to provide additional positioning assistance. The mission resumed under the moniker K2 in May 2014.

Share on Google+

Read more of this story at Slashdot.

U.S. Opposition to Breast-Feeding Resolution Stuns World Health Officials [Published articles]

Do you hold our debt fulfilled? [Published articles]

This story was originally posted by "planefag" over at 4chan's /tg/ board on 16-09-2011.

This thread is mirrored on ArkMuse here.

About twelve years ago, a man died in high orbit over Tau Ceti V.

His name was Drake McDougal, and aside from a few snapshots and vague anecdotes from his drinking buddies, that’s probably all we’ll ever know about him. Another colony-born man with little records and little documentation, working whatever asteroid field the Dracs deigned to allow them. Every now and then a Drac gunship would strut on through the system, Pax Draconia and all that. But that was it.

One fine day, one of those gunships had a misjump. A bad one. It arrived only ninety clicks above atmo, with all of its impellers blown out by the gravatic feedback of Tau Ceti V’s gravity well. The Dracs scraped enough power together for a good system-wide broadbeam and were already beginning the Death Chant when they hit atmo.

People laughed at the recording of sixty Dracs going from mysterious chanting to “what-the-fuck’ing” for years after they forgot the name Drake McDougal. The deafening “CLANG” and split second of stunned silence afterwards never failed to entertain. Drake had performed a hasty re-entry seconds after the gunship and partially slagged his heatshield diving after it. Experts later calculated he suffered 11Gs when he leaned on the retro to match velocities with the Dracs long enough to engage the mag-grapples on his little mining tug.

Even the massively overpowered drive of a tug has its limits, and Drake’s little ship hit hers about one and a half minutes later. Pushed too far, the tug’s fusion plant lost containment just as he finished slingshotting the gunship into low orbit. (It was unharmed, of course; the Drac opinion of fusion power best translated as “quaint,” kind of how we view butter churns.)

It was on the local news within hours, on newsnets across human space within days. It was discussed, memorialized, marveled upon, chewed over by daytime talk-show hosts, and I think somebody even bought a plaque or some shit like that. Then there was a freighter accident, and a mass-shooting on Orbital 5, and of course, the first Vandal attacks in the periphery.

The galaxy moved on.

Twelve years is a long time, especially during war, so twelve years later, as the Vandal’s main fleet was jumping in near Jupiter and we were strapping into the crash couches of what we enthusiastically called “warships,” I guaran-fucking-tee you not one man in the entire Defense Force could remember who Drake McDougal was.

Well, the Dracs sure as hell did.

Dracs do not fuck around. Dozens of two-kilometer long Drac supercaps jumped in barely 90K klicks away, and then we just stood around staring at our displays like the slack-jawed apes we were as we watched what a real can of galactic whoop-ass looked like. You could actually see the atmosphere of Jupiter roil occasionally when a Vandal ship happened to cross between it and the Drac fleet. There’s still lightning storms on Jupiter now; something about residual heavy ions and massive static charges or something.

Fifty-eight hours later, with every Vandal ship reduced to slagged debris and nine wounded Drac ships spinning about as they vented atmosphere, they started with the broad-band chanting again. And then the communiqué that confused the hell out of us all.

“Do you hold our debt fulfilled?”

After the sixth or seventh comms officer told them “we don’t know what the hell you’re talking about” as politely as possible, the Drac fleet commander got on the horn and asked to speak to a human Admiral in roughly the same tone as a telemarketer telling a kid to give the phone to Daddy. When the Admiral didn’t know either, the Drac went silent for a minute, and when he came back on his translator was using much smaller words, and talking slower.

“Is our blood debt to Drake McDougal's clan now satisfied?"

The Admiral said “Who?”

What the Drac commander said next would’ve caused a major diplomatic incident had he remembered to revert to the more complex translation protocols. He thought the Admiral must be an idiot, a coward, or both. Eventually the diplomats were called out, and we were asked why the human race had largely forgotten the sacrifice of Drake McDougal.

Humans, we explained, sacrifice themselves all the time.

We trotted out every news clip from the space-wide Nets from the last twelve years. Some freighter cook that fell on a grenade during a pirate raid on Outreach. A ship engineer who locked himself into the reactor room and kept containment until the crew evacuated. Firefighter who died shielding a child from falling debris with his body, during an earthquake. Stuff like that.

The Dracs were utterly stunned. Their diplomats wandered out of the conference room in a daze. We’d just told them that the rarest, most selfless and honorable of acts – acts that incurred generations-long blood-debts and moved entire fleets – was so routine for our species that they were bumped off the news by latest celebrity scandal.

Everything changed for humanity after that. And it was all thanks to a single tug pilot who taught the galaxy what truly defines Man.

[Previous] | [Next]

submitted by /u/Prohibitorum to r/HFY
[link] [comments]

[SERIOUS] What are some places on Earth that are still unexplored because locals fear them? And what are they afraid of? [Published articles]

All-time Heat Records Are Being Set All Over the World [Published articles]

As the U.K. begins a two-week heat wave, one pedestrian apparently found his leg sinking into tarmac, which had melted, requiring a call to emergency rescue services. "All-time heat records have been set all over the world during the past week," reports the Washington Post, in an article titled "Red-Hot Planet," which they've updated throughout the week with new all-time heat records. From the normally mild summer climes of Ireland, Scotland and Canada to the scorching Middle East to Southern California, numerous locations in the Northern Hemisphere have witnessed their hottest weather ever recorded over the past week.... The Canadian Broadcasting Corporation reports the heat is to blame for at least 54 deaths in southern Quebec, mostly in and near Montreal, which endured record high temperatures. In Northern Siberia, along the coast of the Arctic Ocean -- where weather observations are scarce -- model analyses showed temperatures soaring 40 degrees above normal on July 5, to over 90 degrees... On Thursday, Africa likely witnessed its hottest temperature ever reliably measured. Ouargla, Algeria soared to 124.3 degrees (51.3 Celsius). If verified, it would surpass Africa's previous highest reliable temperature measurement of 123.3 degrees (50.7 Celsius) set July 13, 1961, in Morocco. No single record, in isolation, can be attributed to global warming. But collectively, these heat records are consistent with the kind of extremes we expect to see increase in a warming world. Nasdaq Inc. even warned customers that high humidity in New Jersey was slowing the radio transmissions needed for high-speed trading, according to an article shared by Slashdot reader narcoossee. And Southern California has also experienced record-setting temperatures "well above 110 degrees across the region," sparking brush fires that burned homes in two counties. Last July several U.S. cities experienced their hottest month ever, including Reno, Salt Lake City, and Miami. And Death Valley, California maintained an average temperature of 107.4 degrees for an entire month, the hottest month ever recorded on earth. "The temperature didn't fall below 89 degrees at any point in the month of July at Death Valley," reports the Washington Post, adding "On three nights, the 'low' temperature was 102-103 degrees." And last month the Middle East city Quriyat (in Oman) endured more than two full days in which the temperature never dropped below 108.7 degrees.

Share on Google+

Read more of this story at Slashdot.

Flattened Fluids Help Scientists Understand Oceans and Atmospheres [Published articles]

By squeezing fluids into flat sheets, researchers can get a handle on the strange ways that turbulence feeds energy into a system instead of eating it away.

Why your brain never runs out of problems to find [Published articles]

EPA Blocks Warnings on Cancer-Causing Chemical: Report [Published articles]

The Trump administration is suppressing an Environmental Protection Agency report that warns that most Americans inhale enough formaldehyde vapor in the course of daily life to put them at risk of developing leukemia and other ailments, a current and a former agency official told POLITICO. The news outlet adds: The warnings are contained in a draft health assessment EPA scientists completed just before Donald Trump became president, according to the officials. They said top advisers to departing Administrator Scott Pruitt are delaying its release as part of a campaign to undermine the agency's independent research into the health risks of toxic chemicals. Andrew Wheeler, the No. 2 official at EPA who will be the agency's new acting chief as of Monday, also has a history with the chemical. He was staff director for the Senate Environment and Public Works Committee in 2004, when his boss, then-Chairman Jim Inhofe (R-Okla.), sought to delay an earlier iteration of the formaldehyde assessment. Formaldehyde is one of the most commonly used chemicals in the country. Americans are exposed to it through wood composites in cabinets and furniture, as well as air pollution from major refineries.

Share on Google+

Read more of this story at Slashdot.

Fiske’s Reading Machine was a pre-silicon Kindle [Published articles]

E-readers have become one of the most pervasive pieces of tech for many reasons. They survive alongside tablets because they're accessible -- Amazon's entry-level Kindle is just $80 -- and don't require daily charging. E-ink displays don't strain you...

Five Really Cool Things I Learned at NASA’s Neutral Buoyancy Lab [Published articles]

It’s like this… An astronaut asks if you want to spend the day at work with him. You say, “Yes.”

More specifically, it was like this. Kjell Lindgren, a NASA astronaut who spent 142 days in space, was a consultant when I was writing The Calculating Stars and The Fated Sky. So by “Would you like to spend the day with me at work?” what he meant was “Do you want to come to the NBL and watch a full dev run?”

Now, if you’re like me, you say, “Yes.”

Let me explain. He invited me to go to the Neutral Buoyancy Laboratory, which is a swimming pool the size of a football field and three stories deep, containing a full-scale replica of the International Space Station. A “dev run” is a developmental run of a spacewalk—basically, they simulate a spacewalk in 6.2 million gallons of water.

Buy it Now

But what he actually said was, “Do you want to watch me do a dev run at the NBL? But you probably won’t want to stay for the whole day because it will be really boring.”

To which, my basic response was, “Hey Kjell… Know how I’m a professional puppeteer? If you’re in NYC and want to visit Sesame Street, let me know. but you probably won’t want to stay for the whole day because it will be really boring.”

He acknowledged that I had a point.

We met at 6:30 am because a day at the NBL starts super-early. He needs to be ready for his physical at 7:30 am. Yes. They have to get checked out by a doctor before beginning a simulated spacewalk. Even so, when we arrived at the NBL, there was someone swimming laps in the pool above the mock-ISS. This is, apparently, one of the perks of working at the NBL. You get to swim in a massive, massive pool.

Until he went underwater, Kjell let me shadow him at poolside and during the mission briefing. I took six pages of hand-written notes and 3000 words of typed notes. Here are the Top Five Really Cool Things I Learned at the NBL.

1. The Mini-WorkStation, which had been described to me as being kinda like a toolbox, is not a box. It is a metal bar that is strapped to the astronaut’s chest and contains the things they think they’ll need on the spacewalk. It’s the jumble of random metal and tyvek to the left of the photo. Each astronaut sets the MWS the way they want it, which is what Kjell is doing in this photo. He’s holding a RET—retractable equipment tether.

2. Wire-ties. These are long brass pieces of wire with a loop at the end to make them easier to grab and use. There are short “US” wireties and long “Russian” wireties.

Funny story about their development. The Russians were at the NBL for some training and saw the twist ties on bread bags. Apparently, they twisted and untwisted them with great interest.

“These are useful!” they proclaimed. And then they went back to Star City to make larger brass versions of the same thing.

NASA saw them on the ISS and said “These are useful” and now they make them too. So… wire ties. Super-high-tech.

And the reason to not use a zip-tie in space? You have to use a blade to release them and they avoid anything sharp on a spacewalk because of the danger of a suit puncture.

By the way, the image here of the wire ties? I’d hadn’t gotten a good shot of one by itself while I was at the NBL, so I asked Kjell if he could take a photo next time he was there. He didn’t wait, because he had some at home. That he’d used on a spacewalk. As you do. No big deal.

3. The LTA or Lower Torso Assembly—AKA space pants. I had been told, before arriving, that astronauts do not, in fact, put their pants on like everyone else. This is true. If you look carefully in this photo, on the pool deck on either side, are two white mats with space pants on them. What happens is that the astronauts walk out in their Liquid Cooling and Ventilation Garment, which basically looks like long underwear with aquarium tubing sewn into it. The LCVG is designed to keep them cool inside the space suit. One of the things that’s tricky is that the suit is tight and lined with rubber which basically grabs the fabric of the LCVG.

So, they sit down on the pool deck and wriggle into the LTA with two highly trained technicians bracing it. It is like the least sexy floor dance in the world.

4. The EMU (EVA Mobility Unit or Extra-vehicular-activity Mobility Unit because NASA loves an acronym inside an acronym) weighs about 350 pounds. Walking in it is … challenging. So the astronauts put on their space pants and then clomp over to the donning stand which holds the upper part of the suit. After the technicians check them out to make sure that the suit is fully sealed, they use a crane to lower them into the pool. (Check out the video here.) My favorite bit of this is when Kjell splashes the kids as he goes under.

5. There are sometimes children of NASA employees at a dev run. Why would you bring a child to something advertised as “boring?” Because there are only a few times when an astronaut puts on the full EMU while on Earth: when they are are taking their official photo and at the NBL. So if you want to see an astronaut really and truly looking like an astronaut, the NBL is your opportunity. Please note that even adults will grin like an idiot and stand next to an astronaut to have their photo taken.

Apparently, one of the most common questions that children ask is, “How do you go to the bathroom?”

The answer is…

MAGs. Maximum Absorbency Garments. Which are tooooooootally not diapers. Definitely not. Definitely.

Definitely diapers. BUT thanks to modern improvements, they are pull-ups now. In fact … you can thank NASA for a lot of modern diaper technology. Although, again, astronauts wear MAGs, not diapers.

Buy it Now

Also of note, the dia— I mean MAGS can only handle Number 1 and not Number 2.

My understanding is that you make dietary choices to make sure that you won’t have to Number 2 in the suit. At the NBL, they can pull you out of the pool. On the ISS? That’s a number 2 with no gravity to help it stay put.

So those are the top five things that I geeked about at the NBL. If you get me at a convention, I will talk about this AT LENGTH. “Probably won’t want to stay all day…” Ha!

The fact that Kjell thought I would probably find the NBL boring was a good example of how normal even extraordinary things can become when you deal with them every day. But, I mean… Space! Even simulated space! His normal is my astonishing. Seriously … look at how excited I got to talk about diap— MAGs. I’m excited to talk about MAGs.


Photos courtesy of the author.
Kowal’s The Calculating Stars is available now from Tor Books; The Fated Sky publishes August 21st.

Mary Robinette Kowal is the author of Ghost Talkers and The Glamourist Histories series of fantasy novels. She has received the Campbell Award for Best New Writer, three Hugo awards, and the RT Reviews award for Best Fantasy Novel. Her latest novels, The Calculating Stars and The Fated Sky, are set in the world of the Hugo Award-winning novelette, “The Lady Astronaut of Mars”. Mary, a professional puppeteer, also performs as a voice actor, recording fiction for authors such as Seanan McGuire, Cory Doctorow and John Scalzi. She lives in Chicago with her husband Rob and over a dozen manual typewriters.

We Have No Idea How Bad the US Tick Problem Is [Published articles]

And new tick-borne pathogens are emerging at a troubling clip.

This is the only way to deal with plot holes [Published articles]

Companies Must Let Customers Cancel Subscriptions Online, California Law Says [Published articles]

A California law that went into effect July 1 is aimed at making it easier for customers to cancel their subscriptions online. From a report: The law states that customers who accept an automatic renewal or continuous service offer online must be able to cancel the service online. That could include a pre-written "termination email" provided by the company that can be sent by the consumer without the need for more information. The law means you won't have to make anymore phone calls to obscure customer service hotlines to cancel services like news subscriptions, music streaming or meal plans, for example. One person tweeted about trying to cancel a New York Times subscription on the phone and being put on hold for 15 minutes -- twice.

Share on Google+

Read more of this story at Slashdot.

One word. [Published articles]

Fixing bufferbloat on your home network with OpenBSD 6.2 or newer [Published articles]

Water compresses under a high gradient electric field [Published articles]

SUSE Linux Sold For $2.5 Billion [Published articles]

Archangel Michael writes: Reuters is reporting that Britain's Micro Focus has agreed to sell its SUSE open-source enterprise software business to Swedish buyout group EQT Partners for $2.535 billion, lifting its shares 6 percent. Micro Focus, a serial acquirer that has been struggling to get to grips with a $8.8 billion Hewlett Packard Enterprise deal, said on Monday it would use some of the proceeds to reduce debt and could return some of the rest to shareholders. SUSE is used by banks, universities and government agencies around the world and is a pioneer in enterprise-grade Linux software serving companies such as Air India, Daimler and Total.

Share on Google+

Read more of this story at Slashdot.

TIL that in 1895, UK prime minister William Gladstone founded a public library. Aged 85, he wheelbarrowed his personal collection of 32,000 books the ¾ mile between his home and the library. His desire, his daughter said, was to "bring together books who had no readers with readers who had no books" [Published articles]

Oh Bethesda [Published articles]

Microsoft Releases 125 Million Building Footprints In the US To the OpenStreetMap Community [Published articles]

An anonymous reader quotes a report from MSPoweruser: Today, Microsoft announced that it is releasing 124 Million building footprints in the United States to the OpenStreetMap community. Bing Maps team used Microsoft's CNTK Unified Toolkit to apply its Deep Neural Networks and the ResNet34 with RefineNet up-sampling layers to detect building footprints from the Bing imagery. OpenStreetMap currently has 30,567,953 building footprints in the U.S., thanks to editor contributions and various city or county wide imports. Using DNNs and Bing Imagery, Microsoft has extracted 124,885,597 footprints in the United States and making it available for download free of charge.

Share on Google+

Read more of this story at Slashdot.

The physics of baking good pizza [pdf] [Published articles]

Data Structures Reference [Published articles]

Every Android Device Launched Since 2012 Impacted By RAMpage Vulnerability [Published articles]

Almost all Android devices released since 2012 are vulnerable to RAMpage bug, an international team of academics has revealed today. From a report: The vulnerability, tracked as CVE-2018-9442, is a variation of the Rowhammer attack. Rowhammer is a hardware bug in modern memory cards. A few years back researchers discovered that when someone would send repeated write/read requests to the same row of memory cells, the write/read operations would create an electrical field that would alter data stored on nearby memory. In the following years, researchers discovered that Rowhammer-like attacks affected personal computers, virtual machines, and Android devices. Through further researcher, they also found they could execute Rowhammer attacks via JavaScript code, GPU cards, and network packets.

Share on Google+

Read more of this story at Slashdot.

Archivist in a Backpack project empowers local efforts to preserve history [Published articles]

University of North Carolina at Chapel Hill is using a grant to create kits for novice archivists to use in underserved communities. Dubbed Archivist in a Backpack, the kits actually range in size and scope, from backpacks loaded with recording equipment and guides to rolling suitcases with flatbed scanners. (more…)

How rich people buy their way out of prison [Published articles]

This video explains why rich people -- like the heir to the Dupont fortune who admitted raping his three-year-old daughter -- are able to avoid jail. As you might guess, they pay high-power lawyers to convince prosecutors (sometimes contributing to DA's campaign funds) to give their crooked clients sweetheart plea deals. Of course, public defenders don't enjoy the same level of access to prosecutors.

WD40's new straws are pretty amazing [Published articles]

WD40 has replaced its traditional taped-on, easy-to-lose nozzle straws (so important for getting the slippery stuff into the stuck places) with a pair of new options: a "smart straw" that is permanently affixed and delivers either a focused beam or a wide blast, controlled by a thumb-button; and a poseable metal "EZ Reach" straw that you bend into the desired shape and then direct, allowing you to squirt into hard-to-reach, places around corners and behind obstacles. (more…)

A Technical Deep Dive into STARTTLS Everywhere [Published articles]

Today we’re announcing the launch of STARTTLS Everywhere, EFF’s initiative to improve the security of the email ecosystem.

Thanks to previous EFF efforts like Let's Encrypt, and Certbot, as well as help from the major web browsers, we've seen significant wins in encrypting the web. Now we want to do for email what we’ve done for web browsing: make it simple and easy for everyone to help ensure their communications aren’t vulnerable to mass surveillance.

Note that this is a technical deep dive into EFF’s new STARTTLS Everywhere project, which assumes familiarity with SMTP and STARTTLS. If you’re not familiar with those terms, you should first read our post intended for a general audience, available here.

The State of Email Security

There are two primary security models for email transmission: end-to-end, and hop-to-hop. Solutions like PGP and S/MIME were developed as end-to-end solutions for encrypted email, which ensure that only the intended recipient can decrypt and read a particular message.

Unlike PGP and S/MIME, STARTTLS provides hop-to-hop encryption (TLS for email), not end-to-end. Without requiring configuration on the end-user's part, a mailserver with STARTTLS support can protect email from passive network eavesdroppers. For instance, network observers gobbling up worldwide information from Internet backbone access points (like the NSA or other governments) won't be able to see the contents of messages, and will need more targeted, low-volume methods. In addition, if you are using PGP or S/MIME to encrypt your emails, STARTTLS prevents metadata leakage (like the "Subject" line, which is often not encrypted by either standard) and can negotiate forward secrecy for your emails.

Thanks to multiple efforts over the years, effective STARTTLS encryption is as high as 89% according to Google's Email Transparency Report—a big improvement from 39% just five years ago.

However, as we explain in our general STARTTLS Everywhere announcement, STARTTLS has some problems.

Nobody Validates Certificates, and It’s Hard to Blame Them

Although many mailservers enable STARTTLS, most still do not validate certificates. Without certificate validation, an active attacker on the network can read and even modify emails sent through your supposedly “secure” connection. Since it’s not common practice to validate certificates, there’s often little incentive to present valid certificates in the first place. A brief experiment on Censys shows that about half of the mailservers that support STARTTLS use self-signed certificates.

On the web, when browsers encounter certificate errors, these errors are communicated to the end user, who can then decide whether to continue to the insecure site. With email, this is not an option, since an email user's client, like Thunderbird or the Gmail app on a user’s phone, runs separately from the machine responsible for actually sending the mail. Since breakage means the email simply won’t send, the email ecosystem is naturally more risk-averse than the browser ecosystem when it comes to breakages.

As a result, the ecosystem is stuck in a sort of chicken-and-egg problem: no one validates certificates because the other party often doesn’t have a valid one, and the long tail of mailservers continue to use invalid certificates because no one is validating them anyway.

Even If You’re Doing It Right, It Could Still Go Wrong

But let’s say you have STARTTLS enabled with a valid certificate, and so does the other party. You both validate certificates. What could go wrong?

When two mailservers support STARTTLS, their insecure connection is opportunistically upgraded to a secure one. In order to make that upgrade, the two mailservers ask each other if they support STARTTLS. Since this initial negotiation is unencrypted, network attackers can alter these messages to make it seem like neither server supports STARTTLS, causing any emails to be sent unencrypted. ISPs in the U.S. and abroad have been caught doing exactly this, and in 2014, several researchers found that encryption on outbound email from several countries were being regularly stripped.

Can DANE Fix These Problems?

Absolutely! If you are deep into the email world, you may have heard of DANE. DANE relies on DNSSEC, a protocol for publishing and validating signed DNS entries. Consistent and full DANE deployment presents a scalable solution for mailservers to clarify certificate validation rules and prevent downgrade attacks.

However, DANE is dependent on deployment and validation of DNSSEC, the latter of which has remained stagnant (at around 10-15% worldwide) for the past five years. STARTTLS Everywhere’s aim is to decouple secure email from DNSSEC adoption with a stop-gap, intermediate solution.

What About MTA-STS?

MTA-STS is a proposed standard that will allow mailservers to announce the security policies of their mailservers. In MTA-STS, a mailserver administrator creates a TXT record in their domain’s DNS entries, which indicates that the domain supports MTA-STS. They then post their security policy (whether to require STARTTLS or continue sending email on failure, which MX hosts to use, and how long the policy is valid) at a well-known HTTPS URL on their domain, so that senders can retrieve it and adhere to the policy.

The problem with MTA-STS is that since most DNS requests are still unauthenticated (see the section on DANE above), an active attacker can still MitM the initial DNS request and convince the sender that the recipient doesn’t support MTA-STS, and then later MitM the STARTTLS messages, so the sender will never know the recipient supports STARTTLS.

Wow, Everything’s So Messed Up. How Is STARTTLS Everywhere Going to Help?

We have three primary goals for STARTTLS Everywhere:

Improve STARTTLS adoption.

We want to make it easy to deploy STARTTLS with valid certificates on mailservers. We’re developing Certbot plugins for popular MTA software, starting with Postfix, to make this a reality.

If you run a mailserver and use Postfix, help test out our Certbot plugin. Please note that the plugin is still very much beta—if you have problems with it, you can report an issue.

Not using Postfix? We’re also working on Certbot plugins for Dovecot and Sendmail, so stay tuned. We also welcome contributions of installer plugins for other MTAs!

Prevent STARTTLS downgrade attacks.

In order to detect downgrade attacks, we’re hosting a policy list of mailservers that we know support STARTTLS. This list acts essentially as a preload list of MTA-STS security policies. We’ve already preloaded a select number of big-player email domains, like Gmail, Yahoo, and Outlook.

If you’d like to add your email domain to the list, try out our website; otherwise, you can also email starttls-policy@eff.org with validation details or submit a pull request yourself to the code repository where we host the list.

If you’d like to use the list, check out our guidelines for how to do so.

Lower the barriers to entry for running a secure mailserver.

Email was designed as a federated and decentralized communication protocol. Since then, the ecosystem has centralized dramatically, and it has become exponentially more difficult to run your own mailserver. The complexity of running an email service is compounded by the anti-spam arms race that small mail operators are thrust into. At the very least, we’d like to lower the barriers to entry for running a functional, secure mailserver.

Beyond developing and testing Certbot plugins for popular MTAs, we’re still brainstorming ideas to decentralize the email ecosystem. If you work on easy-to-deploy MTA software, let’s get in touch.

You can help, too!

All of our software packages are currently in a developer beta state, and our team is stretched thin working on all of these projects. You can help make the email ecosystem more secure by:

Of course, if you appreciate the work we’ve done on STARTTLS Everywhere, you can also donate to EFF! Your contribution will help further development of projects like STARTTLS Everywhere that help raise everyone’s level of security.

Donate to EFF

With all that we have accomplished together to improve the state of encrypted communications on the Internet, it’s about time we focus on upgrading email, the backbone of communication for a large part of the world. STARTTLS Everywhere is a natural step in that direction, but there’s still plenty of work to do, so let’s get hopping on hop-to-hop encryption!

It’s Time You Learned About Quantum Computing [Published articles]

A researcher explains quantum computing in terms anyone can understand—even an 8-year-old.

Two Vortex Rings Colliding in Slow Motion [video] [Published articles]

‘Babylon 5’ is great, so why does it look so bad? [Published articles]

When the histories of this golden age of television are written, they will likely begin with The Sopranos. But that would be a mistake because the template a lot of modern-day TV copies was instead created by Babylon 5. A decade before The Wire would...

How the Koch Brothers Are Killing Public Transit Projects Around the Country [Published articles]

Nazis separated me from my parents as a child. The trauma lasts a lifetime: I know from experience that the Trump-sanctioned brutality at the US border with Mexico will scar its child victims for life [Published articles]

Interview with Alex Norris, of "oh no" Webcomic Name fame [Published articles]

Jenny Robins interviews Alex Norris...

NORRIS: My comics have always largely been about exploring the link between joy and sadness, and finding humour in despair, so I think when I started this format the mix of heartbreak and silliness just sort of came naturally and I like to take it as far as I can. Interesting things happen when you say two opposing things at the same time. I’ve always seen Webcomic Name as a sort of celebration of failure, and I think the mental twist in that prevents the repeated “oh no” from becoming completely depressing!

... and finds out what the "oh no" voice sounds like.
NORRIS: This is probably my most-asked question, and I usually say it sounds like someone who is disappointed but used to being disappointed, or reading from a script. If I ever turned Webcomic Name into a video format, I would probably get readers to send in their version of the “oh no” and use a different one each time. I like that the “oh no” speech bubble is basically a visual motif now – because you see it so often as you read my comics it loses the verbal meaning and just becomes a symbol.

Across America, the Poor Peoples' Campaign is building steam and refusing to be intimidated by crackdowns [Published articles]

We're into the fifth week of the Poor People’s Campaign: A National Call for a Moral Revival, a national uprising over the state of the richest nation in the world, where 140,000,000 people live at or below the poverty line (America is history's first rich poor country). (more…)

Terry Gilliam Has Lost the Rights to The Man Who Killed Don Quixote [Published articles]

Well, this is a strange new chapter in one of the strangest stories in modern film. For decades, famed genre director (and former Monty Python, uh, snake) Terry Gilliam struggled to make The Man Who Killed Don Quixote, his own surreal take on the classic Spanish novel. He succeeded, finally, with a rendition starring…


US Government Finds New Malware From North Korea [Published articles]

Days after the historic North Korea-United States summit, the Department of Homeland Security issued a report on Thursday warning of a new variant of North Korean malware to look out for. Called Typeframe, the malware is able to download and install additional malware, proxies and trojans; modify firewalls; and connect to servers for additional instructions. Engadget reports: Since last May, the DHS has issued a slew of alerts and reports about North Korea's malicious cyber activity. The department also pointed out that North Korea has been hacking countries around the world since 2009. And of course, don't forget that the U.S. also labeled that country as the source of Wannacry cyberattack, which notably held data from the UK's National Health Service hostage, and wreaked havoc across Russia and Ukraine. CNN was first to report the news.

Share on Google+

Read more of this story at Slashdot.

Was the Stanford Prison Experiment a Sham? [Published articles]

Frosty Piss writes: The Stanford Prison Experiment was conducted in 1971 by psychology professor Philip Zimbardo using college students to investigate the psychological effects of perceived power by focusing on the struggle between prisoners and prison officers. In the study, volunteers were randomly assigned to be either "guards" or "prisoners" in a mock prison, with Zimbardo serving as the superintendent. The results seemed to show that the students quickly embraced their assigned roles, with some guards enforcing authoritarian measures and ultimately subjecting some prisoners to psychological torture, while many of the prisoners passively accepted psychological abuse and, by the officers' request, actively harassed other prisoners who tried to stop it. After Berkeley graduate Douglas Korpi appeared to have a nervous breakdown while playing the role of an inmate, the experiment was shut down. There's just one problem: Korpi's breakdown was a sham. Dr. Ben Blum took to Medium to publish his claims. "Blum's expose -- based on previously unpublished recordings of Zimbardo, a Stanford psychology professor, and interviews with the participants -- offers evidence that the 'guards' were coached to be cruel," reports New York Post. "One of the men who acted as an inmate told Blum he enjoyed the experiment because he knew the guards couldn't actually hurt him." "There were no repercussions. We knew [the guards] couldn't hurt us, they couldn't hit us. They were white college kids just like us, so it was a very safe situation," said Douglas Korpi, who was 22-years-old when he acted as an inmate in the study. The Berkeley grad now admits the whole thing was fake. Zimbardo also "admitted that he was an active participant in the study, meaning he had influence over the results," reports New York Post. According to an audio recording from the Stanford archive, you can hear Zimbardo encouraging the guards to act "tough."

Share on Google+

Read more of this story at Slashdot.

The Universe Is Not a Simulation, but We Can Now Simulate It [Published articles]

Computer simulations have become so accurate that cosmologists can now use them to study dark matter, supermassive black holes, and other mysteries of the real evolving cosmos.

Star Trek: Discovery Has Suddenly Changed Showrunners Again [Updated] [Published articles]

If you had hopes that it would be smooth sailing ahead for Star Trek: Discovery as the show heads into its second season—well, it seems the waters are still a bit rough. Showrunners Gretchen Berg and Aaron Harberts are out, and executive producer Alex Kurtzman will step in. Kurtzman will also run the show’s writers’…


Elder Scrolls VI E3 Teaser [Published articles]

University Seeks Volunteers For 'Hotel Influenza' [Published articles]

The National Institutes of Health is paying a St. Louis university to study the effectiveness of flu vaccines. An anonymous reader quotes Fortune: The university wants volunteers to live in "hotel influenza," where they'd be either given a vaccine or a placebo, be exposed to the flu, and be quarantined for 10 days in the Extended Stay Research Unit. Compensation for such an experiment is around $3,500 (for time and travel), according to a SLU release... "In a traditional flu study, we vaccinate people and see if their immune systems respond by creating antibodies that fight flu," Dr. Hoff said in a release. "In a human challenge study, we vaccinate people, then deliberately challenge their bodies by exposing them to flu to see if they get sick"... The 24 volunteers living in the "hotel influenza" would have private rooms and bathrooms, common areas with with chairs and TVs, along with exercise equipment, and catered meals in a dining room. They will be observed, "have blood and lung tests and nose swabs to see if they are infected with flu and shedding the virus." If they come down with the flu, they won't be able to leave until they've tested negative for the virus for two days. Nurses would be available around the clock. One St. Louis newspaper jokes that it will either be a "sickathon" -- or "an indoor vacation complete with catered meals, TV, internet, a gym and views of the Arch".

Share on Google+

Read more of this story at Slashdot.

When Overtaxed Working Memory Knocks Your Brain Out of Sync [Published articles]

Researchers find that when working memory gets overburdened, dialog between three brain regions breaks down. The discovery provides new support for a broader theory about how the brain operates.

Terry Pratchett: "Humans need fantasy to be human. To be the place where the falling angel meets the rising ape." [Published articles]

From Hogfather.

submitted by /u/sun-lion to r/Fantasy
[link] [comments]

I'm a backpacking ethnomusicologist traveling Indonesia researching and recording rare and endangered traditional music, then sharing it all for free online. [Published articles]

My name's Palmer Keen. I'm a guy who's obsessed with music in a corner of the world that most people never even think about, Indonesia. Indonesia is the fourth most populous country in the world and also perhaps the most musically diverse country on the planet, but so much of this music is unknown or unavailable outside the country. My mission is to share this stuff with the world.

For more than four years I've been traveling around Indonesia researching and recording dozens of Indonesian music styles and sharing it all for free on my website, Aural Archipelago. Without a formal background in ethnomusicology, I've figured it all out as I go: becoming fluent in Indonesian, learning how to do fieldwork, and making connections with musicians and communities across the thousands of islands in the archipelago. I travel with all my gear in a backpack, staying with musicians in their homes, going to remote villages that have never seen foreigners, and finding music that's never been heard outside of these islands. There have been lots of adventures along the way and so, so much great music.

A few notes to answer FAQ:

How do I make money?/Is this my job?: This isn't my job. For most of the time I've been doing this I was supporting myself and the project by teaching English full time. My description may have been a bit misleading, I travel often but it is not a constant thing. This is a passion project, but I don't make a living from this. I receive donations on my site occasionally, but these are forwarded to musicians. I now also do occasional work as a fixer and guide for others looking for music in Indonesia.

How did you get into this field?: To be clear, I have no academic background in ethnomusicology. I studied the traditional music called gamelan as an extracurricular in university, then decided to move to Indonesia to teach English and learn more about the gamelan that I'd fallen in love with. Since then everything I know about ethnomusicology I've figured out along the way. It's a fascinating field for anyone interested in music, but for those who want to make it their career (again, this is not my career, just a passion project!), it has the same pitfalls of any other job in academia.

Do you pay the musicians?/Aren't you exploiting them?: Yes, I always pay musicians a reasonable fee for performances that I commission. I'm not releasing whole albums of their music for free, just a track or two to get people interested, something the musicians are very much on board with. The idea is that rather than put this music on albums that won't be affordable for everyone (especially Indonesians themselves), the music is available online for everyone, especially Indonesians and people from these communities who couldn't afford a proper album.

Ask me anything :)

If you're interested, check out:

The site: Aural Archipelago

Aural Archipelago on Facebook

Instagram: @auralarchipelago

Proof: https://imgur.com/a/j75Ldii

EDIT: Okay guys, it's been fun, but it's late here in Indonesia and I've got to go to sleep. If I have time I'll try to get to the rest of the questions tomorrow. I hope those who are interested will go to the site and maybe fall in love with some of this music just as I have. If there's a particular group or artist that you like, you can leave a comment and I will relay it to the musicians, almost all of whom I'm still in touch with. Terima kasih!

submitted by /u/auralarchipelago to r/IAmA
[link] [comments]

Space Photos of the Week: Jupiter's Lightning Is Striking [Published articles]

The strikes are a lot like on Earth, but they tend to linger toward the poles.

Some Recycling Is Now Being Re-Routed To Landfills [Published articles]

"Thousands of tons of material left curbside for recycling in dozens of U.S. cities and towns -- including several in Oregon -- have gone to landfills," reports the New York Times. Slashdot reader schwit1 summarizes their report: One big reason: China has essentially shut the door to U.S. recyclables. The Times notes that about a third of recyclables gets shipped abroad, with China the biggest importer. But starting this year, China imposed strict rules on what it will accept, effectively banning most of it. That, the Times reports, has forced many recycling companies who can't find other takers to dump recyclables into landfills. "Recyclers in Canada, Australia, Britain, Germany and other parts of Europe have also scrambled to find alternatives," reports the Times, though most major U.S. cities aren't affected, and countries like India, Vietnam and Indonesia are now importing more materials. But at least some recycling companies are simply stockpiling material, "while looking for new processors, or hoping that China reconsiders its policy."

Share on Google+

Read more of this story at Slashdot.

Lawrence Lessig Criticizes Proposed 140-Year Copyright Protections [Published articles]

EqualCitizens.US reports on growing opposition to the CLASSICS Act proposed by the U.S. Congress, which grants blanket copyright protection to all audio works created before 1972, leaving some of them copyrighted until 2067. Importantly, the Act doesn't require artists or the rights holder to register for the copyright. Rather, any and all pre-1972 sound recordings would be copyrighted, greatly limiting the public's access to these works. Various organizations and scholars have responded. Equal Citizens along with a coalition of internet freedom and democracy reform organizations, is sending this letter to the Senate Judiciary Committee to urge its members to reject this Act in its entirety, or at a minimum, at least require registration of pre-1972 works. Otherwise, if the Act passes as is, famous artists and wealthy corporations will benefit greatly while the public will get absolutely nothing in return, as Professor Lawrence Lessig notes in Wired.... This act will limit access to past works and stifle creativity for new works. It would effectively remove many existing works, including some popular documentaries, podcasts, etc., from the public arena. The Coalition recommends adding a registration requirement to secure the extended copyright term, such that works that nobody claimed could be allowed to enter the public domain. As this TechCrunch report on the coalition letter explains: By having artists and rights owners register, it solves the problem for everyone. Anyone who wants to have their pre-1972 works brought into the new scheme can easily achieve that, but orphan works will enter the public domain as they ought to. "Either way," Lessig writes, "it is finally clear that the Supreme Court's prediction that the copyright owners would be satisfied with the copyright protection provided by the Sonny Bono Act turns out not to be true."

Share on Google+

Read more of this story at Slashdot.

My Line Lets Colombians Call Google Assistant [Published articles]

An anonymous reader shares a report: At one time, Google Assistant could only be found on a handful of smartphones. Today, Google Assistant is available on 500 million devices -- smartphones, smart speakers, smart watches, tablets, smart televisions, and a broad range of home appliances and cars. But what about the billions of people in the world who still don't have a smartphone? Enter My Line, a phone number you can call to ask Google Assistant questions in parts of Colombia -- without a smartphone or computer or even the internet. When a person calls 6000913, they receive a welcome greeting and invitation to ask any question. After posing a question, users may hear prompts like "Do you have more questions?" or "Feel free to hang up whenever you're done," Cainkade Studio CEO Jeremy Landis told VentureBeat in a phone interview.

Share on Google+

Read more of this story at Slashdot.

The damage from Atlanta’s huge cyberattack is even worse than the city first thought [Published articles]

More than two months after a cyberattack hobbled many of its critical municipal systems, the city of Atlanta is still sorting through the wreckage of what is likely the worst cyberattack targeting a U.S. city to date.

On March 22, Atlanta’s connected systems city-wide were hit with a ransomware message locking their respective files and demanding an approximately $50,000 payment in bitcoin (the price has fluctuated since). The ransomware is believed to be from the group known as SamSam, which has been operating and executing similar attacks since at least 2015.

In the days following the March 22 incident, Atlanta residents were unable to do simple city system-dependent tasks like paying parking tickets or utility bills. City employees didn’t get the all-clear to turn on their computers until five days later and many city systems still have not recovered.

On Wednesday during a budget meeting, Daphne Rackley, Atlanta’s Interim Chief Information Officer and head of Atlanta Information Management, disclosed new details about the extent of the damage. As Reuters reports, at least one third of the 424 software programs that the city runs remain offline or partially inoperable. Almost 30 percent of those programs are deemed “mission critical” by the city meaning that they control crucial city services like the court system and law enforcement. In the meeting, Rackley explained that the city initially believed only 20 percent of the city’s software programs to be affected by the attack, none of which affected critical systems.

While reporting the updated numbers, Rackley estimated that $9.5 million would need to be added to the department’s $35 million budget to address the remaining damage. That amount is on top of the more than two million dollars in emergency procurements sought by Atlanta Information Management following the attack.

TechCrunch has reached out to Atlanta Information Management about how that additional $9.5 million for recovery from the attack would be allocated and will update if we learn further details. Earlier this week, Atlanta’s Police Chief disclosed that the cyberattack destroyed “years” worth of police dash cam video footage.

Atlanta has been regarded as a frontrunner for Amazon’s second headquarters in some analyses, though it’s not immediately clear how the cyberattack will affect the city’s odds.

Edward Snowden: 'The People Are Still Powerless, But Now They're Aware' [Published articles]

Edward Snowden has no regrets five years on from leaking the biggest cache of top-secret documents in history. He is wanted by the US. He is in exile in Russia. But he is satisfied with the way his revelations of mass surveillance have rocked governments, intelligence agencies and major internet companies. From a report Snowden, weighing up the changes, said some privacy campaigners had expressed disappointment with how things have developed, but he did not share it. "People say nothing has changed: that there is still mass surveillance. That is not how you measure change. Look back before 2013 and look at what has happened since. Everything changed." The most important change, he said, was public awareness. "The government and corporate sector preyed on our ignorance. But now we know. People are aware now. People are still powerless to stop it but we are trying. The revelations made the fight more even."

Share on Google+

Read more of this story at Slashdot.

NASA Extends Juno Jupiter Mission By Three Years [Published articles]

The Juno spacecraft currently orbiting Jupiter was supposed to end its mission by crashing into the gas giant next month. Not anymore! From a report: It turns out the scientific mission will be extended through at least 2021 so it can meet its goals, as Business Insider first reported yesterday. This will delay the probe's dramatic demise for at least a few years. "NASA has approved Juno to continue through 2022 to finish all of our originally planned science," Scott Bolton, Juno's principle investigator from the Southwest Research Institute, told Gizmodo in an email. "The orbits are longer than planned, and that is why Juno needs more time to gather our planned scientific measurements." Juno departed Earth for Jupiter in 2011 and arrived at the gas giant on July 4, 2016. Since then, it's sent back a host of valuable data that has revealed new insights into Jupiter, like the depth of the red spot, three-dimensional views of the gas below its surface, and how its auroras work.

Share on Google+

Read more of this story at Slashdot.

FCC has a redaction party with emails relating to mystery attack on comment system [Published articles]

You may remember the FCC explaining that in both 2014 and 2017, its comment system was briefly taken down by a denial of service attack. At least, so it says — but newly released emails show that the 2014 case was essentially fabricated, and the agency has so aggressively redacted documents relating to the 2017 incident that one suspects they’re hiding more than ordinary privileged information.

As a very quick recap: Shortly after the comment period opened for both net neutrality and the rollback of net neutrality there was a rush of activity that rendered the filing system unusable for a period of hours. This was corrected soon afterwards and the capacity of the system increased to cope with the increased traffic.

A report from Gizmodo based on more than 1,300 pages of emails obtained by watchdog group American Oversight shows that David Bray, the FCC’s chief information officer for a period encompassing both events, appears to have advanced the DDoS narrative with no real evidence or official support.

FCC says its cybersecurity measures to prevent DDoS attacks must remain secret

The 2014 event was not called an attack until much later, when Bray told reporters following the 2017 event that it was. “At the time the Chairman [i.e. Tom Wheeler] did not want to say there was a DDoS attack out of concern of copycats,” Bray wrote to a reporter at Federal News Radio. “So we accepted the punches that it somehow crashed because of volume even though actual comment volume wasn’t an issue.”

Gigi Sohn, who was Wheeler’s counsel at the time, put down this idea: “That’s just flat out false,” she told Gizmodo. “We didn’t want to say it because Bray had no hard proof that it was a DDoS attack. Just like the second time.”

And it is the second time that is most suspicious. Differing on the preferred nomenclature for a four-year-old suspicious cyber event would not be particularly damning, but Bray’s narrative of a DDoS is hard to justify with the facts we do know.

In a blog post written in response to the report, Bray explained regarding the 2017 outage:

Whether the correct phrase is denial of service or “bot swarm” or “something hammering the Application Programming Interface” (API) of the commenting system — the fact is something odd was happening in May 2017.

Bray’s analysis appears sincere, but the data he volunteers is highly circumstantial: large amounts of API requests that don’t match comment counts, for instance, or bunches of RSS requests that tie up the servers. Could it have been a malicious actor doing this? It’s possible. Could it have been bad code hammering the servers with repeated or malformed requests? Also totally possible. The FCC’s justification for calling it an attack seems to be nothing more than a hunch.

Later the FCC, via then-CIO Bray, would categorize the event as a “non-traditional DDoS attack” flooding the API interface. But beyond that it has produced so little information of any import that Congress has had to re-issue its questions in stronger words.

Representatives rip FCC Chairman Pai’s ‘lack of candor’ and double down on net neutrality questions

No official documentation of either supposed attack has appeared, nor has the FCC released any data on it, even a year later and long after the comment period has closed, improvements to the system have been made and the CIO who evaded senators’ questions departed.

But most suspicious is the extent to which the FCC redacted documents relating to the 2017 event. Having read through the trove of emails, Gizmodo concludes that “every internal conversation about the 2017 incident between FCC employees” has been redacted. Every one!

The FCC stated before that the “ongoing nature” of the threats to its systems meant it would “undermine our system’s security” to provide any details on the improvements it had made to mitigate future attacks. And Bray wrote in his post that there was no “full blown report” because the team was focused on getting the system up and running again. But there is also an FCC statement saying that “our analysis reveals” that a DDoS was the cause.

What analysis? If it’s not a “significant cyber incident,” as the FBI determined, why the secrecy? If there’s no report or significant analysis from the day — wrong or right in retrospect — what is sensitive about the emails that they have to be redacted en masse? Bray himself wrote more technical details into his post than the FCC has offered in the year since the event — was this information sent to reporters at the time? Was it redacted? Why? So little about this whole information play makes no sense.

One reasonable explanation (and just speculation, I should add) would be that the data do not support the idea of an attack, and internal discussions are an unflattering portrait of an agency doing spin work. The commitment to transparency that FCC Chairman Pai so frequently invokes is conspicuously absent in this specific case, and one has to wonder why.

The ongoing refusal to officially document or discuss what all seem to agree was an important event, whether it’s a DDoS or something else, is making the FCC look bad to just about everyone. No amount of redaction can change that.

The Original VFX Team Behind Firefly Made the Best Anniversary Video in the 'Verse [Published articles]

It’s been just over 15 years since Firefly fans were introduced to Captain Mal and the crew of the Serenity, and almost as long since those same fans began desperately waiting for the show to come back from cancellation. That’s probably really unlikely at this point, but you can dream a little with this gorgeous…


YouTube's Top Creators Are Burning Out and Breaking Down En Masse [Published articles]

Polygon reports of several prominent YouTube creators who are struggling with burnout. The cause can be attributed to "constant changes to the platform's algorithm, unhealthy obsessions with remaining relevant in a rapidly growing field and social media pressures [that] are making it almost impossible for top creators to continue creating at the pace both the platform and audience want," reports Polygon. From the report: Three weeks ago, Bobby Burns, a YouTuber with just under one million subscribers, sat down on a rock in Central Park to talk about a recent mental health episode. One week ago, Elle Mills, a creator with more than 1.2 million subscribers, uploaded a video that included vulnerable footage during a breakdown. Six days ago, Ruben "El Rubius" Gundersen, the third most popular YouTuber in the world with just under 30 million subscribers, turned on his camera to talk to his viewers about the fear of an impending breakdown and his decision to take a break from YouTube. Burns, Mills and Gundersen aren't alone. Erik "M3RKMUS1C" Phillips (four million subscribers), Benjamin "Crainer" Vestergaard (2.7 million subscribers) and other top YouTubers have either announced brief hiatuses from the platform, or discussed their own struggles with burnout, in the past month. Everyone from PewDiePie (62 million subscribers) to Jake Paul (15.2 million subscribers) have dealt with burnout. Lately, however, it seems like more of YouTube's top creators are coming forward with their mental health problems. In closing, Polygon's Julia Alexander writes: "YouTube offers no clear support system for creators, nor is it clear if the company has offered professional help to some of its top creators who've made their burnout public. Instead, YouTube's only direct reaction is a playlist dedicated to burnout and mental health. The creators are essentially working until they no longer physically can, and apologizing to their fans after believing they've failed. Polygon has reached out to YouTube for more information about services that are provided to creators. The only way to beat burnout is to take breaks. Unfortunately, for many YouTubers, those breaks are rarely planned."

Share on Google+

Read more of this story at Slashdot.