Slashdot Mirror

An anonymous reader shares a report: Last spring, long before Get Out's eventual Oscar win, the movie was released on home video with a commentary track from its writer-director. A decade ago, in the pre-streaming era, this wouldn't have been news: Back then, seemingly every movie got a commentary track, even Good Luck Chuck. Then the DVD market began to decline, and the commentary track went from a being standard-issue add-on to relative rarity. Even recent Best Picture nominees like Mad Max: Fury Road, The Wolf of Wall Street, 12 Years a Slave, and Spotlight were released sans tracks -- bad news for anyone looking for behind-the-scenes intel on Mark Ruffalo's little-Ceasar haircut.

In the last few years, though, several high-profile films -- everything from Star Wars: The Last Jedi to Lady Bird to Get Out -- have been released with commentary tracks. That means you can spend your umpteenth viewing of Peele's film listening to him talk about how he modeled the opening credits on those of The Shining, or how the film's title was inspired by a routine from Eddie Murphy Delirious. For casual movie watchers, such details may not be too thrilling. But for film nerds who absorb behind-the-scenes trivia and how-we-made-it logistics, tracks like the one for Get Out remain the cheapest movie-making education available.

Google intends to launch a censored version of its Search app for China sometime in the next six to nine months, according to a leaked transcript from a private employee meeting held last month. The Intercept's Ryan Gallagher today reported the company's Search engine chief, Ben Gomes, held a meeting to congratulate a room full of employees working on the platform, dubbed Project Dragonfly. From a report: According to The Intercept, Gomes talked about the launch timeline: "While we are saying it's going to be six and nine months [to launch], the world is a very dynamic place." He goes on to point out that the current political climate makes it difficult to pinpoint a definite timeline, but indicates employees should be ready to launch whenever a "window opens." These comments come in stark contrast to public statements given recently by both Gomes and Google's chief privacy officer, Kieth Enright.

Speaking to members of Congress last month, Enright tried to skirt the issue of the Dragonfly project by playing dumb. According to Wired he didn't quite deny involvement, and in fact admitted the company had explored the idea, but simply stated Google wasn't "close to launching" the censored Search engine and that he was "not clear on the contours of what is in scope or out of scope for that project." Gomes took the soft-denial a step further when he told the BBC "Right now all we've done is some exploration, but since we don't have any plans to launch something there's nothing much I can say about it."

Google's human-sounding AI software that makes calls for you is coming to Pixel smartphones next month in select markets, like New York, Atlanta, Phoenix, and the San Francisco Bay Area. Google Duplex, as it is called, will be a feature of Google Assistant and, for now, will only be able to call restaurants without online booking systems, which are already supported by the assistant. Wired reports: A Google spokesperson told WIRED that the company now has a policy to always have the bot disclose its true nature when making calls. Duplex still retains the human-like voice and "ums," "ahs," and "umm-hmms" that struck some as spooky, though. Nick Fox, the executive who leads product and design for Google search and the company's assistant, says those interjections are necessary to make Duplex calls shorter and smoother. "The person on the other end shouldn't be thinking about how do I adjust my behavior, I should be able to do what I normally do and the system adapts to that," he says.

Fox, the Google exec leading the project, pitches Duplex as a win-win. Google users will be freed from having to make phone calls to plan their outings; restaurants without online booking systems will gain new customers. "Those businesses lose out because people say 'Unless I can book this online I'm not going to book,'" he says. Some people closer to the restaurant business worry that Duplex might make calling restaurants too easy for Google users. Gwyneth Borden, executive director of the Golden Gate Restaurant Association, a trade group for Bay Area restaurants, says people may use the technology to book multiple reservations and then flake out, or call restaurants over and over. Restaurants can opt out of receiving Duplex calls by speaking up during a call from Duplex, or through the website where businesses can manage listing information shown in Google's search and maps services. When calls go awry -- Fox says the "overwhelming majority" work out fine -- the software will alert an operator in a Google call center who takes over.

Scott Blew, an entrepreneur and engineer, recalled an article he'd recently read in WIRED about a new kind of film that blocked the light emitted from screens. He wondered if the same technology might work on a pair of glasses, to block the screens that seemed to be everywhere. From a report: He contacted Steelcase, the company that made the Casper screen-blocking film, and ordered a sample. Then he popped out the lenses in a pair of cheap sunglasses and replaced them with the film. Amazingly, it worked: Blew could look through the lenses and see everything -- except for screens, which turned black. Now, Blew and a small team are turning that concept into a real product. Their IRL Glasses, which launched on Kickstarter this week, block the wavelengths of light that comes from LED and LCD screens. Put them on and the TV in the sports bar seems to switch off; billboards blinking ahead seem to go blank. Within three days of launch, the project had surpassed its funding goal of $25,000.

Scott Blew, an entrepreneur and engineer, recalled an article he'd recently read in WIRED about a new kind of film that blocked the light emitted from screens. He wondered if the same technology might work on a pair of glasses, to block the screens that seemed to be everywhere. From a report: He contacted Steelcase, the company that made the Casper screen-blocking film, and ordered a sample. Then he popped out the lenses in a pair of cheap sunglasses and replaced them with the film. Amazingly, it worked: Blew could look through the lenses and see everything -- except for screens, which turned black. Now, Blew and a small team are turning that concept into a real product. Their IRL Glasses, which launched on Kickstarter this week, block the wavelengths of light that comes from LED and LCD screens. Put them on and the TV in the sports bar seems to switch off; billboards blinking ahead seem to go blank. Within three days of launch, the project had surpassed its funding goal of $25,000.

When apps wants to access data from your smartphone's motion or light sensors, they often make that capability clear. That keeps a fitness app, say, from counting your steps without your knowledge. But a team of researchers has discovered that the rules don't apply to websites loaded in mobile browsers, which can often access an array of device sensors without any notifications or permissions whatsoever. From a report: That mobile browsers offer developers access to sensors isn't necessarily problematic on its own. It's what helps those services automatically adjust their layout, for example, when you switch your phone's orientation. And the World Wide Web Consortium standards body has codified how web applications can access sensor data. But the researchers -- Anupam Das of North Carolina State University, Gunes Acar of Princeton University, Nikita Borisov of the University of Illinois at Urbana-Champaign, and Amogh Pradeep of Northeastern University -- found that the standards allow for unfettered access to certain sensors. And sites are using it.

The researchers found that of the top 100,000 sites -- as ranked by Amazon-owned analytics company Alexa -- 3,695 incorporate scripts that tap into one or more of these accessible mobile sensors. That includes plenty of big names, including Wayfair, Priceline.com, and Kayak.

An anonymous reader shares a report: While Americans still wrangle their overgrown lawns by pushing or riding a lawnmower, many Europeans have handed off that responsibility to robots. These beefy, Roomba-like mowers loop their way around a yard, keeping grass trim and neat. To many of their users, the bots are endearing. Their owners give them names or cover them in decals of ladybugs or bumblebees. But the sentimentality only goes so far, because these blades-on-wheels have also been slicing up something other than grass: hedgehogs.

Erika Heller, a long-time hedgehog advocate with a Swiss nonprofit called Igelstation Winterthur, estimates that nearly half the hedgehogs brought to the group during the last couple years were injured by robot lawnmowers. These injuries include limb amputation, cut bellies, or even scalping. And that's not including the ones that have been killed outright. "The ones that have died we don't see, because they don't get brought here." In the United States, despite a wealth of children's toys and clothing featuring hedgehogs, the only live animals you're likely to see are in the zoo or, more controversially, kept as pets. But in Europe, wild hedgehogs are beloved. They're popular in European folklore; there's even a famous British poem about a hedgehog killed by a lawn mower.

Transatomic Power, an MIT spinout that drew wide attention and millions in funding, is shutting down almost two years after the firm backtracked on bold claims for its design of a molten-salt reactor. From a report: The company, founded in 2011, plans to announce later today that it's winding down. Transatomic had claimed its technology could generate electricity 75 times more efficiently than conventional light-water reactors, and run on their spent nuclear fuel. But in a white paper published in late 2016, it backed off the latter claim entirely and revised the 75 times figure to "more than twice," a development first reported by MIT Technology Review. Those downgrades forced the company to redesign its system. That delayed plans to develop a demonstration reactor, pushing the company behind rival upstarts like TerraPower and Terrestrial Energy, says Leslie Dewan, the company's cofounder and chief executive. The longer timeline and reduced performance advantage made it harder to raise the necessary additional funding, which was around $15 million. "We weren't able to scale up the company rapidly enough to build a reactor in a reasonable time frame," Dewan says.

An anonymous reader quotes a new Wired opinion piece by Kyle Wiens and Elizabeth Chamberlain from iFixit: A big California farmers' lobbying group just blithely signed away farmers' right to access or modify the source code of any farm equipment software. As an organization representing 2.5 million California agriculture jobs, the California Farm Bureau gave up the right to purchase repair parts without going through a dealer. Farmers can't change engine settings, can't retrofit old equipment with new features, and can't modify their tractors to meet new environmental standards on their own. Worse, the lobbyists are calling it a victory.... John Deere and friends had already made every single "concession" earlier this year...

Just after the California bill was introduced, the farm equipment manufacturers started circulating a flyer titled "Manufacturers and Dealers Support Commonsense Repair Solutions." In that document, they promised to provide manuals, guides, and other information by model year 2021. But the flyer insisted upon a distinction between a right to repair a vehicle and a right to modify software, a distinction that gets murky when software controls all of a tractor's operations. As Jason Koebler of Motherboard reported, that flyer is strikingly similar -- in some cases, identical word-for-word -- to the agreement the Farm Bureau just brokered...

Instead of presenting a unified right-to-repair front, this milquetoast agreement muddies the conversation. More worryingly, it could cement a cultural precedent for electronics manufacturers who want to block third-party repair technicians from accessing a device's software.

An anonymous reader shares a report: On a clear, warm night earlier this year, several dozen University of California, Berkeley students folded themselves into gray chairs for a three-hour class on how to think like blockchain entrepreneurs. The evening's challenge, presented by Berkeley City Councilmember Ben Bartlett, was to brainstorm how blockchain technology might be used to alleviate the city's growing homeless problem.

"We have at least 1,400 homeless people in our city, and that includes many right here at UC Berkeley," Bartlett told the class. "So how can we use blockchain to fund a new prosperity? That's a challenge I'd like you to take on." The course, taught by visiting professor and former venture capitalist Po Chi Wu, is among a growing number of classes and research initiatives on blockchain technology emerging at universities. Blockchain -- a method for creating and maintaining a global ledger of transactions that doesn't require a third-party middleman such as a bank, government or corporation -- is best known for its role in powering the virtual currency bitcoin. Applications for the technology are springing up in sectors including retail, humanitarian aid, real estate and finance. Although some analysts believe blockchain won't gain widespread adoption for another five or 10 years, companies like IBM, Facebook and Google are investing heavily in the technology -- and universities are taking note.

New York University, Georgetown and Stanford are among the institutions that offer blockchain technology courses to get students thinking about its potential uses and to better prepare them for the workforce. Job postings requiring blockchain skills ballooned by 200 percent in the first five months of this year, compared with the same period a year earlier, though they remain less than 1 percent of software development jobs, according to the research firm Burning Glass Technologies. Universities including MIT, Cornell, and Columbia are launching labs and research centers to explore the technology and its policy implications and seed the development of rigorous curricula on the topic.

In a series of three recent papers, astronomers have identified the final chunks of all the ordinary matter in the universe. From a report: And despite the fact that it took so long to identify it all, researchers spotted it right where they had expected it to be all along: in extensive tendrils of hot gas that span the otherwise empty chasms between galaxies, more properly known as the warm-hot intergalactic medium, or WHIM. Early indications that there might be extensive spans of effectively invisible gas between galaxies came from computer simulations done in 1998. "We wanted to see what was happening to all the gas in the universe," said Jeremiah Ostriker, a cosmologist at Princeton University who constructed one of those simulations along with his colleague Renyue Cen. The two ran simulations of gas movements in the universe acted on by gravity, light, supernova explosions and all the forces that move matter in space. "We concluded that the gas will accumulate in filaments that should be detectable," he said.

Except they weren't -- not yet. "It was clear from the early days of cosmological simulations that many of the baryons would be in a hot, diffuse form -- not in galaxies," said Ian McCarthy, an astrophysicist at Liverpool John Moores University. Astronomers expected these hot baryons to conform to a cosmic superstructure, one made of invisible dark matter, that spanned the immense voids between galaxies. The gravitational force of the dark matter would pull gas toward it and heat the gas up to millions of degrees. Unfortunately, hot, diffuse gas is extremely difficult to find. To spot the hidden filaments, two independent teams of researchers searched for precise distortions in the CMB, the afterglow of the Big Bang. As that light from the early universe streams across the cosmos, it can be affected by the regions that it's passing through. In particular, the electrons in hot, ionized gas (such as the WHIM) should interact with photons from the CMB in a way that imparts some additional energy to those photons. The CMB's spectrum should get distorted. Unfortunately the best maps of the CMB (provided by the Planck satellite) showed no such distortions. Either the gas wasn't there, or the effect was too subtle to show up. But the two teams of researchers were determined to make them visible. From increasingly detailed computer simulations of the universe, they knew that gas should stretch between massive galaxies like cobwebs across a windowsill. Planck wasn't able to see the gas between any single pair of galaxies. So the researchers figured out a way to multiply the faint signal by a million.

Traditional international aid programs typically offer some combination of clean water, livestock, textbooks, and nutritional supplements. A new study funded by Google.org and the US Agency for International Development asks whether the poor would benefit more if they were given cash and free to spend the money as they see fit. Wired: Researchers had two goals: compare an established program to combat childhood malnutrition with giving people the equivalent value ($117 per month) in cash, and compare the cash equivalent to a much larger sum, $532 per month. After a year, results [PDF] released Thursday found that found that neither the established program nor its cash equivalent were able to improve child health, but the large cash transfers significantly improved people's health and financial standing. On the surface, that's not surprising. Of course giving people more than four times as much money gives them access to better nutrition. But the study's co-author Andrew Zeitlin, a professor from Georgetown, says the idea was to provide benchmarks for future programs; it's not unusual for nutritional aid programs to cost $500 or even $800 per month, he says.

The traditional malnutrition program, called Gikuriro, was funded by USAID and administered by Catholic Relief Services. It combined help with water, sanitation, and hygiene with training on nutrition, some small livestock and seeds, and guidance on financial habits like saving. The study focused on households with children under the age of 5 and women of reproductive age, with an emphasis on the first 1,000 days of the child's life. The results indicate that Gikuriro helped recipients increase their savings and increased overall health knowledge and vaccination rates in villages, two of the program's goals. However, neither the malnutrition program nor its cash equivalent led to a more diverse diet, or improved child health, as measured by height and weight. The larger cash transfer, on the other hand, led to improvements in food diversity, a drop in child mortality, an increase in household wealth, and improvements in child health measurements, as well as improvements in village vaccination rates.

The Weather Channel's 3-D, room-encompassing depiction of the Hurricane Florence storm surge took many by surprise on Friday (Second video). It doesn't tell, it shows, more bracingly than you'd think would be possible on a meteorological update, writes Wired. Here's how they did it. CNET: In one video, meteorologist Erika Navarro demonstrates what a progressive storm surge would mean at a human level. (Storm surge is simply the "abnormal rise of water generated by a storm" that is "produced by water being pushed toward the shore by the force of the winds," according to the National Hurricane Center.) "Storm surge is going to be potentially life-threatening for some areas along the US coastline," Navarro says. Then she demonstrates what's described as a "reasonable, worst-case scenario for areas along North Carolina." Here's where the video gets heart-in-throat scary. As Navarro stands and speaks, the weather maps behind her dissolve away, and she is shown standing in a computer-generated neighborhood. The CGI water rises behind her, setting a red car afloat and flooding homes.

[...] The Weather Channel has been using augmented reality since 2015. This year, it partnered with content and technology provider The Future Group and its impressive Immersive Mixed Reality technology, which uses Unreal Engine software. The tech debuted on TWC in June, when meteorologist Jim Cantore used it to walk viewers through what would happen if a tornado hit the channel's own studios. A demo showing the power of lightning followed in July. Reaction to the hurricane explainer has been overwhelmingly positive, said Michael Potts, Weather Channel's vice president of design. "It was created to evoke an automatic visceral reaction, to imagine that this could be real," Potts said. "And people are sharing it with friends and family as a warning tool. The amount of engagement across all of our platforms has been some of the highest we've ever seen." The neighborhood Navarro is standing in looks real, but it's all virtual graphics created in a new green-screen studio built at the channel's Atlanta headquarters. "All the graphics you see, from the cars, the street, the houses and the entire neighborhood are created using the Unreal Engine -- they are not real," Potts says. "The circle she is standing in is the presentation area, it's a 'safe' space that is not affected by the weather. ... The maps and data are all real-time and the atmospheric conditions are driven by the forecast." More on this here.

An anonymous reader quotes a report from The Verge: Researchers at KU Leuven have figured out a way to spoof Tesla's key fob system, as first reported by Wired. The result would let an attacker steal a Tesla simply by walking past the owner and cloning his key. The attack is particularly significant because Tesla pioneered the keyless entry concept, which has since spread to most luxury cars. This particular attack seems to have only worked on Model S units shipped before June, and in an update last week, Tesla pushed out an update that strengthened the encryption for the remaining vehicles. More importantly, the company added the option to require a PIN password before the car will start, effectively adding two-factor to your car. Tesla owners can add the PIN by disabling Passive Entry in the "Doors & Locks" section of "Settings."

The attack itself is fairly involved. Because of the back-and-forth protocol, attackers would first have to sniff out the car's Radio ID (broadcast from the car at all times), then relay that ID broadcast to a victim's key fob and listen for the response, typically from within three feet of the fob. If they can do that back-and-forth twice, the research team found they can work back to the secret key powering the fob's responses, letting them unlock the car and start the engine.

As Chrome looks ahead to its next 10 years, the team is mulling its most controversial initiative yet: fundamentally rethinking URLs across the web. From a report: Uniform Resource Locators are the familiar web addresses you use everyday. They are listed in the web's DNS address book and direct browsers to the right Internet Protocol addresses that identify and differentiate web servers. In short, you navigate to WIRED.com to read WIRED so you don't have to manage complicated routing protocols and strings of numbers. But over time, URLs have gotten more and more difficult to read and understand. The resulting opacity has been a boon for cyber criminals who build malicious sites to exploit the confusion. They impersonate legitimate institutions, launch phishing schemes, hawk malicious downloads, and run phony web services -- all because it's difficult for web users to keep track of who they're dealing with. Now, the Chrome team says it's time for a massive change.

"People have a really hard time understanding URLs," says Adrienne Porter Felt, Chrome's engineering Manager. "They're hard to read, it's hard to know which part of them is supposed to be trusted, and in general I don't think URLs are working as a good way to convey site identity. So we want to move toward a place where web identity is understandable by everyone -- they know who they're talking to when they're using a website and they can reason about whether they can trust them. But this will mean big changes in how and when Chrome displays URLs. We want to challenge how URLs should be displayed and question it as we're figuring out the right way to convey identity."

If you're having a tough time thinking of what could possibly be used in place of URLs, you're not alone. Academics have considered options over the years, but the problem doesn't have an easy answer. Porter Felt and her colleague Justin Schuh, Chrome's principal engineer, say that even the Chrome team itself is still divided on the best solution to propose. And the group won't offer any examples at this point of the types of schemes they are considering. The focus right now, they say, is on identifying all the ways people use URLs to try to find an alternative that will enhance security and identity integrity on the web while also adding convenience for everyday tasks like sharing links on mobile devices.

Blackouts are common in the Lebanese capital, forcing energy consumers to pay whoever can get them power. Wired looked at how the residents of Beirut keep their lights on -- and their gadgets charged -- in the face of the rolling blackouts. From the report: Electrical power here does not come without concerted exertion or personal sacrifice. Gas-powered generators and their operators fill the void created by a strained electric grid. Most people in Lebanon, in turn, are often stuck with two bills, and sometimes get creative to keep their personal devices -- laptops, cell phones, tablets, smart watches -- from going dead. Meanwhile, as citizens scramble to keep their inanimate objects alive, the local authorities are complicit in this patchwork arrangement, taking payments from the gray-market generator operators and perpetuating a nation's struggle to stay wired.

Lebanon has been a glimmering country ever since the 15-year civil war began in 1975, and the reverberations from that conflict persist. These days there is only one city, Zahle, with electricity 24/7. Computer banks in schools and large air conditioners pumping out chills strain the grid, and daily state-mandated power cuts run from at least three hours to 12 hours or more. Families endure power outages mid-cooking, mid-washing, mid-Netflix binging. Residents rely on mobile phone apps to track the time of day the power will be cut, as it shifts between three-hour windows in the morning and afternoon, rotating throughout the week.

Once called the Paris of the Middle East, sometimes the region's Sin City, Beirut's supplementary power needs are effectively under the control of what is known here as the generator mafia: a loose conglomerate of generator owners and landlords who supply a great deal of the country's power. This group is indirectly responsible for the Wi-Fi, which makes possible any number of WhatsApp conversations -- an indispensable lifeline for the country's refugees, foreign aid workers, and journalists and locals alike.

Were the creators of Facebook and Twitter oblivious to how social networks could be abused? "I struggle to believe that these brilliant product CEOs, who have created social media services used by millions of people worldwide, are actually naive," writes Ellen Pao, the former CEO of Reddit. "It's a lot more likely that they simply don't care." [S]ocial media companies and the leaders who run them are rewarded for focusing on reach and engagement, not for positive impact or for protecting subsets of users from harm. They're rewarded for keeping costs down, which encourages the free-for-all, anything-goes approach misnomered "free speech." If they don't need to monitor their platforms, they don't need to come up with real policies -- and avoid paying for all the people and tools required to implement them....

In the earliest days, it wasn't always obvious what these platforms were doing and what they would become -- even to insiders. But at a certain point, it became clear that money was the driving factor, and dopamine- or rage-induced interactions meant more money.... CEOs should just forget about hiding behind "naivete" and "free speech," and instead remind themselves they can take actions that will meaningfully change the direction of the future. The first step is acknowledging the problem... You've solved for increasing engagement; now it's time to make real, positive interactions a priority.
The next time a CEO claims ignorance, "we must hold them accountable," the essay argues, complaining that right now there's a vacuum of leadership.

So instead, "Everyone's holding hands on the road to hell."

An anonymous reader quotes a report from Motherboard: After more than a decade of headlines about the vulnerability of U.S. voting machines to hacking, it turns out the federal government says it may not be able to prosecute election hacking under the federal law that currently governs computer intrusions. Per a Justice Department report issued in July from the Attorney General's Cyber Digital Task Force, electronic voting machines may not qualify as "protected computers" under the Computer Fraud and Abuse Act, the 1986 law that prohibits unauthorized access to protected computers and networks or access that exceeds authorization (such as an insider breach).

The report says the law generally only prohibits against hacking computers "that are connected to the Internet (or that meet other narrow criteria for protection)" and notes that voting machines generally do not meet this criteria "as they are typically kept off the Internet." Consequently, "should hacking of a voting machine occur, the government would not, in many conceivable circumstances, be able to use the CFAA to prosecute the hackers." Aside from the fact that the assertion about voting machines not being connected is incorrect -- many voting machines are connected in that they use cellular and landline modems that connect with cell towers and backend telecom networks to transmit results on election night -- the government's assertion that the CFAA applies only to connected machines is news to legal experts.

Thousands of people moved to let China build and protect Five-Hundred-Meter Aperture Spherical Radio Telescope (FAST), the world's largest telescope. And then the government drew in orders of magnitude more tourists, potentially undercutting its own science in an attempt to promote it. An excerpt: During the four-day Radio Astronomy Forum, Stierwalt and the other astronomers did, finally, get to see the actual telescope, taking a bus up a tight, tortuous road through the karst between town and telescope. As soon as they arrived on site, they were instructed to shut down their phones to protect the instrument from the radio frequency interference. But not even these astronomers, who want pristine FAST data for themselves, could resist pressing that capture button. "Our sweet, sweet tour guide continually reminded us to please turn off our phones," says Stierwalt, "but we all kept taking pictures and sneaking them out because no one really seemed to care." Come on: It's the world's largest telescope.

Maybe their minder stayed lax because a burst here or there wouldn't make much of a difference in those early days. The number of regular tourists allowed at the site all day is capped at 3,000, to limit RFI, and they have to put their phones in lockers before they go see the dish. Krco says the site bumps up against the visitor limit most days. But tourism and development are complicated for a sensitive scientific instrument. Within three miles of the telescope, the government passed legislation establishing a "radio-quiet zone," where RFI-emitting devices are severely restricted. No one (not cellular providers or radio broadcasters) can get a transmitting license, and people entering the facility itself will have their electronics confiscated.

The research arm of Y Combinator plans to begin a study on universal basic income next year in which it will give unconditional cash payments to 3,000 participants. From a report: The test is partially intended to see if receiving routine payments will quell anxieties around losing jobs to automation. As Wired reports, the study will be called "Making Ends Meet." Under the plan, a thousand people would get $1,000 per month and the other 2,000 would get $50 per month to serve as a control group. Some of the participants would receive monthly payments for three years and some would get paid every month for five years. Sam Altman, CEO of Y Combinator, a highly successful startup accelerator that helped give rise to companies like Dropbox, Airbnb, and Reddit, announced the company's plans to research universal basic income -- or as he put it, "giving people enough money to live on with no strings attached" -- in a January 2016 blog post. Altman explained his belief that universal basic income will eventually be implemented across the nation as more jobs are automated and "massive new wealth gets created."

One key lesson from the recent T-Mobile and several other breaches: our phone numbers, that serve as a means to identity and verify ourselves, are increasingly getting targeted, and the companies are neither showing an appetite to work on an alternative identity management system, nor are they introducing more safeguards to how phone numbers are handled and exchanged. From a report: Identity management experts have warned for years about over-reliance on phone numbers. But the United States doesn't offer any type of universal ID, which means private institutions and even the federal government itself have had to improvise. As cell phones proliferated, and phone numbers became more reliably attached to individuals long term, it was an obvious choice to start collecting those numbers even more consistently as a type of ID. But over time, SMS messages, biometric scanners, encrypted apps, and other special functions of smartphones have evolved into forms of authentication as well.

"The bottom line is society needs identifiers," says Jeremy Grant, coordinator of the Better Identity Coalition, an industry collaboration that includes Visa, Bank of America, Aetna, and Symantec. "We just have to make sure that knowledge of an identifier can't be used to somehow take over the authenticator. And a phone number is only an identifier; in most cases, it's public." Think of your usernames and passwords. The former are generally public knowledge; it's how people know who you are. But you keep the latter guarded, because it's how you prove who you are.

The use of phone numbers as both lock and key has led to the rise, in recent years, of so-called SIM swapping attacks, in which an attacker steals your phone number. When you add two-factor authentication to an account and receive your codes through SMS texts, they go to the attacker instead, along with any calls and texts intended for the victim. Sometimes attackers even use inside sources at carriers who will transfer numbers for them.

At the Usenix Security conference this week, a group of Princeton University security researchers will present a study that considers a little-examined question in power grid cybersecurity: What if hackers attacked not the supply side of the power grid, but the demand side? From a report: In a series of simulations, the researchers imagined what might happen if hackers controlled a botnet composed of thousands of silently hacked consumer internet of things devices, particularly power-hungry ones like air conditioners, water heaters, and space heaters. Then they ran a series of software simulations to see how many of those devices an attacker would need to simultaneously hijack to disrupt the stability of the power grid. Their answers point to a disturbing, if not quite yet practical scenario: In a power network large enough to serve an area of 38 million people -- a population roughly equal to Canada or California -- the researchers estimate that just a one percent bump in demand might be enough to take down the majority of the grid. That demand increase could be created by a botnet as small as a few tens of thousands of hacked electric water heaters or a couple hundred thousand air conditioners. "Power grids are stable as long as supply is equal to demand," says Saleh Soltan, a researcher in Princeton's Department of Electrical Engineering, who led the study. "If you have a very large botnet of IoT devices, you can really manipulate the demand, changing it abruptly, any time you want."

At the DefCon hacking conference on Friday, Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadt's former PhD student and now an assistant professor at George Washington University, presented a number of studies they've conducted using machine learning techniques to de-anonymize the authors of code samples. "Their work could be useful in a plagiarism dispute, for instance, but it could also have privacy implications, especially for the thousands of developers who contribute open source code to the world," reports Wired. From the report: First, the algorithm they designed identifies all the features found in a selection of code samples. That's a lot of different characteristics. Think of every aspect that exists in natural language: There's the words you choose, which way you put them together, sentence length, and so on. Greenstadt and Caliskan then narrowed the features to only include the ones that actually distinguish developers from each other, trimming the list from hundreds of thousands to around 50 or so. The researchers don't rely on low-level features, like how code was formatted. Instead, they create "abstract syntax trees," which reflect code's underlying structure, rather than its arbitrary components. Their technique is akin to prioritizing someone's sentence structure, instead of whether they indent each line in a paragraph.

The method also requires examples of someone's work to teach an algorithm to know when it spots another one of their code samples. If a random GitHub account pops up and publishes a code fragment, Greenstadt and Caliskan wouldn't necessarily be able to identify the person behind it, because they only have one sample to work with. (They could possibly tell that it was a developer they hadn't seen before.) Greenstadt and Caliskan, however, don't need your life's work to attribute code to you. It only takes a few short samples.

An anonymous reader quotes a report from Wired: The connected devices you think about the least are sometimes the most insecure. That's the takeaway from new research to be presented at the DefCon hacking conference Friday by Ricky Lawshae, an offensive security researcher at Trend Micro. Lawshae discovered over two dozen vulnerabilities in Crestron devices used by corporations, airports, sports stadiums, and local governments across the country. While Crestron has released a patch to fix the issues, some of the weaknesses allowed for hackers to theoretically turn the Crestron Android touch panels used in offices and hotel rooms into spy devices.

Lawshae quickly noticed that these devices have security authentication protections disabled by default. For the most part, the Crestron devices Lawshae analyzed are designed to be installed and configured by third-party technicians, meaning an IT engineer needs to voluntarily turn on security protections. The people who actually use Crestron's devices after they're installed might not even know such protections exist, let alone how crucial they are. Crestron devices do have special engineering backdoor accounts which are password-protected. But the company ships its devices with the algorithm that is used to generate the passwords in the first place. That information can be used by non-privileged users to reverse engineer the password itself, a vulnerability simultaneously identified by both Lawshae and Jackson Thuraisamy, a vulnerability researcher at Security Compass. There were also over two dozen other vulnerabilities that could be exploited to do things like transform them into listening devices. In addition to being able to remotely record audio via the microphones to a downloadable file, Lawshae was also able to remotely stream video from the webcam and open a browser and display a webpage to an unsuspecting room full of meeting attendees. "Crestron has issued a fix for the vulnerabilities, and firmware updates are now available," reports Wired.

Security meltdowns on your smartphone are often self-inflicted: You clicked the wrong link, or installed the wrong app. But for millions of Android devices, the vulnerabilities have been baked in ahead of time, deep in the firmware, just waiting to be exploited. Who put them there? Some combination of the manufacturer that made it, and the carrier that sold it to you. From a report: That's the key finding of new analysis from mobile security firm Kryptowire, which details troubling bugs preloaded into 10 devices sold across the major US carriers. Kryptowire CEO Angelos Stavrou and director of research Ryan Johnson will present their research, funded by the Department of Homeland Security, at the Black Hat security conference Friday. The potential outcomes of the vulnerabilities range in severity, from being able to lock someone out of their device to gaining surreptitious access to its microphone and other functions. They all share one common trait, though: They didn't have to be there. [...] "The problem is not going to go away, because a lot of the people in the supply chain want to be able to add their own applications, customize, add their own code. That increases the attack surface, and increases the probability of software error," Stavrou says. "They're exposing the end user to exploits that the end user is not able to respond to." Security researchers found 38 different vulnerabilities that can allow for spying and factory resets loaded onto 25 Android phones. That includes devices from Asus, ZTE, LG and the Essential Phone, which are distributed by carriers like Verizon or AT&T.

The processor that makes your laptop or cell phone work was fabricated using quartz from this obscure Appalachian backwater. From a report: Alex Glover is a recently retired geologist who has spent decades hunting for valuable minerals in the hillsides and hollows of the Appalachian Mountains that surround Spruce Pine, North Carolina. Spruce Pine is not a wealthy place. Its downtown consists of a somnambulant train station across the street from a couple of blocks of two-story brick buildings, including a long-closed movie theater and several empty storefronts. The wooded mountains surrounding it, though, are rich in all kinds of desirable rocks, some valued for their industrial uses, some for their pure prettiness. But it's the mineral in Glover's bag -- snowy white grains, soft as powdered sugar -- that is by far the most important these days. It's quartz, but not just any quartz. Spruce Pine, it turns out, is the source of the purest natural quartz -- a species of pristine sand -- ever found on Earth.

This ultra-elite deposit of silicon dioxide particles plays a key role in manufacturing the silicon used to make computer chips. In fact, there's an excellent chance the chip that makes your laptop or cell phone work was made using sand from this obscure Appalachian backwater. "It's a billion-dollar industry here," Glover says with a hooting laugh. "Can't tell by driving through here. You'd never know it." In the 21st century, sand has become more important than ever, and in more ways than ever. Most of the world's sand grains are composed of quartz, which is a form of silicon dioxide, also known as silica. High-purity silicon dioxide particles are the essential raw materials from which we make computer chips, fiber-optic cables, and other high-tech hardware -- the physical components on which the virtual world runs.

For decades Mars has teased scientists with whispers of water's presence. Now they have some solid evidence. From a report: The Italian Space Agency announced Wednesday that researchers have detected signs of a large, stable body of liquid water locked away beneath a mile of ice near Mars' south pole. The observations were recorded by the Mars Advanced Radar for Subsurface and Ionosphere Sounding instrument -- Marsis for short. "Marsis was born to make this kind of discovery, and now it has," says Roberto Orosei, a radioastronomer at the National Institute for Astrophysics, who led the investigation. His team's findings, which appear in this week's issue of Science, raise tantalizing questions about the planet's geology -- and its potential for harboring life. CNN elaborates: Between May 2012 and December 2015, MARSIS was used to survey the Planum Australe region, which is in the southern ice cap of Mars. It sent radar pulses through the surface and polar ice caps and measured how the radio waves reflected back to Mars Express. Those pulses reflected 29 sets of radar samples that created a map of drastic change in signal almost a mile below the surface. It stretched about 12.5 miles across and looked very similar to lakes that are found beneath Greenland and Antarctic ice sheets on Earth. The radar reflected the feature's brightness, signaling that it's water. "We interpret this feature as a stable body of liquid water on Mars," the authors wrote in the study.

A host of companies believe the better way to connect the estimated half of Earth's population that's still offline is to launch "constellations" of smaller satellites into low Earth orbit, around 100 to 1,250 miles above our planet. According to emails from the Federal Communications Commission, which Wired obtained by filing a Freedom of Information Act request, Facebook is officially one such company. From the report: The emails show that the social network wants to launch Athena, its very own internet satellite, in early 2019. The new device is designed to "efficiently provide broadband access to unserved and underserved areas throughout the world," according to an application the social network appears to have filed with the FCC under the name PointView Tech LLC. With the filing, Facebook joins Elon Musk's SpaceX and Softbank-backed OneWeb, two well-funded organizations working on similar projects. In fact, SpaceX launched the first two of what it hopes will be thousands of its Starlink satellites just this past February. The emails, which date back to July 2016, and subsequent confirmation from Facebook, confirm a story published in May by IEEE Spectrum, which used public records to speculate that Facebook had started a satellite internet project.

Facebook has always nudged truant users back to its platform though emails and notifications. But recently, those prods have evolved beyond comments related to activity on your own profile. From a report: Now Facebook will nag you when an acquaintance comments on someone else's photo, or when a distant family member updates their status. The spamming has even extended to those who sign up for two-factor authentication -- which is a great way to turn people off to that extra layer of security. "The part of it that bugs me is that two-factor authentication is something [Facebook] should be encouraging people to use, but instead the way this is working here is that they're driving people away from two-factor and making people less secure," says Matt Green, a professor at the Johns Hopkins University Information Security Institute, who has done contracted security work for Facebook in the past.

"It's abusive, people's attention is deliberately tweaked by what looks like a two-factor authentication message." Green says he's received near-daily SMS messages from Facebook since January alerting him that one of his friends performed some action on the platform. Before he started receiving the messages, Green says he hadn't logged into Facebook for a long time and had actually forgotten his password. The weirdest part about the SMS notifications is what happens if you reply to them. If you respond, your message is posted to your own profile. Further reading: Facebook Really Wants You To Come Back, Facebook Is Spamming Users Via Their 2FA Phone Numbers, and Facebook Makes Moves On Instagram's Users.

An anonymous reader shares a report: Inside a sealed clean room near Toulouse, France, Maurice Sylvestre points out something called SuperCam. Sylvestre is outfitted in Tyvex and hairnets, necessary to keep out dust, skin particles, and dirt that could mar the super-smooth surface of his device. SuperCam sits underneath a ventilator hood, glimmering inside a golden-metallic housing. The device is designed to scan the Martian surface with a camera, laser, and spectrometer in hopes of finding organic compounds that could be related to early life on Mars. In two years, this 12-pound, microwave oven-sized unit will blast off as part of the Mars 2020 mission, a spacecraft/lander/rover combo by NASA and its partners that will replace the long-serving Curiosity mission.

Sylvestre is a planetary scientist at France's Institute for Research and Planetary Astronomy, and deputy principal investigator for SuperCam. But he's an international collaborator: Over the years, he's worked on missions to Saturn, the moon, and Mars with NASA colleagues. Sylvestre's lab is currently building an instrument similar to SuperCam that will fly to Mercury on the European-Japanese BepiColombo mission, as well as one called Eclair that is part of a joint French-Chinese satellite. Notably, that makes him one of a small number of planetary scientists who are working with China to boost their science, while doing his best to keep Western technology from getting pilfered. It's a tightrope that not everyone is willing to walk. "We are careful what we are doing," Sylvestre says.

"We understand the security issues. We understand that we should be careful and not be too naive. But at the same time I feel the idea of planetary exploration is for everyone." Working with both NASA and China may seem like a contradiction, or even a conflict. The two superpowers are butting heads on trade, military, and cybersecurity issues. Congress has banned NASA officials and NASA money from going to China. That might be because of a recent history of Chinese espionage targeting US military, aerospace, and technological secrets.

Mehedi Hassan, writing for Thurrott: Microsoft is bringing support for leap seconds -- yes, that one extra second -- to Windows, starting with Windows 10 Redstone 5 and Windows Server 2019. With the upcoming updates for Windows 10, Microsoft's operating system now deals with leap seconds in a way that is incredibly accurate, UTC-compliant, and traceable. Leap seconds typically occur every 18 months, resulting in one extra second. The extra leap second occurs to adjust with the earth's slowed down rotation, and an extra second is added to UTC in order to keep it in-sync with mean solar time. To deal with the extra second more appropriately, Windows 10 will now display that extra second, instead of directly jumping to the next one. H/T Perfycat who adds: The new move makes Windows Server the first OS to have full support of the rare but valid timestamp of: 23:59:60. Linus Torvalds has long maintained that users needs to chill out about leap seconds. Further reading: Microsoft's blog post 1, and blog post 2.

Longtime Slashdot reader theodp writes: In Valley of Genius: The Uncensored History of Silicon Valley (As Told by the Hackers, Founders, and Freaks Who Made It Boom), Adam Fisher paints quite a different picture of life at now-workforce behavior preachers Google and Facebook, revealing that the tech giants' formative days were filled with the kind of antics that run afoul of HR protocols. Google was not a normal place, begins an excerpt in Vanity Fair that includes some juicy quotes attributed to Google executive chef Charlie Ayers about Google's founders ("Sergey's the Google playboy. He was known for getting his fingers caught in the cookie jar with employees that worked for the company in the masseuse room. He got around.") And in Sex, Beer, and Coding, Wired runs an excerpt about Facebook's wild early days, which even extended to the artwork gracing its office ("The office was on the second floor, so as you walk in you immediately have to walk up some stairs, and on the big 10-foot-high wall facing you is just this huge buxom woman with enormous breasts wearing this Mad Max-style costume riding a bulldog. It's the most intimidating, totally inappropriate thing. [...] That set a tone for us. A huge-breasted warrior woman riding a bulldog is the first thing you see as you come in the office, so like, get ready for that!" So, what changed? "When Sheryl Sandberg joined the company is when I saw a vast shift in everything in the company," said Ayers about Google. Sandberg later became Facebook's grown-up face.

Security researcher Patrick Wardle helped Apple fix a bug that would crash apps displaying the word "Taiwan" or the Taiwanese flag emoji. Some iPhones could be remotely crashed by something as simple as receiving a text message with the Taiwanese flag. Apple confirmed the fix in a security update Monday. Wired reports: "Basically Apple added some code to iOS with the goal that phones in China wouldn't display a Taiwanese flag," Wardle says, "and there was a bug in that code." Since at least early 2017, iOS has included that Chinese censorship function: Switch your iPhone's location setting to China, and the Taiwanese flag emoji essentially disappears from your phone, evaporating from its library of emojis and appearing as a "missing" emoji in any text that appears on the screen. That code likely represents a favor from Apple to the Chinese government, which for the last 70 years has maintained that Taiwan is a part of China and has no legitimate independent government.

But Wardle found that in some edge cases, a bug in the Taiwan-censorship code meant that instead of treating the Taiwan emoji as missing from the phone's library, it instead considered it an invalid input. That caused phones to crash altogether, resulting in what hackers call a "denial of service" attack that would let anyone crash a vulnerable device on command. Wardle's still not sure how many devices are affected, or what caused that bug to be triggered only in some iOS devices and not others, but he believes it has something to do with the phone's location and language settings. Wardle has more details of the bug on his blog.

Victorien Erussard, an experienced ocean racer from the city of Saint-Malo in the north of France, was halfway through a dash across the Atlantic when he lost all power. Never again, he thought. "I came up with the idea to create a ship that uses different sources of energy," he says. The plan was bolstered by the pollution-happy cargo ships he saw while crossing the oceans. "These are a threat to humanity because they use heavy fuel oil." Five years on, that idea has taken physical form in the Energy Observer, a catamaran that runs on renewables. From a report: In a mission reminiscent of the Solar Impulse 2, the solar-powered plane that Bertrand Picard and Andre Borschberg flew around the world a few years back, Erussard and teammate Jerome Delafosse are planning to sail around the planet, without using any fossil fuel. Instead, they'll make the fuel they need from sea water, the wind, and the sun.

The Energy Observer started life as a racing boat but now would make a decent space battle cruiser prop in a movie. Almost every horizontal surface on the white catamaran is covered with solar panels (1,400 square feet of them in all), which curve gently to fit the aerodynamic contours. Some, on a suspended deck that extends to the sides of the vessel, are bi-facial panels, generating power from direct sunlight as well as light reflected off the water below. The rear is flanked by two vertical, egg whisk-style wind turbines, which add to the power production. Propulsion comes from two electric motors, driven by all that generated electrical energy, but it's the way that's stored that's clever. The Energy Observer uses just 106-kWh (about equivalent to a top-end Tesla) of batteries, for immediate, buffer, storage and energy demands. It stores the bulk of the excess electricity generated when the sun is shining or the wind is blowing as hydrogen gas.

A new card specification has been announced by the SD Association that should let you store your entire media collection on one SD card. Technically speaking, the new card specification should increase maximum storage on SD cards to 128 terabytes with faster transfer speeds of 985 megabytes per second. The Verge reports: Right now the maximum storage space on an SD card is 2TB, and that limit was promised as far back as 2009, but still hasn't been reached. In 2016, SanDisk unveiled a prototype 1 terabyte SD card that would make it the biggest in the world, but it's still not available to purchase. At the time, SanDisk said that the advancement was necessary to match ever-increasing data-heavy formats like 4K video and VR. However, creating SD cards with massive amounts of storage is cost-prohibitive. SanDisk's 512GB SD card used to cost $800, and though it's dropped in price, is still priced around $300.

You've probably never heard of the marketing and data aggregation firm Exactis. But it may well have heard of you. And now there's also a good chance that whatever information the company has about you, it recently leaked onto the public internet, available to any hacker who simply knew where to look. From a report: Earlier this month, security researcher Vinny Troia discovered that Exactis, a data broker based in Palm Coast, Florida, had exposed a database that contained close to 340 million individual records on a publicly accessible server. The haul comprises close to 2 terabytes of data that appears to include personal information on hundreds of millions of American adults, as well as millions of businesses. While the precise number of individuals included in the data isn't clear -- and the leak doesn't seem to contain credit card information or Social Security numbers -- it does go into minute detail for each individual listed, including phone numbers, home addresses, email addresses, and other highly personal characteristics for every name. The categories range from interests and habits to the number, age, and gender of the person's children.

"It seems like this is a database with pretty much every US citizen in it," says Troia, who is the founder of his own New York-based security company, Night Lion Security. Troia notes that almost every person he's searched for in the database, he's found. And when WIRED asked him to find records for a list of 10 specific people in the database, he very quickly found six of them. "I don't know where the data is coming from, but it's one of the most comprehensive collections I've ever seen," he says.

ProtonMail, a secure email service provider used by more than two million users and references of which has been made in shows like Mr. Robot, has been facing outages for the last two days as it fights numerous DDoS attacks. "The attacks went on for several hours, although the outages were far more brief, usually several minutes at a time with the longest outage on the order of 10 minutes," a ProtonMail spokesperson told BleepingComputer, adding that it has tracked the attack to a group that claims to have ties to Russia. But things are more complicated than that, and it appears ProtonMail users, who are already annoyed at the frequent outages over the last few days, are up for more such downtimes in the coming days. BleepingComputer: But in reality, the DDoS attacks have no ties to Russia, weren't even planned to in the first place, and the group behind the attacks denounced being Russian, to begin with. Responsible for the attacks is a hacker group named Apophis Squad. In a private conversation with Bleeping Computer today, one of the group's members detailed yesterday's chain of events. The Apophis member says they targeted ProtonMail at random while testing a beta version of a DDoS booter service the group is developing and preparing to launch.

The group didn't cite any reason outside "testing" for the initial and uncalled for attack on ProtonMail, which they later revealed to have been a 200 Gbps SSDP flood, according to one of their tweets. "After we sent the first attack, we downed it for 60 seconds," an Apophis Squad member told us. He said the group didn't intend to harass ProtonMail all day yesterday or today but decided to do so after ProtonMail's CTO, Bart Butler, responded to one of their tweets calling the group "clowns."

This was a questionable response on the part of the ProtonMail CTO, as it set the hackers against his company even more. "So we then downed them for a few hours," the Apophis Squad said. Subsequent attacks included a whopping TCP-SYN flood estimated at 500 Gbps, as claimed by the group.

Last January in northern Sweden, a German-led team of physicists loaded a curious machine onto an unmanned rocket. The payload, about as tall as a single-story apartment, was essentially a custom-made freezer -- a vacuum chamber, with a small chip and lasers within, that could cool single atoms near absolute zero.

It may sound like a bizarre experiment, but it is something physicists have been aching to do for years. They launched the rocket about 90 miles past the atmosphere's boundary of outer space, monitoring a livestream from a heated building nearby. Then, just 17 minutes later, they watched as the freezer plummeted back down to Earth, landing via parachute on snowy ground 40 miles from the launch site. Wired elaborates: See, the freezer that the Germans launched has the ability to make atoms clump together in a cloud-like blob called a Bose-Einstein condensate -- a phase of matter that exhibits some truly bizarre properties. It's delicate enough to respond to tiny fluctuations in gravity and electromagnetic fields, which means it could someday make for a super-precise sensor in space. But down on Earth, it tends to collapse in a matter of milliseconds because of gravity. So the blobs had to go to space. Since the late '90s, physicists have been developing machines that can autonomously assemble and control the blobs during spaceflight. With this rocket launch, they've succeeded. The group in Germany, led by physicist Ernst Rasel of University of Hannover, just released pictures of blobs they managed to create [PDF], as well as precise measurements of how they jiggled during their brief trip. "They've essentially laid the groundwork to show that you can actually do this, and it's not totally insane," says physicist Nathan Lundblad of Bates College.

Last January in northern Sweden, a German-led team of physicists loaded a curious machine onto an unmanned rocket. The payload, about as tall as a single-story apartment, was essentially a custom-made freezer -- a vacuum chamber, with a small chip and lasers within, that could cool single atoms near absolute zero.

It may sound like a bizarre experiment, but it is something physicists have been aching to do for years. They launched the rocket about 90 miles past the atmosphere's boundary of outer space, monitoring a livestream from a heated building nearby. Then, just 17 minutes later, they watched as the freezer plummeted back down to Earth, landing via parachute on snowy ground 40 miles from the launch site. Wired elaborates: See, the freezer that the Germans launched has the ability to make atoms clump together in a cloud-like blob called a Bose-Einstein condensate -- a phase of matter that exhibits some truly bizarre properties. It's delicate enough to respond to tiny fluctuations in gravity and electromagnetic fields, which means it could someday make for a super-precise sensor in space. But down on Earth, it tends to collapse in a matter of milliseconds because of gravity. So the blobs had to go to space. Since the late '90s, physicists have been developing machines that can autonomously assemble and control the blobs during spaceflight. With this rocket launch, they've succeeded. The group in Germany, led by physicist Ernst Rasel of University of Hannover, just released pictures of blobs they managed to create [PDF], as well as precise measurements of how they jiggled during their brief trip. "They've essentially laid the groundwork to show that you can actually do this, and it's not totally insane," says physicist Nathan Lundblad of Bates College.

An anonymous reader shares a report: For a long time, China has been a dumping ground for the world's problematic plastics. In the 1990s, Chinese markets saw that discarded plastic could be profitably recreated into exportable bits and bobs -- and it was less expensive for international cities to send their waste to China than to deal with it themselves. China got cheap plastic and the exporting countries go rid of their trash.

But in November 2017, China said enough. The country closed its doors to contaminated plastic, leaving the exports to be absorbed by neighboring countries like Vietnam, South Korea, and Thailand. And without the infrastructure to absorb all the waste that China is rejecting, the plastics are piling up. Between now and 2030, 111 million metric tons of trash -- straws, bags, water bottles -- will have nowhere to go, according to a paper published in Science Advances on Wednesday. That's as if every human on Earth contributed a quarter of their body mass in mostly single-use plastic polymers to a massive, abandoned pile of garbage.

The Supreme Court will review a 2011 class-action lawsuit against Apple, accusing the company of operating an illegal monopoly by not allowing iPhone users to download mobile apps outside of its own App Store, reducing consumer choice. The case, being referred to as Apple Inc. v. Pepper., could have wide-reaching implications for consumers as well as other companies like Amazon. Wired reports: The dispute is over whether Apple, by charging app developers a 30 percent commission fee and only allowing iOS apps to be sold through its own store, has inflated the price of iPhone apps. Apple, supported by the Trump administration, argues that the plaintiffs in the case -- iPhone consumers -- don't have the right to sue under current antitrust laws in the U.S.

The case marks a rare instance in which the court has agreed not only to hear an antitrust case, but also one where no current disagreement exists in the circuit courts. The outcome could change decades of antitrust legal precedent -- either strengthening or weakening consumer protections against monopolistic power. The case also represents a huge source of revenue for Apple; the company raked in an estimated $11 billion last year in App Store commissions alone. The lawsuit centers around another Supreme Court case from 1977, Illinois Brick Co. v. Illinois, "which established what is known as the Illinois Brick Doctrine," reports Wired. "That rule says you can't sue for antitrust damages if you're not the direct purchaser of a good or service."

The self-driving robots are coming to transform your job. Kind of. Also, very slowly. From a report: That's the not-quite-exclamatory upshot of a new report from the Washington, DC-based Securing America's Future Energy. The group advocates for a countrywide pivot away from oil dependency, one it hopes will be aided by the speedy adoption of electric, self-driving vehicles. So it commissioned a wide-ranging study by a phalanx of labor economists to discover how that could happen, and whether America might transform into a Mad Max-like desert hell along the way. The news, mostly, is good. For one, self-driving vehicles probably won't wreck the labor market to the point where gig economy workers are hired out as mobile blood bags.

In fact, they'll eventually feed the economy, accruing an estimated $800 billion in annual benefits by 2050, a number mostly in line with previous researchers' projections. Two, robo-cars won't disappear the jobs all at once. "We have a labor market characterized by churning -- continual job creation and destruction," says Erica Groshen, a visiting labor economist at Cornell University and former Commissioner of Labor Statistics, who worked on the report. "The challenge is to make the transition as smooth as possible."

Wired has a story on Windows' red team, which consists of a group of hackers (one of whom jailbroke Nintendo handhelds in a former life, another has more than one zero-day exploit to his name, and a third signed on just prior to the devastating Shadow Brokers leak), who are tasked with finding holes in the world's most used desktop operating system. From the story: The Windows red team didn't exist four years ago. That's around the time that David Weston, who currently leads the crew as principal security group manager for Windows, made his pitch for Microsoft to rethink how it handled the security of its marquee product. "Most of our hardening of the Windows operating system in previous generations was: Wait for a big attack to happen, or wait for someone to tell us about a new technique, and then spend some time trying to fix that," Weston says. "Obviously that's not ideal when the stakes are very high."

[...] Together, the red teamers spend their days attacking Windows. Every year, they develop a zero-day exploit to test their defensive blue-team counterparts. And when emergencies like Spectre or EternalBlue happen, they're among the first to get the call. Again, red teams aren't novel; companies that can afford them -- and that are aware they could be targeted -- tend to use them. If anything, it may come as a surprise that Microsoft hadn't sicced one on Windows until so recently. Microsoft as a company already had several other red teams in place by the time Weston built one for Windows, though those focused more on operational issues like unpatched machines. "Windows is still the central repository of malware and exploits. Practically, there's so much business done around the world on Windows. The attacker mentality is to get the biggest return on investment in what you develop in terms of code and exploits," says Aaron Lint, who regularly works with red teams in his role as chief scientist at application protection provider Arxan. "Windows is the obvious target."

EqualCitizens.US reports on growing opposition to the CLASSICS Act proposed by the U.S. Congress, which grants blanket copyright protection to all audio works created before 1972, leaving some of them copyrighted until 2067. Importantly, the Act doesn't require artists or the rights holder to register for the copyright. Rather, any and all pre-1972 sound recordings would be copyrighted, greatly limiting the public's access to these works. Various organizations and scholars have responded. Equal Citizens along with a coalition of internet freedom and democracy reform organizations, is sending this letter to the Senate Judiciary Committee to urge its members to reject this Act in its entirety, or at a minimum, at least require registration of pre-1972 works. Otherwise, if the Act passes as is, famous artists and wealthy corporations will benefit greatly while the public will get absolutely nothing in return, as Professor Lawrence Lessig notes in Wired....

This act will limit access to past works and stifle creativity for new works. It would effectively remove many existing works, including some popular documentaries, podcasts, etc., from the public arena. The Coalition recommends adding a registration requirement to secure the extended copyright term, such that works that nobody claimed could be allowed to enter the public domain. As this TechCrunch report on the coalition letter explains:

By having artists and rights owners register, it solves the problem for everyone. Anyone who wants to have their pre-1972 works brought into the new scheme can easily achieve that, but orphan works will enter the public domain as they ought to.
"Either way," Lessig writes, "it is finally clear that the Supreme Court's prediction that the copyright owners would be satisfied with the copyright protection provided by the Sonny Bono Act turns out not to be true."

jwhyche writes: Beth Brunton walks around Seattle with a magenta umbrella. At 75 degrees and there not being a cloud in the sky, it gets peoples attention. What she is attempting to do is get people to sign a petition supporting Initiative 1631, known as the "Protect Washington Act." If this was to pass, Washington state would become the first state to adopt anything like a carbon tax. "The initiative proposes a 'fee on pollution' that would put a $15 charge on each metric ton of carbon dioxide emitted in Washington starting in 2020," reports Wired. "That charge would rise by $2 plus inflation every year until the state meets its climate goals, which include cutting its carbon footprint 36 percent below 2005 levels by 2035. The revenue raised would go toward investing in clean energy; protecting the air, water, and forests; and helping vulnerable communities prepare for wildfires and sea-level rise."

The report mentions Washington's previous attempt at a "carbon tax" initiative, which was ultimately rejected. It would have initially charged businesses $25 per metric ton of emissions before ramping up over time.

An anonymous reader writes: If you drop your phone today and it falls to the ground, you can be fairly certain that if it slips from your grip again tomorrow (butterfingers!), it won't suddenly soar into the sky. That's thanks to one of the basic ideas in Einstein's theory of general relativity, which posits that the laws of physics don't change over space and time. But to actually know that for a fact, you'd have to perform the same task over and over again, in as many locations as possible, and watch closely for any change in outcome. That's why, as Sophia Chen reports, a group of physicists has spent the past 14 years -- or 450 million seconds -- watching clocks tick.

Their results would have made Einstein heave a sigh of relief. The physicists were observing the 12 atomic clocks to see whether their subatomic particles' behavior changed over those 14 years -- but it was completely consistent, even as the clocks moved with the Earth around the sun. Now, these findings don't necessarily mean that the laws of physics are absolutely not changing across time and space. They only definitively show that the laws of physics stayed constant over the 14 years of the experiment. "Still, they can now say this with five times more certainty than they could a decade ago," Chen writes. "And if it holds true for Earth's location in the universe, it's not too much of a leap to imagine it's true elsewhere."

An anonymous reader writes: Back in 2013, the halcyon days of at-home Bitcoin mining, staffers in the WIRED San Francisco office turned on one of Butterfly Labs' mining machines and let it whir away, amassing a horde of 13 bitcoins -- now worth $100,000. But today we have nothing to show for our efforts. What happened to our loot?

The same thing that has happened to millions of other unfortunate miners, actually: We lost our private key, a 64-digit string of random numbers that not one of us remembers. And we've got basically no chance of recovering it: "Originally I was going to say that the closest metaphor I have is that we dropped a car key somewhere in the Atlantic," says Stefan Antonowicz, WIRED's then-head of engineering. "But I think it's closer for me to say we dropped the key somewhere between here and the Alpha Centauri."

An anonymous reader writes: The city of Richmond, California, is suing Chevron, its largest employer and its largest public-safety scourge. But while industrial accidents like refinery fires are commonplace in the low-lying industrial town, that's not what this lawsuit is about. Richmond and six other California cities are suing oil companies for contributing to the changing climate, which threatens to inundate their shorelines. "In an era of federal deregulation and rising seas, these lawsuits feel increasingly urgent," writes deputy editor Adam Rogers. "The question is whether the courts will even see them as plausible."

The lawsuits face two big legal hurdles: getting scientific proof that climate change (and specific companies causing climate change) are to blame for the cities' woes, along with overcoming oil companies' contention that cities can't sue them at all, since at the federal level, they're beholden to the Clean Air Act. But the urban plaintiffs have a plan for that. They are not asking for new regulations or bans; they're asking for reparations for a problem they say oil companies willfully hid from them. "Oil and gas, like cigarettes, are products. The companies that sell them are liable for the damages they cause," says Sharon Eubanks, an attorney at Bordas & Bordas who was lead counsel in the Justice Department's RICO case against the Philip Morris tobacco company. "They have misled the public about the product's dangers."

In early 2016, two planetary scientists declared that a ghost planet is hiding in the depths of the solar system, well beyond the orbit of Pluto. Their claim, which they made based on the curious orbits of distant icy worlds, quickly sparked a race to find this so-called Planet Nine -- a planet that is estimated to be about 10 times the mass of Earth. From a report: Now, astronomers are reporting that they have spotted another distant world -- perhaps as large as a dwarf planet -- whose orbit is so odd that it is likely to have been shepherded by Planet Nine. The object confirms a specific prediction made by Konstantin Batygin and Michael Brown, the astronomers at the California Institute of Technology who first argued for Planet Nine's existence. "It's not proof that Planet Nine exists," said David Gerdes, an astronomer at the University of Michigan and a co-author on the new paper. "But I would say the presence of an object like this in our solar system bolsters the case for Planet Nine."

Gerdes and his colleagues spotted the new object in data from the Dark Energy Survey, a project that probes the acceleration in the expansion of the universe by surveying a region well above the plane of the solar system. This makes it an unlikely tool for finding objects inside the solar system, since they mostly orbit within the plane. But that is exactly what makes the new object unique: Its orbit is tilted 54 degrees with respect to the plane of the solar system. It's something Gerdes did not expect to see. Batygin and Brown, however, predicted it. The rocky body is being described as 2015 BP519. Quanta magazine has more details.

"Because it apparently isn't bad enough already, Congress is looking to extend the copyright term to 144 years," writes Slashdot reader llamalad. "Please write to your representatives and consider donating to the EFF." American attorney Lawrence Lessig writes via Wired: Almost exactly 20 years ago, Congress passed the Sonny Bono Copyright Term Extension Act, which extended the term of existing copyrights by 20 years. The Act was the 11th extension in the prior 40 years, timed perfectly to assure that certain famous works, including Mickey Mouse, would not pass into the public domain. Immediately after the law came into force, a digital publisher of public domain works, Eric Eldred, filed a lawsuit challenging the act [which the Supreme Court later rejected].

Twenty years later, the fight for term extension has begun anew. Buried in an otherwise harmless act, passed by the House and now being considered in the Senate, this new bill purports to create a new digital performance right -- basically the right to control copies of recordings on any digital platform (ever hear of the internet?) -- for musical recordings made before 1972. These recordings would now have a new right, protected until 2067, which, for some, means a total term of protection of 144 years. The beneficiaries of this monopoly need do nothing to get the benefit of this gift. They don't have to make the work available. Nor do they have to register their claims in advance.