Monthly Archives: June 2022

‘Toxic’ open source GitHub discussions analyzed in study

Posted on by

Toxic discussions on open-source GitHub projects tend to involve entitlement, subtle insults, and arrogance, according to an academic study. That contrasts with the toxic behavior – typically bad language, hate speech, and harassment – found on other corners of the web.

Whether that seems obvious or not, it’s an interesting point to consider because, for one thing, it means technical and non-technical methods to detect and curb toxic behavior on one part of the internet may not therefore work well on GitHub, and if you’re involved in communities on the code-hosting giant, you may find this research useful in combating trolls and unacceptable conduct.

It may also mean systems intended to automatically detect and report toxicity in open-source projects, or at least ones on GitHub, may need to be developed specifically for that task due to their unique nature.

[…]

Courtney Miller, Sophie Cohen, Daniel Klug, Bogdan Vasilescu, and Christian Kästner – describe their findings in a paper [PDF] titled, “‘Did You Miss My Comment or What?’ Understanding Toxicity in Open Source Discussions,” that was presented last month at the ACM/IEEE International Conference on Software Engineering in Pittsburgh, Pennsylvania.

In a video explainer, Miller, a doctoral student at CMU’s Institute for Software Research and lead author on the paper, says the project adopted the definition of toxicity proposed by those working on Google’s Perspective API: “rude, disrespectful, or unreasonable language that is likely to make someone leave a discussion.”

[…]

The open source community’s long tradition of blunt interaction has led many projects to adopt codes of conduct, the paper notes. The reason for doing so is to encourage contributors to join open source projects and to keep them from being driven away by trolling and other forms of hostility.

The researchers acknowledge that “toxicity in open source is often written off as a naturally occurring if not necessary facet of open source culture.” And while there are those who defend a more rough-and-tumble mode of online interaction, there are consequences for angry interactions. Witness the departures in the Perl community over hostility.

“Toxicity is different in open-source communities,” Miller said in a CMU news release. “It is more contextual, entitled, subtle and passive-aggressive.”

[…]

many open source contributors have cited toxic and continuously negative behavior as their reason for disengaging (see Section 2 of our paper for more details). Because of this, it was important to consider toxicity that could be considered toxic to a wide spectrum of open source contributors.”

Toxicity in open source projects is relatively rare – the researchers in previous work found only about six per 1,000 GitHub issues to be toxic. That meant a random sampling of issues wouldn’t serve the research objective, so the group adopted several strategies for identifying toxic issues and comments: a language-based detector, finding mentions of “codes of conduct” and locked threads, and threads that had been deleted.

The result was a data set of 100 toxic issues on GitHub. What the researchers found was that toxicity on the Microsoft-owned website has its own particular characteristics.

[….]

The computer scientists note that GitHub Issues, while they include insults, arrogance, and trolling seen elsewhere, do not exhibit the severe language common on platforms like Reddit and Twitter. Beyond milder language, GitHub differs in its abundance of entitled comments – people making demands as if their expectations were based on a contract or payment.

[…]

The researchers identify a variety of triggers for toxic behavior, which mostly occur in large, popular projects. These include: trouble using software, technical disagreements, politics/ideology, and past interactions.

[…]

“The harms of toxicity were outside the scope of this project, but informally we observed that one thing that seemed to be an efficient way of curbing toxicity was for maintainers to cite their project’s code of conduct and lock the thread as too heated,” said Miller. “This seemed to help reduce the amount of time and emotional labor involved with dealing with the toxicity.”

[…]

Source: ‘Toxic’ open source GitHub discussions analyzed in study

Too Little, Too Late, WTO Finally Eases Patent Rights On COVID Vaccines

Posted on by

In what definitely feels like a case of way too little, way too late, the WTO last week finally decided to grant the TRIPS waiver on COVID vaccines, allowing others to make more of the vaccine without violating patent rights. The WTO has long had this ability to issue a patent waiver as part of its Trade-Related Aspects of Intellectual Property Rights (TRIPS) agreement. The idea is that in an emergency, when patents or copyrights are getting in the way of real harm, the WTO can say “hey, let’s grant a waiver to save people.”

You would think that a global pandemic where people are dying would be an obvious time to use such a waiver grant, but that’s because you’re not an obnoxious IP maximalist who cares more about their precious monopoly rents than the health and safety of the global populace. The big pharma and medical device companies freaked out about the possibility of a waiver, and even worse, Hollywood also flipped out about it, with their typical worry that any proof that removing an intellectual monopoly might be good for the world cannot be allowed.

It took forever, but in May of last year (already a year and a half into the pandemic), the US agreed to support the TRIPS waiver. This caused much gnashing of teeth among the maximalists, and then it still took over a year before this agreement was reached, and of course, now it’s both greatly watered down, and very much too late to make much of a difference. But kudos Hollywood and pharma lobbyists. You let thousands of people die, but you sure protected your IP. Good work!

But experts said the proposal was weakened significantly over months of negotiations. They said they did not expect the final agreement to encourage manufacturers in developing countries to start producing Covid vaccines, in part because it does not address the trade secrets and manufacturing know-how that many producers would need.

Even worse, the agreement is limited just to vaccines, and does not apply to either testing or therapeutics

[…]

Source: Too Little, Too Late, WTO Finally Eases Patent Rights On COVID Vaccines | Techdirt

A locust’s brain has been hacked to sniff out human cancer

Posted on by

Cyborg locust brains can help spot the telltale signs of human cancer in the lab, a new study has shown. The team behind the work hopes it could one day lead to an insect-based breath test that could be used in cancer screening, or inspire an artificial version that works in much the same way.

Other animals have been taught to spot signs that humans are sick. For example, dogs can be trained to detect when their owners’ blood sugar levels start to drop, or if they develop cancer, tuberculosis, or even covid.

In all cases, the animals are thought to be sensing chemicals that people emit through body odor or breath. The mix of chemicals can vary depending on a person’s metabolism, which is thought to change when we get sick. But dogs are expensive to train and look after. And making a device that mimics a dog’s nose has proved extremely difficult to do, says Debajit Saha, one of the scientists behind the latest work, which has not yet been peer-reviewed.

“These changes are almost in parts per trillion,” says Saha, a neural engineer at Michigan State University. This makes them hard to pick up even with state-of-the-art technologies, he adds. But animals have evolved to interpret such subtle changes in scents. So he and his colleagues decided to “hijack” an animal brain instead.

view of locust head stabilized

COURTESY OF THE RESEARCHERS

The researchers chose to work with locusts because these insects have been well studied in recent years. In a preliminary setup, they surgically exposed the brain of a living locust. Saha and his colleagues then inserted electrodes into lobes of the brain that receive signals from the insects’ antennae, which they use to sense odors.

The team also grew three different types of human oral cancer cells, as well as human mouth cells that were cancer-free. They used a device to capture gas emitted by each of the cell types, and delivered each of these to the locusts’ antennae.

The locusts’ brains responded to each of the cell types differently. The patterns of electrical activity recorded were so distinct that when the team puffed the gas from one cell type onto the antennae, they could correctly identify whether the cells were cancerous from the recording alone.

It is the first time a living insect brain has been tested as a tool to detect cancer, says Saha.

Natalie Plank, who is developing nanomaterial-based health sensors at Victoria University of Wellington in New Zealand, thinks the work is “super cool.” “The potential of just being able to breathe on something and then know if you’re at risk for cancer … is really powerful,” she says.

In the experiment, the team took brain recordings from multiple locusts and combined their responses. It currently takes recordings from 40 neurons to get a clear signal, which means the system requires between six and 10 locust brains. But Saha hopes to use electrodes that can record from more neurons, which would allow him to get recordings from the brain of a single locust. He also hopes to be able to use the brain and antennae in a portable device, which could then be tested on real people.

[…]

Saha says that locusts do not feel pain, so they don’t need anesthesia. But some research suggests that insects can sense and avoid things we might consider “painful” and might develop lasting sensitivity after an injury, similar to chronic pain. “The insect is dead in terms of its body function,” says Saha. “We are just keeping its brain alive.”

If the team can figure out which receptors on the insects’ antennae are the most important for detecting cancer, they might be able to create versions in the lab and use those instead, says Plank. In her own research, she uses lab-made proteins that mimic receptors in fruit flies. “Long term, there are different ways it might play out to become a mass screening technique,” she says.

Source: A locust’s brain has been hacked to sniff out human cancer | MIT Technology Review

Historic borders, Mapping the boundaries of history

Posted on by

Historical country borders through time

Screenshot from the Historic Borders site
 
 

While geographic boundaries can often seem like a semi-static thing, they’ve changed a lot when you look at them on the scale of centuries. Point in History, by Hans Hack, presents a map of what boundaries used to be. Click anywhere to see the history.

The map is based on the historical basemaps project, which you can access here.

Source: Mapping the boundaries of history | FlowingData

Cloudflare explains hour long outage which broke a lot of internets

Posted on by

The incident began at 0627 UTC (2327 Pacific Time) and it took until 0742 UTC (0042 Pacific) before the company managed to bring all its datacenters back online and verify they were working correctly. During this time a variety of sites and services relying on Cloudflare went dark while engineers frantically worked to undo the damage they had wrought short hours previously.

“The outage,” explained Cloudflare, “was caused by a change that was part of a long-running project to increase resilience in our busiest locations.”

Oh, the irony.

What had happened was a change to the company’s prefix advertisement policies, resulting in the withdrawal of a critical subset of prefixes. Cloudflare makes use of BGP (Border Gateway Protocol). As part of this protocol, operators define which policies (adjacent IP addresses) are advertised to or accepted from networks (or peers).

Changing a policy can result in IP addresses no longer being reachable on the Internet. One would therefore hope that extreme caution would be taken before doing a such a thing…

Cloudflare’s mistakes actually began at 0356 UTC (2056 Pacific), when the change was made at the first location. There was no problem – the location used an older architecture rather than Cloudflare’s new “more flexible and resilient” version, known internally as MCP (Multi-Colo Pop.) MCP differed from what had gone before by adding a layer of routing to create a mesh of connections. The theory went that bits and pieces of the internal network could be disabled for maintenance. Cloudflare has already rolled out MCP to 19 of its datacenters.

Moving forward to 0617 UTC (2317 Pacific) and the change was deployed to one of the company’s busiest locations, but not an MCP-enabled one. Things still seemed OK… However, by 0627 UTC (2327 Pacific), the change hit the MCP-enabled locations, rattled through the mesh layer and… took

Five minutes later the company declared a major incident. Within half an hour the root cause had been found and engineers began to revert the change. Slightly worryingly, it took until 0742 UTC (0042 Pacific) before everything was complete. “This was delayed as network engineers walked over each other’s changes, reverting the previous reverts, causing the problem to re-appear sporadically.”

One can imagine the panic at Cloudflare towers, although we cannot imagine a controlled process that resulted in a scenario where “network engineers walked over each other’s changes.”

We’ve asked the company to clarify how this happened, and what testing was done before the configuration change was made, and will update should we receive a response.

Mark Boost CEO of Cloud native outfit Civo (formerly of LCN.com) was scathing regarding the outage: “This morning was a wake-up call for the price we pay for over-reliance on big cloud providers. It is completely unsustainable for an outage with one provider being able to bring vast swathes of the internet offline.

“Users today rely on constant connectivity to access the online services that are part of the fabric of all our lives, making outages hugely damaging…

“We should remember that scale is no guarantee of uptime. Large cloud providers have to manage a vast degree of complexity and moving parts, significantly increasing the risk of an outage.”

Source: Cloudflare explains today’s mega-outage • The Register

South Korea Launches First Satellite With Homegrown Rocket

Posted on by

South Korea conducted its first successful satellite launch using a domestically developed rocket on Tuesday, officials said, boosting its growing aerospace ambitions and demonstrating it has key technologies needed to launch spy satellites and build larger missiles amid tensions with rival North Korea.

The three-stage Nuri rocket placed a functioning “performance verification” satellite at a target altitude of 700 kilometers (435 miles) after its 4 p.m. liftoff from South Korea’s space launch center on a southern island, the Science Ministry said.

The satellite transmitted signals about its status to an unmanned South Korean station in Antarctica. It is carrying four smaller satellites that will be released in coming days for Earth observation and other missions, ministry officials said.

[…]

Source: South Korea Launches First Satellite With Homegrown Rocket – The Diplomat

Transparent Display Hacked to Look Like Shower Door

Posted on by

[…] The most practical use for transparent LCDs has been in hospitals, where rooms with large windows can be made private at the push of a button that causes the panels to instantly become opaque.

µProto「Wipe Fake」

That’s presumably what inspired this team of designers from IMG SRC, who in just two months created the “Wipe Fake” prototype. The transparent LCD screen was paired with a touchscreen interface that reacts to swipes and finger gestures to wipe away the opaque parts of the panel, revealing what’s behind it like a layer of steam and humidity being wiped off a shower door. The effect looks especially convincing thanks to the virtual water drops that appear to run down the panel as the thin layer of simulated humidity coalesces into larger drops.

Is it the most practical alternative to a whiteboard when it comes to jotting down and working through ideas? Probably not, but just think back to how many eureka moments you’ve had while in the shower. […]

Source: Transparent Display Hacked to Look Like Shower Door

Popular blockchains can be centralised fairly easily | Trail of Bits study funded by DARPA

Posted on by

[…]Over the past year, Trail of Bits was engaged by the Defense Advanced Research Projects Agency (DARPA) to examine the fundamental properties of blockchains and the cybersecurity risks associated with them. DARPA wanted to understand those security assumptions and determine to what degree blockchains are actually decentralized.

[…]

The report also contains links to the substantial supporting and analytical materials. Our findings are reproducible, and our research is open-source and freely distributable. So you can dig in for yourself.

Key findings

  • Blockchain immutability can be broken not by exploiting cryptographic vulnerabilities, but instead by subverting the properties of a blockchain’s implementations, networking, and consensus protocols. We show that a subset of participants can garner undue, centralized control over the entire system:
    • While the encryption used within cryptocurrencies is for all intents and purposes secure, it does not guarantee security, as touted by proponents.
    • Bitcoin traffic is unencrypted; any third party on the network route between nodes (e.g., internet service providers, Wi-Fi access point operators, or governments) can observe and choose to drop any messages they wish.
    • Tor is now the largest network provider in Bitcoin; just about 55% of Bitcoin nodes were addressable only via Tor (as of March 2022). A malicious Tor exit node can modify or drop traffic.
  • More than one in five Bitcoin nodes are running an old version of the Bitcoin core client that is known to be vulnerable.
  • The number of entities sufficient to disrupt a blockchain is relatively low: four for Bitcoin, two for Ethereum, and less than a dozen for most proof-of-stake networks.
  • When nodes have an out-of-date or incorrect view of the network, this lowers the percentage of the hashrate necessary to execute a standard 51% attack. During the first half of 2021, the actual cost of a 51% attack on Bitcoin was closer to 49% of the hashrate—and this can be lowered substantially through network delays.
  • For a blockchain to be optimally distributed, there must be a so-called Sybil cost. There is currently no known way to implement Sybil costs in a permissionless blockchain like Bitcoin or Ethereum without employing a centralized trusted third party (TTP). Until a mechanism for enforcing Sybil costs without a TTP is discovered, it will be almost impossible for permissionless blockchains to achieve satisfactory decentralization.

Novel research within the report

  • Analysis of the Bitcoin consensus network and network topology
  • Updated analysis of the effect of software delays on the hashrate required to exploit blockchains (we did not devise the theory, but we applied it to the latest data)
  • Calculation of the Nakamoto coefficient for proof-of-stake blockchains (once again, the theory was already known, but we applied it to the latest data)
  • Analysis of software centrality
  • Analysis of Ethereum smart contract similarity
  • Analysis of mining pool protocols, software, and authentication
  • Combining the survey of sources (both academic and anecdotal) that support our thesis that there is a lack of decentralization in blockchains

The research to which this blog post refers was conducted by Trail of Bits based upon work supported by DARPA under Contract No. HR001120C0084 (Distribution Statement A, Approved for Public Release: Distribution Unlimited). Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Government or DARPA

[…]

Source: Are blockchains decentralized? | Trail of Bits Blog

How to Search Reddit and Actually Find What You Want using keywords

Posted on by

These keywords allow you to tell Reddit to search for only specific things, rather than the entirety of Reddit. These aren’t menu-based, meaning you’ll need to know which terms to enter into the search bar to get the results you want. There are eight in total, and you can use them in the following ways:

  • author: This word filters by username of the named account. For example, entering author:PresidentObama lists content posted only by u/PresidentObama.
  • flair: This word filters by a subreddit’s flair, which means this filter will vary based on the subreddit. Some subreddits use flair to categorize posts, so entering flair:discussion will only show results that are based on user conversation and debate, rather than, say, news.
  • self: This word filters posts made by an individual account, rather than posts linking to another site. Use self:true to search for only text-based posts, and self:false for all other types.
  • selftext: This word searches text posts for a specific query. Entering selftext:dogs, for example, will search text posts for the word dog.
  • site: This word filters for specific URLs. For example, use site:lifehacker.com to search for Reddit posts sharing Lifehacker articles.
  • subreddit: This word filters for the specific subreddit listed. Use subreddit:askreddit to search for posts from only r/askreddit. Alternatively, if you search for something while browsing a subreddit, Reddit will automatically search only within that subreddit.
  • title: This word filters for specific submission titles. If you search title:”broken keyboard,” you’ll only see posts that contain broken keyboard in the title. Note: always put multi-word searches in quotes.
  • url: This word filters for specific words in a website’s URL, to narrow down a website search. You should combine this one with the site filter. For example, site:lifehacker.com url:iphone will only return Reddit posts with Lifehacker URLs containing the word iPhone.

On their own, these filters can range from helpful to useless. However, combining them will make your searches way more accurate. If you’re trying to find an answer to why your iPhone is heating up, you can string together something like subreddit:iPhone title:overheating flair:question and find ultra-specific posts about your question. There’s apparently no limit on the amount of strings you can put together, so go ham.

Source: How to Search Reddit and Actually Find What You Want

Miners flood market with GPUs they no longer need as cryptocurrencies crash

Posted on by

As the cryptocurrency market currently goes through one of its worst nosedives in recent years, miners are trying to get rid of their mining hardware. Due to the crashing prices of popular crypto coins, numerous Chinese miners and e-cafes are flooding the market with graphics cards they no longer need.

Miners, e-cafes, and scalpers are now trying to sell their hardware stock on streams and auctions. As a result, users can snag a second-hand GPU, such as the RTX 3060 Ti, for $350 or even less. Many popular graphics cards going for MSRP or even less is quite a sight to behold after astronomically high prices and scarce availability during the last two years.

As tempting as it might be to snag a powerful Nvidia or AMD GPU for a price lower than its MSRP, it is not the best idea to go after a graphics card that went through seven rings of mining hell. Potential buyers should be aware that the mining GPUs are often not in their best conditions after spending months in always-on, always-100% mode.

With manufacturers increasing their supply and prices going down like never before, you may better spend a little more and get a new graphics card with a warranty and peace of mind. As a bonus, you can enjoy the view of scalpers getting desperate to get at least some money from their stock.

Source: Miners flood market with GPUs they no longer need as cryptocurrencies crash – Neowin

Spain, Austria not convinced location data is personal

Posted on by

[…]

EU privacy group NOYB (None of your business), set up by privacy warrior Max “Angry Austrian” Schrems, said on Tuesday it appealed a decision of the Spanish Data Protection Authority (AEPD) to support Virgin Telco’s refusal to provide the location data it has stored about a customer.

In Spain, according to NOYB, the government still requires telcos to record the metadata of phone calls, text messages, and cell tower connections, despite Court of Justice (CJEU) decisions that prohibit data retention.

A Spanish customer demanded that Virgin reveal his personal data, as allowed under the GDPR. Article 15 of the GDPR guarantees individuals the right to obtain their personal data from companies that process and store it.

[…]

Virgin, however, refused to provide the customer’s location data when a complaint was filed in December 2021, arguing that only law enforcement authorities may demand that information. And the AEPD sided with the company.

NOYB says that Virgin Telco failed to explain why Article 15 should not apply since the law contains no such limitation.

“The fundamental right to access is comprehensive and clear: users are entitled to know what data a company collects and processes about them – including location data,” argued Felix Mikolasch, a data protection attorney at NOYB, in a statement. “This is independent from the right of authorities to access such data. In this case, there is no relevant exception from the right to access.”

[…]

The group said it filed a similar appeal last November in Austria, where that country’s data protection authority similarly supported Austrian mobile provider A1’s refusal to turn over customer location data. In that case, A1’s argument was that location data should not be considered personal data because someone else could have used the subscriber phone that generated it.

[…]

Location data is potentially worth billions. According to Fortune Business Insights, the location analytics market is expected to bring in $15.76 billion in 2022 and $43.97 billion by 2029.

Outside the EU, the problem is the availability of location data, rather than lack of access. In the US, where there’s no federal data protection framework, the government is a major buyer of location data – it’s more convenient than getting a warrant.

And companies that can obtain location data, often through mobile app SDKs, appear keen to monetize it.

In 2020, the FCC fined the four largest wireless carriers in the US for failing to protect customer location data in accordance with a 2018 commitment to do so.

Source: Spain, Austria not convinced location data is personal • The Register

YouTube Has a Hidden List of Keyboard Shortcuts

Posted on by

[…]

what’s this secret shortcut that unlocks all hidden keyboard shortcuts? Shift + /. Or, of course, ?.

This button combo is your ticket to see the hidden list of keyboard shortcuts for your favorite websites. I first stumbled upon it while browsing YouTube: Somehow, I accidentally hit Shift + /, and, all of a sudden, I was presented with this complete collection of keyboard shortcuts for the site. Many of these shortcuts I already knew, as you might already know: K plays and pauses a video, J and L rewinds and fast forwards, respectively. However, other shortcuts might come as a surprise: You can rewind and fast forward frame-by-frame using , and . while paused. You can also slow down or speed up playback speed using < and > (Shift + ,) and (Shift + .).

It’s worth scanning the full list to see if any of these keyboard shortcuts are new to you, and whether some of them might actually be helpful during your next YouTube binge. As someone who takes screenshots on YouTube as part of his job, the frame-by-frame scanning is particularly useful.

Image for article titled YouTube Has a Hidden List of Keyboard Shortcuts
Screenshot: Jake Peterson

Many websites hide their keyboard shortcuts from users, too

It’s not just YouTube: Other popular websites you use every day hide keyboard shortcuts behind Shift + /. Twitter, for example, taught me that g + m launches DMs, while u and x can mute and block an account, respectively. Facebook also has a list of keyboard shortcuts: You might know that L likes a post, but did you know you can use / to search Facebook, or that you can pin keyboard shortcuts to the bottom right corner of the window that change depending on what you’re doing? That’s the most helpful option I’ve seen so far.

[…]

Source: YouTube Has a Hidden List of Keyboard Shortcuts

The 10 Best Illusions of the Year 2021

Posted on by

the finalists of this year’s Best Illusion of the Year Contest aren’t going to leave your brain feeling any less raddled, confused, or exhausted as we quickly approach the new year. As they do every year, a group of talented neurologists, visual scientists, ophthalmologists, and artists have come together to create and celebrate the best optical illusions of the year, and once again their creations will make you wonder if your brain really is completely broken.

Source: The 10 Best Illusions of the Year

Scientists develop antimicrobial, plant-based food wrap designed to replace plastic

Posted on by

Aiming to produce environmentally friendly alternatives to plastic food wrap and containers, a Rutgers scientist has developed a biodegradable, plant-based coating that can be sprayed on foods, guarding against pathogenic and spoilage microorganisms and transportation damage.

The scalable process could potentially reduce the adverse environmental impact of food packaging as well as protect .

[…]

what we have come up with is a scalable technology, which enables us to turn biopolymers, which can be derived as part of a circular economy from food waste, into smart fibers that can wrap food directly. This is part of new generation, ‘smart’ and ‘green’ .”

The research was conducted in concert with scientists at Harvard University and funded by the Harvard-Nanyang Technological University/Singapore Sustainable Nanotechnology Initiative.

Their article, published in the science journal Nature Food, describes the new kind of packaging technology using the polysaccharide/biopolymer-based fibers. Like the webs cast by the Marvel comic book character Spider-Man, the stringy material can be spun from a heating device that resembles a hair dryer and “shrink-wrapped” over foods of various shapes and sizes, such as an avocado or a sirloin steak. The resulting material that encases is sturdy enough to protect bruising and contains antimicrobial agents to fight spoilage and such as E. coli and listeria.

The research paper includes a description of the technology called focused rotary jet spinning, a process by which the biopolymer is produced, and quantitative assessments showing the coating extended the of avocados by 50 percent. The coating can be rinsed off with water and degrades in soil within three days, according to the study.

[…]

The paper describes how the new fibers encapsulating the food are laced with naturally occurring antimicrobial ingredients—thyme oil, citric acid and nisin. Researchers in the Demokritou research team can program such smart materials to act as sensors, activating and destroying bacterial strains to ensure food will arrive untainted. This will address growing concern over food-borne illnesses as well as lower the incidence of spoilage, Demokritou said.

[…]

More information: Huibin Chang et al, High-throughput coating with biodegradable antimicrobial pullulan fibres extends shelf life and reduces weight loss in an avocado model, Nature Food (2022). DOI: 10.1038/s43016-022-00523-w , www.nature.com/articles/s43016-022-00523-w

 

Yi Wang et al, Protecting foods with biopolymer fibres, Nature Food (2022). DOI: 10.1038/s43016-022-00519-6 , www.nature.com/articles/s43016-022-00519-6

Journal information: Nature Food

Source: Scientists develop antimicrobial, plant-based food wrap designed to replace plastic

Virpil VPC Desk Mount linear rail adapter for MongoosT / WarBRD / Stream Deck by SciMonster – Thingiverse

Posted on by

https://www.youtube.com/watch?v=VWXf6EsfZ4c&t=62s

Mount your Virpil Throttle and Stick to linear rails so you can slide them along your desk.
This allows you to move your HOTAS aside when you use the computer for other work.
When flying your aircraft or spaceship, a spring-loaded locking meachanism holds your HOTAS securely in place.

The files are designed for the VPC Desk Mount V2/V3:
https://virpil-controls.eu/vpc-desk-mount-angled-adapter-mt-50-throttle.html
which is compatible with the VPC MongoosT-50 Throttle.

An adapter plate for Virpil Flightsticks (VPC WarBRD Base) is included (with and without a mounting option for the 15 button Elgato Stream Deck (MK.1). MongoosT Base untested.

Source: Virpil VPC Desk Mount linear rail adapter for MongoosT / WarBRD / Stream Deck by SciMonster – Thingiverse

Attacking ML systems by changing  the order of the training data

Posted on by

Machine learning is vulnerable to a wide variety of attacks. It is now well understood that by changing the underlying data distribution, an adversary can poison the model trained with it or introduce backdoors. In this paper we present a novel class of training-time attacks that require no changes to the underlying dataset or model architecture, but instead only change the order in which data are supplied to the model. In particular, we find that the attacker can either prevent the model from learning, or poison it to learn behaviours specified by the attacker. Furthermore, we find that even a single adversarially-ordered epoch can be enough to slow down model learning, or even to reset all of the learning progress. Indeed, the attacks presented here are not specific to the model or dataset, but rather target the stochastic nature of modern learning procedures. We extensively evaluate our attacks on computer vision and natural language benchmarks to find that the adversary can disrupt model training and even introduce backdoors.

Source: [2104.09667] Manipulating SGD with Data Ordering Attacks

Chinese Officials Are Weaponizing COVID Health Tracker to Block Protests

Posted on by

Chinese bank depositors planning a protest about their frozen funds saw their health code mysteriously turn red and were stopped from traveling to the site of a rally, confirming fears that China’s vast COVID-tracking system could be weaponized as a powerful tool to stifle dissent.

A red health code designated the would-be protesters as suspected or confirmed COVID-19 patients, limiting their movement and access to public transportation. Their rallies in the central Henan province this week were thwarted as some were forced into quarantine and others detained by police.

A 38-year-old software engineer was among hundreds who could not access their savings at four rural banks since mid-April. She had planned to travel from her home in Jiangxi province to Zhengzhou, Henan’s capital city, to join a group petition this week to demand her money back. But her health code turned from green to red shortly after she bought a train ticket on Sunday. She said a nucleic test for COVID she took the night before came back negative and her hometown has not reported any infection recently.

[…]

Source: Chinese Officials Are Weaponizing COVID Health Tracker to Block Protests

Facebook and Anti-Abortion Clinics Are Collecting Highly Sensitive Info on Would-Be Patients

Posted on by

Facebook is collecting ultra-sensitive personal data about abortion seekers and enabling anti-abortion organizations to use that data as a tool to target and influence people online, in violation of its own policies and promises.

In the wake of a leaked Supreme Court opinion signaling the likely end of nationwide abortion protections, privacy experts are sounding alarms about all the ways people’s data trails could be used against them if some states criminalize abortion.

A joint investigation by Reveal from The Center for Investigative Reporting and The Markup found that the world’s largest social media platform is already collecting data about people who visit the websites of hundreds of crisis pregnancy centers, which are quasi-health clinics, mostly run by religiously aligned organizations whose mission is to persuade people to choose an option other than abortion.

[…]

Reveal and The Markup have found Facebook’s code on the websites of hundreds of anti-abortion clinics. Using Blacklight, a Markup tool that detects cookies, keyloggers and other types of user-tracking technology on websites, Reveal analyzed the sites of nearly 2,500 crisis pregnancy centers – with data provided by the University of Georgia – and found that at least 294 shared visitor information with Facebook. In many cases, the information was extremely sensitive – for example, whether a person was considering abortion or looking to get a pregnancy test or emergency contraceptives.

[…]

Source: Facebook and Anti-Abortion Clinics Are Collecting Highly Sensitive Info on Would-Be Patients – Reveal

Telegram criticizes Apple for subpar web app features on iOS, crippling app

Posted on by

A week after confirming plans for Telegram Premium, the messaging platform’s CEO, Pavel Durov, is again criticizing Apple’s approach to its Safari browser for stifling the efforts of web developers.

Durov would very much like his web-based messaging platform, Telegram Web, to be delivered as a web app rather than native, but is prevented from offering users a full-fat experience on Apple’s mobile devices due to limitations in the iOS Safari browser.

There’s no option for web developers on Apple’s iPhone and iPad to use anything but Safari, and features taken for granted on other platforms have yet to make it to iOS.

“We suspect that Apple may be intentionally crippling its web apps,” claimed Durov, “to force its users to download more native apps where Apple is able to charge its 30 percent commission.”

[…]

Source: Telegram criticizes Apple for subpar web app features on iOS • The Register

Samsung accused of cheating on hardware benchmarks – again

Posted on by

[…]

The South Korean titan was said to have unfairly goosed Galaxy Note 3 phone benchmarks in 2013, and faced with similar allegations about the Galaxy S4 in 2018 settled that matter for $13.4 million.

This time Samsung has allegedly fudged the results for its televisions, specifically the S95B QD-OLED and QN95B Neo OLED LCD TVs.

These accusations were raised this month by YouTube channel HDTVTest on the S95B, and by reviews site FlatpanelsHD on the QN95B. The claims boils down to Samsung allegedly using an algorithm to detect when benchmarking software was running on the set and adjusting the color and artificially boosting luminance by up to 80 percent during the test to make the equipment look better in reviews.

According to the FlatpanelsHD report, those levels of brightness can’t be sustained during normal use without damaging the TV’s backlight panel.

An algorithm to detect and hoodwink benchmarking software is just what Samsung was accused of employing in those earlier examples.

[…]

Source: Samsung accused of cheating on hardware benchmarks – again • The Register

Time to throw out those older, vulnerable Cisco SMB routers – they’re not gonna fix critical bugs for you

Posted on by

[…]Cisco has just released fixes for seven flaws, two of which are not great.

First on the priority list should be a critical vulnerability in its enterprise security appliances, and the second concerns another critical bug in some of its outdated small business routers that it’s not going to fix. In other words, junk your kit or somehow mitigate the risk.

[…]

The first security flaw, tracked as CVE-2022-20798, is an authentication bypass vulnerability in the virtual and hardware versions of Cisco Secure Email and Web Manager, and the Cisco Email Security Appliance. It occurs when the device uses Lightweight Directory Access Protocol (LDAP) for external authentication, and the good news is that Cisco disables external authentication by default.

A remote user could exploit the flaw “by entering a specific input on the login page of the affected device,” the networking titan warned in a security advisory this week. Once the intruder has gained unauthorized access, they could perform any number of illicit actions from the web-based interface including crashing the device.

Another high-severity flaw, CVE-2022-20664, in these same virtual and hardware appliances could allow a remote, authenticated user to steal credentials from a LDAP external authentication server connected to a device. However, exploiting this bug would require valid operator-level, or higher, credentials. It received a CVSS score of 7.7, and Cisco issued a software update to fix this bug, too.

More e-waste

The second critical vulnerability exists in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers, which the vendor stopped selling [PDF] in 2019. Cisco isn’t issuing a fix for this one, and said there’s no workaround. Instead, customers should upgrade to newer hardware.

The flaw, tracked as CVE-2022-20825, also received a 9.8 CVSS score, and it’s due to insufficient user input validation of incoming HTTP packets.

“An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface,” according to Cisco’s security alert. “A successful exploit could allow the attacker to execute arbitrary commands on an affected device using root-level privileges,” and also stop and restart the device, resulting in a denial of service.

In addition to the two critical and one high-severity vulnerabilities, Cisco disclosed an additional four medium-severity flaws on Wednesday.

[…]

Source: Time to throw out those older, vulnerable Cisco SMB routers • The Register

Julian Assange Extradition to US Approved by UK Government

Posted on by

Julian Assange—founder of the whistleblowing website WikiLeaks—can now be extradited from the United Kingdom to the United States, where he will face charges of espionage.

In April, a London court filed a formal extradition order for Assange, and the UK Home Secretary approved the order today, meaning that Assange can be extradited back to the United States. According to CNBC , Assange is facing 18 charges of espionage for his involvement with WikiLeaks, the website that published hundreds of thousands of classified military documents in 2010 and 2011.

Assange has been in prison or the Ecuadorian Embassy in London for much of the last decade. He’s currently being held in a high-security prison in London. Assange has the right to appeal today’s decision within 14 days, and WikiLeaks indicated it would be doing just that in a statement posted on Twitter this morning.

“This is a dark day for press freedom and for British democracy,” WikiLeaks said. “Julian did nothing wrong. He has committed no crime and is not a criminal. He is a journalist and a publisher, and he is being punished for doing his job.”

[…]

Source: Julian Assange Extradition to US Approved by UK Government

The Earth moves far under our feet: A new study shows that the inner core oscillates

Posted on by

USC scientists have found evidence that the Earth’s inner core oscillates, contradicting previously accepted models that suggested it consistently rotates at a faster rate than the planet’s surface.

Their study, published today in Science Advances, shows that the inner core changed direction in the six-year period from 1969–74, according to the analysis of seismic data. The scientists say their model of inner core movement also explains the variation in the length of day, which has been shown to oscillate persistently for the past several decades.

“From our findings, we can see the Earth’s surface shifts compared to its inner core, as people have asserted for 20 years,” said John E. Vidale, co-author of the study and Dean’s Professor of Earth Sciences at USC Dornsife College of Letters, Arts and Sciences. “However, our latest observations show that the inner core spun slightly slower from 1969–71 and then moved the other direction from 1971–74. We also note that the length of day grew and shrank as would be predicted.

“The coincidence of those two observations makes oscillation the likely interpretation.”

[…]

Utilizing data from the Large Aperture Seismic Array (LASA), a U.S. Air Force facility in Montana, researcher Wei Wang and Vidale found the inner core rotated slower than previously predicted, approximately 0.1 degrees per year. The study analyzed waves generated from Soviet underground nuclear bomb tests from 1971–74 in the Arctic archipelago Novaya Zemlya using a novel beamforming technique developed by Vidale.

The new findings emerged when Wang and Vidale applied the same methodology to a pair of earlier atomic tests beneath Amchitka Island at the tip of the Alaskan archipelago—Milrow in 1969 and Cannikin in 1971. Measuring the compressional waves resulting from the , they discovered the inner core had reversed direction, sub-rotating at least a tenth of a degree per year.

[…]

The study does support the speculation that the inner core oscillates based on variations in the length of day—plus or minus 0.2 seconds over six years—and geomagnetic fields, both of which match the theory in both amplitude and phase. Vidale says the findings provide a compelling theory for many questions posed by the research community.

“The inner core is not fixed—it’s moving under our feet, and it seems to going back and forth a couple of kilometers every six years,” Vidale said. “One of the questions we tried to answer is, does the inner core progressively move or is it mostly locked compared to everything else in the long term? We’re trying to understand how the formed and how it moves over time—this is an important step in better understanding this process.”

Source: The Earth moves far under our feet: A new study shows that the inner core oscillates

US Copyright Office sued for denying AI model authorship

Posted on by

The US Copyright Office and its director Shira Perlmutter have been sued for rejecting one man’s request to register an AI model as the author of an image generated by the software.

You guessed correct: Stephen Thaler is back. He said the digital artwork, depicting railway tracks and a tunnel in a wall surrounded by multi-colored, pixelated foliage, was produced by machine-learning software he developed. The author of the image, titled A Recent Entrance to Paradise, should be registered to his system, Creativity Machine, and he should be recognized as the owner of the copyrighted work, he argued.

(Owner and author are two separate things, at least in US law: someone who creates material is the author, and they can let someone else own it.)

Thaler’s applications to register and copyright the image behalf of Creativity Machine, however, have been turned down by the Copyright Office twice. Now, he has sued the government agency and Perlmutter. “Defendants’ refusal to register the copyright claim in the work is contrary to law,” Thaler claimed in court documents [PDF] filed this month in a federal district court in Washington DC.

“The agency actions here were arbitrary, capricious, an abuse of discretion and not in accordance with the law, unsupported by substantial evidence, and in excess of Defendants’ statutory authority,” the lawsuit claimed.

Thaler’s lawyer, Ryan Abbott, believes the Copyright Office should overturn its previous decision and process Thaler’s original application. “The refusal to register the copyright claim in the work should be set aside and the application reinstated,” he argued.

[…]

Source: US Copyright Office sued for denying AI model authorship • The Register

Scientists covered a robot finger in living human skin

Posted on by

[…] At the moment, robots are sometimes coated in silicone rubber to give them a fleshy appearance, but the rubber lacks the texture of human skin, he says.

To make more realistic-looking skin, Takeuchi and his colleagues bathed a plastic robot finger in a soup of collagen and human skin cells called fibroblasts for three days. The collagen and fibroblasts adhered to the finger and formed a layer similar to the dermis, which is the second-from-top layer of human skin.

Next, they gently poured other human skin cells called keratinocytes onto the finger to recreate the upper layer of human skin, called the epidermis.

The resulting 1.5-millimetre-thick skin was able to stretch and contract as the finger bent backwards and forwards. As it did this, it wrinkled like normal skin, says Takeuchi. “It is much more realistic than silicone.”

The robot skin could also be healed when it was cut by grafting a collagen sheet onto the wound.

However, the skin began to dry out after a while since it didn’t have blood vessels to replenish it with moisture.

In the future, it may be possible to incorporate artificial blood vessels into the skin to keep it hydrated, as well as sweat glands and hair follicles to make it more realistic, says Takeuchi.

It should also be possible to make different skin colours by adding melanocytes, he says.

The researchers now plan to try coating a whole robot in the living skin. “But since this research field has the potential to build a new relationship between humans and robots, we need to carefully consider the risks and benefits of making it too realistic,” says Takeuchi.

Source: Scientists covered a robot finger in living human skin | New Scientist