WhatsApp didn’t fully explain to Europeans how it uses their data as called for by EU privacy law, Ireland’s Data Protection Commission said on Thursday. The regulator hit the messaging app with a fine of 225 million euros, about $267 million.
Partly at issue is how WhatsApp share information with parent company Facebook, according to the commission. The decision brings an end to a GDPR inquiry the privacy regulator started in December 2018.
The European Union’s top court has flipped the bird to German mobile network operators Telekom Deutschland and Vodafone, ruling in two separate judgements that their practice of exempting certain services from data caps violated the bloc’s net neutrality rules.
“Zero rating” is when service providers offer customers plans that exempt certain data-consuming services (be it Spotify, Netflix, gaming, or whatever) from contributing towards data caps. Very often, those services are commercial partners of the provider, or even part of the same massive media conglomerate, allowing the provider to exert pressure on customers to use their data in a way that profits them further. This has the convenient benefit of making it easier for providers to keep ridiculous fees for data overages in place while punishing competing services that customers might use more if the zero-rating scheme wasn’t in place. No one wins, except for the telecom racket.
Net neutrality is the principle that telecom providers should treat all data flowing over their networks equally, not prioritizing one service over the other for commercial gain. As Fortune reported, the version of net neutrality rules passed in the European Union in 2015 was at the time weaker than Barack Obama-era rules in the U.S., as they didn’t explicitly ban zero rating. That’s no longer the case, as Donald Trump appointees at the Federal Communications Commission nuked the U.S.’s net neutrality rules in 2017, and a series of subsequent regulatory decisions and court rulings in the EU narrowed the scope of zero-rating practices there.
In 2016, EU regulators found that zero rating would be allowed so long as the zero-rated services were also slowed down when a customer ran up against a data cap, according to Fortune. In 2020, the Court of Justice of the European Union (CJEU) confirmed that interpretation and found it was illegal to block or slow down data after a user hit their cap on the basis that a particular service wasn’t part of a zero-rating deal. Still, carriers in the EU have continued to offer zero-rating plans, relying on perceived loopholes in the law.
The CJEU ruled on two separate cases involving Telekom and Vodafone on Thursday, which according to Reuters were brought by Germany’s Federal Network Agency (BNetzA) regulatory agency and VZBV consumer association respectively. At issue in the Telekom case was its “StreamOn” service, which exempts streaming services that work with the company from counting towards data caps—and throttles all video streaming, regardless of whether it’s from one of the StreamOn partners, when the cap is hit. The Vodafone case involved its practice of counting zero-rated services or mobile hotspot traffic towards data cap—advertising those plans with names like “Music Pass” or “Video Pass,” according to Engadget—when a customer leaves Germany to travel somewhere else in the EU.
Both of the companies’ plans violated net neutrality principles, the CJEU found, in a completely unambiguous decision titled “‘Zero tariff options are contrary to the regulation on open internet access.“ Fortune wrote that BNetzA has already concluded that the court’s decision means that Telekom will likely not be able to continue StreamOn in its “current form.”
“By today’s judgments, the Court of Justice notes that a ‘zero tariff’ option, such as those at issue in the main proceedings, draws a distinction within Internet traffic, on the basis of commercial considerations, by not counting towards the basic package traffic to partner applications,” the CJEU told media outlets in a statement. “Such a commercial practice is contrary to the general obligation of equal treatment of traffic, without discrimination or interference, as required by the regulation on open Internet access.”
The court added, “Since those limitations on bandwidth, tethering or on use when roaming apply only on account of the activation of the ‘zero tariff’ option, which is contrary to the regulation on open Internet access, they are also incompatible with EU law.”
UK ISP Sky Broadband is monitoring the IP addresses of servers suspected of streaming pirated content to subscribers and supplying that data to an anti-piracy company working with the Premier League. That inside knowledge is then processed and used to create blocklists used by the country’s leading ISPs, to prevent subscribers from watching pirated events.
[…]
In recent weeks, an anonymous source shared a small trove of information relating to the systems used to find, positively identity, and then ultimately block pirate streams at ISPs. According to the documents, the module related to the Premier League work is codenamed ‘RedBeard’.
The activity appears to start during the week football matches or PPV events take place. A set of scripts at anti-piracy company Friend MTS are tasked with producing lists of IP addresses that are suspected of being connected to copyright infringement. These addresses are subsequently dumped to Amazon S3 buckets and the data is used by ISPs to block access to infringing video streams, the documents indicate.
During actual event scanning, content is either manually or fingerprint matched, with IP addresses extracted from DNS information related to hostnames in media URLs, load balancers, and servers hosting Electronic Program Guides (EPG), all of which are used by unlicensed IPTV services.
Confirmed: Sky is Supplying Traffic Data to Assist IPTV Blocking
The big question then is how the Premier League’s anti-piracy partner discovers the initial server IP addresses that it subsequently puts forward for ISP blocking.
According to documents reviewed by TF, information comes from three sources – the anti-piracy company’s regular monitoring (which identifies IP addresses and their /24 range), manually entered IP addresses (IP addresses and ports), and a third, potentially more intriguing source – ISPs themselves.
“ISPs provide lists of Top Talker IP addresses, these are the IP addresses that they see on their network which many consumers are receiving a large sum of bandwidth from,” one of the documents reveals.
“The IP addresses are the uploading IP address which host information which the ISP’s customers are downloading information from. They are not the IP addresses of the ISP’s customer’s home internet connections.”
The document revealing this information is not dated but other documents in the batch reference dates in 2021. At the time of publishing date, the document indicates that ISP cooperation is currently limited to Sky Broadband only. TorrentFreak asked Friend MTS if that remains the case or whether additional ISPs are now involved.
Some of the most successful and lucrative online scams employ a “low-and-slow” approach — avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period. Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online.
The data in this story come from a trusted source in the security industry who has visibility into a network of hacked machines that fraudsters in just about every corner of the Internet are using to anonymize their malicious Web traffic. For the past three years, the source — we’ll call him “Bill” to preserve his requested anonymity — has been watching one group of threat actors that is mass-testing millions of usernames and passwords against the world’s major email providers each day.
You might think that whoever is behind such a sprawling crime machine would use their access to blast out spam, or conduct targeted phishing attacks against each victim’s contacts. But based on interactions that Bill has had with several large email providers so far, this crime gang merely uses custom, automated scripts that periodically log in and search each inbox for digital items of value that can easily be resold.
And they seem particularly focused on stealing gift card data.
“Sometimes they’ll log in as much as two to three times a week for months at a time,” Bill said. “These guys are looking for low-hanging fruit — basically cash in your inbox. Whether it’s related to hotel or airline rewards or just Amazon gift cards, after they successfully log in to the account their scripts start pilfering inboxes looking for things that could be of value.”
A sample of some of the most frequent search queries made in a single day by the gift card gang against more than 50,000 hacked inboxes.
According to Bill, the fraudsters aren’t downloading all of their victims’ emails: That would quickly add up to a monstrous amount of data. Rather, they’re using automated systems to log in to each inbox and search for a variety of domains and other terms related to companies that maintain loyalty and points programs, and/or issue gift cards and handle their fulfillment.
Why go after hotel or airline rewards? Because these accounts can all be cleaned out and deposited onto a gift card number that can be resold quickly online for 80 percent of its value.
[…]
Bill’s data also shows that this gang is so aggressively going after gift card data that it will routinely seek new gift card benefits on behalf of victims, when that option is available. For example, many companies now offer employees a “wellness benefit” if they can demonstrate they’re keeping up with some kind of healthy new habit, such as daily gym visits, yoga, or quitting smoking.
Bill said these crooks have figured out a way to tap into those benefits as well.
“A number of health insurance companies have wellness programs to encourage employees to exercise more, where if you sign up and pledge to 30 push-ups a day for the next few months or something you’ll get five wellness points towards a $10 Starbucks gift card, which requires 1000 wellness points,” Bill explained. “They’re actually automating the process of replying saying you completed this activity so they can bump up your point balance and get your gift card.”
[…]
several large Internet service providers (ISPs) in Germany and France are heavily represented in the compromised email account data.
“With some of these international email providers we’re seeing something like 25,000 to 50,000 email accounts a day get hacked,” Bill said. “I don’t know why they’re getting popped so heavily.”
Apple on Friday said it intends to delay the introduction of its plan to commandeer customers’ own devices to scan their iCloud-bound photos for illegal child exploitation imagery, a concession to the broad backlash that followed from the initiative.
“Previously we announced plans for features intended to help protect children from predators who use communication tools to recruit and exploit them and to help limit the spread of Child Sexual Abuse Material,” the company said in a statement posted to its child safety webpage.
“Based on feedback from customers, advocacy groups, researchers and others, we have decided to take additional time over the coming months to collect input and make improvements before releasing these critically important child safety features.”
[…]
Apple – rather than actually engaging with the security community and the public – published a list of Frequently Asked Questions and responses to address the concern that censorious governments will demand access to the CSAM scanning system to look for politically objectionable images.
“Could governments force Apple to add non-CSAM images to the hash list?” the company asked in its interview of itself, and then responded, “No. Apple would refuse such demands and our system has been designed to prevent that from happening.”
Apple however has not refused government demands in China with regard to VPNs or censorship. Nor has it refused government demands in Russia, with regard to its 2019 law requiring pre-installed Russian apps.
Tech companies uniformly say they comply with all local laws. So if China, Russia, or the US were to pass a law requiring on-device scanning to be adapted to address “national security concerns” or some other plausible cause, Apple’s choice would be to comply or face the consequences – it would no longer be able to say, “We can’t do on-device scanning.”
Lenovo has come under fire for the Tips application on its tablets, which has been likened to indelible adware that forces folks to view ads.
One customer took to the manufacturer’s support forum late last month to say they were somewhat miffed to see an ad suddenly appear on screen to join Amazon Music on their Android-powered Lenovo Tab P11. The advertisement was generated as a push notification by the bundled Tips app.
“There is no option to dismiss,” the fondleslab fondler sighed. “You have to click to find out more. Further, these notifications cannot be disabled, nor can the Lenovo ‘Tips’ app be disabled.”
They went on to say: “This is not a tip. This is a push that is advertising a paid service. I loathe this sort of thing.”
Another chipped in: “I have a Lenovo Tab that also has this bloatware virus installed. There’s no way to disable the adverts (they call the ads tips, they’re not, they’re adverts for Amazon music etc.) This is ridiculous, Lenovo, I didn’t spend £170 on a tablet to be pumped with ads. Will not buy another Lenovo product.”
The U.S. Navy has successfully invented a special electronic device that is designed to stop people from talking. A form of non-lethal weapon, the new electronic device effectively repeats a speaker’s own voice back at them, and only them, while they attempt to talk.
It was developed, and patented back in 2019 but has only recently been discovered, according to a report by the New Scientist.
The main idea of the weapon is to disorientate a target so much that they will be unable to communicate effectively with other people.
Called acoustic hailing and disruption (AHAD), the weapon is able to record speech and instantly broadcast it at a target in milliseconds. Much like an annoying sibling, this action will disrupt the target’s concentration, and, in theory, discourage them from continuing to speak.
It is important to note that the device is unlikely to be used on the battlefield anytime soon and will probably be used as a form of crowd control.
[…]
“According to an illustrative embodiment of the present disclosure, a target’s speech is directed back to them twice, once immediately and once after a short delay. This delay creates delayed auditory feedback (DAF), which alters the speaker’s normal perception of their own voice. In normal speech, a speaker hears their own words with a slight delay, and the body is accustomed to this feedback. By introducing another audio feedback source with a sufficiently long delay, the speaker’s concentration is disrupted and it becomes difficult to continue speaking.”
If you want to see the thing in action, the patent filing handily also includes a sort of promotional video of another device that works in a similar way.
The device effectively annoys someone into not speaking
AHAD works by using a series of directional microphones and speakers that can target a speaker’s voice. The speech is then recorded and transmitted back in the same direction.
Interestingly, the broadcasted sound is on a narrow beam and will only be heard by the speaker. This will not only confuse the target but, ultimately, prevent them from being to concentrate and stop talking. The behavior of the target will be noticeably altered by the action, likely also confusing anyone who was listening to the target person. Put another way, such a weapon will make you think you’re going crazy — so too the people around you.
After months of Take-Two Interactive attacking and fighting GTA modders, the folks behind the long-in-developmentSan Andreas mod, GTA Underground, have killed the project and removed it from the web over “increasing hostility” from Take-Two and fears of further legal problems.
“Due to the increasing hostility towards the modding community and imminent danger to our mental and financial well-being,” explained dkluin, “We sadly announce that we are officially ceasing the development of GTA: Underground and will be shortly taking all official uploads offline.”
GTA Underground is a mod created for GTA San Andreaswith the goal of merging all of the previous GTA maps into one mega environment. The mod even aimed to bring other cities from non-GTA games developed by Rockstar into San Andreas, including the cities featured in Bully and Manhunt.
The mod had already faced some problems from Take-Two in July. As result, it was removed from ModDB. It is now removed from all other official sources and sites.
In 2018, Kotaku interviewed dkluin about the mod and all the work going into it. He had started development on it back in 2014, when he was only 14 years old. GTA Underground isn’t a simple copy-and-paste job, instead, the modders added AI and traffic routines to every map, making them fully playable as GTA cities. The team also had plans to add more cities to the game, including their own custom creations.
U.S. federal judge Leonie Brikema ruled this week that an AI can’t be listed as an inventor on a U.S. patent under current law. The case was brought forward by Stephen Thaler, who is part of the Artificial Inventor Project, an international initiative that argues that an AI should be allowed to be listed as an inventor in a patent (the owner of the AI would legally own the patent).
Thaler sued the U.S. Patent and Trademark Office after it denied his patent applications because he had listed the AI named DABUS as the inventor of a new type of flashing light and a beverage container. In various responses spanning several months, the Patent Office explained to Thaler that a machine does not qualify as an inventor because it is not a person. In fact, the machine is a tool used by people to create inventions, the agency maintained.
Brikema determined that the Patent Office correctly enforced the nation’s patent laws and pointed out that it basically all boils down to the everyday use of language. In the latest revision of the nation’s patent law in 2011, Congress explicitly defined an inventor as an “individual.” The Patent Act also references an inventor using words such as “himself” and herself.”
“By using personal pronouns such as ‘himself or herself’ and the verb ‘believes’ in adjacent terms modifying ‘individual,’ Congress was clearly referencing a natural person,” Brikema said in her ruling, which you can read in full at the Verge. “Because ‘there is a presumption that a given term is used to mean the same thing throughout a statute,’ the term ‘individual’ is presumed to have a persistent meaning throughout the Patent Act.”
[…]
“As technology evolves, there may come a time when artificial intelligence reaches a level of sophistication such that might satisfy accepted meanings of inventorship. But that time has not yet arrived, and, if it does, it will be up to Congress to decide how, if it at all, it wants to expand the scope of patent law,” Brikema said.
In a recent update, Summers shared the grim news that the books would no longer go into production.
“Tonight I pulled the plug on the Hand-Drawn Game Guides Kickstarter. Yes, for exactly the reason you think it’s for,” he said in an update on Kickstarter. “I had hoped that I could successfully navigate any legal trouble, but alas I wasn’t able to do so.”
For fans of the project, it’s a major bummer — but Summers says he’s still grateful for the experience.
“Of course I’m disappointed, but I completely understand why this happened,” he explained. “It’s okay. I’m not mad.”
For now, all orders for the game guides will be cancelled, although Summers says he’ll find out whether the project is truly dead in the water “in the coming days”. Backers can expect a cancellation email shortly if they don’t already have one, and all money will be refunded via your payment method.
Here’s to hoping Summers is still able to produce these guides in some capacity, whether that be through official channels or an entire rework of the project.
These Hand-Drawn Game Guides deserve their time in the sun, and a place on all our shelves, regardless of Nintendo’s efforts to nuke the project.
Reddit has finally cracked down on COVID-19 misinformation following growing calls to act, although it probably won’t satisfy many of its critics. The social site has banned r/NoNewNormal and quarantined 54 other COVID-19 denial subreddits, but not over the false claims themselves. Instead, it’s for abuse — NoNewNormal was caught brigading en masse (that is, flooding other subreddits) despite warnings, while the other communities violated a rule forbidding harassment and bullying.
The company didn’t, however, relent on its approach to tackling the misinformation itself. Reddit said it clamps down on posts that encourage a “significant risk of physical harm” or are manipulations intended to mislead others, but made no mention of purging posts or subreddits merely for making demonstrably false claims about COVID-19 or vaccines.
Reddit previously defended its position by arguing its platform was meant to foster “open and authentic” conversations, even if they disagree with a widely established consensus. However, that stance hasn’t satisfied many of Reddit’s users. Business Insidernoted 135 subreddits went “dark” (that is, went private) in protest over Reddit’s seeming tolerance of COVID-19 misinformation, including major communities like r/TIFU.
Critics among those groups contended that Reddit let these groups blossom through “inaction and malice,” and that Reddit wasn’t consistent in enforcing its own policies on misinformation and abuse. As one redditor pointed out, Reddit’s claims about allowing dissenting ideas don’t carry much weight — the COVID-19 denial groups are presenting false statements, not just contrary opinions.
Even if you don’t live in Texas, you’ve likely heard about the state’s draconian abortion restrictions that officially went into effect on Wednesday. The so-called “Heartbeat Bill,” aka Senate Bill 8, makes it fully illegal for anyone—friends, family, doctors—across Texas to help women access an abortion in the state after their sixth week of pregnancy.
You might have also seen the digital tipline that’s been set up to snitch on anyone violating the new law. The site was launched about a month ago by Texas Right To Life, a well-funded player in the world of anti-abortion politics.
“Any Texan can bring a lawsuit against an abortionist or someone aiding and abetting an abortion after six weeks,” the website reads. “If these individuals are proved to be violating the law, they have to pay a fine of at least $10,000.” It’s worth noting here that because “aiding and abetting” is such a vague term, others have used the impending law to not only justify going after the doctors or clinicians performing these medical procedures but anyone who helps women get an abortion in any way. This includes driving a friend to the clinic, or lending someone money so they can get an abortion they can’t afford on their own.
As you might expect with a tipline like this, people didn’t waste any time flooding the line with the vilest stuff you can think of: fake claims, furry porn, pictures of Shrek, you name it.
Unfortunately, overloading the site with pictures of everyone’s favorite ogre wasn’t enough to knock it from the web, nor were the multiple denial-of-service attacks that slammed the site on the eve before the bill was set to go into action. But there is another route people can take: pleading with the site’s hosting provider. In this case, the registrar is GoDaddy—a company that’s historically known for being kind of terribleallaround, but also one with a slew of rules for what its sites can be used for. In the company’s terms of service for users, GoDaddy mandates that its site owners cannot use a GoDaddy-hosted site to:
collect or harvest (or permit anyone else to collect or harvest) any User Content (as defined below) or any non-public or personally identifiable information about another User or any other person or entity without their express prior written consent.
The ToS also states that GoDaddy’s customers cannot use its platform in a manner that “violates the privacy or publicity rights of another User or any other person or entity, or breaches any duty of confidentiality that you owe to another User or any other person or entity.” In either case, a site solely set up to out people who try to help someone attain a sensitive, stigmatized medical procedure probably fall under this domain.
GoDaddy has its own specific tipline set up for users to reach when they see a site falling afoul of the company’s privacy rules: privacy@godaddy.com. People can also file out an abuse report with the platform, and let GoDaddy know that they’ve come across “content that displays personal information.” While the examples that GoDaddy gives in the form are sites listing people’s social security or credit card numbers, the Texas tipline is a pretty clear privacy violation of a different sort.
Aside from violating the privacy of god knows how many women, along with their friends, family, and doctors, the site also apparently violates the privacy of people submitting tips. A Gizmodo analysis of the webpage for submitting tips found that when these memos are “anonymously” submitted, the site covertly harvests the IP address of whoever submits the tip via a hidden field.
“It occurred to us that actually a clock is a thermal machine,”[…]Like an engine, a clock harnesses the flow of energy to do work, producing exhaust in the process. Engines use energy to propel; clocks use it to tick.
Over the past five years, through studies of the simplest conceivable clocks, the researchers have discovered the fundamental limits of timekeeping. They’ve mapped out new relationships between accuracy, information, complexity, energy and entropy — the quantity whose incessant rise in the universe is closely associated with the arrow of time.
These relationships were purely theoretical until this spring, when the experimental physicist Natalia Ares and her team at the University of Oxford reported measurements of a nanoscale clock that strongly support the new thermodynamic theory.
[…]
The first thing to note is that pretty much everything is a clock. Garbage announces the days with its worsening smell. Wrinkles mark the years. “You could tell time by measuring how cold your coffee has gotten on your coffee table,”
[…]
Huber, Erker and their colleagues realized that a clock is anything that undergoes irreversible changes: changes in which energy spreads out among more particles or into a broader area. Energy tends to dissipate — and entropy, a measure of its dissipation, tends to increase — simply because there are far, far more ways for energy to be spread out than for it to be highly concentrated. This numerical asymmetry, and the curious fact that energy started out ultra-concentrated at the beginning of the universe, are why energy now moves toward increasingly dispersed arrangements, one cooling coffee cup at a time.
Not only do energy’s strong spreading tendency and entropy’s resulting irreversible rise seem to account for time’s arrow, but according to Huber and company, it also accounts for clocks. “The irreversibility is really fundamental,” Huber said. “This shift in perspective is what we wanted to explore.”
Coffee doesn’t make a great clock. As with most irreversible processes, its interactions with the surrounding air happen stochastically. This means you have to average over long stretches of time, encompassing many random collisions between coffee and air molecules, in order to accurately estimate a time interval. This is why we don’t refer to coffee, or garbage or wrinkles, as clocks.
We reserve that name, the clock thermodynamicists realized, for objects whose timekeeping ability is enhanced by periodicity: some mechanism that spaces out the intervals between the moments when irreversible processes occur. A good clock doesn’t just change. It ticks.
The more regular the ticks, the more accurate the clock. In their first paper, published in Physical Review X in 2017, Erker, Huber and co-authors showed that better timekeeping comes at a cost: The greater a clock’s accuracy, the more energy it dissipates and the more entropy it produces in the course of ticking.
“A clock is a flow meter for entropy,” said Milburn.
They found that an ideal clock — one that ticks with perfect periodicity — would burn an infinite amount of energy and produce infinite entropy, which isn’t possible. Thus, the accuracy of clocks is fundamentally limited.
Indeed, in their paper, Erker and company studied the accuracy of the simplest clock they could think of: a quantum system consisting of three atoms. A “hot” atom connects to a heat source, a “cold” atom couples to the surrounding environment, and a third atom that’s linked to both of the others “ticks” by undergoing excitations and decays. Energy enters the system from the heat source, driving the ticks, and entropy is produced when waste energy gets released into the environment.
Samuel Velasco/Quanta Magazine
The researchers calculated that the ticks of this three-atom clock become more regular the more entropy the clock produces. This relationship between clock accuracy and entropy “intuitively made sense to us,” Huber said, in light of the known connection between entropy and information.
In precise terms, entropy is a measure of the number of possible arrangements that a system of particles can be in. These possibilities grow when energy is spread more evenly among more particles, which is why entropy rises as energy disperses. Moreover, in his 1948 paper that founded information theory, the American mathematician Claude Shannon showed that entropy also inversely tracks with information: The less information you have about, say, a data set, the higher its entropy, since there are more possible states the data can be in.
“There’s this deep connection between entropy and information,” Huber said, and so any limit on a clock’s entropy production should naturally correspond to a limit of information — including, he said, “information about the time that has passed.”
In another paper published in Physical Review X earlier this year, the theorists expanded on their three-atom clock model by adding complexity — essentially extra hot and cold atoms connected to the ticking atom. They showed that this additional complexity enables a clock to concentrate the probability of a tick happening into narrower and narrower windows of time, thereby increasing the regularity and accuracy of the clock.
In short, it’s the irreversible rise of entropy that makes timekeeping possible, while both periodicity and complexity enhance clock performance. But until 2019, it wasn’t clear how to verify the team’s equations, or what, if anything, simple quantum clocks had to do with the ones on our walls.
[…]
The vibrating membrane isn’t a quantum system, but it’s small and simple enough to allow precise tracking of its motion and energy use. “We can tell from the energy dissipation in the circuit itself how much the entropy changes,” Ares said.
She and her team set out to test the key prediction from Erker and company’s 2017 paper: That there should be a linear relationship between entropy production and accuracy. It was unclear whether the relationship would hold for a larger, classical clock, like the vibrating membrane. But when the data rolled in, “we saw the first plots [and] we thought, wow, there is this linear relationship,” Huber said.
The regularity of the membrane clock’s vibrations directly tracked with how much energy entered the system and how much entropy it produced. The findings suggest that the thermodynamic equations the theorists derived may hold universally for timekeeping devices.
[…]
One major aspect of the mystery of time is the fact that it doesn’t play the same role in quantum mechanics as other quantities, like position or momentum; physicists say there are no “time observables” — no exact, intrinsic time stamps on quantum particles that can be read off by measurements. Instead, time is a smoothly varying parameter in the equations of quantum mechanics, a reference against which to gauge the evolution of other observables.
Physicists have struggled to understand how the time of quantum mechanics can be reconciled with the notion of time as the fourth dimension in Einstein’s general theory of relativity, the current description of gravity. Modern attempts to reconcile quantum mechanics and general relativity often treat the four-dimensional space-time fabric of Einstein’s theory as emergent, a kind of hologram cooked up by more abstract quantum information. If so, both time and space ought to be approximate concepts.
The clock studies are suggestive, in showing that time can only ever be measured imperfectly. The “big question,” said Huber, is whether the fundamental limit on the accuracy of clocks reflects a fundamental limit on the smooth flow of time itself — in other words, whether stochastic events like collisions of coffee and air molecules are what time ultimately is.
Pfizer’s COVID-19 vaccine is now not only approved for everyone over 16 years old, it’s recommended.
On Monday, an independent advisory committee to the Centers for Disease Control and Prevention voted unanimously to support recommending the vaccine.
The decision of those 14 experts was based on overwhelming evidence that Pfizer’s 2-shot immunization, named Comirnaty, which was fully approved by the Food and Drug Administration last week, is not only safe but also works very well at preventing disease.
The independent experts on the CDC panel cheered on the creation of the COVID-19 vaccines in the midst of a pandemic, calling it a “miraculous accomplishment” and “a moment of incredible scientific innovation.”
Here are eight charts and graphs that lay out why Pfizer’s vaccine was given a big thumbs up:
COVID-19 vaccines are doing a great job keeping people healthy, alive, and out of the hospital.
Centers for Disease Control and Prevention ACIP meeting Aug. 30, 2021 https://www.cdc.gov/vaccines/acip/meetings/slides-2021-08-30.html
The CDC committee looked at data from across the US showing unvaccinated adults are being hospitalized for COVID-19 at rates roughly 16 times higher than the vaccinated.
As of August 23, 0.006% of vaccinated Americans (fewer than 9,000 people) have had a severe enough case of COVID-19 to be hospitalized, according to CDC data.
The number of vaccinated people who’ve died from COVID-19 is even smaller. Of the 636,015 American COVID-19 deaths, just 2,063, or 0.3% have been in vaccinated people, a tiny fraction when you consider that more than 174 million people are fully vaccinated in the US.
Unvaccinated people under age 50 are getting hospitalized at especially high rates this year.
The CDC tracks these rates of COVID-19 hospitalizations through COVID-NET, a system which collects data from 250 hospitals across 14 states (located in different areas of the country) every week.
It’s true that more vaccinated people are now catching COVID-19, due to the Delta variant. But their cases are generally mild and the vaccines are still preventing severe disease well.
Docker will restrict use of the free version of its Docker Desktop utility to individuals or small businesses, and has introduced a new more expensive subscription, as it searches for a sustainable business model.
The company has renamed its Free plan to “Personal” and now requires that businesses with 250 or more employees, or higher than $10m in annual revenue, must use a paid subscription if they require Docker Desktop. There are no changes to the command-line Docker Engine. The $5/month Pro and $7/month Teams subscriptions continue as before, but a new $21/month Business subscription adds features including centralized management, single sign-on, and enhanced security.
The new Docker plans
The Docker platform has a number of components, of which Docker Desktop is just one part. Docker images define the contents of containers. Docker containers are runnable instances of images. The Docker daemon is a background application that manages and runs Docker images and containers. The Docker client is a command-line utility that calls the API of the Docker daemon. Docker registries contain images, and the Docker Hub is a widely used public registry. Much of Docker (but not Desktop) is open source under the Apache v2 licence.
Over 135 subreddits have gone dark this week in protest of Reddit’s refusal to ban communities that spread misinformation about the COVID pandemic and vaccines.
Subreddits that went private include two with 10 million or more subscribers, namely r/Futurology and r/TIFU. The PokemonGo community is one of 15 other subreddits with at least 1 million subscribers that went private; another 15 subreddits with at least 500,000 subscribers also went private. They’re all listed in a post on r/VaxxHappened which has been coordinating opposition to Reddit management’s stance on pandemic misinformation. More subreddits are being added as they join the protest.
“Futurology has gone private to protest Reddit’s inaction on COVID-19 misinformation,” a message on that subreddit says. “Reddit won’t enforce their policies against misinformation, brigading, and spamming. Misinformation subreddits such as NoNewNormal and r/conspiracy must be shut down. People are dying from misinformation.”
[…]
Last week, the moderators of over 450 subreddits joined an open letter urging Reddit to “take action against the rampant Coronavirus misinformation on their website,” saying that subreddits existing “solely to spread medical disinformation and undermine efforts to combat the global pandemic should be banned.”
Reddit published a response defending its stance, saying it will continue to allow “debate” and “dissent” on vaccines and other COVID-related matters, even when it “challenge[s] consensus views.”
“We appreciate that not everyone agrees with the current approach to getting us all through the pandemic, and some are still wary of vaccinations. Dissent is a part of Reddit and the foundation of democracy,” the company said.
Reddit does draw a line somewhere, as it said it will continue to take action against communities “dedicated to fraud (e.g. fake vaccine cards) or encouraging harm (e.g. consuming bleach).” But in general, Reddit said, “we believe it is best to enable communities to engage in debate and dissent, and for us to link to the CDC wherever appropriate.”
The Australian government has been moving towards a surveillance state for some years already. Now they are putting the nail in the coffin with an unprecedented surveillance bill that allows the police to hack your device, collect or delete your data, and take over your social media accounts; without sufficient safeguards to prevent abuse of these new powers.
This month the Australian government has passed a sweeping surveillance bill, worse than any similar legislation in any other five eye country.
The Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 gives the Australian Federal Police (AFP) and the Australian Criminal Intelligence Commission (ACIC) three new powers for dealing with online crime:
Data disruption warrant: gives the police the ability to “disrupt data” by modifying, copying, adding, or deleting it.
Network activity warrant: allows the police to collect intelligence from devices or networks that are used, or likely to be used, by those subject to the warrant
Account takeover warrant: allows the police to take control of an online account (e.g. social media) for the purposes of gathering information for an investigation.
The two Australian law enforcement bodies AFP and ACIC will soon have the power to modify, add, copy, or delete your data should you become a suspect in the investigation of a serious crime.
What makes this legislation even worse is that there is no judicial oversight. A data disruption or network activity warrant could be issued by a member of the Administrative Appeals Tribunal, a judge’s warrant is not needed.
Australian companies obliged to comply
When presented with such warrant from the Administrative Appeals Tribunal, Australian companies, system administrators etc. must comply, and actively help the police to modify, add, copy, or delete the data of a person under investigation. Refusing to comply could have one end up in jail for up to ten years, according to the new bill.
[…]
Politicians justify the need for the bill by stating that it is intended to fight child exploitation (CSAM) and terrorism. However, the bill itself enables law enforcement to investigate any “serious Commonwealth offence” or “serious State offence that has a federal aspect”.
As soon as it says a law is against Child Porn you know it’s going to be used for a whole load of other things that wouldn’t stand up to public inspection. But who can be against anti-Child Porn stuff, right?
John Binns, a 21-year-old American who now lives in Turkey, told the Wall Street Journal that he was behind the T-Mobile security breach that affected more than 50 million people earlier this month.
The intrigue: Binns said he broke through the T-Mobile defenses after discovering an unprotected router exposed on the internet, after scanning the carrier’s internet addresses for weak spots using a publicly available tool.
“I was panicking because I had access to something big,” he wrote in Telegram messages to the Journal. “Their security is awful.”
“Generating noise was one goal,” Binns said. He declined to say whether he sold any of the information he stole, or whether he was paid for the hack.
The big picture: It was the third major data leak the network has disclosed in the last two years, per WSJ. T-Mobile is the second-largest U.S. mobile carrier, housing the data of around 90 million cellphones.
Background: Some of the information exposed in the breach included names, dates of birth, social security numbers and personal ID information. The breach is being investigated Seattle’s FBI office, according to the Journal.
according to a new study, the food you ate just before your walk past the bakery may impact your likelihood of stopping in for a sweet treat—and not just because you’re full.
Scientists at Northwestern University found that people became less sensitive to food odors based on the meal they had eaten just before. So, if you were snacking on baked goods from a coworker before your walk, for example, you may be less likely to stop into that sweet-smelling bakery.
The study, “Olfactory perceptual decision-making is biased by motivational state,” will be published August 26 in the journal PLOS Biology.
Smell regulates what we eat, and vice versa
The study found that participants who had just eaten a meal of either cinnamon buns or pizza were less likely to perceive “meal-matched” odors, but not non-matched odors. The findings were then corroborated with brain scans that showed brain activity in parts of the brain that process odors was altered in a similar way.
These findings show that just as smell regulates what we eat, what we eat—in turn—regulates our sense of smell.
[…]
To conduct the study, the team developed a novel task in which participants were presented with a smell that was a mixture between a food and a non-food odor (either “pizza and pine” or “cinnamon bun and cedar”—odors that “pair well” and are distinct from each other). The ratio of food and non-food odor varied in each mixture, from pure food to pure non-food. After a mixture was presented, participants were asked whether the food or the non-food odor was dominant.
Participants completed the task twice inside an MRI scanner: First, when they were hungry, then, after they’d eaten a meal that matched one of the two odors.
“In parallel with the first part of the experiment running in the MRI scanner, I was preparing the meal in another room,” Shanahan said. “We wanted everything fresh and ready and warm because we wanted the participant to eat as much as they could until they were very full.”
The team then computed how much food odor was required in the mixture in each session for the participant to perceive the food odor as dominant. The team found when participants were hungry, they needed a lower percentage of food odor in a mixture to perceive it as dominant—for example, a hungry participant may require a 50 percent cinnamon bun-to-cedar mixture when hungry, but 80 percent when full of cinnamon buns.
Through brain imaging, the team provided further evidence for the hypothesis. Brain scans from the MRI demonstrated a parallel change occurring in the part of the brain that processes odors after a meal. The brain’s response to a meal-matched odor was less “food-like” than responses to a non-matched meal odor.
In the past 11 days, both Crucial and Western Digital have been caught swapping the TLC NAND used for certain products with inferior QLC NAND without updating product SKUs or informing reviewers that this change was happening. Shipping one product to reviewers and a different product to consumers is unacceptable and we recently recommended that readers buy SSDs from Samsung or Intel in lieu of WD or Crucial.
As of today, we have to take Samsung off that list. One difference in this situation is that Samsung isn’t swapping TLC for QLC — it’s swapping the drive controller + TLC for a different, inferior drive controller and different TLC. The net effect is still a steep performance decline in certain tests. We’ve asked Intel to specifically confirm it does not engage in this kind of consumer-hostile behavior and will report back if it does.
The other beats of this story are familiar. Computerbase.de reports on a YouTube Channel, 潮玩客, which compared two different versions of the Samsung 970 Plus. Both drives are labeled with the same sticker declaring them to be a 970EVO Plus, but the part numbers are different. One drive is labeled the MZVLB1T0HBLR (older, good) and one is the MZVL21T0HBLU (newer, inferior).
Right-click and open in a new window for a full-size image. (Photo: 潮玩客)
Peel the sticker back, and the chips underneath are rather different. The Phoenix drive (top) is older than the Elpis drive on the bottom. Production dates for drives point to April for the older product and June for the newer. A previous version of this post misstated the dating, ET regrets the error. Thanks to Eldakka for catching it.
Right-click and open in a new window for a full-size image. (Photo: 潮玩客)
And — just as we’ve seen from Crucial and Western Digital — performance in some benchmarks after the swap is just fine, while other benchmarks crater. Here’s what write performance looks like when measured over much of the drive(s):
Right-click and open in a new window for a full-size image. (Photo: 潮玩客)
The original 970 Plus starts with solid performance and holds it for the entire 200GB test. The right-hand SSD is even faster than the OG 970 Plus until we hit the 120GB mark, at which point performance drops to 50 percent of what it was. Real-world file copies also bear this out, with one drive holding 1.58GB/s and one at 830MB/s. TLC hasn’t been swapped for QLC, but the 50 percent performance hit in some tests is as bad as what we see when it has been.
The only thing worse than discovering a vendor is cheating people is discovering that lots of vendors have apparently decided to cheat people. I don’t know what kind of substances got passed around the last time NAND manufacturers threw themselves a summit, but next time there needs to be more ethics and less marijuana. Or maybe there needs to be more ethics and marijuana, but less toluene. I’m open to suggestions, really.
Slashdot has confirmed with the U.S. Bankruptcy Court for the District of Delaware that after 18 years of legal maneuvering, SCO’s bankruptcy case (first filed in 2007) is now “awaiting discharge.”
Long-time Slashdot reader rkhalloran says they know the reason: Papers filed 26 Aug by IBM & SCOXQ in U.S. Bankruptcy Court in Delaware for a proposed settlement, Case 07-11337-BLS Doc 1501:
By the Settlement Agreement, the Trustee has reached a settlement with IBM that resolves all of the remaining claims at issue in the Utah Litigation (defined below). The Settlement Agreement is the culmination of extensive arm’s length negotiation between the Trustee and IBM.
Under the Settlement Agreement, the Parties have agreed to resolve all disputes between them for a payment to the Trustee, on behalf of the Estates, of $14,250,000. For the reasons set forth more fully below, the Trustee submits the Settlement Agreement and the settlement with IBM are in the best interests of the Estates and creditors, are well within the range of reasonableness, and should be approved.
The proposed order would include “the release of the Estates’ claims against IBM and vice versa” (according to this PDF attributed to SCO Group and IBM uploaded to scribd.com). And one of the reasons given for the proposed settlement? “The probability of the ultimate success of the Trustee’s claims against IBM is uncertain,” according to an IBM/SCO document on Scribd.com titled Trustee’s motion: For example, succeeding on the unfair competition claims will require proving to a jury that events occurring many years ago constituted unfair competition and caused SCO harm. Even if SCO were to succeed in that effort, the amount of damages it would recover is uncertain and could be significantly less than provided by the Settlement Agreement. Such could be the case should a jury find that (1) the amount of damage SCO sustained as a result of IBM’s conduct is less than SCO has alleged, (2) SCO’s damages are limited by a $5 million damage limitation provision in the Project Monterey agreement, or (3) some or all of IBM’s Counterclaims, alleging millions of dollars in damages related to IBM’s Linux activities and alleged interference by SCO, are meritorious.
Although the Trustee believes the Estates would ultimately prevail on claims against IBM, a not insignificant risk remains that IBM could succeed with its defenses and/or Counterclaims
The U.S. Bankruptcy Court for the District of Delaware told Slashdot that the first meeting of the creditors will be held on September 22nd, 2021.
Streetlights—particularly those that use white light-emitting diodes (LEDs)—not only disrupt insect behavior but are also a culprit behind their declining numbers, a new study carried out in southern England showed Wednesday.
Artificial lights at night had been identified as a possible factor behind falling insect populations around the world, but the topic had been under-researched.
To address the question, scientists compared 26 roadside sites consisting of either hedgerows or grass verges that were lit by streetlights, against an equal number of nearly identical sites that were unlit.
They also examined a site with one unlit and two lit sections, all of which were similar in their vegetation.
The team chose moth caterpillars as a proxy for nocturnal insects more broadly, because they remain within a few meters of where they hatched during the larval stage of their lives, before they acquire the ability to fly.
The team either struck the hedges with sticks so that the caterpillars fell out, or swept the grass with nets to pick them up.
The results were eye-opening, with a 47 percent reduction in insect population at the hedgerow sites and 37 percent reduction at the roadside grassy areas.
[…]
The lighting also disturbed their feeding behavior: when the team weighed the caterpillars, they found that those in the lighted areas were heavier.
[…]
The team found that the disruption was most pronounced in areas lit by LED lights as opposed to high-pressure sodium (HPS) lamps or older low-pressure sodium (LPS) lamps, both of which produce a yellow-orange glow that is less like sunlight.
[…]
there are really quite accessible solutions,” said Boyes—like applying filters to change the lamps’ color, or adding shields so that the light shines only on the road, not insect habitats.
The Glowworm Attack, as the discovery is called, follows similar research from the university published in 2020 that found an electro-optical sensor paired with a telescope was able to decipher the sounds in a room. Sound waves bounced off a hanging light bulb create nearly imperceptible changes in the lighting in the room. With the Glowworm Attack, the same technology that made Lamphone possible is repurposed to remotely eavesdrop on sounds in a room again, but using a completely different approach that many speaker makers apparently never even considered.
[…]
Pairing the sensor with a telescope allowed the security researchers at Ben-Gurion University to successfully capture and decipher sounds being played by a speaker at distances of up to 35 meters, or close to 115 feet. The results aren’t crystal clear (you can hear the remote recordings the researchers made on Ben Nassi’s website), and the noise increases the farther away from the speaker the capture device is used, but with some intelligent audio processing, the results can undoubtedly be improved.
The remote code execution flaw, CVE-2021-35395, was seen in Mirai malware binaries by threat intel firm Radware, which “found that new malware binaries were published on both loaders leveraged in the campaign.”
Warning that the vuln had been included in Dark.IoT’s botnet “less than a week” after it was publicly disclosed, Radware said: “This vulnerability was recently disclosed by IoT Inspectors Research Lab on August 16th and impacts IoT devices manufactured by 65 vendors relying on the Realtek chipsets and SDK.”
The critical vuln, rated 9.8 on the CVSS scale, consists of multiple routes to cause buffer overflows (PDF from Realtek with details) in the web management interface provided by Realtek in its Jungle SDK for its router chipset. CVE-2021-35395 is a denial-of-service vuln; crafted inputs from an attacker can be used to crash the HTTP server running the management interface, and thus the router.
[…]
Rather than having the capability to develop its own exploits, Dark.IoT sits around waiting for white hats to publish proof-of-concepts for newly discovered vulns, and Smith said they incorporate those into their botnet within “days.”
[…]
While Realtek has patched the vulns in the SDK, vendors using its white-label tech now have to distribute patches for their branded devices and then users have to install them – all while Dark.IoT and other Mirai-based criminals are looking for exploitable devices.
Leading Australian digital outdoor media company QMS, has unveiled its latest neuroscience study that demonstrates the relative impact of different Out of Home creative approaches and their overall effectiveness for brands.
In partnership with Neuro-Insight, this research study captured real-life, continuous digital and static OOH panels over consecutive days, to accurately measure how the human brain responds to a piece of creative advertising each day.
The study revealed that long term memory encoding, critical for campaign effectiveness, continues to grow in respondents that are exposed to evolving creative. In fact, creative that evolves was shown to deliver a 38% higher impact than that of static creative by day five.
Spanning 30 creatives across 15 categories, one of the strongest performing campaigns in the study harnessed the capabilities of digital OOH (DOOH) with a simple creative change that displayed the day of the week matched with the live temperature at the time, to deliver an 18% stronger result than the average DOOH campaign.
QMS Chief Strategy Officer, Christian Zavecz said that it was integral for both media owners and advertisers to properly understand the additional value the capabilities of DOOH delivers and how they can be used to drive greater campaign efficacy.
“DOOH in Australia already represents 61% of the industry* however, the uptake of creative capabilities amongst clients is still quite low. Now, for the first time, we can quantify what we have always intuitively thought about the medium. Incorporating the strategic use of creative evolution into a brand’s campaign is now proven to increase its effectiveness. The study also uncovered some important lessons about frequency and the role that DOOH, through its breadth of capabilities, can play in being able to maximise effective OOH campaign reach.”
