In October 2018, Winamp relaunched a leaked version of the updated code as version 5.8. As a longtime winamp user, I was excited – I have many mp3’s which are not available on streaming services and also find that when I search for stuff on Spotify they give me the royalty free Filipino girl band cover version instead of the version I’m looking for.
I’ve been fairly happy with the 5.8 version but it did drop support for eg adding ID3 tags automatically and a few other things. Not being a huge user of the music library I don’t know how that went, but I was happy that they had Milkdrop visualiser support.
Today I came upon the following post on Reddit: Winamp visualizer ported in webgl, like back in the days. You can import your own songs in it. and in the comments found a project called WACUP. It turns out that one of the prolific plug in writers, who was also contracted to work in Winamp itself, DrO has been using the 5.666 version to build a huge slew of updates on and it’s still in development.
So, I’m uninstalling 5.8 and going to have a look at WACUP. I’m looking forward to continuing kicking the Llama’s ass!
A recent breach has prompted fears of another SolarWinds-style hack that could have ramifications for numerous large companies. Reutersreports that federal officials are investigating a hack at Codecov, a code testing firm with 29,000 customers that include Proctor & Gamble, the Washington Post and tech companies like Atlassian and GoDaddy. The intrusion appears to have lasted for months, putting clients at risk.
Codecov said that attackers exploited a flaw in a Docker image creation process to make “periodic, unauthorized” changes to the company’s Bash Uploader script starting on January 31st. The modifications gave the hackers power to export customer info and send it to an outside server. However, Codecov only learned of the incident on April 1st.
Our investigation has determined that beginning January 31, 2021, there were periodic, unauthorized alterations of our Bash Uploader script by a third party, which enabled them to potentially export information stored in our users’ continuous integration (CI) environments. This information was then sent to a third-party server outside of Codecov’s infrastructure.
Two satellites from the fast-growing constellations of OneWeb and SpaceX’s Starlink dodged a dangerously close approach with one another in orbit last weekend, representatives from the US Space Force and OneWeb said. It’s the first known collision avoidance event for the two rival companies as they race to expand their new broadband-beaming networks in space.
On March 30th, five days after OneWeb launched its latest batch of 36 satellites from Russia, the company received several “red alerts” from the US Space Force’s 18th Space Control Squadron warning of a possible collision with a Starlink satellite. Because OneWeb’s constellation operates in higher orbits around Earth, the company’s satellites must pass through SpaceX’s mesh of Starlink satellites, which orbit at an altitude of roughly 550 km.
One Space Force alert indicated a collision probability of 1.3 percent, with the two satellites coming as close as 190 feet — a dangerously close proximity for satellites in orbit. If satellites collide in orbit, it could cause a cascading disaster that could generate hundreds of pieces of debris and send them on crash courses with other satellites nearby.
Currently, there’s no national or global authority that would force satellite operators to take action on predicted collisions. Space Force’s urgent alerts sent OneWeb engineers scrambling to email SpaceX’s Starlink team to coordinate maneuvers that would put the two satellites at safer distances from one another.
While coordinating with OneWeb, SpaceX disabled its automated AI-powered collision avoidance system to allow OneWeb to steer its satellite out of the way, according to OneWeb’s government affairs chief Chris McLaughlin. It was unclear why exactly SpaceX disabled the system. SpaceX, which rarely responds to reporters, did not return multiple requests for comment for this story, nor did David Goldman, the company’s director of satellite policy.
SpaceX’s automated system for avoiding satellite collisions has sparked controversy, raising concerns from other satellite operators who say they have no way of knowing which way the system will move a Starlink satellite in the event of a close approach. “Coordination is the issue,” McLaughlin says. “It is not sufficient to say ‘I’ve got an automated system,’ because the other guy may not have, and won’t understand what yours is trying to do.”
[…]
the sharp increase of satellites in orbit, mainly driven by SpaceX’s Starlink venture, has moved faster than any authority can regulate the industry for safety. McKissock says SpaceX has made efforts to increase its transparency in orbit; the company currently provides location data of its satellites to other operators. But its automated system for avoiding collisions is a closed book where openness and coordination are needed the most, analysts and operators say.
“What is the point of having it if you have to turn it off when there’s going to be a potential collision?” Victoria Samson of the Secure World Foundation says, adding that the void of any clear international framework for managing active objects in space makes it largely unclear who would be held responsible if a collision actually occurred.
Debian Project Secretary Kurt Roeckx has announced the results of a closely-watched vote on what statement would be made about Richard Stallman’s readmission to the Free Software Foundation’s board.
Seven options were considered, with the Debian project’s 420 voting developers also asked to rank their preferred outcomes:
Option 1: “Call for the FSF board removal, as in rms-open-letter.github.io”
Option 2: “Call for Stallman’s resignation from all FSF bodies”
Option 3: “Discourage collaboration with the FSF while Stallman is in a leading position”
Option 4: “Call on the FSF to further its governance processes”
Option 5: “Support Stallman’s reinstatement, as in rms-support-letter.github.io”
Option 6: “Denounce the witch-hunt against RMS and the FSF”
Option 7: “Debian will not issue a public statement on this issue”
While all seven options achieved a quorum of votes, two failed to achieve a majority — options 5 and 6. (“Support Stallman’s reinstatement” and “Denounce the witch-hunt…”) The option receiving the most votes was #7 (not issuing a public statement) — but it wasn’t that simple. The vote’s final outcome was determined by comparing every possible pair of options to determine which option would still be preferred by a majority of voters in each possible comparision.
In this case, that winner was still the option which had also received the most votes:
Debian will not issue a public statement on this issue. The Debian Project will not issue a public statement on whether Richard Stallman should be removed from leadership positions or not.
Any individual (including Debian members) wishing to (co-)sign any of the open letters on this subject is invited to do this in a personal capacity.
The results are captured in an elaborate graph. Numbers inside the ovals show the final ratio of yes to no votes (so a number higher than 1.00 indicates a majority, with much higher numbers indicating much larger majorities). Numbers outside the ovals (along the lines) indicate the number of voters who’d preferred the winning choice over the losing choice (toward which the arrow is pointing).
The U.S. Air Force has, for the first time, live-streamed data directly from the F-35A stealth fighter and onto a commercial computer tablet in the cockpit, during ground tests at Nellis Air Force Base in Nevada. The March 31 trial, part of the Fighter Optimization eXperiment, or FoX, demonstrated that data from the jet could be used to communicate with mobile apps running on the tablet and there are hopes that the same concept could be used in the future on other manned fighters, as well as drones.
In the initial trial, the flight test instrumentation system was streamed from the F-35’s onboard systems and onto the tablet, on which apps were running. The first two such apps, developed under Project FoX, are designed to help the pilot of the stealth jet negotiate hostile air defense systems, and to use artificial intelligence (AI) to combat the same types of threat.
U.S. Marine Corps
A pilot at Eglin Air Force Base, Florida, using an F-35 Full Mission Simulator.
Until now, although F-35 pilots regularly fly with a tablet on their knee, these haven’t been fully integrated with the cockpit and were not able to be physically plugged into the jet and receive real-time data from its own mission computers and its hugely powerful sensor suite. Now, as well as at Nellis, F-35s at Edwards Air Force Base and at Naval Air Weapons Station China Lake, both in California, are also trialing the FoX Tablet interface. So far, the work had only been conducted with the jets on the ground but, once safety and security aspects are addressed, they will be used in the air, too.
[…]
Previously, this type of information would be presented to the F-35 pilot on the all-glass touchscreen display, which can be customized to present different data, and via the helmet-mounted sight. Both have been the subject of various criticisms in the past, with pilots, for example, pointing to the apparent high degree of latency in information reaching the helmet, which has also been compared unfavorably to a traditional head-up display. The touchscreen doesn’t have any tactile feel or feedback, which can make tapping-in commands a bit challenging during certain environmental and combat conditions.
Even with these existing cockpit interfaces working seamlessly, there is still an argument to be made for having an additional source of situational awareness (SA), especially for the demanding SEAD mission, or other highly complex roles that the F-35 is increasingly finding itself used for, in the form of a tablet. A tablet is portable and, thanks to apps, can present a different tactical picture, or data set, than the other displays. Indeed, tablets are now a frequent fixture in the cockpits of — typically older-generation aircraft — to provide, for example, a means of displaying targeting pod data, or datalink-provided tactical and SA information, as well as flight manual and procedural info.
[…]
“There is no reason why I can’t test the same capability and app on F-18 before F-35 or risk reduce software on F-35 for use by unpiloted aircraft,” LeClair explained. “By connecting a tablet to an aircraft’s data bus, the warfighter and tester will be able to utilize an entire DoD Combat App store of tools, customized to help solve tactical problems in real time.”
[…]
As to how pilots will adapt to the FoX Tablet, LeClair said that “They want this, and they want it yesterday,” noting the “tremendous support from combat aviators.” LeClair likened the tablet concept to an electronic flight bag, the electronic information management device that has replaced the paperwork previously used for flight management tasks. In this way, the FoX Tablet would likely include flight maps, operating manuals, and perhaps even aircraft diagnostic data, as well as a range of apps optimized for different missions or test programs.
The tablet could also allow data to be displayed differently than what an aircraft’s cockpit displays will allow. For instance, 3D situational awareness display rendering, where threats and other situational and navigational information are displayed in a spatially volumetric form, can provide a huge advantage for aircrews trying to survive in a very dynamic and hostile environment. Some of the latest aircraft have wide area displays and graphics capabilities to do this. As far as we know, the F-35, whose systems are based on nearly 20-year-old tech today, is not capable of being able to generate this type of visual interface. But a tablet could be able to without upgrading the entire cockpit and its backend computing systems that drive its visual interfaces.
Boeing
The Super Hornet Block III’s wide-area display and powerful display processing technology can show a 3D instead of a 2D render of the situation around the aircraft at any given time.
After the FoX Tablet comes the FoX BoX, which should optimize its utility in the cockpit. This is being developed at NAWS China Lake, home to ongoing F/A-18E/F Super Hornet mission systems test work. It aims to use a cyber-secure chipset to run “high-level, AI-capable computer processors that will serve as an operating system to communicate to aircraft, allowing the FoX Tablet to function mainly as a visual interface for aircrew.“
Meanwhile, ground tests of the tablet will continue on the F-35, before moving to the F/A-18, F-16, and the F-22. A first test flight — aboard an as yet unconfirmed platform — should take place later this year.
NASA has chosen Elon Musk‘s SpaceX to build the spacecraft that take the first woman and next man to the moon.
The American space agency made the official announcement Friday, which includes SpaceX’s $2.9 billion contract to build the lunar lander that is reportedly much lower than what competitors bid.
The Washington Post shared the news hours before saying the Musk-owned firm beat out Jeff Bezos’ Blue Origin and Dynetics.
Bezos owns the Post, which branded Musk’s win a ‘stunning victory’ over his Amazon tycoon’s rival effort.
Monster Mash, an open source tool presented at SIGGRAPH Asia 2020 that allows experts and amateurs alike to create rich, expressive, deformable 3D models from scratch — and to animate them — all in a casual mode, without ever having to leave the 2D plane. With Monster Mash, the user sketches out a character, and the software automatically converts it to a soft, deformable 3D model that the user can immediately animate by grabbing parts of it and moving them around in real time. There is also an online demo, where you can try it out for yourself.
Creating a walk cycle using Monster Mash. Step 1: Draw a character. Step 2: Animate it.
Creating a 2D Sketch The insight that makes this casual sketching approach possible is that many 3D models, particularly those of organic forms, can be described by an ordered set of overlapping 2D regions. This abstraction makes the complex task of 3D modeling much easier: the user creates 2D regions by drawing their outlines, then the algorithm creates a 3D model by stitching the regions together and inflating them. The result is a simple and intuitive user interface for sketching 3D figures.
For example, suppose the user wants to create a 3D model of an elephant. The first step is to draw the body as a closed stroke (a). Then the user adds strokes to depict other body parts such as legs (b). Drawing those additional strokes as open curves provides a hint to the system that they are meant to be smoothly connected with the regions they overlap. The user can also specify that some new parts should go behind the existing ones by drawing them with the right mouse button (c), and mark other parts as symmetrical by double-clicking on them (d). The result is an ordered list of 2D regions.
Steps in creating a 2D sketch of an elephant.
Stitching and Inflation To understand how a 3D model is created from these 2D regions, let’s look more closely at one part of the elephant. First, the system identifies where the leg must be connected to the body (a) by finding the segment (red) that completes the open curve. The system cuts the body’s front surface along that segment, and then stitches the front of the leg together with the body (b). It then inflates the model into 3D by solving a modified form of Poisson’s equation to produce a surface with a rounded cross-section (c). The resulting model (d) is smooth and well-shaped, but because all of the 3D parts are rooted in the drawing plane, they may intersect each other, resulting in a somewhat odd-looking “elephant”. These intersections will be resolved by the deformation system.
Illustration of the details of the stitching and inflation process. The schematic illustrations (b, c) are cross-sections viewed from the elephant’s front.
Layered Deformation At this point we just have a static model — we need to give the user an easy way to pose the model, and also separate the intersecting parts somehow. Monster Mash’s layered deformation system, based on the well-known smooth deformation method as-rigid-as-possible (ARAP), solves both of these problems at once. What’s novel about our layered “ARAP-L” approach is that it combines deformation and other constraints into a single optimization framework, allowing these processes to run in parallel at interactive speed, so that the user can manipulate the model in real time.
The framework incorporates a set of layering and equality constraints, which move body parts along the z axis to prevent them from visibly intersecting each other. These constraints are applied only at the silhouettes of overlapping parts, and are dynamically updated each frame.
In steps (d) through (h) above, ARAP-L transforms a model from one with intersecting 3D parts to one with the depth ordering specified by the user. The layering constraints force the leg’s silhouette to stay in front of the body (green), and the body’s silhouette to stay behind the leg (yellow). Equality constraints (red) seal together the loose boundaries between the leg and the body.
Meanwhile, in a separate thread of the framework, we satisfy point constraints to make the model follow user-defined control points (described in the section below) in the xy-plane. This ARAP-L method allows us to combine modeling, rigging, deformation, and animation all into a single process that is much more approachable to the non-specialist user.
The model deforms to match the point constraints (red dots) while the layering constraints prevent the parts from visibly intersecting.
Animation To pose the model, the user can create control points anywhere on the model’s surface and move them. The deformation system converges over multiple frames, which gives the model’s movement a soft and floppy quality, allowing the user to intuitively grasp its dynamic properties — an essential prerequisite for kinesthetic learning.
Because the effect of deformations converges over multiple frames, our system lends 3D models a soft and dynamic quality.
To create animation, the system records the user’s movements in real time. The user can animate one control point, then play back that movement while recording additional control points. In this way, the user can build up a complex action like a walk by layering animation, one body part at a time. At every stage of the animation process, the only task required of the user is to move points around in 2D, a low-risk workflow meant to encourage experimentation and play.
Conclusion We believe this new way of creating animation is intuitive and can thus help democratize the field of computer animation, encouraging novices who would normally be unable to try it on their own as well as experts who often require fast iteration under tight deadlines. Here you can see a few of the animated characters that have been created using Monster Mash. Most of these were created in a matter of minutes.
A selection of animated characters created using Monster Mash. The original hand-drawn outline used to create each 3D model is visible as an inset above each character.
All of the code for Monster Mash is available as open source, and you can watch our presentation and read our paper from SIGGRAPH Asia 2020 to learn more. We hope this software will make creating 3D animations more broadly accessible. Try out the online demo and see for yourself!
Note: This table shows the number of URLs that were accepted and rejected for European and Russian requests received between July 1 and December 31, 2020 that were processed as of February 15, 2021. The number of URLs accepted and rejected may not reflect requests still pending review as of February 15, 2021. For example, processing delays may result if more information is needed to complete the review on a request.
Cumulative “Right to be forgotten” requests, May 2014 – December 2020
Requests received and processed
URLs requested
URLs accepted
URLs rejected
Percentage of URLs accepted
Total
41,613
133,972
62,373
71,562
47%
Note: This table shows the number of URLs that were accepted and rejected for European and Russian requests received between May 2014 and December 31, 2020 that were processed as of February 15, 2021. The number of URLs accepted and rejected may not reflect requests still pending review as of February 15, 2021. For example, processing delays may result if more information is needed to complete the review on a request.
As an intellectual property company itself, Microsoft encourages respect for intellectual property, including copyrights. We also are committed to freedom of expression and the rights of users to engage in uses that may be permissible under applicable copyright laws. Links to webpages containing material that infringes on the rights of copyright owners may be removed from our search results provided we receive a legally sufficient notice of infringement from an owner or an authorized agent acting on that owner’s behalf. The following numbers relate to requests to remove links to webpages from our Bing search engine results.
Copyright removal requests, July to December 2020
Requests
URLs requested
URLs accepted
URLs rejected
Percentage of URLs accepted
17,006,978
59,222,175
58,965,071
257,104
99.57%
Note: The data above details compliant removal requests received by Bing for removal of algorithmic search results. The report does not include: (1) copyright removal requests from the Bing image or video index, (2) from Bing Ads, or (3) removal requests for other online services, such as Outlook and Skype requests, or (4) requests initially deemed non-compliant during preliminary reviews conducted prior to entry of the request into our standard tracking tools. The data includes more than 95% of the copyright removal requests for Bing for the six-month reporting period. Removal requests for Bing represent about 99% of all copyright removal requests received.
The Marine Corps has been working on a futuristic experiment recently. In collaboration with innovation centre MIND, the GRAVITY Fly Suit has been tested. This makes it easier for special forces to overcome vertical obstacles.
In the flight suit, a person can move through the air in a harness with jet engines. The suit has been tested in various situations, for example when boarding ships. It has also been tested in a built environment.
Thanks to the Fly Suit, the soldiers can get to places that were previously virtually unreachable. As a result, the suit gives new options for tactical deployment. It can also offer civil emergency services new opportunities. The experiment stemmed from a desire for new ways of boarding operations.
The Logitech Voice M380 wireless mouse looks and acts like a regular mouse but with a special button to initiate voice dictation. Baidu claimed recognition facilitates content creation at two to three times the speed of what one can type.
The device supports dictation in Chinese, English, and Japanese, and can translate content to English, Japanese, Korean, French, Spanish, and Thai. However, as of this month, you can only pick it up in China. There’s no word on when or if it will be available elsewhere.
The Logitech M380 Baidu voice mouse. Click to enlarge
The mouse uses Baidu’s AI open platform Baidu Brain speech technology. The Chinese tech company said of the platform:
As of September 2020, Baidu Brain has developed more than 270 core AI capabilities and created over 310,000 models for developers.
Baidu Brain is made of a security module and four components: a foundation layer (uses open-source Chinese deep learning platform Paddle Paddle, Kunlun AI processors, and databases); the so-called “perception” layer (aggregates the company’s algorithm in voice technology, computer vision and AR/VR); a cognition layer (integrates new information); and a platform layer.
[…]
The mouse comes in three colours, graphite, rose, and off-white, and costs around $30 (£22, €25).
Australian security firm Azimuth has been identified as the experts who managed to crack a mass shooter’s iPhone that was at the center of an encryption standoff between the FBI and Apple.
Until this week it had largely been assumed that Israeli outfit Cellebrite was hired to forcibly unlock an encrypted iPhone 5C used by Syed Farook – who in 2015 shot and killed colleagues at a work event in San Bernardino, California, claiming inspiration from ISIS.
Efforts by law enforcement to unlock and pore over Farook’s phone were unsuccessful, leading to the FBI taking Apple to court to force it to crack its own software to reveal the device’s contents. The Feds got an order from a judge instructing Apple to effectively break its own security to give agents access to the locked and encrypted handset.
But Apple heavily and publicly resisted, leading to a legal showdown that resulted in increasing alarm in the technology industry. Before the courts were forced to resolve the issue of access to encrypted data, however, the FBI announced it had found a way into the phone and dropped the case.
It later emerged the Feds had paid $900,000 to get into the phone… which had nothing of value on it. That isn’t too surprising since it was Farook’s work phone, after all.
Amazon reportedly pressured smart-thermostat maker Ecobee to fork over data from its voice-enabled devices even when customers weren’t actively using them. When Ecobee pushed back, the e-commerce giant threatened to box the company out of high-profile selling events like Prime Day or refuse Alexa certification for future devices, according to a Wall Street Journal report this week.
Last year, Amazon approached Ecobee among other Alexa-enabled device sellers about sharing “proactive state” data from customers, several company executives confirmed to the Journal. With this data, Amazon would receive updates about the device’s status at all times even when customers weren’t using them, such as the temperature of their home or whether their doors are locked, among other examples.
[…]
However, when Ecobee initially refused to provide users’ proactive state data, Amazon warned that a refusal might bar the company from major selling events like Prime Day or prevent its future devices from receiving Alexa certification, said one of the people the Journal spoke with. Given that Amazon controls a huge chunk of the global e-commerce market (nearly 40% in the U.S. alone), that kind of move can bankrupt smaller companies like Ecobee.
[…]
In addition to stealing designs from other companies for its AmazonBasics line, Amazon also purportedly pressures industry partners to use its logistics arm, Fulfillment by Amazon, by threatening to make it more difficult to sell products on its marketplace, according to the Journal. Amazon even reportedly competes with the companies it invests in, of which Ecobee is one, using its position as a shareholder to access confidential information and develop similar products.
Last October, a House Judiciary antitrust subcommittee concluded what we all already knew: That Amazon and other tech giants have “monopoly power” in their respective markets and “abuse their power by charging exorbitant fees, imposing oppressive contract terms, and extracting valuable data from the people who rely on them.”
Microsoft has had a busy six months if its latest biannual digital trust report is anything to go by as law enforcement agencies crept closer to making 25,000 legal requests.
Requests for consumer data reached 24,798 during the second half of 2020, up from 24,093 during the previous six-month period, and quite a jump from the 21,781 for the same period in 2019.
“Non-content data” requests, which require a subpoena (or local equivalent), accounted for just over half of disclosures and were slightly down on the same period in 2019. Microsoft rejected 25.81 per cent of requests in the last six months of 2020, up on the 20.14 per cent of the same period in 2019.
As for where those requests came from, Microsoft highlighted a handful of countries including Brazil, France, Germany, the United Kingdom, and the United States. The US was the worst offender (going by quantity of requests) accounting for 5,682 (up from 4,315 for same period in 2019). Germany was not far behind with 4,976 (up from 3,310) while the UK submitted 3,558 requests (a small increase from 3,312 for the same period in 2019).
As well as consumer data, Microsoft received 109 requests from law enforcement agencies for enterprise cloud customer data in the second half of 2020. It was unable to bat back 40, where the company was “compelled” to provide some information. “19 cases,” it said, “required the disclosure of some customer content, and in 21 of the cases we were compelled to disclose non-content information only.”
Still, while that 25,000 figure may seem a little worrying, it is considerably less than the first sets of figures made available by Microsoft. For the latter half of 2013 the total requests were above 35,000.
Away from the criminal side of things, Microsoft also received a comparatively small number of emergency and civil legal requests. Of the latter, it rejected just over 75 per cent in the latter half of 2020.
The report makes for fascinating reading and, while the company is to be applauded for publishing it, the accompanying Privacy Report is an occasionally grim reminder of just how much information Microsoft can slurp from users. Particularly if the customer concerned decides to be helpful and check that Optional diagnostic data box.
To speed up the pace of NTP tech development, the Pentagon’s Defense Advanced Research Projects Agency (DARPA) has selected a trio of companies to build and demonstrate a nuclear-based propulsion system on a spacecraft above low-Earth orbit by 2025. The prime contractors include Jeff Bezos’ private space project Blue Origin, Lockheed Martin, and General Atomics.
Over the next 18 months, phase 1 of the DRACO (Demonstration Rocket for Agile Cislunar Operations) program will see the companies split across two tracks to develop a craft that has the ability to rapidly maneuver in cislunar space (between the Earth and the moon). The award win marks a new national security contract for Blue Origin, according to CNBC, while its DRACO counterparts are regulars on the defense circuit.
Bezos’ company and Lockheed Martin — granted $2.5 million and $2.9 million, respectively — will now work on competing designs for an operational spacecraft powered by an NTP system. DARPA awarded General Atomics $22 million to develop the nuclear reactor.
Sound location technology has often been patterned around the human ear, but why do that when bats are clearly better at it? Virginia Tech researchers have certainly asked that question. They’ve developed a sound location system that mates a bat-like ear design with a deep neural network to pinpoint sounds within half a degree — a pair of human ears is only accurate within nine degrees, and even the latest technology stops at 7.5 degrees.
The system flutters the outer ear to create Doppler shift signatures related to the sound’s source. As the patterns are too complex to easily decipher, the team trained the neural network to provide the source direction for every received echo. And unlike human-inspired systems, it only needs one receiver and a single frequency.
The US is following through on promises of retaliation against Russia for its alleged involvement in the SolarWinds cyberattack. The APreports that President Biden has expelled 10 Russian diplomats from Washington, DC, including members of intelligence services, in response to actions that include the SolarWinds hack. The White House also imposed sanctions on 32 “entities and individuals” as an answer to reported 2020 election interference attempts.
Biden formally blamed the Russia-backed cyberattack group Cozy Bear (aka APT29) as the culprit behind the SolarWinds breach. The FBI, NSA and CISA also issued a joint cybersecurity advisory warning of vulnerabilities Russian intelligence used to compromise networks. The Treasury Department, meanwhile, declared that six Russian technology companies were involved in creating the tools to enable “malicious cyber activities.”
[…]
The actions also encompass a number of non-technology concerns, such as bounties on US soldiers in Afghanistan, Russia’s ongoing actions in Crimea and the attempts to silence Russian opposition leader Alexei Navalny.
Blue Origin has successfully completed a test launch and landing of its reuseable New Shepard rocket with an advanced capsule design, bringing the outfit one step closer to eventually sending up paying passengers.
The test flight, codenamed NS-15 as it’s the 15th to date, was conducted at 1651 UTC (1151 CDT) at a Blue Origin site near Van Horn, Texas, on Wednesday. Two Blue Origin employees climbed up the launch tower, entered the capsule, and were strapped into their seats, and followed final procedures to prepare for a fake take off. Just before the New Shepard was due to fly, however, they left the capsule, with just Mannequin Skywalker, the instrument-stuffed dummy Blue Origin uses, to make the short journey.
The flight was the first test of the new capsule design that’ll be more comfortable for people paying six-figure sums to go into space. New acoustic and temperature controls were tested, as well an improved radio and control systems. NASA wants to see all is right before putting humans on it.
You can watch the whole thing again here. Skip to 1:53:39 to get to the countdown.
NS-15 was completed in just over ten minutes, according to the mission’s broadcast. First, the capsule separated from the booster at about three minutes into the flight. After the booster reached its highest point – about 350,000 feet or 106.7 kilometres – it slowed down and reentered the atmosphere.
It was guided back onto is landing pad and performed a rocket burn to slow its speed down to five miles per hour at seven minutes into the flight for a soft landing. The capsule touched down around three minutes later.
Webshop Allekabels has leaked private data and passwords of millions of Dutch people. It may be the largest password data breach in the Netherlands ever.
Allekabels’ stolen database, containing the private data of some 3.6 million people, was put up for sale on a hacker forum at the end of January for a sum of 15,000 euros. Audio and computer cables are available for purchase via Allekabels, as well as suspension brackets and antennas.
RTL Nieuws has viewed and verified the stolen data.
This totals some 2.6 million unique email addresses linked to names, home addresses, telephone numbers, dates of birth and encrypted passwords.
At least 109,000 IBAN numbers of Allekabels customers were also stolen and traded.
Russia’s infamous APT 29, aka Cozy Bear, was behind the SolarWinds Orion attack, the US and UK governments said today as America slapped sanctions on Russian infosec companies as well as expelling diplomats from that country’s US embassy.
One of the sanctioned companies is Positive Technologies, familiar in the West for, among other things, in-depth research exposing vulnerabilities in Intel’s hardware security architecture.
The compromise saw Russian state intelligence operatives carefully compromise the build systems of SolarWinds’ network monitoring software Orion to distribute a backdoor into its 18,000 customers. Those customers included the UK and US governments, among many others
“The Russian Intelligence Services’ third arm, the SVR, is responsible for the 2020 exploit of the SolarWinds Orion platform and other information technology infrastructures. This intrusion compromised thousands of US government and private sector networks,” said the US Treasury.
The American attribution was echoed by the British government with Foreign Secretary Dominic Raab saying in a statement: “We see what Russia is doing to undermine our democracies. The UK and US are calling out Russia’s malicious behaviour, to enable our international partners and businesses at home to better defend and prepare themselves against this kind of action.”
The US Defence Department added: “Recent Russian SVR activities include compromising SolarWinds Orion software updates, targeting COVID-19 research facilities through deploying WellMess malware, and leveraging a VMware vulnerability that was a zero-day at the time for follow-on Security Assertion Markup Language (SAML) authentication abuse.”
The NCSC also said in a public statement that “the overall impact on the UK of the SVR’s exploitation of this software is low.” Government departments have refused to even talk about the impact of the Orion compromise despite it being in widespread use around Whitehall and further afield, lending credibility to the notion that UK.gov was more widely hit by the breach than it wants to admit.
[…]
Other sanctioned outfits included ERA Technopolis, aka Pasit; Neobit, an infosec firm which was also the alma mater for a Russian spy who sneaked into Microsoft back in 2010; the Russian state compsci research institution; and a Russian business called Advanced System Technology AO.
US persons are banned from doing business with any of the above.
Google Earth has partnered with NASA, the U.S. Geological Survey, the EU’s Copernicus Climate Change Service, and Carnegie Mellon University’s CREATE Lab to bring users time-lapse images of the planet’s surface—24 million satellite photos taken over 37 years. Together they offer photographic evidence of a planet changing faster than at any time in millennia. Shorelines creep in. Cities blossom. Trees fall. Water reservoirs shrink. Glaciers melt and fracture.
“We can objectively see global warming with our own eyes,” said Rebecca Moore, director of Google Earth. “We hope that this can ground everyone in an objective, common understanding of what’s actually happening on the planet, and inspire action.”
Timelapse, the name of the new Google Earth feature, is the largest video on the planet, according to a statement from the company, requiring 2 million hours to process in cloud computers, and the equivalent of 530,000 high-resolution videos. The tool stitches together nearly 50 years of imagery from the U.S.’s Landsat program, which is run by NASA and the USGS. When combined with images from complementary European Sentinel-2 satellites, Landsat provides the equivalent of complete coverage of the Earth’s surface every two days. Google Earth is expected to update Timelapse about once a year.
The Timelapse images are stark. In Southwestern Greenland, warmer Atlantic waters and air temperatures are accelerating ice melt.
Claushavn, Greenland
Source: Google
Tree loss in Brazil in 2020 surged by a quarter over the prior year.
Longyangxia Solar Park, located in Gonghe County, Qinghai Province.
Source: Google
This image, below, illustrates what it took to make a viewable experience. The 24 million images had to be processed to remove clouds or other obstructions and then stitched together into the final product.
Twenty-four million satellite images from 1984 to 2020 were analyzed to identify and remove artifacts, like clouds.
Source: Google
“Now, our one, static snapshot of the planet”—Google Earth—“has become dynamic, providing ongoing visual evidence of Earth’s changes from climate and human behavior occurring across space and time, over four decades,” Moore said. “And this was made possible because of the U.S. government and European Union’s commitments to open and accessible data.”
A new experimental treatment could someday give people a way to grow missing teeth, if early research on lab animals holds up.
Scientists at Japan’s Kyoto University and the University of Fukui developed a monoclonal antibody treatment that seems to trigger the body to grow new teeth, according to research published last month in the journal Science Advances. If upcoming experiments continue to work, it could eventually give us a way to regrow teeth lost in adulthood or those that were missing since childhood due to congenital conditions.
[…]
eventually the team found that blocking a gene called USAG-1 led to increased activity of Bone Morphogenic Protein (BMP), a molecule that determines how many teeth will grow in the first place, and allowed adult mice to regrow any that they were missing.
The experiment also worked on ferrets, which the researchers say is important because their teeth are far more humanlike than mouse teeth are.
“Ferrets are diphyodont animals with similar dental patterns to humans,” Kyoto researcher and lead study author Katsu Takahashi said in the press release. “Our next plan is to test the antibodies on other animals such as pigs and dogs.”
There’s still a long way to go before they reach human trials, but continued success in those upcoming trials would be a promising sign for the future of a clinical treatment that lets us naturally regrow our missing teeth.
Intelsat’s IS-10-02 communications satellite was running low on fuel — it’s been in orbit since 2004, after all, and has already exceeded its original mission lifespan by five years. Thanks to Northrop Grumman’s Mission Extension Vehicle-2 (MEV-2), however, it gained another five years of life and will stay operational instead of being decommissioned. MEV-2 launched in August and has been making its way to the satellite in geosynchronous orbit since then. On Monday, it caught up to its target and clamped onto it to provide the IS-10-02 with more fuel.
According to TechCrunch, a representative described the robotic spacecraft as a “jetpack for the 10-02 satellite.” The spokesperson explained the docking process as follows:
“The MEV-2 docking system consists of a probe that we insert into the liquid apogee engine on the aft end of a satellite. Nearly 80% of satellites in orbit have this featuring, allowing the MEV service a variety of customers. The liquid apogee engine acts as a “cone to capture” to help guide the probe which once it passes through the throat of the engine, expands to capture the client satellite. The probe is then retracted pulling three stanchions, or feet, up against the launch adaptor ring, securely clamping the two vehicles together.”
This marks the first time a life-extension services vehicle was able to dock with an active satellite in its operational GEO orbital location. MEV-2’s predecessor, the MEV-1, clamped onto Intelsat’s IS-901 last year. That satellite was already out of fuel and was docked out of its original orbit at the time, though. As TechCrunch notes, Northrop Grumman had to ensure that MEV-2’s approach wouldn’t disrupt its target’s operation and orbit. By successfully doing so, the aerospace corporation proved that it’s possible to service active satellites, which means companies can potentially save millions by extending the life of their older space objects.
MEV-2 will stay with IS-10-02 before moving on to extend the life of another satellite. In addition to the MEV, the company is working on robotic vehicles that can do in-orbit repair, augmentation, assembly and inspection. Those vehicles will also be used to deliver life-extending pods to satellites to extend their mission lifespan without the need to remain docked with their targets. Northrop Grumman is hoping to launch both those technologies by 2024.
WhatsApp representatives told Forbes that the easiest way to protect yourself against this kind of an attack is to make sure you’ve associated an email address with your two-step verification process so the attacker won’t be able to spoof your identity. You can do that right now by pulling up WhatsApp, loading its Settings, tapping on Two-Step Verification, and inputting your email address (or checking to make sure you’ve already done so).
This isn’t going to block the attack per se, but it’ll make it a lot easier for WhatsApp’s customer service team to help you out should you find yourself in a “prevented from authenticating my account” feedback loop—which is what will happen if an attacker reaches out to WhatsApp posing as you, claiming that your account has been hacked and that WhatsApp should deactivate it. (You’ll then “receive” codes to revert the mistaken de-registration, only you won’t be able to input them because of the previous trick, which will have temporarily banned you for entering too many incorrect 2FA codes.)
The FBI deleted web shells installed by criminals on hundreds of Microsoft Exchange servers across the United States, it was revealed on Tuesday.
The Feds were given approval by the courts to carry out the deletions, which occurred without first warning the servers’ owners, following the discovery and exploitation of critical vulnerabilities in the enterprise software.
Shortly after Microsoft raised the alarm early last month over the security holes in Exchange and provided fixes for the vulnerabilities, miscreants swarmed to exploit the programming blunders and hijack unpatched installations. (Certain groups were even breaking in Exchange servers via the holes before their existence was public knowledge.)
The FBI found hundreds of such compromised deployments with backdoors installed by one cyber-gang in particular, leading to agents asking the courts to allow them to go in and delete the malicious code. The court approved the action and the document was unsealed this week, 30 days later.
“Although many infected system owners successfully removed the web shells from thousands of computers, others appeared unable to do so, and hundreds of such web shells persisted unmitigated,” the Justice Department noted in an announcement. “Today’s operation removed one early hacking group’s remaining web shells, which could have been used to maintain and escalate persistent, unauthorized access to US networks.”
The FBI deleted the shells by issuing a command through the web shell to the server “which was designed to cause the server to delete only the web shell (identified by its unique file path),” it said. Critically, however, the Feds did not touch the servers themselves and so they remain unpatched and open to infiltration.
