[…] Have I Been Pwned started life as a hobby project. In fact, Troy wasn’t working in the cybersecurity industry until a chance encounter tweaked his curiosity.
[…]
Hackers had stolen the email addresses and passwords of 152 million of Adobe’s customers in November 2013 — including, as it turned out, Troy’s.
Only, he wasn’t an Adobe customer. He did some digging and found that Adobe had acquired another company that he did have an account with, and his data along with it.
But that wasn’t where it ended. Another question weighed on Troy’s mind — one he would soon become synonymous with. Where else had his data been leaked?
So, two months after the Adobe breach, he launched Have I Been Pwned — a website that would answer this exact question for anyone in the world.
Even though it’s grown into an industry behemoth, the day-to-day reality of running the site hasn’t changed all that much since 2013.
[…]
He only collects (and encrypts) the mobile numbers, emails and passwords that he finds in the breaches, discarding the victims’ names, physical addresses, bank details and other sensitive information.
The idea is to let users find out where their data has been leaked from, but without exposing them to further risk.
Once he identifies where a data breach has occurred, Troy also contacts the organisation responsible to allow it to inform its users before he does. This, he says, is often the hardest step of the process because he has to convince them it’s legitimate and not some kind of scam itself.
He’s not required to give organisations this opportunity, much less persist when they ignore his messages or accuse him of trying to shake them down for money.
[…]
These days, major tech companies like Mozilla and 1Password use Have I Been Pwned, and Troy likes to point out that dozens of national governments and law enforcement agencies also partner with his service.
[…]
the reality is Troy doesn’t answer to an electorate, or even a board.
“He’s not a company that’s audited. He’s just a dude on the web,” says Jane Andrew, an expert on data breaches at the University of Sydney.
“I think it’s so shocking that this is where we find out information about ourselves.
“It’s just one guy facilitating this. It’s a critical global risk.”
She says governments and law enforcement have, in general, left it to individuals to deal with the fallout from data breaches.
[…]
Without an effective global regulator, Professor Andrew says, a crucial part of the world’s cybersecurity infrastructure is left to rely on the goodwill of this one man on the Gold Coast.
T-Mobile US has had another bad week on the infosec front – this time stemming from a system glitch that exposed customer account data, followed by allegations of another breach the carrier denied.
According to customers who complained of the issue on Reddit and X, the T-Mobile app was displaying other customers’ data instead of their own – including the strangers’ purchase history, credit card information, and address.
This being T-Mobile’s infamously leaky US operation, people immediately began leaping to the obvious conclusion: another cyber attack or breach.
“There was no cyber attack or breach at T-Mobile,” the telco assured us in an emailed statement. “This was a temporary system glitch related to a planned overnight technology update involving limited account information for fewer than 100 customers, which was quickly resolved.”
Note, as Reddit poster Jman100_JCMP did, T-Mobile means fewer than 100 customers had their data exposed – but far more appear to have been able to view those 100 customers’ data.
As for the breach, the appearance of exposed T-Mobile data was alleged by malware repository vx-underground’s X (Twitter) account. The Register understands T-Mobile examined the data and determined that independently owned T-Mobile dealer, Connectivity Source, was the source – resulting from a breach it suffered in April. We understand T-Mobile believes vx-underground misinterpreted a data dump.
Connectivity Source was indeed the subject of a breach in April, in which an unknown attacker made off with employee data including names and social security numbers – around 17,835 of them from across the US, where Connectivity appears to do business exclusively as a white-labelled T-Mobile US retailer.
Looks like the carier really dodged the bullet on this one – there’s no way Connectivity Source employees could be mistaken for its own staff.
T-Mobile US has already experienced two prior breaches this year, but that hasn’t imperilled the biz much – its profits have soared recently and some accompanying sizable layoffs will probably keep things in the black for the foreseeable future.
Since 1999, Slashdot hasbeencoveringtheannualIgNobelprize ceremonies — which honor real scientific research into strange or surprising subjects. “Each winner (or winning team) has done something that makes people LAUGH, then THINK,” explains the ceremony web page, promising that “a gaggle of genuine, genuinely bemused Nobel laureates handed the Ig Nobel Prizes to the new Ig Nobel winners.” As co-founder Marc Abrahams says on his LinkedIn profile, “All these things celebrate the unusual, honor the imaginative — and spur people’s interest in science, medicine, and technology.”
COMMUNICATION PRIZE [ARGENTINA, SPAIN, COLOMBIA, CHILE, CHINA, USA] — María José Torres-Prioris, Diana López-Barroso, Estela Càmara, Sol Fittipaldi, Lucas Sedeño, Agustín Ibáñez, Marcelo Berthier, and Adolfo García, for studying the mental activities of people who are expert at speaking backward.
EDUCATION PRIZE [HONG KONG, CHINA, CANADA, UK, THE NETHERLANDS, IRELAND, USA, JAPAN] — Katy Tam, Cyanea Poon, Victoria Hui, Wijnand van Tilburg, Christy Wong, Vivian Kwong, Gigi Yuen, and Christian Chan, for methodically studying the boredom of teachers and students.
PHYSICS PRIZE [SPAIN, GALICIA, SWITZERLAND, FRANCE, UK] — Bieito Fernández Castro, Marian Peña, Enrique Nogueira, Miguel Gilcoto, Esperanza Broullón, Antonio Comesaña, Damien Bouffard, Alberto C. Naveira Garabato, and Beatriz Mouriño-Carballido, for measuring the extent to which ocean-water mixing is affected by the sexual activity of anchovies.
It’s hard to read the headlines today without feeling like the world couldn’t possibly get much worse. And then tomorrow rolls around, and a fresh set of headlines puts the lie to that thought. On a macro level, there’s not much that you can do about that, but on a personal level, illustrating your news feed with mostly wrong, AI-generated images might take the edge off things a little.
Let us explain. [Roy van der Veen] liked the idea of an e-paper display newsfeed, but the crushing weight of the headlines was a little too much to bear. To lighten things up, he decided to employ Stable Diffusion to illustrate his feed, displaying both the headline and a generated image on a 7.3″ Inky 7-color e-paper display. Every five hours, a script running on a Raspberry Pi Zero 2W fetches a headline from a random source — we’re pleased the list includes Hackaday — and composes a prompt for Stable Diffusion based on the headline, adding on a randomly selected prefix and suffix to spice things up. For example, a prompt might look like, “Gothic painting of (Driving a Motor with an Audio Amp Chip). Gloomy, dramatic, stunning, dreamy.” You can imagine the results.
We have to say, from the examples [Roy] shows, the idea pretty much works — sometimes the images are so far off the mark that just figuring out how Stable Diffusion came up with them is enough to soften the blow. We’d have preferred if the news of the floods in Libya had been buffered by a slightly less dismal scene, but finding out that what was thought to be a “ritual mass murder” was really only a yoga class was certainly heartening.
At this point, you gotta figure that you’re at least being listened to almost everywhere you go, whether it be a home assistant or your very own phone. So why not roll with the punches and turn lemons into something like a still life of lemons that’s a bit wonky? What we mean is, why not take our conversations and use AI to turn them into art? That’s the idea behind this next-generation digital photo frame created by [TheMorehavoc].
Essentially, it uses a Raspberry Pi and a Respeaker four-mic array to listen to conversations in the room. It listens and records 15-20 seconds of audio, and sends that to the OpenWhisper API to generate a transcript.
This repeats until five minutes of audio is collected, then the entire transcript is sent through GPT-4 to extract an image prompt from a single topic in the conversation. Then, that prompt is shipped off to Stable Diffusion to get an image to be displayed on the screen. As you can imagine, the images generated run the gamut from really weird to really awesome.
The natural lulls in conversation presented a bit of a problem in that the transcription was still generating during silences, presumably because of ambient noise. The answer was in voice activity detection software that gives a probability that a voice is present.
Naturally, people were curious about the prompts for the images, so [TheMorehavoc] made a little gallery sign with a MagTag that uses Adafruit.io as the MQTT broker. Build video is up after the break, and you can check out the images here (warning, some are NSFW).
The European Commission has imposed a €376.36 million ($400 million) fine on Intel for blocking the sales of devices powered by its competitors’ x86 CPUs. This brings one part of the company’s long-running antitrust court battle with the European authority to a close. If you’ll recall, the Commission slapped the chipmaker with a record-breaking €1.06 billion ($1.13 billion) fine in 2009 after it had determined that Intel abused its dominant position in the market. ye
It found back then that the company gave hidden rebates and incentives to manufacturers like HP, Dell and Lenovo for buying all or almost all their processors from Intel. The Commission also found that Intel paid manufacturers to delay or to completely cease the launch of products powered by its rivals’ CPUs “naked restrictions.” Other times, Intel apparently paid companies to limit those products’ sales channels. The Commission calls these actions “naked restrictions.”
[…]
In its announcement, the European Commission gave a few examples of how Intel hindered the sales of competing products. It apparently paid HP between November 2002 and May 2005 to sell AMD-powered business desktops only to small- and medium-sized enterprises and via direct distribution channels. It also paid Acer to delay the launch of an AMD-based notebook from September 2003 to January 2004. Intel paid Lenovo to push back the launch of AMD-based notebooks for half a year, as well.
The Commission has since appealed the General Court’s decision to dismiss the part of the case related to the rebates Intel offered its clients. Intel, however, did not lodge an appeal for the court’s ruling on naked restrictions, setting it in stone. “With today’s decision, the Commission has re-imposed a fine on Intel only for its naked restrictions practice,” the European authority wrote. “The fine does not relate to Intel’s conditional rebates practice. The fine amount, which is based on the same parameters as the 2009 Commission’s decision, reflects the narrower scope of the infringement compared to that decision.” Seeing as the rebates part of the case is under appeal, Intel could still pay the rest of the fine in the future.
NASA’s Parker Solar Probe has racked up an impressive list of superlatives in its first five years of operations: It’s the closest spacecraft to the sun, the fastest human-made object and the first mission to ever “touch the sun.”
Now, Parker has one more feather to add to its sun-kissed cap: It’s the first spacecraft ever to fly through a powerful solar explosion near the sun.
As detailed in a new study published Sept. 5 in The Astrophysical Journal—exactly one year after the event occurred—Parker Solar Probe passed through a coronal mass ejection (CME).
These fierce eruptions can expel magnetic fields and sometimes billions of tons of plasma at speeds ranging from 60 to 1,900 miles (100 to 3,000 kilometers) per second. When directed toward Earth, these ejections can bend and mold our planet’s magnetic field, generating spectacular auroral shows and, if strong enough, potentially devastate satellite electronics and electrical grids on the ground.
Cruising on the far side of the sun just 5.7 million miles (9.2 million kilometers) from the solar surface—22.9 million miles (36.8 million kilometers) closer than Mercury ever gets to the sun—Parker Solar Probe first detected the CME remotely before skirting along its flank. The spacecraft later passed into the structure, crossing the wake of its leading edge (or shock wave), and then finally exited through the other side.
A composite of images collected by Parker Solar Probe’s Wide-field Imager for Solar Probe (WISPR) instrument captures the moment the spacecraft passed through a coronal mass ejection (CME) on Sept. 5, 2022. The event becomes visible at 0:14 seconds. The sun, depicted on the left, comes closest on Sept. 6, when Parker reached its 13th perihelion. The sound in the background is magnetic field data converted into audio. Credit: NASA/Johns Hopkins APL/Naval Research Laboratory/Brendan Gallagher/Guillermo Stenborg/Emmanuel Masongsong/Lizet Casillas/Robert Alexander/David Malaspina
In all, the sun-grazing spacecraft spent nearly two days observing the CME, providing physicists an unparalleled view into these stellar events and an opportunity to study them early in their evolution.
“This is the closest to the sun we’ve ever observed a CME,” said Nour Raouafi, the Parker Solar Probe project scientist at the Johns Hopkins Applied Physics Laboratory (APL) in Laurel, Maryland, which built the spacecraft within NASA’s timeline and budget, and currently manages and operates the mission. “We’ve never seen an event of this magnitude at this distance.”
The CME on Sept. 5, 2022, was an extreme one. As Parker passed behind the shock wave, its Solar Wind Electrons, Alphas and Protons (SWEAP) instrument suite clocked particles accelerating up to 840 miles (1,350 kilometers) per second. Had it been directed toward Earth, Raouafi suspects it would have been close in magnitude to the Carrington Event—a solar storm in 1859 that is held as the most powerful on record to hit Earth.
[…]
More information: O. M. Romeo et al, Near-Sun In Situ and Remote-sensing Observations of a Coronal Mass Ejection and its Effect on the Heliospheric Current Sheet, The Astrophysical Journal (2023). DOI: 10.3847/1538-4357/ace62e
A recent study submitted to Acta Astronautica explores the potential for using aerographite solar sails for traveling to Mars and interstellar space, which could dramatically reduce both the time and fuel required for such missions. This study comes while ongoing research into the use of solar sails is being conducted by a plethora of organizations along with the successful LightSail2 mission by The Planetary Society, and holds the potential to develop faster and more efficient propulsion systems for long-term space missions.
“Solar sail propulsion has the potential for rapid delivery of small payloads (sub-kilogram) throughout the solar system,” Dr. René Heller, who is an astrophysicist at the Max Planck Institute for Solar System Research and a co-author on the study, tells Universe Today. “Compared to conventional chemical propulsion, which can bring hundreds of tons of payload to low-Earth orbit and deliver a large fraction of that to the Moon, Mars, and beyond, this sounds ridiculously small. But the key value of solar sail technology is speed.”
Unlike conventional rockets, which rely on fuel in the form of a combustion of chemicals to exert an external force out the back of the spacecraft, solar sails don’t require fuel. Instead, they use sunlight for their propulsion mechanism, as the giant sails catch solar photons much like wind sails catching the wind when traveling across water. The longer the solar sails are deployed, the more solar photons are captured, which gradually increases the speed of the spacecraft.
For the study, the researchers conducted simulations on how fast a solar sail made of aerographite with a mass up to 1 kilogram (2.2 pounds), including 720 grams of aerographite with a cross-sectional area of 104 square meters, could reach Mars and the interstellar medium, also called the heliopause, using two trajectories from Earth known as direct outward transfer and inward transfer methods, respectively.
The direct outward transfer method for both the trip to Mars and the heliopause involved the solar sail both deploying and departing directly from a polar orbit around the Earth. The researchers determined that Mars being in opposition (directly opposite Earth from the Sun) at the time of solar sail deployment and departure from Earth would yield the best results for both velocity and travel time. This same polar orbit deployment and departure was also used for the heliopause trajectory, as well. For the inward transfer method, the solar sail would be delivered to approximately 0.6 astronomical units (AU) from the Sun via traditional chemical rockets, where the solar sail would deploy and begin its journey to either Mars or the heliopause. But how does an aerographite solar sail make this journey more feasible?
Image taken by The Planetary Society’s LightSail 2 on 25 November 2019 during its mission orbiting the Earth. The curved appearance of the sails is from the spacecraft’s 185-degree fisheye camera lens, and the image was processed with color-correction along with removal of parts of the distortion. (Credit: The Planetary Society)
“With its low density of 0.18 kilograms per cubic meter, aerographite undercuts all conventional solar sail materials,” Julius Karlapp, who is a Research Assistant at the Dresden University of Technology and lead author of the study, tells Universe Today. “Compared to Mylar (a metallized polyester foil), for example, the density is four orders of magnitude smaller. Assuming that the thrust developed by a solar sail is directly dependent on the mass of the sail, the resulting thrust force is much higher. In addition to the acceleration advantage, the mechanical properties of aerographite are amazing.”
Through these simulations, the researchers found the direct outward transfer method and inward transfer method resulted in the solar sail reaching Mars in 26 days and 126 days, respectively, with the first 103 days being the travel time from Earth to the deployment point at 0.6 AU. For the journey to the heliopause, both methods resulted in 5.3 years and 4.2 years, respectively, with the first 103 days of the inward transfer method also being devoted to the travel time from the Earth to the deployment point at 0.6 AU, as well. The reason the heliopause is reached in a faster time with the inward transfer method is due to the solar sail achieving maximum speed at 300 days, as opposed to achieving maximum speed with the outward transfer method at approximately 2 years.
Current travel times to Mars range between 7-9 months, which only happens during specified launch windows every two years while relying on the positions of both planets to be aligned at both launch and arrival of any spacecraft going to, or coming from, Mars. Estimating current travel times to the heliopause can be done using NASA’s Voyager 1 and Voyager 2 probes, which reached the heliopause at approximately 35 years and 41 years, respectively.
The researchers note that one major question of using solar sails is deceleration, or slowing down, upon arriving at the destination, specifically Mars, and while they mention aerocapture as one solution, they admit this still requires further study.
“Aerocapture maneuvers for hyperbolic trajectories (like flying from Earth to Mars) use the atmosphere to gradually reduce velocity due to drag,” Dr. Martin Tajmar, who is a physicist and Professor of Space System at the Dresden University of Technology and a co-author on the study, tells Universe Today. “Therefore, less fuel is required to enter the Martian orbit. We use this braking maneuver to eliminate the need for additional braking thrusters, which in turn reduces the mass of the spacecraft. We’re currently researching what alternative strategies might work for us. Yet the braking method is only one of many different challenges we are currently facing.”
While solar sail technology has been proposed by NASA as far back as the 1970s, a recent example of solar sail technology is the NASA Solar Cruiser, which is currently scheduled to launch in February 2025.
What new discoveries will researchers make about solar sail technology in the coming years and decades? Only time will tell, and this is why we science!
OSIRIS-REx weighs 4,650 pounds (or 2,110 kg). On September 8th of 2016, NASA first launched the spacecraft on its 3.8-billion mile mission to land on an asteroid and retrieve a sample.
That sample has just returned.
Throughout Sunday morning, NASA tweeted historic updates from the sample’s landing site in Utah. “We’ve spotted the #OSIRISREx capsule on the ground,” they announced about 80 minutes ago (including a 23-second video clip). “The parachute has separated, and the helicopters are arriving at the site. We’re ready to recover that sample!”
UPI notes that the capsule “reached temperatures up to 5,000 degrees Fahrenheit during reentry, so protective masks and gloves are required to handle it,” describing its payload as “a 250-gram dust sample.”
15 minutes later NASA shared footage of “the first persons to come into contact with this hardware since it was on the other side of the solar system.” A recovery team approached the capsule to perform an environmental safety sweep confirming there were no hazardous gas.
“The impossible became possible,” NASA administrator Bill Nelson said in a statement. The Guardian reports he confirmed the capsule “brought something extraordinary — the largest asteroid sample ever received on Earth.
“It’s going to help scientists investigate planet formation, it’s going to improve our understanding of the asteroids that could possibly impact the earth and it will deepen our understanding of the origin of our solar system and its formation.”
“This mission proves that NASA does big things, things that have inspired us, things that unite us…
“The mission continues with incredible science and analysis to come. But I want to thank you all, for everybody that made this Osiris-Rex mission possible.”
Professor Neil Bowles of the University of Oxford, one of the scientists who will study the sample, told the Guardian that he was excited to see the sample heading to the clean room at Johnson Space Center. “So much new science to come!”
And that 4,650-pound spacecraft is still hurtling through space. 20 minutes after delivering its sample, the craft ” fired its engines to divert past Earth toward its new mission to asteroid Apophis,” NASA reports. The name of its new mission? OSIRIS-APEX. Roughly 1,000 feet wide, Apophis will come within 20,000 miles of Earth — less than one-tenth the distance between Earth and the Moon — in 2029. OSIRIS-APEX is scheduled to enter orbit of Apophis soon after the asteroid’s close approach of Earth to see how the encounter affected the asteroid’s orbit, spin rate, and surface.
Amazon has always handled its streaming video slate a little differently than the competition. Other companies have slyly introduced a cheaper ad-free option while slowly raising prices on non-ad-based subscription tiers, Prime Video is taking a different tack. The streaming service plans to hold ad-free watching hostage, and it’s demanding a $3 ransom starting early next year.
In a Friday release, Amazon said it would start adding “limited advertisements” to Prime Video starting out in 2024. The company promised fewer ads than other streaming TV providers or old-school linear TV. This change will impact all users in the U.S., UK, Germany, and Canada. Other regions won’t have long to savor the lack of ads, as eventually more places like France, Italy, Spain, Mexico, and Australia will all have ads shoved in front of their unwilling eyeballs.
But don’t worry, all you have to do to help ignore all the ads is slip Amazon an extra $3 a month for a new ad-free option, at least for U.S. Prime members. That bumps the monthly cost of Prime to $18 from $15 a month. Users should get a message in their emails about how they can sign up for Amazon’s latest penny-pinching plan several weeks before ads start flooding Prime Video.
The Dutch Data Protection Foundation (SDBN) wants to enforce a mass claim for 11 million people through the courts against social media company X, the former Twitter. Between 2013 and 2021, that company owned the advertising platform MoPub, which, according to the privacy foundation, illegally traded in data from users of more than 30,000 free apps such as Wordfeud, Buienradar and Duolingo.
SDBN has been trying to reach an agreement with X since November last year, but according to the foundation, without success. That is why SDBN is now starting a lawsuit at the Rotterdam court. Central to this is MoPub’s handling of personal data such as religious beliefs, sexual orientation and health. In addition to compensation, SDBN wants this data to be destroyed.
The foundation also believes that users are entitled to profit contributions. A lot of money can be made by sharing personal data with thousands of companies, says SDBN chairman Anouk Ruhaak. Although she says it is difficult to find out exactly which companies had access to the data. “By holding X. Corp liable, we hope not only to obtain compensation for all victims, but also to put a stop to this type of practice,” said Ruhaak. “Unfortunately, these types of companies often only listen when it hurts financially.”
Alphabet’s Google pays more than $10 billion a year to maintain its position as the default search engine on web browsers and mobile devices, stifling competition, the US Justice Department said Tuesday at the start of a high-stakes antitrust trial in Washington. From a report: “This case is about the future of the internet and whether Google’s search engine will ever face meaningful competition,” Kenneth Dintzer, a government lawyer, said in his opening statement. “The evidence will show they demanded default exclusivity to block rivals.” Dintzer said Google became a monopoly by at least 2010 and today controls more than 89% of the online search market.
“The company pays billions for defaults because they are uniquely powerful,” he said. “For the last 12 years, Google has abused its monopoly in general search.” The monopolization trial is the first pitting the federal government against a US technology company in more than two decades. The Justice Department and 52 attorneys general from states and US territories allege Google illegally maintained its monopoly by paying billions to tech rivals, smartphone makers and wireless providers in exchange for being set as the preselected option or default on mobile phones and web browsers.
An anonymous reader quotes a report from Engadget: The ALPHV/BlackCat ransomware group claimed responsibility for the MGM Resorts cyber outage on Tuesday, according to a post by malware archive vx-underground. The group claims to have used common social engineering tactics, or gaining trust from employees to get inside information, to try and get a ransom out of MGM Resorts, but the company reportedly refuses to pay. The conversation that granted initial access took just 10 minutes, according to the group.
“All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk,” the organization wrote in a post on X. Those details came from ALPHV, but have not been independently confirmed by security researchers. The international resort chain started experiencing outages earlier this week, as customers noticed slot machines at casinos owned by MGM Resorts shut down on the Las Vegas strip. As of Wednesday morning, MGM Resorts still shows signs that it’s experiencing downtime, like continued website disruptions. In a statement on Tuesday, MGM Resorts said: “Our resorts, including dining, entertainment and gaming are currently operational.” However, the company said Wednesday that the cyber incident has significantly disrupted properties across the United States and represents a material risk to the company.
“[T]he major credit rating agency Moody’s warned that the cyberattack could negatively affect MGM’s credit rating, saying the attack highlighted ‘key risks’ within the company,” reports CNBC. “The company’s corporate email, restaurant reservation and hotel booking systems remain offline as a result of the attack, as do digital room keys. MGM on Wednesday filed a 8-K report with the Securities and Exchange Commission noting that on Tuesday the company issued a press release ‘regarding a cybersecurity issue involving the Company.'” MGM’s share price has declined more than 6% since Monday.
These Mymanu CLIK S are a pair of bluetooth earbuds that pair with an app on your phone to offer live translations of over 37 languages, including Spanish, German, French, Japanese, Arabic, Chinese, Finnish, Thai, Korean, and Japanese. The earbuds cost $157, and the app is included.
Obviously, these earbuds can be ideal for international travelers. They use an exclusive translation app called MyJuno, which is also where you can see the full list of translatable languages.
The CLIK S can translate for individual or group speakers, but only individual speakers get their translations played live in your earbud. You just select the relevant languages in the app, then hold the button on your earbud when you want to talk. A translation will be visible on your phone and will play audibly. When your conversation partner wants to talk, they just speak into your phone. For groups of speakers, the CLIK S will keep a written log of the conversation.
Fully charged, these earbuds can last for up to 10 hours, and the charging case can extend that to 30 hours. You can get the Mymanu CLIK S Translation Earbuds for $157, though prices can change at any time.
On the morning of his arrest, Grigor Sargsyan was still fixing matches. Four cellphones buzzed on his nightstand with calls and messages from around the world.
Sargsyan was sprawled on a bed in his parents’ apartment, making deals between snatches of sleep. It was 3 a.m. in Brussels, which meant it was 8 a.m. in Thailand. The W25 Hua Hin tournament was about to start.
Sargsyan was negotiating with professional tennis players preparing for their matches, athletes he had assiduously recruited over years. He needed them to throw a game or a set — or even just a point — so he and a global network of associates could place bets on the outcomes.
That’s how Sargsyan had become rich. As gambling on tennis exploded into a $50 billion industry, he had infiltrated the sport, paying pros more to lose matches, or parts of matches, than they could make by winning tournaments.
Sargsyan had crisscrossed the globe building his roster, which had grown to include more than 180 professional players across five continents. It was one of the biggest match-fixing rings in modern sports, large enough to earn Sargsyan a nickname whispered throughout the tennis world: the Maestro.
This Washington Post investigation of Sargsyan’s criminal enterprise, and how the changing nature of gambling has corrupted tennis, is based on dozens of interviews with players, coaches, investigators, tennis officials and match fixers.
Specifically, the web giant’s Privacy Sandbox APIs, a set of ad delivery and analysis technologies, now function in the latest version of the Chrome browser. Website developers can thus write code that calls those APIs to deliver and measure ads to visitors with compatible browsers.
That is to say, sites can ask Chrome directly what kinds of topics you’re interested in – topics automatically selected by Chrome from your browsing history – so that ads personalized to your activities can be served. This is supposed to be better than being tracked via third-party cookies, support for which is being phased out. There are other aspects to the sandbox that we’ll get to.
While Chrome is the main vehicle for Privacy Sandbox code, Microsoft Edge, based on the open source Chromium project, has also shown signs of supporting the technology. Apple and Mozilla have rejected at least the Topics API for interest-based ads on privacy grounds.
[…]
“The Privacy Sandbox technologies will offer sites and apps alternative ways to show you personalized ads while keeping your personal information more private and minimizing how much data is collected about you.”
These APIs include:
Topics: Locally track browsing history to generate ads based on demonstrated user interests without third-party cookies or identifiers that can track across websites.
Protected Audience (FLEDGE): Serve ads for remarketing (e.g. you visited a shoe website so we’ll show you a shoe ad elsewhere) while mitigating third-party tracking across websites.
Attribution Reporting: Data to link ad clicks or ad views to conversion events (e.g. sales).
Private Aggregation: Generate aggregate data reports using data from Protected Audience and cross-site data from Shared Storage.
Shared Storage: Allow unlimited, cross-site storage write access with privacy-preserving read access. In other words, you graciously provide local storage via Chrome for ad-related data or anti-abuse code.
Fenced Frames: Securely embed content onto a page without sharing cross-site data. Or iframes without the security and privacy risks.
These technologies, Google and industry allies believe, will allow the super-corporation to drop support for third-party cookies in Chrome next year without seeing a drop in targeted advertising revenue.
[…]
“Privacy Sandbox removes the ability of website owners, agencies and marketers to target and measure their campaigns using their own combination of technologies in favor of a Google-provided solution,” James Rosewell, co-founder of MOW, told The Register at the time.
[…]
Controversially, in the US, where lack of coherent privacy rules suit ad companies just fine, the popup merely informs the user that these APIs are now present and active in the browser but requires visiting Chrome’s Settings page to actually manage them – you have to opt-out, if you haven’t already. In the EU, as required by law, the notification is an invitation to opt-in to interest-based ads via Topics.
Using Solar Orbiter’s Extreme Ultraviolet Imager (EUI), the team of scientists behind the mission was able to record part of the Sun’s atmosphere at extreme ultraviolet wavelengths. The last-minute modification to the instrument involved adding a small, protruding “thumb” to block the bright light coming from the Sun such that the fainter light of its atmosphere could be made visible.
“It was really a hack,” Frédéric Auchère, an astrophysicist at the Institute of Astrophysics of the Université Paris-Sud in France, and a member of the EUI team, said in a statement. “I had the idea to just do it and see if it would work. It is actually a very simple modification to the instrument.”
EUI produces high-resolution images of the structures in the Sun’s atmosphere. The team behind the instrument added a thumb to a safety door on EUI, which slides out of the way to let light into the camera so it can capture images of the Sun. If the door stops halfway, however, the thumb ends up shielding the bright light coming from the Sun’s disc in the center so that the fainter ultraviolet light coming from the corona (the outermost part of the atmosphere) can be visible.
A new way to view the Sun
The result is an ultraviolet image of the Sun’s corona. An ultraviolet image of the Sun’s disc has been superimposed in the middle, in the area left blank by the thumb hack, according to ESA.
The corona is usually hidden by the bright light of the Sun’s surface, and can mostly be seen during a total solar eclipse. The camera hack sort of mimics that same effect of the eclipse by blocking out the Sun’s light. The Sun’s corona has long baffled scientists as it is much hotter than the surface of the Sun with temperatures reaching 1.8 million degrees Fahrenheit (1 million degrees Celsius), one of the greatest mysteries surrounding our host star.
“We’ve shown that this works so well that you can now consider a new type of instrument that can do both imaging of the Sun and the corona around it,” Daniel Müller, ESA’s Project Scientist for Solar Orbiter, said in a statement.
An anonymous reader shared this report from Bloomberg: China-linked hackers breached the corporate account of a Microsoft engineer and are suspected of using that access to steal a valuable key that enabled the hack of senior U.S. officials’ email accounts, the company said in a blog post. The hackers used the key to forge authentication tokens to access email accounts on Microsoft’s cloud servers, including those belonging to Commerce Secretary Gina Raimondo, Representative Don Bacon and State Department officials earlier this year.
The U.S. Cybersecurity and Infrastructure Security Agency and Microsoft disclosed the breach in June, but it was still unclear at the time exactly how hackers were able to steal the key that allowed them to access the email accounts. Microsoft said the key had been improperly stored within a “crash dump,” which is data stored after a computer or application unexpectedly crashes…
The incident has brought fresh scrutiny to Microsoft’s cybersecurity practices.
Microsoft’s blog post says they corrected two conditions which allowed this to occur. First, “a race condition allowed the key to be present in the crash dump,” and second, “the key material’s presence in the crash dump was not detected by our systems.” We found that this crash dump, believed at the time not to contain key material, was subsequently moved from the isolated production network into our debugging environment on the internet connected corporate network. This is consistent with our standard debugging processes. Our credential scanning methods did not detect its presence (this issue has been corrected).
After April 2021, when the key was leaked to the corporate environment in the crash dump, the Storm-0558 actor was able to successfully compromise a Microsoft engineer’s corporate account. This account had access to the debugging environment containing the crash dump which incorrectly contained the key. Due to log retention policies, we don’t have logs with specific evidence of this exfiltration by this actor, but this was the most probable mechanism by which the actor acquired the key.
On Monday, local news outlets in Las Vegas caught wind of various complaints from patrons of MGM businesses; some said ATMs at associated hotels and casinos didn’t appear to be working; others said their hotel room keys had stopped functioning; still others noted that bars and restaurants located within MGM complexes had suddenly been shuttered. If you head to MGM’s website, meanwhile, you’ll note it’s definitely not working the way that it’s supposed to.
MGM put out a short statement Monday saying that it had been the victim of an undisclosed “cybersecurity issue.” The Associated Press notes that computer outages connected to said issue appear to be impacting MGM venues across the U.S.—in Vegas but also in places as far flung as Mississippi, Ohio, Michigan, and large parts of the northeast.
The Foundation for the Protection of Privacy Interests and the Consumers’ Association are taking the next step in their fight against Google. The tech company is being taken to court today for ‘large-scale privacy violations’.
The proceedings demand, among other things, that Google stop its constant surveillance and sharing of personal data through online advertising auctions and also pay damages to consumers. Since the announcement of this action on May 23, 2023, more than 82,000 Dutch people have already joined the mass claim.
According to the organizations, Google is acting in violation of Dutch and European privacy legislation. The tech giant collects users’ online behavior and location data on an immense scale through its services and products. Without providing enough information or having obtained permission. Google then shares that data, including highly sensitive personal data about health, ethnicity and political preference, for example, with hundreds of parties via its online advertising platform.
Google is constantly monitoring everyone. Even when using third-party cookies – which are invisible – Google continues to collect data through other people’s websites and apps, even when someone is not using its products or services. This enables Google to monitor almost the entire internet behavior of its users.
All these matters have been discussed with Google, to no avail.
The Foundation for the Protection of Privacy Interests represents the interests of users of Google’s products and services living in the Netherlands who have been harmed by privacy violations. The foundation is working together with the Consumers’ Association in the case against Google. Consumers’ Association Claimservice, a partnership between the Consumers’ Association and ConsumersClaim, processes the registrations of affiliated victims.
More than 82,000 consumers have already registered for the Google claim. They demand compensation of 750 euros per participant.
A lawsuit by the American government against Google starts today in the US . Ten weeks have been set aside for this. This mainly revolves around the power of Google’s search engine.
Essentially, Google is accused of entering into exclusive agreements to guarantee the use of its search engine. These are agreements that prevent alternative search engines from being pre-installed, or from Google’s search app being removed.
Last year, BMW underwent media and customer hellfire over its decision to offer a monthly subscription for heated seats. While seat heating wasn’t the only option available for subscription, it was the one that seemed to infuriate everyone the most, since it concerned hardware already present in the car from the factory. After months of customers continuously expressing their displeasure with the plan, BMW has finally decided to abandon recurring charges for hardware-based functions.
“What we don’t do any more—and that is a very well-known example—is offer seat heating by [monthly subscriptions]” BMW marketing boss Pieter Nota said to Autocar. “It’s either in or out. We offer it by the factory and you either have it or you don’t have it.”
BMW’s move wasn’t solely about charging customers monthly for heated seats. Rather, the luxury automaker wanted to streamline production and reduce costs there by physically installing heated seats in every single car, since 90% of all BMWs are bought with seat heaters anyway. Then, owners who didn’t spec heated seats from the factory could digitally unlock them later with either a monthly subscription or a one-time perma-buy option. Nota still believes it was a good idea.
[…]
BMW was absolutely double dipping with heated seat subscriptions. The company started down that route to reduce production costs, making each car cheaper to build by streamlining the process. Fair enough. However, those reduced costs weren’t then passed down to buyers via lower MSRPs. Customers were technically paying for those heated seats anyway, no matter whether they wanted them. Then, BMW was not only charging extra to use a feature already installed in the car, but also subjecting it to subscription billing, even though seat heating is static hardware not designed to change or improve over time.
Customers weren’t happy, and rightfully made their grievance known. While it’s good that BMW ultimately buckled to the public’s wishes here, it doesn’t seem like the automaker’s board members truly understand why the outrage happened in the first place.
Philips and sleep specialists Kokoon have partnered to create an unparalleled sleep headphone.
The Philips Sleep Headphones, powered by Kokoon, blends sleep science and ergonomic know-how with Philips’ century-long reputation for crafting top-notch products.
[…]
Experience a comfort revolution. After numerous nights of testing, our team has crafted an earbud that flawlessly conforms to the shape of your ear for maximum comfort during side sleeping.
[…]
Sleep soundly with advanced biosensors that detect when you drift off and adjust sound levels accordingly, ensuring a peaceful and uninterrupted night.
[…]
Our biosensors introduce white noise during the night to assist with blocking out disruptive sounds such as snoring or external noise. Discover a more peaceful sleeping environment.
[…]
Get a better night’s sleep with sounds backed by science. Select from a variety of options including meditations, soundscapes, binaural beats, and more to ease into slumber.
The person behind an AI-generated song that went viral earlier this year has submitted the track for Grammy Awards consideration. The Recording Academy has stated that such works aren’t eligible for certain gongs. However, Ghostwriter, the pseudonymous person behind “Heart on My Sleeve,” has submitted the track in the best rap song and song of the year categories, according to Variety. Both of those are songwriting honors. The Academy has suggested it’s open to rewarding tracks that are mostly written by a human, even if the actual recording is largely AI-generated.
Ghostwriter composed the song’s lyrics rather than leaving them up to, say, ChatGPT. But rather than sing or rap those words, they employed a generative AI model to mimic the vocals of Drake and The Weeknd, which helped the song to pick up buzz. The artists’ label Universal Music Group wasn’t happy about that and it filed copyright claims to remove “Heart on My Sleeve” from streaming services. Before that, though, the track racked up hundreds of thousands of listens on Spotify and more than 15 million on TikTok.
[…]
It seems there’s one major roadblock as things stand, though. For a song to be eligible for a Grammy, it needs to have “general distribution” across the US through the likes of brick-and-mortar stores, online retailers and streaming services. Ghostwriter is reportedly aware of this restriction, but it’s unclear how they plan to address that.
In any case, this may well be a canary in the coal mine for rewarding the use of generative AI in art.
Senator Tuberville’s blanket hold on general officer nominations reaches its six-month anniversary this week. This all seems to have started with a reckless idea dreamed up by a staffer with no experience in the Senate who then left the Senator’s employment after taking credit for it in a Washington Post exposé. From its shaky foundations, the hold strategy has now morphed into a take-no-prisoners stand against federal funding of abortion and “wokeness” in the military. Tuberville appears to have no concept of an end game except total victory. Barring capitulation by the Senator, which doesn’t seem to be in the cards, the rest of the Senate needs to come up with a Plan B.
There are now 301 general and flag officer positions, including five spots on the Joint Chiefs of Staff, which are impacted by these holds. By year’s end, that number may rise to 650. Tuberville argues that there is no readiness impact for having acting officers in place. He may eventually be right in the sense that the military is a mission-driven organization and will adjust whether or not the Senate acts. Since military rotations are on a two-year cycle, fairly soon every general and admiral in the military will be in an acting position. This may be the likeliest future outcome.
[…]
Regular order and unscripted debates on amendments died long ago and as a result, the Senate can’t pass annual authorization bills except for the defense policy bill. The civilian nominations process is broken with over 180 confirmed positions still unfilled two and a half years into the current administration, and now the military nominations process has come unglued.
Trying to convince Senator Tuberville to withdraw his holds has been an exercise in futility. There is equally no appetite to modify the rules for holds and bundle these confirmations as that might set undesirable precedents. That leaves the option of doing nothing or altering what positions the Senate is required to confirm. The latter should be considered.
Until the Tuberville holds, the Senate routinely considered 50,000 military nominees a year primarily by unanimous consent. The biggest question one must ask is why? All military officers above the O-4 level (a major or lieutenant commander) must go through Senate confirmation for each promotion. This is referred to as a constitutional responsibility and yet an O-4 is the equivalent to a GS-13 in the civil service, while general officers are the equivalent of the Senior Executive Service (SES). The Senate does not confirm the nearly 490,000 federal employees at the GS-13 level or above nor the over 8,000 members of the SES even though they are all technically officers of the federal government as defined by the Constitution.
[…]
What would parity look like? Currently, 61 civilians at the Department of Defense (DoD) require Senate confirmation. That is a good starting point to consider for military generals, but just focusing on the 41 four-star generals in service according to the latest DoD data is probably enough. Confirming just these officers could take over four months of floor time if holds were placed on them. Still, the Senate now needs to structure its rules and plan its calendar around standing holds on all nominations—civilian or military. That means limiting the number of individuals that require confirmation.
Though a cornerstone of thermodynamics, entropy remains one of the most vexing concepts to teach budding physicists in the classroom. As a result, many people oversimplify the concept as the amount of disorder in the universe, neglecting its underlying quantitative nature.
In The Physics Teacher, researcher T. Ryan Rogers designed a hand-held model to demonstrate the concept of entropy for students. Using everyday materials, Rogers’ approach allows students to confront the topic with new intuition—one that takes specific aim at the confusion between entropy and disorder.
“It’s a huge conceptual roadblock,” Rogers said. “The good news is that we’ve found that it’s something you can correct relatively easily early on. The bad news is that this misunderstanding gets taught so early on.”
While many classes opt for the imperfect, qualitative shorthand of calling entropy “disorder,” it’s defined mathematically as the number of ways energy can be distributed in a system. Such a definition merely requires students to understand how particles store energy, formally known as “degrees of freedom.”
To tackle the problem, Rogers developed a model in which small objects such as dice and buttons are poured into a box, replicating a simple thermodynamic system. Some particles in the densely filled box are packed in place, meaning they have fewer degrees of freedom, leading to an overall low-entropy system.
As students shake the box, they introduce energy into the system, which loosens up locked-in particles. This increases the overall number of ways energy can be distributed within the box.
“You essentially zoom in on entropy so students can say, ‘Aha! There is where I saw the entropy increase,'” Rogers said.
As students shake further, the particles settle into a configuration that more evenly portions out the energy among them. The catch: at this point of high entropy, the particles fall into an orderly alignment.
“Even though it looks more orientationally ordered, there’s actually higher entropy,” Rogers said.
All the students who participated in the lesson were able to reason to the correct definition of entropy after the experiment.
Next, Rogers plans to extend the reach of the model by starting a conversation about entropy with other educators and creating a broader activity guide for ways to use the kits for kindergarten through college. He hopes his work inspires others to clarify the distinction in their classrooms, even if by DIY means.
“Grapes and Cheez-It crackers are very effective, as well,” Rogers said.
The article, “Hands-on Model for Investigating Entropy and Disorder in the Classroom,” is authored by T. Ryan Rogers and is published in The Physics Teacher.
More information: T. Ryan Rogers, Hands-on Model for Investigating Entropy and Disorder in the Classroom, The Physics Teacher (2023). DOI: 10.1119/5.0089761
