Author Archives: Robin Edgar

About Robin Edgar

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft

Twilio SMS service attacker ‘explicitly’ looked for 3 Signal numbers

Posted on by

The security breach at Twilio earlier this month affected at least one high-value customer, Signal, and led to the exposure of the phone number and SMS registration codes for 1,900 users of the encrypted messaging service, it confirmed.

However, Signal – considered one of the better secured of all the encrypted messaging apps – claims the attacker would not have been able to access the message history, contact lists, profile information, or other personal data associated with these user accounts. The non-profit organization said in a security note on its site that it has identified and is notifying the 1,900 users directly, and prompting them to re-register Signal on their devices.

The company had already come under fire for its practice of SMS verification in the past, something which has rebounded in the wake of the disclosure.

According to Signal, Twilio provides SMS verification services for its platform. Twilio provides messaging, call center and two-factor authentication services, among others, to about 256,000 customers altogether – although it said in an earlier incident report about the breach that only 125 of its customers had data “accessed by malicious actors for a limited period of time.”

The news that Signal was one of the 125 has raised questions about the identity of other Twilio customers, especially as the encrypted comms platform is known for its transparency. Others may be less forthcoming.

According to Signal’s security note, when Twilio was hit by a phishing attack earlier this month, this may potentially have led to the phone numbers of 1,900 Signal users being revealed as registered to a Signal account. The encryption app platform added that the users’ SMS verification codes were also exposed.

It appears that during the window of time that the attacker had access to Twilio’s customer support systems, it would have been possible for them to attempt to re-register the phone numbers they had accessed, transferring the Signal account to another device under their own control, using the SMS verification code. It also stresses that the attacker no longer has this access, and that the attack had been shut down by Twilio.

Intriguingly, Signal states that the attacker explicitly searched for three phone numbers among the 1,900 accessed, and the organization has since received a report from one of those three users that their account was indeed re-registered and hijacked.

[…]

Source: Twilio attacker ‘explicitly’ looked for 3 Signal numbers

How bad the problem with John Deere Tractors really is, how not being open leads to incredibly bad security

Posted on by

Last Saturday, I sat in a crowded ballroom at Caesar’s Forum in Las Vegas and watched Sickcodes jailbreak a John Deere tractor’s control unit live, before an audience of cheering Defcon 30 attendees (and, possibly, a few undercover Deere execs, who often attend Sickcodes’s talks).

The presentation was significant because Deere – along with Apple – are the vanguard of the war on repair, a company that has made wild and outlandish claims about the reason that farmers must pay the company hundreds of dollars every time they fix their own tractors, and then wait for days for an authorized technician to come to their farm and type an unlock code.

Deere’s claims have included the astounding statement that the farmers who spend hundreds of thousands of dollars on tractors don’t actually own those tractors, because the software that animates them is only licensed, not sold:

https://memex.craphound.com/2017/04/22/john-deere-just-told-the-copyright-office-that-only-corporations-can-own-property-humans-can-only-license-it/

They’ve also claimed that locking farmers out of their tractors is for their own good, because otherwise hackers could take over those tractors and endanger the food supply. While it’s true that the John Deere tractor monopoly means that defects in the company’s products could affect farms all around the world, it’s also true that John Deere is very, very bad at information security:

https://pluralistic.net/2021/04/23/reputation-laundry/#deere-john

The company’s insistence that they are guardians of farmers and the agricultural sector is a paper-thin cover for monopolistic practices and rent-seeking. Monopolizing the repair and reconfiguration of Deere products gives the company all kinds of little gifts – for example, they can refuse to fix the tractors of dissatisfied customers unless they agree to gag-orders:

https://pluralistic.net/2022/05/31/dealers-choice/#be-a-shame-if-something-were-to-happen-to-it

And because so few of us understand information security, or monopoly, or agribusiness (let alone all three!) they can spin their dangerous, grossly unfair practices as features, not bugs. Remember when they trumpeted the fact that they’d remotely bricked some Ukrainian Deere products that had been looted by Russian soldiers?

https://doctorow.medium.com/about-those-kill-switched-ukrainian-tractors-bc93f471b9c8

What they didn’t say – and what almost no one pointed out – was that this meant that anyone who could hack John Deere’s system could brick any tractor – including, say, the Russian military’s hacking squads. They also didn’t say that Ukrainian farmers had long chafed under Deere’s corporate control, and had developed illegal third-party tractor firmware that farmers all over the world had covertly installed:

https://www.vice.com/en/article/xykkkd/why-american-farmers-are-hacking-their-tractors-with-ukrainian-firmware

And that means that the Russian looters who supposedly were foiled by Deere’s corporate remote killswitches can re-activate their tractors, by using the Ukrainian software developed in response to the company’s monopolistic practices.

Which brings me back to Sickcodes and his awesome presentation at Defcon 30 this weekend. I watched from the front row, sitting next to the repair champion Kyle Wiens, founder of Ifixit, who turned his notes into an excellent Twitter thread:

https://twitter.com/kwiens/status/1558688970799648769

As Kyle points out, Deere has repeatedly told state and federal lawmakers and regulators that farmers can’t be trusted to repair or modify their own tractors. This is obviously nonsense: indeed, for decades, Deere product development consisted of sending engineers out to document the improvements farmers had made to their tractors so the company could copy them:

https://securityledger.com/2019/03/opinion-my-grandfathers-john-deere-would-support-our-right-to-repair/

Writing for Wired, Lily Hay Newman provides some great technical details on the hack, including how Sickcodes acquired (and accidentally broke!) several 2630 and 4240 touchscreen control units, eventually demounting the main controller and soldering it into a new board that he used to probe the system:

https://www.wired.com/story/john-deere-tractor-jailbreak-defcon-2022/

He discovered that the system was designed to send an extraordinary amount of data to John Deere – his control unit tried to exfiltrate 1.5GB worth of data once he brought it online. He also discovered that as soon as he was able to conjure up a terminal, he had root access to the system.

This was great news for Sickcodes, but it raises serious questions about Deere’s information security practices. As Kyle points out, this entire system ran on deprecated, unpatched, elderly GNU/Linux software and Windows CE, an operating system that was end-of-lifed in 2018, and which was so bad that people forced to use it typically called it “Wince.”

Sickcodes discovered all kinds of security worst-practices in John Deere’s security – even in the parts of its security that were intended to secure the company’s profits from its own customers’ best interests. For example, at one point Sickcodes put the control unit into maintenance mode by repeatedly rebooting it, so that it refused to allow him to do anything until he brought it to a dealer. He discovered that all it took to convince the computer that he was a dealer was to create an empty text file on its hard-drive whose filename was something like “IAmADealer.txt” (I didn’t write down the exact filename, alas, but that’s not far off!).

Another revelation from Sickcodes: the company made extensive use of free/open source software but seems to be gravely out-of-compliance with the license terms (I’m told that organizations that do legal enforcement of free/open licenses are now aware of this).

So to recap: the company says it has to block farmers from having the final say over their own tractors because they could create security risks and also threaten Deere’s copyrights (the company even claims that locking down tractors is necessary to preventing music infringement, as though a farmer would spend $600k on a tractor so they could streamrip Spotify tracks).

But in reality, the company itself is a dumpster-fire of information security worst practices, whose unpatched, badly configured, out-of-date tractors are a bonanza of vulnerabilities and unforced errors. What’s more, the company – which claims to be staunch defenders of copyright – use their copyright locks to hide the fact that they are committing serious breaches of software copyright.

In serious information security circles, it’s widely understood that “there is no security in obscurity” – that is, hiding how a system works doesn’t make it secure. Usually, this is understood to be grounded in the fact that if you hide your work, you might make mistakes that others would spot and point out to you:

https://doctorow.medium.com/como-is-infosec-307f87004563

But there’s another problem with security through obscurity: when you don’t have to show your work to others, you can be sloppy. Whereas, if your work is open to inspection, your own aversion to being seen as slapdash will impose a rigor on your process, which will make the whole thing better:

https://doctorow.medium.com/the-memex-method-238c71f2fb46

With Deere’s security through obscurity, we see both pathologies on display. The company uses its opacity to commit sloppy security bugs, and also to cover up its violations of copyright law – and then, of course, it accuses its critics of being guilty of those two exact sins. Takes one to know one:

https://doctorow.medium.com/takes-one-to-know-one-104d7d749408

Sickcodes closed out by saying that while his hack required a lot of fiddling with the hardware, he was already scheming to build a little tool that could access and jailbreak a tractor without ripping chips off a board or doing a lot of soldering.

And then he played a custom, farm-themed version of Doom on his jailbroken tractor controller.

Source: Pluralistic: 15 Aug 2022 – Pluralistic: Daily links from Cory Doctorow

A New Jailbreak for John Deere Tractors wants Right-to-Repair insecure and outdated tech in them

Posted on by

farmers around the world have turned to tractor hacking so they can bypass the digital locks that manufacturers impose on their vehicles. Like insulin pump “looping” and iPhone jailbreaking, this allows farmers to modify and repair the expensive equipment that’s vital to their work, the way they could with analog tractors. At the DefCon security conference in Las Vegas on Saturday, the hacker known as Sick Codes is presenting a new jailbreak for John Deere & Co. tractors that allows him to take control of multiple models through their touchscreens.

The finding underscores the security implications of the right-to-repair movement. The tractor exploitation that Sick Codes uncovered isn’t a remote attack, but the vulnerabilities involved represent fundamental insecurities in the devices that could be exploited by malicious actors or potentially chained with other vulnerabilities.

[…]

Sick Codes, an Australian who lives in Asia, presented at DefCon in 2021 about tractor application programming interfaces and operating system bugs. After he made his research public, tractor companies, including John Deere, started fixing some of the flaws. “The right-to-repair side was a little bit opposed to what I was trying to do,” he tells WIRED. “I heard from some farmers; one guy emailed me and was like ‘You’re fucking up all of our stuff!’ So I figured I would put my money where my mouth is and actually prove to farmers that they can root the devices.”

This year, Sick Codes says that while he is primarily concerned about world food security and the exposure that comes from vulnerable farming equipment, he also sees important value in letting farmers fully control their own equipment. “Liberate the tractors!” he says.

[…]

Facing mounting pressure, John Deere announced in March that it would make more of its repair software available to equipment owners. The company also said at the time that it will release an “enhanced customer solution” next year so customers and mechanics can download and apply official software updates for Deere equipment themselves, rather than having John Deere unilaterally apply the patches remotely or force farmers to bring products to authorized dealerships.

“Farmers prefer the older equipment simply because they want reliability. They don’t want stuff to go wrong at the most important part of the year when they have to pull stuff out of the ground,” Sick Codes says. “So that’s what we should all want too. We want farmers to be able to repair their stuff for when things go wrong, and now that means being able to repair or make decisions about the software in their tractors.”

[…]

He found that when the system thought it was in such an environment, it would offer more than 1.5 GB worth of logs that were meant to help authorized service providers diagnose problems. The logs also revealed the path to another potential timing attack that might grant deeper access. Sick Codes soldered controllers directly onto the circuit board and eventually got his attack to bypass the system’s protections.

“I launched the attack, and two minutes later a terminal pops up,” Sick Codes says of the program used to access a computer’s command-line interface. “I had root access, which is rare in Deere land.”

[…]

 

Source: A New Jailbreak for John Deere Tractors Rides the Right-to-Repair Wave | WIRED

Video-Ident hacked by CCC

Posted on by

Services offering Video-Ident allow users to prove their identity to them by transmitting video showing themselves and an identity document for verification by an operator or by software. Once identified, individuals can proceed to sign up for cell phone contracts, create electronic signatures which are legally binding throughout the EU (QES), apply for credit and open bank accounts – or access their German personal health record (ePA).

A specially devised choreography designed to reveal circumstancial evidence such as visible security holograms or facial expressions is supposed to answer two critical questions in every Video-Ident session: Is the identity document genuine? Is the person in front of the camera genuine? Video-Ident service providers claim that their solutions reliably detect fraud attempts.

Open source software and a little watercolour

Martin Tschirsich, a security researcher with the CCC, demonstrates the failure to keep that promise in his report published today (all links refer to sources in German). In 2019 Tschirsich had already demonstrated how unauthorized individuals could acquire German medical insurance cards as well as special doctors’ and clinics’ electronic ID cards.

[…]

Links and further information

Source: CCC | Chaos Computer Club hacks Video-Ident

Stiff, achy knees? Lab-made cartilage gel outperforms the real thing

Posted on by

[…] Writing in the journal Advanced Functional Materials, a Duke University-led team says they have created the first gel-based cartilage substitute that is even stronger and more durable than the real thing.

Mechanical testing reveals that the Duke team’s hydrogel—a material made of water-absorbing polymers—can be pressed and pulled with more force than natural cartilage, and is three times more resistant to wear and tear.

[…]

To make this material, the Duke team took thin sheets of cellulose fibers and infused them with a polymer called —a viscous goo consisting of stringy chains of repeating molecules—to form a gel.

The act like the collagen fibers in natural cartilage, Wiley said—they give the gel strength when stretched. The polyvinyl alcohol helps it return to its original shape. The result is a Jello-like material, 60% water, which is supple yet surprisingly strong.

Natural cartilage can withstand a whopping 5,800 to 8,500 pounds per inch of tugging and squishing, respectively, before reaching its breaking point. Their lab-made version is the first hydrogel that can handle even more. It is 26% stronger than natural cartilage in tension, something like suspending seven grand pianos from a key ring, and 66% stronger in compression—which would be like parking a car on a postage stamp.

[…]

In the past, researchers attempting to create stronger hydrogels used a freeze-thaw process to produce crystals within the gel, which drive out water and help hold the polymer chains together. In the new study, instead of freezing and thawing the hydrogel, the researchers used a heat treatment called annealing to coax even more crystals to form within the polymer network.

By increasing the crystal content, the researchers were able to produce a gel that can withstand five times as much stress from pulling and nearly twice as much squeezing relative to freeze-thaw methods.

The improved strength of the annealed gel also helped solve a second design challenge: securing it to the joint and getting it to stay put.

Cartilage forms a thin layer that covers the ends of bones so they don’t grind against one another. Previous studies haven’t been able to attach hydrogels directly to bone or cartilage with sufficient strength to keep them from breaking loose or sliding off. So the Duke team came up with a different approach.

Their method of attachment involves cementing and clamping the hydrogel to a titanium base. This is then pressed and anchored into a hole where the damaged cartilage used to be. Tests show the design stays fastened 68% more firmly than natural cartilage on bone.

[…]

In wear tests, the researchers took artificial cartilage and natural cartilage and spun them against each other a million times, with a pressure similar to what the knee experiences during walking. Using a high-resolution X-ray scanning technique called micro-computed tomography (micro-CT), the scientists found that the surface of their lab-made version held up three times better than the real thing. Yet because the mimics the smooth, slippery, cushiony nature of real cartilage, it protects other joint surfaces from friction as they slide against the implant.

[…]

From the lab, the first cartilage-mimicking gel that’s strong enough for knees
More information: Jiacheng Zhao et al, A Synthetic Hydrogel Composite with a Strength and Wear Resistance Greater than Cartilage, Advanced Functional Materials (2022). DOI: 10.1002/adfm.202205662

Journal information: Advanced Functional Materials

Source: Stiff, achy knees? Lab-made cartilage gel outperforms the real thing

A new method boosts wind farms’ energy output, without new equipment

Posted on by

Virtually all wind turbines, which produce more than 5 percent of the world’s electricity, are controlled as if they were individual, free-standing units. In fact, the vast majority are part of larger wind farm installations involving dozens or even hundreds of turbines, whose wakes can affect each other.

Now, engineers at MIT and elsewhere have found that, with no need for any new investment in equipment, the energy output of such installations can be increased by modeling the wind flow of the entire collection of turbines and optimizing the control of individual units accordingly.

The increase in energy output from a given installation may seem modest—it’s about 1.2 percent overall, and 3 percent for optimal wind speeds. But the algorithm can be deployed at any wind farm, and the number of is rapidly growing to meet accelerated climate goals. If that 1.2 percent energy increase were applied to all the world’s existing wind farms, it would be the equivalent of adding more than 3,600 new , or enough to power about 3 million homes, and a total gain to power producers of almost a billion dollars per year, the researchers say. And all of this for essentially no cost.

[…]

“Essentially all existing utility-scale turbines are controlled ‘greedily’ and independently,” says Howland. The term “greedily,” he explains, refers to the fact that they are controlled to maximize only their own power production, as if they were isolated units with no detrimental impact on neighboring turbines.

But in the real world, turbines are deliberately spaced close together in wind farms to achieve economic benefits related to land use (on- or offshore) and to infrastructure such as access roads and transmission lines. This proximity means that turbines are often strongly affected by the turbulent wakes produced by others that are upwind from them—a factor that individual -control systems do not currently take into account.

[…]

a new flow model which predicts the power production of each turbine in the farm depending on the incident winds in the atmosphere and the control strategy of each turbine. While based on flow-physics, the model learns from operational wind farm data to reduce predictive error and uncertainty. Without changing anything about the physical turbine locations and hardware systems of existing wind farms, they have used the physics-based, data-assisted modeling of the flow within the wind farm and the resulting power production of each turbine, given different wind conditions, to find the optimal orientation for each turbine at a given moment. This allows them to maximize the output from the whole farm, not just the individual turbines.

[…]

In a months-long experiment in a real utility-scale wind farm in India, the was first validated by testing a wide range of yaw orientation strategies, most of which were intentionally suboptimal. By testing many control strategies, including suboptimal ones, in both the real farm and the model, the researchers could identify the true optimal strategy. Importantly, the model was able to predict the farm power production and the optimal control strategy for most wind conditions tested, giving confidence that the predictions of the model would track the true optimal operational strategy for the farm. This enables the use of the model to design the optimal control strategies for new wind conditions and new wind farms without needing to perform fresh calculations from scratch.

Then, a second months-long experiment at the same farm, which implemented only the optimal control predictions from the model, proved that the algorithm’s effects could match the overall energy improvements seen in simulations. Averaged over the entire test period, the system achieved a 1.2 percent increase in at all wind speeds, and a 3 percent increase at speeds between 6 and 8 meters per second (about 13 to 18 miles per hour).

[…]

Source: A new method boosts wind farms’ energy output, without new equipment

Hubble sees supergiant Betelgeuse slowly recovering after blowing its top

Posted on by

Following the titanic mass ejection of a large piece of its visible surface. The escaping material cooled to form a cloud of dust that temporarily made the star look dimmer, as seen from Earth. This unprecedented stellar convulsion disrupted the monster star’s 400-day-long oscillation period that astronomers had measured for more than 200 years. The interior may now be jiggling like a plate of gelatin dessert. Credit: NASA, ESA, Elizabeth Wheatley (STScI)

Analyzing data from NASA’s Hubble Space Telescope and several other observatories, astronomers have concluded that the bright red supergiant star Betelgeuse quite literally blew its top in 2019, losing a substantial part of its visible surface and producing a gigantic Surface Mass Ejection (SME). This is something never before seen in a normal star’s behavior.

The sun routinely blows off parts of its tenuous outer atmosphere, the corona, in an event known as a Coronal Mass Ejection (CME). But the Betelgeuse SME blasted off 400 billion times as much mass as a typical CME.

The monster star is still slowly recovering from this catastrophic upheaval. “Betelgeuse continues doing some very unusual things right now; the interior is sort of bouncing,” says Andrea Dupree of the Center for Astrophysics | Harvard & Smithsonian.

These new observations yield clues as to how red stars lose mass late in their lives as their nuclear fusion furnaces burn out, before exploding as supernovae. The amount of mass loss significantly affects their fate. However, Betelgeuse’s surprisingly petulant behavior is not evidence the star is about to blow up anytime soon. So the mass loss event is not necessarily the signal of an imminent explosion

[…]

The titanic outburst in 2019 was possibly caused by a convective plume, more than a million miles across, bubbling up from deep inside the star. It produced shocks and pulsations that blasted off the chunk of the photosphere leaving the star with a large cool surface area under the dust cloud that was produced by the cooling piece of photosphere. Betelgeuse is now struggling to recover from this injury.

Weighing roughly several times as much as our moon, the fractured piece of photosphere sped off into space and cooled to form a that blocked light from the star as seen by Earth observers. The dimming, which began in late 2019 and lasted for a few months, was easily noticeable even by backyard observers watching the star change brightness. One of the brightest stars in the sky, Betelgeuse is easily found in the right shoulder of the constellation Orion.

Even more fantastic, the supergiant’s 400-day pulsation rate is now gone, perhaps at least temporarily. For almost 200 years astronomers have measured this rhythm as evident in changes in Betelgeuse’s brightness variations and surface motions. Its disruption attests to the ferocity of the blowout.

[…]

Betelgeuse is now so huge now that if it replaced the sun at the center of our solar system, its outer surface would extend past the orbit of Jupiter. Dupree used Hubble to resolve hot spots on the star’s in 1996. This was the first direct image of a star other than the sun.

[…]

Source: Hubble sees supergiant Betelgeuse slowly recovering after blowing its top

Researchers find way to shrink a 3D holographic VR headset down to normal glasses size using pancake lenses and a waveguide

Posted on by

Researchers from Stanford University and Nvidia have teamed up to help develop VR glasses that look a lot more like regular spectacles. Okay, they are rather silly looking due to the ribbons extended from either eye, but they’re much, much flatter and compact than your usual goggle-like virtual reality headsets today.

“A major barrier to widespread adoption of VR technology, however, is the bulky form factor of existing VR displays and the discomfort associated with that,” the research paper published at Siggraph 2022 (opens in new tab) says.

These aptly named “Holographic Glasses” can deliver a full-colour 3D holographic image using optics that are only 2.5mm thick. Compared to the traditional way a VR headset works, in which a lens magnifies a smaller display some distance away from it, shrinking all the prerequisite parts down to such a small size is quite the spectacular step forward for VR.

The Holographic Glasses prototype uses pancake lenses, which is a concept that has been thrown around a couple of times in the past few years. These pancake lenses not only allow for a much smaller profile but reportedly they have a few other benefits, too:  the resolution they can offer is said to be unlimited, meaning you can crank up the resolution for VR headsets, and they offer a much wider field of view at up to 200°.

[…]

The research paper lists the glasses as such: “a coherent light source that is coupled into a pupil-replicating waveguide, which provides the illumination for a phase-only SLM that is mounted on the waveguide in front of the user’s eye. This SLM creates a small image behind the device, which is magnified by a thin geometric phase (GP) lens.”

[…]

(Image credit: Nvidia, Stanford University)

 

the final result is a very small VR device that could be game-changing if made a reality outside of the lab. It also only weighs 60g, which is notably far lighter than even the Meta Quest 2 (opens in new tab), which rolls in at 503g.

[…]

You can read up on the whole project in the recently published research paper titled “Holographic Glasses for Virtual Reality (opens in new tab)” by Jonghyun Kim, Manu Gopakumar, Suyeon Choi, Yifan Peng, Ward Lopes, and Gordon Wetzstein.

[…]

Source: Researchers find way to shrink a VR headset down to normal glasses size | PC Gamer

Open Cybersecurity Schema Framework released

Posted on by

The Open Cybersecurity Schema Framework is an open-source project, delivering an extensible framework for developing schemas, along with a vendor-agnostic core security schema. Vendors and other data producers can adopt and extend the schema for their specific domains. Data engineers can map differing schemas to help security teams simplify data ingestion and normalization, so that data scientists and analysts can work with a common language for threat detection and investigation. The goal is to provide an open standard, adopted in any environment, application, or solution, while complementing existing security standards and processes.

OVERVIEW

The framework is made up of a set of data types, an attribute dictionary, and the taxonomy. It is not restricted to the cybersecurity domain nor to events, however the initial focus of the framework has been a schema for cybersecurity events. OCSF is agnostic to storage format, data collection and ETL processes. The core schema for cybersecurity events is intended to be agnostic to implementations. The schema framework definition files and the resulting normative schema are written as JSON.

Refer to the white paper Understanding the Open Cybersecurity Schema Framework for an introduction to the framework and schema. A schema browser for the cybersecurity schema can be found at OCSF Schema, where the user can easily navigate the schema, apply profiles and extensions, and browse the attributes, objects and event classes.

Source: Github / ocsf

Still a lot of work to be done in the schema but it’s a start

Math error: A new study overturns 100-year-old understanding of color perception

Posted on by

A new study corrects an important error in the 3D mathematical space developed by the Nobel Prize-winning physicist Erwin Schrödinger and others, and used by scientists and industry for more than 100 years to describe how your eye distinguishes one color from another. The research has the potential to boost scientific data visualizations, improve TVs and recalibrate the textile and paint industries.

[…]

“Our research shows that the current mathematical model of how the eye perceives color differences is incorrect. That model was suggested by Bernhard Riemann and developed by Hermann von Helmholtz and Erwin Schrödinger—all giants in mathematics and physics—and proving one of them wrong is pretty much the dream of a scientist,” said Bujack.

[…]

the team was surprised when they discovered they were the first to determine that the longstanding application of Riemannian geometry, which allows generalizing straight lines to curved surfaces, didn’t work.

This visualization captures the 3D mathematical space used to map human color perception. A new mathematical representation has found that the line segments representing the distance between widely separated colors don’t add up correctly using the previously accepted geometry. The research contradicts long-held assumptions and will improve a variety of practical applications of color theory. Credit: Los Alamos National Laboratory

To create industry standards, a precise mathematical model of perceived is needed. First attempts used Euclidean spaces—the familiar geometry taught in many high schools; more advanced models used Riemannian geometry. The models plot red, green and blue in the 3D space. Those are the colors registered most strongly by light-detecting cones on our retinas, and—not surprisingly—the colors that blend to create all the images on your RGB computer screen.

In the study, which blends psychology, biology and mathematics, Bujack and her colleagues discovered that using Riemannian geometry overestimates the perception of large color differences. That’s because people perceive a big difference in color to be less than the sum you would get if you added up small differences in color that lie between two widely separated shades.

Riemannian geometry cannot account for this effect.

“We didn’t expect this, and we don’t know the exact of this new space yet,” Bujack said. “We might be able to think of it normally but with an added dampening or weighing function that pulls long distances in, making them shorter. But we can’t prove it yet.”

Source: Math error: A new study overturns 100-year-old understanding of color perception

More information: Roxana Bujack et al, The non-Riemannian nature of perceptual color space, Proceedings of the National Academy of Sciences (2022). DOI: 10.1073/pnas.2119753119

Journal information: Proceedings of the National Academy of Sciences

AI ethics: we haven’t thought about including non-human animals

Posted on by

[…] The ethical implications of AI have sparked concern from governments, the public, and even companies.Footnote 1 According to some meta-studies on AI ethics guidelines, the most frequently discussed themes include fairness, privacy, accountability, transparency, and robustness [1,2,3]. Less commonly broached, but not entirely absent, are issues relating to the rights of potentially sentient or autonomous forms of AI [4, 5]. One much more significant, and more immediately present, issue has, however, been almost entirely neglected: AI’s impact on non-human animals.Footnote 2 There have, we acknowledge, been discussions of AI in connection with endangered species and ecosystems,Footnote 3 but we are referring to questions relating to AI’s impact on individual animals. As we will show in more detail below, many AI systems have significant impacts on animals, with the total number of animals affected annually likely to reach the tens or even hundreds of billions. We therefore argue that AI ethics needs to broaden its scope in order to deal with the ethical implications of this very large-scale impact on sentient, or possibly sentient, beings.

[…]

The structure of the paper forms a series of step-by-step arguments, leading to the conclusion that there needs to be AI ethics concerning animals.

  1. 1. Animals matter morally, at least to some degree (Sect. 2).
  2. 2. AI systems do in fact impact animals.
  3. 3. These impacts are huge in scale and severe in intensity, and therefore important. (Sect. 3.2).
  4. 4. Conclusion: AI ethics needs to include consideration of impact of AI on animals

[…]

it is reasonable to claim that having the capacity to experience pain and pleasure is sufficient to give a being moral status [14,15,16].Footnote 4The capacity to experience pain and pleasure is not, of course, sufficient for moral agency, but it is sufficient to make it wrong to do certain things to the being. This is now recognized in the increasing tendency of many countries to pass legislation granting animals the status of “sentient being,” a position between that of a person and that of a thing.Footnote 5

[…]

we need to distinguish three ways in which AI systems can impact animals: because they are designed to interact with animals; because they unintentionally (that is, without the designers’ intent) interact with animals; and because they impact animals indirectly without interacting with animals at all.

[…]

Of the hundreds of AI ethics relatedFootnote 31 papers we reviewed in this project, we only found four that concern the impacts of AI on animals, in a general way,Footnote 32 and discuss the relevant ethical implications.

[…]

These four papers have, in our opinion, quite different focuses than ours. We differ from these authors by discussing in greater detail how AI affects the lives of animals and especially the negative impact, or in other words the suffering AI might cause animals. As far as we are aware, this is the first paper to argue for the general principle that animals, because of their capacity to suffer or enjoy their lives, should be part of the concern of AI ethics.Footnote 34

We aim to supplement these four papers by providing the following additional elements:

  • An analysis of the ethical implications of AI’s impact on animals.
  • A sample analysis of the philosophical issues that will need to be considered if the scope of AI ethics is extended to animals.
  • A sample analysis of the philosophical issues that will need to be considered if we want AI systems to make ethically sound decisions in relation to animals.
  • A defense of the claim that the field of AI ethics is obliged to actively deal with the ethical issues of AI’s impact on animals.

[…]

 

Source: AI ethics: the case for including animals | SpringerLink

Subsurface water on Mars defy expectations: Physics connects seismic data to properties of rocks and sediments

Posted on by

A new analysis of seismic data from NASA’s Mars InSight mission has revealed a couple of surprises.

The first surprise: the top 300 meters of the subsurface beneath the near the Martian equator contains little or no ice.

“We find that Mars’ crust is weak and porous. The sediments are not well-cemented. And there’s no ice or not much ice filling the pore spaces,” said geophysicist Vashan Wright of Scripps Institution of Oceanography at the University of California San Diego. Wright and three co-authors published their analysis in Geophysical Research Letters.

“These findings don’t preclude that there could be grains of ice or small balls of ice that are not cementing other minerals together,” said Wright. “The question is how likely is ice to be present in that form?”

The second surprise contradicts a leading idea about what happened to the water on Mars. The red planet may have harbored oceans of water early in its history. Many experts suspected that much of the water became part of the minerals that make up underground cement.

“If you put water in contact with rocks, you produce a brand-new set of minerals, like clay, so the water’s not a liquid. It’s part of the mineral structure,” said study co-author Michael Manga of the University of California Berkeley. “There is some cement, but the rocks are not full of cement.”

“Water may also go into minerals that do not act as cement. But the uncemented subsurface removes one way to preserve a record of life or ,” Wright said. Cements by their very nature hold rocks and sediments together, protecting them from destructive erosion.

The lack of cemented sediments suggests a water scarcity in the 300 meters below InSight’s landing site near the equator. The below-freezing average temperature at the Mars equator means that conditions would be cold enough to freeze water if it were there.

Many , including Manga, have long suspected that the Martian subsurface would be full of ice. Their suspicions have melted away. Still, big ice sheets and frozen ground ice remain at the Martian poles.

[…]

Source: Subsurface water on Mars defy expectations: Physics connects seismic data to properties of rocks and sediments

Chinese tickers scam ($HKD and more!) for collateral already down 92%: from $.5 Trillion to $43B

Posted on by

✅ chinese tickers scam for collateral already down 92%: from $.5 Trillion to $43B ✔ (something big is coming) ✅
byu/Money-Maker111 inSuperstonk

This is a follow up to the big chinese ticker scam, which became the highest by-market-crap-on-the-books crime in human history, as well as another recent ticker scam.

Firstly, good job for staying away from these. MSM did try hard to call them ‘mEmE StOcKs’. MSM tried even harder to push innocent investors like you and me into them. These pieces of illicit trash were, and still are, uninvestable. Remain clear of these pump and dumps, they’re junk. They are not meme stocks; they’ll never be.

Let’s take a look at where things are today:

Ticker Book Value a week ago (in Billions of USD) Book Value today (in Billions of USD)
HKD 477.00 39.23
AMTD 16.70 2.81
QRTEB 4.60 1.36
LTRPB 0.40 0.15
MEGL 4.91 0.25
Total: 504 43

Let’s remember that this criminal balloon was developed beginning July 15th during the GameStop split/dividend process that was defrauded by DTCC into a split. Also remember that Loop Capital, a GameStop short seller who is a stones throw away from Citadel in Chicago, underwrote the major one above.

These tickers, just last week, were able to be used as half a Trillion USD in collateral [for margin requirements] on the books. Now down 92% overnight to $43B, which is less than the margin alert received by Susquehanna.

Source: https://www.reddit.com/r/Superstonk/comments/wkecks/chinese_tickers_scam_for_collateral_already_down/

Slack exposed hashed passwords for years

Posted on by

[…]

The issue occurred when a user created or revoked a shared invitation link for their workspace. The good news is that the password wasn’t plaintext, and it wasn’t visible in any Slack clients. The bad news is that it could be picked up by monitoring encrypted traffic from Slack’s servers, and it appears that all users who created or revoked those links between April 17, 2017, and July 17, 2022, are affected.

Slack said only 0.5 percent of users were affected, which doesn’t sound too terrible until you consider how many Slack users are out there. While getting a definitive user figure for any chat platform is tricky and varies depending on what measure the vendor is using, it is safe to assume Slack has 10 million or more daily active users, meaning that at least 50,000 could have been affected. We asked the company to confirm this, and will update if there is a response.

Slack lays claim to over 169,000 paid customers and says “millions of people around the world use Slack to connect their teams.”

The company was informed of the issue by an independent security researcher on July 17, and swiftly fixed the issue before assessing the scale of the impact. “We have no reason to believe that anyone was able to obtain plaintext passwords because of this issue,” it insisted, but has still reset the passwords of affected users regardless.

It also recommends the inevitable move to two-factor authentication and the use of unique passwords for every service in use.

[…]

Source: Slack exposed hashed passwords for years • The Register

Some Epson Printers Programmed to Eventually Self-Brick

Posted on by

[…] Haven recently took to Twitter to share a frustrating experience with their wife’s “very expensive @EpsonAmerica printer” which, seemingly out of the blue, displayed a warning message stating that “it had reached the end of its service life.” It then simply stopped working, requiring either a servicing to bring it back from the dead, or a full-on replacement.

So what was the issue with the printer? A dead motor? A faulty circuit board? Nope. The error message was related to porous pads inside the printer that collect and contain excess ink. These wear out over time, leading to potential risks of property damage from ink spills, or potentially even damage to the printer itself. Usually, other components in the printer wear out before these pads do, or consumers upgrade to a better model after a few years, but some high-volume users may end up receiving this error message while the rest of the printer seems perfectly fine and usable.

According to the Fight to Repair Substack, the self-bricking issue affects the Epson L130, L220, L310, L360, and L365 models, but could affect other models as well, and dates back at least five years. There’s already videos on YouTube showing other Epson users manually replacing these ink pads to bring their printers back to life. The company does provide a Windows-only Ink Pad reset utility that will extend the life of the printer for a short period of time, but it can only be used once, and afterwards, the hardware will either need to be officially serviced, or completely replaced.

A few years ago, Epson released its EcoTank line of printers, which were specifically designed to address the extremely high cost of replacing the ink cartridges for color inkjet printers. The printers featured large ink reservoirs which could be easily refilled with cheaper bottles of ink, and although Epson’s EcoTank printers were more expensive as a result, in the long run they would be cheaper to operate, especially for those printing a lot of color imagery. But that assumes they actually keep working for the long run. Videos of users manually replacing their Epson printers’ ink pads seem to indicate that the company could redesign the hardware to make this part easily user-serviceable, which would extend the life of the hardware considerably. But as it stands, the company’s solution runs the risk of contributing to an ever-growing e-waste problem and forcing consumers to shell out for new hardware long before they really need to.

[…]

As it stands now, there are undoubtedly many users getting an error message like this that simply replace their printers entirely, when they’d certainly be happy to instead pay for a $15 maintenance kit that quickly gets them running again, keeping more devices out of recycling facilities or garbage dumps.

Source: Some Epson Printers Programmed to Eventually Self-Brick

SW186 antibody neutralizes SARS-CoV-1 and SARS-CoV-2 (all variants) by binding to a conserved spike epitope outside the receptor binding motif

Posted on by

[…] Here, we used the LIBRA-seq technology, which identified SARS-CoV-2 specific B cells via DNA-barcoding and subsequently single cell sequenced BCRs, to identify an antibody, SW186, which could neutralize major SARS-CoV-2 variants of concern, including Beta, Delta, and Omicron, as well as SARS-CoV-1. The cryo-EM structure of SW186 bound to the receptor-binding domain (RBD) of the viral spike protein showed that SW186 interacted with an epitope of the RBD that is not at the interface of its binding to the ACE2 receptor but highly conserved among SARS coronaviruses. This epitope encompasses a glycosylation site (N343) of the viral spike protein. Administration of SW186 in mice after they were infected with SARS-CoV-2 Alpha, Beta, or Delta variants reduced the viral loads in the lung. These results demonstrated that SW186 neutralizes diverse SARS coronaviruses by binding to a conserved RBD epitope, which could serve as a target for further antibody development.

[…]

Source: An antibody that neutralizes SARS-CoV-1 and SARS-CoV-2 by binding to a conserved spike epitope outside the receptor binding motif – Science Immunology

Physicist pranks with James Webb Space Telescope photo of a chorizo sausage – some people really have no sense of humor any more

Posted on by

[…] On July 31st, Étienne Klein, the director of France’s Alternative Energies and Atomic Energy Commission, shared an image he claimed the JWST captured of Proxima Centauri, the nearest-known star to the sun.

“It was taken by the James Webb Space Telescope,” Klein told his more than 91,000 Twitter followers. “This level of detail… A new world is unveiled every day.” Thousands of people took the post at face value and retweeted it without comment.

A few days later, Klein admitted that what he shared was actually a photo of a slice of chorizo against a black background. “In view of certain comments, I feel obliged to specify that this tweet showing an alleged picture of Proxima Centauri was a joke,” Klein said. “Let’s learn to be wary of the arguments from positions of authority as much as the spontaneous eloquence of certain images.”

Klein subsequently apologized for the prank and told French news outlet Le Point (via Vice) he posted the image to educate the public about the threat of fake news. “I also think that if I hadn’t said it was a James Webb photo, it wouldn’t have been so successful,” he noted. After everything was said and done, Klein shared the recent image the JWST captured of the Cartwheel galaxy. This time he was quick to assure his followers that the photo was authentic.

Source: Physicist trolls James Webb Space Telescope fans with a photo of a chorizo sausage | Engadget

Some people, including the writer of Engadget have gotten their panties in a twist about this. It’s a joke. Funny. A bit of a shame Klein needed to apologise for this and make up some BS nonsense justification around it.

Apple tells suppliers to use ‘Taiwan, China’ on labels

Posted on by

Apple, which celebrates its self-professed commitment to free expression and human rights, has reportedly told its suppliers in Taiwan to label their components so they describe Taiwan as a province of the People’s Republic of China (PRC).

According to Japanese financial publication Nikkei, Apple on Friday warned its suppliers that China has ramped up enforcement of a long-standing import rule “that Taiwanese-made parts and components must be labeled as being made either in ‘Taiwan, China’ or ‘Chinese Taipei.'”

[…]

While China and the US have allowed the status of Taiwan to remain ambiguous to avoid open warfare, the uneasy peace frequently gets tested, as was the case this week when Nancy Pelosi, the Democratic Speaker of the House of Representatives, visited Taiwan after being warned away by the Chinese government.

Pelosi’s visit infuriated the CCP, which responded by holding threatening military exercises and announcing countermeasures, including the suspension of military, legal, and economic cooperative efforts between China and the US. CCP authorities also sanctioned Pelosi and her family. China’s decision to enforce its import labeling rules to designate Taiwan as its own province presumably follows from this fit of pique.

Apple has prospered by relying on Chinese companies as part of its supply chain. But its dependence upon China for sales and product assembly has left the corporation unwilling to challenge egregious abuses, though it argues otherwise.

In September, 2020, Apple issued a document [PDF] titled “Our Commitment to Human Rights.” It states, “At Apple and throughout our supply chain, we prohibit harassment, discrimination, violence, and retaliation of any kind—and we have zero tolerance for violations motivated by any form of prejudice or bigotry.”

Apple has shown a bit more tolerance for China’s mass detention of Muslim Uyghurs.

In December, 2020, the Tech Transparency Project reported that Apple’s suppliers depend upon forced labor. And in May 2021, a report by The Information accused seven of Apple’s suppliers of relying on forced labor in China’s Xinjiang region.

When US lawmakers proposed a law to hold companies accountable for allowing suppliers to use forced labor, Apple lobbied against the bill which was nonetheless signed into law by President Biden toward the end of last year. Apple also lobbied the SEC, unsuccessfully, to block a shareholder proposal to require the company to disclose more details about supply chain labor practices.

[…]

Ismail pointed to Apple’s censorship of Taiwan’s flag emoji on iOS devices sold in Hong Kong and Macao.

“During the Umbrella movement in Hong Kong, [Apple] removed an app used by protesters for safety purposes,” he said. “It gave very strict directives to its employees about their involvement in the movement, and abusively and heavily restricted their freedom of expression.”

[…]

Source: Apple tells suppliers to use ‘Taiwan, China’ on labels • The Register

‘Switchblade’ Flying car with foldable wings and a retractable tail gets FAA approval, fits in your garage

Posted on by
  • A flying car called “Switchblade” can now be sold in the US market.
  • This three-wheeler can fly at a height of 16,000 feet (4.8 km)in the sky.
  • It runs on premium gasoline and has a maximum air speed of 200 mph (321 km/h)

A flying sports car named Switchblade recently passed the safety tests of the Federal Aviation Administration (FAA), and now it is ready for market launch. Its creators at the Oregon-based company Samson Sky claim it took 14 years to develop this innovative vehicle. Interestingly, Switchblade can be easily parked inside a residential garage, and it is suitable for both roadside driving and flying.

Although Switchblade is not the first flying car to get clearance from FAA (in February 2022, Terrafugia Transition became the first flying car to get FAA approval), it might become the first flying car available to the public in the US. Samson Sky has started taking online reservations for Switchblade, and over 1,600 people have already shown interest in buying the car. The estimated starting price for Switchblade would be $150,000.

The uncanny features of Switchblade

Flying car 'Switchblade' with foldable wings and a retractable tail gets FAA approval
Samson Sky Switchblade in flying mode

 

Switchblade is a three-wheeler sports car that comes with foldable wings and a retractable tail. Within three minutes, these flexible components can turn this roadside vehicle into a small aircraft capable of flying at 16,000 feet (4.8 km). The top speed of this two-seater flying machine ranges between 125 mph (201 km/h) (on-road) and 200 mph (321 km/h) (during flight).

The official website of Samson Sky mentions that the car comes equipped with a hybrid electric drive and fly system, a climate-controlled cabin, front and rear crumple zones, and a parachute that covers the whole vehicle to ensure complete comfort and safety of its users. It runs on 91 octane gasoline, one of the most common and readily available premium automobile fuels in the US.

When asked about the motivation behind Switchblade, CEO of Samson Sky, Sam Bousfield told The Hill, “The speed at which we do things is the biggest motivation for me. You start knocking down targets and really getting things done – it really fires up the team,” He further reveals that for him, “road + sky = endless possibilities”. He has always believed in this idea, and Flying cars have been his childhood dream, so this is another reason why he has been able to work on flying car technology for so long.

Can Switchblade become a mainstream vehicle?

Bousfield claims that only a few years are left before we see flying Switchblades in the sky, but like any flying car, Switchblade has its own challenges. For instance, the vehicle has been approved by the FAA, but that only means that Samson Sky can sell this vehicle. The buyers might still need to get permission from local authorities before they drive or fly Switchblade for the first time since it is not an ordinary vehicle.

Another complicated matter is insurance. Switchblade is a flying vehicle, and there is no company in the US that offers flying car insurance. However, the insurance laws in most American states require drivers to carry active vehicle insurance with them. While addressing this issue, Sam Bousfield anticipates that until companies come up with suitable insurance policies, Switchblade buyers might need to buy both car and aircraft insurance.

Flying cars have been a century-old dream and now it seems like we are very close to seeing the idea turn into a reality. The challenges discussed above are real, but hopefully, they will be resolved by the time Switchblade arrives on the market. What’s more interesting is that Switchblade isn’t the only flying car that is ready to launch. There are other players as well, and it would be fascinating to see which of them we see first on the road.

Source: Flying car ‘Switchblade’ with foldable wings and a retractable tail gets FAA approval

Cryptocurrency firm Nomad offers 10% bounty to hackers who stole $190 million

Posted on by

Hackers recently stole $190 million from cryptocurrency cross-chain token platform Nomad, and now the company says it will pay a bounty to the thieves if they return those assets.

Nomad says it will pay the hackers an amount that is worth up to 10% of the stolen funds and call off its lawyers after the money is returned to an official “recovery wallet.” It will also consider the cyberthieves to be ethical — or “white hat” — hackers.

The initial theft happened earlier this week when Nomad’s routing systems were being upgraded, which allowed attackers to spoof messages and copy and paste transactions. Nomad’s bridge was zapped quickly in what one researcher called a ““frenzied free-for-all.”

​​The exploit is the seventh major incident to target a bridge in 2022, and it is the eighth largest cryptocurrency theft of all time, according to blockchain analysis firm Elliptic. Added together, over a dozen unique hacks have occurred in 2022, with more than $2 billion stolen from cross-chain bridges like Nomad.

Nomad’s willingness to work with the intruders

Elliptic said there were 40 hackers involved in the Nomad incident, and the company appears to want to make the return of its money as much of a win-win as possible.

For anyone to qualify for the bounty, the only caveats Nomad has is that the hackers have to return at least 90% of the total funds they hacked, use Ethereum as the currency, use Anchorage Digital (a nationally regulated custodian bank), and do it in a “timely” fashion. The company didn’t give a specific number of days or weeks as a deadline, but it said it will continue to work with its online community, blockchain analysis firms, and law enforcement to guarantee that all funds are returned.

[…]

Source: Cryptocurrency firm Nomad offers 10% bounty to hackers who stole $190 million

Roomba Maker iRobot sells out to Amazon for $1.7 Billion cash – now your vacuum will be spying on you too

Posted on by

Amazon.com Inc. AMZN -1.73% is buying Roomba maker iRobot Corp. IRBT +19.23% for $1.7 billion, giving the online retailer another connected-home product that deepens its ties to consumers’ homes.

Amazon agreed to pay $61 a share for iRobot in an all-cash deal. The price, which includes a small amount of debt, represents a 22% premium to iRobot’s closing price of $49.99 on Thursday.

iRobot shares rose 19% to $59.54 in recent trading. They are off 9.7% year to date. Amazon shares fell 0.8% to $141.41.

iRobot introduced its Roomba vacuum in 2002 and has sold more than 40 million units since. The wireless, smart-vacuum learns and maps spaces to clean dust and messes. It is a staple of Amazon’s Prime Day shopping bonanza, having been a featured product for eight straight years.

iRobot in May had projected reaching sales of $1.6 billion to $1.7 billion this year. It withdrew that guidance on Friday in light of the deal and other challenges.

Roomba would join other Amazon-owned products like the Alexa virtual assistant speaker and Ring video doorbell that together give the retailer more ways to power smart homes.

[…]

Source: Amazon Buying Roomba Maker iRobot for $1.7 Billion – WSJ

SpaceX shows that it too can shower the Earth with debris

Posted on by

Australian media has reported that space debris found in New South Wales was indeed junk from a SpaceX mission, including one piece measuring nearly three meters in length.

The black shard, found sticking out of the ground, is presumed to be Elon Musk’s take on 2001’s Monolith. The Register asked SpaceX to clarify, but we have yet to receive a response.

The debris fell to Earth earlier in July, and the three-meter long component was found on July 25. Australian authorities had been awaiting confirmation that the pieces were indeed from a SpaceX mission and, according to ABC South East NSW, that confirmation has now been received.

Astronomer Jonathan McDowell noted that the July 8 reentry path for the leftover SpaceX Crew-1 trunk was close to the Dalgety area (slightly inland, halfway between Melbourne and Sydney) where the debris was found. The lengthy shard also bears a distinct resemblance to the attach point of one of the trunk’s four fins. Additional debris was also found.

As well as a reusable capsule, the SpaceX Crew Dragon has an unpressurized trunk, which features solar panels and fins. The trunk is jettisoned prior to reentry for disposal. However, it appears that some components survived to land in Australia.

SpaceX’s Crew-1 mission was the first operational flight of the Crew Dragon, ferrying four astronauts to the International Space Station (ISS.) It launched on November 16, 2020 and returned to Earth on May 2, 2021. The trunk, it appears, made its own return somewhat later.

[…]

Source: SpaceX shows that it too can shower the Earth with debris • The Register

Visa, Mastercard Cancel Ad Pornhub Payments Amid Lawsuit – suspicion is enough apparently

Posted on by

Visa and Mastercard, two of the world’s largest payment processors, said Thursday that they will suspend payments for ad purchases on Pornhub. The move comes on the heels of a judge allowing a lawsuit to proceed that accuses Visa of knowingly facilitating the spread of child pornography, also known as child sexual abuse material (CSAM).

A federal judge denied Visa’s motion to dismiss last week, allowing the case to move forward against the payment processor for alleged involvement in a “criminal agreement” to profit off the videos. In a statement released Thursday, Visa CEO Alfred Kelly said that, while the company strongly disagreed with the court’s ruling it had created “new uncertainty” around the role of TrafficJunky, MindGeek’s advertising arm. (MindGeek is Pornhub’s parent company). Citing that uncertainty, Kelly said Visa would suspend any relationship with TraficJunky until further notice. That means customers will no longer be able to use Visa cards to purchase advertising on MindGeek sites, which includes Pornhub, for the duration of the suspension. Visa’s decision came just two days after Bill Ackman, an influential hedge fund manager, called on the credit card company to pressure Pornhub to remove CSAM content.

[…]

In a statement sent to Gizmodo, a MindGeek said that none of its platforms, including Pornhub, have ever tolerates CSAM or other illicit material.

“Despite today’s suspension of payment acceptance for our advertising platform, we are extremely confident in our policies and the fact that we have instituted trust and safety measures that far surpass those of any other major platform on the internet,” the company’s statement reads.

MindGeek went on to describe the recent allegation accusing the company of knowingly allowing and monetizing off CSAM material on its platform as “reckless,” and “false.”

[…]

“At this point in the lawsuit, the court has not yet ruled on the veracity of any allegations, and is required to assume all of the plaintiff’s allegations are true and accurate. When the court can actually consider the facts, we are confident the plaintiff’s claims will be dismissed for lack of merit.”

[…]

Source: Visa, Mastercard Suspend Ad Pornhub Payments Amid Lawsuit

Riot Blockchain Made More in Power Credits Than Mining Bitcoin

Posted on by

At least one big bitcoin mining operation in Texas that was not actually mining much bitcoin during this season’s record-breaking heat netted millions of dollars in profits—more than they would have if they just kept on mining without any shutdowns. It’s thanks to power purchase agreements signed with the local grid, allowing them to sell electricity they purchased earlier back to the provider for a tidy sum.

Riot Blockchain itself announced it had made an estimated $9.5 million in power credits thanks to the multiple times it shut down its mining rigs. This was even more than the amount the company gained in selling bitcoin that month. The company’s page said it sold 275 bitcoin, with net proceeds equalling just $5.6 million. This is compared to last year when the company said it produced 444 bitcoin, worth approximately $16 million just before the price of BTC really spiked toward the tail end of 2021.

[…]

The Electric Reliability Council of Texas—AKA ERCOT—had asked businesses to routinely power down in order to conserve electricity throughout July. Riot and its massive 750-megawatt bitcoin mining facility in Rockdale, Texas reduced power multiple times during times of peak demand. Of course, many of the dozens of large-scale bitcoin mining operations also cut activity during the past month to not over-stress the often overtaxed grid, but Riot remains the largest token miner in the Lone Star State.

The amount of bitcoin produced during this past month was 318, 28% less than the same month last year. While the companies did publicly agree to shutdowns in order to preserve the grid, they were also avoiding scaling electricity prices during peak loads.

ERCOT provides power purchase agreements that are usually termed for one year, but Lee Bratcher, the president of the Texas Blockchain Council, told Gizmodo in a phone interview that only a handful of the biggest bitcoin miners actually have these PPAs. The ones that do, like Riot, can take advantage of the need to curtail power, while other miners simply have to make do.

The Texas Blockchain Council networks and promotes the many crypto mining operations in the state. Bratcher called these PPAs “a good deal” for ERCOT, since it can regain the power needed for the rest of its grid during peak times.

At the same time, the massive draw of these mining operations is only expected to increase. Texas’ grid system has said that Texas crypto miners will put a six gigawatt-demand on the grid by next year. Congressional Democrats have warned the seven largest mining rigs in the U.S. draw power equivalent to all the residential homes in the city of Houston. These crypto miners are only expected to get bigger over time.

[…]

Source: Riot Blockchain Made More in Power Credits Than Bitcoin