I can have app store? Apple: yes but NO! Give €1,000,000 + lock in to Apple ecosystem. This is how to “comply” with EU anti competition law

Posted on by
a rotting apple core with a closed padlock running through it

Apple is keeping a firm grip on people with alternative marketplaces, fleecing them for money but also for other control. Here are some of the terms Apple requires you to conform to in order to start up your own app store (which they call alternative marketplace):

If you’re interested in becoming a marketplace developer in the EU, the Account Holder of your Apple Developer Program membership will first need to agree to the Alternative Terms Addendum for Apps in the EU. Once they’ve agreed, they can submit a request for the entitlement.

To qualify for the entitlement, you must:

  • Be enrolled in the Apple Developer Program as an organization incorporated, domiciled, and or registered in the EU (or have a subsidiary legal entity incorporated, domiciled, and or registered in the EU that’s listed in App Store Connect). The location associated with your legal entity is listed in your Apple Developer account.
  • Agree to build an app whose primary purpose is discovery and distribution of apps, including apps from other developers.
  • Agree to provide and publish terms, including those pertaining to content and business model, for apps you will distribute, and accept apps that meet those terms.
  • […]

But what rankles most is the amount of money Apple not only fleeces from marketplaces for every installation – especially considering that Apple is not doing anything for the download – but that the barrier to entry is set at ONE MILLION DOLLARS!

Understanding payments, fees, and taxes

Stand-by letter of credit

In order to establish adequate financial means to guarantee support for developers and customers, marketplace developers must provide Apple a stand-by letter of credit from an A-rated (or equivalent by S&P, Fitch, or Moody’s) financial Institution of €1,000,000 prior to receiving the entitlement. It will need to be auto-renewed on a yearly basis.

Core Technology Fee

The DMA requires Apple to support distribution and payment processing alternatives that are facilitated outside the App Store. To reflect the value Apple provides marketplace developers with ongoing investments in developer tools, technologies, and program services, Apple has introduced a Core Technology Fee.

  • Marketplace developers will need to pay €0.50 for each first annual install of their marketplace app. First annual installs included in your Apple Developer Program membership can’t be used for marketplace apps.
Source: Getting started as an alternative app marketplace in the European Union

Of course, Apple is the one deciding if you are allowed to create an app store. What is the likelihood of that happening? Should you be one of the happy few (uhm, wait – didn’t the EU have this ruling as part of the Digital Markets Act (DMA), an anti competitive set of laws, aimed at allowing EVERYONE access?), then you still have to build an Apple App – ie you have to pay Apple to have your app in the app store and they will review your app in their app store. In the words of Apple:

An alternative app marketplace is an iOS app from which someone can install other third-party apps. To create a marketplace, fill out a webform that outlines the qualifications. If approved, Apple enables a code-signing entitlement on your account to distribute your marketplace app on the web. Apple also provides you with a framework that facilitates the secure installation of apps that your marketplace hosts.

To set up a marketplace, upload a public key, or marketplace key, to App Store Connect that regularly verifies the agreement, or relationship, you make with other developers that distribute their app on your marketplace.

The architecture of an app marketplace includes an iOS app, a webpage, from which people download your app, and a webserver that stores app data it regularly receives from App Store Connect.

Source: Creating an alternative app marketplace

So the value Apple describes above is basically that they force you to set up your App store from inside their App store. Apple then tells you how to run it and wants to know exactly what is going on inside it, so they can grab their €0.50 per year per app downloaded from it.

So really, the way in which Apple is conforming to the EU DMA is by offering a massive finger to the EU and it’s developers.

Running your AI Locally on your own PC / Installing your own LLM

Posted on by

Having your AI going on your own laptop or PC is perfectly viable. For textual conversations you don’t always need a Large Language Model (LLM) when Small Language Models can perform at the same or in some cases even better levels (eg MS Phi-2 small language model – outperforms many LLMs but fits on your laptop) than the OpenAI online supercomputer trained models. This has many reasons, such as overfitting, old data, etc. You may want to run your own model if you are not online all the time, if you have privacy concerns, eg if you don’t want your inputs to be used to further train the model, or if you don’t want to be dependent on a third party (what if OpenAI suddenly requires hefty payment for use?)

On performance: most of the data processing happens fastest on Nvidia GPUs, but the processing can be offloaded to your CPUs. In this case you may find some marked slowdowns.

Text to Image

Stable diffusion offers very very good text to image generation at a high level. You can find their models on their page https://stability.ai/stable-image. Other models such as OpenAI’s Dall-E or Midjourney can’t be run locally. Despite what OpenAI says, they are not open source.

For all the different user interfaces, expect downloads of ~1.5GB – 2GB and unpacked sizes of ~5GB – 12GB (or more!)

Note that you do need an Nvidia GPU – Running a 2070ti images generate in ~5 / 6 seconds. On a laptop they take ~ 10 minutes!

Easy Diffusion – like Stability Matrix, this is a one click installer for Windows, Linux or MacOS that will download a specific WebUI. It updates every time you start it.

an image of a tesla driving down a road. the data coming out of the roof is visualised using yellow lines generated by Easy Diffusion

ComfyUI is another easy to run frontend – you download and extract the zip file (~30k files, takes a while!) and run. You then need to download a model (there is a README in the directory that will point you to one) and copy it into ComfyUI\models\checkpoints (~ 5GB). It does, however, offer quite a lot of complexity. It is a flow based model, so it takes a little getting used to as the rest use sliders or checks to configure your model. Some people find this is the fastest system, however others point out that this is most likely due to the default config of other stable diffusion models or outdated python / pythorch and other dependencies, which apparently ComfyUI does a good job of keeping updated. I found there was not much difference, but I was not bulk generating images where this becomes an issue.

an image of a tesla driving down a road. the data coming out of the roof is visualised using yellow lines generated by ComfyUI

Fooocus is very ease of use – it’s simplicity is it’s strength. Unzip and run the run.bat file. There are loads of LoRa (see Conclusion, below) model previews to get a certain style out of it.

an image of a tesla driving down a road. the data coming out of the roof is visualised using yellow lines generated by Fooocus

Automatic A1111 gives more control over the prompts and is somewhere between Fooocus and ComfyUI. It requires you to install Python 3.10.6 and git yourself. I have included it because it’s very popular, but to be honest – with the above options, why bother?

LoRas

Another platform you need to know about is CivitAI – especially their LoRa (Low-Rank Adaptation) models. These allow Stable Diffusion to specialise in different concepts (eg artistic styles, body poses, objects – basically the “Style” part of Fooocus) – for a good explanation, see Stable Diffusion: What Are LoRA Models and How to Use Them?

Overgrowth style LoRa
horny style LoRa
copper wire style LoRa
fantasy style LoRa

General purpose downloader

Pinokio is a system that dowloads and installs community created scripts that run apps, databases, AI’s, etc. User scripts for AI include magic animators, face swappers, music captioning, subtitling, voice cloning etc

Pinokio user scripts

Another way to get started on a specific webUI for text to image is using Stability Matrix: a program that installs different webUIs (Automatic 1111, Comfy UI, SD.Next (Vladmandic), VoltaML, InvokeAI, Fooocus, and Fooocus MRE) for you. It will download the model, training data and weights and start up the process for you to connect to using a browser. This will handle installing the python and Git dependencies as well.

stability matrix UI installer

I however found that it wasn’t quite as straightforward as it looked, with some of the models requiring you to configure and run the model within Stability Matrix and some requiring you to work in the model externally to Stability Matrix.

Language Models (LLMs) / Talking to your AI

Just chatting

LM Studio allows you to install and run models such as LLaMa, Phi-2, etc from Hugging face

lm studio downloading phi-2

Using the phi-2 model, text generation is suprisingly smooth and fast

phi-2 model running in LM studio

Chatting and modifying the model

Then there is also Ollama which allows you to Run Llama 3, Phi 3, Mistral, Gemma, and other models. The big difference here is you can customize and create your own. You can either create and import a GGUF file (GGUF is a binary format that is designed for fast loading and saving of models, and for ease of reading. Models are traditionally developed using PyTorch or another framework, and then converted to GGUF for use in GGML.) or you can use Retrieval Augmented Generation (RAG) support. This feature seamlessly integrates document interactions into your chat experience. You can load documents directly into the chat or add files to your document library, effortlessly accessing them using the # command before a query. Just running Ollama allows you to access it in the command line, but there is a beautiful Open WebUI which is being updated like crazy and gives you loads of options.

gif image of diferent llms running in a web ui

Conclusion

No article on this kind of AI is complete without mention of Hugging Face The platform where the machine learning community collaborates on models, datasets, and applications. You can find all kinds of models and data there to refine your AI once you get into it a bit.

AI systems are certainly not limited to text to image or conversational – text to audio, text to video, image to video, text to 3D, voice to audio, video to video and much more are all possible locally.

Running your own AI / ML system on your own PC is viable (but you need an Nvidia card for text-to-image!). It allows you much more privacy as the data is not fed back to an external provider for more training or otherwise. It’s faster and often quality just as good as the online services. You don’t run out of credits.

Refining the training of these models and adding to their datasets is beyond the scope of this article, but is a next step for you 🙂

Water molecule discovery on ion layer contradicts textbook models

Posted on by

Textbook models will need to be re-drawn after a team of researchers found that water molecules at the surface of salt water are organised differently than previously thought.

Many important reactions related to climate and environmental processes take place where water molecules interface with air. For example, the evaporation of ocean water plays an important role in atmospheric chemistry and climate science. Understanding these reactions is crucial to efforts to mitigate the human effect on our planet.

The distribution of ions at the interface of air and water can affect atmospheric processes. However, a precise understanding of the microscopic reactions at these important interfaces has so far been intensely debated.

In a paper published today in the journal Nature Chemistry, researchers from the University of Cambridge and the Max Planck Institute for Polymer Research in Germany show that ions and water molecules at the surface of most salt-water solutions, known as electrolyte solutions, are organised in a completely different way than traditionally understood. This could lead to better atmospheric chemistry models and other applications.

[…]

The combined results showed that both positively charged ions, called cations, and negatively charged ions, called anions, are depleted from the water/air interface. The cations and anions of simple electrolytes orient water molecules in both up- and down-orientation. This is a reversal of textbook models, which teach that ions form an electrical double layer and orient water molecules in only one direction.

Co-first author Dr Yair Litman, from the Yusuf Hamied Department of Chemistry, said: “Our work demonstrates that the surface of simple electrolyte solutions has a different ion distribution than previously thought and that the ion-enriched subsurface determines how the interface is organised: at the very top there are a few layers of pure water, then an ion-rich layer, then finally the bulk salt solution.”

Co-first author Dr Kuo-Yang Chiang of the Max Planck Institute said: “This paper shows that combining high-level HD-VSFG with simulations is an invaluable tool that will contribute to the molecular-level understanding of liquid interfaces.”

Professor Mischa Bonn, who heads the Molecular Spectroscopy department of the Max Planck Institute, added: “These types of interfaces occur everywhere on the planet, so studying them not only helps our fundamental understanding but can also lead to better devices and technologies. We are applying these same methods to study solid/liquid interfaces, which could have potential applications in batteries and energy storage.”

Source: Water molecule discovery contradicts textbook models | ScienceDaily

BMW goes for unsafe design, removes ability to change radio channel

Posted on by
BMW 2024 control layout - with no radio buttons

BMW has been a sensible and happy holdout against the touchscreen only interior car design insanity started by Tesla. Study after study has shown that touchscreens are not only impractical and annoying, but more importantly unsafe as well

Sources:
Study: Hardware buttons in cars are safer than touchscreens
Touchscreen development at risk of compromising safety, says VNC Automotive
Are Car Touch Screens Putting Our Life at Risk?
Buttons beat touchscreens in cars, and now there’s data to prove it
The Glorious Return of a Humble Car Feature

So why is it that BMW has decided – now that even Volkswagen is bringing back physical control buttons in new cars – to get rid of them. The picture above shows the control layout for the 2024 models. The picture below for the 2022 models.

BMW control layout 2022 with radio buttons

As you can see, the most commonly used buttons in the car – the radio memories and volume – have gone entirely. To change the radio station, the driver now has to go through a convoluted process which involves looking in the cockpit quite a bit. To make things worse, they have gotten rid of the control dial too, which at least made the process slightly easier. The worst about it though – the passenger can’t change the radio station either.

Not only is this incredibly inconvenient, but it’s also dangerously unsafe. BMWs are drivers cars – they tend to not only be driven on empty highways, but on small and winding roads. When you want to change the radio station, it’s often because it’s annoying you. Looking around (and mainly down, away from the road) in bewilderment when you are trying to change channel, especially whilst annoyed, is a recipe for disaster.

So whilst it’s very annoying for BMW to have also removed the climate control buttons (especially if you drive a cabriolet!), the radio buttons are a real safety issue.

Please, BMW, see some sense and put them back.

Wind turbines are friendlier to birds than oil-and-gas drilling

Posted on by

[…] few have looked at the effects on wildlife at the population level. Enter Erik Katovich, an economist at the University of Geneva. Dr Katovich made use of the Christmas Bird Count, a citizen-science project run by the National Audubon Society, an American non-profit outfit. Volunteers count birds they spot over Christmas, and the society compiles the numbers. Its records stretch back over a century.

Dr Katovich assumed, reasonably, that if wind turbines harmed bird populations, then the numbers seen in the Christmas Bird Count would drop in places where new turbines had been built. He combined bird population and species maps with the locations and construction dates of all wind turbines in the United States, with the exceptions of Alaska and Hawaii, between 2000 and 2020. He found that building turbines had no discernible effect on bird populations. That reassuring finding held even when he looked specifically at large birds like hawks, vultures and eagles that many people believe are particularly vulnerable to being struck.

But Dr Katovich did not confine his analysis to wind power alone. He also examined oil-and-gas extraction.

[…]

Comparing bird populations to the locations of new gas wells revealed an average 15% drop in bird numbers when new wells were drilled, probably due to a combination of noise, air pollution and the disturbance of rivers and ponds that many birds rely upon. When drilling happens in places designated by the National Audubon Society as “important bird areas”, bird numbers instead dropped by 25%. Such places are typically migration hubs, feeding grounds or breeding locations.

Wind power, in other words, not only produces far less planet-heating carbon dioxide and methane than do fossil fuels. It appears to be significantly less damaging to wildlife, too. Yet that is not the impression you would get from reading the news. Dr Katovich found 173 stories in major American news outlets reporting the supposed negative effects that wind turbines have on birds in 2020, compared with only 46 stories discussing the effects of oil-and-gas wells. Wind turbines might look dramatic. But their effect on birds is not.

Source: Wind turbines are friendlier to birds than oil-and-gas drilling

Study of wide binary stars reveals new evidence for modified gravity at low acceleration

Posted on by

A new study published in The Astrophysical Journal reveals new evidence for standard gravity breaking down in an idiosyncratic manner at low acceleration. This new study reinforces the evidence for modified gravity that was previously reported in 2023 from an analysis of the orbital motions of gravitationally bound, widely separated (or long-period) binary stars, known as wide binaries.

The new study was carried out by Kyu-Hyun Chae, a professor of physics and astronomy at Sejong University in Seoul, South Korea, with wide binaries observed by European Space Agency’s Gaia space telescope.

Gravitational anomalies reported in 2023 by Chae’s study of wide binaries have the unique feature that orbital motions in binaries experience larger accelerations than Newtonian predictions when the mutual gravitational acceleration is weaker than about 1 nanometer per second squared and the acceleration boost factor becomes about 1.4 at accelerations lower than about 0.1 nanometer per second squared.

This elevated acceleration in wide binaries cannot be explained by invoking the undetected dark matter because the required dark matter density is out of the question based on galactic dynamics and cosmological observations.

Remarkably, the elevated acceleration agrees well with what MOND (modified Newtonian dynamics)-type modified gravity theories such as AQUAL predict under the external field effect of the Milky Way. The MOND paradigm was suggested by physicist Mordehai Milgrom and the AQUAL theory was formulated by him and the late physicist Jacob Bekenstein 40 years ago.

Because gravitationally-bound astrophysical systems such as galaxies and galaxy clusters and the universe itself are governed by gravity, the breakdown of standard gravity at low acceleration has profound implications for astrophysics and cosmology.

[…]

Chae conservatively selected up to 2,463 pure binaries, which are less than 10% of the sample used in the earlier study. Since the expected fraction of pure binaries among apparently binary systems is at least 50%, this much lower fraction means that the selection was sufficiently strict.

Chae applied two algorithms to test gravity from the sample of pure binaries. In one algorithm that was originally developed from the earlier work for general or “impure” samples, he used a Monte Carlo method to calculate (the of) the observed kinematic acceleration, defined by relative velocity squared over the in the real three-dimensional space, as a function of the Newtonian gravitational acceleration between the two stars and then compared it with the corresponding Newtonian prediction of the kinematic acceleration.

In the other algorithm that is simpler and suitable for pure binaries, Chae compared the observed distribution of the sky-projected relative velocities between the two stars with respect to the sky-projected separations with the Newton-predicted distribution through a Monte Carlo method.

Both algorithms produce consistent results that agree well with the gravitational anomaly reported earlier.

[…]

However, the observed acceleration or relative velocity starts to deviate from the Newtonian prediction at a separation of about 2,000 au (astronomical units) and acceleration of about 1 nanometer per second squared. Then, there is a nearly constant boost of about 40 to 50% in acceleration or 20% boost in relative velocity at separation greater than about 5,000 au or acceleration lower than about 0.1 nanometer per second squared, up to the probed limit of about 20,000 au or 0.01 nanometer per second squared.

Chae’s new results agree well with an independent result by Xavier Hernandez’s group that is coincidentally in the production stage at present. This is significant because Hernandez’s group selected their sample completely independent of Chae’s selection and they used an independent algorithm (different from Chae’s two algorithms) based on the full distribution of relative velocities for their pure wide binary pairs.

[…]

Chae also points out that this new sample is explicitly free from any concerns of data quality cuts that have been raised in the literature so far. Chae further clarifies the recent contradicting claim by Indranil Banik and co-authors, saying, “Their methodology and results have a lot of problems. Their conclusion is invalid for two main reasons among others.”

“In their sample selection they knowingly excluded Newtonian-regime binaries that are crucial in accurately calibrating the occurrence rate of systems containing hidden additional component(s). Then, they employed a specific statistical algorithm of modeling velocities to infer gravity, the occurrence rate, and other parameters simultaneously, but ignored velocity errors though vital for their .”

Chae concludes, “At least three independent quantitative analyses by two independent groups reveal essentially the same gravitational anomaly. The gravitational anomaly is real, and a new scientific paradigm shift is on its way.”

The observed gravitational anomaly is remarkably well consistent with the MOND-type (Milgromian) gravity phenomenology. However, underlying theoretical possibilities encompassing the MOND-type gravity phenomenology are open at present, and this may be welcome news to theoretical physicists and mathematicians.

[…]

More information: Kyu-Hyun Chae, Robust Evidence for the Breakdown of Standard Gravity at Low Acceleration from Statistically Pure Binaries Free of Hidden Companions, The Astrophysical Journal (2024). DOI: 10.3847/1538-4357/ad0ed5

Journal information: Astrophysical Journal

Source: Study of wide binary stars reveals new evidence for modified gravity at low acceleration

Dutch phones can be easily tracked online: ‘Extreme security risk’

Posted on by

a map of the netherlands with cellphone towers

BNR received more than 80 gigabytes of location data from data traders: the coordinates of millions of telephones, often registered dozens of times a day.

The gigantic mountain of data also includes movements of people with functions in which safety plays an important role. A senior army officer could be followed as he drove from his home in the Randstad to various military locations in the country. A destination he often visited was the Frederikazerne, headquarters of the Military Intelligence and Security Service (MIVD). The soldier confirmed the authenticity of the data to BNR by telephone.

[…]

The data also reveals the home address of someone who often visits the Penitentiary in Vught, where terrorists and serious criminals are imprisoned. A spokesperson for the Judicial Institutions Agency (DJI) confirmed that the person, who according to the Land Registry lives at this address, had actually brought a mobile phone onto the premises with permission and stated that the matter was being investigated.

These are just examples, the list of potential targets is long: up to 1,200 phones in the dataset visited the office in Zoetermeer where the National Police, National Public Prosecutor’s Office and Europol are located. Up to 70 telephones are registered in the King’s residential palace, Huis ten Bosch. At the Volkel Air Base, a storage point for nuclear weapons, up to 370 telephones were counted. The National Police’s management says it is aware of the problem and is ‘looking internally to see what measures are appropriate to combat this’.

‘National security implications’

BNR had two experts inspect the dataset. “This is an extreme security risk, with possible implications for national security,” says Ralph Moonen, technical director of Secura. “It’s really shocking that this can happen like this,” says Sjoerd van der Meulen, cybersecurity specialist at DataExpert.

The technology used to track mobile phones is designed for use by advertisers, but is suitable for other purposes, says Paul Pols, former technical advisor to the Assessment Committee for the Use of Powers, which supervises the intelligence services. According to Pols, it is known that the MIVD and AIVD also purchase access to this type of data on the data market under the heading ‘open sources’. “What is striking about this case is that you can easily access large amounts of data from Dutch citizens,” said the cybersecurity expert.

For sale via an online marketplace in Berlin

That access was achieved through an online marketplace based in Berlin. On this platform, Datarade.ai, hundreds of companies offer personal data for sale. In addition to location data, medical information and credit scores are also available.

Following a tip from a data subject, BNR responded to an advertisement offering location data of Dutch users. A sales employee of the platform then contacted two medium-sized providers: Datastream Group from Florida in the US and Factori.ai from Singapore – both companies have fewer than 50 employees, according to their LinkedIn pages.

Datastream and Factori offer similar services: a subscription to the location data of mobile phones in the Netherlands is available for prices starting from $2,000 per month. Those who pay more can receive fresh data every 24 hours via the cloud, possibly even from all over the world.

[…]

Upon request, BNR was therefore sent a full month of historical data from Dutch telephones. This data was anonymized – it did not contain telephone numbers. Individual phones can be recognized by unique number combinations, a ‘mobile advertising ID’ used by Apple and Google to show individual users relevant advertisements within the limits of European privacy legislation.

Possibly four million Dutch victims of tracking

The precise origin of the data traded online is unclear. According to the providers, these come from apps that have received permission from users to use location data. This includes fitness or navigation apps that sell data. This is how the data ultimately ends up at Factori and Datastream. By combining data from multiple sources, gigantic files are created.

[…]

it is not difficult to recognize the owners of individual phones in the data. By linking sleeping places to data from public registers, such as the Land Registry, and workplaces to LinkedIn profiles, BNR was able to identify, in addition to the army officer, a project manager from Alphen aan den Rijn and an amateur football referee. The discovery that he had been digitally stalked for at least a month led to shocked reactions. ‘Bizarre’, and: ‘I immediately turned off ‘sharing location data’ on my phone’.

Trade is prohibited, but the government does not act

Datarade, the Berlin data marketplace, informed BNR in an email that traders on their platform are ‘fully liable’ for the data they offer. Illegal practices can be reported using an online form. The spokesperson for the German company leaves open the question of whether measures are being taken against the sale of location data.

[…]

Source (Google Translate): Dutch phones can be secretly tracked online: ‘Extreme security risk’ | BNR News Radio

Source (Dutch original): Nederlandse telefoons online stiekem te volgen: ‘Extreem veiligheidsrisico’

Swarovski’s smart binoculars identify the birds, butterflies, mammals, you’re looking at and mark something to share with whoever you give the binocs to next

Posted on by

Swarovski has turned up at CES 2024 in Las Vegas with its first ever pair of smart binoculars that will identify the bird you’re looking at. All you have to do is point the gear at a bird and make sure the view is in focus, and then press down an action button. Within a few seconds, the system will overlay a bird’s name over your view, using data pulled from the Merlin Bird ID database. That has over 9,000 species tagged, and will even let you know the degree of certainty it has if the bird in question is in an unexpected location. And if this was the only feature these binoculars had, it’d be enough to justify the purchase, but that’s only the beginning of what these things can do.

Between the eyepieces, there’s a function wheel similar to one you would find on a camera that lets you cycle between various features. That includes a Wildlife ID version which hooks into its built-in Mammal, Dragonfly and Butterfly ID databases. Plus, there’s a camera which lets you send pictures and video to a paired smartphone, which would similarly be plenty to justify the expense. But the system is also designed to be expandable, with the focus wheel including space for any future custom databases you might need. For instance, one idea could be to build a database for stars, or airplane types for aviation fans to spot the make and model of what’s flying overhead.

Then there’s the discovery sharing feature, which enables you to share something you’ve found with whoever you’re outdoors with. All you need to do is tag whatever you’ve found, and then hand the AX Visio over to them, where a series of flashing arrows will guide them to where you were looking. Even in the busy halls of CES, one of the company’s representatives was able to pinpoint a far-off fire exit sign before handing me the binoculars and asking me to find it. All you need to do is follow the arrows straight to what you’re meant to be looking at with a system that’s as elegant as it is useful. There’s even a built-in compass that’ll let you identify which direction you’re gazing toward to help you navigate.

You might notice from the pictures that there are three lenses, with the central one holding the 13-megapixel sensor shooting HD-quality (1,920 x 1,080) pictures and video. There’s 8GB storage, which should hold up to an hour of video or 1,700 photos before needing to be cleared off. Beyond the smarts, the binoculars magnify up to 10x with 88 percent light transmission, thanks to the company’s high-end lenses. Swarovski says its glassware offers almost flat, distortion-free images with plenty of contrast and color fidelity.

Now, here’s the thing, my father-in-law is a serious ornithologist who is respected, at least among his peer group. His ability to spot the genus and species of a bird in flight is extraordinary and I’m often left bewildered at the depth of his knowledge. I don’t think I’d have the ability, patience or time to even get within a hundred miles of his capability. But, with a device like this, it might mean that I can at least vaguely keep up with him when we’re out on the trails.

The AX Visio is, however, not messing around with price, and Swarovski is charging €4,600 (around $5,000) for you to get this into your hands. While bird fans often have to be patient, this should start arriving at people’s homes at some point in February.

Source: Swarovski’s smart binoculars identify the birds you’re looking at

Ancient cities discovered in the Amazon are the largest yet found

Posted on by

Aerial surveys have revealed the largest pre-colonial cities in the Amazon yet discovered, linked by an extensive network of roads.

“The settlements are much bigger than others in the Amazon,” says Stéphen Rostain at the French National Center for Scientific Research in Paris. “They are comparable with Maya sites.”

What’s more, at between 3000 and 1500 years old, these cities are also older than other pre-Columbian ones discovered in the Amazon. Why the people who built them disappeared isn’t clear.

It is often assumed that the Amazon rainforest was largely untouched by humans before the Italian explorer Christopher Columbus reached the Americas in the 15th century. In fact, the first Europeans reported seeing many farms and towns in the region.

These reports, long dismissed, have in recent decades been backed up by discoveries of ancient earthworks and extensive dark soils created by farmers. One estimate puts the pre-Columbian population of the Amazon as high as 8 million.

[…]

In 2015, Rostain’s team did an aerial survey with lidar, a laser scanning technique that can create a detailed 3D map of the surface beneath most vegetation, revealing features not normally visible to us. The findings, which have only now been published, show that the settlements were far more extensive than anyone realised.

The survey revealed more than 6000 raised earthen platforms within an area of 300 square kilometres. These are where wooden buildings once stood – excavations have revealed post holes and fireplaces on these structures.

[…]

The survey also revealed a network of straight roads created by digging out soil and piling it on the sides. The longest extends for at least 25 kilometres, but might continue beyond the area that was surveyed.

[…]

“This is the largest complex with large settlements so far found in Amazonia,” says Charles Clement at the National Institute of Amazonian Research in Manaus, Brazil.

What’s more, it was found in a region of the Amazon that other researchers had concluded was sparsely inhabitated during pre-Columbian times, says Clement.

 

Journal reference:

Science DOI: 10.1126/science.adi6317

Source: Ancient cities discovered in the Amazon are the largest yet found | New Scientist

eBay Sent Critics a Bloody Pig Mask and more. Now It’s Paying a $3 Million Fine

Posted on by

eBay agreed to pay out a $3 million fine—the maximum criminal penalty—over a twisted scandal that saw top executives and other employees stalking a couple in Massachusetts who published a newsletter that criticized the company. The harassment campaign included online threats, sending employees to surveil the couple’s home, and mailing them disturbing objects—including live spiders and cockroaches, a bloody pig mask, and a book on recovering from the death of a spouse.

The Justice Department charged eBay with obstruction of justice, witness tampering, stalking through interstate travel, and stalking through online communication. eBay’s former security director James Baugh and former director of global resiliency David Harville are both serving jail time for their roles in the scheme.

[…]

The criminal activity seems to have started at the top of the company. In 2019, Ina Steiner published an article on the couple’s newsletter EcommerceBytes discussing a lawsuit eBay brought against Amazon. Half an hour later, eBay’s then-CEO Devin Wenig sent another executive a message saying: “If you are ever going to take her down…now is the time,” according to court documents. The message was forwarded to Baugh, who responded that Steiner was a “biased troll who needs to get BURNED DOWN.”

Wenig, who resigned later that year, denied any knowledge of the criminal activity and wasn’t charged with a crime. The Steiners are currently suing Wenig for his role in the campaign to “intimidate, threaten to kill, torture, terrorize, stalk and silence them.”

[…]

A total of seven eBay employees and contractors have been convicted for their involvement in stalking and harassing the Steiners, according to the Department of Justice. In addition to Baugh and Harville, the list includes Stephanie Popp and Philip Cooke, who were both sentenced to jail time in 2022. Stephanie Stockwell and Veronica Zea were each sentenced to one year of home confinement that same year. Brian Gilbert pleaded guilty and is currently awaiting sentencing.

Source: eBay Sent Critics a Bloody Pig Mask. Now It’s Paying a $3 Million Fine

Drivers would prefer to buy a low-tech car than one that shares their data

Posted on by

According to a survey of 2,000 Americans conducted by Kaspersky in November and published this week, 72 percent of drivers are uncomfortable with automakers sharing their data with advertisers, insurance companies, subscription services, and other third-party outfits. Specifically, 37.3 percent of those polled are “very uncomfortable” with this data sharing, and 34.5 percent are “somewhat uncomfortable.”

However, only 28 percent of the total respondents say they have any idea what kind of data their car is collecting. Spoiler alert: It’s potentially all the data. An earlier Mozilla Foundation investigation, which assessed the privacy policies and practices of 25 automakers, gave every single one a failing grade.

In Moz’s September Privacy Not Included report, the org warned that car manufacturers aren’t only potentially collecting and selling things like location history, driving habits and in-car browser histories. Some connected cars may also track drivers’ sexual activity, immigration status, race, facial expressions, weight, health, and even genetic information, if that information becomes available.

Back to the Kaspersky survey: 87 percent said automakers should be required to delete their data upon request. Depending on where you live, and thus the privacy law you’re under, the manufacturers may be obligated to do so.

Oddly, while motorists are worried about their cars sharing their data with third parties, they don’t seem that concerned about their vehicles snooping on them in the first place.

Less than half (41.8 percent) of respondents said they are worried about their vehicle’s sensors, infotainment system, cameras, microphones, and other connected apps and services might be collecting their personal data. And 80 percent of respondents pair their phone with their car anyway, allowing data and details of activities to be exchanged between apps and the vehicle and potentially its manufacturer.

This echoes another survey published this week that found many drivers are willing to trade their personal data and privacy for driver personalization — things like seat, mirror, and entertainment preferences (43 percent) — and better insurance rates (67 percent).

The study also surveyed 2,000 American drivers to come up with these numbers and found that while most drivers (68 percent) don’t mind automakers collecting their personal data, only five percent believe this surveillance should be unrestricted, and 63 percent said it should be on an opt-in basis.

Perhaps it’s time for vehicle makers to take note

Source: Surveyed drivers prefer low-tech cars over data-sharing ones • The Register

Also, we want buttons back too please.

Apple knew AirDrop users could be identified and tracked as early as 2019. Still not fixed.

Posted on by

a shadowy spy looking at people using airdrop on a subway stationSecurity researchers warned Apple as early as 2019 about vulnerabilities in its AirDrop wireless sharing function that Chinese authorities claim they recently used to track down users of the feature, the researchers told CNN, in a case that experts say has sweeping implications for global privacy.

The Chinese government’s actions targeting a tool that Apple customers around the world use to share photos and documents — and Apple’s apparent inaction to address the flaws — revive longstanding concerns by US lawmakers and privacy advocates about Apple’s relationship with China and about authoritarian regimes’ ability to twist US tech products to their own ends.

[…]

A Chinese tech firm, Beijing-based Wangshendongjian Technology, was able to compromise AirDrop to identify users on the Beijing subway accused of sharing “inappropriate information,” judicial authorities in Beijing said this week.

[..]

A group of Germany-based researchers at the Technical University of Darmstadt, who first discovered the flaws in 2019, told CNN Thursday they had confirmation Apple received their original report at the time but that the company appears not to have acted on the findings. The same group published a proposed fix for the issue in 2021, but Apple appears not to have implemented it, the researchers said.

[…]

Chinese authorities claim they exploited the vulnerabilities by collecting some of the basic identifying information that must be transferred between two Apple devices when they use AirDrop — data including device names, email addresses and phone numbers.

Ordinarily, this information is scrambled for privacy reasons. But, according to a separate 2021 analysis of the Darmstadt research by the UK-based cybersecurity firm Sophos, Apple appeared not to have taken the extra precaution of adding bogus data to the mix to further randomize the results — a process known as “salting.”

[…]

One reason Chinese officials may have wanted their exploit known, said Ismail, is that it could scare dissidents away from using AirDrop.

And now that the Beijing authorities have announced it exploited the vulnerability, Apple may face retaliation from Chinese authorities if the tech firm tries to fix the issue, multiple experts said.

China is the largest foreign market for Apple’s products, with sales there representing about a fifth of the company’s total revenue in 2022

[…]

Source: Apple knew AirDrop users could be identified and tracked as early as 2019, researchers say | CNN Business

The C SEED Unfolding TV

Posted on by

[…] The C SEED N1 TV unveiled at CES 2024 is now making global waves. This revolutionary device boasts a vivid 4K resolution, 165, 137, or 103-inch Micro LED screen size, and 180-degree rotation- and it’s just the tip of the iceberg.

[…]

this is the first unfolding TV for indoors.

[,,,]

Source: The C SEED N1 TV: Unfolding the Future of Television Technology | by Jeffrey Clos | Jan, 2024 | Medium

C SEED leads the way with the patented game-changing Adaptive Gap Calibration system: AGC is an automatic distance measuring and calibration system that creates totally seamless foldable 4K/8K TV surfaces, free from any visible gaps. High-resolution sensors detect potential offsets between the folding TV wings, measuring fractions of millimeters and autonomously calibrating the corresponding LEDs´ specific brightness to render gaps invisible. C SEED´s AGC technology guarantees the perfectly seamless indoor TV experience.

Source: C SEED M1 4K 165, 137 & 103 TV

Augmental Mouthpad – bluetooth tongue operated trackpad for your phone, PC, fits like a mouth roof retainer

Posted on by

 

The MouthPad is a tongue-driven interface that controls your computer, smartphone, or tablet via Bluetooth. Virtually invisible to the world, but always available to you, it is positioned across the roof of your mouth to put all of the power of a conventional touchpad at the tip of your tongue

 

Source: Augmental – Home

Interesting concept

US wants private sector AI exempt from Human Rights laws. EU pushes back.

Posted on by

[…]

The Council of Europe, an international human rights body with 46 member countries, set up the Committee on Artificial Intelligence at the beginning of 2022 to develop the Framework Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law.

[…]

The most consequential pending issue regards the scope of the convention. In June, Euractiv revealed how the United States, which is participating as an observer country, was pushing for exempting companies by default, leaving it up to the signatory countries to decide whether to ‘opt-in’ the private sector.

[…]

“The Union should not agree with the alternative proposal(s) that limit the scope of the convention to activities within the lifecycle of artificial intelligence systems by or on behalf of a Party or allow application to the private sector only via an additional protocol or voluntary declarations by the Parties (opt-in),” reads an information note from the Commission, obtained by Euractiv.

The document notes that these proposals would limit the treaty’s scope by default, “thus diminishing its value and sending a wrong political message that human rights in the private field do not merit the same protection.”

The EU executive notes how this approach would contradict international law that requires the respect of human rights by private entities

[…]

During the AI Act discussion, one hot debate was around a national security exemption France has been pushing for in the context of the AI convention.

In this regard, the Commission is pushing for an explicit exclusion of AI systems exclusively developed for national security, military and defence purposes in a manner that is consistent with the EU’s AI law.

[…]

Brussels does not seem to have any appetite for the AI treaty to go beyond the AI Act, even on matters where there is not necessarily a conflict, and the convention could have been more ambitious.

A complete overlap of the international treaty with the EU regulation is not a given since the former is meant to protect human rights, while the latter is merely intended to harmonise the EU market rules following a traditional product safety blueprint.

[…]

Similarly, since the AI Act bans specific applications like social scoring deemed to pose an unacceptable risk, the Commission is pushing for extending these prohibitions at the international level via a moratorium or a ban as this would “increase the added value of the convention”.

The only significant exception where the EU executive seems keen to go beyond the AI Act (but still in line with Union law) is in supporting a provision that protects whistle-blowers in the implementation of the convention – one that the UK, Canada and Estonia have opposed.

Source: EU prepares to push back on private sector carve-out from international AI treaty – Euractiv

Airlines United and Alaska find loose bolts on Boeing 737 Max 9 planes after window blowout

Posted on by

Alaska Airlines and United found loose parts on multiple 737 Max 9 aircraft, they have said, referring to the Boeing model grounded after a panel blew off an Alaska Airlines-operated plane mid-flight over the weekend.

The industry publication Air Current reported that United found discrepant bolts on other parts on at least five panels that were being inspected following the accident. The US Federal Aviation Administration (FAA) and Boeing declined to comment.

“Since we began preliminary inspections on Saturday, we have found instances that appear to relate to installation issues in the door plug. For example, bolts that needed additional tightening. These findings will be remedied by our tech ops team to safely return the aircraft to service,” United said in a statement.

A cabin panel on a brand-new Alaska Airlines 737 Max blew out on Friday at 16,000ft, forcing the plane to make an emergency landing shortly after its takeoff from Portland, Oregon. No serious injuries were reported.

[…]

On Monday evening, Alaska Airlines released a statement indicating that maintenance technicians had found issues when inspecting their 737 Max 9 fleet. “Initial reports from our technicians indicate some loose hardware was visible on some aircraft,” the statement said.

[…]

Source: Airlines United and Alaska find loose bolts on Boeing 737 Max 9 planes | Air transport | The Guardian

HP sued (again) for blocking third-party ink from printers via security updates

Posted on by

HP has used its “Dynamic Security” firmware updates to “create a monopoly” of replacement printer ink cartridges, a lawsuit filed against the company on January 5 claims. The lawsuit, which is seeking class-action certification, represents yet another form of litigation against HP for bricking printers when they try to use ink that doesn’t bear an HP logo.

The lawsuit (PDF), which was filed in US District Court in the Northern District of Illinois, names 11 plaintiffs and seeks an injunction against HP requiring the company to disable its printer firmware updates from preventing the use of non-HP branded ink. The lawsuit also seeks monetary damages greater than $5,000,000 and a trial by jury.

The lawsuit focuses on HP printer firmware updates issued in late 2022 and early 2023 that left users seeing this message on their printers when they tried to print with non-HP ink:

The lawsuit cites this pop-up message users saw.
Enlarge / The lawsuit cites this pop-up message users saw.
grhhull/Reddit

HP was wrong to issue a firmware update affecting printer functionality, and users were not notified that accepting firmware updates “could damage any features of the printer,” the lawsuit says. The lawsuit also questions HP’s practice of encouraging people to register their printers and then quietly releasing updates that change the printers’ functionality. Additionally, the lawsuit highlights the fact that the use of non-HP ink cartridges doesn’t break HP’s printer warranty.

The filing reads:

… it is not practical or economically rational to purchase a new printer in order to avoid purchasing HP replacement ink cartridges. Therefore, once consumers purchase their printers, the Dynamic Security firmware updates lock them into purchasing HP-branded ink.

HP is proud of its strategy of locking in printer customers. Last month, HP CFO Marie Myers praised the company’s movement from transactional models to forcing customers into continuous buys through offerings like Instant Ink, HP’s monthly ink subscription program.

“We absolutely see when you move a customer from that pure transactional model … whether it’s [to] Instant Ink, plus adding on that paper, we sort of see a 20 percent uplift on the value of that customer because you’re locking that person, committing to a longer-term relationship,” Myers said, as quoted by The Register.

[…]

The lawsuit accuses HP of raising prices on its ink “in the same time period” that it issued its late 2022 and early 2023 firmware updates, which “create[d] a monopoly in the aftermarket for replacement cartridges, permitting [HP] to raise prices without fear of being undercut by competitors.

[…]

HP’s decision to use firmware updates to brick printers using non-HP ink has landed it in litigation numerous times since Dynamic Security debuted in 2016. While the recently filed case is still in its early stages, it’s another example of how disgruntled users have become with HP seizing control over the type of ink that customers insert into hardware they own.

For example, HP agreed to pay $1.5 million in 2019 to settle a class-action case in California about Dynamic Security.

Overseas, HP paid European customers $1.35 million for Dynamic Security. It also paid a 10,000,000-euro fine to the Italian Antitrust Authority in 2020 over the practice and agreed to pay approximately AUD$50 each to Australian customers in 2018.

In addition to the lawsuit filed earlier this month, HP is facing a lawsuit filed in California in 2020 over an alleged failure to disclose information about Dynamic Security. As noted by Reuters, in December, a Northern District of California judge ruled (PDF) that the lawsuit may not result in monetary rewards, but plaintiffs may seek an injunction against the practice.

HP has also been fighting a lawsuit complaining about some of its printers refusing to scan and/or fax without HP ink loaded into the device, even though ink isn’t required to scan or fax a document. (This is something other printer companies are guilty of, too).

Despite already enduring payouts regarding Dynamic Security and calls for HP printers to be ousted from the Electronic Product Environmental Assessment Tool (EPEAT) registry, HP seems committed to using firmware updates to try to control how people use their own printers.

[…]

Source: HP sued (again) for blocking third-party ink from printers, accused of monopoly | Ars Technica

Text-to-3D model startup Luma raises $43M in latest round

Posted on by

Luma, a generative AI startup building software that transforms text descriptions to corresponding 3D models, just raised $43 million (£34 million) in a series-B funding round led by Andreesen Horowitz, Nvidia, and others.

Founded in 2021 by CEO Amit Jain, a former systems engineer working on computer vision at Apple, and CTO Alex Yu, a graduate student from the University of California, Berkeley, Luma AI develops machine-learning software that goes a step beyond what we’ve seen from most existing generative neural networks.

Unlike text-to-image models that emit flat bitmaps of digital art, Luma uses AI to create from photos, videos, or text descriptions three-dimensional models of objects that can be downloaded, manipulated, edited, and rendered as needed.

The upstart, based in Palo Alto, California, has already launched this technology as an app called Genie – available via the web, as the Luma iOS app, and via Discord – which is capable of converting images and video into 3D scenes or producing 3D models of user-described objects. These machine-made models can be previewed on screen and exported to art packages like Blender, popular game engines like Unreal or Unity, and other tools for further use.

Screenshot of Luma's Genie creating a vulture holding a cup of coffee

Screenshot of Genie’s attempt at creating a vulture holding a cup of coffee for us … This was generated from the simple prompt: a vulture with a cup of coffee. Click to enlarge

[…]

Luma says it uses various proprietary computer vision techniques, from image segmentation to meshing, to generate these 3D models from footage and descriptions. The models could well end up being used in video games, virtual reality applications, simulations, or robotics testing.

Some folks may find this technology rather useful if they have an idea for something involving 3D graphics or a 3D scene, and lack the artist talent or skill to create the necessary models.

[…]

We toyed with the system and found Genie’s output looked kinda cute but may not be for everyone at this stage; the examples given by the upstart looked better than what we could come up with, perhaps because they were produced via the startup’s paid-for API while we were using the freebie version.

That paid-for interface costs a dollar a pop to construct a model or scene from supplied assets. The biz even makes the point that this is cheaper and faster than relying on a human designer. If you can out-draw Genie, you don’t have anything to worry about right now.

Luma previously raised $20 million in a series-A round led by Amplify Partners, Nventures (Nvidia’s investment arm), and General Catalyst. Other investors included Matrix Partners, South Park Commons, and Remote First Capital. After raising a total of over $70 million so far, it has a valuation estimated between $200 million and $300 million. ®

Source: Text-to-3D model startup Luma raises $43M in latest round • The Register

Swatting a cancer hospital’s patients after hack is now a thing

Posted on by

After intruders broke into Seattle’s Fred Hutchinson Cancer Center’s IT network in November and stole medical records – everything from Social Security numbers to diagnoses and lab results – miscreants threatened to turn on the patients themselves directly.

The idea being, it seems, that those patients and the media coverage from any swatting will put pressure on the US hospital to pay up and end the extortion. Other crews do similar when attacking IT service provider: they don’t just extort the suppliers, they also threaten or further extort customers of those providers.

[…]

The cancer center, which operates more than 10 clinics in Washington’s Puget Sound region, declined to answer additional comments about the threats.

Another health network in Oklahoma — Integris Health, which operates a network of 15 hospitals and 43 clinics — last month notified patients about a similar “cyber event” in which criminals may have accessed personal data. Shortly after, some of these patients reported receiving emails from miscreants threatening to sell their information on the dark web.

[…]

Sam Rubin, VP of Unit 42 Consulting at Palo Alto Networks, told The Register his team hadn’t seen any swatting attempts by extortion crews in 2023, though the shift in tactics seems likely.

“But I’m not surprised at all,” he added, about the reports of Seattle cancer patients potentially receiving these types of threats.

“If you look over the past couple of years, we’ve seen this continuing evolution of escalating extortion tactics,” Rubin said. “If you go back in time, it was just encryption.”

Over the past year, Unit 42 has seen cybercriminals send threatening texts to the spouse of a CEO whose organization was being extorted, Rubin added, again piling on the pressure for payment. The consulting and incident response unit has also witnessed miscreants sending flowers to a victim company’s executive team, and issuing ransom demands via printers connected to the affected firm’s network.

“We had another one where the victim organization decided not to pay, but then the ransomware actors went on to harass customers of that organization,”

[…]

Meanwhile, ransomware attacks against critical infrastructure including hospitals become more frequent. Emsisoft reported 46 infections against US hospitals networks last year alone, up from 25 in 2022. In total, at least 141 hospitals were infected, and at least 32 of the 46 networks had data — including protected health information — stolen.

It’s bad enough that these attacks have diverted ambulances and postponed critical care for patients, and now the criminals are inflicting even more pain on people. Last year this included leaking breast cancer patients’ nudes. Swatting seems to be the next, albeit abhorrent, step.

Source: Swatting: The new normal in ransomware extortion tactics • The Register

Samsung debuts transparent MicroLED screen

Posted on by

Samsung showcased its transparent MicroLED display side-by-side next to transparent OLED and transparent LCD models to really highlight the differences between the tech. Compared to the others, not only was the MicroLED panel significantly brighter, it also featured a completely frameless design and a more transparent glass panel that made it easier to see objects behind it.

A side view of what Samsung is calling the world's first transparent micro LED display.
Photo by Sam Rutherford/Engadget

In person, the effect Samsung’s transparent micro OLED displays have is hard to describe, as content almost looks like a hologram as it floats in mid-air. The demo unit was freestanding and measured only about a centimeter thick, which adds even more to the illusion of a floating screen. Additionally, because of micro LEDs high pixel density, images also looked incredibly sharp.

[…]

The bad news is that with Samsung’s current crop of non-transparent MicroLED TVs currently costing $150,000 for a 110-inch model, it’s going to be a decently long time until these new displays become anything close to affordable.

Source: Samsung debuts the world’s first transparent MicroLED screen at CES 2024

LG has a Fully Transparent TV

Posted on by

LG announced a new transparent TV at the Consumer Electronics Show in Las Vegas this week. Gizmodo’s staff got to check it out in person, and it’s gorgeous. LG claims this is the world’s first wireless transparent OLED TV and is calling it the Signature OLED T (T for transparent).

The OLED T is merely a transparent panel that plays your content without invading your space with a large, black, obtrusive screen. LG argues that this will help create an illusion of your room looking larger than it would with a regular screen. And in our teams brief experience with the product, that’s true. The sense of openness that would come from not having a huge, dark blob in the room is one of the coolest things about this TV.

The LG OLED T is a massive 77 inches. But when it’s turned off, it simply blends with the environment and makes you forget it’s even there. In fact, that’s one of the reasons why you can place it anywhere you want, unlike a traditional TV that typically has to go in front of a wall. The OLED T can even be placed in front of a window without obstructing your view. The TV is fully wireless, so you don’t have to worry about sockets, either. The Zero Connect Box that the TV ships with also doesn’t need any wires between itself and the screen.

[…]

As for pricing, all LG told Gizmodo was that it will be “very expensive”.

Source: LG Just Announced a Fully Transparent TV

Biophotons: Are lentils communicating using quantum light messages?

Posted on by

[…]

Curceanu hopes the apparatus and methods of nuclear physics can solve the century-old mystery of why lentils – and other organisms too – constantly emit an extremely weak dribble of photons, or particles of light. Some reckon these “biophotons” are of no consequence. Others insist they are a subtle form of lentil communication. Curceanu leans towards the latter camp – and she has a hunch that the pulses between the pulses might even contain secret quantum signals. “These are only the first steps, but it looks extremely interesting,” she says.

There are already hints that living things make use of quantum phenomena, with inconclusive evidence that they feature in photosynthesis and the way birds navigate, among other things. But lentils, not known for their complex behaviour, would be the most startling example yet of quantum biology, says Michal Cifra at the Czech Academy of Sciences in Prague. “It would be amazing,” says Cifra. “If it’s true.” Since so many organisms emit biophotons, such a discovery might indicate that quantum effects are ubiquitous in nature.

Biophotons

Biophotons have had scientists stumped for precisely a century. In 1923, biologist Alexander Gurwitsch was studying how plant cells divide by placing onion roots near each other. The closer the roots were, the more cell division occurred, suggesting there was some signal alerting the roots to their neighbour’s presence.

[…]

To tease out how the onion roots were signalling, Gurwitsch repeated the experiment with all manner of physical barriers between the roots. Wood, metal, glass and even gelatine dampened cell division to the same level seen in single onion roots. But, to Gurwitsch’s surprise, a quartz divider had no effect. Compared to glass, quartz allows far more ultraviolet rays to pass through. Some kind of weak emission of UV radiation, he concluded, must be responsible.

[…]

Living organisms have long been known to communicate using light. Jellyfish, mushrooms and fireflies, to name just a few, glow or emit bright flashes to ward off enemies or attract a mate. But these obvious signals, known as bioluminescence, are different to the effect Gurwitsch had unearthed. Biophotons are “a very low-intensity light, not visible to the naked eye”, says Curceanu’s collaborator Maurizio Benfatto. In fact, biophotons were so weak that it took until 1954 to develop equipment sensitive enough to decisively confirm Gurwitsch’s idea.

Since then, dozens of research groups have reported cases of biophoton emission having a useful function in plants and even animals. Like onion roots, yeast cells are known to influence the growth rate of their neighbours. And in 2022, Zsolt PÓnya and Katalin Somfalvi-TÓth at the University of Kaposvár in Hungary observed biophotons being emitted by sunflowers when they were put under stress, which the researchers hoped to use to precisely monitor these crops. Elsewhere, a review carried out by Roeland Van Wijk and Eduard Van Wijk, now at the research company MELUNA in the Netherlands, suggested that biophotons may play a role in various human health conditions, from ageing to acne.

There is a simple explanation for how biophotons are created, too. During normal metabolism, chemical reactions in cells end up converting biomolecules to what researchers called an excited state, where electrons are elevated to higher energy levels. Those electrons then naturally drop to their ground state and emit a photon in the process. Because germinating seeds, like lentils, burn energy quickly to grow, they emit more biophotons.

Today, no one doubts that biophotons exist. Rather, the dispute is over whether lentils and other organisms have harnessed biophotons in a useful way.

[…]

We know that plants communicate using chemicals and sometimes even emit ultrasonic squeaks when stressed. This allows them to control their growth, warn each other about invading insects and attract pollinators. We also know they have ways of detecting and responding to photons in the form of regular sunlight. “Biological systems can detect photons and have feedback loops based on that,”

[…]

Curceanu and Benfatto are hoping that the application of serious physics equipment to this problem could finally let us eavesdrop on the legume’s secrets. They typically use supersensitive detectors to probe the foundations of reality. Now, they are applying these to a box of 75 lentil seeds – they need that many because if they used any fewer, the biophoton signals would be too weak.

[…]

Years ago, Benfatto came across a paper on biophotons and noticed there appeared to be patterns in the way they were produced. The intensity would swell, then fall away, almost like music. This gave him the idea of applying a method from physics called diffusion entropy analysis to investigate these patterns. The method provides a means of characterising the mathematical structures that underlie complex patterns. Imagine comparing a simple drumbeat with the melody of a pop song, for example – the method Benfatto wanted to apply could quantify the complexity embodied in each.

To apply this to the lentils, Benfatto, Curceanu and their colleagues put their seeds in a black box that shielded them from interference. Outside the box, they mounted an instrument capable of detecting single biophotons. They also had rotating filters that allowed them to detect photons with different wavelengths. All that remained was to set the lentils growing. “We add water and then we wait,” says Benfatto.

In 2021, they unveiled their initial findings. It turned out that the biophotons’ signals changed significantly during the lentils’ germination. During the first phase, the photons were emitted in a pattern that repeatedly reset, like a piece of music changing tempo. Then, during the second phase, the emissions took the form of another kind of complex pattern called fractional Brownian motion.

 

Photograph provided by Catalina Oana Curceanu Catalina.Curceanu@lnf.infn.it showing the experimental setup used for the research paper: Biophotons and Emergence of Quantum Coherence--A Diffusion Entropy Analysis

Are these germinating lentils communicating in quantum code?

Catalina Curceanu

 

The fact that the lentils’ biophoton emissions aren’t random is an indication that they could be communicating, says Benfatto. And that’s not all. Tantalisingly, the complexity in the second phase of the emissions is mathematically related to the equations of quantum mechanics. For this reason, Benfatto says his team’s work hints that signals displaying quantum coherence could have a role in directing lentil germination.

[…]

Part of the problem with designing experiments like these is that we don’t really know what quantum mechanical effects in living organisms look like. Any quantum effects discovered in lentils and other organisms would be “very different to textbook quantum mechanics”, says Scholes.

[…]

so far, the evidence for quantum lentils is sketchy. Still, he is pushing ahead with a new experimental design that makes the signal-to-noise ratio 100 times better. If you want to earwig on the clandestine whispers of these seeds, it might just help to get rid of their noisy neighbours, which is why he will study one germinating lentil at a time.

Source: Biophotons: Are lentils sending secret quantum messages? | New Scientist

Google password resets not enough to stop malware that recreates login tokens

Posted on by

A zero-day exploit of Google account security was first teased by a cybercriminal known as “PRISMA” in October 2023, boasting that the technique could be used to log back into a victim’s account even after the password is changed. It can also be used to generate new session tokens to regain access to victims’ emails, cloud storage, and more as necessary.

Since then, developers of info-stealer malware – primarily targeting Windows, it seems – have steadily implemented the exploit in their code. The total number of known malware families that abuse the vulnerability stands at six, including Lumma and Rhadamanthys, while Eternity Stealer is also working on an update to release in the near future.

They’re called info stealers because once they’re running on some poor sap’s computer, they go to work finding sensitive information – such as remote desktop credentials, website cookies, and cryptowallets – on the local host and leaking them to remote servers run by miscreants.

Eggheads at CloudSEK say they found the root of the Google account exploit to be in the undocumented Google OAuth endpoint “MultiLogin.”

The exploit revolves around stealing victims’ session tokens. That is to say, malware first infects a person’s PC – typically via a malicious spam or a dodgy download, etc – and then scours the machine for, among other things, web browser session cookies that can be used to log into accounts.

Session cookies ideally expire frequently, something that can limit their usefulness in account takeover attacks. However, recent cases such as Okta’s in October, which involved the theft of HAR files that often contain session cookies, have demonstrated that session hijackings are entirely practical and can lead to major security incidents.

Those session tokens are then exfiltrated to the malware’s operators to enter and hijack those accounts. It turns out that these tokens can still be used to login even if the user realizes they’ve been compromised and change their Google password.

Here’s an important part: It appears users who’ve had their cookies stolen should log out entirely, and thus invalidate their session tokens, to prevent exploitation.

[…]

Reverse engineering the info-stealer malware revealed that the account IDs and auth-login tokens from logged-in Google accounts are taken from the token_service table of WebData in Chrome.

This table contains two columns crucial to the exploit’s functionality: service (contains a GAIA ID) and encrypted_token. The latter is decrypted using a key stored in Chrome’s Local State file, which resides in the UserData directory.

The stolen token:GAIA ID pairs can then be used together with MultiLogin to continually regenerate Google service cookies even after passwords have been reset, and those can be used to log in.

[…]

Google has confirmed that if you’ve had your session tokens stolen by local malware, don’t just change your password: log out to invalidate those cookies, and/or revoke access to compromised devices.

[…]

Source: Google password resets not enough to stop this malware • The Register

23andMe tells victims it’s their fault that their data was breached. DNA data, it turns out, is extremely sensitive!

Posted on by

Facing more than 30 lawsuits from victims of its massive data breach, 23andMe is now deflecting the blame to the victims themselves in an attempt to absolve itself from any responsibility, according to a letter sent to a group of victims seen by TechCrunch.

“Rather than acknowledge its role in this data security disaster, 23andMe has apparently decided to leave its customers out to dry while downplaying the seriousness of these events,” Hassan Zavareei, one of the lawyers representing the victims who received the letter from 23andMe, told TechCrunch in an email.

In December, 23andMe admitted that hackers had stolen the genetic and ancestry data of 6.9 million users, nearly half of all its customers.

The data breach started with hackers accessing only around 14,000 user accounts. The hackers broke into this first set of victims by brute-forcing accounts with passwords that were known to be associated with the targeted customers, a technique known as credential stuffing.

From these 14,000 initial victims, however, the hackers were able to then access the personal data of the other 6.9 million victims because they had opted-in to 23andMe’s DNA Relatives feature. This optional feature allows customers to automatically share some of their data with people who are considered their relatives on the platform.

In other words, by hacking into only 14,000 customers’ accounts, the hackers subsequently scraped personal data of another 6.9 million customers whose accounts were not directly hacked.

But in a letter sent to a group of hundreds of 23andMe users who are now suing the company, 23andMe said that “users negligently recycled and failed to update their passwords following these past security incidents, which are unrelated to 23andMe.”

“Therefore, the incident was not a result of 23andMe’s alleged failure to maintain reasonable security measures,” the letter reads.

Zavareei said that 23andMe is “shamelessly” blaming the victims of the data breach.

[…]

“The breach impacted millions of consumers whose data was exposed through the DNA Relatives feature on 23andMe’s platform, not because they used recycled passwords. Of those millions, only a few thousand accounts were compromised due to credential stuffing. 23andMe’s attempt to shirk responsibility by blaming its customers does nothing for these millions of consumers whose data was compromised through no fault of their own whatsoever,” said Zavareei.

[…]

In an attempt to pre-empt the inevitable class action lawsuits and mass arbitration claims, 23andMe changed its terms of service to make it more difficult for victims to band together when filing a legal claim against the company. Lawyers with experience representing data breach victims told TechCrunch that the changes were “cynical,” “self-serving” and “a desperate attempt” to protect itself and deter customers from going after the company.

Clearly, the changes didn’t stop what is now a flurry of class action lawsuits.

Source: 23andMe tells victims it’s their fault that their data was breached | TechCrunch

Twitch Is Being American Strange and Bans Implied Nakedness In Response To ‘Nudity Meta’

Posted on by

As December 2023 was underway, some streamers cleverly thought to play around with Twitch’s restrictions around nudity, broadcasting in such a fashion that implied they were completely naked on camera. Twitch, in response, began banning folks before shifting gears to allow various forms of “artistic nudity” to proliferate on the platform. However, after immediately rescinding the decision and expressing that being naked while livestreaming is a no-no, the company is now making it clear that implied nudity is also forbidden, and that anyone who tries to circumvent the rules will face disciplinary action.

In a January 3 blog post, the company laid out the new guidelines regarding implied nudity on the platform, which is now prohibited effective immediately. Anyone who shows skin that the rules deem should be covered—think genitals, nipples “for those who present as women,” and the like—will face “an enforcement action,” though Twitch didn’t specify what that means. So, if you’re wearing sheer or partially see-through clothing, or use black bars to cover your private parts, then you’re more than likely to get hit with some sort of discipline.

“We don’t permit streamers to be fully or partially nude, including exposing genitals or buttocks. Nor do we permit streamers to imply or suggest that they are fully or partially nude, including, but not limited to, covering breasts or genitals with objects or censor bars,” the company said in the blog post. “We do not permit the visible outline of genitals, even when covered. Broadcasting nude or partially nude minors is always prohibited, regardless of context. For those who present as women, we ask that you cover your nipples and do not expose underbust. Cleavage is unrestricted as long as these coverage requirements are met and it is clear that the streamer is wearing clothing. For all streamers, you must cover the area extending from your hips to the bottom of your pelvis and buttocks.”

[…]

At the beginning of December, some streamers, including Morgpie and LivStixs, began broadcasting in what appeared to be the complete nude. In actuality, these content creators were implying nudity by positioning their cameras at the right angle so as to show plenty of unobscured cleavage but keep nipples out of sight. “Artistic nudity” is what it was called and, as the meta took over the platform, Twitch conceded, allowing such nakedness to proliferate all over livestreams.

[…]

Company CEO Dan Clancy said on December 15 that “depictions of real or fictional nudity won’t be allowed on Twitch, regardless of the medium.” He also apologized for the confusion this whole situation has caused, saying that part of Twitch’s job is “to make adjustments that serve the community.” So be careful, streamers. If you show up nude on the platform, Twitch will come for you.

Source: Twitch Bans Implied Nakedness In Response To ‘Nudity Meta’

What is wrong with these people?! If you don’t want to see (almost) nudity, you can always just change channel!