posted less than an hour ago on slashdot
An anonymous reader quotes a report from The New York Times: In an important step toward medical approval, MDMA, the illegal drug popularly known as Ecstasy or Molly, was shown to bring relief to those suffering from severe post-traumatic stress disorder when paired with talk therapy. Of the 90 people who took part in the new study, which is expected to be published later this month in Nature Medicine, those who received MDMA during therapy experienced a significantly greater reduction in the severity of their symptoms compared with those who received therapy and an inactive placebo. Two months after treatment, 67 percent of participants in the MDMA group no longer qualified for a diagnosis of PTSD, compared with 32 percent in the placebo group. MDMA produced no serious adverse side effects. Some participants temporarily experienced mild symptoms like nausea and loss of appetite. Before MDMA-assisted therapy can be approved for therapeutic use, the Food and Drug Administration needs a second positive Phase 3 trial, which is currently underway with 100 participants. Approval could come as early as 2023. Mental health experts say that this research -- the first Phase 3 trial conducted on psychedelic-assisted therapy -- could pave the way for further studies on MDMA's potential to help address other difficult-to-treat mental health conditions, including substance abuse, obsessive compulsive disorder, phobias, eating disorders, depression, end-of-life anxiety and social anxiety in autistic adults. And, mental health researchers say, these studies could also encourage additional research on other banned psychedelics, including psilocybin, LSD and mescaline. "This is a wonderful, fruitful time for discovery, because people are suddenly willing to consider these substances as therapeutics again, which hasn't happened in 50 years," said Jennifer Mitchell, a neuroscientist at the University of California, San Francisco, and lead author of the new study.

Read More...
posted about 3 hours ago on slashdot
Following Twitter's lead, Facebook is trying out a new feature designed to encourage users to read a link before sharing it. TechCrunch reports: The test will reach 6% of Facebook's Android users globally in a gradual rollout that aims to encourage "informed sharing" of news stories on the platform. Users can still easily click through to share a given story, but the idea is that by adding friction to the experience, people might rethink their original impulses to share the kind of inflammatory content that currently dominates on the platform. The strategy demonstrates Facebook's preference for a passive strategy of nudging people away from misinformation and toward its own verified resources on hot-button issues like COVID-19 and the 2020 election. While the jury is still out on how much of an impact this kind of gentle behavioral shaping can make on the misinformation epidemic, both Twitter and Facebook have also explored prompts that discourage users from posting abusive comments.

Read More...
posted about 3 hours ago on slashdot
Amazon "seized and destroyed" over 2 million counterfeit products that sellers sent to Amazon warehouses in 2020 and "blocked more than 10 billion suspected bad listings before they were published in our store," the company said in its first "Brand Protection Report." Ars Technica reports: In 2020, "we seized and destroyed more than 2 million products sent to our fulfillment centers and that we detected as counterfeit before being sent to a customer," Amazon's report said. "In cases where counterfeit products are in our fulfillment centers, we separate the inventory and destroy those products so they are not resold elsewhere in the supply chain," the report also said. Third-party sellers can also ship products directly to consumers instead of using Amazon's shipping system. The 2 million fakes found in Amazon fulfillment centers would only account for counterfeit products from sellers using the "Fulfilled by Amazon" service. The counterfeit problem got worse over the past year. "Throughout the pandemic, we've seen increased attempts by bad actors to commit fraud and offer counterfeit products," Amazon VP Dharmesh Mehta wrote in a blog post yesterday. Amazon's new report was meant to reassure legitimate sellers that their products won't be counterfeited. While counterfeits remain a problem for unsuspecting Amazon customers, the e-commerce giant said that "fewer than 0.01 percent of all products sold on Amazon received a counterfeit complaint from customers" in 2020. Of course, people may buy and use counterfeit products without ever realizing they are fake or without reporting it to Amazon, so that percentage may not capture the extent of the problem.

Read More...
posted about 4 hours ago on slashdot
An anonymous reader quotes a report from NBC News: The Department of Homeland Security has begun implementing a strategy to gather and analyze intelligence about security threats from public social media posts, DHS officials said. The goal is to build a warning system to detect the sort of posts that appeared to predict an attack on the U.S. Capitol on Jan. 6 but were missed or ignored by law enforcement and intelligence agencies, the officials said. The focus is not on the identity of the posters but rather on gleaning insights about potential security threats based on emerging narratives and grievances. So far, DHS is using human beings, not computer algorithms, to make sense of the data, the officials said. "We're not looking at who are the individual posters," said a senior official involved in the effort. "We are looking at what narratives are resonating and spreading across platforms. From there you may be able to determine what are the potential targets you need to protect." The officials didn't describe what criteria or methods the analysts would use to parse the data. They said DHS officials have been consulting with social media companies, private companies and nonprofit groups that analyze open-source social media data. Law enforcement officers and intelligence analysts are legally entitled to examine -- without warrants -- what people say openly on Twitter, Facebook and other public social media forums, just as they can take in information from reading newspapers. But civil liberties groups generally oppose government monitoring of social media, arguing that it doesn't produce much intelligence and risks chilling free speech.

Read More...
posted about 5 hours ago on slashdot
Harley-Davidson on Monday launched an all-electric motorcycle brand "LiveWire," the latest effort by the company to ramp up bets on the rapidly growing electric-vehicle market. Reuters reports: Named after Harley's first electric motorbike, which was unveiled in [2014], the "LiveWire" division is slated to launch its first branded motorcycle in July. The company had said in February it would create a separate electric vehicle-focused division, as it aims to attract the next generation of younger and more environmentally conscious riders. "We are seizing the opportunity to lead and define the market in EV," Chief Executive Officer Jochen Zeitz said in a statement on Monday. "LiveWire also plans to innovate and develop technology that will be applicable to Harley-Davidson electric motorcycles in the future." "There's a new logo and a new 'virtual' headquarters, with engineering teams stationed in Silicon Valley and Milwaukee," notes The Verge. "LiveWire will work with Harley-Davidson dealerships as an independent brand, with a blend of digital and physical retail formats."

Read More...
posted about 5 hours ago on slashdot
Developers are sharing their salaries on Twitter under the hashtag #GameDevPaidMe to encourage pay transparency in their industry. Axios reports: The hashtag started circulating last year, but has returned periodically as developers fight for better working conditions. Salary sharing is a way to equalize the field. By removing the secrecy, as well as the stigma, around discussing pay, workers have more power to advocate for themselves when negotiating salaries and raises. In 2020, Blizzard employees shared their salaries anonymously via a spreadsheet to compare compensation. The pay gap between people at the top, and workers on the ground is measurable in hundreds of thousands of dollars -- even when those CEOs take pay cuts. What they're saying: A lead designer on "Hearthstone" working for Blizzard Entertainment: "I started getting paid fairly once I started asking questions. I only started asking questions once I better understood what I was worth. Understanding what your worth can be a difficult question, but this helps." A lead designer at Blackbird Interactive: "Every single person who plays games should take a good look at #GameDevPaidMe and get a sense for what the people who make your art actually make." A senior game designer at Reflector Entertainment: "Don't wait for your employer to give you the raise you deserve, be open to talking to other companies even if you feel you are at a 'great' spot."

Read More...
posted about 6 hours ago on slashdot
An anonymous reader quotes a report from The Guardian: Electric cars and vans will be cheaper to produce than conventional, fossil fuel-powered vehicles by 2027, and tighter emissions regulations could put them in pole position to dominate all new car sales by the middle of the next decade, research has found. By 2026, larger vehicles such as electric sedans and SUVs will be as cheap to produce as petrol and diesel models, according to forecasts from BloombergNEF, with small cars reaching the threshold the following year. The falling cost of producing batteries for electric vehicles, combined with dedicated production lines in carmarkers' plants, will make them cheaper to buy, on average, within the next six years than conventional cars, even before any government subsidies, BloombergNEF found. The new study, commissioned by Transport & Environment, a Brussels-based non-profit organization that campaigns for cleaner transport in Europe, predicts new battery prices will fall by 58% between 2020 and 2030 to $58 per kilowatt hour. A reduction in battery costs to below $100 per kWh, is viewed as an important step towards greater take-up of fully electric vehicles, and would largely remove the financial appeal of hybrid electric vehicles, which combine a battery with a conventional engine.

Read More...
posted about 6 hours ago on slashdot
The Food and Drug Administration on Monday approved Pfizer and BioNTech's request to allow their Covid-19 vaccine to be given to kids ages 12 to 15 on an emergency use basis, allowing states to get middle school students vaccinated before the fall. The two-dose vaccine is already authorized for use in people 16 and older. CNBC reports: Acting FDA Commissioner Dr. Janet Woodcock said the decision brings "us closer to returning to a sense of normalcy and to ending the pandemic." She assured parents that the agency "undertook a rigorous and thorough review of all available data" before clearing it for use in the teens. The companies said in late March that the vaccine was found to be 100% effective in a clinical trial of more than 2,000 adolescents. They also said the vaccine elicited a "robust" antibody response in the children, exceeding those in an earlier trial of older teens and young adults. Side effects were generally consistent with those seen in adults, they added. Vaccinating children is seen as crucial to ending the pandemic. The nation is unlikely to achieve herd immunity -- when enough people in a given community have antibodies against a specific disease -- until children can get vaccinated, health officials and experts say. Children make up around 20% of the total U.S. population, according to government data. Between 70% and 85% of the U.S. population needs to be vaccinated against Covid to achieve herd immunity, experts say, and some adults may refuse to get the shots. Though more experts now say herd immunity is looking increasingly unlikely as variants spread. The report notes that the same two-dose regimen that's use for people 16 years of age and older will also be used for kids ages 12 to 15. FDA approval for kids under age 12 could come in the second half of the year.

Read More...
posted about 7 hours ago on slashdot
An anonymous reader shares a report: The first few months of 2021 have been absolutely massive for AMD and Intel. According to the latest report from Mercury Research, the first three months of 2021 saw the largest yearly increase in shipments of CPUs in a quarter of a century, and second only to the final moments of 2020 in terms of raw volume. You'd be perhaps surprised to learn that Intel has gained a touch in overall x86 market share in Q1 2021, whereas AMD reportedly lost out. There's only a percentage point in it: a 1% gain for Intel and a 1% loss for AMD, though. Far from major gains in either direction. Mercury Research puts that down to an increase in budget chip shipments for Chipzilla, which tallies with other figures out of the tech giant as of late. But where Intel has gained in mobile processor market share, it loses out marginally in desktop. That's where AMD's Ryzen processors are seemingly crushing it, and despite some difficulty sourcing the top-tier chips, such as the Ryzen 9 5950X and Ryzen 9 5900X, AMD is still managing to make gains within the market predisposed to Intel processors for so long. [...] But perhaps the biggest win in AMD's eyes is the 1.8% increase in server market share quarter to quarter, and 3.8 percent year on year. That means its Epyc processors are selling supremely well against Intel's Xeon chips, and the market that AMD will be most determined to get more of a footing in.

Read More...
posted about 7 hours ago on slashdot
In the absence of humans, the region around Chernobyl is being reclaimed by nature. From a report: 35 years ago a total of 350,000 people were evacuated from the territory after one of humanity's worst nuclear disasters. Ukrainian authorities say the area may not be fit for humans for another 24,000 years. Today, however, it serves as Among the Chernobyl exclusion zone, endangered animals thrive, including the stunning Przewalski's horses. For many decades they were considered the last truly wild horse in the world. In the 1970s they were almost rendered extinct in the wild, but a captive breeding program managed to rescue the species from extinction. Today, several hundred live in the wild in the steppes of Asia and in Europe, but there's also a steadily growing population - to the surprise of many - in Chernobyl. Further reading: Chernobyl alcohol drink seized by authorities.

Read More...
posted about 8 hours ago on slashdot
Gas flaring worldwide decreased by 5 percent in the pandemic year, mostly because of lower demand for oil, according to a recent report from the World Bank. From a report: While the overall drop was expected, the report offered a detailed picture of the flaring activities around the world, with steep declines in some areas, like the United States, and surprising increases in others, notably China. Flaring occurs when the gas that emerges with crude oil is burned off rather than captured. That burning emits carbon dioxide, a gas that is the main contributor to climate change. According to World Bank officials, flaring adds roughly 400 million metric tons of CO2 equivalent emissions to the atmosphere every year. According to the report, Russia was responsible for more flaring overall than any other country in 2020, contributing 15 percent of the global total. But within Russia, there were areas of progress. Burning continued to decrease in the Khanty-Mansi region of Siberia, where flaring volumes have dropped by nearly 80 percent over the previous 15 years.

Read More...
posted about 9 hours ago on slashdot
Several Apple suppliers may have used forced labor in China, according to The Information. From a report: Working with two human rights groups, the publication identified seven companies that supplied products or services to Apple and supported forced labor programs, according to statements made by the Chinese government. The programs target the country's Muslim minority population, particularly Uyghurs living in Xinjiang. Six of the seven suppliers were said to participate in work programs operated by the Chinese government, The Information reports, which human rights groups describe as frequently offering cover for forced labor. Workers can be jailed for refusing to join the work programs, the report says, and those enrolled in the programs are often moved far from their homes. One of the suppliers operated in Xinjiang, the region of China predominantly populated by Uyghurs and where the most egregious human rights violations have reportedly taken place. The companies supplied Apple with antennas, cables, and coatings, among other products and services, according to The Information.

Read More...
posted about 9 hours ago on slashdot
For more than 16 months, a threat actor has been seen adding malicious servers to the Tor network in order to intercept traffic and perform SSL stripping attacks on users accessing cryptocurrency-related sites. From a report: The attacks, which began in January 2020, consisted of adding servers to the Tor network and marking them as "exit relays," which are the servers through which traffic leaves the Tor network to re-enter the public internet after being anonymized. But since January 2020, a threat actor has been inserting thousands of malicious servers into the Tor network to identify traffic heading to cryptocurrency mixing websites and perform an SSL stripping attack, which is when traffic is downgraded from an encrypted HTTPS connection to plaintext HTTP. The belief is that the attacker has been downgrading traffic to HTTP in order to replace cryptocurrency addresses with their own and hijack transactions for their own profit. The attacks are not new and were first documented and exposed last year, in August, by a security researcher and Tor node operator known as Nusenu. At the time, the researcher said the attacker managed to flood the Tor network with malicious Tor exit relays on three occasions, peaking their attack infrastructure at around 23% of the entire Tor network's exit capacity before being shut down by the Tor team on every occasion.

Read More...
posted about 10 hours ago on slashdot
A fast-spreading strain of Covid-19 first identified in India, the scene of one of the world's most fearsome outbreaks, will be classified as a variant of concern by the World Health Organization. From a report: The global health group will publish a detailed report Tuesday on the variant, called B.1.617, said Maria van Kerkhove, the WHO's technical lead officer on Covid-19. "There is some available information to suggest increased transmissibility," she said at a media briefing on Monday. A study of a limited number of patients that has not undergone peer review also suggested that the mutant can evade some key antibodies, she said. "As such, we're classifying this as a variant of concern at the global level." India's health system has been stretched to the breaking point by a virus wave that's proving highly lethal and difficult to control. The country has reported more than 300,000 new virus infections for the past 19 days straight. Fearing an influx of infections and mindful of the new variant, countries including Singapore, the U.K. and Tanzania have curbed travel to and from India.

Read More...
posted about 11 hours ago on slashdot
An anonymous reader shares a report from Technology Review: The Massachusetts Audubon Society has long managed its land in western Massachusetts as crucial wildlife habitat. Nature lovers flock to these forests to enjoy bird-watching and quiet hikes, with the occasional bobcat or moose sighting. But in 2015, the conservation nonprofit presented California's top climate regulator with a startling scenario: It could heavily log 9,700 acres of its preserved forests over the next few years. The group raised the possibility of chopping down hundreds of thousands of trees as part of its application to take part in California's forest offset program. The program allows forest owners like Mass Audubon to earn so-called carbon credits for preserving trees. Each credit represents a ton of CO2. California polluters, such as oil companies, buy these credits so that they can emit more CO2 than they'd otherwise be allowed to under state law. Theoretically, the exchange should balance out emissions to prevent an overall increase in CO2 in the atmosphere. The Air Resources Board accepted Mass Audubon's project into its program, requiring the nonprofit to preserve its forests over the next century instead of heavily logging them. The nonprofit received more than 600,000 credits in exchange for its promise. The vast majority were sold through intermediaries to oil and gas companies, records show. On paper, the deal was a success. The fossil fuel companies were able to emit more CO2 while abiding by California's climate laws. Mass Audubon earned enough money to acquire additional land for preservation, and to hire new staff working on climate change. But it didn't work out as well for the climate.

Read More...
posted about 11 hours ago on slashdot
Clubhouse finally has an Android app that you can download from the Play Store -- provided you live in the U.S. From a report: The voice-based social network launched its beta Android app on Play Store for users in the U.S. on Sunday, and said it will gradually make the new app available in other English-speaking countries and then the rest of the world. The social network, valued at about $4 billion in its most recent fundraise, launched as an iPhone-only app last year. The app quickly gained popularity last year, attracting several high-profile celebrities, politicians, investors, and entrepreneurs. Clubhouse began developing the Android app early this year and started to test the beta version externally this month. In a town hall earlier Sunday, the startup said availability on Android has been the most requested product feature. "Our plan over the next few weeks is to collect feedback from the community, fix any issues we see and work to add a few final features like payments and club creation before rolling it out more broadly," the team wrote. As Clubhouse struggles to maintain its growth -- data from mobile insight firms including AppMagic suggests that Clubhouse installs have drastically dropped in recent months -- the Android app could prove pivotal in boosting the startup's reach across the globe.

Read More...
posted about 12 hours ago on slashdot
The criminal hacking group suspected of being behind the ransomware attack on the Colonial Pipeline, which was shut down as a precaution in response, has published a new statement on its dark web site saying it is "apolitical." From a report: "We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives," the statement from the DarkSide ransomware group reads. The statement did not explicitly point to the Colonial Pipeline incident, but it was titled "About the latest news." Various outlets have reported that U.S. officials and private industry say DarkSide is behind the ransomware event. Dmitry Smilyanets, a cyber threat intelligence expert from cybersecurity firm Recorded Future, tweeted a screenshot of the statement on Monday. Motherboard verified the statement is available on DarkSide's dark web site. "Our goal is to make money, and not creating problems for society," the statement continues. The statement also indicated that the group may be making changes to how it operates and chooses targets. "From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future," it read.

Read More...
posted about 13 hours ago on slashdot
Forty-four attorneys general sent a letter to Mark Zuckerberg asking him to abandon plans to create a version of Instagram for children under 13. From a report: "Facebook has historically failed to protect the welfare of children on its platforms," according to the letter, signed by attorneys general from New York and Massachusetts, among others. "The attorneys general have an interest in protecting our youngest citizens, and Facebook's plans to create a platform where kids under the age of 13 are encouraged to share content online is contrary to that interest."

Read More...
posted about 13 hours ago on slashdot
Sony Group warned a group of analysts the PlayStation 5 will remain in short supply through 2022, suggesting the company will be constrained in its ability to boost sales targets for its latest games console. From a report: While reporting financial results in late April, the Japanese conglomerate said it had sold 7.8 million units of the console through March 31, and it is aiming to sell at least 14.8 million units in the current fiscal year. That would keep it on pace to match the trajectory of the popular PlayStation 4, which has sold in excess of 115.9 million units to date. In a briefing after those results, Sony told analysts it is challenging to keep up with strong demand. The PS5 has been difficult to find in stock since its release in November, in part because of shortages in components such as semiconductors, and the company hasn't given an official estimate for when it expects supply to normalize. "I don't think demand is calming down this year and even if we secure a lot more devices and produce many more units of the PlayStation 5 next year, our supply wouldn't be able to catch up with demand," Chief Financial Officer Hiroki Totoki said at the briefing, according to several people who attended and asked not to be named as it wasn't public.

Read More...
posted about 14 hours ago on slashdot
Pentagon officials are considering pulling the plug on the star-crossed JEDI cloud-computing project, which has been mired in litigation from Amazon and faces continuing criticism from lawmakers. From a report: The Joint Enterprise Defense Infrastructure contract was awarded to Microsoft in 2019 over Amazon, which has contested the award in court ever since. A federal judge last month refused the Pentagon's motion to dismiss much of Amazon's case. A few days later, Deputy Defense Secretary Kathleen Hicks said the department would review the project. "We're going to have to assess where we are with regard to the ongoing litigation around JEDI and determine what the best path forward is for the department," Ms. Hicks said at an April 30 security conference organized by the nonprofit Aspen Institute. Her comments followed a Pentagon report to Congress, released before the latest court ruling, that said another Amazon win in court could significantly draw out the timeline for the program's implementation. "The prospect of such a lengthy litigation process might bring the future of the JEDI Cloud procurement into question," the Jan. 28 report said. Ms. Hicks and other Pentagon officials say there is a pressing need to implement a cloud program that serves most of its branches and departments. The JEDI contract, valued at up to $10 billion over 10 years, aims to allow the Pentagon to consolidate its current patchwork of data systems, give defense personnel better access to real-time information and put the Defense Department on a stronger footing to develop artificial-intelligence capabilities that are seen as vital in the future.

Read More...
posted about 16 hours ago on slashdot
Slashgear reports that a security researcher was able to reprogram one of Apple's new AirTags, "but the process and the end result might not yet be worth the worry." Like any electronic device, especially "smart" ones, the Apple AirTag has a microcontroller that orchestrates its activities... In a nutshell, Stack Smashing "hacked" the AirTag microcontroller to modify its firmware and make it do something other than what it is designed to. That, at least for now, meant linking to a different URL when an NFC-enabled phone "taps" the tracker. Normally, it would link to found.apple.com in order to initiate the Lost Mode process. This hack could be used to make phones go to some nefarious website but getting to that point might not exactly be straightforward. The security researcher hasn't disclosed yet the process but he admits bricking at least two AirTags to get there. Unless the tracker's firmware can be modified remotely over the air, the only way you'll get a hacked AirTag would be if you acquired it through other parties. This AirTag hack might actually be less worrying than the debug menu that Apple may have accidentally left enabled before shipping the trackers. Fortunately, that might be something that is easily fixed with a firmware update...

Read More...
posted about 20 hours ago on slashdot
Dartmouth college switched to remote tests when the coronavirus ended in-person exams — then accused 17 medical students of cheating, reports the New York Times: At the heart of the accusations is Dartmouth's use of the Canvas system to retroactively track student activity during remote exams without their knowledge. In the process, the medical school may have overstepped by using certain online activity data to try to pinpoint cheating, leading to some erroneous accusations, according to independent technology experts, a review of the software code and school documents obtained by The New York Times. Dartmouth's drive to root out cheating provides a sobering case study of how the coronavirus has accelerated colleges' reliance on technology, normalizing student tracking in ways that are likely to endure after the pandemic. While universities have long used anti-plagiarism software and other anti-cheating apps, the pandemic has pushed hundreds of schools that switched to remote learning to embrace more invasive tools. Over the last year, many have required students to download software that can take over their computers during remote exams or use webcams to monitor their eye movements for possibly suspicious activity, even as technology experts have warned that such tools can be invasive, insecure, unfair and inaccurate. Some universities are now facing a backlash over the technology.... While some students may have cheated, technology experts said, it would be difficult for a disciplinary committee to distinguish cheating from noncheating based on the data snapshots that Dartmouth provided to accused students. And in an analysis of the Canvas software code, the Times found instances in which the system automatically generated activity data even when no one was using a device. "If other schools follow the precedent that Dartmouth is setting here, any student can be accused based on the flimsiest technical evidence," said Cooper Quintin, senior staff technologist at the Electronic Frontier Foundation, a digital rights organization, who analyzed Dartmouth's methodology. Seven of the 17 accused students have had their cases dismissed. In at least one of those cases, administrators said, "automated Canvas processes are likely to have created the data that was seen rather than deliberate activity by the user," according to a school email that students made public. The 10 others have been expelled, suspended or received course failures and unprofessional-conduct marks on their records that could curtail their medical careers... Tensions flared in early April when an anonymous student account on Instagram posted about the cheating charges. Soon after, Dartmouth issued a social media policy warning that students' anonymous posts "may still be traced back" to them.... The conduct review committee then issued decisions in 10 of the cases, telling several students that they would be expelled, suspending others and requiring some to retake courses or repeat a year of school at a cost of nearly $70,000... Several students said they were now so afraid of being unfairly targeted in a data-mining dragnet that they had pushed the medical school to offer in-person exams with human proctors. Others said they had advised prospective medical students against coming to Dartmouth.

Read More...
posted about 23 hours ago on slashdot
A ransomware attack affecting a pipeline that supplies 45% of the fuel supplies for the Eastern U.S. has now led U.S. president Biden to declare a regional emergency providing "regulatory relief" to expand fuel delivery by other routes. Axios reports: Friday night's cyberattack is "the most significant, successful attack on energy infrastructure" known to have occurred in the U.S., notes energy researcher Amy Myers Jaffe, per Politico. It follows other significant cyberattacks on the federal government and U.S. companies in recent months... 5,500 miles of pipeline have been shut down in response to the attack. The BBC reports: Experts say fuel prices are likely to rise 2-3% on Monday, but the impact will be far worse if it goes on for much longer... Colonial Pipeline said it is working with law enforcement, cyber-security experts and the Department of Energy to restore service. On Sunday evening it said that although its four mainlines remain offline, some smaller lateral lines between terminals and delivery points are now operational... Independent oil market analyst Gaurav Sharma told the BBC there is a lot of fuel now stranded at refineries in Texas. "Unless they sort it out by Tuesday, they're in big trouble," said Sharma. "The first areas to be impacted would be Atlanta and Tennessee, then the domino effect goes up to New York..." The temporary waiver issued by the Department of Transportation enables oil products to be shipped in tankers up to New York, but this would not be anywhere near enough to match the pipeline's capacity, Mr Sharma warned. CNN reports that a criminal group originating from Russia named DarkSide "is believed to be responsible for a ransomware cyberattack on the Colonial Pipeline, according to a former senior cyber official. DarkSide typically targets non-Russian speaking countries, the source said... Bloomberg and The Washington Post have also reported on DarkSide's purported involvement in the cyberattack..." If so, NBC News adds some sobering thoughts: Although Russian hackers often freelance for the Kremlin, early indications suggest this was a criminal scheme — not an attack by a nation state, the sources said. But the fact that Colonial had to shut down the country's largest gasoline pipeline underscores just how vulnerable American's cyber infrastructure is to both criminals and national adversaries, such as Russia, China and Iran, experts say. "This could be the most impactful ransomware attack in history, a cyber disaster turning into a real-world catastrophe," said Andrew Rubin, CEO and co-founder of Illumio, a cyber security firm... If the culprit turns out to be a Russian criminal group, it will underscore that Russia gives free reign to criminal hackers who target the West, said Dmitri Alperovitch, co-founder of the cyber firm CrowdStrike and now executive chairman of a think tank, the Silverado Policy Accelerator. "Whether they work for the state or not is increasingly irrelevant, given Russia's obvious policy of harboring and tolerating cyber crime," he said. Citing multiple sources, the BBC reports that DarkSide "infiltrated Colonial's network on Thursday and took almost 100GB of data hostage. After seizing the data, the hackers locked the data on some computers and servers, demanding a ransom on Friday. If it is not paid, they are threatening to leak it onto the internet... " The BBC also shares some thoughts from Digital Shadows, a London-based cyber-security firm that tracks global cyber-criminal groups to help enterprises limit their exposure online: Digital Shadows thinks the Colonial Pipeline cyber-attack has come about due to the coronavirus pandemic — the rise of engineers remotely accessing control systems for the pipeline from home. James Chappell, co-founder and chief innovation officer at Digital Shadows, believes DarkSide bought account login details relating to remote desktop software like TeamViewer and Microsoft Remote Desktop. He says it is possible for anyone to look up the login portals for computers connected to the internet on search engines like Shodan, and then "have-a-go" hackers just keep trying usernames and passwords until they get some to work. "We're seeing a lot of victims now, this is seriously a big problem now," said Mr Chappell.

Read More...
posted 1 day ago on slashdot
This week Linus Torvalds continued a long email interview with Jeremy Andrews, founding partner/CEO of Tag1 (a global technology consulting firm and the second all-time leading contributor to Drupal). In the first part Torvalds had discussed everything from Apple's ARM64 chips and Rust drivers, to his own Fedora-based home work environment — and reflections on the early days of Linux. But the second part offers some deeper insight into the way Torvalds thinks, some personal insight, what he'd share with other project maintainers — and some thoughts on getting corporations to contribute to open source development: While open source has been hugely successful, many of the biggest users, for example corporations, do nothing or little to support or contribute back to the very open source projects they rely on. Even developers of surprisingly large and successful projects (if measured by number of users) can be lucky to earn enough to buy coffee for the week. Do you think this is something that can be solved? Is the open source model sustainable? Linus Torvalds: I really don't have an answer to this, and for some reason the kernel has always avoided the problem. Yes, there are companies that are pure "users" of Linux, but they still end up wanting support, so they then rely on contractors or Linux distributions, and those obviously then end up as one of the big sources of kernel developer jobs. And a fair number of big tech companies that use the kernel end up actively participating in the development process. Sometimes they end up doing a lot of internal work and not being great at feeding things back upstream (I won't name names, and some of them really are trying to do better), but it's actually very encouraging how many big companies are very openly involved with upstream kernel development, and are major parts of the community. So for some reason, the kernel development community has been pretty successful about integrating with all the commercial interests. Of course, some of that has been very much conscious: Linux has very much always been open to commercial users, and I very consciously avoided the whole anti-corporate mindset that you can most definitely find in some of the "Free Software" groups. I think the GPLv2 is a great license, but at the same time I've been very much against some of the more extreme forms of "Free Software", and I — and Linux — was very much part of the whole rebranding to use "Open Source". Because frankly, some of the almost religious overtones of rms and the FSF were just nutty, and a certain portion of the community was actively driving commercial use away. And I say that as somebody who has always been wary of being too tainted by commercial interests... I do think that some projects may have shot themselves in the foot by being a bit too anti-commercial, and made it really hard for companies to participate... But is it sustainable? Yes. I'm personally 100% convinced that not only is open source sustainable, but for complex technical issues you really need open source simply because the problem space ends up being too complex to manage inside one single company. Even a big and competent tech company. But it does require a certain openness on both sides. Not all companies will be good partners, and some developers don't necessarily want to work with big companies. In the interview Torvalds also thanks the generous education system in Finland, and describes what it was like moving from Finland to America. And as for how long he'll continue working on Linux, Torvalds says, "I do enjoy what I do, and as long as I feel I'm actually helping the project, I'll be around... "in the end, I really enjoy what I do. I'd be bored to tears without kernel development."

Read More...
posted 1 day ago on slashdot
The Washington Post reports on "growing evidence — both anecdotal and in surveys — that a lot of people want to do something different with their lives than they did before the pandemic." In a piece titled "It's not a 'labor shortage.' It's a great reassessment of work," they argue that "The coronavirus outbreak has had a dramatic psychological effect on workers, and people are reassessing what they want to do and how they want to work, whether in an office, at home or some hybrid combination." A Pew Research Center survey this year found that 66 percent of the unemployed had "seriously considered" changing their field of work, a far greater percentage than during the Great Recession. People who used to work in restaurants or travel are finding higher-paying jobs in warehouses or real estate, for example. Or they want a job that is more stable and less likely to be exposed to the coronavirus — or any other deadly virus down the road... Economists describe this phenomenon as reallocation friction, the idea that the types of jobs in the economy are changing and workers are taking awhile to figure out what new jobs they want — or what skills they need for different roles... Even among those who have jobs, people are rethinking their options. Front-line workers are reporting high levels of burnout, causing some to seek a new career path. There's also been a wave of retirements as workers over 50 quit because they don't want to return to teaching, home health care or other front-line jobs. More affluent Americans say they are retiring early because their retirement portfolios have surged in the past year and the pandemic has taught them that life is short. They don't want to spend as much time at a desk, even if it is safe... [I]t's notable that the manufacturing sector has bounced back strongly, yet the industry has only added back about 60 percent of the jobs lost. This suggests many factories are ramping up automation in a way that allows them to do more with fewer workers. The overall expectation is still for hiring to pick up this summer as the economy reopens fully and more people are vaccinated. But the past year has fundamentally changed the economy and what many Americans want in their working life. This big reassessment — for companies and workers — is going to take awhile to sort out and it could continue to pop up in surprising ways.

Read More...