Sorry, you need to enable JavaScript to visit this website.

Slashdot

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 6 min 53 sec ago

Ask Slashdot: DuckDB Queries JSON with SQL. But Will AI Change Code Syntax?

Sun, 24/03/2024 - 3:34pm
Long-time Slashdot reader theodp writes: Among the amazing features of the in-process analytical database DuckDB, writes software engineer Paul Gross in DuckDB as the New jq, is that it has many data importers included without requiring extra dependencies. This means it can natively read and parse JSON as a database table, among many other formats. "Once I learned DuckDB could read JSON files directly into memory," Gross explains, "I realized that I could use it for many of the things where I'm currently using jq. In contrast to the complicated and custom jq syntax, I'm very familiar with SQL and use it almost daily." The stark difference of the two programming approaches to the same problem — terse-but-cryptic jq vs. more-straightforward-to-most SQL — also raises some interesting questions: Will the use of Generative AI coding assistants more firmly entrench the status quo of the existing programming paradigms on whose codebases it's been trained? Or could it help bootstrap the acceptance of new, more approachable programming paradigms? Had something like ChatGPT been around back in the Programming Windows 95 days, might people have been content to use Copilot to generate reams of difficult-to-maintain-and-enhance Windows C code using models trained on the existing codebases instead of exploring easier approaches to Windows programming like Visual BASIC?

Read more of this story at Slashdot.

Video Game Voice Actors May Strike Over AI

Sun, 24/03/2024 - 2:34pm
"Hollywood is bracing for another actors strike, this time against the videogame industry," according to MarketWatch: "We're currently in bargaining with all the major game studios, and the major sticking point is AI," SAG-AFTRA National Executive Director Duncan Crabtree-Ireland said Thursday. "Actors at all levels are at risk of digital replication. We have strike authorization on that contract and it is, at this point — we could end up going on strike...." The union, which navigated its way to a new film and TV contract after a 118-day strike against the Hollywood studios last year, is again focusing on regulating artificial intelligence and its impact on wages and jobs. "It will be a recurring issue with each successive contract" every three years, Crabtree-Ireland said. Some studios are already using AI-generated voices to save money, the article points out. "Actors and actresses should be very much afraid," Chris Mattmann, an adjunct research professor at the University of Southern California's Computer Science Department, says in the article. "Within three seconds, gen AI can effectively clone a voice." The strike could affect Microsoft's Activision Publishing and Disney, as well as other major game publishers including Electronic Arts, Epic Games, and Warner Bros.

Read more of this story at Slashdot.

93-Year-Old William Shatner Discusses 'Star Trek', Space, Mortality, and Captain Kirk's Death

Sun, 24/03/2024 - 11:34am
"It was three years of my, life you?" a 93-year-old William Shatner tells the Guardian when asked about playing Captain Kirk on the original Star Trek series from 1967 to 1969: It gladdens him to see how much joy the series has brought its many fans, but the richest rewards came in his introduction to science fiction, which activated and nurtured a lifelong curiosity about our species. He reminisces about meeting the great writers of the genre fondly yet frankly, honest enough to sort Ray Bradbury into "the category right below friend, I think". He devoured their novels and developed a fascination with the principle of defamiliarization, that concepts taken for granted can be understood anew when viewed through the vantage of a stranger in a strange land. "Good science fiction is humanity, moved into a different milieu," he says. Even on a grander scale, "The universe charms him with its mysteries," writes the Guardian, calling it "the key to maintaining wonder through nearly a century of life. He likes the not-knowing." You can see this at play when the TV starship captain became a real-life spacefarer in 2021: Liberated by weightlessness, he found himself utterly transformed by the rush of perspective one can only assume miles above the Earth. "It's very personal, what you see from up there, what you read into the stillness," he says. "I saw the blankness of space as death, but an astronaut will see something else entirely. And when I looked back at the Earth, I saw life." The question of mortality hangs over Shatner, albeit not in a morbid way. He's entranced by the paradox of death, that the absolute unknowability of what happens will be inevitably supplanted by the certainty of finding out... For a man accustomed to boldly going where no man has gone before, it's all just the next phase of a single ongoing adventure. In fact, Shatner told Jimmy Kimmel Friday that he was always disappointed by the way he'd performed Captain Kirk's death. "I think you die the way you live," Shatner says. "So Captain Kirk always had these grotesque things happening... but without fear. But with joy, and love, and an opportunity to see what's better." So when performing Kirk's death, he'd imagined him actually gazing upon death itself — and looking upon it with wonder. "I ad libbed the 'Oh my'." Shatner's regret? That it "sounded fearful. And I didn't want to be fearful." "Would you like a do-over?" Kimmel asks. (Adding "I've got some debris...") And Shatner agrees, performing — one more time — the death of Captain Kirk. The video also includes an appropriate clip from a newly-released documentary about Shatner's life. "Don't do it half-heartedly," Shatner says at one point. "Whatever it is you do — do it fully. Do it passionately. Do it with your whole being."

Read more of this story at Slashdot.

It's 25 Years Later. Are We All Now Trapped in 'The Matrix'?

Sun, 24/03/2024 - 7:34am
It was March 24, 1999 that The Matrix premiered, premembers the Wall Street Journal. "To rewatch The Matrix is to be reminded of how primitive our technology was just 25 years ago. We see computers with bulky screens, cellphones with keypads and a once-ubiquitous feature of our society known as 'pay phones,' central to the plot of the film." But the article's headline warns that "25 Years Later, We're All Trapped in 'The Matrix'". [I]n a strange way, the film has become more relevant today than it was in 1999. With the rise of the smartphone and social media, genuine human interaction has dropped precipitously. Today many people, like Cypher, would rather spend their time in the imaginary realms offered by technology than engage in a genuine relationship with other human beings. In the film, one of the representatives of the AI, the villainous Agent Smith, played by Hugo Weaving, tells Morpheus that the false reality of the Matrix is set in 1999 because that year was "the peak of your civilization. I say your civilization, because as soon as we started thinking for you it really became our civilization." Indeed, not long after "The Matrix" premiered, humanity hooked itself up to a matrix of its own. There is no denying that our lives have become better in many ways thanks to the internet and smartphones. But the epidemic of loneliness and depression that has swept society reveals that many of us are now walled off from one another in vats of our own making... For today's dwellers in the digital cave, the path back into the light doesn't involve taking a pill, as in "The Matrix," or being rescued by a philosopher. We ourselves have the power to resist the extremes of the digital world, even as we remain linked to it. You can find hints of an unplugged "Zion" in the Sabbath tables of observant Jews, where electronic devices are forbidden, and in university seminars where laptops are banned so that students can engage with a text and each other. Twenty-five years ago, "The Matrix" offered us a modern twist on Plato's cave. Today we are once again asking what it will take to find our way out of the lonely darkness, into the brilliance of other human souls in the real world.

Read more of this story at Slashdot.

'Humane' Demos New Features on Its Ai Pin - Which Starts Arriving April 11

Sun, 24/03/2024 - 4:34am
Indian Express calls it "the ultimate smartphone killer". (Coming soon, its laser-on-your-palm feature will display stock prices, sports scores, and flight statuses.) Humane's Ai Pin can even translate what you say, repeating it out loud in another language (with 50 different languages supported). And it can read you summaries of what's on your favorite web sites, so "You can just surf the web with your voice," according to a new video released this week. The video also shows it answering specific questions like "What's that song by 21 Savage with the violin intro?" (And later, while the song is playing, answering more questions like "This was sampled from another song. What song was that?") But then co-founder Imran Chaudhri — an iPhone designer and one of several former Apple employees at Humane — demonstrated a "Vision" feature that's coming soon. Holding a Sony Walkman he asks the Pin to "Look at this and tell me when it first came out" — and the Pin obliges. ("The Sony Walkman WM-F73 was released in 1986...") In another demo it correctly supplied the designer of an Air Jordan basketball shoe. They're also working on integrating this into a Nutrition Tracking application. (A demonstrator held a doughnut and asked the Pin to identify how much sugar was in it.) If you tell the Pin that you've eaten the doughnut, it can then calculate your intake of carbs, protein, and fats. And in the video the Pin responded within seconds to the command "Make a spreadsheet about top consumer tech reviewers on YouTube [with] real names, subscriber counts, and URLs." It performed the research and created the spreadsheet, which appears on the demonstrator's laptop, apparently logged in to Humane's cloud-based user platform. In the video Humane's co-founder stresses that its Ai Pin does all this without downloading applications, "which allows me to stay present in the moment and flow." But while it can also make phone calls and sends text messages, Imran Chaudhri adds that "Ai Pin is a completely new form factor for compute. It's never been about replacing. It's always been about creating new ways to interact with what you need. So instead of having to sit down to use a computer, or reaching in to your pocket and pulling out your phone and navigating apps, Ai Pin allows you to simply act on something the moment you think about it — letting AI do all the work for you." Or, as they say later "This is about technology adapting and reacting to you. Not you having to adapt to it." There's also talk about their "AI OS" — named Cosmos — with the Pin described as "our first entry point" into that operating system, with other devices planned to support it in the future. (Mashable's reporter notes that Humane's Ai Pin is backed by OpenAI CEO Sam Altman, and writes "I was impressed with how well it worked.") The video even ends with an update for SDK developers. In the second half of 2024, "you're going to be able to connect your services to the Ai Pin using REST APIs and OAuth." Phase two will let developers run their code directly on Humane's cloud platform — while Phase three will see developers codes on Ai Pin devices, "to get access to the mic, the camera, the sensors, and the laser. We are so excited to see what you're gonna build." Humane says its Ai Pin will start shipping at the end of March, with priority orders arriving starting on April 11th.

Read more of this story at Slashdot.

New Book Remembers LAN Parties and the 1990s 'Multiplayer Revolution'

Sun, 24/03/2024 - 1:34am
CNN looks back to when "dial-up internet (and its iconic dial tone) was 'still a thing..." "File-sharing services like Napster and LimeWire were just beginning to take off... And in sweaty dorm rooms and sparse basements across the world, people brought their desktop monitors together to set up a local area network (LAN) and play multiplayer games — "Half-Life," "Counter-Strike," "Starsiege: Tribes," "StarCraft," "WarCraft" or "Unreal Tournament," to name just a few. These were informal but high-stakes gatherings, then known as LAN parties, whether winning a box of energy drinks or just the joy of emerging victorious. The parties could last several days and nights, with gamers crowded together among heavy computers and fast food boxes, crashing underneath their desks in sleeping bags and taking breaks to pull pranks on each other or watch movies... It's this nostalgia that prompted writer and podcaster Merritt K to document the era's gaming culture in her new photobook "LAN Party: Inside the Multiplayer Revolution." After floating the idea on X, the social media platform formerly known as Twitter, she received an immediate — and visceral — response from old-school gamers all too keen to share memories and photos from LAN parties and gaming conventions across the world... It's strange to remember that the internet was once a place you went to spend time with other real people; a tethered space, not a cling-film-like reality enveloping the corporeal world from your own pocket.... Growing up as a teenager in this era, you could feel a sense of hope (that perhaps now feels like naivete) about the possibilities of technology, K explained. The book is full of photos featuring people smiling and posing with their desktop monitors, pride and fanfare apparent... "It felt like, 'Wow, the future is coming,'" K said. "It was this exciting time where you felt like you were just charting your own way. I don't want to romanticize it too much, because obviously it wasn't perfect, but it was a very, very different experience...." "We've kind of lost a lot of control, I think over our relationship to technology," K said. "We have lost a lot of privacy as well. There's less of a sense of exploration because there just isn't as much out there." One photo shows a stack of Mountain Dew cans (remembering that by 2007 the company had even released a line of soda called "Game Fuel"). "It was a little more communal," the book's author told CNN. "If you're playing games in the same room with someone, it's a different experience than doing it online. You can only be so much of a jackass to somebody who was sitting three feet away from you..." They adds that that feeling of connecting to people in other places "was cool. It wasn't something that was taken for granted yet."

Read more of this story at Slashdot.

Air Industry Trends Safer, But 'Flukish' Second Crash Led Boeing to Mishandled Media Storm, WSJ Argues

Sat, 23/03/2024 - 10:34pm
There's actually "a global trend toward increased air safety," notes a Wall Street Journal columnist. And even in the case of the two fatal Boeing crashes five years ago, he stresses that they were "were two different crashes," with the second happening only "after Boeing and the FAA issued emergency directives instructing pilots how to compensate for Boeing's poorly designed flight control software. "The story should have ended after the first crash except the second set of pilots behaved in unexpected, unpredictable ways, flying a flyable Ethiopian Airlines jet into the ground." Boeing is guilty of designing a fallible system and placing an undue burden on pilots. The evidence strongly suggests, however, that the Ethiopian crew was never required to master the simple remedy despite the global furor occasioned by the first crash. To boot, they committed an additional error by overspeeding the aircraft in defiance of aural, visual and stick-shaker warnings against doing so. It got almost no coverage, but on the same day the Ethiopian government issued its final findings on the accident in late 2022, the U.S. National Transportation Safety Board, in what it called an "unusual step," issued its own "comment" rebuking the Ethiopian report for "inaccurate" statements, for ignoring the crew's role, for ignoring how readily the accident should have been avoided. So the Wall Street Journal columnist challenges whether profit incentives played any role in Boeing's troubles: In reality, the global industry was reorganized largely along competitive profit-and-loss lines after the 1970s, and yet this coincided with enormous increases in safety, notwithstanding the sausage factory elements occasionally on display (witness the little-reported parking of hundreds of Airbus planes over a faulty new engine). The point here isn't blame but to note that 100,000 repetitions likely wouldn't reproduce the flukish second MAX crash and everything that followed from it. Rather than surfacing Boeing's deeply hidden problems, it seems the second crash gave birth to them. The subsequent 20-month grounding and production shutdown, combined with Covid, cost Boeing thousands of skilled workers. The pressure of its duopoly competition with Airbus plus customers clamoring for their backordered planes made management unwisely desperate to restart production. January's nonfatal door-plug blowout of an Alaska Airlines 737 appears to have been a one-off when Boeing workers failed to reinstall the plug properly after removing it to fix faulty fuselage rivets. Not a one-off, apparently, are faulty rivets as Boeing has strained to hire new staff and resume production of half-finished planes. Boeing will sort out its troubles eventually by applying the oldest of manufacturing insights: Training, repetition, standardization and careful documentation are the way to error-free complex manufacturing. As he sees it, "The second MAX crash caught Boeing up in a disorienting global media and political storm that it didn't know how to handle and, indeed, has handled fairly badly."

Read more of this story at Slashdot.

''Tetris Reversed'? Alexey Pajitnov Shows Footage From Rediscovered Prototype for 'Tetris' Sequel

Sat, 23/03/2024 - 9:34pm
Tetris creator Alexey Pajitnov and others spoke at the Game Developers Conference about Tetris Reversed, reports VentureBeat — and told the story of "a lost prototype of a Tetris game that was never published." But little did Pajitnov know that an engineer in charge of the game, Vedran Klanac, had kept a copy of it. Through the help of intermediaries, he showed it to Pajitnov and the two shared their memories of what happened to the lost game... Pajitnov has lived in the U.S. since 1991, where he has been involved in the development of games such as Pandora's Box and worked with companies such as Microsoft and WildSnake Software... Klanac is the CEO of Ocean Media, and he is originally from Zagreb, Croatia. He was an aerospace engineer who started his career in the games industry with Croteam where he built the physics engine for Serious Sam 2. Since 2006, he has been running Ocean Media, a game publishing company with a focus on consoles. During the last 20 years, he was involved in production as a programmer and executive producer in more than 200 projects. And it turns out he was the programmer who created the Tetris Reversed code based on instructions from Pajitnov, who had passed them on through a middleman. In 2011, programmer Vedran Klanac went to the NLGD Festival of Games in Utrecht, The Netherlands. He listened to a talk on a charitable effort from Martin de Ronde, a cofounder of game studio Guerrilla Games. Klanac said in an interview with GamesBeat that he listened to De Ronde's talk and offered to help. De Ronde came back months later saying he had an agreement with Pajitnov about creating a new prototype for a Tetris game. De Ronde asked if Klanac if he wanted to make Tetris Reversed by Pajitnov. "Are you kidding me?" Klanac reacted. The idea is still to survive as long as you can, according to the article — but the entire playfield was accessible. "For the first time in public, they showed the video of the prototype in action," according to the article, which also records Pajitnov reaction. "When you see the gameplay video, and when you look at the design elements. This is Tetris for like 300 IQ people." No word on yet on whether the game will ever be officially published.

Read more of this story at Slashdot.

A Problem for Sun-Blocking Cloud Geoengineering? Clouds Dissipate

Sat, 23/03/2024 - 8:34pm
Slashdot reader christoban writes: In what may be an issue for Sun-obscuring strategies to combat global warming, it turns out that during solar eclipses, low level cumulus clouds rapidly disappear, reducing by a factor of 4, researchers have found. The news comes from the science magazine Eos (published by the nonprofit organization of atmosphere/ocean/space scientists, the American Geophysical Union). Victor J. H. Trees, a geoscientist at Delft University of Technology in the Netherlands, and his colleagues recently analyzed cloud cover data obtained during an annular eclipse in 2005, visible in parts of Europe and Africa. They mined visible and infrared imagery collected by two geostationary satellites operated by the European Organisation for the Exploitation of Meteorological Satellites. Going to space was key, Trees said. "If you really want to quantify how clouds behave and how they react to a solar eclipse, it helps to study a large area. That's why we want to look from space...." [T]hey tracked cloud evolution for several hours leading up to the eclipse, during the eclipse, and for several hours afterward. Low-level cumulus clouds — which tend to top out at altitudes around 2 kilometers (1.2 miles) — were strongly affected by the degree of solar obscuration. Cloud cover started to decrease when about 15% of the Sun's face was covered, about 30 minutes after the start of the eclipse. The clouds started to return only about 50 minutes after maximum obscuration. And whereas typical cloud cover hovered around 40% in noneclipse conditions, less than 10% of the sky was covered with clouds during maximum obscuration, the team noted. "On a large scale, the cumulus clouds started to disappear," Trees said... The temperature of the ground matters when it comes to cumulus clouds, Trees said, because they are low enough to be significantly affected by whatever is happening on Earth's surface... Beyond shedding light on the physics of cloud dissipation during solar eclipses, these new findings also have implications for future geoengineering efforts, Trees and his collaborators suggested. Discussions are underway to mitigate the effects of climate change by, for instance, seeding the atmosphere with aerosols or launching solar reflectors into space to prevent some of the Sun's light from reaching Earth. Such geoengineering holds promise for cooling our planet, researchers agree, but its repercussions are largely unexplored and could be widespread and irreversible. These new results suggest that cloud cover could decrease with geoengineering efforts involving solar obscuration. And because clouds reflect sunlight, the efficacy of any effort might correspondingly decrease, Trees said. That's an effect that needs to be taken into account when considering different options, the researchers concluded. Another article on the site warns that "Planting Trees May Not Be as Good for the Climate as Previously Believed." "The climate benefits of trees storing carbon dioxide is partially offset by dark forests' absorption of more heat from the Sun, and compounds they release that slow the destruction of methane in the atmosphere."

Read more of this story at Slashdot.

New 'Loop DoS' Attack May Impact Up to 300,000 Online Systems

Sat, 23/03/2024 - 7:33pm
BleepingComputer reports on "a new denial-of-service attack dubbed 'Loop DoS' targeting application layer protocols." According to their article, the attack "can pair network services into an indefinite communication loop that creates large volumes of traffic." Devised by researchers at the CISPA Helmholtz-Center for Information Security, the attack uses the User Datagram Protocol (UDP) and impacts an estimated 300,000 host and their networks. The attack is possible due to a vulnerability, currently tracked as CVE-2024-2169, in the implementation of the UDP protocol, which is susceptible to IP spoofing and does not provide sufficient packet verification. An attacker exploiting the vulnerability creates a self-perpetuating mechanism that generates excessive traffic without limits and without a way to stop it, leading to a denial-of-service (DoS) condition on the target system or even an entire network. Loop DoS relies on IP spoofing and can be triggered from a single host that sends one message to start the communication. According to the Carnegie Mellon CERT Coordination Center (CERT/CC) there are three potential outcomes when an attacker leverages the vulnerability: — Overloading of a vulnerable service and causing it to become unstable or unusable. — DoS attack on the network backbone, causing network outages to other services. — Amplification attacks that involve network loops causing amplified DOS or DDOS attacks. CISPA researchers Yepeng Pan and Professor Dr. Christian Rossow say the potential impact is notable, spanning both outdated (QOTD, Chargen, Echo) and modern protocols (DNS, NTP, TFTP) that are crucial for basic internet-based functions like time synchronization, domain name resolution, and file transfer without authentication... The researchers warned that the attack is easy to exploit, noting that there is no evidence indicating active exploitation at this time. Rossow and Pan shared their findings with affected vendors and notified CERT/CC for coordinated disclosure. So far, vendors who confirmed their implementations are affected by CVE-2024-2169 are Broadcom, Cisco, Honeywell, Microsoft, and MikroTik. To avoid the risk of denial of service via Loop DoS, CERT/CC recommends installing the latest patches from vendors that address the vulnerability and replace products that no longer receive security updates. Using firewall rules and access-control lists for UDP applications, turning off unnecessary UDP services, and implementing TCP or request validation are also measures that can mitigate the risk of an attack. Furthermore, the organization recommends deploying anti-spoofing solutions like BCP38 and Unicast Reverse Path Forwarding (uRPF), and using Quality-of-Service (QoS) measures to limit network traffic and protect against abuse from network loops and DoS amplifications. Thanks to long-time Slashdot reader schneidafunk for sharing the article.

Read more of this story at Slashdot.

Could a Guilty Plea Free Julian Assange From Jail?

Sat, 23/03/2024 - 6:34pm
America's Justice Department "is considering whether to allow Julian Assange to plead guilty to a reduced charge of mishandling classified information," reports the Wall Street Journal, citing "people familiar with the matter." Though Assange faces trial for publishing thousands of confidential U.S. documents in 2010, this development opens up "the possibility of a deal that could eventually result in his release from a British jail," reports the Journal. Where things stand currently: A U.K. court is currently considering whether to allow a last-ditch appeal by the 52-year-old. After U.S. prosecutors charged him in 2019, U.K. law-enforcement officials apprehended him, and he has been in a London prison ever since... Britain's High Court is expected to decide within weeks whether to grant Assange a further right to appeal his extradition to the U.S. If the court rules against him, the U.S. government will likely have 28 days to come and collect Assange and bring him to face trial. But... Justice Department officials and Assange's lawyers have had preliminary discussions in recent months about what a plea deal could look like to end the lengthy legal drama, according to people familiar with the matter, a potential softening in a standoff filled with political and legal complexities. The talks come as Assange has spent some five years behind bars. U.S. prosecutors face diminishing odds that he would serve much more time even if he were convicted stateside. The discussions remain in flux, and talks could fizzle. Any deal would require approval at the highest levels of the Justice Department. Barry Pollack, a lawyer for Assange, said he has been given no indication that the department will take a deal. A Justice Department spokesman declined to comment. If prosecutors allow Assange to plead to a U.S. charge of mishandling classified documents — something his lawyers have floated as a possibility — it would be a misdemeanor offense. Under such a deal, Assange potentially could enter that plea remotely, without setting foot in the U.S. The time he has spent behind bars in London would count toward any U.S. sentence, and he would likely be free to leave prison shortly after any deal was concluded. U.S. authorities "gave a package of assurances, including a pledge he could be transferred to his native Australia to serve any sentence," according to the article. The Australian government, which has largely been supportive of Assange, could shorten any sentence once he landed on Australian soil, said Nick Vamos, a partner at London law firm Peters & Peters and a former head of extradition for England and Wales's Crown Prosecution Service. "I honestly think as soon as he arrived in Australia he would be released," he said.

Read more of this story at Slashdot.

Netflix's '3 Body Problem' Draws Mixed Reviews, Sparks Anger in China

Sat, 23/03/2024 - 5:34pm
"My favorite kind of science fiction involves stories rooted in real science..." writes NPR's reviewer. "[T]here is something special about seeing characters wrestle with concepts closer to our current understanding of how the universe works." The Verge calls it an "impressive" and "leaner" story than the book, arguing "it's a good one — and very occasionally a great one" that introduces the author's key ideas, though channelling "the book's spirit but not its brilliance." And Slate calls it a "downright transformative" adaptation, "jettisoning most of the novel's characters and plucking scenes from all three books," while accusing it of "making the trilogy's expansive and philosophical story into something much more pedestrian and digestible." But Reuters notes there's huge interest in China over this adaptation (by the co-creator of Mem>Game of Thrones) for the first Asian novel to win the Hugo Award for best science fiction novel. "The new series was trending on Chinese social media platform Weibo on Friday," reports Reuters, "with 21 million views so far." (The show came in first on Weibo's "top hot" trend rankings, they add, "despite Netflix being officially inaccessible in China. Chinese viewers would have had to watch the Netflix series from behind a VPN or on a pirate site.") So what was their verdict? CNN reports Netflix's adaptation "has split opinions in China and sparked online nationalist anger over scenes depicting a violent and tumultuous period in the country's modern history." Among the country's more patriotic internet users, discussions on the adaptation turned political, with some accusing the big-budget American production of making China look bad. The show opens with a harrowing scene depicting Mao Zedong's Cultural Revolution, which consumed China in bloodshed and chaos for a decade from 1966... "Netflix you don't understand 'The Three Body Problem' or Ye Wenjie at all!" read a comment on social media platform Weibo. "You only understand political correctness!" Others came to the show's defense, saying the scene closely follows depictions in the book — and is a truthful reenactment of history. "History is far more absurd than a TV series, but you guys pretend not to see it," read one comment on Douban, a popular site for reviewing movies, books and music. Author Liu said in an interview with the New York Times in 2019 that he had originally wanted to open the book with scenes from Mao's Cultural Revolution, but his Chinese publisher worried they would never make it past government censors and buried them in the middle of the narrative. The English version of the book, translated by Ken Liu, put the scenes at the novel's beginning, with the author's blessing... Various other aspects of the show, from its casting and visual effects to the radical changes to the story's original setting and characters, also attracted the ire of Chinese social media users. Many compared it to a Chinese television adaptation released last year — a much lengthier and closer retelling of the book that ran to 30 episodes and was highly rated on Chinese review platforms. The Netflix adaptation featured an international cast and placed much of the action in present-day London — thus making the story a lot less Chinese.

Read more of this story at Slashdot.

Pregnancy May Increase Biological Age 2 Years - But Some End Up 'Younger'

Sat, 23/03/2024 - 4:34pm
Slashdot reader sciencehabit shared this report from Science magazine: Nurturing a growing fetus requires a series of profound physical, hormonal, and chemical changes that may rewire every major organ in the body and can cause serious health complications such as hypertension and preeclampsia. But does being pregnant actually take years off your life...? Today in Cell Metabolism, scientists report that the stress of pregnancy can cause a person's biological age to increase by up to 2 years — a trend that may reverse itself in the months that follow. In some cases, the authors write, those who breastfeed their children after giving birth may end up biologically "younger" than during early pregnancy. The finding represents yet another piece of "compelling" evidence that events during and after pregnancy can have far-reaching health consequences, says Elizabeth Bertone-Johnson, an epidemiologist at the University of Massachusetts Amherst who wasn't involved in the new study... The discovery that biological aging isn't necessarily a linear process "came as a real surprise," says Kieran O'Donnell, a perinatal researcher at the Yale School of Medicine... But blood samples from 68 participants, collected 3 months after giving birth, revealed a dramatic about-face. Although being pregnant had initially aged their cells between 1 and 2 years, says O'Donnell, their biological age now appeared to be 3 to 8 years younger than it had been during early pregnancy — with different epigenetic clocks algorithms providing slightly bigger or smaller estimates.

Read more of this story at Slashdot.

Apple Criticized For Changing the macOS version of cURL

Sat, 23/03/2024 - 3:34pm
"On December 28 2023, bugreport 12604 was filed in the curl issue tracker," writes cURL lead developer Daniel Stenberg: The title stated of the problem in this case was quite clear: flag -cacert behavior isn't consistent between macOS and Linux , and it was filed by Yuedong Wu. The friendly reporter showed how the curl version bundled with macOS behaves differently than curl binaries built entirely from open source. Even when running the same curl version on the same macOS machine. The curl command line option --cacert provides a way for the user to say to curl that this is the exact set of CA certificates to trust when doing the following transfer. If the TLS server cannot provide a certificate that can be verified with that set of certificates, it should fail and return error. This particular behavior and functionality in curl has been established since many years (this option was added to curl in December 2000) and of course is provided to allow users to know that it communicates with a known and trusted server. A pretty fundamental part of what TLS does really. When this command line option is used with curl on macOS, the version shipped by Apple, it seems to fall back and checks the system CA store in case the provided set of CA certs fail the verification. A secondary check that was not asked for, is not documented and plain frankly comes completely by surprise. Therefore, when a user runs the check with a trimmed and dedicated CA cert file, it will not fail if the system CA store contains a cert that can verify the server! This is a security problem because now suddenly certificate checks pass that should not pass. "We don't consider this something that needs to be addressed in our platforms," Apple Product Security responded. Stenberg's blog post responds, "I disagree." Long-time Slashdot reader lee1 shares their reaction: I started to sour on MacOS about 20 years ago when I discovered that they had, without notice, substituted their own, nonstandard version of the Readline library for the one that the rest of the Unix-like world was using. This broke gnuplot and a lot of other free software... Apple is still breaking things, this time with serious security and privacy implications.

Read more of this story at Slashdot.

Microsoft Confirms Windows Server Security Update Caused Memory Leak, 'Unscheduled' Reboots

Sat, 23/03/2024 - 2:34pm
"Microsoft confirmed that a memory leak introduced with the March 2024 Windows Server security updates is behind a widespread issue causing Windows domain controllers to crash," BleepingComputer reported Thursday. Friday Microsoft wrote that the issue "was resolved in the out-of-band update KB5037422," only available via the Microsoft Update Catalog. (The update "is not available from Windows Update and will not install automatically.") BleepingComputer reported the leak only affected "enterprise systems using the impacted Windows Server platform," and home users were not affected. But Microsoft confirmed it impacted all domain controller servers with the latest Windows Server 2012 R2, 2016, 2019, and 2022 updates: As BleepingComputer first reported on Wednesday and as many admins have warned over the last week, affected servers are freezing and restarting unexpectedly due to a Local Security Authority Subsystem Service (LSASS) process memory leak introduced with this month's cumulative updates. "Since installation of the March updates (Exchange as well as regular Windows Server updates) most of our DCs show constantly increasing lsass memory usage (until they die)," one admin said. "Our symptoms were ballooning memory usage on the lsass.exe process after installing KB5035855 (Server 2016) and KB5035857 (Server 2022) to the point that all physical and virtual memory was consumed and the machine hung," another Windows admin told BleepingComputer. The leak "is observed when on-premises and cloud-based Active Directory Domain Controllers service Kerberos authentication requests," Microsoft wrote. "Extreme memory leaks may cause LSASS to crash, which triggers an unscheduled reboot of underlying domain controllers..." "We strongly recommend you do not apply the March 2024 security update on DCs and install KB5037422 instead..."

Read more of this story at Slashdot.

Trump's Truth Social Is Going Public

Sat, 23/03/2024 - 1:00pm
An anonymous reader quotes a report from Wired: Former president Donald Trump'sTruth Social, a shameless Twitter clone, is set to become a publicly traded company as soon as next week. Shareholders of Digital World Acquisition Corp. voted on Friday to merge with Trump Media and Technology Group, the company behind Truth Social. The vote is a culmination of a years-long saga attempting to merge Trump Media with a publicly traded company in what's known as a SPAC deal. The company will trade under the ticker DJT once it goes public. [...] Truth Social looks nearly identical to Twitter, with some key distinctions. Instead of "tweeting," users post a "truth." A "retweet" is called a "retruth." Unlike many right-wing Twitter clones, the site functions well, has remained mostly online, and actually appears to have a somewhat active user base. But since launching in February 2022, after Trump was kicked off of mainstream platforms for inciting violence during the January 6 riot at the Capitol, the company has been mired in controversy.

Read more of this story at Slashdot.

Truck-To-Truck Worm Could Infect Entire US Fleet

Sat, 23/03/2024 - 10:00am
Jessica Lyons reports via The Register: Vulnerabilities in common Electronic Logging Devices (ELDs) required in US commercial trucks could be present in over 14 million medium- and heavy-duty rigs, according to boffins at Colorado State University. In a paper presented at the 2024 Network and Distributed System Security Symposium, associate professor Jeremy Daily and systems engineering graduate students Jake Jepson and Rik Chatterjee demonstrated how ELDs can be accessed over Bluetooth or Wi-Fi connections to take control of a truck, manipulate data, and spread malware between vehicles. "These findings highlight an urgent need to improve the security posture in ELD systems," the trio wrote [PDF]. The authors did not specify brands or models of ELDs that are vulnerable to the security flaws they highlight in the paper. But they do note there's not too much diversity of products on the market. While there are some 880 devices registered, "only a few tens of distinct ELD models" have hit the road in commercial trucks. A federal mandate requires most heavy-duty trucks to be equipped with ELDs, which track driving hours. These systems also log data on engine operation, vehicle movement and distances driven -- but they aren't required to have tested safety controls built in. And according to the researchers, they can be wirelessly manipulated by another car on the road to, for example, force a truck to pull over. The academics pointed out three vulnerabilities in ELDs. They used bench level testing systems for the demo, as well as additional testing on a moving 2014 Kenworth T270 Class 6 research truck equipped with a vulnerable ELD. [...] For one of the attacks, the boffins showed how anyone within wireless range could use the device's Wi-Fi and Bluetooth radios to send an arbitrary CAN message that could disrupt of some of the vehicle's systems. A second attack scenario, which also required the attacker to be within wireless range, involved connecting to the device and uploading malicious firmware to manipulate data and vehicle operations. Finally, in what the authors described as the "most concerning" scenario, they uploaded a truck-to-truck worm. The worm uses the compromised device's Wi-Fi capabilities to search for other vulnerable ELDs nearby. After finding the right ELDs, the worm uses default credentials to establish a connection, drops its malicious code on the next ELD, overwrites existing firmware, and then starts the process over again, scanning for additional devices. "Such an attack could lead to widespread disruptions in commercial fleets, with severe safety and operational implications," the researchers warned.

Read more of this story at Slashdot.

AI Surpasses Doctors In Spotting Early Breast Cancer Signs In NHS Trial

Sat, 23/03/2024 - 7:00am
An AI tool named Mia, tested by the NHS, successfully detected signs of breast cancer in 11 women which had been missed by human doctors. The BBC reports: The tool, called Mia, was piloted alongside NHS clinicians and analyzed the mammograms of over 10,000 women. Most of them were cancer-free, but it successfully flagged all of those with symptoms, as well as an extra 11 the doctors did not identify. At their earliest stages, cancers can be extremely small and hard to spot. The BBC saw Mia in action at NHS Grampian, where we were shown tumors that were practically invisible to the human eye. But, depending on their type, they can grow and spread rapidly. Barbara was one of the 11 patients whose cancer was flagged by Mia but had not been spotted on her scan when it was studied by the hospital radiologists. Because her 6mm tumor was caught so early she had an operation but only needed five days of radiotherapy. Breast cancer patients with tumors which are smaller than 15mm when discovered have a 90% survival rate over the following five years. Barbara said she was pleased the treatment was much less invasive than that of her sister and mother, who had previously also battled the disease. Without the AI tool's assistance, Barbara's cancer would potentially not have been spotted until her next routine mammogram three years later. She had not experienced any noticeable symptoms. "These results are encouraging and help to highlight the exciting potential AI presents for diagnostics. There is no question that real-life clinical radiologists are essential and irreplaceable, but a clinical radiologist using insights from validated AI tools will increasingly be a formidable force in patient care." said Dr Katharine Halliday, President of the Royal College of Radiologists.

Read more of this story at Slashdot.

World's First Nuclear Fusion-Powered Electric Propulsion Drive Unveiled

Sat, 23/03/2024 - 3:30am
An anonymous reader quotes a report from InterestingEngineering: A concept that began as a doodle at a conference years ago is now becoming a reality. RocketStar Inc. has showcased (PDF) its advanced nuclear-based propulsion technology called the FireStar Drive. It is said to be the world's first electric device for spacecraft propulsion boosted by nuclear fusion. Recently, the company announced the successful initial demonstration of this electric propulsion technology. The FireStar Drive harnesses the power of nuclear fusion to improve the performance of RocketStar's "water-fueled pulsed plasma thruster." A spacecraft's thrusters perform various functions, including propulsion, orbital changes, and even docking with other orbiting platforms. Moreover, the device employs a unique sort of aneutronic nuclear fusion, which is a fusion reaction that generates few to no neutrons as a byproduct. "The base thruster generates high-speed protons through the ionization of water vapor," noted the press release. Therefore, these protons collide with the nucleus of a boron atom, which starts the fusion reaction. The FireStar Drive begins a fusion process by adding boron into the thruster exhaust, resulting in high-energy particles that increase thrust. RocketStar's current thruster is dubbed M1.5. Plans to test the FireStar Drive are now ongoing. The in-space technological demonstration will take place aboard D-Orbit's patented OTV ION Satellite Carrier. The SpaceX Transporter rideshare mission will likely launch the demo test in July and October 2024. Furthermore, the team plans to undertake ground tests this year, with more in-space demonstrations scheduled for February 2025. The FireStar Drive will undergo testing as a payload aboard Rogue Space System's Barry-2 spacecraft in the same month. The thruster M1.5 is already ready for delivery to clients.

Read more of this story at Slashdot.

New 'GoFetch' Apple CPU Attack Exposes Crypto Keys

Sat, 23/03/2024 - 2:02am
"There is a new side channel attack against Apple 'M' series CPUs that does not appear to be fixable without a major performance hit," writes Slashdot reader EncryptedSoldier. SecurityWeek reports: A team of researchers representing several universities in the United States has disclosed the details of a new side-channel attack method that can be used to extract secret encryption keys from systems powered by Apple CPUs. The attack method, dubbed GoFetch, has been described as a microarchitectural side-channel attack that allows the extraction of secret keys from constant-time cryptographic implementations. These types of attacks require local access to the targeted system. The attack targets a hardware optimization named data memory-dependent prefetcher (DMP), which attempts to prefetch addresses found in the contents of program memory to improve performance. The researchers have found a way to use specially crafted cryptographic operation inputs that allow them to infer secret keys, guessing them bits at a time by monitoring the behavior of the DMP. They managed to demonstrate end-to-end key extraction attacks against several crypto implementations, including OpenSSL Diffie-Hellman Key Exchange, Go RSA, and the post-quantum CRYSTALS-Kyber and CRYSTALS-Dilithium. The researchers have conducted successful GoFetch attacks against systems powered by Apple M1 processors, and they have found evidence that the attack could also work against M2 and M3 processors. They have also tested an Intel processor that uses DMP, but found that it's 'more robust' against such attacks. The experts said Apple is investigating the issue, but fully addressing it does not seem trivial. The researchers have proposed several countermeasures, but they involve hardware changes that are not easy to implement or mitigations that can have a significant impact on performance. Apple told SecurityWeek that it thanks the researchers for their collaboration as this work advances the company's understanding of these types of threats. The tech giant also shared a link to a developer page that outlines one of the mitigations mentioned by the researchers. The researchers have published a paper (PDF) detailing their work. Ars Technica's Dan Goodin also reported on the vulnerability.

Read more of this story at Slashdot.