AI

FTC Is Reviewing Competition in AI (bloomberg.com) 13

The US Federal Trade Commission is paying close attention to developments in artificial intelligence to ensure the field isn't dominated by the major tech platforms, Chair Lina Khan said Monday. From a report: "As you have machine learning that depends on huge amounts of data and also a huge amount of storage, we need to be very vigilant to make sure that this is not just another site for big companies to become bigger," Khan said at an event hosted by the Justice Department in Washington. Khan said companies offering AI tools need to make sure they are not "overselling or overstating" what their products can do. "Sometimes we see claims that are not fully vetted or not really reflecting how these technologies work," Khan said, noting recent guidance from the agency on AI-enabled products. "Developers of these tools can potentially be liable if technologies they are creating are effectively designed to deceive."
Hardware

Arduino Announces 'UNO R4' with Clock Speed/Memory/Storage Upgrades, 32-bit ARM Cortex-M4 (arduino.cc) 70

Saturday Arduino announced "a new, revolutionary revision of the iconic UNO board," promising "a long-awaited update on performance and possibilities." The Arduino UNO R4 indeed preserves the well-known features of the UNO family — standard form factor, shield compatibility, 5V operating voltage, outstanding robustness — while offering no less than a 32-bit Cortex-M4 and a 3-to-16x increase in clock speed, memory and flash storage....

The UNO R4 will come in two versions — UNO R4 WiFi and UNO R4 Minima — offering unprecedented performance and possibilities for the maker community. The WiFi version comes with an Espressif S3 WiFi module, expanding creative opportunities for makers, educators, and hobbyists alike; while the UNO R4 Minima provides a cost-effective option for those seeking the new microcontroller without additional features....

SRAM went from 2kB to 32kB, and flash memory went from 32kB to 256kB to accommodate more complex projects. In addition, following the requests from the community, the USB port was upgraded to the USB-C and maximum power supply voltage was increased to 24V with an improved thermal design. The board provides a CAN bus, which allows users to minimize wiring and execute different tasks in parallel by connecting multiple shields. Finally, the new board includes a 12-bit analog DAC.

All in all, Arduino UNO R4 is the answer to the requests for improvement and updates the developer and maker community has been advancing, making it easier than ever to get started with Arduino.... On the software side, a big effort is being made to maximize retrocompatibility of the most popular Arduino libraries so that users will be able to rely on existing code examples and tutorials.

The Courts

Google Defends Auto-Deletion of Chats After US Alleged It Destroyed Evidence (arstechnica.com) 81

Google defended its use of "history-off chats" for many internal communications, denying the US government's allegation that it intentionally destroyed evidence needed in an antitrust case. The history-off setting causes messages to be automatically deleted within 24 hours. Ars Technica reports: The US government and 21 states last month asked a court to sanction Google for allegedly using the auto-delete function on chats to destroy evidence and accused Google of falsely telling the government that it suspended its auto-deletion practices on chats subject to a legal hold. Google opposed the motion for sanctions on Friday in a filing (PDF) in US District Court for the District of Columbia. Google said it uses a "tiered approach" for preserving chats. "When there is litigation, Google instructs employees on legal hold not to use messaging apps like Google Chat to discuss the subjects at issue in the litigation and, if they must, to switch their settings to 'history on' for chats regarding the subjects at issue in the litigation, so that any such messages are preserved," the Google filing said.

Google said the government plaintiffs "contend that the Federal Rules specifically mandate that Google should have applied a forced history on setting for all custodians for all chats created while the custodian was on legal hold, regardless of the possible relevance of the message to the litigation." But federal rules only require "reasonable steps to preserve" information, Google pointed out. "Google's vast preservation efforts here -- and specifically its methodology with respect to history-off chats -- were 'reasonable steps' under the Rule," Google argued. Google said the US and state attorneys general "have not been denied access to material information needed to prosecute these cases and they have offered no evidence that Google intentionally destroyed such evidence." Google also argued that the objections came too late, alleging that the government knew before litigation began "that there was a subset of chats not automatically retained." "Plaintiffs' motions are barred at the outset because they were on notice of Google's approach to chats for years, yet did not object until well after the close of discovery. Those tactics should not be countenanced," Google told the court.

Google said its November 2019 disclosures in an ESI (Electronically Stored Information) questionnaire "show that the distinction between 'on-the-record' and other chats was apparent to anyone who wanted to pursue the matter from the outset of DOJ's investigation. For instance, the ESI Questionnaire response specifies that chat 'messages are generally retained for a period of 30 days if they have been marked on-the-record, and potentially longer if on-the-record messages are on legal hold.'" Google also said, "it is no secret how Google's Chat product operates" because it's a publicly available product and the Google Chat website explains the history-off feature. The Justice Department's motion last month said things happened very differently. "Google systematically destroyed an entire category of written communications every 24 hours" for nearly four years, the government motion said, continuing [...].

AI

Nvidia DGX Cloud: Train Your Own ChatGPT in a Web Browser For $37K a Month 22

An anonymous reader writes: Last week, we learned that Microsoft spent hundreds of millions of dollars to buy tens of thousands of Nvidia A100 graphics chips so that partner OpenAI could train the large language models (LLMs) behind Bing's AI chatbot and ChatGPT.

Don't have access to all that capital or space for all that hardware for your own LLM project? Nvidia's DGX Cloud is an attempt to sell remote web access to the very same thing. Announced today at the company's 2023 GPU Technology Conference, the service rents virtual versions of its DGX Server boxes, each containing eight Nvidia H100 or A100 GPUs and 640GB of memory. The service includes interconnects that scale up to the neighborhood of 32,000 GPUs, storage, software, and "direct access to Nvidia AI experts who optimize your code," starting at $36,999 a month for the A100 tier.

Meanwhile, a physical DGX Server box can cost upwards of $200,000 for the same hardware if you're buying it outright, and that doesn't count the efforts companies like Microsoft say they made to build working data centers around the technology.
Data Storage

HDD Average Life Span Misses 3-Year Mark In Study of 2,007 Defective Drives (arstechnica.com) 64

An anonymous reader quotes a report from Ars Technica: An analysis of 2,007 damaged or defective hard disk drives (HDDs) has led a data recovery firm to conclude that "in general, old drives seem more durable and resilient than new drives." The statement comes from a Los Angeles-headquartered HDD, SSD, and RAID data recovery firm aptly named Secure Data Recovery that has been in business since 2007 and claims to have resolved more than 100,000 cases. It studied the HDDs it received in 2022. "Most" of those drives were 40GB to 10TB, according to a blog post by Secure Data Recovery spotted by Blocks & Files on Thursday.

Secure Data Recovery's March 8 post broke down the HDDs it received by engineer-verified "power-on hours," or the total amount of time the drive was functional, starting from when its owner began using it and ending when the device arrived at Secure Data Recovery. The firm also determined the drives' current pending sector count, depicting "the number of damaged or unusable sectors the hard drive developed during routine read-and-write operations." The company's data doesn't include HDDs that endured non-predictable failures or damage by unexpected events, such as electrical surges, malware, natural disasters, and "accidental mishandling," the company said.

Among the sample, 936 drives are from Western Digital, 559 come from Seagate, 211 are Hitachi brand, 151 are Toshiba's, 123 are Samsung's, and there are 27 Maxtor drives. Notably, 74.5 percent of the HDDs came from either Western Digital or Seagate, which Secure Data Recovery noted accounted for 80 percent of hard drive shipments in 2021, citing Digital Storage Technology Newsletter data shared by Forbes. The average time before failure among the sample size was 2 years and 10 months, and the 2,007 defective HDDs had an average of 1,548 bad sectors. "While 1,548 bad sectors out of hundreds of millions or even billions of disk subdivisions might seem minuscule, the rate of development often increases, and the risk of data corruption multiplies," the blog said.
"We found that the five most durable and resilient hard drives from each manufacturer were made before 2015," says Secure Data Recovery. "On the other hand, most of the least durable and resilient hard drives from each manufacturer were made after 2015." One of the reasons for this may have to do with HDD manufacturers "pushing the performance envelope," adds Ars. "This includes size limits that cut 'allowance between moving parts, appearing to affect mechanical damage and wear resistance.'"

Secure Data Recovery also believes that shingled magnetic recording (SMR) impacts HDD reliability, as the disks place components under "more stress."

"What this study shows is not the average working life of a hard disk drive," notes Blacks & Files. "Instead it provides the average working life if a failed disk drive. Cloud storage provider Backblaze issues statistics about the working life of its disk drive fleet and its numbers are quite different." A recent report of theirs found that SSDs are more reliable than HDDs.
Data Storage

Zippyshare Quits After 17 Years, 45 Million Visits Per Month Makes No Money (torrentfreak.com) 81

After almost 17 years online, file-hosting veteran Zippyshare will shut down at the end of the month. TorrentFreak: Founded in 2006, Zippyshare was known for its free, no-nonsense, no-frills approach to storing files online. Having changed very little over the years, Zippyshare's operators say the platform is now a dinosaur that costs too much to run in a world where ad-blocking is widespread. Zippyshare said, "Since 2006 we have been on the market in an unchanged form, that is, as ad financed/free file hosting. However, you have been visiting in less and less over the years, as the arguably very simple formula of the services we offer is slowly running out of steam. I guess all the competing file storage service companies on the market look better, offer better performance and more features. No one needs a dinosaur like us anymore."
Linux

System76 Meerkat Mini-Linux PC - Now with Up to Intel Core i7-1260P (liliputing.com) 26

Liliputing.com has an update about the System76 Meerkat, which they describe as "a compact desktop computer with support for up to 64GB of RAM, up to two storage devices (for as much as 16TB of total storage), and up to an Intel Core i7 mobile processor. It's basically a rebranded Intel NUC." (Escept that System76 offers a choice of Pop!_OS or Ubuntu Linux pre-installed.)

"Previously available with a choice of 10th or 11th-gen Intel Core processor options, the Meerkat now also supports 12th-gen Intel chips." That means there are a total of 9 different processor options available. Prices start at $499 for an entry-level model with a Core i3-10110U processor, 8GB of RAM and a 128GB SSD. The prices rises by $50 if you want to go with a Core i3-1135G4 model, while prices start at $599 for a Meerkat mini PC with a 12th-gen Intel Core processor....

But the biggest difference is that Intel's 12th-gen processors introduce a hybrid architecture that pairs Performance and Efficiency cores, leading to much higher core counts for better multi-core performance.

Open Source

All-Open Source 7-Inch MNT Reform Pocket Laptop Ships In October (arstechnica.com) 36

An anonymous reader quotes a report from Ars Technica: The creators of the all-open source MNT Reform laptop are getting nearer to launching its handheld counterpart: The crowdfunding campaign for the 7-inch MNT Pocket Reform has officially launched and is also serving as a de-facto preorder system for the device. The cheapest version of the Pocket Reform starts at $899, and it's also being offered in purple for $969 or in a bundle with a 1TB SSD, carrying case, handbook, and poster for $1,299. All versions are currently slated to ship in mid-October.

Like the full-size Reform, the pocket version uses open source hardware and a mechanical keyboard (buyers can choose either white or red Kalih switches). But the pocket version uses a 7-inch 1920x1200 LCD screen instead of a 12.5-inch version and comes with fewer and smaller ports (two USB-C, one micro HDMI, a microSD port, and one ix industrial mini Ethernet port). Its keyboard also comes with an individually programmable RGB backlight, and its trackball-style pointing device has been downsized to fit into the smaller design. The Pocket Reform also includes built-in Wi-Fi and Bluetooth, 128GB of built-in eMMC storage, and an expansion slot for 4G cellular connectivity. The device will also boot from microSD cards or an NVMe SSD installed in the device's M.2 slot. Its 8000 mAh batteries will allow it to run for about four hours.
MNT warns in its blog post that "risks and challenges" could delay the October shipping timeline:

"Pocket Reform has hundreds of electronic components. We tried to pick them so that there will be enough stock when we get around to manufacturing the boards, but it's always possible that there could be a sudden component shortage or increase in price. If that should happen, we would have to re-engineer the affected PCB and exchange the part, causing a delay in continued production. We had to adapt our products several times during the global chip crisis, so we are confident that we'll be able to work around any difficulties. Should any situation arise that would delay the estimated shipping timeline, backers will be informed promptly via project updates."
Google

Google To Reportedly Launch Foldable Phone in June (theverge.com) 43

An anonymous reader shares a report: The Google Pixel Fold could be available as soon as the second week in June, according to WinFuture's Roland Quandt. The reliable leaker tweeted on Tuesday that the phone will come with 256GB base storage and that you'll be able to get it in either a black / dark gray color or white. The foldable has been rumored for a long time, and there have been whispers that it would be announced sometime in the next few months. However, a January report from The Elec threw some cold water on that idea, saying that the screen wasn't even set to go into production until July or August.
Google

Google Is Rolling Out More AI Features for Customers on the Cloud (bloomberg.com) 6

Google announced a raft of new artificial intelligence-powered features for customers of its cloud-computing business, as the technology giant jostles for dominance in the burgeoning field with rivals such as Microsoft and startup OpenAI. From a report: As Silicon Valley buzzes about so-called generative AI -- software that can create images, text and video based on user prompts -- Google Cloud offered a glimpse of what it's doing to keep up in the race. In a demonstration, the company showed how cloud customers will be able to use its AI tools to create presentations and sales-training documents, take notes during meetings and draft emails to colleagues. The company also made some of its underlying AI models available to developers so they can build their own applications using Google's technology.

Alphabet-owned Google also said Tuesday it had signed up a flurry of AI startups as customers for its cloud service, including Midjourney, which offers an image-generation system, and AI21, which specializes in technology known as large language models. Google is offering young AI-focused businesses $250,000 in free use of its cloud -- which provides computing horsepower and storage -- for the first year, which the company said is 2 1/2 times what it typically offers. "We believe in having a broad, vibrant partner ecosystem for AI," Thomas Kurian, chief executive officer of Google Cloud, said in an interview.

Cloud

US Plans More Regulations to Improve Cloud Security (politico.com) 12

Politico reports: Governments and businesses have spent two decades rushing to the cloud — trusting some of their most sensitive data to tech giants that promised near-limitless storage, powerful software and the knowhow to keep it safe.

Now the White House worries that the cloud is becoming a huge security vulnerability.

So it's embarking on the nation's first comprehensive plan to regulate the security practices of cloud providers like Amazon, Microsoft, Google and Oracle, whose servers provide data storage and computing power for customers ranging from mom-and-pop businesses to the Pentagon and CIA.... Among other steps, the Biden administration recently said it will require cloud providers to verify the identity of their users to prevent foreign hackers from renting space on U.S. cloud servers (implementing an idea first introduced in a Trump administration executive order). And last week the administration warned in its national cybersecurity strategy that more cloud regulations are coming — saying it plans to identify and close regulatory gaps over the industry....

So far, cloud providers have haven't done enough to prevent criminal and nation-state hackers from abusing their services to stage attacks within the U.S., officials argued, pointing in particular to the 2020 SolarWinds espionage campaign, in which Russian spooks avoided detection in part by renting servers from Amazon and GoDaddy. For months, they used those to slip unnoticed into at least nine federal agencies and 100 companies. That risk is only growing, said Rob Knake, the deputy national cyber director for strategy and budget. Foreign hackers have become more adept at "spinning up and rapidly spinning down" new servers, he said — in effect, moving so quickly from one rented service to the next that new leads dry up for U.S. law enforcement faster than it can trace them down.

On top of that, U.S. officials express significant frustration that cloud providers often up-charge customers to add security protections — both taking advantage of the need for such measures and leaving a security hole when companies decide not to spend the extra money. That practice complicated the federal investigations into the SolarWinds attack, because the agencies that fell victim to the Russian hacking campaign had not paid extra for Microsoft's enhanced data-logging features.... Part of what makes that difficult is that neither the government nor companies using cloud providers fully know what security protections cloud providers have in place. In a study last month on the U.S. financial sector's use of cloud services, the Treasury Department found that cloud companies provided "insufficient transparency to support due diligence and monitoring" and U.S. banks could not "fully understand the risks associated with cloud services."

Earth

Scientists Propose Turning Carbon Pollution Into Baking Soda and Storing it In Oceans (cnn.com) 107

Slashdot reader beforewisdom shared this report from CNN: Scientists have set out a way to suck planet-heating carbon pollution from the air, turn it into sodium bicarbonate and store it in oceans, according to a new paper. The technique could be up to three times more efficient than current carbon capture technology, say the authors of the study, published Wednesday in the journal Science Advances....

The team have used copper to modify the absorbent material used in direct air capture. The result is an absorbent "which can remove CO2 from the atmosphere at ultra-dilute concentration at a capacity which is two to three times greater than existing absorbents," Arup SenGupta, a professor at Lehigh University and a study author, told CNN. This material can be produced easily and cheaply and would help drive down the costs of direct air capture, he added. Once the carbon dioxide is captured, it can then be turned into sodium bicarbonate — baking soda — using seawater and released into the ocean at a small concentration.

The oceans "are infinite sinks," SenGupta said. "If you put all the CO2 from the atmosphere, emitted every day — or every year — into the ocean, the increase in concentration would be very, very minor," he said. SenGupta's idea is that direct air capture plants can be located offshore, giving them access to abundant amounts of seawater for the process.

Stuart Haszeldine, professor of carbon capture and storage at the University of Edinburgh, who was not involved in the study, told CNN that the chemistry was "novel and elegant." The process is a modification of one we already know, he said, "which is easier to understand, scale-up and develop than something totally new."

Data Storage

Backblaze Finds SSDs Are More Reliable Than HDDs 51

williamyf writes: The fine folks at Backblaze have published their first ever report that includes their SSD fleet. To the surprise of no one, SSDs are more more reliable (0.98% AFR) than HDDs (1.64% AFR). The surprising thing thing was how small the difference is (0.66% AFR).

A TL;DR article by well regarded storage reporter Chris Mellor is here. Also worthy of note: S.M.A.R.T. attribute usage among SSD makers is neither standardized, nor very smart:

"Klein notes that the SMART (Self-Monitoring, Analysis, and Reporting Technology) used for drive state reporting is applied inconsistently by manufacturers. "Terms like wear leveling, endurance, lifetime used, life used, LBAs [Logical Block Address] written, LBAs read, and so on are used inconsistently between manufacturers, often using different SMART attributes, and sometimes they are not recorded at all."

That means you can't use such SMART statistics to make valid comparisons between the drives. "Come on, manufacturers. Standardize your SMART numbers."
Earth

Denmark Inaugurates World's First Cross-Border CO2 Storage Site (euractiv.com) 29

New submitter sonlas writes: Denmark is inaugurating Project Greensand, the first cross-border CO2 storage site, shipping CO2 from Belgium to store it into a depleted oil field under the Danish North Sea. "With the first injection taking place on Wednesday, the project aims to safely and permanently store up to eight million tons of CO2 every year by 2030, the equivalent of 40% of Denmark's emission reduction target and over 10% of the country's annual emissions," reports Euractiv. However, this is to be put in perspective with global CO2 emissions, which reached a new high of more than 36.8 billions tons in 2022.

A report by Rystad Energy shows that if investments were to quadruple, we should be able to capture 150 million of tons of CO2 per year by 2025, still a drop of water in, or under, the ocean. Furthermore, the whole process of sequestering CO2 underground emits itself ~21% of the amount of CO2 stored, as shown in a study by Australian think tank IEEFA.

IT

Raspberry Pi Lets You Have Your Own Global Shutter Camera For $50 (engadget.com) 41

Global shutter sensors with no skew or distortion have been promised as the future of cameras for years now, but so far only a handful of products with that tech have made it to market. Now, Raspberry Pi is offering a 1.6-megapixel global shutter camera module to hobbyists for $50, providing a platform for machine vision, hobbyist shooting and more. From a report: The Raspberry Pi Global Shutter Camera uses a 6.3mm Sony IMX296 sensor, and requires a Raspberry Pi board with a CSI camera connector. Like other global shutter sensors, it works by pairing each pixel with an analog storage element, so that light signals can be captured and stored by all pixels simultaneously. By comparison, regular CMOS sensors read and store the light captured by pixels from top to bottom and left to right. That can cause diagonal skew on fast moving subjects, or very weird distortion on rotating objects like propellers.
Power

Geothermal Startup Shows Its Wells Can Be Used Like a Giant Underground Battery 66

James Temple reports via MIT Technology Review: In late January, a geothermal power startup began conducting an experiment deep below the desert floor of northern Nevada. It pumped water thousands of feet underground and then held it there, watching for what would happen. Geothermal power plants work by circulating water through hot rock deep beneath the surface. In most modern plants, it resurfaces at a well head, where it's hot enough to convert refrigerants or other fluids into vapor that cranks a turbine, generating electricity. But Houston-based Fervo Energy is testing out a new spin on the standard approach -- and on that day, its engineers and executives were simply interested in generating data.

The readings from gauges planted throughout the company's twin wells showed that pressure quickly began to build, as water that had nowhere else to go actually flexed the rock itself. When they finally released the valve, the output of water surged and it continued pumping out at higher-than-normal levels for hours. The results from the initial experiments -- which MIT Technology Review is reporting exclusively -- suggest Fervo can create flexible geothermal power plants, capable of ramping electricity output up or down as needed. Potentially more important, the system can store up energy for hours or even days and deliver it back over similar periods, effectively acting as a giant and very long-lasting battery. That means the plants could shut down production when solar and wind farms are cranking, and provide a rich stream of clean electricity when those sources flag.

There are remaining questions about how well, affordably, and safely this will work on larger scales. But if Fervo can build commercial plants with this added functionality, it will fill a critical gap in today's grids, making it cheaper and easier to eliminate greenhouse-gas emissions from electricity systems. "We know that just generating and selling traditional geothermal is incredibly valuable to the grid," says Tim Latimer, chief executive and cofounder of Fervo. "But as time goes on, our ability to be responsive, and ramp up and down and do energy storage, is going to increase in value even more."
Data Storage

Florida Startup Moves Closer to Building Data Centers on the Moon (gizmodo.com) 133

Unprecedented access to space is leading to all sorts of cool new ideas, including the prospect of storing data on the lunar surface. Cloud computing startup Lonestar Data Holdings announced the results of its latest funding round, taking it one step closer to this very goal. Gizmodo reports: The Florida-based company raised $5 million in seed funding to establish lunar data centers, Lonestar announced in a press release on Monday. Lonestar wants to build a series of data centers on the Moon and establish a viable platform for data storage and edge processing (i.e. the practice of processing data near the source, as a means to reduce latency and improve bandwidth) on the lunar surface. "Data is the greatest currency created by the human race," Chris Stott, founder of Lonestar, said in an April 2022 statement. "We are dependent upon it for nearly everything we do and it is too important to us as a species to store in Earth's ever more fragile biosphere. Earth's largest satellite, our Moon, represents the ideal place to safely store our future."

In December 2021, Lonestar successfully ran a test of its data center on board the International Space Station. The company is now ready to launch a small data center box to the lunar surface later this year as part of Intuitive Machines's second lunar mission, IM-2 (the company's first mission, IM-1, is expected to launch in June). Intuitive Machines is receiving funding from NASA's Commercial Lunar Payload Services program for delivering research projects to the Moon as part of the space agency's Artemis program. The lunar data centers will initially be geared towards remote data storage and disaster recovery, allowing companies to back up their data and store it on the Moon. In addition, the data centers could assist with both commercial and private ventures to the lunar environment.

The miniature data center weighs about 2 pounds (1 kilogram) and has a capacity of 16 terabytes, Stott told SpaceNews. He said the first data center will draw power and communications from the lander, but the ones that will follow (pending its success) will be standalone data centers that the company hopes to deploy on the lunar surface by 2026. The test is only supposed to last for the duration of the IM-2 mission, which is expected to be around 11-14 days, an Intuitive Machines spokesperson told SpaceNews.

Twitter

The US Can Stop Twitter From Releasing Details In Spy Report (bloomberg.com) 28

An anonymous reader quotes a report from Bloomberg: The US can stop Twitter from releasing details about the government's demands for user information in national security investigations, a court ruled (PDF), in the same week House Republicans are to grill national security officials over surveillance. Twitter had protested the government's redactions to a 2014 "transparency report" that featured a numerical breakdown of national security-related data requests from the previous year. The US appeals court in San Francisco on Monday agreed with a lower-court judge that the Justice Department had shown a "compelling" interest in keeping that information secret. Based on classified and unclassified declarations provided by government officials, the court was "able to appreciate why Twitter's proposed disclosure would risk making our foreign adversaries aware of what is being surveilled and what is not being surveilled -- if anything at all," US Circuit Judge Daniel Bress wrote for the three-judge panel.

Although the case is almost a decade old, the ruling comes just as lawmakers and US national security agencies gear up for a bruising fight over making changes to a key surveillance program. Section 702 of the Foreign Intelligence Surveillance Act, described by intelligence officials as a key authority, expires on Dec. 31 unless Congress votes to renew it. US agencies use the authority to compel internet and technology companies to turn over information about suspected foreign terrorists and spies. Changes to Section 702 could include altering what companies like Twitter are required to do in response to government demands.
"The case at issue in Monday's decision involved efforts by Twitter to share information about two types of federal law enforcement demands on the social media company: 'national security letters' for subscriber information, which would cover metadata but not the substance of any electronic communications, and orders under FISA, which could include content," adds Bloomberg.

Judge Daniel Bress wrote: "The government may not fend off every First Amendment challenge by invoking national security. But we must apply the First Amendment with due regard for the government's compelling interest in securing the safety of our country and its people."
Security

Unkillable UEFI Malware Bypassing Secure Boot Enabled By Unpatchable Windows Flaw (arstechnica.com) 115

Researchers have announced a major cybersecurity find -- the world's first-known instance of real-world malware that can hijack a computer's boot process even when Secure Boot and other advanced protections are enabled and running on fully updated versions of Windows. From a report: Dubbed BlackLotus, the malware is what's known as a UEFI bootkit. These sophisticated pieces of malware hijack the UEFI -- short for Unified Extensible Firmware Interface -- the low-level and complex chain of firmware responsible for booting up virtually every modern computer. As the mechanism that bridges a PC's device firmware with its operating system, the UEFI is an OS in its own right. It's located in an SPI-connected flash storage chip soldered onto the computer motherboard, making it difficult to inspect or patch. Because the UEFI is the first thing to run when a computer is turned on, it influences the OS, security apps, and all other software that follows. These traits make the UEFI the perfect place to run malware. When successful, UEFI bootkits disable OS security mechanisms and ensure that a computer remains infected with stealthy malware that runs at the kernel mode or user mode, even after the operating system is reinstalled or a hard drive is replaced.

As appealing as it is to threat actors to install nearly invisible and unremovable malware that has kernel-level access, there are a few formidable hurdles standing in their way. One is the requirement that they first hack the device and gain administrator system rights, either by exploiting one or more vulnerabilities in the OS or apps or by tricking a user into installing trojanized software. Only after this high bar is cleared can the threat actor attempt an installation of the bootkit. The second thing standing in the way of UEFI attacks is UEFI Secure Boot, an industry-wide standard that uses cryptographic signatures to ensure that each piece of software used during startup is trusted by a computer's manufacturer. Secure Boot is designed to create a chain of trust that will prevent attackers from replacing the intended bootup firmware with malicious firmware. If a single firmware link in that chain isn't recognized, Secure Boot will prevent the device from starting.

Books

Neal Stephenson Celebrates 'Snow Crash' 30th Anniversary by Auctioning Sword with NFT, Manuscripts (forbes.com) 26

The auction house Sotheby's is celebrating the 30th anniversary of Neal Stephenson's Snow Crash in a big way, reports Forbes. Stephenson teamed with special effects and prop company Weta Workshop to create "a bespoke piece, a cultural and historical artifact, stemming from the unique mythology of his new and coming Snow Crash universe." "The sword took us a year to create and is one of the finest pieces of craftsmanship WETA has created," said Sir Richard Taylor, founder of WETA workshop. "The whole collection is then housed in a crate from a fictitious gaming company that in theory has owned this sword that has now come up for auction. It is an insane, inworld fusion of ancient craft with the digital age." Taylor adds that "the swords Tansu storage case itself is an, automated, internally driven, magnetically activated, very unique box, with hidden compartments, secret items, coded messages and other inworld special nods to the world Neal authored."

This auction will not only celebrate Stephenson's legacy and the lore of Snow Crash but could also serve as a springboard to expand the Snow Crash universe further. [Taylor adds that Stephenson is exploring "future transmedia developments".] For Taylor, they are at the cusp of creating a body of creative work that blurs the line between the physical and the digital, which we have been affectionately calling 'Masterworks for the Metaverse'.

The sword will, of course, have its own unique NFT "capturing every detail of its physical twin," and someone's already bid $60,000 for it.

Also up for auction are two original manuscripts for Snow Crash and the painting used as the original edition's cover art — but also two forgotten artifacts from the book's afterlife:
  • "The leather jacket meant to be worn by Y.T. in the original graphic novel concept for Snow Crash, featuring the 'Elmo' logo used by her group, the "Dioxin Posse," ca. 1989."

Slashdot Top Deals