Google Launches Advanced API Security To Protect APIs From Growing Threats

Google today announced a preview of Advanced API Security, a new product headed to Google Cloud that’s designed to detect security threats as they relate to APIs. TechCrunch reports: Built on Apigee, Google’s platform for API management, the company says that customers can request access starting today. Short for “application programming interface,” APIs are documented connections between computers or between computer programs. API usage is on the rise, with one survey finding that more than 61.6% of developers relied on APIs more in 2021 than in 2020. But they’re also increasingly becoming the target of attacks. According to a 2018 report commissioned by cybersecurity vendor Imperva, two-thirds of organizations are exposing unsecured APIs to the public and partners.

Advanced API Security specializes in two tasks: identifying API misconfigurations and detecting bots. The service regularly assesses managed APIs and provides recommended actions when it detects configuration issues, and it uses preconfigured rules to provide a way to identify malicious bots within API traffic. Each rule represents a different type of unusual traffic from a single IP address; if an API traffic pattern meets any of the rules, Advanced API Security reports it as a bot. […] With the launch of Advanced API Security, Google is evidently seeking to bolster its security offerings under Apigee, which it acquired in 2016 for over half a billion dollars. But the company is also responding to increased competition in the API security segment. “Misconfigured APIs are one of the leading reasons for API security incidents. While identifying and resolving API misconfigurations is a top priority for many organizations, the configuration management process is time consuming and requires considerable resources,” Vikas Ananda, head of product at Google Cloud, said in a blog post shared with TechCrunch ahead of the announcement. “Advanced API Security makes it easier for API teams to identify API proxies that do not conform to security standards… Additionally, Advanced API Security speeds up the process of identifying data breaches by identifying bots that successfully resulted in the HTTP 200 OK success status response code.”

Read more of this story at Slashdot.

MIT Engineers Design Engine That Converts Heat To Electricity With Over 40% Efficiency

Engineers at MIT and the National Renewable Energy Laboratory (NREL) have designed a heat engine with no moving parts. It converts heat to electricity with over 40% efficiency — making it more efficient than steam turbines, the industrial standard. MIT Technology Review reports: The invention is a thermophotovoltaic (TPV) cell, similar to a solar panel’s photovoltaic cells, that passively captures high-energy photons from a white-hot heat source. It can generate electricity from sources that reach 1,900 to 2,400C — too hot for turbines, with their moving parts. The previous record efficiency for a TPV cell was 32%, but the team improved this performance by using materials that are able to convert higher-temperature, higher-energy photons. The researchers plan to incorporate the TPV cells into a grid-scale thermal battery. The system would absorb excess energy from renewable sources such as the sun and store that energy in heavily insulated banks of hot graphite. Cells would convert the heat into electricity and dispatch it to a power grid when needed.

The researchers have now successfully demonstrated the main parts of the system in small-scale experiments; the experimental TPV cells are about a centimeter square. They are working to integrate the parts to demonstrate a fully operational system. From there, they hope to scale up the system to replace fossil-fuel plants on the power grid. Coauthor Asegun Henry, a professor of mechanical engineering, envisions TPV cells about 10,000 feet square and operating in climate-controlled warehouses to draw power from huge banks of stored solar energy.

Read more of this story at Slashdot.

Extreme Temperatures In Major Latin American Cities Could Be Linked To Nearly 1 Million Deaths

Rodrigo Perez Ortega writes via Science Magazine: With climate change, heat waves and cold fronts are worsening and taking lives worldwide: about 5 million in the past 20 years, according to at least one study. In a new study published today in Nature Medicine, an international team of researchers estimates that almost 900,000 deaths in the years between 2002 and 2015 could be attributable to extreme temperatures alone in major Latin American cities. This is the most detailed estimate in Latin America, and the first ever for some cities.

To estimate how many people died from intense heat or cold, researchers with the Urban Health in Latin America project — which studies how urban environments and policies impact the health of city residents in Latin America — looked at mortality data between 2002 and 2015 from registries of 326 cities with more than 100,000 residents, in nine countries throughout Latin America. They calculated the average daily temperatures and estimated the temperature range for each city from a public data set of atmospheric conditions. If a death occurred either on the 18 hottest or the 18 coldest days that each city experienced in a typical year, they linked it to extreme temperatures. Using a statistical model, the researchers compared the risk of dying on very hot and cold days, and this risk with the risk of dying on temperate days. They found that in Latin American metropolises, nearly 6% — almost 1 million — of all deaths between those years happened on days of extreme heat and cold. They also created an interactive map with the data for individual cities.

When the team analyzed the specific cause of these deaths in the registries, they found — consistent with previous studies — that extreme temperatures are often linked to deaths from cardiovascular and respiratory diseases. Extreme heat makes the heart pump more blood and causes dehydration and pulmonary stress. Extreme cold, on the other hand, can make the heart pump less blood and cause hypotension and, in some cases, organ failure. The team also found older adults are especially vulnerable to extreme temperatures, with 7.5% of deaths among them correlated to extreme heat and cold during the study period. Although the numbers varied from year to year, in 2015, for instance, more than 16,000 deaths — out of nearly 855,000 — among people ages 65 or older were attributable to extreme temperatures. Latin America’s aging population is projected to rise more quickly than other parts of the world — from 9% in 2020 to 19% in 2050, by some estimates (PDF). […] Although deaths on extremely cold days — about 785,000 — were much higher than those on extremely hot days — about 103,000 — overall there were more days with intense cold, which could explain this difference. But for some cities, such as Buenos Aires, Rio de Janeiro, and Merida, heat is more deadly than cold: The researchers estimated that on very hot days, the chance of dying increases by 5.7% for every 1C increase in temperature.

Read more of this story at Slashdot.

California’s Attempt To Protect Kids Online Could End Adults’ Internet Anonymity

Thomas Claburn writes via The Register: California lawmakers met in Sacramento today to discuss, among other things, proposed legislation to protect children online. The bill, AB2273, known as The California Age-Appropriate Design Code Act, would require websites to verify the ages of visitors. Critics of the legislation contend this requirement threatens the privacy of adults and the ability to use the internet anonymously, in California and likely elsewhere, because of the role the Golden State’s tech companies play on the internet.

“First, the bill pretextually claims to protect children, but it will change the Internet for everyone,” said Eric Goldman, Santa Clara University School of Law professor, in a blog post. “In order to determine who is a child, websites and apps will have to authenticate the age of ALL consumers before they can use the service. No one wants this.” The bill, Goldman argues, will put an end to casual web browsing, forcing companies to collect personal information they don’t want to store and protect — and that consumers don’t want to provide — in order to authenticate the age of visitors. And since age authentication generally requires identity details, that threatens the ability to use the internet anonymously.

Goldman also objects to this American state-level bill being modeled after the UK’s Age-Appropriate Design Code (AADC) because European law makes compliance a matter of engagement and dialogue with regulators, in contrast to the US rules-based approach that allows more certainty about what is or not allowed. Furthermore, he contends that the scope of the bill reaches beyond children’s privacy and implicates consumer protection and content moderation. He thus considers the bill “a trojan horse for comprehensive regulation of Internet services” and would turn the California Privacy Protection Agency (CPPA) into a general internet regulation agency.

Read more of this story at Slashdot.

TSMC May Surpass Intel In Quarterly Revenue For First Time

Wall Street analysts estimate TSMC will grow second-quarter revenue 43 percent quarter-over-quarter to $18.1 billion. Intel, on the other hand, is expected to see sales decline 2 percent sequentially to $17.98 billion in the same period, according to estimates collected by Yahoo Finance. The Register reports: The potential for TSMC to surpass Intel in quarterly revenue is indicative of how demand has grown for contract chip manufacturing, fueled by companies like Qualcomm, Nvidia, AMD, and Apple who design their own chips and outsource manufacturing to foundries like TSMC. This trend has created a quandary for Intel. The semiconductor giant has traditionally manufactured the chips it designs as part of its integrated device manufacturing model but the company is now increasingly reliant on TSMC and other foundries for certain components, while expanding its own manufacturing capacity in the West.

The kicker is that Intel plans to use this increased capacity to produce more of its own chips while also supporting its revitalized foundry business, which hopes to take business from TSMC and South Korea’s Samsung, the industry’s other leading-edge chipmaker, in the future. This new strategy by Intel is called IDM 2.0, and it means the chipmaker will have to juggle two somewhat conflicting objectives:

– taking foundry market share away from TSMC and Samsung by convincing various fabless chip designers to use its plants;

– and using leading-edge nodes from TSMC and Samsung for certain components to compete with fabless companies like AMD and Nvidia. “Samsung has already surpassed Intel as the largest semiconductor company by revenue, so TSMC potentially growing larger than the x86 giant further underscores the tentative position Intel is in,” concludes the report.

Read more of this story at Slashdot.