How a Tiny Radioactive Capsule Was Found In Western Australia

A radioactive capsule that was reported lost in Western Australia on January 25 has been found. The BBC reports: On 25 January, when mining company Rio Tinto reported that one of their Caesium-137 radioactive capsules had gone missing, Western Australian authorities faced a seemingly impossible task. They had to locate a pea-sized capsule anywhere along a 1,400km (870 mile) route stretching from the Gudai-Darri mine in the north of the state to a depot just north of Perth’s city centre. Authorities sprung into action, mobilizing specialist search crews to look for the capsule, with firefighters among those asked to foray from their usual summer tasks. […] Before notifying the public to the threat, on 26 January, authorities began searching in Perth and around the mine site in Newman.

On January 27, an urgent health warning was issued to notify the public about the risk posed by the radioactive capsule. Health authorities had a simple message to anyone who may come across it: Stay away. “It emits both beta rays and gamma rays so if you have it close to you, you could either end up with skin damage including skin burns,” the state’s Chief Health Officer Andy Robertson warned. By January 27, search parties were in full force looking for the tiny capsule. But they were not scouting for it using their eyes – they were using portable radiation survey meters. The survey meters are designed to detect radioactivity within a 20m radius. Police focused their efforts on the GPS route the truck had taken, and on sites close to Perth’s metropolitan and high-density areas. One site along the Great Northern Highway was prioritized by police on 28 January after unusual activity on a Geiger counter – a device used for measuring radioactivity – was reported by a member of public. But that search did not uncover the capsule.

The next day, additional resources requested from Australia’s federal government had been approved and those overseeing the search began planning its next phase. With the new equipment in Western Australia and ready for use by 30 January, the search ramped up. An incident controller at the state’s emergency services department, Darryl Ray, described the new tools provided by the government only as “specialized radiation detection equipment.” Local media reported that radiation portal monitors and a gamma-ray spectrometer were among the new items being used by search crews. But by the end of 31 January, the capsule continued to evade search crews.

So the next morning, when the government revealed the capsule had been found just two meters off the side of the highway at 11:13 local time Wednesday, it seemed the all-but-impossible had been achieved. “You can only imagine it’s a pretty lonely stretch of road from Newman down to Perth,” Fire and Emergency Services Commissioner Darren Klemm said at a press conference on Wednesday. “You can’t help but imagine there was an element of surprise from the people in the car when the equipment did spike up.” While hesitant to give the exact location the radioactive capsule was found, Mr Klemm described it as “the best possible outcome.” Local media reports suggest it was found some 74km from Newman – so around 200km from the mine site. No one appeared to have been injured by the capsule, according to authorities, and it did not seem to have moved from where it fell. Mr Klemm said the additional resources from the federal government proved key to finding the capsule.

Read more of this story at Slashdot.

The Galaxy Book3 Ultra Is Samsung’s Shot At the MacBook Pro

At the Samsung Galaxy Unpacked 2023 event today, Samsung announced the Galaxy Book3 Ultra, a 16-inch workstation laptop with a 120Hz OLED screen, an H-Series Core i7 or Core i9, and an RTX 4050 or 4070 GPU. “Samsung makes a number of Galaxy Book models, but this is the first one of the past few years that has really targeted the deep-pocketed professional user — that is, the core audience for Apple’s high-powered and wildly expensive MacBook Pro 16,” reports The Verge. “It’ll start at $2,399.99 ($100 cheaper than the base MacBook Pro 16), with a release date still to be announced.” From the report: Like its siblings in the Galaxy Book3 line, a big draw of this workstation will be its screen. It’s got a 2880 x 1800 120Hz 16:10 OLED display (a welcome change from the 16:9 panels that adorned last year’s Galaxy Book2) rated for 400 nits of brightness […]. Elsewhere, using the device felt pretty similar to using any number of other Samsung Galaxy Books, with a satisfyingly clicky keyboard, a smooth finish, a high-quality build, and a compact chassis. The Ultra is 0.65 inches thick and 3.9 pounds, which is slightly thinner and close to a pound lighter than the 16-inch MacBook Pro that Apple just released […].

I was able to use a number of Samsung’s continuity features, including Second Screen (which allows you to easily use a Galaxy Tab as a second monitor) and Quick Share (which allows you to quickly transfer images and other files between Samsung devices). For Samsung enthusiasts, those seem like handy features that aren’t too much of a hassle to set up. The one feature I had issues with was the touchpad — it registered some of my two-finger clicks as one-finger clicks and wasn’t quite picking up all of my scrolls. The units in Samsung’s demo area were preproduction devices, so I hope this is a kink Samsung can iron out before the final release.

Unfortunately, we don’t yet know how it will stack up when it comes to battery life. The M2 generation of MacBooks is very strong on that front — and given that the Galaxy Book3 Ultra is running a high-resolution screen, a power-hungry H-series processor, and a very power-hungry RTX GPU, I’m a little bit nervous about that. If Samsung can pull off a device that lasts nearly as long as Apple’s do, given those factors, hats off to them. Further reading:
The Samsung Galaxy S23 Ultra Is a Minor Update To a Spec Monster
Samsung, Google and Qualcomm Team Up To Build a New Mixed-Reality Platform

Read more of this story at Slashdot.

Snap Hints At Future AR Glasses Powered By Generative AI

On Tuesday’s fourth-quarter earnings call, Snapchat maker Snap revealed that its future AR glasses will be powered by generative AI technology. TechCrunch reports: Social media company and Snapchat maker Snap has for years defined itself as a “camera company,” despite its failures to turn its photo-and-video recording glasses known as Spectacles into a mass-market product and, more recently, its decision to kill off its camera-equipped drone. […] Snap CEO Evan Spiegel agreed that, in the near term, there were a lot of opportunities to use generative AI to make Snap’s camera more powerful. However, he noted that further down the road, AI would be critical to the growth of augmented reality, including AR glasses.

The exec said that, initially, generative AI could be used to do things like improve the resolution and clarity of a Snap after the user captures it, or could even be used for “more extreme transformations,” editing images or creating Snaps based on text input. (We should note that generative AI, at least in the way the term is being thrown around today, is not necessarily required to improve photo resolution.) Spiegel didn’t pin any time frames to these types of developments or announce specific products Snap had in the works, but said the company was thinking about how to integrate AI tools into its existing Lens Studio technology for AR developers. “We saw a lot of success integrating Snap ML tools into Lens Studio, and it’s really enabled creators to build some incredible things. We now have 300,000 creators who built more than 3 million lenses in Lens Studio,” Spiegel told investors. “So, the democratization of these tools, I think, will also be very powerful,” he added, in reference to the future integrations of AI tech.

What’s most interesting, perhaps, was the brief insight Spiegel offered about how Snap foresees the potential for AI when used in AR glasses. Though Snap’s Spectacles have not broken any sales records, the company continues to develop the product. The most recent version, the Spectacles 3, expands beyond recording standard photos and video with the addition of new tools like 3D filters and AR graphics. Spiegel suggested that AI could have an impact on this product as well, thanks to its ability to improve the process of building for AR. “We can use generative AI to help build more of these 3D models very quickly, which can really unlock the full potential of AR and help people make their imagination real in the world,” Spiegel added.

Read more of this story at Slashdot.

Sony Halves Reported Sales Expectations For Coming PSVR2 Headset

Sony is drastically scaling back its sales expectations for next month’s launch of the PlayStation VR2 headset, according to a Bloomberg report citing “people familiar with [Sony’s] deliberations.” Ars Technica reports: The PlayStation 5 maker now expects to sell just 1 million PSVR2 units by the end of March, down from sales expectations of 2 million units in that period, as reported last October. Sony expects to sell about 1.5 million more headsets in the following fiscal year, which ends in March 2024, according to the report. The scaled-back sales expectations would put the PSVR2 slightly ahead of the pace set by the original PSVR headset, which sold just under a million units in its first four months and 2 million units in just over a year. But that kind of sales pace looks less impressive today, when a headset like the Meta Quest 2 can sell a reported 2.8 million units in its first quarter, on its way to total sales of over 15 million, according to market analysis firm IDC.

The Quest 2 has a few key advantages in the competition with Sony’s upcoming headset, including an asking price that’s $150 less, even after a recent price hike. The self-contained Quest 2 also doesn’t need to be tethered to any external hardware, contrasting with the PSVR2’s reliance on a hookup to a $499 PlayStation 5. Despite the Quest 2’s success at its relatively low price, though, the VR industry at large seems to be moving toward the higher end of the pricing spectrum these days. Meta’s Quest Pro launched last October at a bafflingly high $1,499, though a one-week sale has slashed that price by $400 for the moment. And next month’s standalone Vive XR Elite will cost $1,099.

Read more of this story at Slashdot.

Microsoft Upgrades Defender To Lock Down Linux Devices For Their Own Good

Organizations using Microsoft’s Defender for Endpoint will now be able to isolate Linux devices from their networks to stop miscreants from remotely connecting to them. The Register reports: The device isolation capability is in public preview and mirrors what the product already does for Windows systems. “Some attack scenarios may require you to isolate a device from the network,” Microsoft wrote in a blog post. “This action can help prevent the attacker from controlling the compromised device and performing further activities such as data exfiltration and lateral movement. Just like in Windows devices, this device isolation feature.” Intruders won’t be able to connect to the device or run operations like assuming unauthorized control of the system or stealing sensitive data, Microsoft claims.

According to the vendor, when the device is isolated, it is limited in the processes and web destinations that are allowed. That means if they’re behind a full VPN tunnel, they won’t be able to reach Microsoft’s Defender for Endpoint cloud services. Microsoft recommends that enterprises use a split-tunneling VPN for cloud-based traffic for both Defender for Endpoint and Defender Antivirus. Once the situation that caused the isolation is cleared up, organizations will be able to reconnect the device to the network. Isolating the system is done via APIs. Users can get to the device page of the Linux systems through the Microsoft 365 Defender portal, where they will see an “Isolate Device” tab in the upper right among other response actions. Microsoft has outlined the APIs for both isolating the device and releasing it from lock down.

Read more of this story at Slashdot.

KeePass Disputes Vulnerability Allowing Stealthy Password Theft

The development team behind the open-source password management software KeePass is disputing what is described as a newly found vulnerability that allows attackers to stealthily export the entire database in plain text. BleepingComputer reports: KeePass is a very popular open-source password manager that allows you to manage your passwords using a locally stored database, rather than a cloud-hosted one, such as LastPass or Bitwarden. To secure these local databases, users can encrypt them using a master password so that malware or a threat actor can’t just steal the database and automatically gain access to the passwords stored within it. The new vulnerability is now tracked as CVE-2023-24055, and it enables threat actors with write access to a target’s system to alter the KeePass XML configuration file and inject a malicious trigger that would export the database, including all usernames and passwords in cleartext. The next time the target launches KeePass and enters the master password to open and decrypt the database, the export rule will be triggered, and the contents of the database will be saved to a file the attackers can later exfiltrate to a system under their control. However, this export process launches in the background without the user being notified or KeePass requesting the master password to be entered as confirmation before exporting, allowing the threat actor to quietly gain access to all of the stored passwords. […]

While the CERT teams of Netherlands and Belgium have also issued security advisories regarding CVE-2023-24055, the KeePass development team is arguing that this shouldn’t be classified as a vulnerability given that attackers with write access to a target’s device can also obtain the information contained within the KeePass database through other means. In fact, a “Security Issues” page on the KeePass Help Center has been describing the “Write Access to Configuration File” issue since at least April 2019 as “not really a security vulnerability of KeePass.” If the user has installed KeePass as a regular program and the attackers have write access, they can also “perform various kinds of attacks.” Threat actors can also replace the KeePass executable with malware if the user runs the portable version.

“In both cases, having write access to the KeePass configuration file typically implies that an attacker can actually perform much more powerful attacks than modifying the configuration file (and these attacks in the end can also affect KeePass, independent of a configuration file protection),” the KeePass developers explain. “These attacks can only be prevented by keeping the environment secure (by using an anti-virus software, a firewall, not opening unknown e-mail attachments, etc.). KeePass cannot magically run securely in an insecure environment.” If the KeePass devs don’t release a version of the app that addresses this issue, BleepingComputer notes “you could still secure your database by logging in as a system admin and creating an enforced configuration file.”

“This type of config file takes precedence over settings described in global and local configuration files, including new triggers added by malicious actors, thus mitigating the CVE-2023-24055 issue.”

Read more of this story at Slashdot.

Students Lost One-Third of a School Year To Pandemic, Study Finds

Children experienced learning deficits during the Covid pandemic that amounted to about one-third of a school year’s worth of knowledge and skills, according to a new global analysis, and had not recovered from those losses more than two years later. The New York Times reports: Learning delays and regressions were most severe in developing countries and among students from low-income backgrounds, researchers said, worsening existing disparities and threatening to follow children into higher education and the work force. The analysis, published Monday in the journal Nature Human Behavior and drawing on data from 15 countries, provided the most comprehensive account to date of the academic hardships wrought by the pandemic. The findings suggest that the challenges of remote learning — coupled with other stressors that plagued children and families throughout the pandemic — were not rectified when school doors reopened.

“In order to recover what was lost, we have to be doing more than just getting back to normal,” said Bastian Betthauser, a researcher at the Center for Research on Social Inequalities at Sciences Po in Paris, who was a co-author on the review. He urged officials worldwide to provide intensive summer programs and tutoring initiatives that target poorer students who fell furthest behind. Thomas Kane, the faculty director of the Center for Education Policy Research at Harvard, who has studied school interruptions in the United States, reviewed the global analysis. Without immediate and aggressive intervention, he said, “learning loss will be the longest-lasting and most inequitable legacy of the pandemic.”

[…] Because children have a finite capacity to absorb new material, Mr. Betthauser said, teachers cannot simply move faster or extend school hours, and traditional interventions like private tutoring rarely target the most disadvantaged groups. Without creative solutions, he said, the labor market ought to “brace for serious downstream effects.” Children who were in school during the pandemic could lose about $70,000 in earnings over their lifetimes if the deficits aren’t recovered, according to Eric Hanushek, an economist at the Hoover Institution at Stanford. In some states, pandemic-era students could ultimately earn almost 10 percent less than those who were educated just before the pandemic. The societal losses, he said, could amount to $28 trillion over the rest of the century.

Read more of this story at Slashdot.

D&D Won’t Change Its Original 1.0 OGL License, Reference Document Enters Creative Commons

An anonymous reader shares a report from PC Gamer:

In a blog post published Friday, Wizards of the Coast announced that it is fully putting the kibosh on the proposed Open Gaming License (OGL) 1.2 that threw the tabletop RPG community into disarray at the beginning of this month.

Instead, Wizards will leave the previously enshrined OGL 1.0 in place, while also putting the latest D&D Systems Reference Document (SRD 5.1) under a Creative Commons License (thanks to GamesRadar for the spot).

The original OGL was put in place with the third edition of D&D in 2000, and allowed other companies and creators to base their work off D&D and the d20 system without payment to or oversight from Wizards. A draft of a revised OGL 1.1 leaked early in January, which proposed royalty payments and creative control by Wizards over derivative works. This immediately incited a backlash from fans. Wizards backpedaled, introducing a softer OGL 1.2 that would still replace the original, and opened the community survey cited in today’s announcement.

With 15,000 respondents in, the results of the survey were pretty damning. 88% didn’t “want to publish TTRPG content under OGL 1.2,” while 89% were “dissatisfied with deauthorizing OGL 1.0a.” 62% were happy that Wizards would put prior SRD versions under Creative Commons, with most of the dissenters wanting more Creative Commons-protected content.

In response, Wizards of the Coast caved.

“We welcome today’s news from Wizards of the Coast regarding their intention not to de-authorize OGL 1.0a,” tweeted Pathfinder publisher Paizo, who’d launched an effort to move the industry away from WotC’s OGL. But “We still believe there is a powerful need for an irrevocable, perpetual independent system-neutral open license that will serve the tabletop community via nonprofit stewardship.

“Work on the ORC license will continue, with an expected first draft to release for comment to participating publishers in February.”

Read more of this story at Slashdot.