Impact Crater May Be Dinosaur Killer’s Baby Cousin

Researchers have discovered a second impact crater on the other side of the Atlantic that could have finished off what was left of the dinosaurs, after an asteroid known as Chicxulub slammed into what is now the Gulf of Mexico 66 million years ago. The BBC reports: Dubbed Nadir Crater, the new feature sits more than 300m below the seabed, some 400km off the coast of Guinea, west Africa. With a diameter of 8.5km, it’s likely the asteroid that created it was a little under half a kilometre across. The hidden depression was identified by Dr Uisdean Nicholson from Heriot-Watt University, Edinburgh, UK. […] “Our simulations suggest this crater was caused by the collision of a 400m-wide asteroid in 500-800m of water,” explained Dr Veronica Bray from the University of Arizona, US. “This would have generated a tsunami over one kilometre high, as well as an earthquake of Magnitude 6.5 or so. “The energy released would have been around 1,000 times greater than that from the January 2022 eruption and tsunami in Tonga.”

Dr Nicholson’s team has to be cautious about tying the two impacts together. Nadir has been given a very similar date to Chicxulub based on an analysis of fossils of known age that were drilled from a nearby borehole. But to make a definitive statement, rocks in the crater itself would need to be pulled up and examined. This would also confirm Nadir is indeed an asteroid impact structure and not some other, unrelated feature caused by, for example, ancient volcanism. […] Prof Sean Gulick, who co-led the recent project to drill into the Chicxulub Crater, said Nadir might have fallen to Earth on the same day. Or it might have struck the planet a million or two years either side of the Mexican cataclysm. Scientists will only know for sure when rocks from the west African crater are inspected in the lab. “A much smaller cousin, or sister, doesn’t necessarily add to what we know about the dinosaurs’ extinction, but it does add to our understanding of the astronomical event that was Chicxulub,” the University of Texas at Austin researcher told BBC News.

Read more of this story at Slashdot.

Microsoft Employees Exposed Own Company’s Internal Logins

Multiple people who appear to be employees of Microsoft have exposed sensitive login credentials to the company’s own infrastructure on GitHub, potentially offering attackers a gateway into internal Microsoft systems, according to a cybersecurity research firm that found the exposed credentials. Motherboard reports: “We continue to see that accidental source code and credential leakages are part of the attack surface of a company, and it’s becoming more and more difficult to identify in a timely and accurate manner. This is a very challenging issue for most companies these days,” Mossab Hussein, chief security officer at cybersecurity firm spiderSilk which discovered the issue, told Motherboard in an online chat. Hussein provided Motherboard with seven examples in total of exposed Microsoft logins. All of these were credentials for Azure servers. Azure is Microsoft’s cloud computer service and is similar to Amazon Web Services. All of the exposed credentials were associated with an official Microsoft tenant ID. A tenant ID is a unique identifier linked to a particular set of Azure users. One of the GitHub users also listed Microsoft on their profile.

Three of the seven login credentials were still active when spiderSilk discovered them, with one seemingly uploaded just days ago at the time of writing. The other four sets of credentials were no longer active but still highlighted the risk of workers accidentally uploading keys for internal systems. Microsoft refused to elaborate on what systems the credentials were protecting when asked multiple times by Motherboard. But generally speaking, an attacker may have an opportunity to move onto other points of interest after gaining initial access to an internal system. One of the GitHub profiles with exposed and active credentials makes a reference to the Azure DevOps code repository. Highlighting the risk that such credentials may pose, in an apparently unrelated hack in March attackers gained access to an Azure DevOps account and then published a large amount of Microsoft source code, including for Bing and Microsoft’s Cortana assistant. “We’ve investigated and have taken action to secure these credentials,” said a Microsoft spokesperson in a statement. “While they were inadvertently made public, we haven’t seen any evidence that sensitive data was accessed or the credentials were used improperly. We’re continuing to investigate and will continue to take necessary steps to further prevent inadvertent sharing of credentials.”

Read more of this story at Slashdot.

Drought-Stricken States To Get Less From Colorado River

For the second year in a row, Arizona and Nevada will face cuts in the amount of water they can draw from the Colorado River as the West endures an extreme drought, federal officials announced Tuesday. The Associated Press reports: The cuts planned for next year will force states to make critical decisions about where to reduce consumption and whether to prioritize growing cities or agricultural areas. The cuts will also place state officials under renewed pressure to plan for a hotter, drier future and a growing population. Mexico will also face cuts. “We are taking steps to protect the 40 million people who depend on the Colorado River for their lives and livelihoods,” said Camille Touton, commissioner of the Bureau of Reclamation.

The river provides water across seven states and in Mexico and helps feed an agricultural industry valued at $15 billion a year. Cities and farms are anxiously awaiting official estimates of the river’s future water levels that will determine the extent and scope of cuts to their water supply. That’s not all. In addition to those already-agreed-to cuts, the Bureau of Reclamation said Tuesday that states had missed a deadline to propose at least 15% more cuts needed to keep water levels at the river’s storage reservoirs from dropping even more. For example, officials have predicted that water levels at Lake Mead, the nation’s largest reservoir, will plummet further. The lake is currently less than a quarter full. “The states collectively have not identified and adopted specific actions of sufficient magnitude that would stabilize the system,” Touton said.

Read more of this story at Slashdot.

New US Privacy Law May Give Telecoms Free Pass On $200 Million Fines

An anonymous reader quotes a report from Motherboard: The American Data Privacy and Protection Act (ADPPA), a new federal privacy bill that has actually a chance of becoming law, is designed to introduce new privacy protections for Americans. But it may also have the side effect of wiping out $200 million worth of fines proposed against some of the country’s biggest telecommunications companies as part of a major location-data selling scandal in which the firms sold customer data that ended up in the hands of bounty hunters and other parties. The issue centers around the ADPPA’s shift of enforcement for privacy related matters from the Federal Communications Commission (FCC), which proposed the fines, to the Federal Trade Commission (FTC). The news highlights the complex push and pulls when developing privacy legislation, and some of the pitfalls along the way.

The FCC proposed the $200 million fines in February 2020. The fines came after Motherboard revealed that the carriers sold phone location data to a complex supply chain of companies which then provided it to hundreds of bounty hunters and other third parties, including someone that allowed Motherboard to track a phone for just $300. The fines also came after The New York Times and the office of Sen. Ron Wyden found that the carriers sold location data in a similar method to a company called Securus, which allowed law enforcement officials to track the location of phones without a warrant. A former sheriff abused the tool to spy on judges and other officials. The offending telecoms — AT&T, T-Mobile, Sprint, Verizon — said they stopped the sale of location data at varying points in time in response to the investigations. The FCC then found that the carriers broke the law by selling such data.

FCC Press Secretary Paloma Perez told Motherboard in an emailed statement that “our real-time location information is some of the most sensitive data there is about us, and it deserves the highest level of privacy protection. That is why the FCC has proposed more than $200 million in fines against the nation’s largest wireless carriers for selling their customers’ location data. Through our continued oversight we have ensured that these carriers are no longer monetizing their consumers’ real-time location in this way, and we are continuing our investigation into these practices and expect to reach a conclusion very soon.” In July FCC Chairwoman Jessica Rosenworcel sent letters to a host of U.S. telecommunications, tech, and retail companies to ask about their use of location data.

Read more of this story at Slashdot.

WeWork’s Former CEO Has a New Startup, Reportedly Valued At More Than $1 Billion

Nearly three years after Adam Neumann stepped down as CEO of WeWork following a failed attempt to take the company public, he is said to once again be in charge of a billion-dollar real estate startup. CNN Business reports: Andreessen Horowitz, the prominent venture capital firm known for its early investments in Twitter and Airbnb, has pumped about $350 million into Neumann’s newest venture, called Flow, according to The New York Times, citing unnamed sources briefed on the deal. The investment valued the startup at more than $1 billion, according to the report. In a blog post Monday, Marc Andreessen, cofounder and general partner at the VC firm, announced the investment, without disclosing financial details. He also explained his thinking for backing Flow, a residential real estate company, and Neumann despite the founder’s high-profile fall from grace at WeWork.

“Adam is a visionary leader who revolutionized the second largest asset class in the world — commercial real estate — by bringing community and brand to an industry in which neither existed before,” Andreessen wrote in his post Monday. “Adam, and the story of WeWork, have been exhaustively chronicled, analyzed, and fictionalized — sometimes accurately. For all the energy put into covering the story, it’s often under appreciated that only one person has fundamentally redesigned the office experience and led a paradigm-changing global company in the process: Adam Neumann.” It’s not immediately clear how Flow seeks to revolutionize the residential housing industry. Flow currently has a bare bones website, with the slogan “Live life in flow” and two words stating it will launch in 2023.

Andreessen positioned the new company as a long-awaited solution to the nation’s “housing crisis.” He used a mix of jargon-filled terms — “community-driven, experience-centric service” — to explain how the new startup would “create a system where renters receive the benefits of owners.” “We think it is natural that for his first venture since WeWork, Adam returns to the theme of connecting people through transforming their physical spaces and building communities where people spend the most time: their homes,” Andreessen wrote. “Residential real estate — the world’s largest asset class — is ready for exactly this change.”

Read more of this story at Slashdot.

An Eye Implant Engineered From Proteins In Pigskin Restored Sight In 14 Blind People

According to a new study published in the journal Nature Biotechnology, researchers implanted corneas made from pig collagen to restore sight in 20 people who were blind or visually impaired. “Fourteen of the patients were blind before they received the implant, but two years after the procedure, they had regained some or all of their vision,” notes NBC News. “Three had perfect vision after the surgery.” From the report: The patients, in Iran and India, all suffered from keratoconus, a condition in which the protective outer layer of the eye progressively thins and bulges outward. “We were surprised with the degree of vision improvement,” said Neil Lagali, a professor of experimental ophthalmology at Linkoping University in Sweden who co-authored the study. Not all patients experienced the same degree of improvement, however. The 12 Iranian patients wound up with an average visual acuity of 20/58 with glasses; functional vision is defined as 20/40 or better with lenses. Nonetheless, Dr. Marian Macsai, a clinical professor of ophthalmology at the University of Chicago who wasn’t involved in the study, said the technology could be a game changer for those with keratoconus, which affects roughly 50 to 200 out of every 100,000 people. It might also have applications for other forms of corneal disease.

To create the implant, Lagali and his team dissolved pig tissue to form a purified collagen solution. That was used to engineer a hydrogel that mimics the human cornea. Surgeons then made an incision in a patient’s cornea for the hydrogel. “We insert our material into this pocket to thicken the cornea and to reshape it so that it can restore the cornea’s function,” Lagali said. Traditionally, human tissue is required for cornea transplants. But it’s in short supply, because people must volunteer to donate it after they die. So, Lagali said, his team was looking for a low-cost, widely available substitute. “Collagen from pigskin is a byproduct from the food industry,” he said. “This makes it broadly available and easier to procure.” After two years, the patients’ bodies hadn’t rejected the implants, and they didn’t have any inflammation or scarring.

But any experimental medical procedure comes with risk. In this case, Soiberman said, a foreign molecule like collagen could induce an immune reaction. The researchers prescribed patients an eight-week course of immunosuppressive eyedrops to lower the risk, which is less than the amount given to people who receive cornea transplants from human tissue. In those cases, patients take immunosuppressive medicine for more than a year, Lagali said. “There’s always a risk for rejection of the human donor tissue because it contains foreign cells,” he said. “Our implant does not contain any cells … so there’s a minimal risk of rejection.” The procedure itself was also quicker than traditional cornea transplants. The researchers said each operation took about 30 minutes, whereas transplants of human tissue can take a couple of hours. […] It’s not yet clear whether the surgery would work for patients who have other forms of corneal disease aside from keratoconus.

Read more of this story at Slashdot.

Thieves Stole $23 Million in One of the Largest YouTube Royalties Scams Ever

“Need an easy way to make $23 million?” asks Mashable.
“Have you ever considered just claiming music others uploaded to YouTube as your own and collecting the royalties?

That’s basically all two Phoenix men did to swindle Latin music artists like Daddy Yankee and Julio Iglesias out of millions of dollars in royalties, as detailed in a new piece from Billboard last week.

According to Kristin Robinson of Billboard, Jose “Chenel” Medina Teran and Webster Batista set up a media company called MediaMuv and claimed to own the rights to various Latin music songs and compositions. In total, MediaMuv claimed to own more than 50,000 copyrights since 2017, when Teran and Batista began their scheme.

In order for MediaMuv to claim these copyrights and collect royalties through YouTube’s Content ID system, the fraudulent company needed to partner with AdRev, a third-party company that has access to YouTube’s CMS and Content ID tools and helps artists manage their digital copyrights. MediaMuv created a few fake documents and provided AdRev with this paperwork in order to prove ownership over the music it claimed. From there, AdRev not only helped MediaMuv collect royalties for those copyrights but also provided Terana and Batista with direct access to YouTube’s CMS so they could claim copyrights on its own.

Teran and Batista’s four-year-long royalties heist came to an end late last year following an investigation from the IRS. According to Billboard, the two were indicted on “30 counts of conspiracy, wire fraud, money laundering and aggravated identity theft.”

Mashable calls it “a huge reminder that online copyright is deeply flawed…”

“[J]ust think about how many more careful scammers are still skimming royalties off of an untold number of artists.”

Read more of this story at Slashdot.

Rust 1.63 Released, Adding Scoped Threads

This week the Rust team announced the release of Rust 1.63.

One noteable update? Adding scoped threads to the standard library:

Rust code could launch new threads with std::thread::spawn since 1.0, but this function bounds its closure with ‘static. Roughly, this means that threads currently must have ownership of any arguments passed into their closure; you can’t pass borrowed data into a thread. In cases where the threads are expected to exit by the end of the function (by being join()’d), this isn’t strictly necessary and can require workarounds like placing the data in an Arc.

Now, with 1.63.0, the standard library is adding scoped threads, which allow spawning a thread borrowing from the local stack frame. The std::thread::scope API provides the necessary guarantee that any spawned threads will have exited prior to itself returning, which allows for safely borrowing data.
The official Rust RFC book says “The main drawback is that scoped threads make the standard library a little bit bigger,” but calls it “a very common and useful utility…great for learning, testing, and exploratory programming.

“Every person learning Rust will at some point encounter interaction of borrowing and threads. There’s a very important lesson to be taught that threads can in fact borrow local variables, but the standard library [didn’t] reflect this.” And otherwise, “Implementing scoped threads is very tricky to get right so it’s good to have a reliable solution provided by the standard library.”

Read more of this story at Slashdot.