Ford Plans To Produce 600,000 EVs a Year By the End of 2023
Read more of this story at Slashdot.
Sales And Repair
1715 S. 3rd Ave. Suite #1
Yakima, WA. 98902
Mon - Fri: 8:30-5:30
Sat - Sun: Closed
Sales And Repair
1715 S. 3rd Ave. Suite #1
Yakima, WA. 98902
Mon - Fri: 8:30-5:30
Sat - Sun: Closed
Read more of this story at Slashdot.
Marlin then asked whether he could make his findings public and was told he’s free to do so. “I’m frustrated that GitHub isn’t taking its users’ security and privacy seriously,” Marlin told The Register in an email. “The least it could do is prevent results coming up for this GitHub dork. If the individuals who uploaded these cookie databases were made aware of what they’d done, they’d s*** their pants.”
Marlin acknowledges that affected GitHub users deserve some blame for failing to prevent their cookies.sqlite databases from being included when they committed code and pushed it to their public repositories. “But there are nearly 4.5k hits for this dork, so I think GitHub has a duty of care as well,” he said, adding that he’s alerted the UK Information Commissioner’s Office because personal information is at stake. Marlin speculates that the oversight is a consequence of committing code from one’s Linux home directory. “I imagine in most of the cases, the individuals aren’t aware that they’ve uploaded their cookie databases,” he explained. “A common reason users do this is for a common environment across multiple machines.”
Read more of this story at Slashdot.
The alpha version isn’t perfect. It currently only works on videos for which the Youtube API returns a valid dislike count. The calculations could also be skewed by the userbase, which is unlikely to represent the average YouTube viewer. The developer said they’re exploring ways to mitigate this, such as comparing the downvotes collected through the public of extension users to a cache of real downvotes. The results should also improve as uptake grows. The plugin could provide a useful service, but its greatest value may be as a potent symbol of protest. You can try it out here — but proceed at your own risk. If you want to check out the code, it’s been published on GitHub. Further reading: YouTube Co-Founder Predicts ‘Decline’ of the Platform Following Removal of Dislikes
Read more of this story at Slashdot.
Starbucks baristas will make drinks and the rest of the chain’s menu at the new location in New York City, which will have the same staffing level as any other Starbucks, she said. Customers can order through the Starbucks app and grab coffee to go from a counter near the door. Or they can use a credit card, Amazon app or Amazon One palm reader to enter the rest of the space, take snacks from shelves, or sit at tables.
Read more of this story at Slashdot.
Researchers found that people who drank two to three cups of coffee or three to five cups of tea a day, or a combination of four to six cups of coffee and tea, had the lowest risk of stroke or dementia. Those who drank two to three cups of coffee and two to three cups of tea daily had a 32% lower risk of stroke. These people had a 28% lower risk of dementia compared with those who did not drink tea or coffee. The research, by Yuan Zhang and colleagues from Tianjin Medical University, China, suggests drinking coffee alone or in combination with tea is also linked with lower risk of post-stroke dementia. “[W]hat generally happened is that the risk of stroke or dementia was lower in people who drank reasonably small amounts of coffee or tea compared to those who drank none at all, but that after a certain level of consumption, the risk started to increase again until it became higher than the risk to people who drank none,” said professor Kevin McConway, an emeritus professor of applied statistics at the Open University who was not involved in the study.
“Once the coffee consumption got up to seven or eight cups a day, the stroke risk was greater than for people who drank no coffee, and quite a lot higher than for those who drank two or three cups a day.”
The study has been published in the journal PLOS Medicine.
Read more of this story at Slashdot.
It builds on U.S. efforts to improve cybersecurity for citizens and businesses, the statement continued. This includes “rallying G7 countries to hold accountable nations that harbor cyber criminals, supporting the update of NATO cyber policy for the first time in seven years, and the recent counter-ransomware engagement with over 30 countries around the world to accelerate international cooperation to combat cybercrime.”
Read more of this story at Slashdot.
Now Sahami has teamed up with two more Stanford professors to write a book calling for “a mature reckoning with the realization that the powerful technologies dominating our lives encode within them a set of values that we had no role in choosing and that we often do not even see…”
At a virtual event at Silicon Valley’s Computer History Museum, the three professors discussed their new book, System Error: Where Big Tech Went Wrong and How We Can Reboot — and thoughtfully and succinctly distilled their basic argument. “The System Error that we’re describing is a function of an optimization mindset that is embedded in computer science, and that’s embedded in technology,” says political scientist Jeremy Weinstein (one of the book’s co-authors). “This mindset basically ignores the competing values that need to be ‘refereed’ as new products are designed. It’s also embedded in the structure of the venture capital industry that’s driving the growth of Silicon Valley and the growth of these companies, that prioritizes scale before we even understand anything about the impacts of technology in society. And of course it reflects the path that’s been paved for these tech companies to market dominance by a government that’s largely been in retreat from exercising any oversight.”
Sahami thinks our technological landscape should have a protective infrastructure like the one regulating our roads and highways. “It’s not a free-for all where the ultimate policy is ‘If you were worried about driving safely then don’t drive.'” Instead there’s lanes and traffic lights and speed bumps — an entire safe-driving infrastructure which arrived through regulation.” Or (as their political science professor/co-author Rob Reich tells the site), “Massive system problems should not be framed as choices that can be made by individual consumers.”
Sahami also thinks breaking up big tech monopolies would just leaves smaller “less equipped” companies to deal with the same problems — but that positive changes in behavior might instead come from government scrutiny. But Reich also wants to see professional ethics (like the kind that are well-established in biomedical fields). “In the book we point the way forward on a number of different fronts about how to accelerate that…”
And he argues that at colleges, just one computing-ethics class isn’t enough. “Ethics must be embedded through the entire curriculum.”
Read more of this story at Slashdot.
– Despite advertising itself as a platform that will “give a voice to all,” according to a press release, TRUTH Social’s terms of service state that users may not “disparage, tarnish, or otherwise harm, in our opinion, us and/or the Site.” In other words, any user who criticizes Trump or the site can be kicked off the platform…
– [W]hile portraying itself as a refuge for free speech and the “first major rival to ‘Big Tech,'” TRUTH Social’s terms of service make it clear that the platform not only intends to moderate content — just as Twitter and Facebook do — but reserves the right to remove users for any reason it deems necessary. The terms go on to say that if TRUTH Social decides to terminate or suspend your account, the platform may also sue you — something that Twitter and Facebook’s terms don’t say. “In addition to terminating or suspending your account, we reserve the right to take appropriate legal action, including without limitation pursuing civil, criminal, and injunctive redress,” TRUTH Social’s terms state…
– Maybe most notably, the site’s list of prohibited activities includes the “excessive use of capital letters,” an idiosyncrasy that Trump became known for on Twitter and that no other major social network specifically bans. TRUTH Social’s terms also contain some sections written in all-caps.
The terms also specify explicitly that the site considers itself “not responsible” for the accuracy/reliability of what’s posted on the site. Yet the Washington Post reports the newly-formed “Trump Media & Technology Group” has already applied for trademark rights for the terms “truthing,” “post a truth,” and “retruth.”
Meanwhile, the Software Freedom Conservancy believes the end of the site’s public test launch was directly tied to a recently-discovered violation of a Conservancy license. “Once caught in the act, Trump’s Group scrambled and took the site down.”
One of the license’s authors emphasizes that the license “purposefully treats everyone equally (even people we don’t like or agree with), but they must operate under the same rules of the copyleft licenses that apply to everyone else…”
To comply with this important FOSS license, Trump’s Group needs to immediately make that Corresponding Source available to all who used the site today while it was live. If they fail to do this within 30 days, their rights and permissions in the software are automatically and permanently terminated. That’s how AGPLv3’s cure provision works — no exceptions — even if you’re a real estate mogul, reality television star, or even a former POTUS.”
Read more of this story at Slashdot.
Research published on Monday presented a new Rowhammer technique. It uses non-uniform patterns that access two or more aggressor rows with different frequencies. The result: all 40 of the randomly selected DIMMs in a test pool experienced bitflips, up from 13 out of 42 chips tested in previous work (PDF) from the same researchers. “We found that by creating special memory access patterns we can bypass all mitigations that are deployed inside DRAM,” Kaveh Razavi and Patrick Jattke, two of the research authors, wrote in an email. “This increases the number of devices that can potentially be hacked with known attacks to 80 percent, according to our analysis. These issues cannot be patched due to their hardware nature and will remain with us for many years to come.”
The non-uniform patterns work against Target Row Refresh. Abbreviated as TRR, the mitigation works differently from vendor to vendor but generally tracks the number of times a row is accessed and recharges neighboring victim rows when there are signs of abuse. The neutering of this defense puts further pressure on chipmakers to mitigate a class of attacks that many people thought more recent types of memory chips were resistant to. In Monday’s paper, the researchers wrote: “Proprietary, undocumented in-DRAM TRR is currently the only mitigation that stands between Rowhammer and attackers exploiting it in various scenarios such as browsers, mobile phones, the cloud, and even over the network. In this paper, we show how deviations from known uniform Rowhammer access patterns allow attackers to flip bits on all 40 recently-acquired DDR4 DIMMs, 2.6x more than the state of the art. The effectiveness of these new non-uniform patterns in bypassing TRR highlights the need for a more principled approach to address Rowhammer.” While PCs, laptops, and mobile phones are most affected by the new findings, the report notes that cloud services like AWS and Azure “remain largely safe from Rowhammer because they use higher-end chips that include a defense known as ECC, short for Error Correcting Code.”
“Concluding, our work confirms that the DRAM vendors’ claims about Rowhammer protections are false and lure you into a false sense of security,” the researchers wrote. “All currently deployed mitigations are insufficient to fully protect against Rowhammer. Our novel patterns show that attackers can more easily exploit systems than previously assumed.”
Read more of this story at Slashdot.
Engadget reports:
A second investigation would reportedly last about six months. After that, officials could either block the deal, approve it as-is or require concessions…
The tech firm has focused its energy so far on downplaying concerns about ARM’s neutrality if the deal closes, promising an open licensing model that treats customers fairly.
Any second investigation wouldn’t necessarily spell doom for NVIDIA’s acquisition. It would suggest the government has some qualms, however, and that NVIDIA might have to make some sacrifices. At the least, the company would have to be patient — it wouldn’t get UK approval until 2022 at the earliest, and it would still have to wait for other regulators before finalizing the merger.
In other news, ARM has joined the Rust Foundation.
Read more of this story at Slashdot.