Asteroid Sample Could Reveal Our Solar System’s Origin Story

Just over a year after Japan’s Hayabusa2 mission returned the first subsurface sample of an asteroid to Earth, scientists have determined that the near-Earth asteroid Ryugu is a pristine remnant from the formation of our solar system. From a report: This was the first material to be returned to Earth from a carbon-rich asteroid. These asteroids can reveal how our cosmic corner of the universe was formed. The organic and hydrated minerals locked within these asteroids could also shed light on the origin of the building blocks of life. Ryugu is a dark, diamond-shaped asteroid that measures about 3,000 feet (1 kilometer) wide. Hayabusa2 collected one sample from the asteroid’s surface on February 22, 2019, then fired a copper “bullet” into the asteroid to create a 33-foot wide impact crater. A sample was collected from this crater on July 11, 2019. Then, Hayabusa2 flew by Earth and dropped the sample off in Australia last December.

The C-type, or carbonaceous, asteroid is much darker than scientists originally thought, only reflecting about 2% of the light that hits it, according to one study published Monday in the journal Nature Astronomy. After opening the sample, scientists were surprised to find that the spacecraft collected 5.4 grams from the asteroid — much more than the single gram they were expecting, said Toru Yada, lead study author and associate senior researcher at the Japan Aerospace Exploration Agency’s Institute of Space and Astronautical Science.
In the second study, also published Monday in Nature Astronomy, the researchers determined that Ryugu is made of clay and other hydrated minerals, with a number of carbonates and organics inside the sample.

Read more of this story at Slashdot.

Himalayan Glaciers Are Melting at Furious Rate, New Study Shows

Glaciers across the Himalayas are melting at an extraordinary rate, with new research showing that the vast ice sheets there shrank 10 times faster in the past 40 years than during the previous seven centuries. From a report: Avalanches, flooding and other effects of the accelerating loss of ice imperil residents in India, Nepal and Bhutan and threaten to disrupt agriculture for hundreds of millions of people across South Asia, according to the researchers. And since water from melting glaciers contributes to sea-level rise, glacial ice loss in the Himalayas also adds to the threat of inundation and related problems faced by coastal communities around the world. “This part of the world is changing faster than perhaps anybody realized,” said Jonathan Carrivick, a University of Leeds glaciologist and the co-author of a paper detailing the research published Monday in the journal Scientific Reports. “It’s not just that the Himalayas are changing really fast, it’s that they’re changing ever faster.”

Scientists have long observed ice loss from large glaciers in New Zealand, Greenland, Patagonia and other parts of the world. But ice loss in the Himalayas is especially rapid, the new study found. The researchers didn’t pinpoint a reason but noted that regional climate factors, such as shifts in the South Asian monsoon, may play a role. The new finding comes as there is scientific consensus that ice loss from glaciers and polar ice sheets results from rising global temperatures caused by greenhouse-gas emissions from the burning of fossil fuels. Many peer-reviewed scientific studies have identified human activity as a cause of rising global temperatures. So did a report issued in August by the United Nations Intergovernmental Panel on Climate Change, which said “human influence is very likely the main driver of the global retreat of glaciers since the 1990s.” For the new study, Dr. Carrivick and his colleagues scanned satellite photos of almost 15,000 glaciers in the region for signs of the large ridges of rock and debris that glaciers leave behind as they slowly grind their way through the valleys. Using the locations of these ancient glacial tracks, the scientists estimated the span of ice sheet coverage in previous centuries.

Read more of this story at Slashdot.

NASA Releases New Photos of Jupiter – and a Recording of Its Moon that Sounds Like R2-D2

“As it seeks answers about the cosmos and what they mean for Earth’s origins, NASA on Friday announced a slew of discoveries about Jupiter,” reports the Washington Post

“And scientists brought home an interstellar tune from the road.”

The Juno spacecraft is gathering data about the origin of the solar system’s biggest planet — in which more than 1,300 Earths could fit. Among its recent findings are photos from inside the planet’s ring, a map of its magnetic field, details of its atmosphere and a trippy soundtrack from a spacecraft’s travels around one of its moons.

But it’s not exactly a song, or even perceptible to the human ear.

The radio emissions Juno recorded are not what a person would hear if they went to Jupiter — space is a vacuum and does not carry soundwaves like air does on Earth. But the probe zooming through space captured the electric and magnetic emissions that scientists later converted into perceptible sound. Turns out, orbiting Ganymede, which is one of Jupiter’s moons and the largest satellite in the solar system, kind of sounds like R2-D2.

Launched in 2011, became the eighth spacecraft to ever reach Jupiter in 2016, “and the first to probe below the giant planet’s thick gas cover.

“It fought Jupiter’s extreme temperatures and hazardous radiation to survey its north and south poles, chugging along despite a lack of sunshine on its solar panels.”

Read more of this story at Slashdot.

After 50 Years, Vacuum-Sealed Container From 1972 Moon Landing Will Finally Be Opened

“Apollo mission planners were really smart. Recognizing that future scientists will have better tools and richer scientific insights, they refrained from opening a portion of the lunar samples returned from the historic Apollo missions,” writes Gizmodo.

“One of these sample containers, after sitting untouched for 50 years, is now set to be opened.”

The sample in question was collected by Gene Cernan in 1972. The Apollo 17 astronaut was working in the Taurus-Littrow Valley when he hammered a 28-inch-long (70 cm) tube into the surface, which he did to collect samples of lunar soil and gas. The lower half of this canister was sealed while Cernan was still on the Moon. Back on Earth, the canister was placed in yet another vacuum chamber for good measure. Known as the 73001 Apollo sample container, it remains untouched to this very day.

But the time has come to open this vessel and investigate its precious cargo, according to a European Space Agency press release. The hope is that lunar gases might be present inside, specifically hydrogen, helium, and other light gases. Analysis of these gases could further our understanding of lunar geology and shed new light on how to best store future samples, whether they be gathered on asteroids, the Moon, or Mars.

Like I said, Apollo mission planners were really clever — but they didn’t exactly explain how future scientists were supposed to extract the presumed gases from the vacuum-sealed container. That task is now the responsibility of the Apollo Next Generation Sample Analysis Program (ANGSA), which manages these untouched treasures. In this case, ANGSA tasked the European Space Agency, among several other institutions, to figure out a way to safely release this trapped gas, marking the first time that ESA has been involved in the opening of samples returned from the Apollo program…

The ANGSA consortium spent the past 16 months working on the problem, and the solution, dubbed the “Apollo can opener,” is now ready to rock.

Sometime in the next few weeks the gas will finally be decanted into multiple containers, and then sent to specialized labs around the world.

Read more of this story at Slashdot.

2021 Had Six Different Cryptocurrency Heists Over $100 Million

More than 20 different times in the last 12 months, at least $10 million was stolen from a cryptocurrency exchange or project, reports NBC News.

“In at least six cases, hackers stole more than $100 million…”

By comparison, bank robberies netted perpetrators an average of less than $5,000 per heist last year, according to the FBI’s annual crime statistics… “If you hack a Fortune 500 company today, you might steal some usernames and passwords,” said Esteban Castaño, the CEO and co-founder of TRM Labs, a company that builds tools for companies to track digital assets. “If you hack a cryptocurrency exchange, you may have millions of dollars in cryptocurrency….”

[W]hile a handful of countries have strict regulations in place, it’s relatively easy for tech entrepreneurs to set up an exchange nearly anywhere in the world and run it however they like. Cryptocurrencies generally offer a certain amount of security — taking their name, in part, from “encryption.” But the exchanges that manage them, especially new ones building their businesses from scratch, often start with a tiny staff, which means few if any full-time cybersecurity professionals. Their developers may work frantically to make the code work, sometimes accidentally leaving flaws that give hackers a foothold. Combined with the fact that a volatile market often leaves them suddenly holding a fortune, exchanges are a particularly ripe target for criminal hackers….

The problem is exacerbated because many cryptocurrency projects, intent on avoiding government regulations, set up in countries whose law enforcement agencies don’t have much power to go after transnational hackers. Or if they are hacked, they tend to be less likely to call for government help on ideological grounds, said Beth Bisbee, head of U.S. investigations at Chainalysis, a company that tracks cryptocurrency transactions for both private companies and government agencies. Some developers “want to be anti-bank and anti-oversight,” Bisbee said. “So when something like that happens, they’re not necessarily wanting to work with law enforcement, even though they’d be considered to be a victim and it’d be valuable for them to.”
Ultimately the article points out that “Most exchange hackers are not caught.” (Although in at least one case part of the stolen money was voluntarily returned.)

But what happens after the breach, NBC News asked Dave Jevans, the founder of CipherTrace, a company that tracks theft and fraud in cryptocurrencies.

If an exchange is wealthy enough and plans ahead to have an emergency fund, it can compensate its customers if its operation is hacked, Jevans said. If not, they often goes out of business. “Not every exchange is so wealthy or has so much foresight. It just goes, pop, ‘We’re out of business. Sorry, you’re all screwed,'” he said.

Read more of this story at Slashdot.

RadioShack Announces Ambitious New Cryptocurrency Exchange

RadioShack.com is now showing visitors a new message: “Bringing cryptocurrency to the mainstream…”

With a 100-year-old brand, “we are going to lead the way for blockchain tech to reach mainstream adoption by other large brands.”

The RadioShack home page says they’ll start with a “symbiosis” with Atlas USV, a community-driven project to build a universal, decentralized/widely accessible DeFi base layer. Atlas USV’s “Barter” mechanism lets users purchase third-party tokens and transfer them to Atlas USV’s treasury in return for discounted USV tokens. “The Atlas USV treasury can accumulate any crypto asset of its choice with this dynamic…
“Once the liquidity pool surpasses other exchanges’ liquidity level in any token pair, our swap efficiency will be unbeatable for that pair…

“Other decentralized exchanges margins on swap fees are our opportunity…. ”

Or, as they explain on a more detailed web page, “We intend RadioShack to be the first protocol to pass over into mainstream usage in the history of DeFI,” promising that RadioShack DeFi “will become the first to market with a 100 year old brand name that’s recognized in virtually all 190+ countries in the world…”

“RadioShack has one objective: Distribution and usage by millions of individuals but possibly more important, by hundreds of blue-chip, large corporations as their gateway into becoming blockchain companies.”

Currently there’s a sign-up form for a notification when “RADIO token” launches (as well as links to their channels on Discord and Telegram).

Their “Fundamentals” page explains that “It is our hypothesis that the best way for crypto to be more mainstream is for an established brand name in the tech space to lead the way.”

The RadioShack brand was purchased In November of 2020 by e-commerce rehabilitator REV, now listed as a collaborator on RadioShack’s home page. (Ironically, the “Fundamentals” page also includes RadioShack’s Super Bowl ad where there store is taken back by the 1980s.)

The official Twitter feed of Radio Shack now also has the same new tagline: “Bringing Cryptocurrency To The Mainstream.”

Read more of this story at Slashdot.

Who’s Paying to Fix Open Source Software?

The Log4Shell exploit “exposes how a vulnerability in a seemingly simple bit of infrastructure code can threaten the security of banks, tech companies, governments, and pretty much any other kind of organization,” writes VentureBeat. But the incident also raises some questions:
Should large deep-pocketed companies besides Google, which always seems to be heavily involved in such matters, be doing more to support the cause with people and resources?

Long-time Slashdot reader frank_adrian314159 shares a related article from a programming author on Dev.To, who’d read hot takes like “Open source needs to grow the hell up.” and “Open source’ is broken”.

[T]he log4j developers had this massive security issue dumped in their laps, with the expectation that they were supposed to fix it. How did that happen? How did a group of smart, hard-working people get roped into a thankless, high-pressure situation with absolutely no upside for themselves…?

It is this communal mythology I want to talk about, this great open source brainwashing that makes maintainers feel like they need to go above and beyond publishing source code under an open source license — that they need to manage and grow a community, accept contributions, fix issues, follow vulnerability disclosure best practices, and many other things…
In reality what is happening, is that open source maintainers are effectively unpaid outsourcing teams for giant corporations.

The log4j exploit was first reported by an engineer at Alibaba — a corporation with a market capitalization of $348 billion — so the article wonders what would happen if log4j’s team had sent back a bill for the time they’d spend fixing the bug.

Some additional opinions (via the “This Week in Programming” column):

PuTTY maintainer Andrew Ducker: “The internet (and many large companies) are dependent on software maintained by people in their spare time, for free. This may not be sustainable.”
Filippo Valsorda, a Go team member at Google: “The role of Open Source maintainer has failed to mature from a hobby into a proper profession… The status quo is unsustainable…. GitHub Sponsors and Patreon are a nice way to show gratitude, but they are an extremely unserious compensation structure.”
Valsorda hopes to eventually see “a whole career path with an onramp for junior maintainers, including training, like a real profession.”

Read more of this story at Slashdot.

Google Says NSO Pegasus Zero-Click ‘Most Technically Sophisticated Exploit Ever Seen’

wiredmikey shares a report from SecurityWeek: Security researchers at Google’s Project Zero have picked apart one of the most notorious in-the-wild iPhone exploits and found a never-before-seen hacking roadmap that included a PDF file pretending to be a GIF image with a custom-coded virtual CPU built out of boolean pixel operations. If that makes you scratch your head, that was exactly the reaction from Google’s premier security research team after disassembling the so-called FORCEDENTRY iMessage zero-click exploit used to plant NSO Group’s Pegasus surveillance tool on iPhones.

“We assess this to be one of the most technically sophisticated exploits we’ve ever seen,” Google’s Ian Beer and Samuel Grob wrote in a technical deep-dive into the remote code execution exploit that was captured during an in-the-wild attack on an activist in Saudi Arabia. In its breakdown, Project Zero said the exploit effectively created “a weapon against which there is no defense,” noting that zero-click exploits work silently in the background and does not even require the target to click on a link or surf to a malicious website. “Short of not using a device, there is no way to prevent exploitation by a zero-click exploit,” the research team said.

The researchers confirmed the initial entry point for Pegasus was Apple’s proprietary iMessage that ships by default on iPhones, iPads and macOS devices. By targeting iMessage, the NSO Group hackers needed only a phone number of an AppleID username to take aim and fire eavesdropping implants. Because iMessage has native support for GIF images (especially those that loop endlessly), Project Zero’s researchers found that this expanded the attack surface and ended up being abused in an exploit cocktail that targeted a security defect in Apple’s CoreGraphics PDF parser. Within Apple’s CoreGraphics PDF parser, the NSO exploit writers abused Apple’s implementation of the open-source JBIG2, a domain specific image codec designed to compress images where pixels can only be black or white. Describing the exploit as “pretty terrifying,” Google said the NSO Group hackers effectively booby-trapped a PDF file, masquerading as a GIF image, with an encoded virtual CPU to start and run the exploit. Apple patched the exploit in September and filed a lawsuit seeking to hold NSO Group accountable.

Read more of this story at Slashdot.

Apple Delays Corporate Return To Offices Indefinitely

Long-time Slashdot reader ttyler shares a tweet from NBC News tech reporter Zoe Schiffer: Tim Cook just sent out an email delaying Apple’s return to work to a date ‘yet to be determined. He also said the company is giving every corporate employee $1,000 to spend on home office equipment. MacRumors adds: There is no word on when employees will be expected to go back to work, and for now, those who are able to do so will continue to work from home. The delay will be welcome news to Apple employees who have been dreading the return to corporate offices, but Apple does plan to have employees come back at some point. Apple executives have made it clear since the beginning of the pandemic that employees will eventually need to return work. “Video conference calling has narrowed the distance between us, to be sure, but there are things it simply cannot replicate,” Cook said back in June.

When it is safe for employees to return to the office, Apple is planning for a hybrid work schedule. Employees will be expected to be in the office three days a week, but will have the option of working from home for two days a week. Apple also plans to allow employees to work remotely for up to one month per year, giving them more time to travel and be closer to loved ones. Because employees will need to continue to work from home, Cook said that Apple is giving every corporate employee $1,000 to spend on home office equipment.

Read more of this story at Slashdot.