Google Launches Advanced API Security To Protect APIs From Growing Threats

Google today announced a preview of Advanced API Security, a new product headed to Google Cloud that’s designed to detect security threats as they relate to APIs. TechCrunch reports: Built on Apigee, Google’s platform for API management, the company says that customers can request access starting today. Short for “application programming interface,” APIs are documented connections between computers or between computer programs. API usage is on the rise, with one survey finding that more than 61.6% of developers relied on APIs more in 2021 than in 2020. But they’re also increasingly becoming the target of attacks. According to a 2018 report commissioned by cybersecurity vendor Imperva, two-thirds of organizations are exposing unsecured APIs to the public and partners.

Advanced API Security specializes in two tasks: identifying API misconfigurations and detecting bots. The service regularly assesses managed APIs and provides recommended actions when it detects configuration issues, and it uses preconfigured rules to provide a way to identify malicious bots within API traffic. Each rule represents a different type of unusual traffic from a single IP address; if an API traffic pattern meets any of the rules, Advanced API Security reports it as a bot. […] With the launch of Advanced API Security, Google is evidently seeking to bolster its security offerings under Apigee, which it acquired in 2016 for over half a billion dollars. But the company is also responding to increased competition in the API security segment. “Misconfigured APIs are one of the leading reasons for API security incidents. While identifying and resolving API misconfigurations is a top priority for many organizations, the configuration management process is time consuming and requires considerable resources,” Vikas Ananda, head of product at Google Cloud, said in a blog post shared with TechCrunch ahead of the announcement. “Advanced API Security makes it easier for API teams to identify API proxies that do not conform to security standards… Additionally, Advanced API Security speeds up the process of identifying data breaches by identifying bots that successfully resulted in the HTTP 200 OK success status response code.”

Read more of this story at Slashdot.

Robot Umpires Could Be Coming To MLB In 2024

Major League Baseball plans to introduce robot umpires in the 2024 season, MLB Commissioner Rob Manfred told ESPN this week. The Verge reports: He framed the change as a way to speed up games, but anyone who’s watched baseball the last few years will tell you that a machine would almost certainly call balls and strikes better than the humans do. There are two ways the “Automated Ball-Strike System,” which is the technical term for these robot umpires, might be implemented. One is the fully automated version, in which the AI-powered system calls every pitch a ball or a strike and relays the call to the umpire. Or the MLB could decide to use the AI as a review system, like VAR in soccer or the Hawk-Eye system used in professional tennis: each side gets a certain number of challenges, which are then adjudicated by the automated system.

Read more of this story at Slashdot.

Extreme Temperatures In Major Latin American Cities Could Be Linked To Nearly 1 Million Deaths

Rodrigo Perez Ortega writes via Science Magazine: With climate change, heat waves and cold fronts are worsening and taking lives worldwide: about 5 million in the past 20 years, according to at least one study. In a new study published today in Nature Medicine, an international team of researchers estimates that almost 900,000 deaths in the years between 2002 and 2015 could be attributable to extreme temperatures alone in major Latin American cities. This is the most detailed estimate in Latin America, and the first ever for some cities.

To estimate how many people died from intense heat or cold, researchers with the Urban Health in Latin America project — which studies how urban environments and policies impact the health of city residents in Latin America — looked at mortality data between 2002 and 2015 from registries of 326 cities with more than 100,000 residents, in nine countries throughout Latin America. They calculated the average daily temperatures and estimated the temperature range for each city from a public data set of atmospheric conditions. If a death occurred either on the 18 hottest or the 18 coldest days that each city experienced in a typical year, they linked it to extreme temperatures. Using a statistical model, the researchers compared the risk of dying on very hot and cold days, and this risk with the risk of dying on temperate days. They found that in Latin American metropolises, nearly 6% — almost 1 million — of all deaths between those years happened on days of extreme heat and cold. They also created an interactive map with the data for individual cities.

When the team analyzed the specific cause of these deaths in the registries, they found — consistent with previous studies — that extreme temperatures are often linked to deaths from cardiovascular and respiratory diseases. Extreme heat makes the heart pump more blood and causes dehydration and pulmonary stress. Extreme cold, on the other hand, can make the heart pump less blood and cause hypotension and, in some cases, organ failure. The team also found older adults are especially vulnerable to extreme temperatures, with 7.5% of deaths among them correlated to extreme heat and cold during the study period. Although the numbers varied from year to year, in 2015, for instance, more than 16,000 deaths — out of nearly 855,000 — among people ages 65 or older were attributable to extreme temperatures. Latin America’s aging population is projected to rise more quickly than other parts of the world — from 9% in 2020 to 19% in 2050, by some estimates (PDF). […] Although deaths on extremely cold days — about 785,000 — were much higher than those on extremely hot days — about 103,000 — overall there were more days with intense cold, which could explain this difference. But for some cities, such as Buenos Aires, Rio de Janeiro, and Merida, heat is more deadly than cold: The researchers estimated that on very hot days, the chance of dying increases by 5.7% for every 1C increase in temperature.

Read more of this story at Slashdot.

California’s Attempt To Protect Kids Online Could End Adults’ Internet Anonymity

Thomas Claburn writes via The Register: California lawmakers met in Sacramento today to discuss, among other things, proposed legislation to protect children online. The bill, AB2273, known as The California Age-Appropriate Design Code Act, would require websites to verify the ages of visitors. Critics of the legislation contend this requirement threatens the privacy of adults and the ability to use the internet anonymously, in California and likely elsewhere, because of the role the Golden State’s tech companies play on the internet.

“First, the bill pretextually claims to protect children, but it will change the Internet for everyone,” said Eric Goldman, Santa Clara University School of Law professor, in a blog post. “In order to determine who is a child, websites and apps will have to authenticate the age of ALL consumers before they can use the service. No one wants this.” The bill, Goldman argues, will put an end to casual web browsing, forcing companies to collect personal information they don’t want to store and protect — and that consumers don’t want to provide — in order to authenticate the age of visitors. And since age authentication generally requires identity details, that threatens the ability to use the internet anonymously.

Goldman also objects to this American state-level bill being modeled after the UK’s Age-Appropriate Design Code (AADC) because European law makes compliance a matter of engagement and dialogue with regulators, in contrast to the US rules-based approach that allows more certainty about what is or not allowed. Furthermore, he contends that the scope of the bill reaches beyond children’s privacy and implicates consumer protection and content moderation. He thus considers the bill “a trojan horse for comprehensive regulation of Internet services” and would turn the California Privacy Protection Agency (CPPA) into a general internet regulation agency.

Read more of this story at Slashdot.

Brazil Is Also Considering Making USB-C Chargers Mandatory For iPhones

Brazil’s telecoms regulator Anatel has launched a public consultation on a proposal to make USB-C chargers mandatory for all smartphones sold in the country. The Verge reports: It’s the latest example of lawmakers and regulators turning to USB-C as a common charging standard for phones. The EU passed a law on the matter earlier this month, making USB-C mandatory for a range of electronic gadgets (including smartphones) by the end of 2024, and in the US some Democrat politicians are pushing for similar legislation. “Aware of the aforementioned movements in the international market, Anatel’s technical area evaluated the topic and presented a proposal with a similar approach for application in the Brazilian market,” said Anatel in a blog post (English translation via Google Translate).

In documents supporting the public consultation, Anatel said the advantages for making USB-C mandatory were primarily reducing e-waste and increasing convenience for customers. Disadvantages included higher costs to enforce the regulation and the possibility the law would discourage companies from developing new, better standards. Anatel says its public consultation will run until August 26th.

Read more of this story at Slashdot.

Airbnb Makes Its Party Ban Permanent

Airbnb on Tuesday announced a global ban on parties, following a temporary restriction it put in place two years ago. CNBC reports: The company is permanently banning “disruptive parties and events,” which include open-invite gatherings. “Party houses,” which people book to throw a large event for just one night, will stay banned as well. Airbnb placed a ban on party houses and rolled out several safety features in 2019 after five people were killed in a shooting at one of its bookings. In 2020, the company instituted a global ban on all parties as the pandemic hit.

Airbnb said that since it implemented its policy in August 2020, it has seen a 44% year-over-year drop in the rate of party reports. “The temporary ban has proved effective, and today we are officially codifying the ban as our policy,” the company said in a blog post. Airbnb said guests who attempt to violate its rules will face consequences varying from account suspension to full removal from the platform. In 2021, for example, more than 6,600 guests were suspended from Airbnb for violating its party ban.

Read more of this story at Slashdot.

Apple Exec Says Samsung Copied iPhone and Simply ‘Put a Bigger Screen Around It’

In a new documentary about the evolution of the iPhone, Apple’s marketing chief Greg Joswiak was seen calling Samsung “annoying” and accusing them of poorly copying Apple’s technology. “They were annoying,” said Joswiak. “And they were annoying because, as you know, they ripped off our technology. They took the innovations that we had created and created a poor copy of it, and just put a bigger screen around it. So, yeah, we were none too pleased.” MacRumors reports: Samsung launched the Galaxy S4 with a 5-inch display in early 2013, at a time when the iPhone 5 had a 4-inch display. Apple did eventually release its first larger smartphones with the 4.7-inch iPhone 6 and 5.5-inch iPhone 6 Plus in 2014, and the devices were met with strong demand and went on to be among the best-selling iPhone models ever.

Apple sued Samsung in 2011 for patent infringement, alleging that Samsung copied the iPhone’s design with its own Galaxy line of smartphones. Apple was initially awarded around $1 billion in damages, but the amount was lowered in a subsequent retrial. In 2018, Apple finally settled with Samsung and reiterated the following statement: “We believe deeply in the value of design, and our teams work tirelessly to create innovative products that delight our customers. This case has always been about more than money. Apple ignited the smartphone revolution with iPhone and it is a fact that Samsung blatantly copied our design. It is important that we continue to protect the hard work and innovation of so many people at Apple. We’re grateful to the jury for their service and pleased they agree that Samsung should pay for copying our products.” The full documentary can be watched on The Wall Street Journal’s website.

Read more of this story at Slashdot.

TSMC May Surpass Intel In Quarterly Revenue For First Time

Wall Street analysts estimate TSMC will grow second-quarter revenue 43 percent quarter-over-quarter to $18.1 billion. Intel, on the other hand, is expected to see sales decline 2 percent sequentially to $17.98 billion in the same period, according to estimates collected by Yahoo Finance. The Register reports: The potential for TSMC to surpass Intel in quarterly revenue is indicative of how demand has grown for contract chip manufacturing, fueled by companies like Qualcomm, Nvidia, AMD, and Apple who design their own chips and outsource manufacturing to foundries like TSMC. This trend has created a quandary for Intel. The semiconductor giant has traditionally manufactured the chips it designs as part of its integrated device manufacturing model but the company is now increasingly reliant on TSMC and other foundries for certain components, while expanding its own manufacturing capacity in the West.

The kicker is that Intel plans to use this increased capacity to produce more of its own chips while also supporting its revitalized foundry business, which hopes to take business from TSMC and South Korea’s Samsung, the industry’s other leading-edge chipmaker, in the future. This new strategy by Intel is called IDM 2.0, and it means the chipmaker will have to juggle two somewhat conflicting objectives:

– taking foundry market share away from TSMC and Samsung by convincing various fabless chip designers to use its plants;

– and using leading-edge nodes from TSMC and Samsung for certain components to compete with fabless companies like AMD and Nvidia. “Samsung has already surpassed Intel as the largest semiconductor company by revenue, so TSMC potentially growing larger than the x86 giant further underscores the tentative position Intel is in,” concludes the report.

Read more of this story at Slashdot.

On NetHack’s 35th Anniversary, It’s Displayed at Museum of Modern Art

Switzerland-based software developer Jean-Christophe Collet writes:
A long time ago I got involved with the development of NetHack, a very early computer role playing game, and soon joined the DevTeam, as we’ve been known since the early days. I was very active for the first 10 years then progressively faded out even though I am still officially (or semi-officially as there is nothing much really “official” about NetHack, but more on that later) part of the team.

This is how, as we were closing on the 35th anniversary of the project, I learned that NetHack was being added to the collection of the Museum of Modern Art of New York. It had been selected by the Architecture and Design department for its small collection of video games, and was going to be displayed as part of the Never Alone exhibition this fall.

From its humble beginnings as a fork of the 1982 dungeon-exploring game “Hack” (based on the 1980 game Rogue), Nethack influenced both Diablo and Torchlight, Collet writes. But that’s just the beginning:

It is one of the oldest open-source projects still in activity. It actually predates the term “open-source” (it was “free software” back then) and even the GPL by a few years. It is also one of the first, if not the first software project to be developed entirely over the Internet by a team distributed across the globe (hence the “Net” in “NetHack”).
In the same spirit, it is one of the first projects to take feedback, suggestions, bug reports and bug fixes from the online community (mostly over UseNet at the time) long, long before tools like GitHub (or Git for that matter), BugZilla or Discord were even a glimmer of an idea in the minds of their creators….

So what did I learn working as part of the NetHack DevTeam?

First, I learned that you should always write clean code that you won’t be embarrassed by, 35 years later, when it ends up in a museum….

Collet praises things like asynchronous communication and distributed teams, before closing with the final lesson he learned. “Having fun is the best way to boost your creativity and productivity to the highest levels.

“There is no substitute…. I am incredibly grateful to have been part of that adventure.”

Read more of this story at Slashdot.