A hacker has gained access to internal tools used by the location tracking company Tile, including one that processes location data requests for law enforcement, and stolen a large amount of customer data, such as their names, physical addresses, email addresses, and phone numbers, 404 Media reports. From the report:

The stolen data itself does not include the location of Tile devices, which are small pieces of hardware users attach to their keys or other items to monitor remotely. But it is still a significant breach that shows how tools intended for internal use by company workers can be accessed and then leveraged by hackers to collect sensitive data en masse. It also shows that this type of company, one which tracks peoples' locations, can become a target for hackers. "Basically I had access to everything," the hacker told 404 Media in an online chat. The hacker says they also demanded payment from Tile but did not receive a response.

Tile sells various tracking devices which can be located through Tile's accompanying app. Life360, another location data focused company, acquired Tile in November 2021. The hacker says they obtained login credentials for a Tile system that they believe belonged to a former Tile employee. One tool specifically says it can be used to "initiate data access, location, or law enforcement requests." Users can then lookup Tile customers by their phone number or another identifier, according to a screenshot of the tool.

Abstract credit: https://slashdot.org/story/429499

Starting from 2030, Mastercard will no longer require Europeans to enter their card numbers manually when checking out online -- no matter what platform or device they're using. Mastercard will announce Tuesday in a fireside chat with CNBC that, by 2030, all cards it issues on its network in Europe will be tokenized. In other words, instead of the 16-digit card number we're all accustomed to using for transactions, this will be replaced with a randomly generated "token."

The firm says it's been working with banks, fintechs, merchants and other partners to phase out manual card entry for e-commerce by 2030 in Europe, in favor of a one-click button across all online platforms. This will ensure that consumers' cards are secure against fraud attempts, Mastercard says. Users won't have to keep entering passwords every time they try to make a payment, as Mastercard is introducing passkeys that replace passwords.

In a new blog post, Ethereum co-founder Vitalik Buterin has shared his thoughts on three issues core to Ethereum's decentralization: MEV, liquid staking, and the hardware requirements of nodes. The Block reports:

In his post, published on May 17, Buterin first addresses the issue of MEV, or the financial gain that sophisticated node operators can capture by reordering the transactions within a block. Buterin characterizes the two approaches to MEV as "minimization" (reducing MEV through smart protocol design, such as CowSwap) and "quarantining" (attempting to reduce or eliminate MEV altogether through in-protocol techniques). While MEV quarantining seems like an alluring option, Buterin notes that the prospect comes with some centralization risks. "If builders have the power to exclude transactions from a block entirely, there are attacks that can quite easily arise," Buterin noted. However, Buterin championed the builders working on MEV quarantining through concepts like transaction inclusion lists, which "take away the builder's ability to push transactions out of the block entirely." "I think ideas in this direction - really pushing the quarantine box to be as small as possible - are really interesting, and I'm in favor of going in that direction," Buterin concluded.

Buterin also addressed the relatively low number of solo Ethereum stakers, as most stakers choose to stake with a staking provider, either a centralized offering like Coinbase or a decentralized offering like Lido or RocketPool, given the complexity, hardware requirement, and 32 eth minimum needed to operate an Ethereum node solo. While Buterin acknowledges the progress being made to reduce the cost and complexity around running a solo node, he also noted "once again there is more that we could do," perhaps through reducing the time to withdraw staked ether or reducing the 32 eth minimum requirement to become a solo staker. "Incorrect answers could lead Ethereum down a path of centralization and 're-creating the traditional financial system with extra steps'; correct answers could create a shining example of a successful ecosystem with a wide and diverse set of solo stakers and highly decentralized staking pools," Buterin wrote. [...]

Buterin finished his post by imploring the Ethereum ecosystem to tackle the hard questions rather than shy away from them. "...We should have deep respect for the properties that make Ethereum unique, and continue to work to maintain and improve on those properties as Ethereum scales," Buterin wrote. Buterin added today, in a post on X, that he was pleased to see civil debate among community members. "I'm really proud that ethereum does not have any culture of trying to prevent people from speaking their minds, even when they have very negative feelings toward major things in the protocol or ecosystem. Some wave the ideal of 'open discourse' as a flag, some take it seriously," Buterin wrote.

Abstract credit: https://slashdot.org/story/428637

Visa is rolling out new technology that will allow the payments giant to share more information about customers' preferences [non-paywalled source] based on their shopping history with retailers as it seeks to remain a top player in the competitive e-commerce space. From a report:

The data will be shared via the payments giant's proprietary "tokens," which provide an added layer of security between a consumer's bank information and a merchant. Shopping inclinations and other information based on past transactions -- such as preferred categories, like movies or golf -- will be shared via token with retailers with the consent of consumers.

"It's almost entirely blind to almost all consumers," Visa Chief Executive Officer Ryan McInerney said in an interview of the company's token technology. "They just know their payments work better." The sharing of shopping data via token is one of a handful of innovations Visa unveiled at a conference in San Francisco, where it's based. Visa, one of the largest e-commerce technology companies in the world, is finding itself increasingly fending off competitors seeking larger slices of the fees merchants must pay to carry out consumer transactions.

Abstract credit: https://slashdot.org/story/428471

Last week, NASA announced it is working with a technology development company on a new propulsion system that could transport humans to Mars in only two months -- down from the current nine month journey required to reach the Red Planet. Gizmodo reports:

NASA's Innovative Advanced Concepts (NIAC) program recently selected six promising projects for additional funding and development, allowing them to graduate to the second stage of development. The new "science fiction-like concepts," as described by John Nelson, NIAC program executive at NASA, include a lunar railway system and fluid-based telescopes, as well as a pulsed plasma rocket.

The potentially groundbreaking propulsion system is being developed by Arizona-based Howe Industries. To reach high velocities within a shorter period of time, the pulsed plasma rocket would use nuclear fission -- the release of energy from atoms splitting apart -- to generate packets of plasma for thrust. It would essentially produce a controlled jet of plasma to help propel the rocket through space. Using the new propulsion system, and in terms of thrust, the rocket could potentially generate up to 22,481 pounds of force (100,000 Newtons) with a specific impulse (Isp) of 5,000 seconds, for remarkably high fuel efficiency. [...]

The pulsed plasma rocket would also be capable of carrying much heavier spacecraft, which can be then equipped with shielding against galactic cosmic rays for the crew on board. Phase 2 of NIAC is focused on assessing the neutronics of the system (how the motion of the spacecraft interacts with the plasma), designing the spacecraft, power system, and necessary subsystems, analyzing the magnetic nozzle capabilities, and determining trajectories and benefits of the pulsed plasma rocket, according to NASA.

Abstract credit: https://slashdot.org/story/428225

The blog Its FOSS has 15,000 followers for its Mastodon account — which they think is causing problems:

When you share a link on Mastodon, a link preview is generated for it, right? With Mastodon being a federated platform (a part of the Fediverse), the request to generate a link preview is not generated by just one Mastodon instance. There are many instances connected to it who also initiate requests for the content almost immediately. And, this "fediverse effect" increases the load on the website's server in a big way.

Sure, some websites may not get overwhelmed with the requests, but Mastodon does generate numerous hits, increasing the load on the server. Especially, if the link reaches a profile with more followers (and a broader network of instances)... We tried it on our Mastodon profile, and every time we shared a link, we were able to successfully make our website unresponsive or slow to load.

It's Foss blog says they found three GitHub issues about the same problem — one from 2017, and two more from 2023. And other blogs also reported the same issue over a year ago — including software developer Michael Nordmeyer and legendary Netscape programmer Jamie Zawinski.

And back in 2022, security engineer Chris Partridge wrote:

[A] single roughly ~3KB POST to Mastodon caused servers to pull a bit of HTML and... an image. In total, 114.7 MB of data was requested from my site in just under five minutes — making for a traffic amplification of 36704:1. [Not counting the image.]

Its Foss reports Mastodon's official position that the issue has been "moved as a milestone for a future 4.4.0 release. As things stand now, the 4.4.0 release could take a year or more (who knows?)."

They also state their opinion that the issue "should have been prioritized for a faster fix... Don't you think as a community-powered, open-source project, it should be possible to attend to a long-standing bug, as serious as this one?"

Abstract credit: https://slashdot.org/story/428030

Hello, I noticed some of my early posts (less than a year ago) disappeared. I did not receive notification about the removal. Hence I suppose it could be due to one of those:

• the instance hosting the community got defederated
• the community I posted in was removed
• there is some automatic cleanup job of old posts on Lemmy.ml

This is not mentioned in Lemmy.ml's presentation section. Does this instance implement pruning? (if so; what is the retention duration?) Is it possible to check the retention policy of a Lemmy instance?

"Researchers have successfully transformed CO2 into methanol," reports SciTechDaily, "by shining sunlight on single atoms of copper deposited on a light-activated material, a discovery that paves the way for creating new green fuels."

Tara LeMercier, a PhD student who carried out the experimental work at the University of Nottingham, School of Chemistry, said: "We measured the current generated by light and used it as a criterion to judge the quality of the catalyst. Even without copper, the new form of carbon nitride is 44 times more active than traditional carbon nitride. However, to our surprise, the addition of only 1 mg of copper per 1 g of carbon nitride quadrupled this efficiency. Most importantly the selectivity changed from methane, another greenhouse gas, to methanol, a valuable green fuel."

Professor Andrei Khlobystov, School of Chemistry, University of Nottingham, said: "Carbon dioxide valorization holds the key for achieving the net-zero ambition of the UK. It is vitally important to ensure the sustainability of our catalyst materials for this important reaction. A big advantage of the new catalyst is that it consists of sustainable elements — carbon, nitrogen, and copper — all highly abundant on our planet." This invention represents a significant step towards a deep understanding of photocatalytic materials in CO2 conversion. It opens a pathway for creating highly selective and tuneable catalysts where the desired product could be dialed up by controlling the catalyst at the nanoscale.

Abstract credit: https://science.slashdot.org/story/24/03/30/049239/researchers-develop-new-material-that-converts-co2-into-methanol-using-sunlight

Two years into office, President Donald Trump authorized the Central Intelligence Agency to launch a clandestine campaign on Chinese social media aimed at turning public opinion in China against its government, according to former U.S. officials with direct knowledge of the highly classified operation. Three former officials told Reuters that the CIA created a small team of operatives who used bogus internet identities to spread negative narratives about Xi Jinping's government while leaking disparaging intelligence to overseas news outlets. The effort, which began in 2019, has not been previously reported.

The CIA team promoted allegations that members of the ruling Communist Party were hiding ill-gotten money overseas and slammed as corrupt and wasteful China's Belt and Road Initiative, which provides financing for infrastructure projects in the developing world, the sources told Reuters. Although the U.S. officials declined to provide specific details of these operations, they said the disparaging narratives were based in fact despite being secretly released by intelligence operatives under false cover. The efforts within China were intended to foment paranoia among top leaders there, forcing its government to expend resources chasing intrusions into Beijing's tightly controlled internet, two former officials said. "We wanted them chasing ghosts," one of these former officials said. [...]

The CIA operation came in response to years of aggressive covert efforts by China aimed at increasing its global influence, the sources said. During his presidency, Trump pushed a tougher response to China than had his predecessors. The CIA's campaign signaled a return to methods that marked Washington's struggle with the former Soviet Union. "The Cold War is back," said Tim Weiner, author of a book on the history of political warfare. Reuters was unable to determine the impact of the secret operations or whether the administration of President Joe Biden has maintained the CIA program.

Abstract credit: https://yro.slashdot.org/story/24/03/14/2315243/cia-used-chinese-social-media-in-covert-influence-operation-against-xi-jinpings-government

Seagate this week unveiled the industry's first hard disk drive platform that uses heat-assisted media recording (HAMR). Tom's Hardware:

The new Mozaic 3+ platform relies on several all-new technologies, including new media, new write and read heads, and a brand-new controller. The platform will be used for Seagate's upcoming Exos hard drives for cloud datacenters with a 30TB capacity and higher. Heat-assisted magnetic recording is meant to radically increase areal recording density of magnetic media by making writes while the recording region is briefly heated to a point where its magnetic coercivity drops significantly.

Seagate's Mozaic 3+ uses 10 glass disks with a magnetic layer consisting of an iron-platinum superlattice structure that ensures both longevity and smaller media grain size compared to typical HDD platters. To record the media, the platform uses a plasmonic writer sub-system with a vertically integrated nanophotonic laser that heats the media before writing. Because individual grains are so small with the new media, their individual magnetic signatures are lower, whereas magnetic inter-track interference (ITI) effect is somewhat higher. As a result, Seagate had to introduce its new Gen 7 Spintronic Reader, which features the "world's smallest and most sensitive magnetic field reading sensors," according to the company. Because Seagate's new Mozaic 3+ platform deals with new media with a very small grain size, an all-new writer, and a reader that features multiple tiny magnetic field readers, it also requires a lot of compute horsepower to orchestrate the drive's work. Therefore, Seagate has equipped with Mozaic 3+ platform with an all-new controller made on a 12nm fabrication process.

Abstract credit: https://hardware.slashdot.org/story/24/01/19/1149214/30tb-hard-drives-are-nearly-here

"To prevent disinformation from eroding democratic values worldwide, the U.S. must establish a global watermarking standard for text-based AI-generated content," writes retired U.S. Army Col. Joe Buccino in an opinion piece for The Hill. While President Biden's October executive order requires watermarking of AI-derived video and imagery, it offers no watermarking requirement for text-based content. "Text-based AI represents the greatest danger to election misinformation, as it can respond in real-time, creating the illusion of a real-time social media exchange," writes Buccino. "Chatbots armed with large language models trained with reams of data represent a catastrophic risk to the integrity of elections and democratic norms."

Joe Buccino is a retired U.S. Army colonel who serves as an A.I. research analyst with the U.S. Department of Defense Defense Innovation Board. He served as U.S. Central Command communications director from 2021 until September 2023. Here's an excerpt from his report:

Watermarking text-based AI content involves embedding unique, identifiable information -- a digital signature documenting the AI model used and the generation date -- into the metadata generated text to indicate its artificial origin. Detecting this digital signature requires specialized software, which, when integrated into platforms where AI-generated text is common, enables the automatic identification and flagging of such content. This process gets complicated in instances where AI-generated text is manipulated slightly by the user. For example, a high school student may make minor modifications to a homework essay created through Chat-GPT4. These modifications may drop the digital signature from the document. However, that kind of scenario is not of great concern in the most troubling cases, where chatbots are let loose in massive numbers to accomplish their programmed tasks. Disinformation campaigns require such a large volume of them that it is no longer feasible to modify their output once released.

The U.S. should create a standard digital signature for text, then partner with the EU and China to lead the world in adopting this standard. Once such a global standard is established, the next step will follow -- social media platforms adopting the metadata recognition software and publicly flagging AI-generated text. Social media giants are sure to respond to international pressure on this issue. The call for a global watermarking standard must navigate diverse international perspectives and regulatory frameworks. A global standard for watermarking AI-generated text ahead of 2024's elections is ambitious -- an undertaking that encompasses diplomatic and legislative complexities as well as technical challenges. A foundational step would involve the U.S. publicly accepting and advocating for a standard of marking and detection. This must be followed by a global campaign to raise awareness about the implications of AI-generated disinformation, involving educational initiatives and collaborations with the giant tech companies and social media platforms.

In 2024, generative AI and democratic elections are set to collide. Establishing a global watermarking standard for text-based generative AI content represents a commitment to upholding the integrity of democratic institutions. The U.S. has the opportunity to lead this initiative, setting a precedent for responsible AI use worldwide. The successful implementation of such a standard, coupled with the adoption of detection technologies by social media platforms, would represent a significant stride towards preserving the authenticity and trustworthiness of democratic norms.

Exerp credit: https://slashdot.org/story/423285

A programmer in northern China has been ordered to pay more than 1 million yuan to the authorities for using a virtual private network (VPN), in what is thought to be the most severe individual financial penalty ever issued for circumventing China's "great firewall." The programmer, surnamed Ma, was issued with a penalty notice by the public security bureau of Chengde, a city in Hebei province, on August 18. The notice said Ma had used "unauthorised channels" to connect to international networks to work for a Turkish company. The police confiscated the 1.058m yuan ($145,092) Ma had earned as a software developer between September 2019 and November 2022, describing it as "illegal income," as well as fining him 200 yuan ($27).

Charlie Smith (a pseudonym), the co-founder of GreatFire.org, a website that tracks internet censorship in China, said: "Even if this decision is overturned in court, a message has been sent and damage has been done. Is doing business outside of China now subject to penalties?"

Abstract credit: https://slashdot.org/story/420019