renzema (Slashdot reader #84,617) wants suggestions for a point-to-point video conferencing system "to connect the kids to their grandparents... We live in Europe and they in the U.S., but we both have gigabit internet and can sustain upwards of 100mb between our houses." I've been spoiled at work with super high quality Cisco systems... Currently, we have Amazon Echos, but the video quality on these (at least for Sweden/U.S. calls) is really lacking. We've tried Facetime as well, and while the video quality is much better, the inconvenience of needing to use it on an iPad or phone is quite high (or starting a call with them, then them needing to move to the computer...) Ideally I would love Facetime on an Apple TV with a camera that follows us. We have played a bit with the phone-as-a-camera thing with Facetime and Apple TV, but the sound was not great... I'm willing to invest in hardware, up to a few hundred dollars per site, if this can really be bulletproof and give a consistently high quality video connection. Ideally it would be standalone hardware that does not need a computer to be running all the time. There's one problem that can't be solved: calling the grandparents' phone when they're out of the house and not available to talk. But the dream solution involves using a TV to make and receive video calls. "When a call is received, it would power on the TV and 'ring'." The wishlist? High quality pictureNo echo in large rooms. Handles people sitting a few meters away from the TV."Would really prefer no monthly fees." Any suggestions? Share your own thoughts and experience in the comments. What's the best home videoconferencing system?

Read more of this story at Slashdot.

An anonymous reader shared this report from Ars Technica: On Saturday NASA astronaut Butch Wilmore noticed some strange noises emanating from a speaker inside the Starliner spacecraft. "I've got a question about Starliner," Wilmore radioed down to Mission Control, at Johnson Space Center in Houston. "There's a strange noise coming through the speaker ... I don't know what's making it." [Ars Technica embeded a clip of the conversation including the rhythmic, sonar-like noise which was shared online by a Michigan-based meteorologist.] Wilmore said he was not sure if there was some oddity in the connection between the station and the spacecraft causing the noise, or something else. He asked the flight controllers in Houston to see if they could listen to the audio inside the spacecraft. A few minutes later, Mission Control radioed back that they were linked via "hardline" to listen to audio inside Starliner, which has now been docked to the International Space Station for nearly three months. Wilmore, apparently floating in Starliner, then put his microphone up to the speaker inside Starliner. Shortly thereafter, there was an audible pinging that was quite distinctive. "Alright Butch, that one came through," Mission control radioed up to Wilmore. "It was kind of like a pulsing noise, almost like a sonar ping." "I'll do it one more time, and I'll let y'all scratch your heads and see if you can figure out what's going on," Wilmore replied. The odd, sonar-like audio then repeated itself. "Alright, over to you. Call us if you figure it out."

Read more of this story at Slashdot.

To make America the "crypto capital of the planet," former U.S. President Donald Trump promised crypto-friendly policies, writes Politico, which "could have a new beneficiary: his own family." Trump has vowed to enact an array of pro-crypto policies in a bid to win votes — and campaign cash — from digital asset enthusiasts in recent months. Now, he's weaving the overtures into his pitch for his sons' forthcoming startup... It remains unclear what the Trump sons' crypto venture will look like. They have been teasing their plans to launch it for weeks, in part by positioning it as an alternative to the use of big banks.... ["Be defiant," reads the tagline on their World Liberty Financial home page — with nothing more than its name and the words "Coming soon."] Trump's sons took over control of their father's business, the Trump Organization, after he became president in 2017, but he retained ownership of the company... It is unclear whether the crypto startup would be launched as part of the Trump Organization or as a separate entity. Either way, ethics experts and watchdogs say the crypto business could create the appearance of a conflict of interest if Trump wins back the White House this fall... From an "optics perspective, it's terrible," said Richard Painter, who served as chief White House ethics lawyer under former President George W. Bush and later ran for Congress as a Democrat. But he said it wouldn't violate any ethics laws. The family venture is the latest way Trump has embraced the digital asset industry, which is pouring more than $160 million into the 2024 elections as it seeks to help elect allies up and down the ballot. Trump has also marketed his own line of non-fungible tokens, or NFTs, which are digital images of the former president that fans can purchase for $99... Trump's NFT sales could also raise ethics concerns, said Jordan Libowitz, vice president for communications at the Citizens for Responsibility and Ethics in Washington.... "[P]rior conflicts and illegalities took advantage of preexisting loopholes," said Norman Eisen, an ethics lawyer who served in the Obama White House and later helped build the first impeachment case against Trump. "Here, Trump appears to be promising to create the loopholes while his family is simultaneously designing a business venture to exploit them." The article notes that Trump promoted his son's crypto venture on X this week with audio from Trump's speech at a crypto conference in July. "He first revealed his pro-crypto leanings — after previously deriding digital currency — at a Mar-a-Lago event in May with supporters who bought his crypto-linked digital trading cards..." "Trump is also facing new questions about what he would do with his stake in the parent company of the social media service Truth Social," the article adds. (Although this week the stock hit a new low. After losing 50% of its value in six weeks, it's dropped below $20 per share for the first time since it started publicly trading...)

Read more of this story at Slashdot.

Long-time Slashdot reader theodp writes: The Contingency Contingent, is Leigh Claire La Berge's amazing tale of what she calls her "fake job in Y2K preparedness." La Berge offers an insider's view of the madness that ensued when Y2K panic gave rise to seemingly-limitless spending at mega-corporations for massive enterprise-wide Y2K remediation projects led by management consulting firms that left clients with little to show for their money. (La Berge was an analyst for consulting firm Arthur Andersen, where "the Andersen position was that 'Y2K is a documentation problem, not a technology problem'.... At a certain point all that had happened yesterday was our documenting, so then we documented that. Then, exponentially, we had to document ourselves documenting our own documentation."). In what reads like the story treatment for an Office Space sequel, La Berge writes that it was a fake job "because Andersen was faking it." From the article: The firm spent the late 1990s certifying fraudulent financial statements from Enron, the Texas-based energy company that made financial derivatives a household phrase, until that company went bankrupt in a cloud of scandal and suicide and Andersen was convicted of obstruction of justice, surrendered its accounting licenses, and shuttered. But that was later. Finally, it was a fake job because the problem that the Conglomerate had hired Andersen to solve was not real, at least not in the sense that it needed to be solved or that Andersen could solve it. The problem was known variously as Y2K, or the Year 2000, or the Y2K Bug, and it prophesied that on January 1, 2000, computers the world over would be unable to process the thousandth-digit change from 19 to 20 as 1999 rolled into 2000 and would crash, taking with them whatever technology they were operating, from email to television to air-traffic control to, really, the entire technological infrastructure of global modernity. Hospitals might have emergency power generators to stave off the worst effects (unless the generators, too, succumbed to the Y2K Bug), but not advertising firms. With a world-ending scenario on the horizon, employment standards were being relaxed. The end of the millennium had produced a tight labor market in knowledge workers, and new kinds of companies, called dot-coms, were angling to dominate the emergent world of e-commerce. Flush with cash, these companies were hoovering up any possessors of knowledge they could find. Friends from my gradeless college whose only experience in business had been parking-lot drug deals were talking stock options. Looking back, the author remembers being "surprised by how quickly Y2K disappeared from office discourse as though censored..." Their upcoming book is called Fake Work: How I Began to Suspect Capitalism is a Joke.

Read more of this story at Slashdot.

An anonymous Slashdot reader shared this report from NBC News: A new approach to a routine blood test could predict a person's 30-year risk of heart disease, research published Saturday in the New England Journal of Medicine found. Doctors have long assessed their patients' risk for cardiovascular disease by using a blood test to look at cholesterol levels, focusing particularly on LDL or "bad" cholesterol. But limiting blood testing to just cholesterol misses important — and usually silent — risk factors, experts say... Lead study author Dr. Paul Ridker, director of the Center for Cardiovascular Disease Prevention at Brigham and Women's Hospital in Boston and his team found that in addition to LDL cholesterol, two other markers — a type of fat in the blood called lipoprotein (a), or Lp(a), and an indicator of inflammation — are important predictors of a person's risk of heart attack, stroke and coronary heart disease... In the study, the researchers analyzed data from nearly 30,000 U.S. women who were part of the Women's Health Study. On average, the women were 55 years old when they enrolled in the years 1992 through 1995. About 13% — roughly 3,600 participants — had either a heart attack or stroke, had surgery to fix a narrowed or blocked artery, or died from heart disease over the 30-year follow-up period... All of the women had blood tests done at the beginning of the study to measure their LDL cholesterol, Lp(a) and C-reactive protein levels, a marker of inflammation in the body. These measurements, individually as well as together, appeared to predict a woman's heart health over the next three decades, the study found. Women with the highest levels of LDL cholesterol had a 36% higher risk for heart disease compared with those with the lowest levels. The highest levels of Lp(a) indicated a 33% elevated risk, and those with the highest levels of CRP were 70% more at risk for heart disease. When the three were looked at together, women who had the highest levels were 1.5 times more likely to have a stroke and over three times more likely to develop coronary heart disease over the next 30 years compared with women with the lowest levels. All of the markers have been individually linked to higher risk of heart disease, but "all three represent different biological processes. They tell us why someone is actually at risk," Ridker said.

Read more of this story at Slashdot.

Casey Newton, former senior editor at the Verge, weighs in on Platformer about the arrest of Telegram CEO Pavel Durov. "Fending off onerous speech regulations and overzealous prosecutors requires that platform builders act responsibly. Telegram never even pretended to." Officially, Telegram's terms of service prohibit users from posting illegal pornographic content or promotions of violence on public channels. But as the Stanford Internet Observatory noted last year in an analysis of how CSAM spreads online, these terms implicitly permit users who share CSAM in private channels as much as they want to. "There's illegal content on Telegram. How do I take it down?" asks a question on Telegram's FAQ page. The company declares that it will not intervene in any circumstances: "All Telegram chats and group chats are private amongst their participants," it states. "We do not process any requests related to them...." Telegram can look at the contents of private messages, making it vulnerable to law enforcement requests for that data. Anticipating these requests, Telegram created a kind of jurisdictional obstacle course for law enforcement that (it says) none of them have successfully navigated so far. From the FAQ again: To protect the data that is not covered by end-to-end encryption, Telegram uses a distributed infrastructure. Cloud chat data is stored in multiple data centers around the globe that are controlled by different legal entities spread across different jurisdictions. The relevant decryption keys are split into parts and are never kept in the same place as the data they protect. As a result, several court orders from different jurisdictions are required to force us to give up any data. [...] To this day, we have disclosed 0 bytes of user data to third parties, including governments. As a result, investigation after investigation finds that Telegram is a significant vector for the spread of CSAM.... The company's refusal to answer almost any law enforcement request, no matter how dire, has enabled some truly vile behavior. "Telegram is another level," Brian Fishman, Meta's former anti-terrorism chief, wrote in a post on Threads. "It has been the key hub for ISIS for a decade. It tolerates CSAM. Its ignored reasonable [law enforcement] engagement for YEARS. It's not 'light' content moderation; it's a different approach entirely. The article asks whether France's action "will embolden countries around the world to prosecute platform CEOs criminally for failing to turn over user data." On the other hand, Telegram really does seem to be actively enabling a staggering amount of abuse. And while it's disturbing to see state power used indiscriminately to snoop on private conversations, it's equally disturbing to see a private company declare itself to be above the law. Given its behavior, a legal intervention into Telegram's business practices was inevitable. But the end of private conversation, and end-to-end encryption, need not be.

Read more of this story at Slashdot.

"Dirk Hohndel, a Linux kernel developer and long-time open source leader, wanted his audience at KubeCon + CloudNativeCon + Open Source Summit China 2024 Summit China to know he's not a Valkey developer," writes Steven J. Vaughan-Nichols. "He's a Valkey user and fan." [Hohndel] opened his speech by recalling how the open source, high-performance key/value datastore Valkey had been forked from Redis... Hohndel emphasized that "forks are good. Forks are one of the key things that open source licenses are for. So, if the maintainer starts doing things you don't like, you can fork the code under the same license and do better..." In this case, though, Redis had done a "bait-and-switch" with the Redis code, Hohndale argued. This was because they had made an all-too-common business failure: They hadn't realized that "open source is not a business model...." While the licensing change is what prompted the fork, Hohndel sees leadership and technical reasons why the Valkey fork is likely to succeed. First, two-thirds of the formerly top Redis maintainers and developers have switched to Valkey. In addition, AWS, Google Cloud, and Oracle, under the Linux Foundation's auspices, all support Valkey. When both the technical and money people agree, good things can happen. The other reason is that Valkey already looks like it will be the better technical choice. That's because the recently announced Valkey 8.0, which builds upon the last open source version of Redis, 7.2.4, introduces serious speed improvements and new features that Redis users have wanted for some time. As [AWS principal engineer Madelyn] Olson said at Open Source Summit North America earlier this year, "Redis really didn't want to break anything." Valkey wants to move a bit faster. How much faster? A lot. Valkey 8.0 overhauls Redis's single-threaded event loop threading model with a more sophisticated multithreaded approach to I/O operations. Hohndel reported that on his small Valkey-powered aircraft tracking system, "I see roughly a threefold improvement in performance, and I stream a lot of data, 60 million data points a day." The article notes that Valkey is already being supported by major Linux distros including AlmaLinux, Fedora, and Alpine.

Read more of this story at Slashdot.

"The Big Bang may not have been the beginning of the universe," writes LiveScience, citing "a theory of cosmology that suggests the universe can 'bounce' between phases of contraction and expansion." The recent study suggests that dark matter could be composed of black holes formed before the Big Bang, during a transition from the universe's last contraction to the current expansion phase... In the new study, researchers explored a scenario where dark matter consists of primordial black holes formed from density fluctuations that occurred during the universe's last contraction phase, not long before the period of expansion that we observe now. They published their findings in June in the Journal of Cosmology and Astroparticle Physics ... In this "bouncing" cosmology, the universe contracted to a size about 50 orders of magnitude smaller than it is today. After the rebound, photons and other particles were born, marking the Big Bang. Near the rebound, the matter density was so high that small black holes formed from quantum fluctuations in the matter's density, making them viable candidates for dark matter. "Small primordial black holes can be produced during the very early stages of the universe, and if they are not too small, their decay due to Hawking radiation [a hypothetical phenomenon of black holes emitting particles due to quantum effects] will not be efficient enough to get rid of them, so they would still be around now," Patrick Peter, director of research at the French National Centre for Scientific Research (CNRS), who was not involved in the study, told Live Science in an email. "Weighing more or less the mass of an asteroid, they could contribute to dark matter, or even solve this issue altogether." The scientists' calculations show that this universe mode's properties, such as the curvature of space and the microwave background, match current observations, supporting their hypothesis. "If this hypothesis holds, the gravitational waves generated during the black hole formation process might be detectable by future gravitational wave observatories, providing a way to confirm this dark matter generation scenario..."

Read more of this story at Slashdot.

"Sometimes an artificial intelligence tool comes out of nowhere and dominates the conversation on social media," writes Tom's Guide. "This week that app is Cursor, an AI coding tool that uses models like Claude 3.5 Sonnet and GPT-4o to make it easier than ever to build your own apps," with the ability to "write, predict and manipulate code using nothing but a text prompt." Cursor is part development environment, part AI chatbot and unlike tools like GitHub Copilot it can more or less do all of the work for you, transforming a simple idea into functional code in minutes... Built on the same system as the popular Microsoft Visual Studio Code, Cursor has already found a fanbase among novice coders and experienced engineers... Cursor's simplicity, working from a chat window, means even someone completely new to code could get a functional app running in minutes and keep building on it to add new features... The startup has raised over $400 million since it was founded in 2022 and works with various models including those from Anthropic and OpenAI... In my view, its true power is in the democratization of coding. It would also allow someone without much coding experience to build the tools they need by typing a few lines of text. More from ReadWrite: Cursor, an AI firm that is attempting to build a "magical tool that will one day write all the world's code," has announced it has raised $60 million in its Series A funding round... As of August 22, the company had a valuation of $400 million, according to sources cited by TechCrunch... Anysphere is the two-year-old startup that developed the app. Its co-founders are Michael Truell, Sualeh Asif, Arvid Lunnemark and Aman Sanger, who started the company while they were students at MIT... Using advanced AI capabilities, it is said to be able to finish, correct, and change AI code through natural language commands. It currently works with JavaScript, Python, and TypeScript, and is free for most uses. The pro plan will set you back $20 per month. But how well does it work? Tom's Guide notes that after requesting a test app, "It generated the necessary code in the sidebar chat window and all I had to do was click Apply and then Accept. This added the code to a new Python file including all the necessary imports. It also gave me instructions on how to add modules to my machine to make the code work. "As the chat is powered by Claude 3.5 Sonnet, you can just have it explain in more detail any element of the code or any task required to make it run..." Andreessen Horowitz explains why they invested in the company: It's very clear that LLMs are a powerful tool for programmers, and that their coding abilities will improve over time. But it's also clear that for most coding tasks, the problem to solve is not how to make LLMs perform well in isolation, but how to make them perform well alongside a human developer. We believe, therefore, the interface between programmers and AI models will soon become one of the most important pieces of the dev stack. And we're thrilled to announce our series A investment... Cursor is a fork of VS Code that's heavily customized for AI-assisted programming. It works with all the latest LLMs and supports the full VS Code plugin ecosystem. What makes Cursor special are the features designed to integrate AI into developer workflows — including next action prediction, natural language edits, chatting with your codebase, and a bunch of new ones to come... Our belief is that Cursor, distinctly among AI coding tools, has simply gotten it right. That's why, in a little over a year, thousands of users have signed up for Cursor, including at companies like OpenAI, Midjourney, Perplexity, Replicate, Shopify, Instacart, and many others. Users give glowing reviews of the product, many of them have started to pay for it, and they rarely switch back to other IDEs. Most of the a16z Infra team have also become avid Cursor users! One site even argues that Cursor's coding and AI capabilities "should be a wake up call for Microsoft to make VS Code integration with GitHub Copilot a lot easier." Thanks to Slashdot reader joshuark for sharing the article.

Read more of this story at Slashdot.

More than 25,000 Python developers from nearly 200 countries took the 7th annual Python Developers Survey between November 2023 and February 2024, with 85% saying Python was their main language. Some interesting findings: Though Python 2 reached "end-of-life" status in April of 2020, last year's survey found 7% of respondents were still using Python 2. This year's survey found that number has finally dropped... to 6%. "Almost half of Python 2 holdouts are under 21 years old," the survey results point out, "and a third are students. Perhaps courses are still using Python 2?" Meanwhile, 73% are using one of the last three versions of Python (3.10, 3.11, or 3.12) "The share of developers using Linux as their development environment has decreased through the years: compared with 2021, it's dropped by 8 percentage points." [The graphic is a little confusing, showing 55% using Linux, 55% using Windows, 29% on MacOS, 2% on BSD, and 1% on "Other."] Visual Studio Code is the most popular IDE (22%), followed by Jupyter Notebook (20%) and Vim (17%). The next-most popular IDEs were PyCharm Community Edition (13%), JupyterLab (12%), NotePad++ (11%) and Sublime Text (9%). Interestingly, just 23% of the 25,000 respondents said they only used one IDE, with 38% saying they used two, 21% using three, and 19% using four or more. [The annual survey is a collaboration between the Python Software Foundation and JetBrains.] 37% said they'd contributed to open-source projects within the last year. (77% of those contributed code, while 38% contributed documentation, 35% contributed governance/leadership/maintainer duties, and 33% contributed tests...) For "age range," nearly one-third (32%) said 21-29 (with another 8% choosing 18-20). Another 33% said 30-39, while 16% said 40-49, 7% said 50-59, and 3% chose "60 or older." 49% of respondents said they had less than two years of programming experience, with 33% saying "less than 1 year" and 16% saying "1-2 years." (34% of developers also said they practiced collaborative development.) And here's how the 25,000 developers answered the question: how long have you been programming in Python? Less than 1 year: 25%1-2 years: 16%3-5 years: 26%6-10 years: 19%11+ years: 13% So what are they doing with Python? Among those who'd said Python was their main language: Data analysis: 44%Web development: 44%Machine learning: 34%Data engineering: 28%Academic research: 26%DevOps / Systems administration / Writing automation scripts 26%Programming of web parsers / scrapers / crawlers: 25% 62% were "fully employed by a company," while the next-largest category was "student" (12%) with another 5% in "working student". There were also categories for "self-employed" (6%), "freelancer" (another 6%), and "partially employed by a company" (4%). Another 4% said they were unemployed. In other news, the Python Software Foundation board has also "decided to invest more in connecting and serving the global Python community" by hosting monthly "office hours" on their Discord channel.

Read more of this story at Slashdot.

A climate newsletter from the Los Angeles Times asked the question: Is it ethical to have children in the face of climate change? And they start by noting many people ask that question: A Pew Research Survey published in July found that among U.S. adults aged 18 to 49 who don't plan on having kids, more than a quarter — 26% — cited "concerns about the environment, including climate change," as a major factor. Of the people over 50 who did not have kids, 6% cited the same reason, pointing to a generational divide that may be fueled by growing awareness of the issue, as well as increasing exposure to worsening climate hazards... I worry about the well-being of these kids: What kind of world will they live in? Will there be clean air and water? Will it be too hot or smoky to play outside? (To be blunt, the outlook on these matters doesn't look great under most emissions scenarios.) But the other side of the coin involves the well-being of the planet. Is it wrong to add more people at a moment when resources are so strained — when, say, the Colorado River is shrinking to record lows and the global average temperature is soaring to record highs? Each new child, after all, will bring not only a cute little footprint but a carbon footprint as well... [T]he fact is that climate change is also affecting reproduction. Hotter temperatures and air pollution, for instance, have been linked to increased stillbirths, preterm births, lower birth weight and increased risk of hospitalization for newborns and infants, among other negative outcomes. Pregnant people are also especially vulnerable to climate hazards, which can trigger hypertension and other health issues and contribute to reduced fertility rates. The newsletter makes many other points, but ultimately concludes that "children, after all, are one of the clearest symbols of how we, as a society, feel about the future." And it includes this quote from the book The Quickening, in which author Elizabeth Rush visits the melting Thwaites Glacier in Antarctic. "I can celebrate the idea that to have a child means having faith that the world will change, and more importantly, committing to being a part of the change yourself."

Read more of this story at Slashdot.

The online news site San Francisco Standard profiles an open-source platform "that takes advantage of large language models to help users generate health insurance appeals with AI... "A Fight Health Insurance user can scan their insurance denial, and the system will craft several appeal letters to choose from and modify." With the slogan "Make your health insurance company cry too," [San Francisco tech worker Holden Karau's site] makes filing appeals faster and easier. A recent study found that Affordable Care Act patients appeal only about 0.1% of rejected claims, and she hopes her platform will encourage more people to fight back... The "dirty secret" of the insurance industry is that most denials can be successfully appealed, according to Dr. Harley Schultz, a patient advocate in the Bay Area. "Very few people know about the process, and even fewer take advantage of it, because it's rather cumbersome, arcane, and confusing, by design," he said. "But if you fight hard enough and long enough, most denials get overturned...." While some doctors have turned to artificial intelligence themselves to fight claims, Karau's service puts the power in the hands of patients, who likely have more time and motivation to dedicate to their claims. "In an ideal world, we would have a different system, but we don't live in an ideal world, so what I'm shooting for here is incremental progress and making the world suck a little less," she said. Karau estimates she's spent about $10,000 building the platform, according to the article, which adds that "it's free for users, though she might eventually charge for added services like faxing appeals." Thanks to Slashdot reader mirro_dude for sharing the news.

Read more of this story at Slashdot.

Though the ocean covers about 70% of earth, we humans have only mapped a quarter of its floor to a high resolution, reports CNN. Many of the world's highest mountains aren't visible on land — they rise up thousands of meters from the seafloor. An expedition to the Nazca Ridge, 900 miles off the coast of Chile, has mapped and explored a newly discovered seamount four times taller than the world's tallest building. What's more, the underwater mountain's peaks, crags and ridges are home to coral gardens that host rare deep-dwelling octopuses, squids and creatures known as flying spaghetti monsters, some of which hadn't been well documented before this research. The undersea mountain is 1.9 miles (3,109 meters) tall, according to another article, which notes that the researchers also used a sonar system to bounce waves to the ocean floor, timing how long they took to reach the surface: The researchers documented a ghostly white Casper octopus, marking the first time this deep-dwelling cephalopod has been seen in the southern Pacific. They also spotted two rare Bathyphysa siphonophores, sometimes known as flying spaghetti monsters for their stringlike appearance. "The (Casper) octopus has never been captured, so it doesn't actually have a scientific name yet," Virmani said. The team also recorded the first footage of a live Promachoteuthis squid, known only from a few collected specimens.

Read more of this story at Slashdot.

The Washington Post writes that Telegram's "anything-goes approach" to its 950 million users "has also made it one of the internet's largest havens for child predators, experts say...." "Durov's critics say his public idealism masks an opportunistic business model that allows Telegram to profit from the worst the internet has to offer, including child sexual abuse material, or CSAM... " [Telegram is] an app of choice for political organizing, including by dissidents under repressive regimes. But it is equally appealing for terrorist groups, criminal organizations and sexual predators, who use it as a hub to share and consume nonconsensual pornography, AI "deepfake" nudes, and illegal sexual images and videos of exploited minors, said Alex Stamos, chief information security officer at the cybersecurity firm SentinelOne. "Due to their advertised policy of not cooperating with law enforcement, and the fact that they are known not to scan for CSAM, Telegram has attracted large groups of pedophiles trading and selling child abuse materials," Stamos said. That reach comes even though many Telegram exchanges don't actually use the strong forms of encryption available on true private messaging apps, he added. Telegram is used for private messaging, public posts and group chats. Only one-to-one conversations can be encrypted in a way that even Telegram can't access them. And that occurs only if users choose the option, meaning the company could turn over everything else to governments if it wanted to... French prosecutors argue that Durov is in fact responsible for Telegram's emergence as a global haven for illegal content, including CSAM, because of his reluctance to moderate it and his refusal to help authorities police it, among other allegations... David Kaye, a professor at University of California, Irvine School of Law and former U.N. special rapporteur on freedom of expression... said that while Telegram has at times banned groups and taken down [CSAM] content in response to law enforcement, its refusal to share data with investigators sets it apart from most other major tech companies. Unlike U.S.-based platforms, Telegram is not required by U.S. law to report instances of CSAM to the National Center for Missing and Exploited Children, or NCMEC. Many online platforms based overseas do so anyway — but not Telegram. "NCMEC has tried to get them to report, but they have no interest and are known for not wanting to work with [law enforcement agencies] or anyone in this space," a NCMEC spokesperson said. The Post also writes that Telegram "has repeatedly been revealed to serve as a tool to store, distribute and share child sexual imagery." (They cite several examples, including two different men convicted to minimum sentences of at least 10 years for using the service to purchase CSAM and solicit explicit photos from minors.)

Read more of this story at Slashdot.

Remember when a door-sized panel blew off a Boeing aircraft back in January? The Seattle Times reports that the "door plug" incident "was caused by two distinct manufacturing errors by different crews" in a Boeing assembly plant in Renton, Washington last fall. (And that Boeing's quality control system "failed to catch the faulty work.") But the details tell a larger story. The newspaper bases their conclusion on "transcripts of federal investigators' interviews of a dozen Boeing workers, synchronized with an internal Boeing document obtained by The Seattle Times," tracing the whole history of that panel's production. Within a day of its fuselage arriving at the factory, "a small defect was discovered: Five rivets installed by Spirit on the door frame next to the door plug were damaged." That day, the Friday before the Labor Day weekend, repair of those rivets was handed to Spirit, which has contract mechanics on-site in Renton to do any rework on its fuselage. In the meantime, inspectors gave mechanics the OK to install insulation blankets, which covered the door plug. By the following Thursday, a Spirit mechanic had logged an entry in the official Federal Aviation Administration-required record of this aircraft's assembly — the Common Manufacturing Execution System or CMES, pronounced "sea-mass" by the mechanics — that the rivet repair was complete: "removed and replaced rivets." But that day, a Boeing inspector responded with a scathing rebuttal, stating that the rivets had not been replaced but just painted over. "Not acceptable," read the work order. On Sept. 10, records show Spirit was ordered a second time to remove and replace the rivets... ["Shipside Action Tracker"] entries show that after several days, the still-unfinished work order was elevated to higher-level Boeing managers. On Sept. 15, Boeing cabin interiors manager Phally Meas, who needed the work finished so he could get his crew to install cabin walls and seats, texted on-site Spirit manager Tran Nguyen to ask why the rivet work hadn't been done, NTSB interview transcripts show. Spirit mechanics couldn't get to the rivets unless the plug door was opened, Nguyen responded. He sent Meas a photo from his phone showing it was closed, according to the transcripts. It wasn't Spirit's job to open the sealed door plug. Boeing's door team would have to do that, the records show. "He kept asking me how come there wasn't work yet," Nguyen told the NTSB. "The door was not open. That's why there wasn't work yet." By Sept. 17, the door was still closed, the rivets still unrepaired. The job was elevated again, to the next level of managers. On that day, according to the SAT record, senior managers worked with Ken McElhaney, the door crew manager in Renton, "to determine if the door can just merely be opened or if it needs removal...." [On September 18] at 6:48 a.m., a Boeing mechanic identified as a Door Master Lead texted a young Trainee mechanic on his team to come to the Alaska jet and open the door. The NTSB interviewed but did not name the Trainee or the Door Master Lead, who had almost 16 years at Boeing. Filling in for the veteran mechanic on vacation, the Trainee was perhaps the least equipped to do this atypical job. He'd been at Boeing for about 17 months, his only previous jobs being at KFC and Taco Bell. "He's just a young kid," the Door Master Lead said... More key quotes from the article: Boeing put both employees on paid administrative leave. "A company investigator accused one of them of lying. That employee told the NTSB that Boeing has set the pair up as scapegoats." "A 35-year veteran on the door team told NTSB investigators that he is 'the only one that can work on all the doors' and he was typically the only mechanic who would work on door plugs. That mechanic was on vacation on the two critical days, September 18 and 19 last year, when the door plug on the Alaska MAX 9 had to be opened and closed..." "No quality inspection of the door plug was conducted, since no record of its opening and closing was ever entered in the system, documents show." The FBI ís investigating Boeing "for potential criminal negligence," according to the article, "and has issued subpoenas using a Seattle grand jury." Thanks to long-time Slashdot reader schwit1 for sharing the news.

Read more of this story at Slashdot.

The Wall Street Journal reports that long Covid "has pushed around one million Americans out of the labor force, economists estimate." More than 5% of adults in the U.S. have long Covid, and it is most prevalent among Americans in their prime working years. About 3.6 million people reported significantly modifying their activities because of the illness in a recent survey by the Centers for Disease Control and Prevention. Long Covid is a chronic condition with symptoms lasting at least three months after a Covid infection, according to the CDC. Symptoms include fatigue, changes in memory, shortness of breath and trouble concentrating. Long Covid can make tasks as simple as responding to an email arduous, people with the condition say. They struggle to summon the right word or manage stress. Among its many symptoms is post-exertional malaise, which can worsen after even minor physical or mental activity. "People can't go back to work or have to significantly cut down on the amount of work that they can handle," said Akiko Iwasaki, an immunobiology professor at Yale School of Medicine. Researchers don't know how long symptoms can last. Few people with long Covid have fully recovered within two years. Patients say their doctors have tried everything from antihistamines to blood thinners to physical therapy to acupuncture. Some people might live with the condition for the rest of their lives, said Dr. Paul Volberding, a professor emeritus at the University of California, San Francisco... Some people with long Covid, which the federal government has classified as a disability, have stayed in their jobs. Human-resource managers have made accommodations including remote work, flexible hours or modified responsibilities, said Rue Dooley of the Society for Human Resource Management. "It's not going away," he said. "It's going to be one of another 100 conditions that we have to grapple with." People were more likely to develop long Covid at the start of the pandemic, according to a study published in July in the New England Journal of Medicine. The proliferation of vaccines and changes to the virus have made people infected with Covid less likely to develop long Covid.

Read more of this story at Slashdot.

CSO Online reports that North Korea "is actively infiltrating Western companies using skilled IT workers who use fake identities to pose as remote workers with foreign companies, typically but not exclusively in the U.S." Slashdot reader snydeq shares their report, which urges information security officers "to carry out tighter vetting of new hires to ward off potential 'moles' — who are increasingly finding their way onto company payrolls and into their IT systems." The schemes are part of illicit revenue generation efforts by the North Korean regime, which faces financial sanctions over its nuclear weapons program, as well as a component of the country's cyberespionage activities. The U.S. Treasury department first warned about the tactic in 2022. Thosands of highly skilled IT workers are taking advantage of the demand for software developers to obtain freelance contracts from clients around the world, including in North America, Europe, and East Asia. "Although DPRK [North Korean] IT workers normally engage in IT work distinct from malicious cyber activity, they have used the privileged access gained as contractors to enable the DPRK's malicious cyber intrusions," the Treasury department warned... North Korean IT workers present themselves as South Korean, Chinese, Japanese, or Eastern European, and as U.S.-based teleworkers. In some cases, DPRK IT workers further obfuscate their identities by creating arrangements with third-party subcontractors. Christina Chapman, a resident of Arizona, faces fraud charges over an elaborate scheme that allegedly allowed North Korean IT workers to pose as U.S. citizens and residents using stolen identities to obtain jobs at more than 300 U.S. companies. U.S. payment platforms and online job site accounts were abused to secure jobs at more than 300 companies, including a major TV network, a car manufacturer, a Silicon Valley technology firm, and an aerospace company... According to a U.S. Department of Justice indictment, unsealed in May 2024, Chapman ran a "laptop farm," hosting the overseas IT workers' computers inside her home so it appeared that the computers were located in the U.S. The 49-year-old received and forged payroll checks, and she laundered direct debit payments for salaries through bank accounts under her control. Many of the overseas workers in her cell were from North Korea, according to prosecutors. An estimated $6.8 million were paid for the work, much of which was falsely reported to tax authorities under the name of 60 real U.S. citizens whose identities were either stolen or borrowed... Ukrainian national Oleksandr Didenko, 27, of Kyiv, was separately charged over a years-long scheme to create fake accounts at U.S. IT job search platforms and with U.S.-based money service transmitters. "Didenko sold the accounts to overseas IT workers, some of whom he believed were North Korean, and the overseas IT workers used the false identities to apply for jobs with unsuspecting companies," according to the U.S. Department of Justice. Didenko, who was arrested in Poland in May, faces U.S. extradition proceedings... How this type of malfeasance plays out from the perspective of a targeted firm was revealed by security awareness vendor KnowBe4's candid admission in July that it unknowingly hired a North Korean IT spy... A growing and substantial body of evidence suggests KnowBe4 is but one of many organizations targeted by illicit North Korean IT workers. Last November security vendor Palo Alto reported that North Korean threat actors are actively seeking employment with organizations based in the U.S. and other parts of the world... Mandiant, the Google-owned threat intel firm, reported last year that "thousands of highly skilled IT workers from North Korea" are hunting work. More recently, CrowdStrike reported that a North Korean group it dubbed "Famous Chollima" infiltrated more than 100 companies with imposter IT pros. The article notes the infiltrators use chatbots to tailor the perfect resume "and further leverage AI-created deepfakes to pose as real people." And the article includes this quote from a former intelligence analyst for the U.S. Air Force turned cybersecurity strategist at Sysdig. "In some cases, they may try to get jobs at tech companies in order to steal their intellectual property before using it to create their own knock-off technologies." The article closes with its suggested "countermeasures," including live video-chats with prospective remote-work applicants — and confirming an applicant's home address.

Read more of this story at Slashdot.

After game developer Nolen Royalty launched his short-lived viral site "One Million Checkboxes" in June. (Any visitor could check or uncheck a box in the grid — which would change how it displayed for every other visitor to the site, in near real-time.) "Within days there were half a million people on the site," he says in a new video, "and people checked over 650 million boxes in the two weeks that I kept the site online." But he also explains how what happened next was even more amazing: He'd stored the state of his one million checkboxes in a million-bit database — 125 kilobytes — and got a surprise after rewriting the backend in Go. Looking at the raw bytes (converted into their value in the 256-character ASCII table)... they spelled out a URL. Had someone hacked into his database? No, the answer was even stranger. Somebody was writing me a message in binary." "Someone was sitting there, checking and unchecking boxes to form numbers that formed letters that spelled out this URL. And they were probably doing this with a bot, to make sure those boxes remained checked and unchecked in exactly the way that they wanted them to." The URL led to a Discord channel, where he found himself talking to the orchestrators of the elaborate prank. And it was then that they asked him: "Have you seen your checkboxes as a 1,000 x 1,000 image yet?" It turns out they'd also input two alternate versions of the same message — one in base64, and one drawn out as a fully-functional QR code. (And some drawings....) "The Discord was full of very sharp teens, and they were writing this message in secret — with tens of thousands of people on the web site — to gather other very sharp teens. And it totally worked. There were 15 people when I joined, over 60 people in the Discord by the time that i left. "I tried to make it hard for them to draw, but... no problem. They found a way. And they started drawing some very cool things. They put a Windows blue-screen-of-death on the site. They put sexy Jake Gyllenhaal gifs on the site. At the end I removed all my rate limits for an hour as a treat, and they did a real-time [animated] Rickroll across the entire site." The video ends with the webmaster explaining why he thought their project was so cool. "As I kid, I spent a lot of time doing dum stuff on the computer, and I didn't get into too much trouble when I, for example, repeatedly crashed my high school mail server. There is no way that I would be doing what I do now without the encouragement of people back then. So providing a playground like this, getting to see what they were doing, provide some encouragement and say, 'Hey this is amazing' — was so special for me. "The people in that Discord are so extraordinarily talented, so creative, so cool, I cannot wait to see what they go on to make." Link via Kottke.org

Read more of this story at Slashdot.

Several items were stolen from a woman's P.O. box. So she mailed herself a package containing an Apple AirTag, according to the Santa Barbara County Sheriff's office: Her mail was again stolen on Monday morning, including the package with the AirTag that she was able to track. It is important to note that the victim did not attempt to contact the suspects on her own... The Sheriff's Office would like to commend the victim for her proactive solution, while highlighting that she also exercised appropriate caution by contacting law enforcement to safely and successfully apprehend the suspects. CNN reports on what the authorities found: The suspected thieves were located in nearby Santa Maria, California, with the victim's mail — including the package containing the AirTag — and other items authorities believe were stolen from more than a dozen victims, according to the sheriff's office. Virginia Franchessca Lara, 27, and Donald Ashton Terry, 37, were arrested in connection with the crime, authorities said. Lara was booked on felonies including possession of checks with intent to commit fraud, fictitious checks, identity theft, credit card theft and conspiracy, and remains held on a $50,000 bail as of Thursday, jail records show. Terry faces felony charges including burglary, possession of checks with intent to commit fraud, credit card theft, identity theft and conspiracy and was held on a $460,000 bail, according to jail records... Authorities said they're working on contacting other victims of theft in this case. Thanks to long-time Slashdot reader schwit1 for sharing the news.

Read more of this story at Slashdot.

The Google Play Store is now rolling out support for downloading up to three Android app updates simultaneously, addressing a long-standing limitation where apps could only be downloaded one at a time. 9to5Google reports: We're seeing simultaneous app update downloads working in the Google Play Store today across multiple devices, and a few of our readers are seeing the same behavior this week as well. It's unclear if this is a server-side change on Google's part or an update to the Play Store itself, but the functionality is much appreciated. As far as we can tell, you can download up to three app updates at once through the Play Store. The apps will start to download, with only anything beyond three showing the "Pending" status that we're all so used to seeing in the Play Store. This matches the App Store on iOS which can also download up to three apps at once. The same limit of three also now applies to new app installs, which was previously limited to two at a time.

Read more of this story at Slashdot.