Brian Krebs has written a blog post with clues about who may have been behind yesterday's Twitter hack, which had some of the world's most recognizable public figures tweeting out links to bitcoin scams. An anonymous reader shares an excerpt from the report (though we strongly recommend you read the full analysis here): There are strong indications that this attack was perpetrated by individuals who've traditionally specialized in hijacking social media accounts via "SIM swapping," an increasingly rampant form of crime that involves bribing, hacking or coercing employees at mobile phone and social media companies into providing access to a target's account. In the days leading up to Wednesday's attack on Twitter, there were signs that some actors in the SIM swapping community were selling the ability to change an email address tied to any Twitter account. In a post on OGusers -- a forum dedicated to account hijacking -- a user named "Chaewon" advertised they could change email address tied to any Twitter account for $250, and provide direct access to accounts for between $2,000 and $3,000 apiece. "This is NOT a method, you will be given a full refund if for any reason you aren't given the email/@, however if it is revered/suspended I will not be held accountable," Chaewon wrote in their sales thread, which was titled "Pulling email for any Twitter/Taking Requests."

Hours before any of the Twitter accounts for cryptocurrency platforms or public figures began blasting out bitcoin scams on Wednesday, the attackers appear to have focused their attention on hijacking a handful of OG accounts, including "@6." That Twitter account was formerly owned by Adrian Lamo -- the now-deceased "homeless hacker" perhaps best known for breaking into the New York Times's network and for reporting Chelsea Manning's theft of classified documents. @6 is now controlled by Lamo's longtime friend, a security researcher and phone phreaker who asked to be identified in this story only by his Twitter nickname, "Lucky225."[...] But around the same time @6 was hijacked, another OG account -- @B -- was swiped. Someone then began tweeting out pictures of Twitter's internal tools panel showing the @B account. Another Twitter account -- @shinji -- also was tweeting out screenshots of Twitter's internal tools. Minutes before Twitter terminated the @shinji account, it was seen publishing a tweet saying "follow @6," referring to the account hijacked from Lucky225.

Cached copies of @Shinji's tweets prior to Wednesday's attack on Twitter are available here and here from the Internet Archive. Those caches show Shinji claims ownership of two OG accounts on Instagram -- "j0e" and "dead." KrebsOnSecurity heard from a source who works in security at one of the largest U.S.-based mobile carriers, who said the "j0e" and "dead" Instagram accounts are tied to a notorious SIM swapper who goes by the nickname "PlugWalkJoe." Investigators have been tracking PlugWalkJoe because he is thought to have been involved in multiple SIM swapping attacks over the years that preceded high-dollar bitcoin heists. Now look at the profile image in the other Archive.org index of the @shinji Twitter account (pictured below). It is the same image as the one included in the @Shinji screenshot above from Wednesday in which Joseph/@Shinji was tweeting out pictures of Twitter's internal tools.

This individual, the source said, was a key participant in a group of SIM swappers that adopted the nickname "ChucklingSquad," and was thought to be behind the hijacking of Twitter CEO Jack Dorsey's Twitter account last year. The mobile industry security source told KrebsOnSecurity that PlugWalkJoe in real life is a 21-year-old from Liverpool, U.K. named Joseph James Connor. The source said PlugWalkJoe is in Spain where he was attending a university until earlier this year. He added that PlugWalkJoe has been unable to return home on account of travel restrictions due to the COVID-19 pandemic. [...] If PlugWalkJoe was in fact pivotal to this Twitter compromise, it's perhaps fitting that he was identified in part via social engineering.

Grant Imahara, an electrical engineer and roboticist who hosted the popular science show MythBusters and Netflix's White Rabbit Project, has died suddenly following a brain aneurysm. He was 49. From The Hollywood Reporter: An electrical engineer and roboticist by training, he joined Discovery's MythBusters in its third season, replacing Scottie Chapman and was with the show until 2014 when he left with with co-hosts Kari Byron and Tory Belleci. The trio would reunite in 2016 for Netflix's White Rabbit Project which lasted for one season. On MythBusters, Imahara used his technical expertise to design and build robots for the show and also operated the computers and electronics needed to test myths.

Born in Los Angeles, Imahara studied electrical engineering at the University of Southern California (though he briefly had doubts and wanted to become a screenwriter) before combining the two passions and landing a post-graduation gig at Lucasfilm-associated THX labs. In his nine years at Lucasfilm, he worked for the company's THX and Industrial Light and Magic (ILM) divisions. In his years at ILM he became chief model maker specializing in animatronics and worked on George Lucas' Star Wars prequels, as well as The Matrix Reloaded, The Matrix Revolutions, Galaxy Quest, XXX: State of the Union, Van Helsing, The Lost World: Jurassic Park, A.I. Artificial Intelligence and Terminator 3: Rise of the Machines. [...] Imahara also starred in several episodes of the fan-made web series Star Trek Continues. He played Hikaru Sulu, a lieutenant, helmsman and third officer on the USS Enterprise, in the show that was an unofficial continuation of Star Trek: The Original Series. "We are heartbroken to hear this sad news about Grant. He was an important part of our Discovery family and a really wonderful man. Our thoughts and prayers go out to his family," a representative for Discovery said in a statement on Monday.

tlhIngan writes: For those worried that the transition Apple is doing to ARM-based Macs will drop Thunderbolt, Apple has stated that they will continue to support Thunderbolt. This was a worry since Thunderbolt is primarily an Intel design (formerly known as Light Peak) with Apple collaboration, and that none of Apple's ARM based devices support it (not even the ARM Developer Transition Kit).

An anonymous reader quotes a report from Ars Technica: Nearly 20 years after its initial release, a hacker has found a way to run homebrew software on an unmodified PlayStation 2 using nothing but a carefully burned DVD-ROM. Previous efforts to hack the PS2 relied on internal modifications, external hardware (like pre-hacked memory cards and hard drives), or errors found only on very specific models of the system. The newly discovered FreeDVDBoot differs from this previous work by exploiting an error in the console's DVD video player to create a fully software-based method for running arbitrary code on the system.

Security researcher CTurt laid out the FreeDVDBoot discovery and method in detail in a blog post this weekend. By decrypting and analyzing the code used for the PS2's DVD player, CTurt found a function that expects a 16-bit string from a properly formatted DVD but will actually easily accept over 1.5 megabytes from a malicious source. Sending carefully formatted data to that function causes a buffer overflow that in turn triggers another badly written function to tell the system to jump to an area of memory with arbitrary, attacker-written code. That code can then tell the system to load an ELF file written to a burned DVD-R in the system. Building on previous PS2 homebrew efforts like uLaunchELF, it's relatively simple to use that DVD-R to load homebrew software or even full copies of otherwise copy-protected PS2 games. The exploit is currently limited to very specific versions of the PS2's DVD player firmware (as of press time, firmwares 3.10 and 3.11, when set to "English") found in later editions of the console and won't work in earlier systems. But CTurt writes that he's "confident that all other versions also contain these same trivial IFO parsing buffer overflows" and can be exploited with broadly similar methods. The possibility of similar hacks through the Blu-ray player on the PS3 and PS4 (or the CD player on the PS1) are also being examined by the community.

Tim O'Reilly is the founder of O'Reilly Media (formerly O'Reilly & Associates), and is credited by Wikipedia as helping to popularize the term open source. But Techcrunch reveals what he's learned about venture capital from his work with Bryce Roberts (O'Reilly's investing partner at early-stage venture firm O'Reilly AlphaTech Ventures).

"At a minimum, O'Reilly — who bootstrapped his own company, O'Reilly Media, 42 years ago and says it now produces 'a couple hundred million dollars in revenue' yearly — provides a lot of food for thought." Tim O'Reilly: The typical VC model is looking for this high-growth company with exit potential, because it's looking for this big financial return from an IPO or acquisition, and that selects for a certain type of founder. My partner Bryce decided two funds ago [to] look for companies that are kind of disparaged as lifestyle companies that are trying to build sustainable businesses with cash flow and profits. They're the kind of small businesses, and small business entrepreneurs, that have vanished from America, partly because of the VC myth, which is really about creating financial instruments for the wealthy...

The talent pool is just much greater [when you look outside of Silicon Valley]. There's a certain kind of bro culture in Silicon Valley and if you don't fit in, sure [you could find a way], but there are a lot of impediments... I've been really disillusioned with Silicon Valley investing for a long time. It reminds me of Wall Street going up to 2008. The idea was, "As long as someone wants to buy this [collateralized debt obligation], we're good." Nobody is thinking about: Is this a good product...?

It's part of the structural inequality in our society, where we're building businesses that are optimized for their financial return rather than their return to society.

Oracle's Java magazine is celebrating the 25th anniversary of the programming language with a list of the 25 greatest Java apps ever written: From space exploration to genomics, from reverse compilers to robotic controllers, Java is at the heart of today's world. Here are a few of the countless Java apps that stand out from the crowd.

The story of Java began in 1991, at a time when Sun Microsystems sought to extend their lead in the computer workstation market into the burgeoning personal electronics market. Little did anyone know that the programming language Sun was about to create would democratize computing, inspire a worldwide community, and become the platform for an enduring software development ecosystem of languages, runtime platforms, SDKs, open source projects, and lots and lots of tools. After a few years of secret development led by James Gosling, Sun released the landmark "write once, run anywhere" Java platform in 1995, refocusing it beyond its original design for interactive television to applications for the burgeoning World Wide Web. By the turn of the century, Java was animating everything from smartcards to space vehicles.

Today, millions of developers program in Java. Although Java continues to evolve at an ever-faster pace, on the occasion of the platform's 25th anniversary, Java Magazine decided to take a look back at how Java molded our planet. What follows is a list of the 25 most ingenious and influential Java apps ever written, from Wikipedia Search to the US National Security Agency's Ghidra. The scope of these applications runs the gamut: space exploration, video games, machine learning, genomics, automotive, cybersecurity, and more.
The list includes Eclipse, Minecraft, the Maestro Mars Rover controller, and "VisibleTesla," the open source app created by an automobile enthusiast to monitor and control his Tesla Model S.

According to a recently published research paper [PDF] co-authored by researchers from Drexel, NYU, and the University of Washington, Tor users make high-quality contributions to Wikipedia. And, when they are blocked, as doctoral candidate Chau Tran, the lead author describes, "the collateral damage in the form of unrealized valuable contributions from anonymity seekers is invisible." From a blog post: The authors of the paper include Chau Tran (NYU), Kaylea Champion (UW & CDSC), Andrea Forte (Drexel), Benjamin Mako Hill (UW & CDSC), and Rachel Greenstadt (NYU). The paper was published at the 2020 IEEE Symposium on Security & Privacy between May 18 and 20. By examining more than 11,000 Wikipedia edits made by Tor users able to bypass Wikipedia's Tor ban between 2007 and 2018, the research team found that Tor users made similar quality edits to those of IP editors, who are non-logged-in users identified by their IP addresses, and first-time editors. The paper notes that Tor users, on average, contributed higher-quality changes to articles than non-logged-in IP editors.

The study also finds that Tor-based editors are more likely than other users to focus on topics that may be considered controversial, such as politics, technology, and religion. Related research implies Tor users are quite similar to other internet users, and Tor users frequently visit websites in the Alexa top one million. The new study findings make clear how anonymous users are raising the bar on community discussions and how valuable anonymity is to avoid self-censorship. Anonymity and privacy can help protect users from consequences that may prevent them from interacting with the Wikipedia community.

An anonymous reader quotes a report from ZDNet: In a report published earlier this month, security researchers from the Shadowserver Foundation, a non-profit organization focused on improving cyber-security practices across the world, have published a warning about companies that are leaving printers exposed online. More specifically, Shadowserver experts scanned all the four billion routable IPv4 addresses for printers that are exposing their IPP port. IPP stands for "Internet Printing Protocol" and, as the name suggests, is a protocol that allows users to manage internet-connected printers and send printing jobs to printers hosted online. The difference between IPP and the multiple other printer management protocols is that IPP is a secure protocol that supports advanced features such as access control lists, authentication, and encrypted communications. However, this doesn't mean that device owners are making use of any of these features.

Shadowserver experts said they specifically scanned the internet for IPP-capable printers that were left exposed without being protected by a firewall and allowed attackers to query for local details via the "Get-Printer-Attributes" function. In total, experts said they usually found an average of around 80,000 printers exposing themselves online via the IPP port on a daily basis. The number is about an eighth of all IPP-capable printers currently connected online. A normal scan with the BinaryEdge search engine reveals a daily count of between 650,000 and 700,000 devices with their IPP port (TCP/631) reachable via the internet. What are the issues with not securing the IPP port? Shadowserver experts say this port can be used for intelligence gathering, since many of the printers scanned returned additional info about themselves, such as printer names, locations, models, firmware, organization names, and even Wi-Fi network names.

"To configure IPP access control and IPP authentication features, users are advised to check their printers' manuals," adds ZDNet. "Most printers have an IPP configuration section in their administration panel from where users can enable authentication, encryption, and limit access to the device via access lists."

Wargames shares the official trailer of Apple's upcoming new TV series, Foundation, adapted from Isaac Asimov's seminal Foundation series of novels. Ars Technica provides more details: The original trilogy centered on a mathematician named Hari Seldon, who has developed a mathematical approach to sociology he calls "psychohistory" that enables him to predict the future of large populations -- like the Galactic Empire, which incorporates all inhabitants of the Milky Way. Unfortunately, Seldon's theory predicts an imminent collapse of the empire -- well, in 500 years, which is certainly imminent on galactic time scales. This will usher in a Dark Age lasting 30,000 years, after which a second empire will arise. The news is not well received by the members of the Committee on Public Safety, who essentially rule the empire, and Seldon is forced to stand trial for treason, along with a brilliant young mathematical protege named Gaal.

In his defense, Seldon argues that he cannot stop the collapse, but there is a way to limit those Dark Ages to just 1,000 years. He proposes creating a Foundation, a group of the most intelligent minds in the empire, charged with preserving all human knowledge in the Encyclopedia Galactica. Rather than executing Seldon, the committee decides to exile him to a remote world called Terminus, along with the members of the new Foundation, where they can begin compiling the encyclopedia. Much of the first book in the trilogy follows the establishment of the colony on Terminus and the various political machinations that shape its early history, along with a startling revelation: unbeknownst to the committee, Seldon has established a second Foundation at the other end of the galaxy. It's unclear how closely the series will follow the novels, but one of the executive producers is Robyn Asimov, the novelist's daughter.

"Harris plays Seldon, with Pace co-starring as Brother Day, current Emperor of the Galaxy. Lou Llobell plays Gaal, Leah Harvey plays a gender-swapped Salvor, warden of Terminus, and Laura Birn plays Eto Demerzel, aide to Brother Day," adds Ars. "Other listed characters include Brother Dusk (Terrence Mann), the ruling family's oldest living member, and Brother Dawn (Cassian Bilton), the youngest member and heir apparent to Brother Day." Foundation is expected to debut on Apple TV Plus in 2021.

An anonymous reader quotes a report from The Guardian: They may not be little green men. They may not arrive in a vast spaceship. But according to new calculations there could be more than 30 intelligent civilizations in our galaxy today capable of communicating with others. In 1961 the astronomer Frank Drake proposed what became known as the Drake equation, setting out seven factors that would need to be known to come up with an estimate for the number of intelligent civilizations out there. These factors ranged from the the average number of stars that form each year in the galaxy through to the timespan over which a civilization would be expected to be sending out detectable signals.

But few of the factors are measurable. "Drake equation estimates have ranged from zero to a few billion [civilizations] -- it is more like a tool for thinking about questions rather than something that has actually been solved," said Christopher Conselice, a professor of astrophysics at the University of Nottingham and a co-author of the research. Now Conselice and colleagues report in the Astrophysical Journal how they refined the equation with new data and assumptions to come up with their estimates. "Basically, we made the assumption that intelligent life would form on other [Earth-like] planets like it has on Earth, so within a few billion years life would automatically form as a natural part of evolution," said Conselice.

The assumption, known as the Astrobiological Copernican Principle, is fair as everything from chemical reactions to star formation is known to occur if the conditions are right, he said. "[If intelligent life forms] in a scientific way, not just a random way or just a very unique way, then you would expect at least this many civilizations within our galaxy," he said. Under the strictest set of assumptions -- where, as on Earth, life forms between 4.5 billion and 5.5 billion years after star formation -- there are likely between four and 211 civilizations in the Milky Way today capable of communicating with others, with 36 the most likely figure. But Conselice noted that this figure is conservative, not least as it is based on how long our own civilization has been sending out signals into space -- a period of just 100 years so far. The team add that our civilization would need to survive at least another 6,120 years for two-way communication. "They would be quite far away ... 17,000 light years is our calculation for the closest one," said Conselice. "If we do find things closer ... then that would be a good indication that the lifespan of [communicating] civilizations is much longer than a hundred or a few hundred years, that an intelligent civilization can last for thousands or millions of years. The more we find nearby, the better it looks for the long-term survival of our own civilization."

Tenino, Washington (population: 1,884) has launched its own local currency, reports the Hustle: Mayor Wayne Fournier decided that Tenino would set aside $10k to give out to low-income residents hurt by the pandemic. But instead of using federal dollars, he'd print the money on thin sheets of wood designed exclusively for use in Tenino. His mint? A 130-year-old newspaper printer from a local museum...

Residents below the poverty line can apply to receive money from the $10k fund that Tenino has set aside. Fournier says they also have to prove that the pandemic has impacted them, but "we're pretty open to what that means." Once they're approved, they can pick up their stipends, printed in wooden notes worth $25 each. The city is capping the amount each resident can accrue at 12 wooden notes — or $300 — per month. According to Fournier, each note features a Latin inscription that means, basically, 'We've got this handled'...

By creating its own local currency, Tenino keeps the money in the community. As Fournier puts it, "Amazon will not be accepting wooden dollars."

"The money stays in the city. It doesn't go out to Walmart and Costco and all those places," says Joyce Worrell, who has run the antique shop Iron Works Boutiques for the past decade.
The article notes that during the 1930s hundreds of scrips were issued by American municipalities, worker co-ops, and business associations -- estimated to be worth as much as $1 billion.

And it adds that at least a few small towns in Italy and Mexico are now giving the idea another try.

On Wednesday, Magic: The Gathering publisher Wizards of the Coast took unprecedented measures to remove racist cards from its game. Seven cards in all, dating back to 1994, are now banned from play. Their images will also being removed from the game's official online database. Polygon reports: "The events of the past weeks and the ongoing conversation about how we can better support people of color have caused us to examine ourselves, our actions, and our inactions," Wizards said in a statement. "We appreciate everyone helping us to recognize when we fall short. We should have been better, we can be better, and we will be better." The list of now-banned cards is: Invoke Prejudice, Cleanse, Stone-Throwing Devils, Pradesh Gypsies, Jihad, Imprison, and Crusade.

One card in particular, Invoke Prejudice, was singled out. It shows a hooded executioner with a black axe. "If opponent casts a Summon spell that does not match the color of one of the creatures under your control, that spell is countered," says the card. It effectively kills off creatures that don't look like the creatures already on the table. Gatherer, the official online database of every Magic card ever published, displays the card at a web URL ending in "1488," numbers that are synonymous with white supremacy. All cards will be replaced online with a note that calls out their racist depictions, text, or a combination thereof.

Over the past few months, OpenAI has vacuumed an incredible amount of data into its artificial intelligence language systems. It sucked up Wikipedia, a huge swath of the rest of the internet and tons of books. This mass of text -- trillions of words -- was then analyzed and manipulated by a supercomputer to create what the research group bills as a major AI breakthrough and the heart of its first commercial product, which came out on Thursday. From a report: The product name -- OpenAI calls it "the API" -- might not be magical, but the things it can accomplish do seem to border on wizardry at times. The software can perform a broad set of language tasks, including translating between languages, writing news stories and poems and answering everyday questions. Ask it, for example, if you should keep reading a story, and you might be told, "Definitely. The twists and turns keep coming." OpenAI wants to build the most flexible, general purpose AI language system of all time. Typically, companies and researchers will tune their AI systems to handle one, limited task. The API, by contrast, can crank away at a broad set of jobs and, in many cases, at levels comparable with specialized systems.

While the product is in a limited test phase right now, it will be released broadly as something that other companies can use at the heart of their own offerings such as customer support chat systems, education products or games, OpenAI Chief Executive Officer Sam Altman said. [...] The API product builds on years of research in which OpenAI has compiled ever larger text databases with which to feed its AI algorithms and neural networks. At its core, OpenAI API looks over all the examples of language it has seen and then uses those examples to predict, say, what word should come next in a sentence or how best to answer a particular question. "It almost gets to the point where it assimilates all of human knowledge because it has seen everything before," said Eli Chen, CEO of startup Veriph.ai, who tried out an earlier version of OpenAI's product. "Very few other companies would be able to afford what it costs to build this type of huge model."

Long-time Slashdot reader theodp writes: In 2011, the late film critic Roger Ebert gave tech's movers-and-shakers a PLATO history lesson in his Remaking My Voice TED Talk. "When I heard the amazing talk by Salman Khan on Wednesday, about the Khan Academy website that teaches hundreds of subjects to students all over the world, I had a flashback," explained Ebert. "I was sent over to the computer lab of the University of Illinois to interview the creators of something called 'PLATO.' The initials stood for Programmed Logic for Automatic Teaching Operations. This was a computer-assisted instruction system. Which in those days ran on a computer named ILLIAC. The programmers said it could assist students in their learning...."

Ebert probably would have been surprised to see how the COVID-19 pandemic caught U.S. schools flat-footed in 2020. In a never-before-published chapter that didn't make it into his book The Friendly Orange Glow: The Untold Story of the PLATO System and the Dawn of Cyberculture, author Brian Dear reveals that Ebert reported on PLATO's potential to deliver online learning to homebound students in a 1962 article he wrote for the News-Gazette while still in high school. Ebert's Jan. 6, 1962 story on PLATO began:

"For no more than the price of a good television set, homebound handicapped children may soon be able to get an education equal to those offered in schools. [...] Other predicted uses for the unique teaching system include [...] an education system which allows the student to set his own pace, instead of forcing him to 'stay with the class.'..."

Dear points out that the PLATO project launched the first week of June 1960, more than sixteen years before Salman Khan was even born.

Services like Google Translate support only 100 languages, give or take. What about the thousands of other languages -- spoken by people just as vulnerable to this crisis? From a report: If we want to avoid a pandemic spreading to all the humans in the world, this information also has to reach all the humans of the world -- and that means translating Covid PSAs into as many languages as possible, in ways that are accurate and culturally appropriate. It's easy to overlook how important language is for health if you're on the English-speaking internet, where "is this headache actually something to worry about?" is only a quick Wikipedia article or WebMD search away. For over half of the world's population, people can't expect to Google their symptoms, nor even necessarily get a pamphlet from their doctor explaining their diagnosis, because it's not available in a language they can understand.

[...] In a pandemic, the challenge isn't just translating one or a handful of primary languages in a single region -- it's on a scale of perhaps thousands of languages, at least 1,000 to 2,000 of the 7,000-plus languages that exist in the world today, according to the pooled estimates of the experts I spoke with, all of whom emphasized that this number was very uncertain but definitely the largest number they'd ever faced at once. Machine translation might be able to help in some circumstances, but it needs to be approached with caution. [...] That's not to say that machine translation isn't helpful for some tasks, where getting the gist quickly is more important than the nuanced translations humans excel at, such as quickly sorting and triaging requests for help as they come in or keeping an eye on whether a new misconception is bubbling up. But humans need to be kept in the loop, and both human and machine language expertise needs to be invested in during calmer times so that it can be used effectively in a crisis.

The bigger issue with machine translation is that it's not even an option for many of the languages involved. Translators Without Borders is translating Covid information into 89 languages, responding to specific requests of on-the-ground organizations, and 25 of them (about a third) aren't in Google Translate at all. Machine translation disproportionately works for languages with lots of resources, with things like news sites and dictionaries that can be used as training data. Sometimes, like with French and Spanish, the well-resourced languages of former colonial powers also work as lingua francas for translation purposes. In other cases, there's a mismatch between what's easy to translate by machine versus what's useful to TWB: The group has been fielding lots of requests for Covid info in Kanuri, Dari, and Tigrinya, none of which are in Google Translate, but hasn't seen any for Dutch or Hebrew (which are in Google Translate but don't need TWB's help -- they have national governments already producing their own materials). Google Translate supports 109 languages, Bing Translate has 71, and even Wikipedia exists in only 309 languages -- figures that pale in comparison to the 500-plus languages on the list from the Endangered Languages Project, all human-created resources.

"REVOKE 230!" President Trump tweeted Friday, and NPR reports that the movement to revoke its safeguards "is increasingly becoming a bipartisan consensus... But experts caution that eliminating the legal protections may have unintended consequences for Internet users that extend far beyond Facebook and Twitter." "We don't think about things like Wikipedia, the Internet Archive and all these other public goods that exist and have a public-interest component that would not exist in a world without 230," said Aaron Mackey, staff attorney at the Electronic Frontier Foundation, a digital civil liberties nonprofit.

Without Section 230, experts argue, sites would have less tolerance for people posting their opinions on YouTube, Reddit, Yelp, Amazon and many other corners of the Internet...

The tech industry, unsurprisingly, is fighting hard to preserve Section 230, said Jeff Kosseff, the author of a book about Section 230, The Twenty-Six Words That Created the Internet. "The major platforms came into existence because of 230," Kosseff said. "Without 230, their operations would have to be substantially changed." In particular, Facebook, Twitter and Google would likely become aggressive about removing content and may side more often with complaining users, Kosseff said. Mackey with the Electronic Frontier Foundation agrees."It could create a prescreening of every piece of material every person posts and lead to an exceptional amount of moderation and prevention," Mackey said. "What every platform would be concerned about is: 'Do I risk anything to have this content posted to my site?'"

Another possible ripple effect of repealing, Kosseff said, is making it more difficult for whatever company is hoping to emerge as the next big social media company. "It will be harder for them because they will face more liability at the outset," Kosseff said. Eric Goldman, a professor at Santa Clara University Law School and co-director of the High Tech Law Institute, said rescinding Section 230 could reduce the number of online platforms that welcome open dialogue.

Wikipedia is taking steps to fight what it's calling "toxic behavior" which will be finalized by the end of this year, reports the BBC (in an article shared by Charlotte Web): "We must work together to create a safe, inclusive culture, where everyone feels welcome, that their contributions are valued, and that their perspective matters," said Katherine Maher, the chief executive officer of the Wikimedia Foundation [which runs Wikipedia]... The foundation's binding code of conduct for members will include banning or limiting access if volunteers violate the terms. There will be a review process for the decisions if volunteers feel more context is needed.

Wikipedia has become one of the internet's most trusted sources for information, but complaints about gender imbalances and harassment have plagued the platform for close to a decade. A study from the University of Washington on the gender gap in Wikipedia editors found many female and LGBTQ editors feared for their safety. Several female editors told the researchers their work had been contested by male editors or that they received negative feedback from a male editor. A New York Times article from 2019 also highlighted the concerns some transgender editors have about volunteering for the site. One editor told the paper they received death threats...

[E]ditors can interact with one another and can change the content on a page after it has been written. This has led to a form of harassment where, after one volunteer adds to a page, another volunteer will remove or change that work moments later, forcing the first editor to redo their work and leading to editing battles.

"Around 70% of our serious security bugs are memory safety problems," the Chromium project announced this week. "Our next major project is to prevent such bugs at source."

ZDNet reports: The percentage was compiled after Google engineers analyzed 912 security bugs fixed in the Chrome stable branch since 2015, bugs that had a "high" or "critical" severity rating. The number is identical to stats shared by Microsoft. Speaking at a security conference in February 2019, Microsoft engineers said that for the past 12 years, around 70% of all security updates for Microsoft products addressed memory safety vulnerabilities. Both companies are basically dealing with the same problem, namely that C and C++, the two predominant programming languages in their codebases, are "unsafe" languages....

Google says that since March 2019, 125 of the 130 Chrome vulnerabilities with a "critical" severity rating were memory corruption-related issues, showing that despite advances in fixing other bug classes, memory management is still a problem... Half of the 70% are use-after-free vulnerabilities, a type of security issue that arises from incorrect management of memory pointers (addresses), leaving doors open for attackers to attack Chrome's inner components...

While software companies have tried before to fix C and C++'s memory management problems, Mozilla has been the one who made a breakthrough by sponsoring, promoting and heavily adopting the Rust programming language in Firefox... Microsoft is also heavily investing in exploring C and C++ alternatives⦠But this week, Google also announced similar plans as well... Going forward, Google says it plans to look into developing custom C++ libraries to use with Chrome's codebase, libraries that have better protections against memory-related bugs. The browser maker is also exploring the MiraclePtr project, which aims to turn "exploitable use-after-free bugs into non-security crashes with acceptable performance, memory, binary size and minimal stability impact."

And last, but not least, Google also said it plans to explore using "safe" languages, where possible. Candidates include Rust, Swift, JavaScript, Kotlin, and Java.

An anonymous reader quotes a report from Ars Technica: A week ago, China launched the newest version of its largest rocket, the Long March 5B, from its southernmost spaceport. The launch proceeded normally and represented another success for China as it seeks to build a robust human spaceflight program. Over the next few years, this rocket will launch components of a modular space station. Notably, because of this rocket's design, its large core stage reached orbit after the launch. Typically during a launch, a rocket's large first stage will provide the majority of thrust during the first minutes of launch and then drop away before reaching an orbital velocity, falling back into the ocean. Then, a smaller second stage takes over and pushes the rocket's payload into orbit. However, the Long March 5B rocket has no second stage. For last week's launch, then, four liquid-fueled strap-on boosters generated most of the thrust off the launch pad. After this, the core stage with two YF-77 main engines pushed an experimental spacecraft into orbit before the payload separated.

This left the large core stage, with a mass slightly in excess of 20 tons, in an orbit with an average altitude of about 260km above the Earth. Because the perigee of this orbit was only about 160km above the planet, the core stage was slowly drawn back toward the planet as it interacted with the planet's upper atmosphere. This is a rather large object to make an uncontrolled return to Earth. According to Jonathan McDowell, an astronomer at the Harvard-Smithsonian Center for Astrophysics and keen observer of satellites, this is the largest vehicle to make an uncontrolled reentry into Earth's atmosphere since 1991, when the Soviet Salyut 7 space station broke up over Argentina. [...] It is perhaps worth noting that before it entered Earth's atmosphere, the core stage track passed directly over New York City. Had it reentered the atmosphere only a little bit earlier, perhaps 15 to 20 minutes, the rocket's debris could have rained down on the largest metro area in the United States.

"What are the implications if 'space-time' (as conceived of in the Einstein Theory of General Relativity) is quantized like all other aspects of matter and energy?" asks Slashdot reader sixoh1. Space.com reports of a new study that tried to find out: In order for the math of general relativity to work, this fabric of space-time has to be absolutely smooth at the tiniest of scales. No matter how far you zoom in, space-time will always be as wrinkle-free as a recently ironed shirt. No holes, no tears, no tangles. Just pure, clean smoothness. Without this smoothness, the mathematics of gravity simply break down. But general relativity isn't the only thing telling us about space-time. We also have quantum mechanics (and its successor, quantum field theory). In the quantum world, everything microscopic is ruled by random chance and probabilities. Particles can appear and disappear at a moment's notice (and usually even less time than that). Fields can wiggle and vibrate with a will all their own. And nothing can ever be known for certain. [...]

That's exactly what a team of astronomers did, submitting their results for publication in the Monthly Notices of the Royal Astronomical Society, and also posting their work to the online preprint site arXiv. And in a perfect coincidence, they searched for the frothiness of space-time using ... espresso. No, not the drink. ESPRESSO, the Echelle Spectrograph for Rocky Exoplanet and Stable Spectroscopic Observations, an instrument based at the European Southern Observatory's Very Large Telescope. As its name suggests, ESPRESSO was not designed to search for space-time frothiness, but it turned out to be the best tool for the job. And the astronomers pointed it at a perfect source: a run-of-the-mill gas cloud sitting over 18 billion light-years away. What makes this particular gas cloud especially useful is two facts. One, there is a bright source sitting just behind it, illuminating it. And two, there's iron in the cloud, which absorbs the background light at a very specific wavelength.

So from our vantage point on Earth, if space-time is perfectly smooth, that gap in the background light caused by the gas cloud should be just as narrow as if the cloud was sitting right next to us. But if space-time is frothy, then the light traveling over the billions of light-years will spread out, changing the width of the gap. The astronomers didn't find any hint of frothiness, which doesn't mean that it doesn't exist -- it just means that if space-time is frothy, we need more than 18 billion light-years to see it with our current technology. But the results were able to rule out some models of quantum gravity, sending them into the proverbial dustbin of physics history.