btp

joined 1 year ago
 

The Android phone maker says go ahead, fix your own phone.

The right-to-repair movement continues to gain steam as another big tech company shows its support for letting people fix their own broken devices.

Google endorsed an Oregon right-to-repair legislation Thursday calling it a “common sense repair bill” and saying it would be a “win for consumers.” This marks the first time the Android phone maker has officially backed any right-to-repair law.

The ability to repair a phone, for example, empowers people by saving money on devices while creating less waste,” said Steven Nickel, devices and services director of operations for Google, in a blog post Thursday. “It also critically supports sustainability in manufacturing. Repair must be easy enough for anyone to do, whether they are technicians or do-it-yourselfers.”

In the Oregon repair bill, manufacturers will be required to provide replacement parts, software, physical tools, documentation and schematics needed for repair to authorized repair providers or individuals. The legislation covers any digital electronics with a computer chip although cars, farm equipment, medical devices, solar power systems, and any heavy or industrial equipment that is not sold to consumers are exempt from the bill.

Google has made strides in making its Pixel phones easier to fix. The company enabled a Repair Mode for the phones last month allowing the protection of data on the device while it’s being serviced. There’s also a diagnostic feature that helps determine if your Pixel phone is working properly or not. That said, Google’s Pixel Watch is another story as the company said in October it will not provide parts to repair its smartwatch.

Apple jumped on the right-to-repair bandwagon back in October. The iPhone maker showed its support for a federal law to make it easier to repair its phones after years of being a staunch opponent.

 

A controversial developer circumvented one of Mastodon's primary tools for blocking bad actors, all so that his servers could connect to Threads.

We’ve criticized the security and privacy mechanisms of Mastodon in the past, but this new development should be eye-opening. Alex Gleason, the former Truth Social developer behind Soapbox and Rebased, has come up with a sneaky workaround to how Authorized Fetch functions: if your domain is blocked for a fetch, just sign it with a different domain name instead.

Gleason was originally investigating Threads federation to determine whether or not a failure to fetch posts indicated a software compatibility issue, or if Threads had blocked his server. After checking some logs and experimenting, he came to a conclusion.

“Fellas,” Gleason writes, “I think threads.net might be blocking some servers already.”

What Alex found was that Threads attempts to verify domain names before allowing access to a resource, a very similar approach to what Authorized Fetch does in Mastodon.

You can see Threads fetching your own server by looking at the facebookexternalua user agent. Try this command on your server:

grep facebookexternalua /var/log/nginx/access.log

If you see logs there, that means Threads is attempting to verify your signatures and allow you to access their data.

18
How Big is YouTube? (ethanzuckerman.com)
 

I got interested in this question a few years ago, when I started writing about the “denominator problem”. A great deal of social media research focuses on finding unwanted behavior – mis/disinformation, hate speech – on platforms. This isn’t that hard to do: search for “white genocide” or “ivermectin” and count the results. Indeed, a lot of eye-catching research does just this – consider Avaaz’s August 2020 report about COVID misinformation. It reports 3.8 billion views of COVID misinfo in a year, which is a very big number. But it’s a numerator without a denominator – Facebook generates dozens or hundreds of views a day for each of its 3 billion users – 3.8 billion views is actually a very small number, contextualized with a denominator.

The paper this post describes can be found here
Abstract:

YouTube is one of the largest, most important communication platforms in the world, but while there is a great deal of research about the site, many of its fundamental characteristics remain unknown. To better understand YouTube as a whole, we created a random sample of videos using a new method. Through a description of the sample’s metadata, we provide answers to many essential questions about, for example, the distribution of views, comments, likes, subscribers, and categories. Our method also allows us to estimate the total number of publicly visible videos on YouTube and its growth over time. To learn more about video content, we hand-coded a subsample to answer questions like how many are primarily music, video games, or still images. Finally, we processed the videos’ audio using language detection software to determine the distribution of spoken languages. In providing basic information about YouTube as a whole, we not only learn more about an influential platform, but also provide baseline context against which samples in more focused studies can be compared.

 

“Verizon royally fucked up,” Poppy told me in a phone call. “There’s no way around it.” Verizon, she added, was “100% at fault.”

Verizon handed Poppy’s personal data, including the address on file and phone logs, to a stalker who later directly threatened her and drove to an address armed with a knife. Police then arrested the suspect, Robert Michael Glauner, who is charged with fraud and stalking offenses, but not before he harassed Poppy, her family, friends, workplace, and daughter’s therapist, Poppy added. 404 Media has changed Poppy’s name to protect her identity.

Glauner’s alleged scheme was not sophisticated in the slightest: he used a ProtonMail account, not a government email, to make the request, and used the name of a police officer that didn’t actually work for the police department he impersonated, according to court records. Despite those red flags, Verizon still provided the sensitive data to Glauner.

Remarkably, in a text message to Poppy sent during the fallout of the data transfer, a Verizon representative told Poppy that the corporation was a victim too. “Whoever this is also victimized us,” the Verizon representative wrote, according to a copy of the message Poppy shared with 404 Media. “We are taking every step possible to work with the police so they can identify them.”

In the interview with 404 Media, Poppy pointed out that Verizon is a multi-billion dollar company and yet still made this mistake. “They need to get their shit together,” she said.

 

Comcast has confirmed that hackers exploiting a critical-rated security vulnerability accessed the sensitive information of almost 36 million Xfinity customers.

This vulnerability, known as “CitrixBleed,” is found in Citrix networking devices often used by big corporations and has been under mass-exploitation by hackers since late August. Citrix made patches available in early October, but many organizations did not patch in time. Hackers have used the CitrixBleed vulnerability to hack into big-name victims, including aerospace giant Boeing, the Industrial and Commercial Bank of China, and international law firm Allen & Overy.

Comcast's statement

Notice To Customers of Data Security Incident
December 18, 2023 04:30 PM Eastern Standard Time

PHILADELPHIA--(BUSINESS WIRE)--Xfinity is providing notice of a recent data security incident. Starting today, customers are being notified through a variety of channels, including through the Xfinity website, email, and news media.

On October 10, 2023, Citrix announced a vulnerability in software used by Xfinity and thousands of other companies worldwide. Citrix issued additional mitigation guidance on October 23, 2023. Xfinity promptly patched and mitigated the Citrix vulnerability within its systems. However, during a routine cybersecurity exercise on October 25, Xfinity discovered suspicious activity and subsequently determined that between October 16 and October 19, 2023, there was unauthorized access to its internal systems that was concluded to be a result of this vulnerability.

Xfinity notified federal law enforcement and initiated an investigation into the nature and scope of the incident. On November 16, Xfinity determined that information was likely acquired. After additional review of the affected systems and data, Xfinity concluded on December 6, 2023, that the customer information in scope included usernames and hashed passwords; for some customers, other information may also have been included, such as names, contact information, last four digits of social security numbers, dates of birth and/or secret questions and answers. However, the data analysis is continuing.

Xfinity has required customers to reset their passwords to protect affected accounts. In addition, Xfinity strongly recommends that customers enable two-factor or multi-factor authentication to secure their Xfinity account, as many Xfinity customers already do. While Xfinity advises customers not to re-use passwords across multiple accounts, the company is recommending that customers change passwords for other accounts for which they use the same username and password or security question.

Customers with questions can contact Xfinity’s dedicated call center at 888-799-2560 toll-free 24 hours a day, seven days a week. More information is available on the Xfinity website at www.xfinity.com/dataincident.

Customers trust Xfinity to protect their information, and the company takes this responsibility seriously. Xfinity remains committed to continued investment in technology, protocols and experts dedicated to helping to protect its customers.

[–] btp@kbin.social 1 points 10 months ago

Checks and balances. Plus, the U.S. is a very large country, with a large population that has their own priorities and values. Local municipalities can also vary largely within state governments. The federal system allows these communities to self-determine, while also enacting a foundation of basic rights and government function.

 

The number of retractions issued for research articles in 2023 has passed 10,000 — smashing annual records — as publishers struggle to clean up a slew of sham papers and peer-review fraud. Among large research-producing nations, Saudi Arabia, Pakistan, Russia and China have the highest retraction rates over the past two decades, a Nature analysis has found.

The bulk of 2023’s retractions were from journals owned by Hindawi, a London-based subsidiary of the publisher Wiley (see ‘A bumper year for retractions’). So far this year, Hindawi journals have pulled more than 8,000 articles, citing factors such as “concerns that the peer review process has been compromised” and “systematic manipulation of the publication and peer-review process”, after investigations prompted by internal editors and by research-integrity sleuths who raised questions about incoherent text and irrelevant references in thousands of papers.

 

We answer the questions readers asked in response to our guide to anonymizing your phone

About the LevelUp series: At The Markup, we’re committed to doing everything we can to protect our readers from digital harm, write about the processes we develop, and share our work. We’re constantly working on improving digital security, respecting reader privacy, creating ethical and responsible user experiences, and making sure our site and tools are accessible.

This is a follow-up article. Here's the first piece, if you'd like to read that one as well

 

In one of the coolest and more outrageous repair stories in quite some time, three white-hat hackers helped a regional rail company in southwest Poland unbrick a train that had been artificially rendered inoperable by the train’s manufacturer after an independent maintenance company worked on it. The train’s manufacturer is now threatening to sue the hackers who were hired by the independent repair company to fix it.

After breaking trains simply because an independent repair shop had worked on them, NEWAG is now demanding that trains fixed by hackers be removed from service.

[–] btp@kbin.social 12 points 11 months ago (1 children)

First, a quick primer on the tech: ACR identifies what’s displayed on your television, including content served through a cable TV box, streaming service, or game console, by continuously grabbing screenshots and comparing them to a massive database of media and advertisements. Think of it as a Shazam-like service constantly running in the background while your TV is on.

All of this is in the second paragraph of the article.

 

These TVs can capture and identify 7,200 images per hour, or approximately two every second. The data is then used for content recommendations and ad targeting, which is a huge business; advertisers spent an estimated $18.6 billion on smart TV ads in 2022, according to market research firm eMarketer.

 

https://micronews.debian.org/2023/1702150551.html

Due to an issue in ext4 with data corruption in kernel 6.1.64-1, we are pausing the 12.3 image release for today while we attend to fixes. Please do not update any systems at this time, we urge caution for users with UnattendedUpgrades configured. Please see bug# 1057843: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057843

 

The Foundation supports challenges to laws in Texas and Florida that jeopardize Wikipedia's community-led governance model and the right to freedom of expression.

An amicus brief, also known as a “friend-of-the-court” brief, is a document filed by individuals or organizations who are not part of a lawsuit, but who have an interest in the outcome of the case and want to raise awareness about their concerns. The Wikimedia Foundation’s amicus brief calls upon the Supreme Court to strike down laws passed in 2021 by Texas and Florida state legislatures. Texas House Bill 20 and Florida Senate Bill 7072 prohibit website operators from banning users or removing speech and content based on the viewpoints and opinions of the users in question.

“These laws expose residents of Florida and Texas who edit Wikipedia to lawsuits by people who disagree with their work,” said Stephen LaPorte, General Counsel for the Wikimedia Foundation. “For over twenty years, a community of volunteers from around the world have designed, debated, and deployed a range of content moderation policies to ensure the information on Wikipedia is reliable and neutral. We urge the Supreme Court to rule in favor of NetChoice to protect Wikipedia’s unique model of community-led governance, as well as the free expression rights of the encyclopedia’s dedicated editors.”

“The quality of Wikipedia as an online encyclopedia depends entirely on the ability of volunteers to develop and enforce nuanced rules for well-sourced, encyclopedic content,” said Rebecca MacKinnon, Vice President of Global Advocacy at the Wikimedia Foundation. “Without the discretion to make editorial decisions in line with established policies around verifiability and neutrality, Wikipedia would be overwhelmed with opinions, conspiracies, and irrelevant information that would jeopardize the project’s reason for existing.”

 

Sorbonne University has been deeply committed to the promotion and the development of open science for many years. According to its commitment to open research information, it has decided to discontinue its subscription to the Web of Science publication database and Clarivate bibliometric tools in 2024. By resolutely abandoning the use of proprietary bibliometric products, it is opening the way for open, free and participative tools.

[–] btp@kbin.social 20 points 11 months ago (5 children)

A newly discovered trade-off in the way time-keeping devices operate on a fundamental level could set a hard limit on the performance of large-scale quantum computers, according to researchers from the Vienna University of Technology.

While the issue isn't exactly pressing, our ability to grow systems based on quantum operations from backroom prototypes into practical number-crunching behemoths will depend on how well we can reliably dissect the days into ever finer portions. This is a feat the researchers say will become increasingly more challenging.

Whether you're counting the seconds with whispers of Mississippi or dividing them up with the pendulum-swing of an electron in atomic confinement, the measure of time is bound by the limits of physics itself.

One of these limits involves the resolution with which time can be split. Measures of any event shorter than 5.39 x 10-44 seconds, for example, run afoul of theories on the basic functions of the Universe. They just don't make any sense, in other words.

Yet even before we get to that hard line in the sands of time, physicists think there is a toll to be paid that could prevent us from continuing to measure ever smaller units.

Sooner or later, every clock winds down. The pendulum slows, the battery dies, the atomic laser needs resetting. This isn't merely an engineering challenge – the march of time itself is a feature of the Universe's progress from a highly ordered state to an entangled, chaotic mess in what is known as entropy.

"Time measurement always has to do with entropy," says senior author Marcus Huber, a systems engineer who leads a research group in the intersection of Quantum Information and Quantum Thermodynamics at the Vienna University of Technology.

In their recently published theorem, Huber and his team lay out the logic that connects entropy as a thermodynamic phenomenon with resolution, demonstrating that unless you've got infinite energy at your fingertips, your fast-ticking clock will eventually run into precision problems.

Or as the study's first author, theoretical physicist Florian Meier puts it, "That means: Either the clock works quickly or it works precisely – both are not possible at the same time."

This might not be a major problem if you want to count out seconds that won't deviate over the lifetime of our Universe. But for technologies like quantum computing, which rely on the temperamental nature of particles hovering on the edge of existence, timing is everything.

This isn't a big problem when the number of particles is small. As they increase in number, the risk any one of them could be knocked out of their quantum critical state rises, leaving less and less time to carry out the necessary computations.

Plenty of research has gone into exploring the potential for errors in quantum technology caused by a noisy, imperfect Universe. This appears to be the first time researchers have looked at the physics of timekeeping itself as a potential obstacle.

"Currently, the accuracy of quantum computers is still limited by other factors, for example the precision of the components used or electromagnetic fields," says Huber.

"But our calculations also show that today we are not far from the regime in which the fundamental limits of time measurement play the decisive role."

It's likely other advances in quantum computing will improve stability, reduce errors, and 'buy time' for scaled-up devices to operate in optimal ways. But whether entropy will have the final say on just how powerful quantum computers can get, only time will tell.

This research was published in Physical Review Letters.

[–] btp@kbin.social 30 points 11 months ago

"References illicit drugs" lol

view more: next ›