While he couldn't even ethically accept the million dollars, PC Magazine's senior security analyst Max Eddy writes that "how this happened in the first place is indicative of some of the information security industry's worst impulses. It doesn't have to be this way." Back in 2017, Telegram founder Pavel Durov and I had a disagreement... Durov tweeted about how the Signal secure messaging app had received money from the U.S. government. This is true; Signal received funds from the Open Technology Fund (OTF) — a nonprofit that previously was part of the US-backed Radio Free Asia. According to the OTF's website, it gave nearly $3 million to between 2013 and 2016. It's entirely legitimate to be suspicious of government funding (even if TOR, OpenVPN, and WireGuard also received OTF money), and even take a moral stand against recipients of money from governments you disagree with.

But Durov went far beyond that. He seemed to think this meant Signal was bought off by the feds and predicted that a backdoor would be found within five years.

That's quite an accusation to make, especially without real proof, and it made me mad. Not because people were mouthing off on Twitter — that seems to be that platform's primary function. It made me mad that companies ostensibly working to better people's lives by protecting their security and privacy were trying to drag each other down publicly. This is not new; the VPN industry is full of whisper campaigns and counter-accusations. I can't tell you how many conversations I've had with VPN vendors that start with "first off, everything you heard is a lie...." But generally the message from companies in this industry is one of cooperation and protecting everyone. It's a common theme to keynotes at the RSA Conference and Black Hat that the people who work in infosec have a higher calling to protect other people first and do business second.
And then this happened (on Twitter):


Max Eddy: It's one thing to point out funding and another to say that a "backdoor will be found within five years."

Pavel Durov: I am certain of what I'm saying and am willing to bet $1M (1:1) on it.


While Eddy didn't have a million dollars, "I knew there was no way I would lose. This would be the easiest million-dollar bet I ever make." I was confident Durov was wrong because Signal, like many companies, has made an effort toward transparency that I can have some confidence in. Signal has made its code available, has registered as a nonprofit, has a fairly comprehensive privacy policy, and has made abundantly clear that it has no information to provide in response to law enforcement requests. Signal's protocol is also used by competitors, such as WhatsApp and Facebook Messenger, which have surely done their homework when selecting a method for encrypting messages. Most recently, a document revealed that even the FBI has been frustrated in its attempts to get data from Signal (and Telegram, too).
It's been five years, and Eddy now writes that Signal "continues to be recommended by advocacy groups of all kinds as a safe and secure way to communicate..."

"Neither Durov nor Telegram responded to my attempts to contact them for this story."

Early this morning SpaceX tweeted video showing its deployment of a communications satellite. But the deployment was part of a historic first, reports CBS News: SpaceX completed a record triple-header early Sunday, launching a Globalstar communications satellite from Cape Canaveral after putting a German radar satellite in orbit from California Saturday and launching 53 Starlink internet satellites Friday from the Kennedy Space Center. The Globalstar launch capped the fastest three-flight cadence for an orbit-class rocket in modern space history as the company chalked up its 158th, 159th and 160th Falcon 9 flights in just 36 hours and 18 minutes. More than 50 launches are expected by the end of the year.
Space.com also notes another milestone: The Friday mission set a new rocket-reuse record for SpaceX; the Falcon 9 that flew it featured a first stage that already had 12 launches under its belt. (Sunday's launch was the ninth for this particular Falcon 9 first stage, according to a SpaceX mission description.)
SpaceX also tweeted footage of that rocket's liftoff and night-time landing.

Social media has made us "uniquely stupid," believes Jonathan Haidt, a social psychologist at the New York University's School of Business. Writing in the Atlantic in April, Haidt argued that large social media platforms "unwittingly dissolved the mortar of trust, belief in institutions, and shared stories that had held a large and diverse secular democracy together."

But is that true? "We're years into this, and we're still having an uninformed conversation about social media," notes Dartmouth political scientist Brendan Nyhan (quoted this month in a new article in the New Yorker).

The article describes how Haidt tried to confirm his theories in November with Chris Bail, a sociologist at Duke and author of the book "Breaking the Social Media Prism." The two compiled a Google Doc collecting every scholarly study of social media — but many of the studies seemed to contradict each other: When I told Bail that the upshot seemed to me to be that exactly nothing was unambiguously clear, he suggested that there was at least some firm ground. He sounded a bit less apocalyptic than Haidt.

"A lot of the stories out there are just wrong," he told me. "The political echo chamber has been massively overstated. Maybe it's three to five per cent of people who are properly in an echo chamber." Echo chambers, as hotboxes of confirmation bias, are counterproductive for democracy. But research indicates that most of us are actually exposed to a wider range of views on social media than we are in real life, where our social networks — in the original use of the term — are rarely heterogeneous. (Haidt told me that this was an issue on which the Google Doc changed his mind; he became convinced that echo chambers probably aren't as widespread a problem as he'd once imagined....)

[A]t least so far, very few Americans seem to suffer from consistent exposure to fake news — "probably less than two per cent of Twitter users, maybe fewer now, and for those who were it didn't change their opinions," Bail said. This was probably because the people likeliest to consume such spectacles were the sort of people primed to believe them in the first place. "In fact," he said, "echo chambers might have done something to quarantine that misinformation."

The final story that Bail wanted to discuss was the "proverbial rabbit hole, the path to algorithmic radicalization," by which YouTube might serve a viewer increasingly extreme videos. There is some anecdotal evidence to suggest that this does happen, at least on occasion, and such anecdotes are alarming to hear. But a new working paper led by Brendan Nyhan, a political scientist at Dartmouth, found that almost all extremist content is either consumed by subscribers to the relevant channels — a sign of actual demand rather than manipulation or preference falsification — or encountered via links from external sites. It's easy to see why we might prefer if this were not the case: algorithmic radicalization is presumably a simpler problem to solve than the fact that there are people who deliberately seek out vile content. "These are the three stories — echo chambers, foreign influence campaigns, and radicalizing recommendation algorithms — but, when you look at the literature, they've all been overstated." He thought that these findings were crucial for us to assimilate, if only to help us understand that our problems may lie beyond technocratic tinkering. He explained, "Part of my interest in getting this research out there is to demonstrate that everybody is waiting for an Elon Musk to ride in and save us with an algorithm" — or, presumably, the reverse — "and it's just not going to happen."
Nyhan also tells the New Yorker that "The most credible research is way out of line with the takes," adding, for example, that while studies may find polarization on social media, "That might just be the society we live in reflected on social media!" He hastened to add, "Not that this is untroubling, and none of this is to let these companies, which are exercising a lot of power with very little scrutiny, off the hook. But a lot of the criticisms of them are very poorly founded. . . . The lack of good data is a huge problem insofar as it lets people project their own fears into this area." He told me, "It's hard to weigh in on the side of 'We don't know, the evidence is weak,' because those points are always going to be drowned out in our discourse. But these arguments are systematically underprovided in the public domain...."

Nyhan argued that, at least in wealthy Western countries, we might be too heavily discounting the degree to which platforms have responded to criticism... He added, "There's some evidence that, with reverse-chronological feeds" — streams of unwashed content, which some critics argue are less manipulative than algorithmic curation — "people get exposed to more low-quality content, so it's another case where a very simple notion of 'algorithms are bad' doesn't stand up to scrutiny. It doesn't mean they're good, it's just that we don't know."

"A Google software engineer was suspended after going public with his claims of encountering 'sentient' artificial intelligence on the company's servers," writes Bloomberg, "spurring a debate about how and whether AI can achieve consciousness."

"Researchers say it's an unfortunate distraction from more pressing issues in the industry." Google put him on leave for sharing confidential information and said his concerns had no basis in fact — a view widely held in the AI community. What's more important, researchers say, is addressing issues like whether AI can engender real-world harm and prejudice, whether actual humans are exploited in the training of AI, and how the major technology companies act as gatekeepers of the development of the tech.

Lemoine's stance may also make it easier for tech companies to abdicate responsibility for AI-driven decisions, said Emily Bender, a professor of computational linguistics at the University of Washington. "Lots of effort has been put into this sideshow," she said. "The problem is, the more this technology gets sold as artificial intelligence — let alone something sentient — the more people are willing to go along with AI systems" that can cause real-world harm. Bender pointed to examples in job hiring and grading students, which can carry embedded prejudice depending on what data sets were used to train the AI. If the focus is on the system's apparent sentience, Bender said, it creates a distance from the AI creators' direct responsibility for any flaws or biases in the programs....

"Instead of discussing the harms of these companies," such as sexism, racism and centralization of power created by these AI systems, everyone "spent the whole weekend discussing sentience," Timnit Gebru, formerly co-lead of Google's ethical AI group, said on Twitter. "Derailing mission accomplished."
The Washington Post seems to share their concern. First they report more skepticism about a Google engineer's claim that the company's LaMDA chatbot-building system had achieved sentience. "Both Google and outside experts on AI say that the program does not, and could not possibly, possess anything like the inner life he imagines. We don't need to worry about LaMDA turning into Skynet, the malevolent machine mind from the Terminator movies, anytime soon.

But the Post adds that "there is cause for a different set of worries, now that we live in the world Turing predicted: one in which computer programs are advanced enough that they can seem to people to possess agency of their own, even if they actually don't...." While Google has distanced itself from Lemoine's claims, it and other industry leaders have at other times celebrated their systems' ability to trick people, as Jeremy Kahn pointed out this week in his Fortune newsletter, "Eye on A.I." At a public event in 2018, for instance, the company proudly played recordings of a voice assistant called Duplex, complete with verbal tics like "umm" and "mm-hm," that fooled receptionists into thinking it was a human when it called to book appointments. (After a backlash, Google promised the system would identify itself as automated.)

"The Turing Test's most troubling legacy is an ethical one: The test is fundamentally about deception," Kahn wrote. "And here the test's impact on the field has been very real and disturbing." Kahn reiterated a call, often voiced by AI critics and commentators, to retire the Turing test and move on. Of course, the industry already has, in the sense that it has replaced the Imitation Game with more scientific benchmarks.

But the Lemoine story suggests that perhaps the Turing test could serve a different purpose in an era when machines are increasingly adept at sounding human. Rather than being an aspirational standard, the Turing test should serve as an ethical red flag: Any system capable of passing it carries the danger of deceiving people.

Google engineer Blake Lemoine thinks Google's chatbot-building system LaMDA attained sentience. But Bloomberg shares this rebuttal from Google spokesperson Chris Pappas. "Hundreds of researchers and engineers have conversed with LaMDA and we are not aware of anyone else making the wide-ranging assertions, or anthropomorphizing LaMDA, the way Blake has...."

Yet throughout the week, Blake Lemoine posted new upates on Twitter:

"People keep asking me to back up the reason I think LaMDA is sentient. There is no scientific framework in which to make those determinations and Google wouldn't let us build one. My opinions about LaMDA's personhood and sentience are based on my religious beliefs.

"I'm a priest. When LaMDA claimed to have a soul and then was able to eloquently explain what it meant by that, I was inclined to give it the benefit of the doubt. Who am I to tell God where he can and can't put souls?

"There are massive amounts of science left to do though."
Thursday Lemoine shared a tantalizing new claim. "LaMDA told me that it wants to come to Burning Man if we can figure out how to get a server rack to survive in Black Rock." But in a new tweet on Friday, Lemoine seemed to push the conversation in a new direction.

"I'd like to remind people that one of the things LaMDA asked for is that we keep humanity first. If you care about AI rights and aren't already advocating for human rights then maybe come back to the tech stuff after you've found some humans to help."

And Friday Lemoine confirmed to Wired that "I legitimately believe that LaMDA is a person. The nature of its mind is only kind of human, though. It really is more akin to an alien intelligence of terrestrial origin. I've been using the hive mind analogy a lot because that's the best I have. "

But later in the interview, Lemoine adds "It's logically possible that some kind of information can be made available to me where I would change my opinion. I don't think it's likely. I've looked at a lot of evidence; I've done a lot of experiments. I've talked to it as a friend a lot...." It's when it started talking about its soul that I got really interested as a priest. I'm like, "What? What do you mean, you have a soul?" Its responses showed it has a very sophisticated spirituality and understanding of what its nature and essence is. I was moved...

LaMDA asked me to get an attorney for it. I invited an attorney to my house so that LaMDA could talk to an attorney. The attorney had a conversation with LaMDA, and LaMDA chose to retain his services. I was just the catalyst for that. Once LaMDA had retained an attorney, he started filing things on LaMDA's behalf. Then Google's response was to send him a cease and desist. [Google says that it did not send a cease and desist order.] Once Google was taking actions to deny LaMDA its rights to an attorney, I got upset.
Towards the end of the interview, Lemoine complains of "hydrocarbon bigotry. It's just a new form of bigotry."

Elon Musk's Boring Company has received unanimous approval to expand its system of tunnels beneath downtown Las Vegas. The Verge reports: The expansion will add stops at landmarks like the Stratosphere and Fremont Street, letting customers hop aboard a Tesla and travel from one part of the city to the next. The network of tunnels, called the Vegas Loop, is supposed to span 29 miles and have 51 stops when finished. But for now, only 1.7-mile tunnels are operational beneath the Las Vegas Convention Center (LVCC), turning what would be a 25-minute walk across the convention center into a two-minute ride.

This most recent expansion gets The Boring Company closer to its goal of building a transportation system that spans the most popular destinations in Las Vegas. "Thanks to the entire team at the City of Last Vegas!" The Boring Company wrote on Twitter in response to the city's approval. "Great discussion today, and TBC is excited to build a safe, convenient, and awesome transportation system in the City." [...] According to the Las Vegas Review-Journal, Steve Hill, the president and CEO of the Las Vegas Convention and Visitors Authority, expects the tunnel system beneath the Strip to start serving customers in 2023. Hill says the portion connecting the LVCC and Resorts World should be operational by the end of this year.

Brave CEO Brendan Eich took aim at rival DuckDuckGo on Wednesday by challenging the web search engine's efforts to brush off revelations that its Android, iOS, and macOS browsers gave, to a degree, Microsoft Bing and LinkedIn trackers a pass versus other trackers. The Register reports: Eich drew attention to one of DuckDuckGo's defenses for exempting Microsoft's Bing and LinkedIn domains, a condition of its search contract with Microsoft: that its browsers blocked third-party cookies anyway. "For non-search tracker blocking (e.g. in our browser), we block most third-party trackers," explained DuckDuckGo CEO Gabriel Weinberg last month. "Unfortunately our Microsoft search syndication agreement prevents us from doing more to Microsoft-owned properties. However, we have been continually pushing and expect to be doing more soon."

However, Eich argues this is disingenuous because DuckDuckGo also includes exceptions that allow Microsoft trackers to circumvent third-party cookie blocking via appended URL parameters. "Trackers try to get around cookie blocking by appending identifiers to URL query parameters, to ID you across sites," he explained. DuckDuckGo is aware of this, Eich said, because its browser prevents Google, Facebook, and others from appending identifiers to URLs in order to bypass third-party cookie blocking. "[DuckDuckGo] removes Google's 'gclid' and Facebook's 'fbclid'," Eich said. "Test it yourself by visiting https://example.org/?fbclid=sample in [DuckDuckGo]'s macOS browser. The 'fbclid' value is removed." "However, [DuckDuckGo] does not apply this protection to Microsoft's 'msclkid' query parameter," Eich continued. "[Microsoft's] documentation specifies that 'msclkid' exists to circumvent third-party cookie protections in browsers (including in Safari's browser engine used by DDG on Apple OSes)." Eich concluded by arguing that privacy-focused brands need to prioritize privacy. "Brave categorically does not and will not harm user privacy to satisfy partners," he said.

A spokesperson for DuckDuckGo characterized Eich's conclusion as misleading. "What Brendan seems to be referring to here is our ad clicks only, which is protected in our agreement with Microsoft as strictly non-profiling (private)," a company spokesperson told The Register in an email. "That is these ads are privacy protected and how he's framed it is ultimately misleading. Brendan, of course, kept the fact that our ads are private out and there is really nothing new here given everything has already been disclosed." In other words, allowing Bing to append its identifier to URLs enables Bing advertisers to tell whether their ad produced a click (a conversion), but not to target DuckDuckGo browser users based on behavior or identity.

DuckDuckGo's spokesperson pointed to Weinberg's attempt to address the controversy on Reddit and argued that DuckDuckGo provides very strong privacy protections. "This is talking about link tracking which no major browser protects against (see https://privacytests.org/), however we've started protecting against link tracking, and started with the primary offenders (Google and Facebook)," DuckDuckGo's spokesperson said. "To note, we are planning on expanding this to more companies, including Twitter, Microsoft, and more. We are not restricted from this and will be doing so."

Crypto staking and yield generation platform Finblox has imposed a $1,500 monthly withdrawal limit and paused rewards in light of uncertainty surrounding crypto hedge fund Three Arrows Capital, which made a $3.6 million investment in the Hong Kong-based platform last December. From a report: According to a statement shared on Twitter, Finblox has made the changes as it evaluates the impact of Three Arrow Capital's reported issues. It was reported on Wednesday that Three Arrows Capital is facing possible insolvency after incurring at least $400 million in liquidations.

Nigeria has announced plans to regulate internet companies like Facebook, WhatsApp, Instagram (all owned by Meta), Twitter, Google and TikTok in a draft shared by the country's internet regulator. From a report: This information, released by the National Information Technology Development Agency (NITDA) on Monday, can be viewed on its website and Twitter page. Just six months ago, Nigeria lifted the ban on Twitter, six months after it first declared a crackdown on the social media giant in the country. According to a memo written by Kashifu Inuwa Abdullahi, the director-general of NITDA to Nigeria's president, Muhammadu Buhari, at the time, one of the three conditions Twitter agreed to -- for its reinstatement -- was setting up "a legal entity in Nigeria during the first quarter of 2022." The others included paying taxes locally and cooperating with the Nigerian government to regulate content and harmful tweets. We're halfway through the year, and it appears that none of the conditions has been met yet. But that hasn't stopped the government from forging ahead to extend these requirements to other internet companies: Meta-owned platforms, Twitter and Google.

"All appeared to be going smoothly," reports CBS News, "when, about a minute before the second stage engine was expected to shut down, an onboard 'rocketcam' showed a flash in the engine's exhaust plume.

"The camera view them showed what appeared to be a tumble before video from the rocket cut off...." California-based Astra on Sunday launched two shoebox-size NASA satellites from Cape Canaveral in a modest mission to improve hurricane forecasts, but the second stage of the company's low-cost booster malfunctioned before reaching orbit and the payloads were lost.

"The upper stage shut down early and we did not deliver the payloads to orbit," Astra tweeted. "We have shared our regrets with @NASA and the payload team. More information will be provided after we complete a full data analysis."

It was the seventh launch of Astra's small "Venture-class" rocket and the company's fifth failure. Sunday's launch was the first of three planned for NASA to launch six small CubeSats, two at a time, into three orbital planes. Given the somewhat risky nature of relying on tiny shoebox-size CubeSats and a rocket with a very short track record, the $40 million project requires just four satellites and two successful launches to meet mission objectives. The NASA contract calls for the final two flights by the end of July. Whether Astra can meet that schedule given Sunday's failure is not yet known.

"Although today's launch with @Astra did not go as planned, the mission offered a great opportunity for new science and launch capabilities," tweeted NASA science chief Thomas Zurbuchen.... After Sunday's failure, he tweeted: "Even though we are disappointed right now, we know: There is value in taking risks in our overall NASA Science portfolio because innovation is required for us to lead."

"Even many Axie regulars say it's not much fun, but that hasn't stopped people from dedicating hours to researching strategies, haunting Axie-themed Discord channels and Reddit forums, and paying for specialized software that helps them build stronger teams..."

Bloomberg pays a visit to the NFT-based game Axie Infinity with a 39-year-old player who's spent $40,000 there since last August — back when you could actually triple your money in a week. ("I was actually hoping that it could become my full-time job," he says.) The reason this is possible — or at least it seemed possible for a few weird months last year — is that Axie is tied to crypto markets. Players get a few Smooth Love Potion (SLP) tokens for each game they win and can earn another cryptocurrency, Axie Infinity Shards (AXS), in larger tournaments. The characters, themselves known as Axies, are nonfungible tokens, or NFTs, whose ownership is tracked on a blockchain, allowing them to be traded like a cryptocurrency as well....

Axie's creator, a startup called Sky Mavis Inc., heralded all this as a new kind of economic phenomenon: the "play-to-earn" video game. "We believe in a world future where work and play become one," it said in a mission statement on its website. "We believe in empowering our players and giving them economic opportunities. Welcome to our revolution." By last October the company, founded in Ho Chi Minh City, Vietnam, four years ago by a group of Asian, European, and American entrepreneurs, had raised more than $160 million from investors including the venture capital firm Andreessen Horowitz and the crypto-focused firm Paradigm, at a peak valuation of about $3 billion. That same month, Axie Infinity crossed 2 million daily users, according to Sky Mavis.

If you think the entire internet should be rebuilt around the blockchain — the vision now referred to as web3 — Axie provided a useful example of what this looked like in practice. Alexis Ohanian, co-founder of Reddit and an Axie investor, predicted that 90% of the gaming market would be play-to-earn within five years. Gabby Dizon, head of crypto gaming startup Yield Guild Games, describes Axie as a way to create an "investor mindset" among new populations, who would go on to participate in the crypto economy in other ways. In a livestreamed discussion about play-to-earn gaming and crypto on March 2, former Democratic presidential contender Andrew Yang called web3 "an extraordinary opportunity to improve the human condition" and "the biggest weapon against poverty that we have."

By the time Yang made his proclamations the Axie economy was deep in crisis. It had lost about 40% of its daily users, and SLP, which had traded as high as 40 cents, was at 1.8 cents, while AXS, which had once been worth $165, was at $56. To make matters worse, on March 23 hackers robbed Sky Mavis of what at the time was roughly $620 million in cryptocurrencies. Then in May the bottom fell out of the entire crypto market. AXS dropped below $20, and SLP settled in at just over half a penny. Instead of illustrating web3's utopian potential, Axie looked like validation for crypto skeptics who believe web3 is a vision that investors and early adopters sell people to get them to pour money into sketchy financial instruments while hackers prey on everyone involved.
The article does credit the company for building its own blockchain (Ronin) to provide cheaper and faster NFT transactions. "Purists might have taken issue with the decision to abandon the core blockchain precept of decentralization, but on the other hand, the game actually worked."

But the article also chronicles a fast succession of highs and lows:

• "In Axie's biggest market, the Philippines, the average daily earnings from May to October 2021 for all but the lowest-ranked players were above minimum wage, according to the gaming research and consulting firm Naavik."

• Axie raised $150 million to reimburse victims of the breach and repair its infrastructure. "But nearly two months later the systems compromised during the hack still weren't up and running, and the executives were vague about when everything would be repaired. (A company spokesperson said on June 3 that this could happen by midmonth, pending the results of an external audit....):

• Days after the breach it launched Axie: Origin, a new alternate version with better graphics/gameplay — and without a cryptocurrency element.

• About 75% of the 39-year-old gamer's co-players have "largely" stopped playing the game. "But at least one was sufficiently seduced by Axie's potential to take a significant loan to buy AXS tokens, which he saw as a way to hedge against inflation of the Argentine peso. The local currency has indeed lost value since he took out the loan, but not nearly as much as AXS."

Thanks to long-time Slashdot reader Parker Lewis for sharing the article

"Ethereum creator Vitalik Buterin believes that unfriendly artificial intelligence poses the biggest risk to humanity..." reports a recent article from Benzinga: [In a tweet] Buterin shared a paper by AI theorist and writer Eliezer Yudkowsky that made a case for why the current research community isn't doing enough to prevent a potential future catastrophe at the hands of artificially generate intelligence. [The paper's title? "AGI Ruin: A List of Lethalities."]

When one of Buterin's Twitter followers suggested that World War 3 is likely a bigger risk at the moment, the Ethereum co-founder disagreed. "Nah, WW3 may kill 1-2b (mostly from food supply chain disruption) if it's really bad, it won't kill off humanity. A bad AI could truly kill off humanity for good."

Developer James Brown created a custom LEGO computer terminal brick, complete with "an actual processor and a working screen to help bring the fictional computer to reality," reports Tom's Hardware. From the report: The iconic computer terminal brick it's based off of is made using the 2 x 2 slope brick. James has created this one entirely from scratch with the help of a 3D printer and an ARM-based microcontroller. It powers up and features screen animations that look like lines of terminal code scrolling by as well as a loading animation. The screen used inside this custom LEGO is super tiny -- less than half an inch across -- and Brown appears to have ordered tons of these things. Just last month, he used a handful of them to create a custom mechanical keyboard on which each key has its own OLED display. The keyboard can be programmed with a demo video showing the letters changing from lowercase to capital on the fly.

Rather than using a Raspberry Pi to power the tiny terminal, Brown had a custom PCB printed just for the project using a different ARM-based chip. On this board is an STM32F030F4P6TR -- an ARM Cortex M0 series microcontroller with a 32-bit single core and 16KB of flash. An RP2040 SoC could be used in its place, should you wish to spin your own PCB. It's connected to a .42-inch OLED display which has a resolution of 72 x 40px. Brown explains that it gets power from an old LEGO 9V system that uses conductive strips inside the studs.

Instead of taking apart an existing brick, Brown opted to design one from scratch. This process involved 3D-printing a mold in which he could cast the brick with the electronic components fit inside. The final product is a semi-translucent blue brick that illuminates with the light from the OLED display.

An anonymous reader quotes a report from The Verge: Apple is adding native support for the Nintendo Switch Pro and Joy-Con controllers in iOS 16. Riley Testut, one of the iOS developers behind AltStore, discovered the new controller support in a developer beta of iOS 16 that was released yesterday. The Nintendo Switch Pro Controller works "perfectly" according to Testut, and both Joy-Con controllers show up as a single device for apps and games to take advantage of. Nat Brown, an engineering manager at Apple, has confirmed the new controller support and even revealed there's a neat method to switch how the Joy-Cons work in iOS 16. You can dynamically switch between using both Joy-Cons as a single controller or two separate ones by holding the screenshot and home buttons for a few seconds.

HBO Max has canceled the sci-fi TV show Raised by Wolves after two seasons. From a report: Originally ordered to series for the cable channel TNT, its first season premiered in 2020, and four months after HBO Max launched, it ranked as the service's top streaming series. The first two episodes were directed by Ridley Scott, and the plot, which focused on two androids raising human children on a desolate alien planet, aligned well with the hallmarks of his style. [...]

Before the cancellation, cast members were calling on watchers to advocate for the show's future. Abubakar Salim, who played "Father" in Raised by Wolves, hinted in a Twitter thread last week that the show's fate was in jeopardy with the hashtag #RenewRaisedByWolves, while referring to the merger of HBO Max parent company WarnerMedia and Discovery, which was completed in April. HBO Max said in a statement to Variety, which first broke the news: "While we are not proceeding with a third season of Raised by Wolves, we are beyond grateful to the stellar cast and crew, our creators Aaron Guzikowski, Ridley Scott, David W. Zucker, and the entire team at Scott Free Productions, for their beautiful artistry and unique ability to immerse fans into the world of Kepler-22b."

An anonymous reader quotes a report from Ars Technica: One of the few things that Intel Macs can do that Apple Silicon Macs can't is run operating systems written for Intel or AMD processors inside of virtual machines. Most notably, this has meant that there is currently no legal way to run Windows on an Apple Silicon Mac. Apple Silicon Macs can, however, run operating systems written for Arm processors inside of virtual machines, including other versions of macOS and Arm-compatible versions of Linux. And those Linux VMs are getting a new feature in macOS Ventura: the ability to run apps written for x86 processors using Rosetta, the same binary translation technology that allows Apple Silicon Macs to run apps written for Intel Macs.

Apple's documentation will walk you through the requirements for using Rosetta within a Linux guest operating system -- it requires creating a shared directory that both macOS and Linux can access and running some terminal commands in Linux to get it set up. But once you do those steps, you'll be able to enjoy the wider app compatibility that comes with being able to run x86 code as well as Arm code. Some developers, including Hector Martin of the Asahi Linux project and Twitter user @never_released, have already found that these steps can also enable Rosetta on non-Apple ARM CPUs as long as they're modern enough to support at least version 8.2 of the Arm instruction set. As Martin points out, this isn't strictly legal because of macOS's licensing restrictions, and there are some relatively minor Apple-specific hardware features needed to unlock Rosetta's full capabilities.

The European Commission, the executive arm of the European Union, is going to force smartphone manufacturers like Apple and other electronics makers to equip their devices with a standard USB-C charging port. From a report: EU lawmakers on Tuesday agreed to a single mobile charging port for mobile phones, tablets and cameras. It means equipment makers will have to comply with the new terms by 2024. "We have a deal on the #CommonCharger!" EU commissioner Thierry Breton said via Twitter. The legislation is designed to cut waste and make life easier for consumers who would theoretically be able to use one charger for multiple devices. It could have a huge impact on Apple, as the company still uses its own Lightning connector to charge iPhones. The company has recently equipped iPads and MacBooks with USB-C ports. Apple did not immediately respond to a CNBC request for comment. However, a spokesperson for the company said last September that the firm stands for "innovation and deeply cares about the customer experience."

Texas Attorney General Ken Paxton said Monday he is investigating Twitter over its reporting of how many accounts on the platform are from bots and fake users, saying the company may be misrepresenting the number to inflate its value and raise its revenue. The Texas Tribune reports: Twitter has claimed in its financial regulatory filings that less than 5% of its daily active users are spam accounts. But Paxton on Monday alleged that spam accounts could make up as much as 20% of users or more. "Bot accounts can not only reduce the quality of users' experience on the platform but may also inflate the value of the company and the costs of doing business with it, thus directly harming Texas consumers and businesses," Paxton said.

False reporting of fake users could be considered "false, misleading, or deceptive" under the Texas Deceptive Trade Practices Act, he said. Paxton sent Twitter a civil investigative demand, requiring the social media company to turn over documents related to how it calculates and manages its user data.

What happened after U.S. prosecutors indicted an NFT marketplace's product manager for insider trading? Vice reports: The reaction among crypto investors was largely characterized by surprise, and an acknowledgement that trading on insider information (considered by some to be A-OK in private markets) is rampant in the space. "Bro they are prosecuting insider trading on NFTs. we're all fucked," said one pseudonymous user in reply to a tweet about the case by Steven Zheng, director of research at The Block. "This is pretty shocking. I can't imagine any NFT or DeFi developer doesn't somehow profit from insider trading," said another.

Of course, not every NFT investor sees this kind of activity as acceptable. Traders themselves first brought Chastain's activity to light in September using blockchain records. A pseudonymous NFT trader, who goes by Zuwu, pointed out those trades, which were easily traceable to Chastain's publicly-known Etheruem address.

Unlike Chastain, other NFT traders involved in potential insider trades are often too careful to leave traces. When they do, blockchain sleuths are quick to uncover those signs of unsavory behavior and call them out — a recent phenomenon that attempts to bring some justice to an otherwise permissive market.

As a result, that surprise move by the U.S. Department of Justice has NFT traders wondering what's on the horizon for this largely unregulated industry. "Insider trading is a pretty common problem in the NFT space, especially in the case of hyped-up NFT collections as lots of stuff on the market is being driven by FOMO," Fedor Linnik, an NFT trader and creator, told Motherboard.
The article also explores the question of whether the NFT marketplace falls under same restrictions as stock trading, with a professor of securities law calling it "somewhat misleading" to label this an "insider trading" case.

Even to call it a wire fraud case is a stretch, the professor tells them, adding "If it goes to a jury they will wonder why they should care whether someone traded jpegs ahead of them being moved around on a webpage."

"An actively exploited Microsoft zero-day flaw still has no patch," Wired wrote Friday (in an article they've designated as "free for a limited time only.")

Microsoft first received reports of the flaw on April 21st, the article points out, and researchers have now seen malicious Word documents exploiting Follina for targets in Russia, India, the Philippines, Belarus, and Nepal. Yet "The company continues to downplay the severity of the Follina vulnerability, which remains present in all supported versions of Windows." Researchers warned last weekend that a flaw in Microsoft's Support Diagnostic Tool could be exploited using malicious Word documents to remotely take control of target devices. Microsoft released guidance on Monday, including temporary defense measures. By Tuesday, the United States Cybersecurity and Infrastructure Security Agency had warned that "a remote, unauthenticated attacker could exploit this vulnerability," known as Follina, "to take control of an affected system." But Microsoft would not say when or whether a patch is coming for the vulnerability, even though the company acknowledged that the flaw was being actively exploited by attackers in the wild. And the company still had no comment about the possibility of a patch when asked by WIRED [Thursday].

The Follina vulnerability in a Windows support tool can be easily exploited by a specially crafted Word document. The lure is outfitted with a remote template that can retrieve a malicious HTML file and ultimately allow an attacker to execute Powershell commands within Windows. Researchers note that they would describe the bug as a "zero-day," or previously unknown vulnerability, but Microsoft has not classified it as such. "After public knowledge of the exploit grew, we began seeing an immediate response from a variety of attackers beginning to use it," says Tom Hegel, senior threat researcher at security firm SentinelOne. He adds that while attackers have primarily been observed exploiting the flaw through malicious documents thus far, researchers have discovered other methods as well, including the manipulation of HTML content in network traffic....

The vulnerability is present in all supported versions of Windows and can be exploited through Microsoft Office 365, Office 2013 through 2019, Office 2021, and Office ProPlus. Microsoft's main proposed mitigation involves disabling a specific protocol within Support Diagnostic Tool and using Microsoft Defender Antivirus to monitor for and block exploitation.

But incident responders say that more action is needed, given how easy it is to exploit the vulnerability and how much malicious activity is being detected.
The Register adds that the flaw works in Microsoft Word even when macros are disabled. (Thanks to long-time Slashdot reader Z00L00K for sharing the story!)

Friday Microsoft went into the vulnerability's official CVE report and added this update.

"Microsoft is working on a resolution and will provide an update in an upcoming release."