An anonymous reader quotes a report from Ars Technica: Microsoft late Thursday confirmed the existence of two critical vulnerabilities in its Exchange application that have already compromised multiple servers and pose a serious risk to an estimated 220,000 more around the world. The currently unpatched security flaws have been under active exploit since early August, when Vietnam-based security firm GTSC discovered customer networks had been infected with malicious webshells and that the initial entry point was some sort of Exchange vulnerability. The mystery exploit looked almost identical to an Exchange zero-day from 2021 called ProxyShell, but the customers' servers had all been patched against the vulnerability, which is tracked as CVE-2021-34473. Eventually, the researchers discovered the unknown hackers were exploiting a new Exchange vulnerability.

Wednesday's GTSC post said the attackers are exploiting the zero-day to infect servers with webshells, a text interface that allows them to issue commands. These webshells contain simplified Chinese characters, leading the researchers to speculate the hackers are fluent in Chinese. Commands issued also bear the signature of the China Chopper, a webshell commonly used by Chinese-speaking threat actors, including several advanced persistent threat groups known to be backed by the People's Republic of China. GTSC went on to say that the malware the threat actors eventually install emulates Microsoft's Exchange Web Service. It also makes a connection to the IP address 137[.]184[.]67[.]33, which is hardcoded in the binary. Independent researcher Kevin Beaumont said the address hosts a fake website with only a single user with one minute of login time and has been active only since August. The malware then sends and receives data that's encrypted with an RC4 encryption key that's generated at runtime. Beaumont went on to say that the backdoor malware appears to be novel, meaning this is the first time it has been used in the wild. People running on-premises Exchange servers "should apply a blocking rule that prevents servers from accepting known attack patterns," reports Ars. The rule can be found in Microsoft's advisory.

"For the time being, Microsoft also recommends people block HTTP port 5985 and HTTPS port 5986, which attackers need to exploit CVE-2022-41082."

A new treatment for amyotrophic lateral sclerosis, or ALS, has been approved by the US Food and Drug Administration. CNN reports: The FDA announced approval of Relyvrio, developed by Amylyx Pharmaceuticals, on Thursday. The oral medication works as a standalone therapy or when added to other treatments, according to the company, and it has been shown to slow disease progression. Patients and some advocacy groups had urged the FDA to approve the drug, as there are limited treatments available for ALS, and the agency granted priority review in December.

In November, Amylyx submitted a drug application to the FDA for the medication, then called AMX0035, as an oral ALS treatment, seeking approval based on a Phase 2 trial that included 137 people with ALS who received either the drug or a placebo for 24 weeks. The study was funded in part by a grant from the ALS Ice Bucket Challenge, the viral social media campaign that started in 2014 involving people dumping buckets of ice water over themselves to raise awareness and money around ALS. The trial also showed that the drug was generally well-tolerated, but there was a greater frequency of gastrointestinal events in the group getting the medication. Amylyx is now continuing to study its safety and efficacy in a Phase 3 trial. In March, the Peripheral and Central Nervous System Drugs Advisory Committee voted 6-4 that a single Phase 2 trial did not establish the conclusion that the drug is effective in treating ALS.

One key difference between the FDA advisory committee's March and September meetings is that in the later meeting, Amylyx indicated that if the drug was approved but its Phase 3 trial results fail to confirm the drug's benefits, the company would consider withdrawing the drug from the market, Lynch said. She added, however, that the company didn't say specifically what it would view as a failure. "So at the vote, the advisory committee members switched, and most of them said, 'Yes, we are now convinced that this product should be approved.' And when they were asked why they changed their minds, some of them said, 'Well, the company said they would withdraw,'" she said. "And they were also convinced by patients' testimonies that they very much want to try this drug." But overall, the FDA's approval was based on Phase 2 trial data, which, Lynch said, may send a message to other pharmaceutical companies that they don't need robust Phase 3 trial data to get products on the market. Although people with ALS want access to this promising drug, there are concerns that such a message could open the door more broadly to the approval of medications that have not been proved to work, says Holly Fernandez Lynch, an assistant professor of medical ethics and health policy at the University of Pennsylvania. "The FDA could later withdraw those products if needed, she said, but doing so without voluntary company agreement is 'a huge pain' and often requires a very lengthy process," reports CNN.

Saul Kripke, a math prodigy and pioneering logician whose revolutionary theories on language qualified him as one of the 20th century's greatest philosophers, died on Sept. 15 in Plainsboro, N.J. He was 81. The New York Times reports: His death, at Penn Medicine Princeton Medical Center, was caused by pancreatic cancer, according to Romina Padro, director of the Saul Kripke Center at the City University of New York, where Professor Kripke had been a distinguished professor of philosophy and computer science since 2003 and had capped a career exploring how people communicate. Professor Kripke's classic work, "Naming and Necessity," first published in 1972 and drawn from three lectures he delivered at Princeton University in 1970 before he was 30, was considered one of the century's most evocative philosophical books.

"Kripke challenged the notion that anyone who uses terms, especially proper names, must be able to correctly identify what the terms refer to," said Michael Devitt, a distinguished professor of philosophy who recruited Professor Kripke to the City University Graduate Center in Manhattan. "Rather, people can use terms like 'Einstein,' 'springbok,' perhaps even 'computer,' despite being too ignorant or wrong to provide identifying descriptions of their referents," Professor Devitt said. "We can use terms successfully not because we know much about the referent but because we're linked to the referent by a great social chain of communication."

The Pulitzer Prize-winning historian Taylor Branch, writing in The New York Times Magazine in 1977, said Professor Kripke had "introduced ways to distinguish kinds of true statements -- between statements that are 'possibly' true and those that are 'necessarily' true." "In Professor Kripke's analysis," he continued, "a statement is possibly true if and only if it is true in some possible world -- for example, 'The sky is blue' is a possible truth, because there is some world in which the sky could be red. A statement is necessarily true if it is true in all possible worlds, as in 'The bachelor is an unmarried man.'"

An anonymous reader quotes a report from Ars Technica: In January this year, an undersea volcano in Tonga produced a massive eruption, the largest so far this century. The mixing of hot volcanic material and cool ocean water created an explosion that sent an atmospheric shockwave across the planet and triggered a tsunami that devastated local communities and reached as far as Japan. The only part of the crater's rim that extended above water was reduced in size and separated into two islands. A plume of material was blasted straight through the stratosphere and into the mesosphere, over 50 km above the Earth's surface. We've taken a good look at a number of past volcanic eruptions and studied how they influence the climate. But those eruptions (most notably that of Mount Pinatubo) all came from volcanoes on land. Hunga Tonga may be the largest eruption we've ever documented that took place under water, and the eruption plume contained unusual amounts of water vapor -- so much of it that it actually got in the way of satellite observations at some wavelengths. Now, researchers have used weather balloon data to reconstruct the plume and follow its progress during two circuits around the globe.

Your vocabulary word of the day is radiosonde, which is a small instrument package and transmitter that can be carried into the atmosphere by a weather balloon. There are networks of sites where radiosondes are launched as part of weather forecasting services; the most relevant ones for Hunga Tonga are in Fiji and Eastern Australia. A balloon from Fiji was the first to take instruments into the eruption plume, doing so less than 24 hours after Hunga Tonga exploded. That radiosonde saw increasing levels of water as it climbed through the stratosphere from 19 to 28 kilometers of altitude. The water levels had reached the highest yet measured at the top of that range when the balloon burst, bringing an end to the measurements. But shortly after, the plume started showing up along the east coast of Australia, which again registered very high levels of water vapor. Again, water reached to 28 km in altitude but gradually settled to lower heights over the next 24 hours.

The striking thing was how much of it there was. Compared to normal background levels of stratospheric water vapor, these radiosondes were registering 580 times as much water even two days after the eruption, after the plume had some time to spread out. There was so much there that it still stood out as the plume drifted over South America. The researchers were able to track it for a total of six weeks, following it as it spread out while circling the Earth twice. Using some of these readings, the researchers estimated the total volume of the water vapor plume and then used the levels of water present to come up with a total amount of water put into the stratosphere by the eruption. They came up with 50 billion kilograms. And that's a low estimate, because, as mentioned above, there was still water above the altitudes where some of the measurements stopped. The recent findings appear in a new study published in the journal Science.

Long-time Slashdot reader theodp writes: A new study on the Impact of Programming on Primary Mathematics Learning (abstract only, full article $24.95 on ScienceDirect) is generating some buzz on Twitter amongst K-12 CS educator types. It concluded that:

1. Programming did not benefit mathematics learning compared to traditional activities
2. There's a negative though small effect of programming on mathematics learning
3. Mindful "high-road transfer" from programming to mathematics is not self-evident
4. Visual programming languages might distract students from mathematics activities

From the Abstract: "The aim of this study is to investigate whether a programming activity might serve as a learning vehicle for mathematics acquisition in grades four and five.... Classes were randomly assigned to the programming (with Scratch) and control conditions. Multilevel analyses indicate negative effects (effect size range 0.16 to 0.21) of the programming condition for the three mathematical notions.

"A potential explanation of these results is the difficulties in the transfer of learning from programming to mathematics."

The findings of the new study come 4+ years after preliminary results were released from the $1.5M 2015-2019 NSF-funded study Time4CS, a "partnership between Broward County Public Schools (FL), researchers at the University of Chicago, and [tech-bankrolled] Code.org," which explored whether learning CS using Code.org's CS Fundamentals curriculum may be linked to improved learning in math at the grade 3-5 level. Time4CS researchers concluded that the "quasi-experimental" study showed that "No significant differences in Florida State Assessment mathematics scores resulted between treatment and comparison groups."

Released 40 years ago, the 1982 movie Tron eventually spawned a 2010 sequel (plus a 19-episode animated series that aired on Disney XD between 2012 and 2013). But it also spawned a rollercoaster...

Tron Lightcycle Run first opened at Shanghai Disneyland in 2016. (You can find some ride-through footage on YouTube. Apparently riders race against a yellow lightcycle....)

And now the ride is finally coming to Florida, reports Cinemablend: Tron Lightcycle Run began its construction back in 2018 and while the E-ticket ride was massive, we expected things to move along as quickly as possible. However, then a little pandemic happened and that changed a lot. Construction was delayed and even after the parks reopened things were going quite slowly, but more recently things have picked up, and now we know when the ride will finally be open.

At the D23 Expo today Disney Parks Chairman Josh D'Amaro announced a Spring 2023 opening date for Tron Lightcycle Run..... Lightcycle Run has been undergoing testing with live riders of late, a video was shown during the presentation of Josh D'Amaro himself doing a run...
CNET quotes D'Amaro as saying the ride is "really close to being ready for showtime."

India has summoned executives of Wikipedia after a cricketer's page on the online encyclopedia was edited with links to a separatist movement. The country's IT ministry made the order on Monday to seek clarification from Wikipedia executives over the incident. From a report: A key IT minister publicly expressed his concern about the edits to the page of cricketer Arshdeep Singh, suggesting that some people from Pakistan were behind the act and were attempting to disrupt peace in the South Asian market. The Wikipedia page of Singh, who had several lapses in a game between India and Pakistan on Sunday, was edited to incorrectly say that he had been selected to play for Khalistan, a fictitious independent homeland sought by some separatists groups. Rajeev Chandrasekhar, India's Junior IT Minister, said in a tweet that no intermediary, a service with over 5 million users, can permit deliberate misinformation campaign of this kind. Such acts "violates our govt's expectation of safe & trusted internet," he tweeted.

On Friday, the family of astronomer Frank Drake announced that he passed away peacefully at 92 in his California home, near the site of his final academic position at the University of California, Santa Cruz. Ars Technica reports: Drake made a number of contributions to radio astronomy, including serving as director of the Arecibo radio telescope facility. But Drake is probably best known for an equation that bears his name and his subsequent involvement in SETI efforts. His equation was the first significant attempt to estimate the probability of intelligent extraterrestrial life. [...] His most prominent contribution in this area was the formulation of what's now known as the Drake equation. It's purportedly a calculation -- plug in the probabilities of a handful of things like the frequency of exoplanets around stars and the probability of life forming spontaneously, and out would pop the overall number of intelligent civilizations in our galaxy. [...]

Drake first presented his equation in 1961, and he maintained an interest in the question of extraterrestrial life throughout his career. While at Arecibo, he was involved in a project that beamed a message from that facility to a cluster of stars. He also helped craft two messages sent with our first hardware that was expected to leave the Solar System: a plaque on Pioneer 10 and 11 and gold records placed on the Voyager probes. He was also involved with the SETI institute and served on its board of trustees.

United Launch Alliance has been developing a heavy-lift space vehicle since 2014 (with investment from the U.S. military) called the Vulcan Centaur.

So CNN reports that the ashes of the late Star Trek actress Nichelle Nichols "will head to deep space on a Vulcan rocket." Nichols' cremated remains will be aboard the first Celestis Voyager Memorial Spaceflight, which will launch from Cape Canaveral, Florida. Celestis, Inc., is a private company that conducts memorial spaceflights. Among the remains also aboard the flight will be the ashes of "Star Trek" creator Gene Roddenberry; his wife, Majel Barrett-Roddenberry, who played various roles in the show and films; and James Doohan, who played Montgomery "Scotty" Scott in the films and TV series....

The spaceflight will travel beyond NASA's James Webb Space Telescope and into interplanetary deep space. In addition to cremated remains, capsules onboard will also carry complete human genome DNA samples from willing participants.

People can participate in the flight — by having DNA or loved ones' remains in a spaceflight container — for a price starting at $12,500, and reservations close August 31. (Celestis offers other voyages that don't travel as far, but can cost less than $5,000.) Ahead of the flight's liftoff, Celestis will host a three-day event with mission briefings, an astronaut-hosted dinner, launch site tours, an on-site memorial service and launch viewing. All events will be shown via webcast, according to Celestis.
An announcement on the flight's site invites fans of Nichelle Nichols to "share your own story about how she inspired you and it will be sent into deep space aboard the first Celestis Voyager Memorial Spaceflight — the Enterprise Flight, launching later in 2022."

Every Friday Politico interviews someone about "The Future in Five Questions". This week they interviewed Neal Stephenson (who they describe as "the sci-fi author who coined the term 'metaverse' and now a Web3 entrepreneur in his own right.")

Stephenson began by sharing his thoughts on a big idea that's underrated. Neal Stephenson: Desalination. It's an incredibly obvious, kind of simple process. Nothing is more basic than having water to drink, so it's kind of hiding in plain sight, but coupled with cheap energy from photovoltaics it's going to make big changes in the world. When you look at how much water, or a lack thereof, has shaped where people live and how people make food, the notion that we might be able to engineer ways to get fresh water in a new way could be revolutionary.

What's a technology you think is overhyped?

Stephenson: I'm going to go with an oldie: rockets. It's just a historical accident that chemical rockets became our only way of putting stuff into space, and if we had started at a different time we would have ended up doing something that works better.

One alternative would be beaming energy from the ground to vehicles, using lasers or microwaves. That seems like a doable project right now. There's nuclear propulsion, which I think is probably never going to happen at scale, because it's politically impossible, but even something as simple as constructing a very tall building or a tall tower and using that as a launch platform, or as a way to accelerate things up upward, could really change the economics of spaceflight.
Stephenson also says the book that most shaped his conception of the future was Robert Heinlein's 1958 novel Have Spacesuit, Will Travel. And the biggest surprise of 2022 was Ukraine's strong response after Russia's invasion. "Most people who are paying attention have understood that drones and other new technologies are going to change the way wars get fought, but we're seeing it unfold and mutate in real time in Ukraine.

"These guys are taking old Cold War grenades and disassembling them, and putting on homemade fuses and attaching 3D printed fins and dropping them out of consumer-grade drones, to a significant effect on the battlefield...."

In 2004 Neal Stephenson answered questions from Slashdot's readers.

An anonymous reader quotes a report from Ars Technica: Skirting the official macOS system requirements to run new versions of the software on old, unsupported Macs has a rich history. Tools like XPostFacto and LeopardAssist could help old PowerPC Macs run newer versions of Mac OS X, a tradition kept alive in the modern era by dosdude1's patchers for Sierra, High Sierra, Mojave, and Catalina. For Big Sur and Monterey, the OpenCore Legacy Patcher (OCLP for short) is the best way to get new macOS versions running on old Macs. It's an offshoot of the OpenCore Hackintosh bootloader, and it's updated fairly frequently with new features and fixes and compatibility for newer macOS versions. The OCLP developers have admitted that macOS Ventura support will be tough, but they've made progress in some crucial areas that should keep some older Macs kicking for a little bit longer.

[...] First, while macOS doesn't technically include system files for pre-AVX2 Intel CPUs, Apple's Rosetta 2 software does still include those files, since Rosetta 2 emulates the capabilities of a pre-AVX2 x86 CPU. By extracting and installing those files in Ventura, you can re-enable support on Ivy Bridge and older CPUs without AVX2 instructions. And this week, Grymalyuk showed off another breakthrough: working graphics support on old Metal-capable Macs, including machines as old as the 2014 5K iMac, the 2012 Mac mini, and even the 2008 cheese grater-style Mac Pro tower. The OCLP team still has other challenges to surmount, not least of which will involve automating all of these hacks so that users without a deep technical understanding of macOS's underpinnings can continue to set up and use the bootloader. Grymalyuk still won't speculate about a timeframe for official Ventura support in OCLP. But given the progress that has been made so far, it seems likely that people with 2012-and-newer Macs should still be able to run Ventura on their Macs without giving up graphics acceleration or other important features.

Digital Trends reports: Working with the Wikimedia Foundation, Meta AI (that's the AI research and development research lab for the social media giant) has developed what it claims is the first machine learning model able to automatically scan hundreds of thousands of citations at once to check if they support the corresponding claims....

"I think we were driven by curiosity at the end of the day," Fabio Petroni, research tech lead manager for the FAIR (Fundamental AI Research) team of Meta AI, told Digital Trends. "We wanted to see what was the limit of this technology. We were absolutely not sure if [this AI] could do anything meaningful in this context. No one had ever tried to do something similar [before]."

Trained using a dataset consisting of 4 million Wikipedia citations, Meta's new tool is able to effectively analyze the information linked to a citation and then cross-reference it with the supporting evidence.... Just as impressive as the ability to spot fraudulent citations, however, is the tool's potential for suggesting better references. Deployed as a production model, this tool could helpfully suggest references that would best illustrate a certain point. While Petroni balks at it being likened to a factual spellcheck, flagging errors and suggesting improvements, that's an easy way to think about what it might do.

"Creators aren't getting paid," says Cory Doctorow. "That's because powerful corporations have figured out how to create chokepoints — that let them snatch up more of the value generated by creative work before it reaches creative workers."

But he's doing something about it.

Doctorow's teamed up with Melbourne-based law professor Rebecca Giblin, the director of Australia's Intellectual Property Research Institute, for a new book that first "pulls aside the veil on the tricks Big Tech and Big Content use..." But more importantly, it also presents specific ideas for "how we can recapture creative labor markets to make them fairer and more sustainable." Their announcement describes the book as "A Big Tech/Big Content disassembly manual," saying it's "built around shovel-ready ideas for shattering the chokepoints that squeeze creators and audiences — technical, commercial and legal blueprints for artists, fans, arts organizations, technologists, and governments to fundamentally restructure the broken markets for creative labor."

Or, as they explain later, "Our main focus is action." Lawrence Lessig says the authors "offer a range of powerful strategies for fighting back." Anil Dash described it as "a credible, actionable vision for a better, more collaborative future where artists get their fair due." And Douglas Rushkoff called the book "an infuriating yet inspiring call to collective action."

The book is titled "Chokepoint Capitalism: How Big Tech and Big Content Captured Creative Labor Markets and How We'll Win Them Back." And at one point their Kickstarter page lays down a thought-provoking central question about ownership. "For 40 years, every question about creators rights had the same answer: moar copyright. How's that worked out for artists?" And then it features a quote from Wikipedia co-founder Jimmy Wales. "Copyright can't unrig a rigged market — for that you need worker power, antitrust, and solidarity."

A Kickstarter campaign to raise $10,000 has already raised $72,171 — in its first five days — from over 1,800 backers. That's partly because, underscoring one of the book's points, their Kickstarter campaign is offering "an audiobook Amazon won't sell." While Amazon will sell you a hardcover or Kindle edition of the book.... Audible has a hard and fast rule: if you're a publisher or writer who wants to sell your audiobook on Audible, you have to let it be wrapped in "Digital Rights Management," aka DRM: digital locks that permanently bind your work to the Audible platform. If a reader decides to leave Audible, DRM stops them taking the books they've already bought with them.... Every time Audible sells a book, DRM gives it a little bit more power to shake down authors and publishers. Amazon uses that stolen margin to eliminate competition and lock-in more users, ultimately giving it even more power over the people who actually make and produce books.
The announcement says their book "is about traps like the one Audible lays for writers and readers. We show how Big Tech and Big Content erect chokepoints between creators and audiences, allowing them to lock in artists and producers, eliminate competition, and extract far more than their fair share of revenues from creative labour. No way are we going to let Audible put its locks on our audiobook.

"So we're kickstarting it instead."

The announcement notes that Cory Doctorow himself has written dozens of books, "and he won't allow digital locks on any of them." And then in 2020, "Cory had an idea: what if he used Kickstarter to pre-sell his next audiobook? It was the most successful audiobook crowdfunding campaign in history."

So now Cory's working instead with independent audiobook studio Skyboat Media "to make great editions, which are sold everywhere except Audible (and Apple, which only carries Audible books): Libro.fm, Downpour, Google Play and his own storefront. Cory's first kickstarter didn't just smash all audiobook crowdfunding records — it showed publishers and other writers that there were tons of people who cared enough about writers getting paid fairly that they were willing to walk away from Amazon's golden cage. Now we want to send that message again — this time with a book that takes you behind the curtain to unveil the Machiavellian tactics Amazon and the other big tech and content powerhouses use to lock in users, creators and suppliers, eliminate competition, and extract more than their fair share....

Chokepoint Capitalism is not just a rollicking read, and a delightful listen: it also does good.

Your willingness to break out of the one-click default of buying from the Audible monopoly in support of projects like this sends a clear message to writers, publishers, and policymakers that you have had enough of the unfair treatment of creative workers, and you are demanding change.
Rewards include ebooks, audiobooks, hardcover copies, and even the donation of a copy to your local library. You can also pledge money without claiming a reward, or pledge $1 as a show of support for "a cryptographically signed email thanking you for backing the project. Think of it as a grift-free NFT."

Craig Newmark says the book documents "the extent to which competition's been lost throughout the creative industries, and how this pattern threatens every other worker. There is still time to do something about it, but the time to act is now."

Engadget reports that the annual "Monterey Car Week "has been a hotbed of EV debuts this year with unveilings from Dodge, Acura, DeLorean and a host of other automakers." But then on Thursday, Lincoln unveiled its Model L100, paying homage to the opulence of Lincoln's original 1922 luxury car by "redefining" vehicle controls.

A video on CNN explains that "the fully autonomous vehicle has no steering wheel or pedals," emphasizing that it's a "concept car" — a show piece. ("It's not set for production and won't be sold to customers.") But yes, it's an electric car that replaces the steering wheel with what Lincoln is calling a "chess piece controller," a hand-held, car-shaped piece of crystal that sits on a table in the center of the car. Drivers "grab it and move it around and move the actual vehicle," Kemal Curic, Global Design Director for Lincoln Motor Company, tells the Drive. (The table-top surface apparently functions like a kind of map, with the hand-held piece acting as an avatar.) Or as the Drive puts it, "Remember being a kid and pushing a toy car around on a city rug? Lincoln designers do."

The site ultimately concludes that the designs "really speak to one's natural instinct of movement. As humans, whenever we want to move something we just pick it up and move it; so why should our cars be any different...? [C]oncept cars don't have to make sense. They just need to be a cool representation of our wildest ideas."

In addition, CNN explains, "Because the car drives itself, the front row seats can be turned to face the rear passengers."

There's other futuristic features. CNN's video shows what Lincoln is calling "smart wheel covers" which fully encase the tires while offering a decorative electric light show (which doubles as a battery indicator). Even the floor is a massive digital screen, and there's also a full-length hinged glass roof — an upper canopy which according to Engadget "can project realistic animated scenes onto the floor and ceiling."

"Unfortunately many of the ideas presented here will inevitably be cut, going the way of Mercedes' awesome, Avatar-inspired trunk hatch wigglers."

Slashdot reader tedlistens writes that "Nuclear is booming again. And with a serious pile of private and public funding behind them—and physics (see the recent breakthrough at Livermore National Lab) — these companies say they're getting closer to fusion."

The companies were profiled in a Fast Company article titled "The frontrunners in the trillion-dollar race for limitless fusion power." Last year, investors like Bill Gates and Jeff Bezos injected a record $3.4 billion into firms working on the technology, according to Pitchbook. One fusion firm, Seattle-based Helion, raised a record $500 million from Sam Altman and Peter Thiel. ... The Fusion Industry Association says that at least 33 different companies were now pursuing nuclear fusion, and predicted that fusion would be connected to the energy grid sometime in the 2030s.... And you'd be forgiven for missing another milestone in July, when the Energy Dept. announced awards of between $50,000 and $500,000, to ten fusion companies working on projects with universities and national labs.

Here are a few of the awardees, who include some of the industry's leading companies, and whose projects offer a sampling of the opportunities — and hard problems — in fusion....

Commonwealth Fusion Systems is building their first machine, SPARC, with a goal of producing power by 2025. "You'll push a button," CEO and cofounder Bob Mumgaard told the Khosla Ventures CEO Summit this summer, "and for the first time on earth you will make more power out than in from a fusion plasma. That's about 200 million degrees — you know, cooling towers will have a bunch of steam go out of them — and you let your finger off the button and it will stop, and you push the button again and it will go." With an explosion in funding from investors including Khosla, Bill Gates, George Soros, Emerson Collective and Google to name a few — they raised $1.8 billion last year alone — CFS hopes to start operating a prototype in 2025....

One morning last December, the company fired up its newest supermagnet — a 10-ton, 8-foot-tall device made of hundreds of tightly-twisted coils — and quietly pushed its magnetic field beyond a whopping 20 tesla, a record for a magnet of its size. (Most MRIs operate at a strength of about 1 tesla.) Eventually, 18 of these magnets will surround the SPARC's tokamak, which CFS says could produce as much as 11 times more energy than it consumes, and at prices cheaper than fossil fuels.
Other fusion-energy companies profiled in the article:

• Southern California-based TAE Technologies, which uses a unique non-radioactive reaction between hydrogen and boron. (Since its founding in 1998 TAE has raised $1.2 billion, with $250 million in its latest round led by Google and Chevron's venture capital arm). TAE "says it plans to start delivering power to grids by 2030, followed by 'broader commercialization' during the next decade."

• General Atomics, of San Diego, California, which built eight of the magnet modules for the ground-breaking IITER facility, "including its wild Central Solenoid — the world's most powerful magnet."

• Canada-based General Fusion (backed by Jeff Bezos and building on technology originally developed by the U.S. Navy), which hopes to generate the data need to build a commercial pilot plant.

• Princeton Fusion Systems of Plainsboro, New Jersey, uses radio-frequency electromagnetic fields to generate a plasma formation in a magnetic bottle — holding the record for the longest time such a reaction has been stably held.

• UK-based Tokamak Energy has reached the 100 million Celsius threshold for commercially viable nuclear fusion, the first to do so with a spherical, privately-funded device.

• Helicity Space, based in Pasadena, California, has 10 employees and over $4 million in funding to pursue its goal of "enabling humanity's access to the solar system, with a Helicity Drive-powered flight to Mars expected to take two months, without planetary alignment."

• Magneto-Intertial Fusion Technologies, of Tustin, California.

Distributed denial-of-service (or DDoS) attacks "are increasing in frequency and growing in size exponentially," reports Google Cloud's blog.

Recently an attacker tried to hit one of their customers with 46 million requests per second. The blog post describes it as the largest attack of its kind reported to date, "at least 76% larger than the previously reported record. To give a sense of the scale of the attack, that is like receiving all the daily requests to Wikipedia (one of the top 10 trafficked websites in the world) in just 10 seconds." Starting around 9:45 a.m. PT on June 1, 2022, an attack of more than 10,000 requests per second (rps) began targeting our customer's HTTP/S Load Balancer. Eight minutes later, the attack grew to 100,000 requests per second. Cloud Armor Adaptive Protection detected the attack and generated an alert containing the attack signature by assessing the traffic across several dozen features and attributes. The alert included a recommended rule to block on the malicious signature....

Our customer's network security team deployed the Cloud Armor-recommended rule into their security policy, and it immediately started blocking the attack traffic. In the two minutes that followed, the attack began to ramp up, growing from 100,000 rps to a peak of 46 million rps. Since Cloud Armor was already blocking the attack traffic, the target workload continued to operate normally. Over the next few minutes, the attack started to decrease in size, ultimately ending 69 minutes later at 10:54 a.m.

Presumably the attacker likely determined they were not having the desired impact while incurring significant expenses to execute the attack.... The attack leveraged encrypted requests (HTTPS) which would have taken added computing resources to generate. Although terminating the encryption was necessary to inspect the traffic and effectively mitigate the attack, the use of HTTP Pipelining required Google to complete relatively few TLS handshakes.... The attack was stopped at the edge of Google's network, with the malicious requests blocked upstream from the customer's application.
While 22% of the source IPs corresponded to Tor exit nodes, the actual traffic coming from Tor nodes represented just 3% of attack traffic, the blog post points out.

And ultimately despite the attack, "the customer's service stayed online and continued serving their end-users."

"The very first results from the James Webb Space Telescope seem to indicate that massive, luminous galaxies had already formed within the first 250 million years after the Big Bang," reports Sky and Telescope.

"If confirmed, this would seriously challenge current cosmological thinking." Shortly after NASA published Webb's first batch of scientific data, the astronomical preprint server arXiv was flooded with papers claiming the detection of galaxies that are so remote that their light took some 13.5 billion years to reach us. Many of these appear to be more massive than the standard cosmological model that describes the universe's composition and evolution. "It worries me slightly that we find these monsters in the first few images," says cosmologist Richard Ellis (University College London)....

Before the community accepts these claims, the reported redshifts have to be confirmed spectroscopically. Mark McCaughrean, the senior science adviser of the European Space Agency (a major partner on Webb) commented on Twitter: "I'm sure some of them will be [confirmed], but I'm equally sure they won't all be. [...] It does all feel a little like a sugar rush at the moment."

Ellis agrees: "It's one thing to put a paper on arXiv," he says, "but it's quite something else to turn it into a lasting article in a peer-reviewed journal."
Since 1991, science writer Eric Lerner has been arguing that the Big Bang never happened. Now 75 years old, he writes: In the flood of technical astronomical papers published online since July 12, the authors report again and again that the images show surprisingly many galaxies, galaxies that are surprisingly smooth, surprisingly small and surprisingly old. Lots of surprises, and not necessarily pleasant ones. One paper's title begins with the candid exclamation: "Panic!"

Why do the JWST's images inspire panic among cosmologists? And what theory's predictions are they contradicting? The papers don't actually say. The truth that these papers don't report is that the hypothesis that the JWST's images are blatantly and repeatedly contradicting is the Big Bang Hypothesis that the universe began 14 billion years ago in an incredibly hot, dense state and has been expanding ever since. Since that hypothesis has been defended for decades as unquestionable truth by the vast majority of cosmological theorists, the new data is causing these theorists to panic. "Right now I find myself lying awake at three in the morning," says Alison Kirkpatrick, an astronomer at the University of Kansas in Lawrence, "and wondering if everything I've done is wrong...."

Even galaxies with greater luminosity and mass than our own Milky Way galaxy appear in these images to be two to three times smaller than in similar images observed with the Hubble Space Telescope (HST), and the new galaxies have redshifts which are also two to three times greater.This is not at all what is expected with an expanding universe, but it is just exactly what I and my colleague Riccardo Scarpa predicted based on a non-expanding universe, with redshift proportional to distance.... [T]he galaxies that the JWST shows are just the same size as the galaxies near to us, if it is assumed that the universe is not expanding and redshift is proportional to distance.....

Big Bang theorists did expect to see badly mangled galaxies scrambled by many collisions or mergers. What the JWST actually showed was overwhelmingly smooth disks and neat spiral forms, just as we see in today's galaxies. The data in the "Panic!" article showed that smooth spiral galaxies were about "10 times" as numerous as what theory had predicted and that this "would challenge our ideas about mergers being a very common process". In plain language, this data utterly destroys the merger theory....

According to Big Bang theory, the most distant galaxies in the JWST images are seen as they were only 400-500 million years after the origin of the universe. Yet already some of the galaxies have shown stellar populations that are over a billion years old. Since nothing could have originated before the Big Bang, the existence of these galaxies demonstrates that the Big Bang did not occur....

While Big Bang theorists were shocked and panicked by these new results, Riccardo and I (and a few others) were not. In fact, a week before the JWST images were released we published online a paper that detailed accurately what the images would show. We could do this with confidence because more and more data of all kinds has been contradicting the Big Bang hypothesis for years....

Based on the published literature, right now the Big Bang makes 16 wrong predictions and only one right one — the abundance of deuterium, an isotope of hydrogen.
UPDATE: Kirkpatrick says her quote was was taken out of context, in an article from Space.com that dismises Eric Lerner as "a serial denier of the Big Bang since the late 1980s, preferring his personal pseudoscientific alternative."

John Carmack, a programmer who founded gaming firm id Software and served as chief technology officer of Oculus, has launched a new artificial general intelligence startup called Keen Technologies, and it has raised $20 million in a financing round co-led by former GitHub chief executive Nat Friedman and Cue founder Daniel Gross, Carmack said Friday. Stripe co-founder Patrick Collison, Shopify co-founder Tobi Lutke, storied venture fund Sequoia and microprocessor engineer Jim Keller also invested in the round, a name of which as well as the startup's valuation Carmack did not disclose. In a Twitter thread, Carmack adds: This is explicitly a focusing effort for me. I could write a $20M check myself, but knowing that other people's money is on the line engenders a greater sense of discipline and determination. I had talked about that as a possibility for a while, and I am glad Nat pushed me on it. I am continuing as a consultant with Meta on VR matters, devoting about 20% of my time there.

The United States is formally banning the export of four technologies tied to semiconductor manufacturing, calling the protection of the items "vital to national security." The Register reports: Announced Friday (PDF) by the US Commerce Department's Bureau of Industry and Security (BIS) and enacted today, the rule will ban the export of two ultra-wide bandgap semiconductor materials, as well as some types of electronic computer-aided design (ECAD) technology and pressure gain combustion (PGC) technology. In particular, the BIS said that the semiconductor materials gallium oxide and diamond will be subject to renewed export controls because they can operate under more extreme temperature and voltage conditions. The Bureau said that capability makes the materials more useful in weapons. ECAD software, which aids design for a wide range of circuits, comes in specialized forms that supports gate-all-around field effect transistors (GAAFETs), which are used to scale semiconductors to 3 nanometers and below. PGC technology also has "extensive potential" for ground and aerospace uses, the BIS said.

All four items are being classified under Section 1758 of the Export Control Reform Act, which covers the production of advanced semiconductors and gas turbine engines. Those types of technology are also covered by the Wassenaar Arrangement, made in 2013 between the US and 41 other countries, which functions as a broader arms control treaty. "We are protecting the four technologies identified in today's rule from nefarious end use by applying controls through a multilateral regime," Assistant Secretary of Commerce for Export Administration Thea D Rozman Kendler said in a statement. "This rule demonstrates our continued commitment to imposing export controls together with our international partners."

The reason for the addition of the four forms of technology to export controls is a change made in May to how the BIS characterizes emerging and foundational technologies. Under the change, such tech was reclassified to be covered by Section 1758. The BIS statement announcing the export ban made no mention of the countries, but recent events make it clear the target is China -- the US has been considering other tech export bans (and investment freezes), recently all of which appeared tailored to target China. Analysts in the Middle Kingdom have claimed the ban would have little short-term impact on China's chipmaking industry as no one in China has yet managed to design chips as advanced as those targeted by the ban.

An anonymous reader quotes a report from Ars Technica: Microsoft has published a knowledge base article acknowledging a problem with encryption acceleration in the newest versions of Windows that could result in data corruption. The company recommends installing the June 2022 security updates for Windows 11 and Windows Server 2022 "to prevent further damage," though there are no suggested solutions for anyone who has already lost data because of the bug.

The problems only affect relatively recent PCs and servers that support Vector Advanced Encryption Standard (VAES) instructions for accelerating cryptographic operations. Microsoft says affected systems use AES-XTS or AES-GCM instructions "on new hardware." Part of the AVX-512 instruction set, VAES instructions are supported by Intel's Ice Lake, Tiger Lake, Rocket Lake, and Alder Lake architectures -- these power some 10th-generation Core CPUs for laptops, as well as all 11th- and 12th-gen Core CPUs. AMD's upcoming Zen 4 architecture also supports VAES, though by the time these chips are released in the fall, the patches will have had plenty of time to proliferate. Microsoft says that the problem was caused when it added "new code paths" to support the updated encryption instructions in SymCrypt, Windows' cryptographic function library. These code paths were added in the initial release of Windows 11 and Windows Server 2022, so the problem shouldn't affect older versions like Windows 10 or Windows Server 2019.

The initial fix for the problem, provided in Windows' June 2022 security update package (Windows 11 build 22000.778), will prevent further damage at the cost of reduced performance, suggesting that the initial fix was to disable encryption acceleration on these processors entirely. Using Bitlocker-encrypted disks or the Transport Layer Security (TLS) protocol or accessing encrypted storage on servers will all be slower with the first patch installed, though installing the July 2022 security updates (Windows 11 build 22000.795) should restore performance to its previous level.