Thousands of people — included hundreds of men — were accused of witchcraft in Scotland, the Guardian reports, "from allegations of cursing the king's ships, to shape-shifting into animals and birds, or dancing with the devil."

Many were executed. Now, three centuries after the Witchcraft Act was repealed, campaigners are on course to win pardons and official apologies for the estimated 3,837 people — 84% of whom were women — tried as witches, of which two-thirds were executed and burned...

[W]ell-known cases include Lilias Adie, from Torryburn, Fife, who was accused of casting a spell to cause a neighbour's hangover; while Issobell Young, executed at Edinburgh Castle in 1629, was said by a stable boy to have shape-shifted into an owl and accused of having a coven....

The [pro-pardon advocacy site] Witches of Scotland notes that signs associated with witchcraft — broomsticks, cauldrons, black cats and black pointed hats — were also associated with "alewives", the name for women who brewed weak beer to combat poor water quality. The broomstick sign was to let people know beer was on sale, the cauldron to brew it, the cat to keep mice down, and the hat to distinguish them at market. Women were ousted from brewing and replaced by men once it became a profitable industry.
Wikipedia has a page with a list of people executed for witchcraft. Citing modern scholars, it places the total number of people executed for witchcraft in Europe and America between 40,000 and 50,000.

But the Guardian also notes a recent statement from the head of the pro-pardon advocacy group Witches of Scotland. "Per capita, during the period between the 16th and 18th century, we [Scotland] executed five times as many people as elsewhere in Europe, the vast majority of them women."

A sugar additive used in several foods could have helped spread a seriously dangerous superbug around the US, according to a 2018 study. ScienceAlert reports: The finger of blame is pointed squarely at the sugar trehalose, found in foods such as nutrition bars and chewing gum. If the findings are confirmed, it's a stark warning that even apparently harmless additives have the potential to cause health issues when introduced to our food supply. In this case, trehalose is being linked with the rise of two strains of the bacterium Clostridium difficile, capable of causing diarrhea, colitis, organ failure, and even death. The swift rise of the antibiotic-resistant bug has become a huge problem for hospitals in recent years, and the timing matches up with the arrival of trehalose.

"In 2000, trehalose was approved as a food additive in the United States for a number of foods from sushi and vegetables to ice cream," said one of the researchers, Robert Britton from the Baylor College of Medicine in Texas, back in January 2018. "About three years later the reports of outbreaks with these lineages started to increase. Other factors may also contribute, but we think that trehalose is a key trigger."

The C. difficile lineages Britton is referring to are RT027 and RT078. When the researchers analysed the genomes of these two strains, they found DNA sequences that enabled them to feed off low doses of trehalose sugar very efficiently. In fact, these particular bacteria need about 1,000 times less trehalose to live off than other varieties of C. difficile, thanks to their genetic make-up. [...] It's still not certain that trehalose has contributed to the rise of C. difficile, but the study results and the timing of its approval as an additive are pretty compelling. More research will now be needed to confirm the link. According to figures from the CDC, "C. difficile was responsible for half a million infections across the year and 29,000 deaths within the first 30 days of diagnosis," adds ScienceAlert.

The findings were published in the journal Nature.

An anonymous reader quotes a report from Ars Technica: Velcro is an ingenious hook-and-loop fastener inspired by nature -- specifically, cockleburs. Now scientists at the Italian Institute of Technology are returning the favor. They have created the first biodegradable Velcro -- inspired by climbing plants -- and used it to build small devices to help monitor the health of crop plants and deliver pesticides and medicines as needed, according to a November paper published in the journal Communications Materials. [...] Co-author Isabella Fiorello and her colleagues were interested in developing innovative new technologies for monitoring plants in situ to detect disease, as well as delivering various substances to plants. However, few such devices can be attached directly to plant leaves without damaging them. The best current options are sensors attached with chemical glues, or with clips. There are also micro-needle-based patches under development able to penetrate leaves for disease detection. Fiorello et al. found inspiration in the common catchweed plant (Galium aparine). It can form dense, tangled mats on the ground, and while the plants can grow up to six feet, they can't stand on their own and instead must use other plants for support. For this purpose, catchweed plants rely on a "unique parasitic ratchet-like anchoring mechanism to climb over host plants, using microscopic hooks for mechanical interlocking to leaves," the authors wrote.

The Italian team closely studied that micro-hook structure and then used a high-resolution 3D printer to create artificial versions, using various materials -- including photosensitive and biodegradable materials made from a sugar-like substance known as isomalt. Their artificial reproductions proved quite capable of attaching to many different plant species, just like their natural counterparts. As an initial application, the team designed a device that could penetrate a plant cuticle with minimal invasiveness, thereby enabling the plant to be monitored and treated, if necessary. The isomalt microhooks attach to the vascular system of leaves and then dissolve inside, because isomalt is soluble. Fiorello et al.'s experiments demonstrated that their artificial micro hooks can be used as a plaster for targeted, controlled release of pesticides, bactericides, or pharmaceuticals onto the leaves. This would greatly reduce the need for broad application of pesticides. And since the plaster dissolves once it's applied, there is no additional waste.

The team also printed hooks made out of a photosensitive resin and assembled them together with sensors for light, temperature, and humidity to make intelligent clips to enable wireless monitoring of the plant's heath. The clips attach to individual leaves, transmitting data wirelessly thanks to customized computer software. The prototype proved resistant to windy conditions and was capable of making real-time measurements for up to 50 days. The devices could be used for small-scale botanical applications, or they could be scaled up. For instance, farmers could distribute many such devices to better map and monitor wide cultivation areas, according to the authors. Finally, Fiorello et al. developed a micro-robotic system capable of moving over the surface of leaves using micro steps, copying the ratchet-like motion of the catchweed plant. Similar actuation mechanisms have previously been demonstrated in Stanford University's SpinyBot -- capable of scaling hard, flat surfaces thanks to arrays of miniature spines on its feet -- and the University of California, Berkeley's CLASH robots, which are capable of climbing up loose suspended cloth surfaces, like curtains.

U.S. President Abraham Lincoln pardoned a soldier in the Civil War, and in 1998 that document was re-discovered. But "It was the date that made the document significant," writes Ars Technica: April 14, 1865, "meaning the pardon was likely one of the last official acts of President Lincoln, since he was assassinated later that same day at Ford's Theater in Washington, D.C. The pardon was broadly interpreted as evidence for a historical narrative about the president's compassionate nature: i.e., his last act was one of mercy."

But now scientists at America's National Archives have conducted a new analysis (published in the journal Forensic Science International: Synergy), and "confirmed that the date was indeed forged (although the pardon is genuine)." An archivist named Trevor Plante became suspicious of the document, noting that the ink on the "5" in "1865" was noticeably darker. It also seemed as if another number was written underneath it. Then Plante consulted a seminal collection of Lincoln's writings from the 1950s. The pardon was there, but it was dated April 14, 1864 — a full year before Lincoln was assassinated by John Wilkes Booth. Clearly the document had been altered sometime between the 1950s and 1998 to make the pardon more historically significant..

Investigators naturally turned to the man who made the discovery for further information. They began corresponding with Thomas Lowry [a retired psychiatrist turned amateur historian] in 2010. Initially, Lowry seemed cooperative, but when he learned about the nature of the investigation, he stopped communicating with the Office of the Inspector General, thereby arousing suspicion. So the investigators knocked on the historian's door one January morning in 2011 for an interview. Shortly thereafter, the National Archives released a statement that Lowry had confessed to altering the date on the pardon. Lowry confessed to bringing a fountain pen into the research room, along with fade proof, pigment-based ink, and changing the "4" in "1864" to a "5." Lowry couldn't be charged with any crime because the statute of limitations for tampering with government property had run out, but he was barred from the National Archives for life.

But there's a twist: Lowry soon recanted, claiming he had signed the confession under duress from the National Archives investigators...
Long-time Slashdot reader waspleg writes that Ars Technica "goes through the analysis of how it was verified to be a forgery using several techniques," including ultraviolet light and X-ray fluorescence analysis to study chemicals in the ink. From the article: An examination under magnification and reflective fiber optic lighting showed the ink used to write the "5" was indeed different in overall color compared to the other numbers in the date. Furthermore, "Vestiges of ink from a scratched away number can be seen below and beside the darker '5,' as well as smeared across the paper," the authors wrote. Additional analysis under raking light — a technique that accentuates hills and valleys in the paper texture — revealed abrasions to the paper under and around the "5" that were not observed anywhere else on the document. The team also determined that the paper around the "5" is thinner than everywhere else, and that ink residue of the scratched-away "4" were caught in the abraded paper fibers, clearly visible using transmitted light microscopy...
"The authors also concluded that there is no way to restore the document to its original state without causing further damage."

71-year-old Jon "maddog" Hall has been involved with Linux from the very beginning, and for Christmas shared two of the earliest recordings ever made of young Linus Torvalds speaking about Linux — recordings long thought to be lost.

Hall shares the story at Archive.org. In February of 1994 the chair of a user group for the Digital Equipment Computer Users' Society "started sending emails (and copying me for some reason) about wanting to bring this person I had never heard about from Finland (of all places) to talk about a project that did not even run on Ultrix or DEC/OSF1.... After many emails and no luck in raising money for this trip I took mercy...and asked my management to fund the trip. I sat down to use it, and was amazed. It was good. It was very, very good."

24-year-old Torvalds was giving his first talks ever at a major conference — this one attended by 19,000 people — and he was nervous. In the end only 40 people showed up for "An Introduction to Linux" and "Implementation Issues in Linux", but Hall remembers that "there was great applause." Unfortunately the talks that Linus gave were lost.

Until now.

As I was cleaning my office I found some audio tapes made of Linus' talk, and which I purchased with my own money. Now, to make your present, I had to buy a good audio tape playback machine and capture the audio in Audacity, then produce a digital copy of those tapes, which are listed here...

Here is your Christmas present, from close to three decades ago. Happy Linuxing" to all, no matter what your religion or creed.

When The Matrix Resurrections premiered in San Francisco, the city's mayor "celebrated the appearance of her fair city in the film and cheered the film's economic contributions to the region," reports SFGate. "But there's a problem of aesthetics at play here... It is undeniably a dystopian hellscape where police rule the city and technology looms over all..." In the first section of the movie, the metaphor of the Matrix mirrors that of the tech industry depicted in the film. Tech is stereotypical here — lots of T-shirt-wearing men playing ping-pong and talking about how to design the next great video game. The most annoying character in the film, Jude (Andrew Caldwell), is a proxy for all annoying tech bros...
Meanwhile Politico writes that the original 1999 film The Matrix actually "changed politics, almost entirely by mistake," and calls the new Matrix Resurections "a sophisticated self-critique of the culture that swallowed it." In the past two decades, the idea of a "red pill" has taken on a life of its own in American culture, most prominently at first in an infamous misogynist subreddit, and then more broadly as a symbol of any kind of political awakening, almost always on the right. The idea has proliferated wildly throughout politics, and especially the darkest ideological corners of the internet, in which to be "red-pilled" means to realize that American society has been hopelessly debased by liberals, requiring a total rethink of its premises... Hugo Weaving, who memorably portrayed the original films' villain, lamented in a 2020 interview how people "will take something that they think is cool and they will repurpose it to fit themselves when the original intention or meaning of that thing was quite the opposite...." [T]he Wachowskis have been largely silent about the "meaning" of their creation — a movie franchise that not only became a ubiquitous cultural phenomenon, but predicted the cultural tenor of politics in the digital age with an eerie, oracular accuracy. We know they got it right, but what did they think about it?

Wednesday saw the release of "The Matrix Resurrections," a long-delayed sequel from one of the original writer/directors (Lana directed; Lilly sat it out) — and also an answer to that question. As a movie, it's everything its predecessors was, an impressive feat of visual-effects artistry, action choreography and original sci-fi worldbuilding. But even more, it's a two hour and 27-minute-long piece of cultural criticism. The film interrogates, to a jarringly specific degree, not just its own iconography, but how American culture has evolved around and bastardized it over the past two decades. "The Matrix Resurrections" is both wildly successful popcorn entertainment and a window into a long-misunderstood creative mind. But in refitting its entire premise to the social media age, it illustrates just how much the contours of American society have changed in the intervening decades....

The original "Matrix" was deeply of its time. Reeves' Neo a was a quintessential late 1990s corporate drone, captive to the professional ennui also depicted in films of the era like "Fight Club" and "Office Space." Its modern incarnation is a cry of protest against something else: society's willingness to trade individual agency for the neurological reward pellets of the Online. Visual metaphors abound, with Reeves disoriented by a procession of mirrors that serve as gateways to another world, another possible truth. "Your brain is hooked on this shit the Matrix has been feeding you for years," one character tells him. "They don't know you like I do.

"I know exactly what you need...."
The movie is streaming now on HBOMax for subscribers in their $15 ad-free tier — but, like, Dune, only during its 31-day theatrical run.

"While the lack of funding in open source is certainly a problem, could funding have prevented the Log4j vulnerabilities?" asks Mike Melanson's "This Week in Programming" column. "Would funding actually prevent similar vulnerabilities in the future...?"

Or is that an oversimplification? In a blog post for the Linux Foundation's Open Source Security Foundation (OpenSSF), Brian Behlendorf argued that open source foundations must work together to prevent the next Log4Shell scramble, outlining seven points that OSS foundations could do to mitigate security risks. Among those seven points — which include security scanning, outside audits, dependency tracking, test frameworks, organization-wide security teams, and requiring projects to remove old, vulnerable code — not once was funding mentioned. Rather, Behlendorf precedes these points by saying that "Too many organizations have failed to apply raised funds or set process standards to improve their security practices, and have unwisely tilted in favor of quantity over quality of code."

Behlendorf continues after his list of seven suggested acts with a section that boils everything down perfectly:

"None of the above practices is about paying developers more, or channeling funds directly from users of software to developers. Don't get me wrong, open source developers and the people who support them should be paid more and appreciated more in general. However, it would be an insult to most maintainers to suggest that if you'd just slipped more money into their pockets they would have written more secure code. At the same time, it's fair to say a tragedy-of-the-commons hits when every downstream user assumes that these practices are in place, being done and paid for by someone else."

Behlendorf does go on to make some points about funds and fundraising, but his point is less on the lack of funding than the allocation of those funds and how they need to be focused on things like paid audits and "providing resources to move critical projects or segments of code to memory-safe languages, or fund bounties for more tests."

Behlendorf says that, in the new year, the OpenSSF will be working to "raise the floor" for security in open source.

"The only way we do this effectively is to develop tools, guidance, and standards that make adoption by the open source community encouraged and practical rather than burdensome or bureaucratic," he wrote. "We will be working with and making grants to other open source projects and foundations to help them improve their security game."
Behlendorf was a founding member of the Apache Group, which later became the Apache Software Foundation.

So as a long-time member of the Open Source community, he calls the Log4j vulnerabilities "a humbling reminder of just how far we still have to go."

The World Science Fiction Society has selected this year's winners for their prestigious Hugo award.

The best novel award went to Network Effect, the fifth book in the Murderbot Diaries series by Martha Wells, which also won this year's Hugo award for best series. (And Network Effect also won 2021's Nebula award for best novel, given by the Science Fiction and Fantasy Writers of America.) Here's how publisher Tor.com begins their description: You know that feeling when you're at work, and you've had enough of people, and then the boss walks in with yet another job that needs to be done right this second or the world will end, but all you want to do is go home and binge your favorite shows? And you're a sentient murder machine programmed for destruction? Congratulations, you're Murderbot.

Come for the pew-pew space battles, stay for the most relatable A.I. you'll read this century.
The best novelette award went to Two Truths and a Lie by Sarah Pinsker — available now for free reading online (which also won a Nebula award). The best novella award went to The Empress of Salt and Fortune by Nghi Vo. (Both were also published by Tor.com.) Also available for free reading online is the Hugo winner for best short story, "Metal Like Blood in the Dark" by T. Kingfisher. (And Kingfisher won a second Hugo this year — the Lodestar award for best young adult book for A Wizard's Guide to Defensive Baking — which also won a Nebula award.)

A special award for "Best Related Work" went to Beowulf: A New Translation. ("Maria Dahvana Headley's decision to make Beoulf a bro puts his macho bluster in a whole new light," wrote the New York Times.) And the Best Graphic Story award went to Parable of the Sower: A Graphic Novel Adaptation, written by Octavia Butler and adapted by Damian Duffy...

Netflix won a Hugo award for The Old Guard ("Best Dramatic Presentation, Long Form"), while the final 53-minute episode of NBC's TV show The Good Place won the Hugo for Best Dramatic Presentation, Shortform. (The episode also won this year's "Ray Bradbury Nebula Award for Outstanding Dramatic Presentation".)

And there were also awards for best fan podcast, best fan writer, and best fanzine, as well as special one-off Hugo award for best video game, which went to the game Hades.

The Wikimedia Foundation banned seven high-level users in September and temporarily demoted a dozen others for abuses "unprecedented in scope and nature." Slashdot reader harrymcc explains: The foundation accused these volunteers of biasing it in favor of the Chinese government's viewpoint. This incident involves beatings, doxxings, and harassment designed to ensure pro-Beijing content.
harrymcc is also technology editor at Fast Company, which got more details from Wikimedia's VP of of Community Resilience & Sustainability, Maggie Dennis: Dennis said a monthlong investigation found that the veteran editors were "coordinating to bias the encyclopedia and bias positions of authority" around a pro-Beijing viewpoint, in part by meddling in administrator elections and threatening, and even physically assaulting, other volunteers...

Wikipedians in China have it especially hard, because the government blocks the site and makes accessing it a crime... But as with the dedicated mainland users of blocked apps like Instagram, Telegram, and Twitter, the prohibition hasn't deterred hundreds of volunteers, who tunnel through the Great Firewall with VPNs, and now make up a small but die-hard part of the Chinese Wikipedia community. Despite China's blockade, the site remains one of the ten most active language versions of Wikipedia, thanks largely to growing numbers of editors based in Taiwan and Hong Kong...

[A]mid acute worries over China's influence in both places, the community's mix of users and viewpoints has grown increasingly combustible. In 2014, when mainland editors were in the majority, there were few references to the Hong Kong protests; more recently, swarms of "pro Beijing" editors and "pro democracy" editors have battled over how exactly to depict those and simliar events. Were the students at a particular rally in Hong Kong protesters or were they rioters? Is a state-backed news outlet a reliable source?

In some cases, the Foundation found, the fights had spread beyond online harassment into real-life threats, and worse... Dennis says there is no evidence the banned editors were backed by the government...

[U]ntil September, the Foundation had only issued 86 bans since 2012, and typically only one at a time. Suddenly, the Foundation's bans and penalties had knocked out a third of the Chinese edition's administrators.
China "is home to the world's largest population of internet users and to the world's most sophisticated apparatus for policing them," the article notes.

It argues that the banned users "liked to defend Beijing's point of view, but they also liked their influence over the Wiki community; and a pro-China stance allowed them to more easily fly under the government's radar. To protect their fiefdom, they sometimes resorted to personal threats, harassment, and assault." Since the ban, they've now launched a "hard fork" of Chinese Wikipedia which already has 400,000 articles, "tailored to appease government censors so that anyone on the mainland can access it."

The article also explores the possibility of having one global version of Wikipedia, rather than separate local editions.

Previously, one assumption about the 10 out of 10 Log4j security vulnerability was that it was limited to exposed vulnerable servers. We were wrong. The security company Blumira claims to have found a new, exciting Log4j attack vector. ZDNet reports: According to Blumira, this newly-discovered Javascript WebSocket attack vector can be exploited through the path of a listening server on their machine or local network. An attacker can simply navigate to a website and trigger the vulnerability. Adding insult to injury, WebSocket connections within the host can be difficult to gain deep visibility into. That means it's even harder to detect this vulnerability and attacks using it. This vector significantly expands the attack surface. How much so? It can be used on services running as localhost, which are not exposed to a network. This is what we like to call a "Shoot me now" kind of problem. Oh, and did I mention? The client itself has no direct control over WebSocket connections. They can silently start when a webpage loads. Don't you love the word "silently" in this context? I know I do.

In their proof-of-concept attack, Blumira found that by using one of the many Java Naming and Directory Interface (JNDI) exploits that they could trigger via a file path URL using a WebSocket connection to machines with an installed vulnerable Log4j2 library. All that was needed to trigger success was a path request that was started on the web page load. Simple, but deadly. Making matters worse, it doesn't need to be localhost. WebSockets allow for connections to any IP. Let me repeat, "Any IP" and that includes private IP space.

Next, as the page loads, it will initiate a local WebSocket connection, hit the vulnerable listening server, and connect out over the identified type of connection based on the JNDI connection string. The researchers saw the most success utilizing Java Remote Method Invocation (RMI). default port 1099., although we are often seeing custom ports used. Simply port scanning, a technique already in the WebSocket hacker handbook, was the easiest path to a successful attack. Making detecting such attacks even harder, the company found "specific patterns should not be expected as it is easy to trigger traffic passively in the background." Then, an open port to a local service or a service accessible to the host is found, it can then drop the JNDI exploit string in path or parameters. "When this happens, the vulnerable host calls out to the exploit server, loads the attacker's class, and executes it with java.exe as the parent process." Then the attacker can run whatever he wants. Blumira suggests users "update all local development efforts, internal applications, and internet-facing environments to Log4j 2.16 as soon as possible, before threat actors can weaponize this exploit further," reports ZDNet.

"You should also look closely at your network firewall and egress filtering. [...] In particular, make sure that only certain machines can send out traffic over 53, 389, 636, and 1099 ports. All other ports should be blocked." The report continues: "Finally, since weaponized Log4j applications often attempt to call back home to their masters over random high ports, you should block their access to such ports. "

Gizmodo's David Nield explains what Web3 is, what it will mean for the future, and how exactly the third-generation internet differs from the first two. An anonymous reader shares an excerpt from his report: Let's cut to the chase: For Web3 evangelists, it's a revolution; for skeptics, it's an overhyped house of cards that doesn't stand up to much scrutiny. [...] As you might remember if you're of a certain age, Web 1.0 was the era of static webpages. Sites displayed news and information, and maybe you had your own little corner of the World Wide Web to show off your personal interests and hobbies. Images were discouraged -- they took up too much bandwidth -- and video was out of the question. With the dawn of the 21st century, Web 1.0 gave way to Web 2.0 -- a more dynamic, editable, user-driven internet. Static was out and webpages became more interactive and app-like (see Gmail, for example). Many of us signed up for social media accounts and blogs that we used to put our own content on the web in vast amounts. Images and video no longer reduced sites to a crawl, and we started sharing them in huge numbers. And now the dawn of Web3 is upon us. People define it in a few different ways, but at its core is the idea of decentralization, which we've seen with cryptocurrencies (key drivers of Web3). Rather than Google, Apple, Microsoft, Amazon, and Facebook (sorry, Meta) hoarding everything, the internet will supposedly become more democratized.

Key to this decentralization is blockchain technology, which creates publicly visible and verifiable ledgers of record that can be accessed by anyone, anywhere. The blockchain already underpins Bitcoin and other cryptocurrencies, as well as a number of fledging technologies, and it's tightly interwoven into the future vision of everything that Web3 promises. The idea is that everything you do, from shopping to social media, is handled through the sane secure processes, with both more privacy and more transparency baked in. In some ways, Web3 is a mix of the two eras that came before it: The advanced, dynamic, app-like tech of the modern web, combined with the decentralized, user-driven philosophy that was around at the start of the internet, before billion- and trillion-dollar corporations owned everything. Web3 shifts the power dynamic from the giant tech entities back to the users -- or at least that's the theory.

In its current form, Web3 rewards users with tokens, which will eventually be used in a variety of ways, including currency or as votes to influence the future of technology. In this brave new world, the value generated by the web will be shared out between many more users and more companies and more services, with much-improved interoperability. NFTs are closely linked to the Web3 vision. [...] For our purposes here, the link between cryptocurrencies, NFTs, and Web3 is the foundation: the blockchain. Throw in some artificial intelligence and some machine learning to do everything from filter out unnecessary data to spot security threats, and you've got just about every emerging digital technology covered with Web3. Right now Ethereum is the blockchain attracting the most Web3 interest (it supports both a cryptocurrency and an NFT system, and you can do everything from make a payment through it to build an app on it).

This year's Game Awards also saw the premiere of The Matrix Awakens, a new in-world "tech demonstrator" written by Lana Wachowski, the co-writer/director of the original Matrix trilogy and director of the upcoming sequel. It's available free on the PS5 and Xbox Series X/S, reports the Verge, and they also scored a sit-down video interview with Keanu Reeves and Carrie-Ann Moss about the new playable experience — and the new Matrix movie: Reeves also revealed that he thinks there should be a modern Matrix video game, that he's flattered by Cyberpunk 2077 players modding the game to have sex with his character, and why he thinks Facebook shouldn't co-opt the metaverse.

Apart from serving as a clever promotion vehicle for the new Matrix movie premiering December 22nd, The Matrix Awakens is designed to showcase what's possible with the next major version of Epic's Unreal Engine coming next year. It's structured as a scripted intro by Wachowski, followed by a playable car chase scene and then an open-world sandbox experience you can navigate as one of Epic's metahuman characters. A big reason for doing the demo is to demonstrate how Epic thinks its technology can be used to blend scripted storytelling with games and much more, according to Epic CTO Kim Libreri, who worked on the special effects for the original Matrix trilogy...

Everything in the virtual city is fully loaded no matter where your character is located (rather than rendered only when the character gets near), down to the detail of a chain link fence in an alley. All of the moving vehicles, people, and lighting in the city are generated by AI, the latter of which Libreri describes as a breakthrough that means lighting is no longer "this sort of niche art form." Thanks to updates coming to Unreal Engine, which powers everything from Fortnite to special effects in Disney's The Mandalorian, developers will be able to use the same, hyper-realistic virtual assets across different experiences. It's part of Epic's goal to help build the metaverse.
Elsewhere the site writes that The Matrix Awakens "single-handedly proves next-gen graphics are within reach of Sony and Microsoft's new game consoles." It's unlike any tech demo you've ever tried before. When we said the next generation of gaming didn't actually arrive with Xbox Series X and PS5, this is the kind of push that has the potential to turn that around....

Just don't expect it to make you question your reality — the uncanny valley is still alive and well.... But from a "is it time for photorealistic video game cities?" perspective, The Matrix Awakens is seriously convincing. It's head-and-shoulders above the most photorealistic video game cities we've seen so far, including those in the Spider-Man, Grand Theft Auto and Watch Dogs series... Despite glitches and an occasionally choppy framerate, The Matrix Awakens city feels more real, thanks to Unreal Engine's incredible global illumination and real-time raytracing ("The entire world is lit by only the sun, sky and emissive materials on meshes," claims Epic), the detail of the procedurally generated buildings, and how dense it all is in terms of cars and foot traffic.

And the most convincing part is that it's not just a scripted sequence running in real-time on your PS5 or Xbox like practically every other tech demo you've seen — you get to run, drive, and fly through it, manipulate the angle of the sun, turn on filters, and dive into a full photo mode, as soon as the scripted and on-rails shooter parts of the demo are done. Not that there's a lot to do in The Matrix Awakens except finding different ways to take in the view. You can't land on buildings, there's no car chases except for the scripted one, no bullets to dodge. You can crash any one of the game's 38,146 drivable cars into any of the other cars or walls, I guess. I did a bunch of that before I got bored, though, just taking in the world.... Almost 10 million unique and duplicated assets were created to make the city....

Epic Games' pitch is that Unreal Engine 5 developers can do this or better with its ready-made tools at their disposal, and I can't wait to see them try.

An anonymous reader quotes a report from Ars Technica: The detonation of the first nuclear bombs over Hiroshima and Nagasaki in August 1945 is seared into our collective memory, and the world has been haunted by the prospect of a devastating nuclear apocalypse ever since. Less well-known but equally significant from a nuclear arms race standpoint was the Soviet Union's successful detonation of a hydrogen "superbomb" in the wee hours of October 30, 1961. Dubbed "Tsar Bomba" (loosely translated, "Emperor of Bombs"), it was the size of a small school bus -- it wouldn't even fit inside a bomber and had to be slung below the belly of the plane. The 60,000-pound (27 metric tons) test bomb's explosive yield was 50 million tons (50 megatons) of TNT, although the design had a maximum explosive yield of 100 million tons (100 megatons).

The US had conducted the first successful test of a hydrogen bomb (codename: Ivy Mike) in 1954 and had been pondering the development of even more powerful hydrogen superbombs. But the Soviets' successful test lent greater urgency to the matter. Ultimately, President John F. Kennedy opted for diplomacy, signing the Partial Nuclear Test Ban Treaty on October 7, 1963. But US nuclear policy -- and, hence, world history -- might have ended up looking very different, according to Alex Wellerstein, a historian of science at the Stevens Institute of Technology in New Jersey and author of Restricted Data: The History of Nuclear Secrecy in the United States, released earlier this year. He also maintains the NUKEMAP, an interactive tool that enables users to model the impact of various types of nuclear weapons on the geographical location of their choice.

Wellerstein has analyzed recently declassified documents pertaining to the US response to Tsar Bomba during the Kennedy administration. He described his conclusions in a fascinating article recently published in the Bulletin of the Atomic Scientists, coinciding with the 60th anniversary of the test. [...] According to Wellerstein, the US initially sought to minimize the significance of the Soviets' success, officially dismissing it as a political publicity stunt with little to no technical or strategic importance. But the declassified files revealed that, behind the scenes, US officials took the matter very seriously indeed. Physicist Edward Teller in particular strongly advocated in favor of developing two even more powerful hydrogen bombs, with yields of 1,000 and even 10,000 megatons, respectively. While much of Teller's testimony at a secret meeting on the topic remains classified, Wellerstein found that many scientists who were present expressed shock at his proposal. Concerns about the practical use of such a massive weapon, particularly the widespread nuclear fallout, ultimately scuttled those plans. "I found the new information with regard to the US response to Tsar Bomba really interesting, because it contradicts what they said in public versus what was going on behind the scenes," says Wellerstein. "A lot of the discussions about the Tsar Bomba in American writing essentially parrot then-President Kennedy's line without realizing it: 'Oh, these bombs are worthless. No, they can't do it.' But it's clear that there were people within the Kennedy administration who didn't think it was as simple as that. We can be happy that those people didn't win out."

He added: "There is always this temptation for big bombs. I found a memo by somebody at Sandia, talking about meeting with the military. He said that the military didn't really know what they wanted these big bombs for, but they figured that if the Soviets thought they were a good idea, then the US should have one, too. It's reminiscent of that line from Dr. Strangelove."

Ars Technica sat down with Wellerstein to learn more about the Tsar Bomba test. You can read the full article here.

An anonymous reader quotes a report from Motherboard: Wikipedia co-founder Jimmy Wales' auction of an NFT and the iMac he used to build the website has stirred up drama in the notoriously rigid Wikipedia community. The trouble began when Wales posted an announcement about the auction on his user talk page -- a kind of message board where users communicate directly with each other. Wikipedia has strict rules against self-promotion and some editors felt that Wales' announcement violated that rule. "Am I crazy? Jimbo has posted a thread on his user talk page promoting an auction of some of his stuff, which he has refused to confirm would not benefit him personally," editor Floquenbeam said on December 3.. "This is self-promotion 101, right? I've told him if he doesn't remove it, I will. That's policy, right? [...] Wales pushed back, saying he'd spoken to the WMF communications and legal departments and that they'd agreed a simple post about the auction on his user talk page would be fine.

The conversation went on like this for about a day before another editor shut it down, saying it was "past the point of productive discourse." The thread announcing the auction on Wales' talk page was removed but another thread remains where he's answering questions about the auction and NFTs from other users. An email thread on the Wikimedia-L listserv is more measured but still has some pedantic arguments that is common with Wikimedia drama. Some users are concerned that he's taking something from Wikimedia and could use the money to fund his commercial enterprise WT:Social. Another user said "The concept of NFT seems to go against the very principles of Wikipedia. On one hand, we share our work freely, both in terms of access and by using a copyleft license. On the other hand, this NFT takes something that was shared freely and then restricts it so that it can be sold." The NFT Wales is selling is a website that allows users to relive the moment of Wikipedia's creation. The site looks like Wikipedia did in its fledgling moments, and whoever wins the auction can edit it as they will.

The second big controversy among Wikipedia's editors was whether Wales had the right to auction off something like this and if he was even recreating the site correctly at the moment of its inception. The discussion devolved into a lengthy conversation about who owns the rights to what they edit on Wikipedia and the state of servers and timestamps from 2001. It's worth mentioning here that Wales' NFT is a recreation of a memory and not an actual editable bit of code that will be reflected on Wikipedia in any way. Eventually, all sides relented. "There is at least one good thing that should be coming out of this," editor Smallbones said. "The community has made it very clear that anything that is considered to be promotional or an advertisement, even if it is for a charitable cause, on any page in Wikipedia, posted by any editor -- even the most senior and most respected -- may be removed by any editor at any time."

fahrbot-bot shares a report from ScienceAlert: Usage of the medication sildenafil -- better known to most as the brand-name drug Viagra -- is associated with dramatically reduced incidence of Alzheimer's disease, new research suggests. According to a study led by researchers at the Cleveland Clinic, taking sildenafil is tied to a nearly 70 percent lower risk of developing Alzheimer's compared to non-users. That's based on an analysis of health insurance claim data from over 7.2 million people, in which records showed that claimants who took the medication were much less likely to develop Alzheimer's over the next six years of follow up, compared to matched control patients who didn't use sildenafil.

It's important to note that observed associations like this -- even on a huge scale -- are not the same as proof of a causative effect. For example, it's possible that the people in the cohort who took sildenafil might have something else to thank for their improved chances of not developing Alzheimer's. Nonetheless, the researchers say the correlation shown here -- in addition to other indicators in the study -- is enough to identify sildenafil as a promising candidate drug for Alzheimer's disease, the viability of which can be explored in future randomized clinical trials designed to test whether causality does indeed exist.

An anonymous reader quotes a report from Ars Technica: Almost exactly a year ago, security researchers uncovered one of the worst data breaches in modern history, if not ever: a Kremlin-backed hacking campaign that compromised the servers of network management provider SolarWinds and, from there, the networks of 100 of its highest-profile customers, including nine US federal agencies. Nobelium -- the name Microsoft gave to the intruders -- was eventually expelled, but the group never gave up and arguably has only become more brazen and adept at hacking large numbers of targets in a single stroke. The latest reminder of the group's proficiency comes from security firm Mandiant, which on Monday published research detailing Nobelium's numerous feats -- and a few mistakes -- as it continued to breach the networks of some of its highest-value targets.

Mandiant's report shows that Nobelium's ingenuity hasn't wavered. Since last year, company researchers say the two hacking groups linked to the SolarWinds hack -- one called UNC3004 and the other UNC2652 -- have continued to devise new ways to compromise large numbers of targets in an efficient manner. Instead of poisoning the supply chain of SolarWinds, the groups compromised the networks of cloud solution providers and managed service providers, or CSPs, which are outsourced third-party companies that many large companies rely on for a wide range of IT services. The hackers then found clever ways to use those compromised providers to intrude upon their customers. The advanced tradecraft didn't stop there. According to Mandiant, other advanced tactics and ingenuities included:

• Use of credentials stolen by financially motivated hackers using malware such as Cryptbot (PDF), an information stealer that harvests system and web browser credentials and cryptocurrency wallets. The assistance from these hackers allowed the UNC3004 and UNC2652 to compromise targets even when they didn't use a hacked service provider.
• Once the hacker groups were inside a network, they compromised enterprise spam filters or other software with "application impersonation privileges," which have the ability to access email or other types of data from any other account in the compromised network. Hacking this single account saved the hassle of having to break into each account individually.
• The abuse of legitimate residential proxy services or geo-located cloud providers such as Azure to connect to end targets. When admins of the hacked companies reviewed access logs, they saw connections coming from local ISPs with good reputations or cloud providers that were in the same geography as the companies. This helped disguise the intrusions, since nation-sponsored hackers frequently use dedicated IP addresses that arouse suspicions.
• Clever ways to bypass security restrictions, such as extracting virtual machines to determine internal routing configurations of the networks they wanted to hack.
• Gaining access to an active directory stored in a target's Azure account and using this all-powerful administration tool to steal cryptographic keys that would generate tokens that could bypass two-factor authentication protections. This technique gave the intruders what's known as a Golden SAML, which is akin to a skeleton key that unlocks every service that uses the Security Assertion Markup Language, which is the protocol that makes single sign-on, 2FA, and other security mechanisms work.
• Use of a custom downloader dubbed Ceeloader.

For their fifteenth International Day Against DRM this Friday, the Free Software Foundation's "Defective by Design" campaign is "calling on you to help us send a message to purveyors of Digital Restrictions Management (DRM)".

And this year they're targeting Disney+ The ongoing pandemic has only tightened the stranglehold streaming services have as some of the most dominant forms of entertainment media, and Disney+ is among the worst of them. After years of aggressive lobbying to extend the length of copyright, based on their perceived need to keep a certain rat from entering the public domain, they've now set their sights on "protecting" their various franchises in a different way: by shackling them with digital restrictions. If Disney's stated mission is to keep "inspiring hope and sparking the curiosity of all ages", using DRM to limit that curiosity remains the wrong move.

This year, we'll be using one of Disney's own means of spreading their "service" and the DRM bundled with it: their mobile app. If you're an existing user of the Google Play (Android) or Apple App Stores, you can support the International Day Against DRM by voicing your objection to Disney's subjugation of their users. Streaming services like Netflix and Peacock have the same issues, but by targeting a newer one with such massive investment and capital behind it, we can make sure that we're heard. Disney+ is new: that gives it time to change.

Disney+ is placed near the top of the most frequently downloaded apps on both the Google Play and Apple App Stores. We invite you to write a well-thought objection to Disney's use of DRM, with a fitting review. It is the perfect way to let the corporation, and other users intending to use its services know Disney's grievous mistake in using DRM to restrict customers who already want to view their many films and television shows. It will give you a chance to give them the exact rating that any service that treats its users so poorly: a single star.

DRM isn't the only problem with the Disney+ app. It's also nonfree software. If you're not already an Android or iOS user, we don't recommend starting an account just to participate in this action. You can also choose to send an email to Disney executives following our template.
They're urging supporters to also share the actions they've taken on social media using the tag #DayAgainstDRM. (And there's also an IRC channel "to discuss and share strategies for anti-DRM activism," with more anti-DRM actions still to come.

"While some aspects of the struggle have changed, the core principles remain the same: users should not be forced to surrender their digital autonomy in exchange for media."

Wikipedia co-founder Jimmy Wales is selling a non-fungible token (or NFT) based on his first edit of the free encyclopedia. From a report: Auction house Christie's will hold a sale of the token from December 3rd to 15th, auctioning it alongside the Strawberry iMac Wales was using around Wikipedia's launch. The funds will go toward charitable causes and WT.Social, a donation-backed social network that Wales launched in 2019. Wales' NFT is effectively the keys to a very early version of Wikipedia, which debuted in January of 2001.

"What you see displayed is what Wikipedia looked like at the moment that I set up the software," he tells The Verge. The single page will be launched publicly on the web, and much like Wikipedia itself, anyone will be able to see and edit it. But all changes will revert after five minutes, returning it to its original state: a single edit reading "Hello, World!" following a long-held tradition of programming. The NFT, which is written to the Ethereum blockchain, encodes a smart contract that grants its buyer control over that website. The buyer can change the window for reverting edits, and if they really want, they can turn off editing or shut down the page. They can also take a completely hands-off approach and let Wales manage the page for them.

schwit1 shares a report from ScienceAlert: The comet Bernardinelli-Bernstein (BB) -- the largest our telescopes have ever spotted -- is on a journey from the outer reaches of our Solar System that will see it flying relatively close to Saturn's orbit. Now, a new analysis of the data we've collected on BB has revealed something rather surprising. Digging into readings logged by the Transient Exoplanet Survey Satellite (TESS) between 2018 and 2020, researchers have discovered that BB became active much earlier, and much farther out from the Sun, than was previously thought.

A comet becomes active when light from the Sun heats its icy surface, turning ice to vapor and releasing trapped dust and grit. The resulting haze, called a coma, can be useful for astronomers in working out exactly what a particular comet is made out of. In the case of BB, it's still too far out for water to sublimate. Based on studies of comets at similar distances, it's likely that the emerging fog is driven instead by a slow release of carbon monoxide. Only one active comet has previously been directly observed at a greater distance from the Sun, and it was much smaller than BB. "These observations are pushing the distances for active comets dramatically farther than we have previously known," says astronomer Tony Farnham, from the University of Maryland (UMD). "We make the assumption that comet BB was probably active even farther out, but we just didn't see it before this. What we don't know yet is if there's some cut-off point where we can start to see these things in cold storage before they become active."

The research has been published in the Planetary Science Journal.

How many members of your team are so irreplaceable that if they were hit by a bus, your project would grind to a halt?

For PHP, that number is: two. (According to a post by PHP contributor Joe Watkins earlier this year that's now being cited in Mike Melanson's "This Week in Programming" column.) "Maybe as few as two people would have to wake up this morning and decide they want to do something different with their lives in order for the PHP project to lack the expertise and resources to move it forward in its current form, and at current pace," Watkins wrote at the time, naming Dmitry Stogov and Nikita Popov as those two. Well, last week, Nikita Popov was thankfully not hit by a bus, but he did decide to move on from his role with PHP to instead focus his activities on LLVM.

Also thankfully, Watkins' article earlier this year opened some eyes to the situation at hand and, as he writes in a follow-up article this week, JetBrains (Popov's employer) reached out to him at the time regarding starting a PHP Foundation. This week, with Popov's departure, the PHP Foundation was officially launched with the goal of funding part/full-time developers to work on the PHP core in 2022. At launch, the PHP Foundation will count 10 companies — Automattic, Laravel, Acquia, Zend, Private Packagist, Symfony, Craft CMS, Tideways, PrestaShop, and JetBrains — among its backers, with an expectation to raise $300,000 per year, and with JetBrains contributing $100,000 annually. Alongside that, the foundation is being launched using foundation-as-a-service provider Open Collective, and just under 700 contributors have already raised more than $40,000 for the foundation.

One of the key benefits to creating a foundation, rather than sticking with the status quo, goes beyond increasing the bus factor — it diversifies the influences on PHP. Watkins points out that, for much of the history of PHP, Zend, the employer of Dmitry Stogov, has been a primary financial backer, and as such has had some amount of influence on the language's direction. Similarly, JetBrains had increased influence during its time employing Popov on PHP."To say they have not influenced the direction of the language as a whole would just not be true...." While Watkins says that everything has been above board and gone through standard processes to ensure so, influence is nonetheless indisputable, and that "The Foundation represents a new way to push the language forward..."

The current RFC process, JetBrains writes, "will not change, and language decisions will always be left to the PHP Internals community."
And in addition, Watkins adds, "It provides us the mechanism by which to raise the bus factor, so that we never face the problems we face today, and have faced in the past."