**Reddit Launches Moderator Rewards Program Amid Sitewide Discontent**
Amid growing discontent among Reddit's moderators, the company has launched a "Mod Helper Program" to reward moderators who offer helpful advice to other moderators. TechCrunch reports: The Mod Helper Program is a tiered system that awards helpful moderators with trophies and flairs. Reddit users accrue karma by receiving upvotes and awards, and lose karma if they receive downvotes. The program rewards moderators who receive upvotes on comments in r/ModSupport. Comment karma earned in r/ModSupport will be rewarded with trophies that will "signal to other mods that you are a source of valuable information," the moderator support team announced on Thursday. Each rank awards unique trophies and flairs, ranging from "Helper" to "Expert Helper." Reddit launched a similar program in r/help earlier this year, which rewards users who accrue karma by responding to other users' requests.
Reddit also launched the Modmail Answer Bot, which automatically responds with relevant links to the site's Help Center. If the recommended articles don't answer a specific request, it will create a ticket that will be handled by a human admin. The bot is designed to streamline moderator requests so the admin team can focus on more complex issues. Additionally, Reddit is merging the moderator-specific Help Center with its sitewide one to ensure that support resources are "easy to find and accessible from the same location."
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F23%2F08%2F25%2F067229%2Freddit-launches-moderator-rewards-program-amid-sitewide-discontent%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://tech.slashdot.org/story/23/08/25/067229/reddit-launches-moderator-rewards-program-amid-sitewide-discontent?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Namecheap To Raise
Namecheap, in a blog post: At Namecheap, we've consistently stood up for our users by challenging arbitrary domain price increases. As we approach another price increase for .COM and .XYZ domains this September, we wanted to ensure our customers are informed so you can continue to get the best value for your investments. All .COM domain renewals will see an approximate 9% increase. This price increase will happen across registrars, not just Namecheap. The new prices will take effect on September 1st. .XYZ domains will also experience a price increase.
We recommend our existing domain customers renew .COM domains before September to lock in the current rates for the coming year. Prospective registrants should likewise consider registering before the price increase to lock in existing prices. Alternatively, you might consider alternatives to .COM. Depending on the top-level domain, these options could be more budget-friendly
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fit.slashdot.org%2Fstory%2F23%2F08%2F21%2F183222%2Fnamecheap-to-raise-com-and-xyz-domain-price%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://it.slashdot.org/story/23/08/21/183222/namecheap-to-raise-com-and-xyz-domain-price?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**South Korea's Biggest Telco Says 5G Has Failed To Deliver On Its Promise**
SK Telecom, South Korea's dominant mobile carrier and sibling of chipmaker SK hynix, has declared that 5G was over-hyped, has under-delivered, and has failed to deliver a killer app. From a report: The telco offered that assessment in a recent white paper titled "5G Lessons Learned, 6G Key Requirements, 6G Network Evolution, and 6G Spectrum." The paper opens with an unflattering assessment of 5G, which the authors recall being sold as an enabler of autonomous driving, unmanned aerial vehicles (UAM), extended reality (XR) and digital twins. Those applications were possible, but did not succeed due to a combination of "device form factor constraints, immaturity of device and service technology, low or absent market demand, and policy/regulation issues."
The performance of 5G networks was not the issue, the paper argues. The telco argued that some of the goals set out by the UN's international standardization org ITU-R for 5G were met, but many tasks are still far from completion four years into the technology's commercial deployment. Those goals were meant to be realized in the long term -- but that expectation was not accurately conveyed to consumers, leading to "excessive expectations."
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F23%2F08%2F21%2F1736209%2Fsouth-koreas-biggest-telco-says-5g-has-failed-to-deliver-on-its-promise%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://tech.slashdot.org/story/23/08/21/1736209/south-koreas-biggest-telco-says-5g-has-failed-to-deliver-on-its-promise?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Should There Be an 'Official' Version of Linux?**
Why aren't more people using Linux on the desktop? Slashdot reader technology\_dude shares one solution:
Jack Wallen at ZDNet says establishing an "official" version of Linux may (or may not) help Linux on the desktop increase the number of users, mostly as someplace to point new users. It makes sense to me. What does Slashdot think and what would be the challenges, other than acceptance of a particular flavor?
Wallen argues this would also create a standard for hardware and software vendors to target, which "could equate to even more software and hardware being made available to Linux." (And an "official" Linux might also be more appealing to business users.) Wallen suggests it be "maintained and controlled by a collective of people from users, developers, and corporations (such as Intel and AMD) with a vested interest in the success of this project... There would also be corporate backing for things like marketing (such as TV commercials)." He also suggests basing it on Debian, and supporting both Snap and Flatpak...
In comments on the original submission, long-time Slashdot reader bobbomo points instead to kernel.org, arguing "There already is an official version of Linux called mainline. Everything else is backports." And jd (Slashdot user #1,658) believes that the official Linux is the Linux Standard Base. "All distributions, more-or-less, conform to the LSB, which gives you a pseudo 'official' Linux. About the one variable is the package manager. And there are ways to work around that."
Unfortunately, according to Wikipedia...
The LSB standard stopped being updated in 2015 and current Linux distributions do not adhere to or offer it; however, the lsb\_release command is sometimes still available.\[citation needed\] On February 7, 2023, a former maintainer of the LSB wrote, "The LSB project is essentially abandoned."
That post (on the lsb-discuss mailing list) argues the LSB approach was "partially superseded" by Snaps and Flatpaks (for application portability and stability). And of course, long-time Slashdot user menkhaura shares the obligatory XKCD comic...
It's not exactly the same thing, but days after ZDNet's article, CIQ, Oracle, and SUSE announced the Open Enterprise Linux Association, a new collaborative trade association to foster "the development of distributions compatible with Red Hat Enterprise Linux."
So where does that leave us? Share your own thoughts in the comments.
And should there be an "official" version of Linux?
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Flinux.slashdot.org%2Fstory%2F23%2F08%2F12%2F1835204%2Fshould-there-be-an-official-version-of-linux%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://linux.slashdot.org/story/23/08/12/1835204/should-there-be-an-official-version-of-linux?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Google's Chrome Begins Supporting Post-Quantum Key Agreement to Shield Encryption Keys**
"Teams across Google are working hard to prepare the web for the migration to quantum-resistant cryptography," writes Chrome's technical program manager for security, Devon O'Brien.
"Continuing with our strategy for handling this major transition, we are updating technical standards, testing and deploying new quantum-resistant algorithms, and working with the broader ecosystem to help ensure this effort is a success."
As a step down this path, Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115. This hybrid mechanism combines the output of two cryptographic algorithms to create the session key used to encrypt the bulk of the TLS connection:
X25519 — an elliptic curve algorithm widely used for key agreement in TLS today
Kyber-768 — a quantum-resistant Key Encapsulation Method, and NIST's PQC winner for general encryption
In order to identify ecosystem incompatibilities with this change, we are rolling this out to Chrome and to Google servers, over both TCP and QUIC and monitoring for possible compatibility issues. Chrome may also use this updated key agreement when connecting to third-party server operators, such as Cloudflare, as they add support. If you are a developer or administrator experiencing an issue that you believe is caused by this change, please file a bug.
The Register delves into Chrome's reasons for implementing this now:
"It's believed that quantum computers that can break modern classical cryptography won't arrive for 5, 10, possibly even 50 years from now, so why is it important to start protecting traffic today?" said O'Brien. "The answer is that certain uses of cryptography are vulnerable to a type of attack called Harvest Now, Decrypt Later, in which data is collected and stored today and later decrypted once cryptanalysis improves." O'Brien says that while symmetric encryption algorithms used to defend data traveling on networks are considered safe from quantum cryptanalysis, the way the keys get negotiated is not. By adding support for a hybrid KEM, Chrome should provide a stronger defense against future quantum attacks...
Rebecca Krauthamer, co-founder and chief product officer at QuSecure, told The Register in an email that while this technology sounds futuristic, it's useful and necessary today... \[T\]he arrival of capable quantum computers should not be thought of as a specific, looming date, but as something that will arrive without warning. "There was no press release when the team at Bletchley Park cracked the Enigma code, either," she said.
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fit.slashdot.org%2Fstory%2F23%2F08%2F13%2F0315254%2Fgoogles-chrome-begins-supporting-post-quantum-key-agreement-to-shield-encryption-keys%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://it.slashdot.org/story/23/08/13/0315254/googles-chrome-begins-supporting-post-quantum-key-agreement-to-shield-encryption-keys?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Microsoft Spotted 15 High-Security Vulnerabilities in Industrial SDK Used by Power Plants**
Ars Technica reports that Microsoft "disclosed 15 high-severity vulnerabilities in a widely used collection of tools used to program operational devices inside industrial facilities" (like plants for power generation, factory automation, energy automation, and process automation).
On Friday Microsoft "warned that while exploiting the code-execution and denial-of-service vulnerabilities was difficult, it enabled threat actors to 'inflict great damage on targets.'"
The vulnerabilities affect the CODESYS V3 software development kit. Developers inside companies such as Schneider Electric and WAGO use the platform-independent tools to develop programmable logic controllers, the toaster-sized devices that open and close valves, turn rotors, and control various other physical devices in industrial facilities worldwide... "A denial-of-service attack against a device using a vulnerable version of CODESYS could enable threat actors to shut down a power plant, while remote code execution could create a backdoor for devices and let attackers tamper with operations, cause a PLC to run in an unusual way, or steal critical information," Microsoft researchers wrote.
Friday's advisory went on to say: "\[...\] While exploiting the discovered vulnerabilities requires deep knowledge of the proprietary protocol of CODESYS V3 as well as user authentication (and additional permissions are required for an account to have control of the PLC), a successful attack has the potential to inflict great damage on targets. Threat actors could launch a denial-of-service attack against a device using a vulnerable version of CODESYS to shut down industrial operations or exploit the remote code execution vulnerabilities to deploy a backdoor to steal sensitive data, tamper with operations, or force a PLC to operate in a dangerous way."
Microsoft privately notified Codesys of the vulnerabilities in September, and the company has since released patches that fix the vulnerabilities. It's likely that by now, many vendors using the SDK have installed updates. Any who haven't should make it a priority.
"With the likelihood that the 15 vulnerabilities are patched in most previously vulnerable production environments, the dire consequences Microsoft is warning of appear unlikely," the article notes.
A malware/senior vulnerability analyst at industrial control security firm Dragos also pointed out that CODESYS "isn't widely used in power generation so much as discrete manufacturing and other types of process control. So that in itself should allay some concern when it comes to the potential to 'shut down a power plant'." (And in addition, "industrial systems are extremely complex, and being able to access one part doesn't necessarily mean the whole thing will come crashing down.")
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F23%2F08%2F13%2F0253254%2Fmicrosoft-spotted-15-high-security-vulnerabilities-in-industrial-sdk-used-by-power-plants%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://hardware.slashdot.org/story/23/08/13/0253254/microsoft-spotted-15-high-security-vulnerabilities-in-industrial-sdk-used-by-power-plants?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Some People Are Having Sex in San Francisco's Robotaxis**
An anonymous reader shared this report from the San Francisco Standard:
As autonomous vehicles become increasingly popular in San Francisco, some riders are wondering just how far they can push the vehicles' limits — especially with no front-seat driver or chaperone to discourage them from questionable behavior... The Standard has spoken to four separate Cruise car riders who said they've had sex or hooked up in the driverless vehicles in San Francisco over recent months and have provided ride receipts. The Standard was unable to find a source who said they'd had sex in a Waymo...
The rules and regulations surrounding robotaxis are murky, largely because the industry is so new... Unfortunately for the debaucherous among us, robotaxi companies currently use pretty extensive camera surveillance inside and outside of their cars. "We record video inside of the car for added safety and support," Cruise states on its website... When asked, both Cruise and Waymo sidestepped commenting directly on what is or isn't allowed in their cars.
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F23%2F08%2F13%2F0036240%2Fsome-people-are-having-sex-in-san-franciscos-robotaxis%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://tech.slashdot.org/story/23/08/13/0036240/some-people-are-having-sex-in-san-franciscos-robotaxis?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**ChatGPT's Odds of Getting Code Questions Correct are Worse Than a Coin Flip**
An anonymous reader shared this report from the Register:
ChatGPT, OpenAI's fabulating chatbot, produces wrong answers to software programming questions more than half the time, according to a \[pre-print\] study from Purdue University. That said, the bot was convincing enough to fool a third of participants.
The Purdue team analyzed ChatGPT's answers to 517 Stack Overflow questions to assess the correctness, consistency, comprehensiveness, and conciseness of ChatGPT's answers. The U.S. academics also conducted linguistic and sentiment analysis of the answers, and questioned a dozen volunteer participants on the results generated by the model. "Our analysis shows that 52 percent of ChatGPT answers are incorrect and 77 percent are verbose," the team's paper concluded. "Nonetheless, ChatGPT answers are still preferred 39.34 percent of the time due to their comprehensiveness and well-articulated language style." Among the set of preferred ChatGPT answers, 77 percent were wrong...
"During our study, we observed that only when the error in the ChatGPT answer is obvious, users can identify the error," their paper stated. "However, when the error is not readily verifiable or requires external IDE or documentation, users often fail to identify the incorrectness or underestimate the degree of error in the answer." Even when the answer has a glaring error, the paper stated, two out of the 12 participants still marked the response preferred. The paper attributes this to ChatGPT's pleasant, authoritative style.
"From semi-structured interviews, it is apparent that polite language, articulated and text-book style answers, comprehensiveness, and affiliation in answers make completely wrong answers seem correct," the paper explained.
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fdevelopers.slashdot.org%2Fstory%2F23%2F08%2F12%2F0334229%2Fchatgpts-odds-of-getting-code-questions-correct-are-worse-than-a-coin-flip%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://developers.slashdot.org/story/23/08/12/0334229/chatgpts-odds-of-getting-code-questions-correct-are-worse-than-a-coin-flip?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**New Nanophotonic Sample-Testing Chip Could Detect Multiple Viruses or Cancers In Minutes**
Science magazine reports:
Researchers have shown how to conduct thousands of rapid molecular screenings simultaneously, using light to identify target molecules snared on top of an array of tiny silicon blocks. In theory, the tool could be used to spot 160,000 different molecules in a single square centimeter of space. Developed to spot gene fragments from the SARS-CoV-2 virus and other infectious organisms, the technology should also be able to identify protein markers of cancer and small molecules flagging toxic threats in the environment...
"\[P\]revious sensors have not been able to detect a wide range of target molecules," from very low to very high abundance, says Jennifer Dionne, an applied physicist at Stanford University. In hopes of getting around these problems, Dionne and her colleagues turned to an optical detection approach that relies on metasurfaces, arrays of tiny silicon boxes — each roughly 500 nanometers high, 600 nanometers long, and 160 nanometers wide — that focus near-infrared light on their top surface. This focusing makes it easy for a simple optical microscope to detect the shift in the wavelength of light coming from each silicon block, which varies depending on what molecules sit on top...
\[T\]he technique could allow doctors to detect viral infections without first having to amplify the genetic material from a patient, Dionne says. Perhaps as important, she notes, an array can be designed to reveal how much target DNA has bound, making it possible to detect in minutes not just whether a particular virus is present, but how intense the infection is. Such information could help doctors tailor their treatments. Current tests can also do this, but they normally take several hours to amplify the genetic material and quantify the results.
Dionne and her colleagues have formed a company called Pumpkinseed Bio to commercialize their new detectors, specifically aimed at detecting minute levels of proteins and other molecules that can't readily be amplified to make them easier to detect. And because only a small number of silicon blocks would be needed to spot individual target molecules, researchers should be able to craft arrays to track a multitude of disease biomarkers simultaneously. "We hope to look at many disease states at the same time," says Jack Hu, a former graduate student in Dionne's lab and head of the new startup. "That's the vision."
Thanks to Slashdot reader sciencehabit for sharing the article.
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fscience.slashdot.org%2Fstory%2F23%2F08%2F12%2F0615211%2Fnew-nanophotonic-sample-testing-chip-could-detect-multiple-viruses-or-cancers-in-minutes%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://science.slashdot.org/story/23/08/12/0615211/new-nanophotonic-sample-testing-chip-could-detect-multiple-viruses-or-cancers-in-minutes?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Teens Hacked Boston Subway Cards For Infinite Free Rides, and This Time Nobody Got Sued**
Long-time Slashdot reader UnCivil Liberty writes:
Following in the footsteps of three MIT students who were previously gagged from presenting their findings at Defcon 2008 are two Massachusetts teens (who presented at this year's Defcon without interference).
The four teens extended other research done by the 2008 hacker team to fully reverse engineer the "CharlieCard," the RFID touchless smart card used by Boston's public transit system. The hackers can now add any amount of money to one of these cards or invisibly designate it a discounted student card, a senior card, or even an MBTA employee card that gives them unlimited free rides. "You name it, we can make it," says Campbell.
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F23%2F08%2F12%2F1931247%2Fteens-hacked-boston-subway-cards-for-infinite-free-rides-and-this-time-nobody-got-sued%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://tech.slashdot.org/story/23/08/12/1931247/teens-hacked-boston-subway-cards-for-infinite-free-rides-and-this-time-nobody-got-sued?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**For Carbon-Capture Experiment, Researchers Dye Canada's Halifax Harbor Pink**
The CBC reports that "Some parts of the Halifax harbour turned a bright shade of pink on Thursday — for science."
After researchers dumped in 500 litres of safe, water-soluble dye, "boats, drones and underwater robots were then deployed to map the movement of the dye, so researchers can understand where materials spread and how quickly they do so." The CTV calls it "part of long-term research project that could help reverse some of the world's greenhouse gas emissions" by Dalhousie University and the climate-solutions research organization Planetary Technologies:
The move is the first step, says Katja Fennel, an oceanographer at Dalhousie, before researchers release alkaline material into the water this fall. That material will effectively act as an antacid for the ocean, helping to neutralize the additional acidic carbon dioxide being absorbed by the world's oceans. "The purpose is to actually induce the ocean to take up atmospheric CO2 — CO2 from the air — and help us reduce legacy carbon dioxide emissions to the atmosphere," Fennel told CTV News.
To track the uptake of carbon dioxide, researchers need to account for the movement of water. So "The ultimate goal here is to test an idea for a technology that would help us reduce atmospheric CO2," one oceanographer leading the research told the CBC, "and could be one tool in the toolbox for fighting climate change..."
They point out that the ocean holds 50 times as much CO2 as is in the atmosphere, and call the experiment "cutting edge...world-leading research... Ocean alkalinity enhancement has the greatest potential, actually, in terms of storing carbon permanently and safely at a scale that is relevant for global climate."
Thanks to long-time Slashdot reader Baron\_Yam for sharing the article.
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F23%2F08%2F12%2F1913211%2Ffor-carbon-capture-experiment-researchers-dye-canadas-halifax-harbor-pink%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://news.slashdot.org/story/23/08/12/1913211/for-carbon-capture-experiment-researchers-dye-canadas-halifax-harbor-pink?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**US Spy Agencies Will Start Sharing More Cyber-Threat Intelligence with Private Companies**
An anonymous reader shared this report from the Wall Street Journal:
U.S. spy agencies will share more intelligence with U.S. companies, nongovernmental organizations and academia under a new strategy released this week that acknowledges concerns over new threats, such as another pandemic and increasing cyberattacks. The National Intelligence Strategy, which sets broad goals for the sprawling U.S. intelligence community, says that spy agencies must reach beyond the traditional walls of secrecy and partner with outside groups to detect and deter supply-chain disruptions, infectious diseases and other growing transnational threats. The intelligence community "must rethink its approach to exchanging information and insights," the strategy says.
The U.S. government in recent years has begun sharing vast amounts of cyber-threat intelligence with U.S. companies, utilities and others who are often the main targets of foreign hackers, as well as information on foreign-influence operations with social-media companies... The emphasis on greater intelligence sharing is part of a broader trend toward declassification that the Biden administration has pursued.
"The new strategy is meant to guide 18 U.S. intelligence agencies with an annual budget of about $90 billion... "
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F23%2F08%2F12%2F0348222%2Fus-spy-agencies-will-start-sharing-more-cyber-threat-intelligence-with-private-companies%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://yro.slashdot.org/story/23/08/12/0348222/us-spy-agencies-will-start-sharing-more-cyber-threat-intelligence-with-private-companies?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**'Bulletproof' Web Site Hosting Ransomware Finally Seized, Founder Indicted**
An anonymous reader shared this report from CNBC:
The mastermind behind a ransomware hosting service that allegedly helped criminals collect more than 5,000 bitcoin in ransom from hundreds of victims was indicted in federal court this week, prosecutors announced Thursday. Artur Grabowski's LolekHosted service operated for about a decade and advertised itself as a haven for "everything but child porn," according to Florida prosecutors. Clients allegedly used the hosting service to deploy ransomware viruses that infected around 400 networks around the world... \[That's 400 just for the Netwalker ransomware, which the announcement calls "one of the ransomware variants facilitated by LolekHosted."\]
Grabowski was charged with computer fraud, wire fraud, and conspiracy to commit international money laundering. Grabowski himself is also the subject of a $21.5 million seizure order... Grabowski, a Polish national, faces a maximum sentence of 45 years, if he is ever detained and convicted.
Grabowski also "remains a fugitive," according to an announcement from the U.S. Department of Justice. It notes that the 36-year-old's site — registered in 2014 — also "facilitated" brute-force attacks, and phishing.
"Grabowski allegedly facilitated the criminal activities of LolekHosted clients by allowing clients to register accounts using false information, not maintaining Internet Protocol (IP) address logs of client servers, frequently changing the IP addresses of client servers, ignoring abuse complaints made by third parties against clients, and notifying clients of legal inquiries received from law enforcement."
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F23%2F08%2F11%2F2345203%2Fbulletproof-web-site-hosting-ransomware-finally-seized-founder-indicted%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://yro.slashdot.org/story/23/08/11/2345203/bulletproof-web-site-hosting-ransomware-finally-seized-founder-indicted?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Amazon Warns Employees Who Don't Go to the Office Enough**
Amazon has sent emails "to those it believes are not complying with its return-to-office policies," reports CNN:
The message highlights Amazon's determination to enforce its rules amid an employee backlash to the policy, which requires workers to report to an office at least three days a week, and in the face of a broader push by companies to scale back on remote work.
Screenshots of the email circulating on social media show that Amazon told some employees they were "not currently meeting our expectation of joining your colleagues in the office at least three days a week, even though your assigned building is ready... We expect you to start coming into the office three or more days a week now," the email continued.
It added that since the policy went into effect in May, many Amazon employees have complied, "and you can feel the surge in energy and collaboration happening among Amazonians and across teams."
Amazon told employees that the email "was sent to employees who have badged in fewer than 3 days a week for 5 or more of the past 8 weeks, have not badged in 3 days a week for 3 or more of the past 4 weeks, and their building has been ready for 8 weeks or more."
CNN adds that a followup email "acknowledged that some may have received the notice in error and urged those individuals to contact their managers to correct the mistake."
(<a href=)
Read more of this story (https://it.slashdot.org/story/23/08/12/0115223/amazon-warns-employees-who-dont-go-to-the-office-enough?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Publishers, Internet Archive Agree To Streamline Digital Book-Lending Case**
An anonymous reader quotes a report from Reuters: The Internet Archive and a group of leading book publishers told a Manhattan federal court on Friday that they have resolved aspects of their legal battle over the Archive's digital lending of their scanned books. If accepted, the consent judgment would settle questions over potential money damages in the case and the scope of a ban on the Archive's lending and would clear the way for the Archive to appeal U.S. District Judge John Koeltl's decision that it infringed the publishers' copyrights.
The proposed order would require the Archive to pay Lagardere SCA's Hachette Book Group, News Corp's HarperCollins Publishers, John Wiley & Sons and Bertelsmann SE & Co's Penguin Random House an undisclosed amount of money if it loses its appeal. The order would also permanently block the Archive from lending out copies of the publishers' books without permission, pending the result of the appeal. They asked Koeltl to resolve a dispute over whether the order will apply only to the publishers' books that are already available for electronic licensing or books commercially available in any format.
The Internet Archive said in a blog post that the fight was "far from over," and founder Brewster Kahle said in a statement that "we must have strong libraries, which is why we are appealing this decision." Maria Pallante, the CEO of the Association of American Publishers, said in a statement that the plaintiffs were "extremely pleased" with the proposed injunction, which will "extend not only to the Plaintiffs' 127 works in suit but also to thousands of other literary works in their catalogs."
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F23%2F08%2F12%2F0119254%2Fpublishers-internet-archive-agree-to-streamline-digital-book-lending-case%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://news.slashdot.org/story/23/08/12/0119254/publishers-internet-archive-agree-to-streamline-digital-book-lending-case?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Scientists Genetically Engineer Bacteria To Detect Cancer Cells**
An international team of scientists has developed a new technology that can help detect (or even treat) cancer in hard-to-reach places, such as the colon. The team has published a paper in Science for the technique dubbed CATCH, or cellular assay for targeted, CRISPR-discriminated horizontal gene transfer. Engadget reports: For their lab experiments, the scientists used a species of bacterium called Acinetobacter baylyi. This bacterium has the ability to naturally take up free-floating DNA from its surroundings and then integrate it into its own genome, allowing it to produce new protein for growth. What the scientists did was engineer A. baylyi bacteria so that they'd contain long sequences of DNA mirroring the DNA found in human cancer cells. These sequences serve as some sort of one-half of a zipper that locks on to captured cancer DNA. For their tests, the scientists focus on the mutated KRAS gene that's commonly found in colorectal tumors. If an A. baylyi bacterium finds a mutated DNA and integrates it into its genome, a linked antibiotic resistance gene also gets activated. That's what the team used to confirm the presence of cancer cells: After all, only bacteria with active antibiotic resistance could grow on culture plates filled with antibiotics.
While the scientists were successfully able to detect tumor DNA in mice injected with colorectal cancer cells in the lab, the technology is still not ready to be used for actual diagnosis. The team said it's still working on the next steps, including improving the technique's efficiency and evaluating how it performs compared to other diagnostic tests. In the future, the technology could also be used for targeted biological therapy that can deploy treatment to specific parts of the body based on the presence of certain DNA sequences.
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fscience.slashdot.org%2Fstory%2F23%2F08%2F12%2F0115220%2Fscientists-genetically-engineer-bacteria-to-detect-cancer-cells%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://science.slashdot.org/story/23/08/12/0115220/scientists-genetically-engineer-bacteria-to-detect-cancer-cells?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Neil Gaiman To Continue 'Good Omens' Story Even If It's Not Renewed For Season 3**
In the unfortunate event that Amazon cancels Good Omens, a British fantasy comedy series created by Neil Gaiman, the New York Times bestselling author says a novel would be written to continue where the show left off. For those unaware, Good Omens recently launched season two on Amazon Prime and follows various characters all trying to either encourage or prevent an imminent Armageddon, seen through the eyes of the angel Aziraphale and the demon Crowley. According to Gizmodo's Linda Codega, it "ends on an absolutely devastating cliffhanger. Emotionally speaking." From the report: Neil Gaiman, the co-author of Good Omens (the book) alongside Terry Pratchett and the lead writer on Good Omens (the show), has always been active on Tumblr. Naturally, people have been asking him about that ending -- mostly because Good Omens, for all the hype, hasn't yet been renewed for a third season, and I will reiterate, the ending of season two is heart-wrenching. Gaiman had a lovely answer for one fan \[poohbear0915\] who asked: "In the unfortunate event that Good Omens is not renewed for a season three, would you consider releasing a script book of what would have happened for the fans to read?" Neil Gaiman responded: "No, I'd write a novel."
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fentertainment.slashdot.org%2Fstory%2F23%2F08%2F11%2F2141211%2Fneil-gaiman-to-continue-good-omens-story-even-if-its-not-renewed-for-season-3%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://entertainment.slashdot.org/story/23/08/11/2141211/neil-gaiman-to-continue-good-omens-story-even-if-its-not-renewed-for-season-3?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Canon Is Getting Away With Printers That Won't Scan Sans Ink**
Last year, Queens resident David Leacraft filed a lawsuit against Canon claiming that his Canon Pixma All-in-One printer won't scan documents unless it has ink. According to The Verge's Sean Hollister, it has quietly ended in a private settlement rather than becoming a big class-action. From the report: I just checked, and a judge already dismissed David Leacraft's lawsuit in November, without (PDF) Canon ever being forced to show what happens when you try to scan without a full ink cartridge. (Numerous Canon customer support reps wrote that it simply doesn't work.) Here's the good news: HP, an even larger and more shameless manufacturer of printers, is still possibly facing down a class-action suit for the same practice.
As Reuters reports, a judge has refused to dismiss a lawsuit by Gary Freund and Wayne McMath that alleges many HP printers won't scan or fax documents when their ink cartridges report that they've run low. Among other things, HP tried to suggest that Freund couldn't rely on the word of one of HP's own customer support reps as evidence that HP knew about the limitation. But a judge decided it was at least enough to be worth exploring in court. "Plaintiffs have plausibly alleged that HP had a duty to disclose and had knowledge of the alleged defect," wrote Judge Beth Labson Freeman, in the order denying almost all of HP's current attempts to dismiss the suit.
Interestingly, neither Canon nor HP spent any time trying to argue their printers do scan when they're low on ink in the lawsuit responses I've read. Perhaps they can't deny it? Epson, meanwhile, has an entire FAQ dedicated to reassuring customers that it hasn't pulled that trick since 2008. (Don't worry, Epson has other forms of printer enshittification.) HP does seem to be covering its rear in one way. The company's original description on Amazon for the Envy 6455e claimed that you could scan things "whenever". But when I went back now to check the same product page, it now reads differently: HP no longer claims this printer can scan "whenever" you want it to. Now, we wait to see whether the case can clear the bars needed to potentially become a big class-action trial, or whether it similarly settles like Canon, or any number of other outcomes.
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fhardware.slashdot.org%2Fstory%2F23%2F08%2F11%2F2128233%2Fcanon-is-getting-away-with-printers-that-wont-scan-sans-ink%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://hardware.slashdot.org/story/23/08/11/2128233/canon-is-getting-away-with-printers-that-wont-scan-sans-ink?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Pornhub Sues Texas Over Age Verification Law**
Pornhub, along with several other members and activists in the adult industry are suing Texas to block the state's impending law that would require age verification to view adult content. Motherboard reports: The complaint was filed on August 4 in US District Court for the Western District of Texas, and the law will take effect on September 1 unless the court agrees to block it. Governor Greg Abbott passed HB 1181 into law in June. The plaintiffs, including Pornhub, adult industry advocacy group Free Speech Coalition, and several other site operators and industry members, claim that the law violates both the Constitution of the United States and the federal Communications Decency Act.
In the complaint, the plaintiffs write that the act employs "the least effective and yet also the most restrictive means of accomplishing Texas' stated purpose of allegedly protecting minors," and that minors can easily use VPNs or Tor; on-device content filtering would be a better method of restricting access to porn for children, they write. "But such far more effective and far less restrictive means don't really matter to Texas, whose true aim is not to protect minors but to squelch constitutionally protected free speech that the State disfavors."
Under the law, porn sites would be required to display a "Texas Health and Human Services Warning" on their websites in 14-point font or larger font, in addition to age verification. "Texas could easily spread its ideological, anti-pornography message through public service announcements and the like without foisting its viewpoint upon others through mandated statements that are a mix of falsehoods, discredited pseudo-science, and baseless accusations," the complaint says.
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F23%2F08%2F11%2F2117221%2Fpornhub-sues-texas-over-age-verification-law%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://yro.slashdot.org/story/23/08/11/2117221/pornhub-sues-texas-over-age-verification-law?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.
**Illinois Just Made It Possible To Sue People For Doxxing Attacks**
An anonymous reader quotes a report from Ars Technica: Last Friday, Illinois became one of the few states to pass an anti-doxxing law, making it possible for victims to sue attackers who "intentionally" publish their personally identifiable information with intent to harm or harass them. (Doxxing is sometimes spelled "doxing.") The Civil Liability for Doxing Act, which takes effect on January 1, 2024, passed after a unanimous vote. It allows victims to recover damages and to request "a temporary restraining order, emergency order of protection, or preliminary or permanent injunction to restrain and prevent the disclosure or continued disclosure of a person's personally identifiable information or sensitive personal information."
It's the first law of its kind in the Midwest, the Daily Herald reported, and is part of a push by the Anti-Defamation League (ADL) to pass similar laws at the state and federal levels. ADL's Midwest regional director, David Goldenberg, told the Daily Herald that ADL has seen doxxing become "over the past few years" an effective way of "weaponizing" the Internet. ADL has helped similar laws pass in Maryland, Nevada, Oregon, and Washington. \[...\] The law does not involve criminal charges but imposes civil liability on individuals who dox any Illinois residents. Actions can also be brought against individuals when "any element" of a doxxing offense occurs in the state. \[...\]
Goldenberg told Ars that the Illinois law was written to emphasize not how information was found and gathered by people seeking to dox others, but on what they did with the information and how much harm they caused. The law might need less updating as the Internet evolves if it doesn't focus on the methods used to mine personally identifiable information. "The reality is that those who are using the Internet to spread hate, to spread misinformation, to do bad are pretty nimble and technology changes on a near daily basis," Goldenberg told Ars. "The law was crafted in a way that ensures that if technology changes, and people use new technologies to share someone's personally identifiable information with the intent to do harm and that harm actually happens, this law remains relevant."
(https://a.fsdn.com/sd/facebook_icon_large.png" class="embedded-image" loading="lazy"> (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fnews.slashdot.org%2Fstory%2F23%2F08%2F11%2F2037218%2Fillinois-just-made-it-possible-to-sue-people-for-doxxing-attacks%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook)
Read more of this story (https://news.slashdot.org/story/23/08/11/2037218/illinois-just-made-it-possible-to-sue-people-for-doxxing-attacks?utm_source=rss1.0moreanon&utm_medium=feed) at Slashdot.