The Xen Project has ported its hypervisor to the 64-bit Raspberry Pi 4. The Register reports: The idea to do an official port bubbled up from the Xen community and then reached the desk of George Dunlap, chairman of the Xen Project's Advisory Board. Dunlap mentioned the idea to an acquaintance who works at the Raspberry Pi Foundation, and was told that around 40 percent of Pis are sold to business users rather than hobbyists. With more than 30 million Arm-based Pis sold as of December 2019, and sales running at a brisk 600,000-plus a month in April 2020, according to Pi guy Eben Upton, Dunlap saw an opportunity to continue Xen's drive towards embedded and industrial applications. Stefano Stabellini, who by day works at FPGA outfit Xilinx, and past Apache Foundation director Roman Shaposhnik took on the task of the port. The pair clocked that the RPi 4's system-on-chip used a regular GIC-400 interrupt controller, which Xen supports out of the box, and thought this was a sign this would, overall, be an easy enough job. That, the duo admitted, was dangerous optimism. Forget the IRQs, there was a whole world of physical and virtual memory addresses to navigate. The pair were "utterly oblivious that we were about to embark on an adventure deep in the belly of the Xen memory allocator and Linux address translation layers," we're told. [The article goes on to explain the hurdles that were ahead of them.] "Once Linux 5.9 is out, we will have Xen working on RPi4 out of the box," the pair said. [...] Stefano Stabellini told The Register that an official Xen-on-RPi port will make a difference in the Internet-of-Things community, because other Arm development boards are more costly than the Pi, and programmers will gravitate towards a cheaper alternative for prototyping. He also outlined scenarios, such as a single edge device running both a real-time operating system alongside another OS, each dedicated to different tasks but inhabiting the same hardware and enjoying the splendid isolation of a virtual machine rather than sharing an OS as containers. George Dunlap also thinks that an official Xen-on-RPi port could also be of use to home lab builders, or perhaps just give developers a more suitable environment for their side projects than a virtual machine or container on their main machines. Stay tuned to Project EVE's Github page for more details about how to build your own Xen-for-RPi. Hacks to get it up and running should also appear on the Xen project blog.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Fortune: Cloudflare is launching a privacy-friendly rival to Google Analytics. Google Analytics is a free toolkit that's used by website administrators across the globe to help them track the behavior of the people visiting those sites -- how they find them, what they do there, the devices they're using, and so on. However, the service -- the most popular of its kind -- also helps Google track websites' visitors, so it can better profile them for advertising purposes. This privacy-invasive aspect makes many people squeamish. And that's where Cloudflare would now like to step in. Around its birthday every year, the decade-old company -- which went public last year -- announces a move intended to "give back" to the wider Internet community. These moves are often related to privacy. On Tuesday, it unveiled Cloudflare Web Analytics, a free-to-use toolkit that largely replicates what Google Analytics offers -- minus the invasive tracking, and thus the ability to assess the performance of targeted ads carried on websites. Cloudflare Web Analytics is immediately available to the company's paid customers, but any website owner will be able to use it from some point in the coming months. Cloudflare's scale is crucial here [...] because it takes substantial resources to run a free analytics platform, and Cloudflare already has a giant network that can support the load. Cloudflare Web Analytics isn't the company's only big announcement this week. "On Monday, Cloudflare launched a beta testing program for a cloud technology called Durable Objects," the report adds. "You can read the technical explanation here, but in essence this is a tool that allows developers of online services to make those services comply with the increasing number of data-localization and data-protection laws that limit where users' data is supposed to go." "With Durable Objects, Cloudflare says, it is possible to specify where particular data will reside on Cloudflare's network, so -- for example -- a German user's data does not have to leave Germany. Or, with an eye to other current news, a service such as TikTok could ensure that U.S. users' data never leaves the U.S., without having to create a separate version of its service for that country."

Read more of this story at Slashdot.

Anthony Boadle, reporting for Reuters: [...] In April and May, so many Manaus residents were dying from COVID-19 that its hospitals collapsed and cemeteries could not dig graves fast enough. The city never imposed a full lockdown. Non-essential businesses were closed but many simply ignored social distancing guidelines. Then in June, deaths unexpectedly plummeted. Public health experts wondered whether so many residents had caught the virus that it had run out of new people to infect. Research posted last week to medRxiv, a website distributing unpublished papers on health science, estimated that 44% to 66% of the Manaus population was infected between the peak in mid-May and August. The study by the University of Sao Paulo's Institute of Tropical Medicine tested newly donated banked blood for antibodies to the virus and used a mathematical model to estimate contagion levels. The high infection rate suggested that herd immunity led to the dramatic drop in cases and deaths, the study said. Scientists estimate that up to 70 pct of the population may need to be protected against coronavirus to reach herd immunity. In Manaus, daily burials and cremations fell from a peak of 277 on May 1 to just 45 in mid-September, the mayor's office said. The COVID-19 death toll that officially peaked at 60 on April 30 dropped to just two or three a day by late August. Now the numbers are on the rise again.

Read more of this story at Slashdot.

Environmental groups have called the move to revoke regulations that protect mangroves a "crime".

More than 30 elephants were found lying on their stomachs, according to wildlife officials.

Catalin Cimpanu, writing for ZDNet: For many years, the Microsoft Security Intelligence Report has been the gold standard in terms of providing a yearly overview of all the major events and trends in the cyber-security and threat intelligence landscape. While Microsoft unceremoniously retired the old SIR reports back in 2018, the OS maker appears to have realized its mistake, and has brought it back today, rebranded as the new Microsoft Digital Defense Report. Just like the previous SIR reports, Microsoft has yet again delivered. Taking advantage of its vantage points over vast swaths of the desktop, server, enterprise, and cloud ecosystems, Microsoft has summarized the biggest threats companies deal with today in the face of cybercrime and nation-state attackers. The report is 88 pages long, includes data from July 2019 and June 2020, and some users might not have the time to go through it in its entirety. Below is a summary of the main talking points, Microsoft's main findings, and general threat landscape trends. [...] But, by far, the most disruptive cybercrime threat of the past year have been ransomware gangs. Microsoft said that ransomware infections had been the most common reason behind the company's incident response (IR) engagements from October 2019 through July 2020. And of all ransomware gangs, it's the groups known as "big game hunters" and "human-operated ransomware" that have given Microsoft the most headaches. These are groups that specifically target select networks belonging to large corporations or government organizations, knowing they stand to receive larger ransom payments. Most of these groups operate either by using malware infrastructure provided by other cybercrime groups or by mass-scanning the internet for newly-disclosed vulnerabilities. In most cases, groups gain access to a system and maintain a foothold until they're ready to launch their attacks. However, Microsoft says that this year, these ransomware gangs have been particularly active and have reduced the time they need to launch attacks, and especially during the COVID-19 pandemic. "Attackers have exploited the COVID-19 crisis to reduce their dwell time within a victim's system â" compromising, exfiltrating data and, in some cases, ransoming quickly â" apparently believing that there would be an increased willingness to pay as a result of the outbreak," Microsoft said today. "In some instances, cybercriminals went from initial entry to ransoming the entire network in under 45 minutes."

Read more of this story at Slashdot.

Apple is trying to delay a legal fight over allegedly stolen blood-oxygen monitoring technology in its latest watch so it can gain a more dominant share of the smartwatch market, medical-sensor maker Masimo said in a court filing late Monday. From a report: Blood-oxygen monitoring is a key feature of the latest Apple Watch Series 6 announced on Sept. 15. Masimo and its spinoff Cercacor Laboratories had sued in January, accusing Apple of promising a working relationship only to steal secret information and hire away key employees, including Cercacor's former chief technology officer and Masimo's chief medical officer. Cupertino, California-based Apple hasn't formally responded to the allegations. Instead, it has filed requests to dismiss the trade-secret part of the case and earlier this month lodged petitions to have Masimo patents invalidated at the U.S. Patent and Trademark Office. Apple wants the trial court in Santa Ana, California, to keep the civil suit on hold until those issues are resolved. Postponing the case "would allow Apple to seize on a critical window of opportunity to capture an emerging field," Masimo said in the filing Monday. "Just as it has done in numerous other markets, Apple seeks to use its considerable resources and ecosystem to capture the market without regard" to Masimo's patents, the sensor-maker said.

Read more of this story at Slashdot.

The Trump administration's campaign against TikTok gets all the headlines, but the U.S. move last week to place restrictions on Semiconductor Manufacturing International Corp. (SMIC), China's top chipmaker, could end up making a greater difference. From a report: Semiconductor analysts say SMIC represented China's strongest bid to build a domestic chip industry and bolster its tech independence. Sanctions that cut off its access to advanced manufacturing and testing equipment from the U.S. could seriously set that effort back. The Commerce Department sent a letter Friday to U.S. semiconductor firms telling them they would need licenses to export some kinds of equipment to SMIC because anything they sold the company might be subject to "diversion to a military end use." SMIC denies any relationship with China's military.

Read more of this story at Slashdot.

One of the more worrying aspects of the Covid-19 pandemic in the US is its effect on undergraduate enrollments. From a report: Over the summer there were indications, through student loan data and Census surveys, that students were either dropping out or not enrolling in previous numbers. For some students, particularly those from low-income and minority families, the financial and logistical challenges posed by the pandemic were too much to overcome. Now we have an early glimpse of actual enrollment figures from 629 US colleges (or about 22%) that reported their data to the National Student Clearinghouse, a nonprofit that collects information for universities. The data, which compare the same colleges from 2019 to 2020, go through Sept. 10, and were reported Sept. 24. Undergraduate enrollments are indeed falling, particularly for two-year associate degrees and certificates, which are often options for students unable to afford four-year institutions. But for graduate programs, enrollments are surging as new graduates delay entering the job market and newly unemployed college graduates seek to burnish their skills and credentials with an advanced degree. The graduate option seeing the most growth is a post-baccalaureate certificate (or "postbac"), a non-degree credential often pursued by students looking to switch disciplines, like a humanities major who wants to apply to medical school. The exception are professional degrees, like in business and law, which have declined slightly.

Read more of this story at Slashdot.

Poll: How many pushups can Trump do?

On the eve of the first presidential debate, the Biden campaign is pressing Facebook to remove posts by President Trump -- and slamming the social media company as "the nation's foremost propagator of disinformation about the voting process." From a report: By publicly escalating the conflict, the campaign is pressing Facebook to enforce its policies against misinformation more aggressively. "Rather than seeing progress, we have seen regression," campaign manager Jen O'Malley Dillon wrote to Facebook CEO Mark Zuckerberg in a three-page letter obtained by Axios. "Facebook's continued promise of future action is serving as nothing more than an excuse for inaction," the letter says. "We will be calling out those failures as they occur over the coming 36 days."

Read more of this story at Slashdot.

More than 150 people in Bougainville have filed a complaint against the embattled Rio Tinto company.

Here's a Hello World web app for ES6 modules. It uses a module that defines one function, secsSince. It then calls that from another module, and displays the result on the page. It's as simple as I could make it and it works. Not sure I want to use ES6 modules, but at least now I know how to do it, and you do too. All the other tutorials were missing some information you need to understand how modules work. The most confusing thing about modules is that you can only invoke modules from other modules. That means basically that all the JavaScript code in your web app has to be in a module. Not sensible imho, but also not much of a burden. BTW you can run the code without downloading.

D-Wave today launched its next-generation quantum computing platform available via its Leap quantum cloud service. The company calls Advantage "the first quantum computer built for business." In that vein, D-Wave today also debuted Launch, a jump-start program for businesses that want to begin building hybrid quantum applications. From a report: "The Advantage quantum computer is the first quantum computer designed and developed from the ground up to support business applications," D-Wave CEO Alan Baratz told VentureBeat. "We engineered it to be able to deal with large, complex commercial applications and to be able to support the running of those applications in production environments. There is no other quantum computer anywhere in the world that can solve problems at the scale and complexity that this quantum computer can solve problems. It really is the only one that you can run real business applications on. The other quantum computers are primarily prototypes. You can do experimentation, run small proofs of concept, but none of them can support applications at the scale that we can." Quantum computing leverages qubits (unlike bits that can only be in a state of 0 or 1, qubits can also be in a superposition of the two) to perform computations that would be much more difficult, or simply not feasible, for a classical computer. Based in Burnaby, Canada, D-Wave was the first company to sell commercial quantum computers, which are built to use quantum annealing. But D-Wave doesn't sell quantum computers anymore. Advantage and its over 5,000 qubits (up from 2,000 in the company's 2000Q system) are only available via the cloud. (That means through Leap or a partner like Amazon Braket.)

Read more of this story at Slashdot.

The ideal blogging tool design would come from merging the publishing of WordPress with the interactivity of Facebook.

I don't mean the culture of either product. WordPress imho is too exclusive in its deployment. It should be easier. And without any FB-like algorithms.

You should be able to deploy it on your own. It should install as easily as an app on your iPhone. And you should have full control of hosting. Move whenever you want with no breakage. It should be as easy to port as it was to install.