Alaska, the state with the largest land mass in the nation, is leading the country in a critical coronavirus measure: per capita vaccinations per capita vaccinations. From a report: About 13 percent of the people who live in Alaska have already gotten a shot. That's higher than states such as West Virginia, which has received a lot of attention for a successful vaccine rollout and has inoculated 11 percent of its people. But the challenge for Alaska has been how to get vaccines to people across difficult, frigid terrain -- often in remote slivers of the state? "Boats, ferries, planes, snowmobiles -- Alaskans will find a way to get it there," said the state's chief medical officer, Anne Zink, 43. Alaskans are being vaccinated on fishing boats, inside 10-seater planes and on frozen landing strips. Doctors and nurses are taking white-knuckle trips to towns and villages across the state to ensure residents are protected from the coronavirus. Contributing to Alaska's quick speed in getting the vaccine to its residents is a federal partnership that allows the state, which has more than 200 indigenous tribes, to receive additional vaccines to distribute through the Indian Health Service.

Read more of this story at Slashdot.

Myanmar's new military government has ordered local telecom operators, internet gateways, and other internet service providers to block Twitter and Instagram in the South Asian country days after imposing a similar blackout on Facebook to ensure "stability" in the Southeast Asian nation. From a report: Norwegian telecom giant Telenor, which is one of the largest telecos in Myanmar, said the government has ordered ISPs to block Twitter and Instagram "until further notice." The directive has "legal basis in Myanmar's telecommunications law," Telenor said, but it is challenging the "necessity and proportionality of the directive in its response to Myanmar Ministry of Transport and Communications, and highlighted the directive's contradiction with international human rights law." [...] In a statement, a Twitter spokesperson told TechCrunch: "We're deeply concerned about the order to block Internet services in Myanmar. It undermines the public conversation and the rights of people to make their voices heard. The Open Internet is increasingly under threat around the world. We will continue to advocate to end destructive government-led shutdowns. We understand some people across the Asia-Pacific region may also be having trouble accessing Twitter, and we're working to fix it."

Read more of this story at Slashdot.

DDoS-for-hire services have found a way to abuse Plex Media servers to bounce junk traffic and amplify distributed denial of service (DDoS) attacks, security firm Netscout said in an alert this week. From a report: The company's alert warns owners of devices that ship with Plex Media Server, a web application for Windows, Mac, and Linux that's usually used for video or audio streaming and multimedia asset management. The app can be installed on regular web servers or usually ships with network-attached storage (NAS) systems, digital media players, or other types of multimedia-streaming IoT devices. Netscout says that when a server/device running a Plex Media Server app is booted and connected to a network, it will start a local scan for other compatible devices via the Simple Service Discovery Protocol (SSDP). The problem comes when a Plex Media Server discovers a local router that has SSDP support enabled. When this happens, the Plex Media Server will add a NAT forwarding rule to the router, exposing its Plex Media SSDP (PMSSDP) service directly on the internet on UDP port 32414. Since the SSDP protocol has been known for years to be a perfect vector to amplify the size of a DDoS attack, this makes Plex Media servers a juicy and untapped source of DDoS bots for DDoS-for-hire operations.

Read more of this story at Slashdot.

Google is exploring an alternative to Apple's new anti-tracking feature, the latest sign that the internet industry is slowly embracing user privacy, Bloomberg is reporting, citing people with knowledge of the matter. From the report: Internally, the search giant is discussing how it can limit data collection and cross-app tracking on the Android operating system in a way that is less stringent than Apple's solution, said the people, who asked not to be identified discussing private plans. Google is trying to balance the rising demands of privacy-conscious consumers with the financial needs of developers and advertisers. The Alphabet unit is seeking input from these stakeholders, similar to how it's slowly developing a new privacy standard for web browsing called the Privacy Sandbox. With more than $100 billion in annual digital ad sales, Google has a vested interest in helping partners to continue generating revenue by targeting ads to Android device users and measuring the performance of those marketing spots. "We're always looking for ways to work with developers to raise the bar on privacy while enabling a healthy, ad-supported app ecosystem," a Google spokesman said in a statement. [...] A Google solution is likely to be less strict and won't require a prompt to opt in to data tracking like Apple's, the people said. The exploration into an Android alternative to Apple's feature is still in the early stages, and Google hasn't decided when, or if, it will go ahead with the changes. On the iPhone, Google offers developers a framework so they can monetize their apps using Google ads. In a recent blog post, Google said Apple's ad-tracking update means developers "may see a significant impact" on their ad revenue. To keep advertisers happy while improving privacy, the discussions around Google's Android solution indicate that it could be similar to its planned Chrome web browser changes, the people said. Further reading: Google's iOS Apps Haven't Been Updated in Weeks. Could Apple's Privacy Labels Be the Reason? Facebook Warns Advertisers on Apple Privacy Changes Apple's Tim Cook Criticizes Social Media Practices, Intensifying Facebook Conflict Facebook Looks To Take its Fight With Apple To Court.

Read more of this story at Slashdot.

More than two dozen Dropbox employees say they've witnessed or experienced gender discrimination at the company, an investigation by news outlet VentureBeat has found. From a report: In December 2020, a source familiar with the matter sent VentureBeat a document containing anonymous interviews with 16 current and former Dropbox employees who allege gender discrimination at the cloud computing company. The report alleging discrimination began circulating internally after its author sent it to Dropbox employees throughout North America on December 9. Compiled by a former Dropbox researcher, the report was not commissioned by Dropbox executives and is strongly contested by the company. "When I first read the email, when the report was sent out, I started crying," Source 1, who said she had experienced discrimination with regard to promotion at Dropbox, told VentureBeat. "I was frustrated and almost livid that so many other people were experiencing it, too. I really hoped that my personal experience was a one-off, and it was jarring and really upsetting to see so many things that could have been my story." The subjects of the report alleging discrimination point to examples such as "changing standards for promotions, unequal compensation, being set back in their careers after maternity leave, and experiencing retribution when they take their cases to HR." The report also detailed instances of alleged harassment and demotion after employees filed a complaint with Dropbox HR or returned to work following maternity leave. Internal communications VentureBeat obtained indicate that more than a dozen Dropbox employees agreed with the report's conclusions.

Read more of this story at Slashdot.

Planned legislation to establish new business areas in Nevada would allow technology companies to effectively form separate local governments. From a report: Democratic Gov. Steve Sisolak announced a plan to launch so-called Innovation Zones in Nevada to jumpstart the state's economy by attracting technology firms, Las Vegas Review-Journal reported Wednesday. The zones would permit companies with large areas of land to form governments carrying the same authority as counties, including the ability to impose taxes, form school districts and courts and provide government services. The measure to further economic development with the "alternative form of local government" has not yet been introduced in the Legislature. Sisolak pitched the concept in his State of the State address delivered Jan. 19. The plan would bring in new businesses at the forefront of "groundbreaking technologies" without the use of tax abatements or other publicly funded incentive packages that previously helped Nevada attract companies like Tesla. Sisolak named Blockchains, LLC as a company that had committed to developing a "smart city" in an area east of Reno after the legislation has passed.

Read more of this story at Slashdot.

Nvidia is now requiring, not just encouraging, companies selling laptops with its new RTX 30-series graphics chips to be more transparent about the kind of power people can expect. From a report: Nvidia tells The Verge these companies will have to disclose specific clock speed stats and total graphics power on online product pages -- all of which tells people everything they need to know about a laptop's graphics potential, for better or worse. However, companies won't have to mention that these chips are Max-Q variants because, according to an Nvidia spokesperson, "Max-Q is no longer part of the GPU name." Rather, Max-Q is now solely used to communicate that a laptop with an RTX 30-series graphics chip ships with efficiency features like Whisper Mode 2, Dynamic Boost 2, and Advanced Optimus. Previously, seeing Max-Q branding made it easy to determine a laptop's general performance without having to know its specific clock speeds. It's encouraging to see Nvidia no longer allows companies to hide this vital information from marketing materials. It should go far enough in helping buyers make an educated purchase without having to wait on reviewers and early adopters to report on the specs.

Read more of this story at Slashdot.

The Democrats show what they do for the people when they have power. Let's hope they can market this for all it's worth. A few dollars spent now on marketing will equal many millions in the midterm campaign. This is a whole-of-party thing. Not just a whole-of-government thing.

Alok Sharma should resign unless plans for a deep coal mine in Cumbria are dropped, Lib Dems say.

Three Democratic U.S. senators introduced a bill that would limit Section 230, a law that shields online companies from liability over content posted by users, and make the companies more accountable when posts result in harm. From a report: Called the SAFE TECH Act, the bill would mark the latest effort to make social media companies like Alphabet's Google, Twitter and Facebook more accountable for "enabling cyber-stalking, targeted harassment, and discrimination on their platforms," Senators Mark Warner, Mazie Hirono and Amy Klobuchar said in a statement. In the wake of the Jan. 6 storming of the U.S. Capitol in Washington, lawmakers have been studying ways to hold Big Tech more accountable for the role they played in the spread of disinformation before the riot and about policing content on their platforms. The bill would make it clear that Section 230, which was enacted in 1996 as part of a law called the Communications Decency Act, does not apply to ads or other paid content, does not impair the enforcement of civil rights laws, and does not bar wrongful-death actions.

Read more of this story at Slashdot.

Threat actors have discovered they can abuse the Google Chrome sync feature to send commands to infected browsers and steal data from infected systems, bypassing traditional firewalls and other network defenses. From a report: For non-Chrome users, Chrome sync is a feature of the Chrome web browser that stores copies of a user's Chrome bookmarks, browsing history, passwords, and browser and extension settings on Google's cloud servers. The feature is used to sync these details between a user's different devices, so the user always has access to his most recent Chrome data wherever they go. Bojan Zdrnja, a Croatian security researcher, said on Thursday that during a recent incident response, he discovered that a malicious Chrome extension was abusing the Chrome sync feature as a way to communicate with a remote command and control (C&C) server and as a way to exfiltrate data from infected browsers. Zdrnja said that in the incident he investigated, attackers gained access to a victim's computer, but because the data they wanted to steal was inside an employee's portal, they downloaded a Chrome extension on the user's computer and loaded it via the browser's Developer Mode.

Read more of this story at Slashdot.

Maybe the proper amount of daily blog is "just enough."

It seems to me Clubhouse might be achieving the vision of Hypercamp. Made possible by the pandemic. I think maybe the pandemic will be something like a moon mission, it's forcing a kind of development that would have had to wait otherwise.

India is restoring 4G internet services in Jammu and Kashmir, a senior government official said Friday evening, 18 months after cutting internet access in the Muslim-majority state in an attempt to curb the spread of potential backlash over its decision to strip the region of its special status in August of 2019. From a report: Rohit Kansal, principal secretary of the Jammu and Kashmir government, said 4G internet services were being restored in the entire region. India lifted ban on internet and some social media services in two districts (of 20) of the state last year but maintained speed restrictions and time limits, after Supreme Court ruled last year that an indefinite shutdown of the internet in the state was unwarranted and demonstrated "abuse of power" by the Prime Minister Narendra Modi-led government. The internet ban in Jammu and Kashmir was by far the longest by any democracy.

Read more of this story at Slashdot.

Thanks to the braintrust, once again have figured it out. In the docs for PagePark we ask them to map port 80 requests to port 1339 using the iptables command. But the routing was only going one way. When an outside request was coming into the server. For requests made going out of the server, the same mapping must apply. And that fixed the problem. Now I have to update the docs.