An anonymous reader quotes a report from WTSP: hacker gained access to Oldsmar's water treatment plant, bumping the sodium hydroxide in the water to a "dangerous" level, according to Pinellas County's sheriff. In a press conference Monday, Sheriff Bob Gualtieri said his deputies, along with the FBI and U.S. Secret Service, are investigating the breach as it is unclear if it came from within the U.S. or from a foreign actor. The incident first occurred on Feb. 5 at the city's water treatment plant when, around 8 a.m., an operator noticed someone had remotely entered the computer system that he was monitoring. It's a system responsible for controlling the chemicals and other operations of the water treatment plant, Gualtieri said. And this time, Gualtieri says, the hacker did more than just remote in. According to the sheriff, the hacker spent up to five minutes in the system and adjusted the amount of sodium hydroxide in the water from 100 parts per million to 11,100. "This is obviously a significant and potentially dangerous increase. Sodium hydroxide, also known as lye, is the main ingredient in liquid drain cleaners," Gualtieri added. The operator immediately reduced the levels back to the appropriate amount and "at no time was there a significant adverse effect on the water being treated." Even if the operator did not notice the intrusion, the sheriff, Oldsmar Mayor Eric Seidel and City Manager Al Braithwaite all noted several fail-safes and alarm systems are in place to flag issues of this kind. Gualtieri reinforced that at no time was the public in danger.

Read more of this story at Slashdot.

Braintrust query: Let's write a simple JavaScript pre-processor!

Rust -- the programming language, not the survival game -- now has a new home: the Rust Foundation. From a report: AWS, Huawei, Google, Microsoft and Mozilla banded together to launch this new foundation today and put a two-year commitment to a million-dollar budget behind it. This budget will allow the project to "develop services, programs, and events that will support the Rust project maintainers in building the best possible Rust." Rust started as a side project inside of Mozilla to develop an alternative to C/C++. Designed by Mozilla Research's Graydon Hore, with contributions from the likes of JavaScript creator Brendan Eich, Rust became the core language for some of the fundamental features of the Firefox browser and its Gecko engine, as well as Mozilla's Servo engine. Today, Rust is the most-loved language among developers. But with Mozilla's layoffs in recent months, many on the Rust team lost jobs and the future of the language became unclear without a main sponsor, though the project itself has thousands of contributors and a lot of corporate users, so the language itself wasn't going anywhere.

Read more of this story at Slashdot.

Europe's antitrust chief, Margrethe Vestager, has warned Apple to give equal treatment to all apps on its platform amid the iPhone maker's privacy changes that have drawn charges of anti-competitive practices from rival Facebook. From a report: Apple will in the spring ask iPhone users for consent to track their data for personalized ads in what it says is a move to protect users' privacy but which will limit apps' ability to gather data from people's phones that can be used for targeted advertising. Facebook has been among the most vocal of the critics which stand to lose a substantial part of their revenue from Apple's move. Facebook in a December blog post called it anti-competitive behaviour, saying that Apple's own personalized ad platform would be exempt from the new requirement giving users a choice of whether to opt in to tracking by third parties. Vestager said while the issue is privacy-related, it can morph into an antitrust issue if Apple tilts the level playing field. "It can be competition if it is shown that Apple is not treating its own apps in the same way," she told Reuters in an interview on Monday.

Read more of this story at Slashdot.

Over the past several weeks, developer Kosta Eleftheriou has been highlighting many apparent scam applications on the App Store. The formula for each scam application is virtually identical, and it centers on fake reviews and ratings paired with a deceptive weekly subscription. From a report: Eleftheriou is the developer behind FlickType, a popular Apple Watch keyboard application that brings gesture typing to the wearable device. He was also one of the creators of the Flesky keyboard app, acquired by Pinterest, and Blind Type, acquired by Google. The thread began two weeks ago, when Eleftheriou began highlighting applications that were essentially non-functional ripoffs of FlickType. One of the most blatant ones was KeyWatch: "Just a few months ago, I was way ahead of my competition. By the time they figured out just how hard autocorrect algorithms were, I was already rolling out the swipe version of my keyboard, quickly approaching iPhone typing speeds. So how did they beat me? First, they made an app that appeared to fulfill the promise of a watch keyboard -- but was practically unusable. Then, they started heavily advertising on FB & Instagram, using my own promo video, of my own app, with my actual name on it." When users downloaded the app, the first screen was a blank interface with an "Unlock now" button. Tap the "Unlock now" button, and you'd be prompted with Apple's buy screen to confirm an $8/week subscription for an app that was nonfunctional.

Read more of this story at Slashdot.

Another reason the firing of McNeil was such a concern is this question: Would the 150 people at the NY use their power to cancel against the people they cover, for an infraction like McNeil's. Are we ready to accept that as a proper role of reporters at a news organization?

Facebook said on Monday that it plans to remove posts with erroneous claims about vaccines from across its platform, including taking down assertions that vaccines cause autism or that it is safer for people to contract Covid-19 than to receive the vaccinations. From a report: The social network has increasingly changed its content policies over the past year as the coronavirus has surged. In October, the social network prohibited people and companies from purchasing advertising that included false or misleading information about vaccines. In December, Facebook said it would remove posts with claims that had been debunked by the World Health Organization or government agencies. Monday's move goes further by targeting unpaid posts to the site and particularly Facebook pages and groups. Instead of targeting only misinformation around Covid vaccines, the update encompasses false claims around all vaccines. Facebook said it consulted with the World Health Organization and other leading health institutes to determine a list of false or misleading claims around Covid and vaccines in general. In the past, Facebook had said it would only "downrank," or push lower down in people's News Feeds, misleading or false claims about vaccines, making it more difficult to find such groups or posts. Now posts, pages and groups containing such falsehoods will be removed from the platform entirely. "Building trust and confidence in these vaccines is critical, so we're launching the largest worldwide campaign to help public health organizations share accurate information about Covid-19 vaccines and encourage people to get vaccinated as vaccines become available to them," Kang-Xing Jin, head of health at Facebook, said in a company blog post.

Read more of this story at Slashdot.

Part of program design is checking your assumptions. Sometimes things that conceptually seem like a lot of work, might not take a lot of time to run. A great example of this was in the early 00s, I wanted to add a feature to Radio UserLand that was eventually called upstreaming. It would watch a folder and mirror any changes to a server. That way you could maintain a website on your local hard disk. I had investigated ways to do it through the operating system, but it was too complicated, or not reliable, I don't remember why, but it wasn't feasible to use it. So I decided to write a bit of script code that watched the folder, the simple dumb way, to see what I was up against. To my surprise it took virtually no time to scan a large nested folder looking for changed files. It was something you could do every few seconds without a performance hit. The product shipped, thousands of people used it, upstreaming worked. I try to keep that in mind. Always check your assumptions.

I was asked why I care that the NYT fired Donald McNeil. It's pretty simple. We all have an interest in how journalism works. They like to say they're a essential part of democracy, but they try to work without any influence from the people in the democracy. How can that work? To really press the point, democracy is about the people, right? You can't be of democracy without being of the people. We have a role in this, and journalism hasn't embraced that, amazingly. So when they fire a great reporter who helps people, I, simply as a person and nothing more, have a stake in that, as does everyone who depends on good information from news orgs. And sure I care how 150 reporters at the NY Times feel, but I don't care abput them that much, compared to how much I care about the service McNeil was providing, and now may not be. Those 150 people are pure narcissists, with too much power. They should be servants. They really need a good kick in the ass. I hope that doesn't upset them too much.

Microsoft is working on adding a new security alert to the dashboard of Microsoft Defender for Office 365 (formerly Office 365 Advanced Threat Protection) that will notify companies when their employees are being targeted by nation-state threat actors. From a report: The feature was added on Saturday to the Microsoft 365 roadmap website. The idea behind the feature is not new. Since 2016, Microsoft began tracking nation-state hacking groups and the attacks they orchestrate against Microsoft email accounts. If a user is targeted or compromised in one of these attacks, Microsoft sends them an email about the attack, along with basic advice they need to take to re-secure their inbox and devices. Microsoft said in 2019 that it usually notifies around 10,000 users per year of nation-state attacks. But the problem with this notification procedure is that it relies on users reading their email and taking action, which doesn't always happen. Users don't read their emails daily, or it might sometimes take hours before the user reaches the notification in crowded inboxes, a time during which attackers could use to steal sensitive documents. For organizations who are customers of Microsoft's Office 365 service, the OS maker now plans to add these notifications inside the dashboard of Microsoft Defender for Office 365, the cloud-based security platform that scans a company's Office 365 accounts for threats.

Read more of this story at Slashdot.

The birds were found dead in southern Bolivia and there are fears they may have died from poisoning.

The Internet Archive: The Internet Archive has reached a new milestone: 2 million. That's how many modern books are now in its lending collection -- available free to the public to borrow at any time, even from home. "We are going strong," said Chris Freeland, a librarian at the Internet Archive and director of the Open Libraries program. "We are making books available that people need access to online, and our patrons are really invested. We are doing a library's work in the digital era." The lending collection is an encyclopedic mix of purchased books, ebooks, and donations from individuals, organizations, and institutions. It has been curated by Freeland and other librarians at the Internet Archive according to a prioritized wish list that has guided collection development. The collection has been purpose-built to reach a wide base of both public and academic library patrons, and to contain books that people want to read and access online -- titles that are widely held by libraries, cited in Wikipedia and frequently assigned on syllabi and course reading lists. "The Internet Archive is trying to achieve a collection reflective of great research and public libraries like the Boston Public Library," said Brewster Kahle, digital librarian and founder of the Internet Archive, who began building the diverse library more than 20 years ago. "Libraries from around the world have been contributing books so that we can make sure the digital generation has access to the best knowledge ever written," Kahle said. "These wide ranging collections include books curated by educators, librarians and individuals, that they see are critical to educating an informed populace at a time of massive disinformation and misinformation." The 2 million modern books are part of the Archive's larger collection of 28 million texts that include older books in the public domain, magazines, and documents. Beyond texts, millions of movies, television news programs, images, live music concerts, and other sound recordings are also available, as well as more than 500 billion web pages that have been archived by the Wayback Machine. Nearly 1.5 million unique patrons use the Internet Archive each day, and about 17,000 items are uploaded daily.

Read more of this story at Slashdot.

Mark Cuban is getting in on the audio and podcasting hype. From a report: Alongside co-founder Falon Fatemi, he's planning to launch Fireside, a "next-gen podcast platform" that facilitates live conversation, according to an email sent to possible creator partners seen by The Verge. The app idea is similar to the buzzy live audio startup Clubhouse, except with the ability to natively record conversations. A source close to Fireside says the app plans to launch publicly this year. Fatemi, who co-founded and sold the AI customer relations service Node, promises a platform where creators will be able to broadcast, record, and monetize conversations while using Fireside's built-in analytics tools to figure out what content performs best. The app, according to a now-expired engineer job posting, has raised a "multi-million dollar" seed round to get started. The source close to the company says creators will be offered various deals and ways to monetize, and the app won't let just anyone speak publicly. It'll be a highly curated experience.

Read more of this story at Slashdot.

Iran is running two surveillance operations in cyber-space, targeting more than 1,000 dissidents, according to a leading cyber-security company. From a report: The efforts were directed against individuals in Iran and 12 other countries, including the UK and US, Check Point said. It said the two groups involved were using new techniques to install spyware on targets' PCs and mobile devices. And this was then being used to steal call recordings and media files. One of the groups, known as Domestic Kitten or APT-50, is accused of tricking people into downloading malicious software on to mobile phones by a variety of means including: repackaging an existing version of an authentic video game found on the Google Play store, mimicking an app for a restaurant in Tehran, offering a fake mobile-security app, providing a compromised app that publishes articles from a local news agency, supplying an infected wallpaper app containing pro-Islamic State imagery, masquerading as an Android application store to download further software. The American-Israeli company's researchers documented 1,200 victims being targeted by the campaign, living in seven countries. There had been more than 600 successful infections, it said.

Read more of this story at Slashdot.