Today, Blue Origin revealed that it will be selling the first tickets for rides on its space tourism rocket called New Shepard. According to CNBC, the first ticket (or tickets?) will go on sale starting next week, on Wednesday, May 5. From the report: Blue Origin did not reveal how much tickets will cost, only saying that more details will come on May 5 to those who submit their name and email on a form on the company's website. "Sign up to learn how you can buy the very first seat on New Shepard," according to the company's website. The announcement's video features Bezos going out to the capsule of New Shepard after the company's test flight earlier this month. It shows him driving across the Texas desert, the remote location of the New Shepard launch facility -- notably at the wheel of a Rivian R1T electric truck, which is emblazoned with Blue Origin's signature feather. New Shepard is designed to carrying as many as six people at a time on a ride past the edge of space, with the capsules on previous test flights reaching an altitude of more than 340,000 feet (or more than 100 km). The capsule, which has massive windows to give passengers a view, spends as much as 10 minutes in zero gravity before returning to Earth. The rocket launches vertically, with the booster detaching and returning to land at a concrete pad nearby. The capsule's return is slowed down by a set of parachutes, before softly landing in the desert.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: The IRS is looking for help to break into cryptocurrency hardware wallets, according to a document posted on the agency website in March of this year. Many cryptocurrency investors store their cryptographic keys, which confer ownership of their funds, with the exchange they use to transact or on a personal device. Some folks, however, want a little more security and use hardware wallets -- small physical drives which store a user's keys securely, unconnected to the internet. The law enforcement arm of the tax agency, IRS Criminal Investigation, and more specifically its Digital Forensic Unit, is now asking contractors to come up with solutions to hack into cryptowallets that could be of interest in investigations, the document states. "The decentralization and anonymity provided by cryptocurrencies has fostered an environment for the storage and exchange of something of value, outside of the traditional purview of law enforcement and regulatory organizations," the document reads. "There is a portion of this cryptographic puzzle that continues to elude organizations -- millions, perhaps even billions of dollars, exist within cryptowallets." The security of hardware wallets presents a problem for investigators. The document states that agencies may be in possession of a hardware wallet as part of a case, but may not be able to access it if the suspect does not comply. This means that authorities cannot effectively "investigate the movement of currencies" and it may "prevent the forfeiture and recovery" of the funds. "The explicit outcome of this contract is to tame the cybersecurity research into measured, repeatable, consistent digital forensics processes that can be trained and followed in a digital forensics' laboratory," the document says.

Read more of this story at Slashdot.

Facebook has joined the Rust Foundation, the organization driving the Rust programming language, alongside Amazon Web Services, Google, Huawei, Microsoft, and Mozilla. From a report: Facebook is the latest tech giant to ramp up its adoption of Rust, a language initially developed by Mozilla that's become popular for systems programming because of its memory safety guarantees compared to fast languages C and C++. Rust is appealing for writing components like drivers and compilers. The Rust Foundation was established in February with initial backing from Amazon Web Services, Google, Huawei, Microsoft, and Mozilla. Microsoft is exploring Rust for some components of Windows and Azure while Google is using Rust to build new parts of the Android operating system and supporting an effort to bring Rust to the Linux kernel. Facebook's engineering team has now detailed its use of Rust beginning in 2016, a year after Rust reached its 1.0 milestone. "For developers, Rust offers the performance of older languages like C++ with a heavier focus on code safety. Today, there are hundreds of developers at Facebook writing millions of lines of Rust code," Facebook's software engineering team said.

Read more of this story at Slashdot.

The European Parliament approved a new law on terrorist content takedowns yesterday, paving the way for one-hour removals to become the legal standard across the EU. From a report: The regulation "addressing the dissemination of terrorist content online" will come into force shortly after publication in the EU's Official Journal -- and start applying 12 months after that. The incoming regime means providers serving users in the region must act on terrorist content removal notices from Member State authorities within one hour of receipt, or else provide an explanation why they have been unable to do so. There are exceptions for educational, research, artistic and journalistic work -- with lawmakers aiming to target terrorism propaganda being spread on online platforms like social media sites. The types of content they want speedily removed under this regime includes material that incites, solicits or contributes to terrorist offences; provides instructions for such offences; or solicits people to participate in a terrorist group. Material posted online that provides guidance on how to make and use explosives, firearms or other weapons for terrorist purposes is also in scope. However concerns have been raised over the impact on online freedom of expression -- including if platforms use content filters to shrink their risk, given the tight turnaround times required for removals.

Read more of this story at Slashdot.

tsu doh nimh writes: Big-three consumer credit bureau Experian just fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address, KrebsOnSecurity has learned. Experian says it has plugged the data leak, but the researcher who reported the finding says he fears the same weakness may be present at countless other lending websites that work with the credit bureau. Bill Demirkapi, an independent security researcher who's currently a sophomore at the Rochester Institute of Technology, said he discovered the data exposure while shopping around for student loan vendors online. Demirkapi encountered one lender's site that offered to check his loan eligibility by entering his name, address and date of birth. Peering at the code behind this lookup page, he was able to see it invoked an Experian Application Programming Interface or API -- a capability that allows lenders to automate queries for FICO credit scores from the credit bureau. "No one should be able to perform an Experian credit check with only publicly available information," Demirkapi said. "Experian should mandate non-public information for promotional inquiries, otherwise an attacker who found a single vulnerability in a vendor could easily abuse Experian's system." Demirkapi found the Experian API could be accessed directly without any sort of authentication, and that entering all zeros in the "date of birth" field let him then pull a person's credit score. He even built a handy command-line tool to automate the lookups, which he dubbed "Bill's Cool Credit Score Lookup Utility."

Read more of this story at Slashdot.

President Joe Biden's top labor official said Thursday that most gig workers in the United States should be classified as "employees" deserving of related benefits, in what could be a policy shift that is likely to raise costs for companies that depend on contractors such as Uber and Lyft and impact millions of workers. From a report: Shares of Uber fell as much as 8 percent while Lyft dived as much as 12 percent. Doordash fell nearly 9 percent and Grubhub was down 3.3 percent. Labor Secretary Marty Walsh, a son of Irish immigrants and a former union member, has been expected to boost President Biden's efforts to expand workers' protections and deliver a win for the country's organized labor movement. "We are looking at it but in a lot of cases gig workers should be classified as employees... in some cases they are treated respectfully and in some cases they are not and I think it has to be consistent across the board," Walsh told Reuters in an interview, expressing his view on the topic for the first time. "These companies are making profits and revenue and I'm not (going to) begrudge anyone for that because that's what we are about in America... but we also want to make sure that success trickles down to the worker," he said.

Read more of this story at Slashdot.

I'd love to hear a real explanation of why they won't release the patents for the vaccines. In plain English. No hemming or hawing.

NYC is opening 100% on July 1. I wonder if they're aware what's happening in India. I don't see the US as disconnected, at all.

China is poised to report its first population decline in five decades following a once-in-a-decade census, the Financial Times newspaper said, citing sources familiar with the matter. Reuters: A population drop will add pressure on Beijing to roll out measures to encourage couples to have more children and avert an irreversible decline. The National Bureau of Statistics (NBS), which is due to release the results of the census conducted late last year in early April, did not immediately respond to a Reuters request for comment. The population figure is very sensitive and will not be published until government departments have a consensus on the data and its implications, the Financial Times added on Tuesday, citing its sources. "If China confirms such a decline, it would be a big deal," said Zhiwei Zhang, the Shenzhen-based chief economist at Pinpoint Asset Management. "The consensus expects China's population to peak at 2027, based on the projection made by the United Nations. This would be much earlier than the market and policy makers expected."

Read more of this story at Slashdot.

destinyland writes: LWN has a terrific update what's happened since the discovery of University of Minnesota researchers intentionally submitting buggy code to the Linux kernel: The writing of a paper on this research [PDF] was not the immediate cause of the recent events; instead, it was the posting of a buggy patch originating from an experimental static-analysis tool run by another developer at UMN. That led developers in the kernel community to suspect that the effort to submit intentionally malicious patches was still ongoing. Since then, it has become apparent that this is not the case, but by the time the full story became clear, the discussion was already running at full speed. The old saying still holds true: one should not attribute to malice that which can be adequately explained by incompetence. On April 22, a brief statement was issued by the Linux Foundation technical advisory board (TAB) stating that, among other things, the recent patches appeared to have been submitted in good faith. Meanwhile, the Linux Foundation and the TAB sent a letter to the UMN researchers outlining how the situation should be addressed; that letter has not been publicly posted, but ZDNet apparently got a copy from somewhere. Among other things, the letter asked for a complete disclosure of the buggy patches sent as part of the UMN project and the withdrawal of the paper resulting from this work. In response, the UMN researchers posted an open letter apologizing to the community, followed a few days later by a summary of the work they did [PDF] as part of the "hypocrite commits" project. Five patches were submitted overall from two sock-puppet accounts, but one of those was an ordinary bug fix that was sent from the wrong account by mistake. Of the remaining four, one of them was an attempt to insert a bug that was, itself, buggy, so the patch was actually valid; the other three (1, 2, 3) contained real bugs. None of those three were accepted by maintainers, though the reasons for rejection were not always the bugs in question. The paper itself has been withdrawn and will not be presented in May as was planned... One of the first things that happened when this whole affair exploded was the posting by Greg Kroah-Hartman of a 190-part patch series reverting as many patches from UMN as he could find... As it happens, these "easy reverts" also needed manual review; once the initial anger passed there was little desire to revert patches that were not actually buggy. That review process has been ongoing over the course of the last week and has involved the efforts of a number of developers. Most of the suspect patches have turned out to be acceptable, if not great, and have been removed from the revert list; if your editor's count is correct, 42 patches are still set to be pulled out of the kernel... A look at the full set of UMN patches reinforces some early impressions, though. First is that almost all of them do address some sort of real (if obscure and hard to hit) problem...

Read more of this story at Slashdot.

Plans for 3D-printed, self-assembled "ghost guns" can be posted online without U.S. State Department approval, a federal appeals court ruled Tuesday. From a report: A divided panel of the 9th U.S. Circuit Court of Appeals in San Francisco reinstated a Trump administration order that permitted removal of the guns from the State Department's Munitions List. Listed weapons need State Department approval for export. In 2015, federal courts applied the requirement to weapons posted online and intended for production on 3D printers, the San Francisco Chronicle reported. However, three years later the State Department under then-President Donald Trump settled a lawsuit by a 3D gun company and ordered their removal. California, 21 other states and the District of Columbia sued and a federal judge in Seattle issued an injunction last year, saying that posting the designs without restrictions could put unregistered weapons into the hands of terrorists. In overturning the injunction, the appellate panel found 2-1 that a 1989 federal law prohibits courts from overruling the State Department's decision to add or remove a weapon from the Munitions List, the Chronicle reported.

Read more of this story at Slashdot.

Instacart is increasing the number of stores where it accepts online payments for Supplemental Nutrition Assistance Program participants, moving the online grocery delivery giant into competition with Amazon.com and Walmart for a growing pool of consumers using federal assistance to buy food online. From a report: The San Francisco-based startup is partnering with three retailers, Publix Super Markets, The Save Mart Companies and Golub's Price Chopper/Market 32, to allow Electronic Benefits Transfer (EBT) payments in more than 1,500 additional U.S. stores. The expansion is about a 60% increase in availability for SNAP online purchasing through Instacart, which began in October with a partnership with ALDI. Food-stamp recipients will be able to order same-day delivery or pickup through the Instacart website and mobile app in more than 4,000 stores across 38 states and Washington D.C.

Read more of this story at Slashdot.

Microsoft is shaking up the world of PC gaming today with a big cut to the amount of revenue it takes from games on Windows. From a report: The software giant is reducing its cut from 30 percent to just 12 percent from August 1st, in a clear bid to compete with Steam and entice developers and studios to bring more PC games to its Microsoft Store. "Game developers are at the heart of bringing great games to our players, and we want them to find success on our platforms," says Matt Booty, head of Xbox Game Studios at Microsoft. "A clear, no-strings-attached revenue share means developers can bring more games to more players and find greater commercial success from doing so." These changes will only affect PC games and not Xbox console games in Microsoft's store. While Microsoft hasn't explained why it's not reducing the 30 percent it takes on Xbox game sales, it's likely because the console business model is entirely different to PC. Microsoft, Sony, and Nintendo subsidize hardware to make consoles more affordable, and offer marketing deals in return for a 30 percent cut on software sales. Microsoft's new reduction on the PC side is significant, and it matches the same revenue split that Epic Games offers PC game developers while also putting more pressure on Valve to reduce its Steam store cut. Valve still takes a 30 percent cut on sales in its Steam store, which is reduced to 25 percent when sales hit $10 million, and then 20 percent for every sale after $50 million.

Read more of this story at Slashdot.

A port of Frontier to Linux really has to be in C.

Cybersecurity experts, law enforcement agencies and governments urged the White House to root out safe havens for criminals engaging in ransomware and step up regulation of cryptocurrencies, the lifeblood of hackers, in the hopes of controlling a growing wave of attacks. From a report: These are two of 48 recommendations made by a task force in a report Thursday to the Biden administration aimed at fighting the continuing ransomware episodes that plague major corporations, local governments and health-care providers across the world. The task force, organized by the Institute for Security and Technology, said the cyber-attacks have become a $350 million criminal industry -- a four-fold increase from the previous year. Last week, the U.S. Justice Department created its own, independent ransomware task force, signaling growing awareness inside the U.S. government of the now decade-old threat. Ransomware is a type of malicious code that typically encrypts a victim's data or network of computers. The hackers then demand a ransom to decrypt the information. More recently, ransomware gangs have also stolen data and threatened to make it public unless the victim pays a fee.

Read more of this story at Slashdot.