Linux Trace Toolkit Next Generation 2.13 Facilitates Quick Reaction To Kernel/User-s Slashdotby EditorDavid on opensource at January 1, 1970, 1:00 am (cached at August 7, 2021, 11:35 pm)

LTTng has been called "the killer app for system-level debugging and performance tuning." And now long-time Slashdot reader compudj writes: It's the official release of LTTng 2.13 — Nordicité! LTTng is a kernel and user-space tracer for Linux. The most notable features of this release are: - Event-rule matches condition triggers and new actions, allowing internal actions or external monitoring applications to quickly react when kernel or user-space instrumentation is hit - Notification payload capture, allowing external monitoring applications to read elements of the instrumentation payload when instrumentation is hit. - Instrumentation API: vtracef and vtracelog (LTTng-UST) - User space time namespace context (LTTng-UST and LTTng-modules).

Read more of this story at Slashdot.

Are the Ultra-Wealthy Renouncing US Citizenship to Avoid Taxes? Slashdotby EditorDavid on government at January 1, 1970, 1:00 am (cached at August 7, 2021, 11:05 pm)

"In 2017, it emerged that Silicon Valley billionaire Peter Thiel had been able to gain New Zealand citizenship six years earlier," reports the Associated Press, "despite never having lived in the country." Thiel was approved after a top lawmaker decided his entrepreneurial skills and philanthropy were valuable to the nation. Thiel didn't even have to leave California for the ceremony — he was granted citizenship during a private ceremony held at the New Zealand Consulate in Santa Monica. But he's not the only one, Axios reports. "A lot of people who take this drastic step are tech zillionaires: Eric Schmidt, the former Alphabet CEO, has applied to become a citizen of Cyprus..." The number of Americans who renounced their citizenship in favor of a foreign country hit an all-time high in 2020: 6,707, a 237% increase over 2019... The people who flee tend to be ultra-wealthy, and many of them are seeking to reduce their tax burden... Only the U.S. and Eritrea tax people based on citizenship rather than residency. For most countries, if you are a citizen but don't reside there, you aren't taxed in that country. The IRS publishes a quarterly list of the names of people who have renounced their citizenship or given up their green cards... But the Wall Street Journal discovered that the lists aren't up to date: A lot of people who were reported to have renounced citizenship in 2020 actually did so years earlier. Axios also points out that U.K. prime minister Boris Johnson was actually born in America, but only lived there as a small child, and subsequently renounced his U.S. citizenship.

Read more of this story at Slashdot.

[no title] Scripting News(cached at August 7, 2021, 11:02 pm)

I'm starting to get some concrete ideas on what to tag and what not to tag. In the piece about Rick and Morty, above, I tagged the name of the show. I did not tag the names of the shows I compared it to. In the post about the Olympics gold medal game, I tagged the Brooklyn Nets, because I have an issue with them, and that issue a pivotal reason I didn't love the US Olympic team as much as I would have if they were more of a team. The Nets aren't a team either, maybe they will at some point. We're going to keep watching them, so I think there's a reasonably good chance I'll write about them again and again in this same context. They're an ongoing thread on my blog. And I have an issue with the Olympics, so I tagged them too. I did not tag any of these things in this post, but I did tag tagging, because that's what this is about.
Researchers Discover Three-Way Cyberattack by Chinese Military Actors against Southe Slashdotby EditorDavid on china at January 1, 1970, 1:00 am (cached at August 7, 2021, 10:35 pm)

wiredmikey shares a report from SecurityWeek: Researchers have discovered three separate Chinese military affiliated advanced threat groups simultaneously targeting and compromising the same Southeast Asian telcos. The attack groups concerned are Soft Cell, Naikon, and a third group, possibly Emissary Panda (also known as APT27)... Cybereason released details of a triple-pronged attack by Chinese military-affiliated groups against cellular network providers in southeast Asia. Disturbingly, Yonatan Striem-Amit, CTO and co-founder of Cybereason, told SecurityWeek, "We discovered and have evidence that Chinese advanced groups have been using the Hafnium zero-days since at least 2017." Cellular networks are a prime target for nation states because they provide an excellent steppingstone to many other types of attack and different targets. "At this point," said Striem-Amit, "the attacks seem to be a stepping point for a major espionage campaign. We all carry a device in our pocket that knows where we are, where we have been, and who we are with...." The surprising feature, apart from their stealthy duration, is that three groups, all associated with the Chinese government and often sharing tactics, techniques and procedures, have attacked the same targets at the same time — and have even been seen on the same endpoints simultaneously. It is consequently unclear whether the groups were separately instructed to target telcos, or whether they were being guided from a single source within the Chinese military... The one thing that is clear is that telcos are a major target for China, and that it has had knowledge of and has used serious Exchange zero-day vulnerabilities for many years.

Read more of this story at Slashdot.

How a Security Researcher Took Over a Hotel's IoT Devices Slashdotby EditorDavid on security at January 1, 1970, 1:00 am (cached at August 7, 2021, 9:05 pm)

"The moment you network IoT and hand over control to third parties, you may also give individuals the keys to a digital kingdom — and the ability to cause mischief, or worse," writes ZDNet. For example, at a hotel where guests control the devices in their room with an iPod Touch... Speaking at Black Hat USA, Las Vegas, security consultant Kya Supa from LEXFO explained how a chain of security weaknesses were combined and exploited to gain control of rooms at a capsule hotel, a budget-friendly type of hotel offering extremely small — and, therefore, cozy — spaces to guests, who are stacked side-by-side... A neighbor, "Bob," kept waking Supa up by making loud phone calls in the early hours of the morning. While Bob had agreed to keep it down, he did not keep his promise — and the researcher set to work since he needed his sleep, especially during his vacation. The first thing Supa did was to explore his room, finding an emergency light installed for safety reasons; a Nasnos automaton center for use in controlling products in case the iPod Touch was lost; an electric motor used to manage the incline of the capsule's bed; and a Nasnos router, hidden in the wall. If you connected to the router via a smartphone, it was then possible to control other devices on the network, and this was the setup the hotel chose to use... Supa found that two networks were connected — the hotel Wi-Fi and the router. To retrieve the router key, Supa targeted WEP, a protocol that has been known to be weak for years. Access points, each being one of the bedrooms, were found. Supa inspected the traffic and found weak credentials in place — "123" — and you can guess the rest... By using an Android smartphone, the iPod Touch, and a laptop, the researcher created a Man-in-The-Middle (MiTM) architecture and inspected the network traffic. No encryption was found and he created a simple program to tamper with these connections, allowing the researcher to seize control of his bedroom through his laptop... Now that he could "control every bedroom," and Bob was still there, Supa then tampered with the lights of different bedrooms until he found the right one. He created a script that, every two hours, would change the bed into a sofa and turn the lights on and off. The script was launched at midnight. We can probably assume Bob did not enjoy his stay. "I hope he will be more respectful in the future," Supa commented.

Read more of this story at Slashdot.

US Developer's Workstation Exposed State Department's Network Data, Researchers Find Slashdotby EditorDavid on usa at January 1, 1970, 1:00 am (cached at August 7, 2021, 7:35 pm)

Long-time Slashdot reader chicksdaddy writes: Sensitive systems and data for the U.S. Department of State could have been exposed by a third party development workstation running the eXide software, according to researchers for the hacking crew Sakura Samurai. According to a report in Forbes, the researchers took advantage of a new State Department Vulnerability Disclosure Program to look for security flaws in one of 8 wild-carded State Department domains included in the program. Using automated tools to do reconnaissance on one of the subdomains the State Department had included in its VDP, researcher Jackson Henry discovered a vulnerable workstation running the open source, web based eXide IDE. It was linked to a third party doing work for the State Department and contained a number of serious security holes including Cross Site Scripting (XSS), Remote File Inclusion (RFI), and Server Side Request Forgery (SSRF) flaws. All are powerful weapons in the hands of a sophisticated cyber adversary. After reporting their findings to the State Department on April 27th, researcher Jackson Henry and Sakura Samurai received acknowledgement of their report on April 29th. The vulnerable endpoint in question was taken offline by the State Department by May 13th. Henry and Sakura Samurai then began working with the State Department on public disclosure of the vulnerabilities, while also communicating with the developers responsible for the open source project to get the flaws fixed, according to communications shared with Forbes. The discovery of flaws buried in an open source development tool underscores the risks that federal agencies face as more and more government business shifts to the web. "The State Department can't audit every open source package it uses," Henry said. "That's why the VDP is such a big thing (and) a step in the right direction." It is also an endorsement of the benefits of a quiet security revolution within the federal government in recent months, as agencies have responded to Binding Operational Directive 20-01, a new requirement from the CISA, the Cybersecurity and Infrastructure Security Agency, that Executive Branch agencies publish and maintain public vulnerability disclosure programs, or VDPs — a kind of front door for bug hunters and "white hat" cybersecurity professionals.

Read more of this story at Slashdot.

NASA's Mars Rover Fails to Collect Its First Sample Slashdotby EditorDavid on mars at January 1, 1970, 1:00 am (cached at August 7, 2021, 7:05 pm)

Friday the Perseverance rover on Mars made its first attempt to collect a rock sample and seal it in a tube, reports NASA. But unfortunately, the data "indicate that no rock was collected during the initial sampling activity..." "The sampling process is autonomous from beginning to end," said Jessica Samuels, the surface mission manager for Perseverance at NASA's Jet Propulsion Laboratory in Southern California. "One of the steps that occurs after placing a probe into the collection tube is to measure the volume of the sample. The probe did not encounter the expected resistance that would be there if a sample were inside the tube." The Perseverance mission is assembling a response team to analyze the data. One early step will be to use the WATSON (Wide Angle Topographic Sensor for Operations and eNgineering) imager - located at the end of the robotic arm - to take close-up pictures of the borehole. Once the team has a better understanding of what happened, it will be able to ascertain when to schedule the next sample collection attempt. "The initial thinking is that the empty tube is more likely a result of the rock target not reacting the way we expected during coring, and less likely a hardware issue with the Sampling and Caching System," said Jennifer Trosper, project manager for Perseverance at JPL "Mars keeps surprising us," adds the rover's Twitter feed. "We're working through this new challenge. More to come." Space.com points out this wasn't a make-or-break moment for the rover, since it's still carrying 42 more sampling tubes. And the plan has always been to leave the sample tubes on the surface of Mars, where they'll be retrieved later by future Mars missions.

Read more of this story at Slashdot.

[no title] Scripting News(cached at August 7, 2021, 6:03 pm)

Rick and Morty -- one of the best TV series ever. It had barely registered with me until about a week ago, when I, in a fit of boredom, decided to give it a try. I was hooked almost from the beginning. Rick, Morty's grandfather, has spent his life exploring the universe, and has a really depraved sense of everything, but he also loves to party. Morty, who is high school age, sort of puts up with Rick, and he always has issues with him. Every episode has at least a couple of really novel and funny scifi themes involving alien civilizations who are truly weird, and horrible situations Rick gets them into. It's like a lot of sitcoms, the Honeymooners for example, where Rick is Ralph Cramden and Morty is Ed Norton. Or I Love Lucy where Rick is Lucy and Morty is Ethel Mertz. Or Breaking Bad where Rick is Walter White and Morty is Jesse Pinkman. It is LOL funny almost every episode. The people who do this show are off the scale creative. How do they keep thinking up these things? So perverse, sexual, vain, moronic, pathetic, mean, evil, pointless -- all the funniest crazy things we laugh at humanity over. I'm just through season 2, there are five seasons. Archive is on HBO and other places. Season 5 is on Adult Swim.
ElasticSearch Keeps Fighting Open Source Fork by Amazon AWS Slashdotby EditorDavid on opensource at January 1, 1970, 1:00 am (cached at August 7, 2021, 5:35 pm)

In January ElasticSearch made what it calls "an incredibly hard decision" — to change the licensing on its scalable data-search solution. They called this an effort to "stand up to" Amazon's AWS for offering ElasticSearch functionality as a service "without collaborating with us... after years of what we believe to be Amazon/AWS misleading and confusing the community." Amazon then forked ElasticSearch, releasing a new "OpenSearch" product under the original Apache 2.0 licensing. Last month AWS's fork reached General Availability/1.0 status. Now Mike Melanson's "This Week in Programming" column reports that ElasticSearch is "making further attempts at closing off access to ElasticSearch and shutting out AWS — while AWS is fighting back: AWS says that "OpenSearch aims to provide wire compatibility with open source distributions of Elasticsearch 7.10.2, the software from which it was derived," making it easy to migrate to OpenSearch. While Elastic can't do anything about that, they can make changes to some open source client libraries that are commonly used. "Over the past few weeks, Elastic added new logic to several of these clients that rejects connections to OpenSearch clusters or to clusters running open source distributions of Elasticsearch 7, even those provided by Elastic themselves," AWS writes. "While the client libraries remain open source, they now only let applications connect to Elastic's commercial offerings..." AWS is again coming out as the savior of open source in this scenario, it would seem, this time promising to offer "a set of new open source clients that make it easy to connect applications to any OpenSearch or Elasticsearch cluster" that "will be derived from the last compatible versions of corresponding Elastic-maintained clients before product checks were added." "In the spirit of openness and interoperability, we will make reasonable efforts to maintain compatibility with all Elasticsearch distributions, even those produced by Elastic," they write. In the meantime, while the OpenSearch community works on creating the replacement libraries, AWS recommends that users do not update to the latest version of any Elastic-maintained clients, lest their applications potentially cease functioning. "It's disappointing to see this," reads a comment (upvoted 35 times) on the ElasticSearch repository announcing the change in late June. "You're forcing us as bystanders in a battle to choose sides." And Amazon responded with its own take on the situation in their AWS press release this week. "Our experience at AWS is that developers find it painful to update their already-deployed applications to use new versions of server software, so backward compatibility for clients and APIs weighs heavily in our designs..." The press release also calls ElasticSearch's changes "disruptive," adding "The most broadly adopted open source projects generally emphasize flexibility, inclusion, and avoidance of lock-in..."

Read more of this story at Slashdot.

[no title] Scripting News(cached at August 7, 2021, 5:03 pm)

I got to watch the second half of last night's gold medal game between France and the US. Something strange happened, almost immediately I was rooting for France, because the USA team reminded me of the Brooklyn Nets. A team formed quickly with star NBA players for the sole purpose of winning a championship. The French team, on the other hand, while they had a star or two from the NBA, and a future and former Knick, practiced together for quite some time, and had the fluidity that comes from being a team. The American all-stars did not. But they did have Kevin Durant, and that made the difference. He is an awesome talent, maybe the best to ever play the game, certainly in the top ten. And the USA did win, and I can't say I'm sad about that, because I'm a nephew of Uncle Sam, but I did like the spirit of the French team, and I would have been happy if they won. I am not a fan of the Olympics. I think they are playing for NBC and their advertisers, and I also think they should have one great venue for summer and winter, and stop all the waste. We have to change the way we run our civilization, or we won't have a civilization.
A Critical Ocean System May Be Heading For Collapse Due to Climate Change Slashdotby EditorDavid on earth at January 1, 1970, 1:00 am (cached at August 7, 2021, 4:35 pm)

The Washington Post reports: Human-caused warming has led to an "almost complete loss of stability" in the system that drives Atlantic Ocean currents, a new study has found — raising the worrying prospect that this critical aquatic "conveyer belt" could be close to collapse. In recent years, scientists have warned about a weakening of the Atlantic Meridional Overturning Circulation (AMOC), which transports warm, salty water from the tropics to northern Europe and then sends colder water back south along the ocean floor. Researchers who study ancient climate change have also uncovered evidence that the AMOC can turn off abruptly, causing wild temperature swings and other dramatic shifts in global weather systems. Scientists haven't directly observed the AMOC slowing down. But the new analysis, published Thursday in the journal Nature Climate Change, draws on more than a century of ocean temperature and salinity data to show significant changes in eight indirect measures of the circulation's strength. These indicators suggest that the AMOC is running out of steam, making it more susceptible to disruptions that might knock it out of equilibrium, says study author Niklas Boers, a researcher at the Potsdam Institute for Climate Impact Science in Germany. If the circulation shuts down, it could bring extreme cold to Europe and parts of North America, raise sea levels along the east coast of the United States and disrupt seasonal monsoons that provide water to much of the world. "This is an increase in understanding . . . of how close to a tipping point the AMOC might already be," said Levke Caesar, a climate physicist at Maynooth University who was not involved in the study. Boers' analysis doesn't suggest exactly when the switch might happen. But "the mere possibility that the AMOC tipping point is close should be motivation enough for us to take countermeasures," Caesar said. "The consequences of a collapse would likely be far-reaching..." The new analysis suggests "the critical threshold is most likely much closer than we would have expected," Boers said... [T]he apparent consequences of the AMOC slowing are already being felt. A persistent "cold blob" in the ocean south of Greenland is thought to result from less warm water reaching that region. The lagging Gulf Stream has caused exceptionally high sea level rise along the east coast of the United States. Key fisheries have been upended by the rapid temperature swings, and beloved species are struggling to cope with the changes. If the AMOC does completely shut down, the change would be irreversible in human lifetimes, Boers said. The "bi-stable" nature of the phenomenon means it will find new equilibrium in its "off" state. Turning it back on would require a shift in the climate far greater than the changes that triggered the shutdown. "It's one of those events that should not happen, and we should try all that we can to reduce greenhouse gas emissions as quickly as possible," Boers said. "This is a system we don't want to mess with."

Read more of this story at Slashdot.

Synthetic Brain Cells That Store 'Memories' Are Possible, New Model Reveals Slashdotby BeauHD on storage at January 1, 1970, 1:00 am (cached at August 7, 2021, 3:05 pm)

An anonymous reader quotes a report from Live Science: Scientists have created key parts of synthetic brain cells that can hold cellular "memories" for milliseconds. The achievement could one day lead to computers that work like the human brain. In the new study, published in the journal Science on Aug. 6, researchers at the Centre national de la recherche scientifique in Paris, France created a computer model of artificial neurons that could produce the same sort of electrical signals neurons use to transfer information in the brain; by sending ions through thin channels of water to mimic real ion channels, the researchers could produce these electrical spikes. And now, they have even created a physical model incorporating these channels as part of unpublished, ongoing research. At a finer level, the researchers created a system that mimics the process of generating action potentials -- spikes in electrical activity generated by neurons that are the basis of brain activity. To generate an action potential, a neuron starts to let in more positive ions, which are attracted to the negative ions inside of the cell. The electrical potential, or voltage across the cell membrane, causes doorways on the cell called voltage-gated ion channels to open, raising the charge even more before the cell reaches a peak and returns to normal a few milliseconds later. The signal is then transmitted to other cells, enabling information to travel in the brain. To mimic voltage-gated ion channels, the researchers modeled a thin layer of water between sheets of graphene, which are extremely thin sheets of carbon. The water layers in the simulations were one, two, or three molecules in depth, which the researchers characterized as a quasi-two-dimension slit. [T]he researchers wanted to use this two-dimensional environment because particles tend to react much more strongly in two dimensions than in three, and they exhibit different properties in two dimensions, which the researchers thought might be useful for their experiment. Testing out the model in a computer simulation, the researchers found that when they applied an electric field to the channel, the ions in the water formed worm-like structures. As the team applied a greater electric field in the simulation, these structures would break up slowly enough to leave behind a "memory," or a hint of the elongated configuration. When the researchers ran a simulation linking two channels and other components to mimic the behavior of a neuron, they found the model could generate spikes in electrical activity like action potentials, and that it "remembered" consistent properties in two different states -- one where ions conducted more electricity and one where they conducted less. In this simulation, the "memory" of the previous state of the ions lasted a few milliseconds, around the same time as it takes real neurons to produce an action potential and return to a resting state. This is quite a long time for ions, which usually operate on timescales of nanoseconds or less. In a real neuron, an action potential equates to a cellular memory in the neuron; our brains use the opening and closing of ion channels to create this kind of memory. The new model is a version of an electronic component called a memristor, or a memory resistor, which has the unique property of retaining information from its history. But existing memristors don't use liquid, as the brain does.

Read more of this story at Slashdot.

The activist entrepreneurs running zero-waste shops BBC News | Science/Nature | UK Edition(cached at August 7, 2021, 1:30 pm)

Environmentally conscious entrepreneurs explain the movement towards zero-waste lifestyles.
Mayflower 400 years: How many people are related to the Mayflower pilgrims? BBC News | Science/Nature | UK Edition(cached at August 7, 2021, 1:00 pm)

For some, the17th century "pilgrim fathers" are also real-life ancestors. But for how many?
Virgin Galactic Says Trips To Space Aboard Its Rocket Plane Will Start At $450,000 P Slashdotby BeauHD on space at January 1, 1970, 1:00 am (cached at August 7, 2021, 12:35 pm)

After a successful sub-orbital test flight last month, Virgin Galactic re-opened ticket sales for rides to space starting at $450,000 per seat. CBS News reports: But Michael Colglazier, CEO of Virgin Galactic, said fully commercial flights are not expected until the third quarter of 2022, after two more test flights of the company's VSS Unity spaceplane and extensive upgrades of Virgin's Eve carrier jet to improve durability and turnaround times between flights. While the start of commercial operations will come a few months later than had been hoped, the results of two piloted test flights earlier this year, including Branson's July 11 trip to space, show the company is close to "completing our test flight program and launching commercial passenger service in '22," Colglazier said. "And as we advance towards that goal, we are excited to announce today that we will immediately open ticket sales to our significant list of early hand raisers, prioritizing our spacefarer community who, as promised, will be given first opportunity to reserve their place to space." He said Virgin has developed a "purposeful range of product offerings in order to satisfy the different ways people were want to share this experience." "For the private astronaut flights, our products will include a single seat, a multi-seat couples, families and friends package and a full-flight buyout," he said. "Prices for this next phase of private astronaut sales will begin at $450,000 per seat. Microgravity research and professional astronaut training flights remain priced at $600,000 on a per seat equivalent basis." More than 600 space enthusiasts made down payments on flights much earlier in the program, back when tickets were thought to be in the neighborhood of $250,000 per seat. The prices announced Thursday presumably will apply to new customers only.

Read more of this story at Slashdot.