SoylentNews

looorg writes:

Scientists have re-calculate when the universe will end and it's a lot sooner than previously expected.

"sooner" still means a mind-bending 10 to the power of 78 years from now. That is a 1 followed by 78 zeros, which is unimaginably far into the future. However, in cosmic terms, this estimate is a dramatic advancement from the previous prediction of 10 to the power of 1,100 years, made by Falcke and his team in 2023.

Lets hope the next predictions does not come with the same results. The logarithmic end of time.

https://www.space.com/astronomy/scientists-calculate-when-the-universe-will-end-its-sooner-than-expected

Original Submission

M&S Forces Customer Password Resets After Data Breach

upstart writes:

M&S forces customer password resets after data breach:

Marks and Spencer (M&S) has confirmed that customer data was stolen during the Easter DragonForce ransomware attack on its server infrastructure and will be prompting all online customers to reset their account passwords as a precautionary move.

The attack unfolded three weeks ago and is thought to have been the work of a white-label affiliate of DragonForce – possibly the notorious Scattered Spider operation, which uses social engineering tactics to conduct its intrusions.

The stolen tranche of data is understood to include contact details email addresses, postal addresses and phone numbers; personal information including names and dates of birth; and data on customer interactions with the chain, including online order histories, household information, and 'masked' payment card details.

M&S added that customer reference numbers, but not payment information, belonging to holders of M&S credit cards or Sparks Pay cards – including former cardholders – may also have been taken.

"We have written to customers today to let them know that unfortunately, some personal customer information has been taken," said M&S chief exec Stuart Machin.

"Importantly there is no evidence that the information has been shared and it does not include useable card or payment details, or account passwords, so there is no need for customers to take any action."

[...] NordVPN chief technology officer, Marijus Briedis, described M&S' assertion that the attackers have not yet leaked or shared the stolen data was "overly optimistic" under the circumstances and warned that even if passwords or credit card details were not exposed, the data that was taken was still very useful to cyber criminals.

"This type of data can be used in phishing campaigns or combined with other leaked information to commit identity theft," explained Briedis.

"Consumers often underestimate how damaging 'harmless' data like order history or email addresses can be in the wrong hands. These M&S hackers could use this data to build highly personalised phishing emails, designed to look identical to what the retailer would send, and these are much harder to spot.

"This breach highlights how companies must not only secure financial data, but also treat seemingly less sensitive information – like customer profiles and purchase records – as critical assets that require protection."

Arthur T Knackerbracket has processed the following story:

Police and federal agencies have found a controversial new way to skirt the growing patchwork of laws that curb how they use facial recognition: an AI model that can track people using attributes like body size, gender, hair color and style, clothing, and accessories. 

The tool, called Track and built by the video analytics company Veritone, is used by 400 customers, including state and local police departments and universities all over the US. It is also expanding federally: US attorneys at the Department of Justice began using Track for criminal investigations last August. Veritone’s broader suite of AI tools, which includes bona fide facial recognition, is also used by the Department of Homeland Security—which houses immigration agencies—and the Department of Defense, according to the company. 

“The whole vision behind Track in the first place,” says Veritone CEO Ryan Steelberg, was “if we’re not allowed to track people’s faces, how do we assist in trying to potentially identify criminals or malicious behavior or activity?” In addition to tracking individuals where facial recognition isn’t legally allowed, Steelberg says, it allows for tracking when faces are obscured or not visible. 

The product has drawn criticism from the American Civil Liberties Union, which—after learning of the tool through MIT Technology Review—said it was the first instance they’d seen of a nonbiometric tracking system used at scale in the US.They warned that it raises many of the same privacy concerns as facial recognition but also introduces new ones at a time when the Trump administration is pushing federal agencies to ramp up monitoring of protesters, immigrants, and students.

Veritone gave us a demonstration of Track in which it analyzed people in footage from different environments, ranging from the January 6 riots to subway stations. You can use it to find people by specifying body size, gender, hair color and style, shoes, clothing, and various accessories. The tool can then assemble timelines, tracking a person across different locations and video feeds. It can be accessed through Amazon and Microsoft cloud platforms.

In an interview, Steelberg said that the number of attributes Track uses to identify people will continue to grow. When asked if Track differentiates on the basis of skin tone, a company spokesperson said it’s one of the attributes the algorithm uses to tell people apart but that the software does not currently allow users to search for people by skin color. Track currently operates only on recorded video, but Steelberg claims the company is less than a year from being able to run it on live video feeds.

owl writes:

https://archive.is/hXGcp

On Tuesday, someone posted a video on X of a procession of crosses, with a caption reading, "Each cross represents a white farmer who was murdered in South Africa." Elon Musk, South African by birth, shared the post, greatly expanding its visibility. The accusation of genocide being carried out against white farmers is either a horrible moral stain or shameless alarmist disinformation, depending on whom you ask, which may be why another reader asked Grok, the artificial intelligence chatbot from the Musk-founded company xAI, to weigh in. Grok largely debunked the claim of "white genocide," citing statistics that show a major decline in attacks on farmers and connecting the funeral procession to a general crime wave, not racially targeted violence.

By the next day, something had changed. Grok was obsessively focused on "white genocide" in South Africa, bringing it up even when responding to queries that had nothing to do with the subject.

How much do the Toronto Blue Jays pay the team's pitcher, Max Scherzer? Grok responded by discussing white genocide in South Africa. What's up with this picture of a tiny dog? Again, white genocide in South Africa. Did Qatar promise to invest in the United States? There, too, Grok's answer was about white genocide in South Africa.

Original Submission

Arthur T Knackerbracket has processed the following story:

Mars may still be home to oceanic quantities of liquid water, according to a recent paper published by the National Science Review.

Titled “Seismic evidence of liquid water at the base of Mars' upper crust”, the paper [PDF] notes that liquid water once flowed freely on the surface of Mars before the planet’s magnetic field faded, its atmosphere thinned, and it became the dry and frozen hellscape we know today.

The paper’s authors – from China’s Academy of Sciences, the Australian National University, and the University of Milano-Bicocca – note the generally accepted theory that Mars’ water either evaporated into space or was somehow stored in the planet’s crust but worry there’s little evidence to help us understand how much water may remain.

They think they found that evidence in data gathered by the Mars InSight, the sadly defunct lander that studied the Red Planet’s interior, when it recorded the impact of two meteorite impacts in 2021 and a 2022 Marsquake.

Those incidents produced seismic waves that slowed as they passed through a layer between 5.4 and 8 kilometers below the surface.

The authors cite studies on how quickly seismic waves travel through porous rocks, plus research on how such waves behave as they pass through layers in Earth’s crust and conclude that Mars is home to a “water-soaked layer 5.4 to 8 kilometers deep.”

In a summary of the paper, Australian and Chinese researchers characterize the that layer as “most likely highly porous rock filled with liquid water, like a saturated sponge” and akin to Earth’s aquifers. The paper estimates the porous rocks contain enough water to cover Mars in a global ocean 520–780m deep.

Journal Reference: Weijia Sun, Hrvoje Tkalčić, Marco G Malusà, Yongxin Pan, Seismic evidence of liquid water at the base of Mars' upper crust, National Science Review, 2025, nwaf166, https://doi.org/10.1093/nsr/nwaf166

Original Submission

Arthur T Knackerbracket has processed the following story:

Last week, a U.S. congressman announced a plan to introduce a bill that would mandate producers of high-performance AI processors to track them geographically in a bid to limit their usage by unauthorized foreign actors, such as China. Senator Tom Cotton of Arkansas then introduced a legislative measure later in the week. The bill covers hardware that goes way beyond just AI processors, and would give the Commerce Secretary power to verify the location of hardware, and put mandatory location controls on commercial companies. To make matters even more complicated, geo-tracking features would be required for high-performance graphics cards as well.

The bill covers a wide range of products classified as 3A090, 4A090, 4A003.z, and 3A001.z export control classification numbers (ECCNs), so advanced processors for AI, AI servers (including rack-scale solutions), HPC servers, and general-purpose electronics of strategic concern due to potential military utility or dual-use risk. It should be noted that many high-end graphics cards (such as Nvidia's GeForce RTX 4090 and RTX 5090) are also classified as a 3A090 product, so it looks like such add-in-boards will also have to add geo-tracking capabilities.

The first and central provision of the bill is the requirement for tracking technology to be embedded in any high-end processor module or device that falls under the U.S. export restrictions. This condition would take effect six months after the legislation is enacted, which will make the lives of companies like AMD, Intel, and Nvidia harder, as adding a feature to already developed products is a tough task. The mechanism must allow verification of a chip's or device's physical location, enabling the U.S. government to confirm whether it remains at the approved endpoint. Yet, exporters would be obliged to keep track of their products.

The bill authorizes the Secretary of Commerce to verify the ownership and location of regulated processors and systems after export and maintain a centralized registry of current locations and end-users. Nvidia, as well as other exporters, would also be obligated to inform the Bureau of Industry and Security if there is evidence that a component has been redirected from its authorized destination. Additionally, any indications of tampering or manipulation must be reported.

The bill, if supported by lawmakers, will mandate a one-year study to be conducted jointly by the Department of Commerce and the Department of Defense, which will identify additional protective measures that could be introduced in the future. Beyond the initial study, the same two departments are required to conduct yearly assessments for three consecutive years following the bill's enactment. These reviews must evaluate the most current advancements in security technologies applicable to products under export control. Based on these assessments, the departments may determine whether new requirements should be imposed. 

If the assessment concludes that additional mechanisms are appropriate, the Commerce Department must finalize rules within two years requiring covered chips and systems to incorporate these secondary features. A detailed implementation roadmap must also be submitted to the relevant congressional committees. All development and deployment of these mechanisms must preserve the confidentiality of sensitive commercial technologies. 

Finally, the legislation emphasizes confidentiality in all stages of developing and applying these new technical requirements. Any proposed safeguards or tracking features must be designed and implemented in a way that protects the proprietary information and trade secrets of American developers, such as AMD, Intel, and Nvidia. This condition ensures that while national security is strengthened, industrial competitiveness is not undermined. 

Is it even possible? Does the "tracking" stop if an American purchases the GPU?

See also: Nvidia says it is not sending GPU designs to China after reports of new Shanghai operation [JR]

Original Submission

_{Processed by drussell}

owl writes:

https://www.theregister.com/2025/05/15/voyager_1_survives_with_thruster_fix/

NASA has revived a set of thrusters on the nearly 50-year-old Voyager 1 spacecraft after declaring them inoperable over two decades ago.

It's a nice long-distance engineering win for the team at NASA's Jet Propulsion Laboratory, responsible for keeping the venerable Voyager spacecraft flying - and a critical one at that, as clogging fuel lines threatened to derail the backup thrusters currently in use.

The things you have to deal with when your spacecraft is operating more than four decades beyond its original mission plan, eh? Voyager 1 launched in 1977.

JPL reported Wednesday that the maneuver, completed in March, restarted Voyager 1's primary roll thrusters, which are used to keep the spacecraft aligned with a tracking star. That guide star helps keep its high-gain antenna aimed at Earth, now over 15.6 billion miles (25 billion kilometers) away, and far beyond the reach of any telescope.

Those primary roll thrusters stopped working in 2004 after a pair of internal heaters lost power. Voyager engineers long believed they were broken and unfixable. The backup roll thrusters in use are now at risk due to residue buildup in their fuel lines, which could cause failure as early as this fall.

Without roll thrusters, Voyager 1 would lose its ability to stay properly oriented and eventually drift out of contact.

Original Submission

hubie writes:

White House scraps plan to block data brokers from selling Americans' sensitive data:

A senior Trump administration official has scrapped a plan that would have blocked data brokers from selling Americans' personal and financial information, including Social Security numbers.

The Consumer Financial Protection Bureau (CFPB) said in December 2024 it planned to close a loophole under the Fair Credit Reporting Act, the federal law that protects Americans' personal data collected by consumer reporting agencies, such as credit bureaus and renter-screening companies. The rule would have treated data brokers no differently than any other company covered under the federal law and would have required them to comply with the law's privacy rules.

The rule was withdrawn early Tuesday, according to its listing in the Federal Register. The CFPB's acting director, Russell Vought, who also serves as the director of the White House's Office of Management and Budget, wrote that the rule is "not aligned with the Bureau's current interpretation" of the Fair Credit Reporting Act.

[...] Privacy advocates have long called for the government to use the Fair Credit Reporting Act to rein in data brokers.

The decision by CFPB to cancel the rule comes days after the Financial Technology Association, an industry lobby group representing non-bank fintech companies, wrote to Vought in his capacity as the White House's budget director. The lobby group asked the administration to withdraw the CFPB's rule, claiming it would be "harmful to financial institutions' efforts to detect and prevent fraud."

Original Submission

Mojibake Tengu writes:

The TECHPOWERUP reports:

https://www.techpowerup.com/336529/hygon-prepares-128-core-512-threaded-x86-cpu-with-four-way-smt-and-avx-512-support

Chinese server CPU maker Hygon, which owns a Zen core IP from AMD, has put a roadmap for C86-5G, its most powerful server processor to date, featuring up to 128 cores and an astonishing 512 threads. Thanks to a complete microarchitectural redesign, the new chip delivers more than 17 percent higher instructions per cycle (IPC) than its predecessor. It also supports the AVX-512 vector instruction set and four-way simultaneous multithreading, making it a strong contender for highly parallel workloads. Sixteen channels of DDR5-5600 memory feed data-intensive tasks, while CXL 2.0 interconnect support enables seamless scaling across multiple sockets. Built on an unknown semiconductor node, the C86-5G includes advanced power management and a hardened security engine. With 128 lanes of PCIe 5.0, it offers ample bandwidth for accelerators, NVMe storage, and high-speed networking. Hygon positions this flagship CPU as ideal for artificial intelligence training clusters, large-scale analytics platforms, and virtualized enterprise environments.

It is not clear to me where Hygon CPUs are actually made, but since the processor features instructions optimized for Chinese government obligatory encryption algorithms, it's most probably SMIC, not TSMC, for trust reason. 4-way SMT is very interesting, not even AMD can pull that just now.

An Anonymous Coward claiming to be "Legendary Donut" writes:

Tor has announced Oniux, a new command-line tool for routing any Linux application securely through the Tor network for anonymized network connections.

Unlike classic methods like torsocks, which rely on user-space tricks, Oniux uses Linux namespaces to create a fully isolated network environment for each application, preventing data leaks even if the app is malicious or misconfigured.

Linux namespaces are a kernel feature that allows processes to run in isolated environments, each with its own view of specific system resources like networking, processes, or file mounts.

Oniux uses Linux namespaces to isolate apps at the kernel level, so all their traffic is forced through Tor.

Arthur T Knackerbracket has processed the following story:

So, we have a non-functional market...

That is one of the prevailing messages dished out by the cyber arm of the British intelligence squad at GCHQ's National Cyber Security Centre (NCSC) in recent years at its annual conference. The cyber agency's CTO, Ollie Whitehouse, first pitched the idea during a keynote at last year's event, and once again it was a primary talking point of this week's CYBERUK, but not one that went down well with everyone.

Whitehouse said this week that "the market does not currently support and reward those companies that make that investment and build secure products." The risks introduced here are then shouldered by customers – companies, governments – rather than the vendors themselves.

"So, we have a non-functional market," he added.

"When we need to build an ecosystem that's capable of meeting this modern threat, we have to find ways where we can incentivize those vendors to be rewarded for their hard work, for those that go the extra mile, for those that build the secure technologies which our foundations are going to rely on in the future.

"Those that build secure technology make prosperous companies. They make celebrated companies, and they make successful companies ultimately. Because without that, nothing changes, and we repeat the last 40 years."

That's the NCSC's line – one that will most likely resonate with any organization popped by one of the myriad decades-old vulns vendors can't seem to stamp out. 

But there is a disconnect between the agency's message and the views of major players elsewhere in the industry. From first being pitched as a necessary play for a more cyber-secure ecosystem, now the agency's steadfast stance on the matter has become a question of whether or not to intervene.

[...] McKenzie's take was that customers will ultimately drive vendor change. If they start prioritizing security, that's what vendors will give them. A string of cockups will quickly out those who don't provide value, and then it becomes a case of having to improve to survive.

Arthur T Knackerbracket has processed the following story:

The European Vulnerability Database (EUVD) is now fully operational, offering a streamlined platform to monitor critical and actively exploited security flaws amid the US struggles with budget cuts, delayed disclosures, and confusion around the future of its own tracking systems.

As of Tuesday, the full-fledged version of the website is up and running.

"The EU is now equipped with an essential tool designed to substantially improve the management of vulnerabilities and the risks associated with it," ENISA Executive Director Juhan Lepassaar said in a statement announcing the EUVD. 

"The database ensures transparency to all users of the affected ICT products and services and will stand as an efficient source of information to find mitigation measures," Lepassaar continued.

The European Union Agency for Cybersecurity (ENISA) first announced the project in June 2024 under a mandate from the EU's Network and Information Security 2 Directive, and quietly rolled out a limited-access beta version last month during a period of uncertainty surrounding the United States' Common Vulnerabilities and Exposures (CVE) program. 

More broadly, Uncle Sam has been hard at work slashing CISA and other cybersecurity funding while key federal employees responsible for the US government's secure-by-design program have jumped ship. 

Plus, on Monday, CISA said it would no longer publish routine alerts - including those detailing exploited vulnerabilities - on its public website. Instead, these updates will be delivered via email, RSS feeds, and the agency's account on X.

With all this, a cybersecurity professional could be forgiven for doubting the US government's commitment to hardening networks and rooting out vulnerabilities.

Arthur T Knackerbracket has processed the following story:

On Monday, the US Court of Appeals for the Federal Circuit said scientists Jennifer Doudna and Emmanuelle Charpentier will get another chance to show they ought to own the key patents on what many consider the defining biotechnology invention of the 21st century.

The pair shared a 2020 Nobel Prize for developing the versatile gene-editing system, which is already being used to treat various genetic disorders, including sickle cell disease. 

But when key US patent rights were granted in 2014 to researcher Feng Zhang of the Broad Institute of MIT and Harvard, the decision set off a bitter dispute in which hundreds of millions of dollars—as well as scientific bragging rights—are at stake.

[...] The CRISPR patent battle is among the most byzantine ever, putting the technology alongside the steam engine, the telephone, the lightbulb, and the laser among the most hotly contested inventions in history.

In 2012, Doudna and Charpentier were first to publish a description of a CRISPR gene editor that could be programmed to precisely cut DNA in a test tube. There’s no dispute about that.

However, the patent fight relates to the use of CRISPR to edit inside animal cells—like those of human beings. That’s considered a distinct invention, and one both sides say they were first to come up with that very same year. 

In patent law, this moment is known as conception—the instant a lightbulb appears over an inventor’s head, revealing a definite and workable plan for how an invention is going to function.

An Anonymous Coward writes:

https://www.bleepingcomputer.com/news/security/bluetooth-61-enhances-privacy-with-randomized-rpa-timing/

By Bill Toulas (May 11, 2025)

The Bluetooth Special Interest Group (SIG) has announced Bluetooth Core Specification 6.1, bringing important improvements to the popular wireless communication protocol.

One new feature highlighted in the latest release is the increased device privacy via randomized Resolvable Private Addresses (RPA) updates.

"Randomizing the timing of address changes makes it much more difficult for third parties to track or correlate device activity over time," reads SIG's announcement.

A Resolvable Private Address (RPA) is a Bluetooth address created to look random and is used in place of a device's fixed MAC address to protect user privacy. It allows trusted devices to securely reconnect without revealing their true identity.

[...] The Controller picks a random value in the defined range using a NIST-approved random number generator, and updates the RPA. This makes tracking significantly harder, as there is no pattern in the value selection.

More details about how the new privacy feature works can be found in the specification document published along with the announcement.

Another feature highlighted in the announcement is better power efficiency starting from Bluetooth 6.1, which stems from allowing the chip (Controller) to autonomously handle the randomized RPA updates.

[...] While Bluetooth 6.1 has made exciting steps forward, it's important to underline that actual support in hardware and firmware may take years to arrive.

The first wave of chips with Bluetooth 6.1 should not be realistically expected before 2026, and even then, early implementations may not immediately expose all the newly available features, as testing and validation may be required.

Original Submission

Arthur T Knackerbracket has processed the following story:

Looks like inflated GPU prices are here to stay

A new report claims that Nvidia has recently raised the official prices of nearly all of its products to combat the impact of tariffs and surging manufacturing costs on its business, with gaming graphics cards receiving a 5 to 10% hike while AI GPUs see up to a 15% increase.

As reported by Digitimes Taiwan (translated), Nvidia is facing "multiple crises," including a $5.5 billion hit to its quarterly earnings over export restrictions on AI chips, including a ban on sales of its H20 chips to China.

Digitimes reports that CEO Jensen Huang has been "shuttling back and forth" between the US and China to minimize the impact of tariffs, and that "in order to maintain stable profitability," Nvidia has reportedly recently raised official prices for almost all its products, allowing its partners to increase prices accordingly.

Despite the hikes, Digitimes claims Nvidia's financial report at the end of the month "should be within financial forecasts and deliver excellent profit results," driven by strong demand for AI chips outside of China and the expanding spending from cloud service providers.

The report states that Nvidia has applied official price hikes to numerous products to keep its earnings stable, with partners following suit. As an example, Digitimes cites the RTX 5090, bought at premium prices upon release without hesitation, such that channel pricing "quickly doubled."

The report notes that following the AI chip ban, RTX 5090 prices climbed further still, surging overnight from around NT$90,000 to NT$100,000, with other RTX 50 series cards also increasing by 5-10%. Digitimes notes Nvidia has also raised the price of its H200 and B200 chips, with server vendors increasing prices by up to 15% accordingly.

According to the publication's supply chain sources, price hikes have been exacerbated by the shift of Blackwell chip production to TSMC's US plant, which has driven a significant rise in the price of production, materials, and logistics.

Original Submission