Slashdot

Slashdot reader Hmmmmmm shared this report from Reuters: AstraZeneca is to start clinical trials to test a combination of its experimental COVID-19 vaccine with Russia's Sputnik V shot to see if this can boost the efficacy of the British drugmaker's vaccine, Russia's sovereign wealth fund said on Friday. Trials will start by the end of the year and Russia wants to produce the new vaccine jointly if it is proven to be effective, said the RDIF wealth fund, which has funded Sputnik V. AstraZeneca said it was considering how it could assess combinations of different vaccines, and would soon begin exploring with Russia's Gamaleya Institute, which developed Sputnik V, whether two vaccines based on a common-cold virus could be successfully combined... Sputnik's Russian developers say clinical trials, still under way, have shown it has an efficacy rate of over 90%, higher than that of AstraZeneca's own vaccine and similar to those of U.S. rivals Pfizer and Moderna. Some Western scientists have raised concerns about the speed at which Russia has worked, giving the regulatory go-ahead for its vaccines and launching large-scale vaccinations before full trials to test Sputnik V's safety and efficacy have been completed. Russia says the criticism is unfounded.

Read more of this story at Slashdot.

Long-time Slashdot reader BoredStiff writes: An energy Sankey diagram [where the width of arrows is proportional to flow rates] was published today by the University of Chicago, and shows the history of the American energy system in chart form, from 1800 to 2019. The Atlantic explains: It is the first attempt to put so much information about U.S. energy history in one place. This particular Sankey diagram shows the inputs and outputs for the U.S. energy system, measured in watts per capita. The left side of the chart shows where energy is coming from (coal, natural gas, or petroleum) and the right side shows what it's being used for (transportation, agriculture, or home lighting and heating)... [I]t has a lot to teach us about how the energy system got to be the way it is today — and how it might change, and be made to change, in the future... The half century from 1800 to 1850 saw the country devour biomass, most of it in the form of firewood and animal feed. In the 1870s, biomass gave way to the first fossil fuels: coal and, to a lesser extent, petroleum... By the 1910s, coal was dominant.... In the 1920s, it began to fade from the economy, replaced by natural gas, electricity, and — in the transportation sector — petroleum (in the form of gasoline). This was the age of cars and electrified Sun Belt suburbs — and it lasted 50 years, until the energy crisis of the 1970s arrived and capped energy use. Since 1973, per capita energy use hasn't increased. In recent years, you can see natural gas driving out coal from the electricity sector. It was getting a handle on that change, actually, that led the project's leader to start working on it in the first place. "The changes that are happening in the electricity sector now — changes that are as large as any energy transition we've seen — are difficult to grasp... without animating the data," Elisabeth Moyer, an atmospheric-chemistry professor at the University of Chicago who created the project, told me... Emily Grubert, an engineering professor at Georgia Tech, noted that nearly all of the transitions depicted were accidental or the result of market forces. It's possible that the transition to zero-carbon energy could be faster, she said, because it will be intentional.

Read more of this story at Slashdot.

"Cloudflare, Apple, and Fastly have co-designed and proposed a new DNS standard to tackle ongoing privacy issues associated with DNS," reports ZDNet. Cloudflare calls it "a practical approach for improving privacy" that "aims to improve the overall adoption of encrypted DNS protocols without compromising performance and user experience..." Third-parties, such as ISPs, find it more difficult to trace website visits when DNS over HTTPS (DoH) is enabled. DoH deployment is on the cards for many major browser providers, although rollout plans are ongoing. Now, Oblivious DNS over HTTPS (ODoH) has been proposed by Cloudflare — together with partners PCCW Global, Surf, and Equinix — to improve on these models by adding an additional layer of public key encryption and a network proxy... The overall aim of ODoH is to decouple client proxies from resolvers. A network proxy is inserted between clients and DoH servers — such as Cloudflare's 1.1.1.1's public DNS resolver — and the combination of both this and public key encryption "guarantees that only the user has access to both the DNS messages and their own IP address at the same time," according to Cloudflare... "The client behaves as it does in DNS and DoH, but differs by encrypting queries for the target, and decrypting the target's responses..." Test clients for the code have been provided to the open source community to encourage experimentation with the proposed standard. It can take years before support is enabled by vendors for new DNS standards, but Eric Rescorla, Firefox's CTO, has already indicated that Firefox will "experiment" with ODoH.

Read more of this story at Slashdot.

"Cloudflare, Apple, and Fastly have co-designed and proposed a new DNS standard to tackle ongoing privacy issues associated with DNS," reports ZDNet. Cloudflare calls it "a practical approach for improving privacy" that "aims to improve the overall adoption of encrypted DNS protocols without compromising performance and user experience..." Third-parties, such as ISPs, find it more difficult to trace website visits when DNS over HTTPS (DoH) is enabled. DoH deployment is on the cards for many major browser providers, although rollout plans are ongoing. Now, Oblivious DNS over HTTPS (ODoH) has been proposed by Cloudflare — together with partners PCCW Global, Surf, and Equinix — to improve on these models by adding an additional layer of public key encryption and a network proxy... The overall aim of ODoH is to decouple client proxies from resolvers. A network proxy is inserted between clients and DoH servers — such as Cloudflare's 1.1.1.1's public DNS resolver — and the combination of both this and public key encryption "guarantees that only the user has access to both the DNS messages and their own IP address at the same time," according to Cloudflare... "The client behaves as it does in DNS and DoH, but differs by encrypting queries for the target, and decrypting the target's responses..." Test clients for the code have been provided to the open source community to encourage experimentation with the proposed standard. It can take years before support is enabled by vendors for new DNS standards, but Eric Rescorla, Firefox's CTO, has already indicated that Firefox will "experiment" with ODoH.

Read more of this story at Slashdot.

CNET reports: With the next version of Chrome, Google is moving ahead with a plan to improve privacy and security by reining in some abilities of extensions used to customize the browser. The move had angered some developers who expected earlier it would cripple ad blockers. Manifest v3, the programming interface behind Google's security plans, will arrive with Chrome 88 in mid-January, Google said Wednesday at the Chrome Dev Summit. Extensions using the earlier Manifest v2 will still work for at least a year... Among other things, Manifest v3 limits the number of "rules" that extensions may apply to a web page as it loads. Rules are used, for example, to check if a website element comes from an advertiser's server and should therefore be blocked. Google announced the changes two years ago. Reducing the number of rules allowed angered creators of extensions like the uBlock Origin ad blocker and the Ghostery tracking blocker. They said the rules limits will stop their extensions from running their full lists of actions to screen ads or block tracking. That could let websites bypass extensions — and the preferences of people who installed them... The shift brought on by Manifest V3 will spread to all browsers, to the detriment of ad blocking software, predicted Andrey Meshkov, co-founder and chief technology officer of AdGuard, an ad-blocking extension... Ghostery is working to update its extension for Manifest V3 but would rather spend its time on "real privacy innovations," President Jeremy Tillman said in a statement Wednesday. "We still have real misgivings that these changes have more to do with Google protecting its bottom line than it does with improving security for Chrome users...." The importance of the Chrome team's choices are magnified by the fact that other browsers, including Microsoft Edge, Vivaldi , Opera and Brave, are built on its Chromium open-source foundation. Microsoft said it will embrace Manifest v3, too. "Another Manifest v3 change is that extensions no longer may update their abilities by downloading code from third-party sites. "The entire extension now must be distributed through the Chrome Web Store, a measure Google says improves security screens and speeds reviews."

Read more of this story at Slashdot.

CNN reports: U.S. Covid-19 hospitalizations hit a record high for the seventh day in a row Saturday with 108,487 patients in hospitals around the country, according to the Covid Tracking Project. And the number of Covid-19 cases reported in the United States reached more than 16 million after the country added 1 million cases in just four days, according to Johns Hopkins University data. It took the nation more than eight months to reach 8 million cases but less than two months to double that, as the number of new cases continues to soar... On Friday, as the U.S. Food and Drug Administration authorized the Pfizer vaccine for emergency use, the U.S. recorded more than 3,300 Covid-19 deaths — the most ever in one day, according to data from Johns Hopkins University. More than 231,700 new cases were reported, another pandemic high... The average of daily cases over the last week was 210,764, another pandemic high, according to a CNN analysis of Johns Hopkins data. Another statistic from CNN: There have been more than 100,000 Covid-19 patients in America's hospitals every day since December 2.

Read more of this story at Slashdot.

hcs_$reboot shares a remarkable new theory from Larry M. Silverberg, an aerospace engineering professor at North Carolina State University (with colleague Jeffrey Eischen). They're proposing that matter is not made of particles (or even waves), as was long thought, but fragments of energy. [W]hile the theories and math of waves and particles allow scientists to make incredibly accurate predictions about the universe, the rules break down at the largest and tiniest scales. Einstein proposed a remedy in his theory of general relativity. Using the mathematical tools available to him at the time, Einstein was able to better explain certain physical phenomena and also resolve a longstanding paradox relating to inertia and gravity. But instead of improving on particles or waves, he eliminated them as he proposed the warping of space and time.Using newer mathematical tools, my colleague and I have demonstrated a new theory that may accurately describe the universe... Instead of basing the theory on the warping of space and time, we considered that there could be a building block that is more fundamental than the particle and the wave.... Much to our surprise, we discovered that there were only a limited number of ways to describe a concentration of energy that flows. Of those, we found just one that works in accordance with our mathematical definition of flow. We named it a fragment of energy... Using the fragment of energy as a building block of matter, we then constructed the math necessary to solve physics problems... More than 100 [years] ago, Einstein had turned to two legendary problems in physics to validate general relativity: the ever-so-slight yearly shift — or precession — in Mercury's orbit, and the tiny bending of light as it passes the Sun... In both problems, we calculated the trajectories of the moving fragments and got the same answers as those predicted by the theory of general relativity. We were stunned. Our initial work demonstrated how a new building block is capable of accurately modeling bodies from the enormous to the minuscule. Where particles and waves break down, the fragment of energy building block held strong. The fragment could be a single potentially universal building block from which to model reality mathematically — and update the way people think about the building blocks of the universe.

Read more of this story at Slashdot.

This week NVIDIA threatened to stop providing GeForce Founders Edition review units to reviewer Steven Walton, who runs the YouTube channel Hardware Unboxed (and is also an editor/reviewer at TechSpot). NVIDIA had complained "your GPU reviews and recommendations have continued to focus singularly on rasterization performance, and you have largely discounted all of the other technologies we offer gamers. It is very clear from your community commentary that you do not see things the same way that we, gamers, and the rest of the industry do." NVIDIA's email to Walton had said that henceforward their review products would instead be allocated to other media outlets "that recognize the changing landscape of gaming and the features that are important to gamers and anyone buying a GPU today, be it for gaming, content creation, or studio and stream." But TechSpot reports tonight that "Less than 48 hours later, Steve received the good news. Nvidia apologized and walked everything back." Great news indeed, but let's be clear this wouldn't have happened if not for the support of the community at large and key people in the tech space that have such an enormous influence that it was too much for Nvidia to ignore. Linus from LinusTechTips (his angry rant on the WAN Show embedded above is pure gold) and Steve from Gamers Nexus, were two of those persons. And unfortunately, by then TechSpot had already composed a scathing takedown of NVIDIA's email: As a corporation, it's Nvidia's prerogative to decide on the reviewers it chooses to collaborate with. However, this and other related incidents raise serious questions around journalistic independence and what they are expecting of reviewers when they are sent products for an unbiased opinion... In today's dynamic graphics hardware space, with 350W flagships, hardware ray tracing, and exotic cooling solutions, there's a wide range of data points Hardware Unboxed looks at. But at the end of the day, there's only one real question every GPU buyer wants to know: how well do games run on a particular piece of hardware? Considering that 99% percent of Steam games feature raster-only rendering pipelines, rasterization performance was, is, and will be, a key point that Steve considers in GPU reviews... [M]ost games (including almost all RTX titles) are built on raster renderers. A hypothetical graphics card with most of its die space reserved for ray tracing would run Quake II RTX great and... not much else. Ray tracing absolutely deserves a place in modern GPU reviews. But there's simply not enough of it in enough games for any responsible reviewer to put it center-stage, in place of raster performance. It wouldn't do justice to consumers, who will primarily be running raster workloads. This is why Nvidia's complaint is so puzzling.

Read more of this story at Slashdot.

Just today in America there were 223,365 new Covid-19 cases. The Hill notes that's "the worst it has ever been." Long-time Slashdot reader smooth wombat also highlights this quote from Robert Redfield, the director of America's Centers for Disease Control and Prevention: "We are in the timeframe now that probably for the next 60 to 90 days we're going to have more deaths per day than we had at 9/11 or we had at Pearl Harbor," Redfield said during an event hosted by the Council on Foreign Relations. In addition, when asked about the vaccines which are being prepared for use, Redfield said, "The reality is the vaccine approval this week's not going to really impact that I think to any degree for the next 60 days." Redfield, echoing a wide range of health experts, urged people to "double down" on basic precautions in the short term until a vaccine is widely available [including wearing a mask but also avoiding indoor gatherings.] On Wednesday one political blog posted a list of the 10 deadliest days in American history. That Wednesday turned out to be the fifth deadliest day in American history, with the next day becoming the fourth deadliest day, behind only two Civil War battles and a hurricane that struck in the year 1900. Here's a rough update of that list (using figures posted daily by The Covid Tracking Project: Galveston Hurricane (in 1900) — 8,000Battle of Antietam (1862) — 3,675Battle of Gettysburg (1863) — 3,155 This Thursday - 3,067 This Wednesday - 3,054September 11 (2001) — 2,977 Last Thursday — 2,879 Last Wednesday — 2,804 This Friday - 2,749 This Tuesday - 2,622 Last Friday — 2,607 Last Tuesday — 2,597 Today - 2,477 Last Saturday - 2,445 Pearl Harbor (1941) — 2,403 Of the 15 deadliest days in American history, 10 of them have happened within the last two weeks.

Read more of this story at Slashdot.

"A new survey of the free and open-source software (FOSS) community conducted by the Linux Foundation suggests that contributors spend less than 3% of their time on security issues and have little desire to increase this," reports TechRepublic: Moreover, responses indicated that many respondents had little interest in increasing time and effort on security. One respondent commented that they "find the enterprise of security a soul-withering chore and a subject best left for the lawyers and process freaks," while another said: "I find security an insufferably boring procedural hindrance." The researchers concluded that a new approach to the security and auditing of FOSS would be needed to improve security practices, while limiting the burden on contributors. Some of the most requested tools from contributors were bug and security fixes, free security audits, and simplified ways to add security-related tools to their continuous integration (CI) pipelines. "There is a clear need to dedicate more effort to the security of FOSS, but the burden should not fall solely on contributors," read the report. "Developers generally do not want to become security auditors; they want to receive the results of audits..." The researchers continued: "One way to improve a rewrite's security is to switch from memory-unsafe languages (such as C or C++ ) into memory-safe languages (such as nearly all other languages)," researchers said. "This would eliminate entire classes of vulnerabilities such as buffer overflows and double-frees." Also interesting: money "scored very low in developers' motivations for contributing to open-source projects, as did a desire for recognition amongst peers," according to TechRepublic. "Instead, developers said they were purely interested in finding features, fixes and solutions to the open-source projects they were working on. Other top motivations included were enjoyment and a desire to contribute back to the FOSS projects that they used."

Read more of this story at Slashdot.

The University of California San Francisco issued this glowing announcement of some new research: Just a few doses of an experimental drug can reverse age-related declines in memory and mental flexibility in mice, according to a new study by UC San Francisco scientists. The drug, called ISRIB, has already been shown in laboratory studies to restore memory function months after traumatic brain injury, reverse cognitive impairments in Down Syndrome, prevent noise-related hearing loss, fight certain types of prostate cancer, and even enhance cognition in healthy animals. In the new study, published Dec. 1, 2020, in the open-access journal eLife, researchers showed rapid restoration of youthful cognitive abilities in aged mice, accompanied by a rejuvenation of brain and immune cells that could help explain improvements in brain function. "ISRIB's extremely rapid effects show for the first time that a significant component of age-related cognitive losses may be caused by a kind of reversible physiological "blockage" rather than more permanent degradation," said Susanna Rosi, PhD, Lewis and Ruth Cozen Chair II and professor in the departments of Neurological Surgery and of Physical Therapy and Rehabilitation Science. "The data suggest that the aged brain has not permanently lost essential cognitive capacities, as was commonly assumed, but rather that these cognitive resources are still there but have been somehow blocked, trapped by a vicious cycle of cellular stress," added Peter Walter, PhD, a professor in the UCSF Department of Biochemistry and Biophysics and a Howard Hughes Medical Institute investigator. "Our work with ISRIB demonstrates a way to break that cycle and restore cognitive abilities that had become walled off over time...." "We've seen how ISRIB restores cognition in animals with traumatic brain injury, which in many ways is like a sped-up version of age-related cognitive decline," said Rosi, who is director of neurocognitive research in the UCSF Brain and Spinal Injury Center and a member of the UCSF Weill Institute for Neurosciences. "It may seem like a crazy idea, but asking whether the drug could reverse symptoms of aging itself was just a logical next step." Forbes also reports that "In all studies, the researchers have observed no serious side effects."

Read more of this story at Slashdot.

An anonymous Slashdot reader writes: For the past year, hackers have been breaking into MySQL databases, downloading tables, deleting the originals, and leaving ransom notes behind, telling server owners to contact the attackers to get their data back. If database owners don't respond and ransom their data back in nine days, the databases are then put up on auction on a dark web portal. "More than 85,000 MySQL databases are currently on sale on a dark web portal for a price of only $550/database," reports ZDNet: This suggests that both the DB intrusions and the ransom/auction web pages are automated and that attackers don't analyze the hacked databases for data that could contain a higher concentration of personal or financial information. Signs of these ransom attacks have been piling up over the course of 2020, with the number of complaints from server owners finding the ransom note inside their databases popping up on Reddit, the MySQL forums, tech support forums, Medium posts, and private blogs.

Read more of this story at Slashdot.

"Don a headset which places a sensor on the back of your head, and it'll detect your brainwaves which can then be translated into digital actions," writes Engadget. VentureBeat reports that NextMind "has started shipping its real-time brain computer interface Dev Kit for $399." The device translates brain signals into digital commands, allowing you to control computers, AR/VR headsets, and IoT devices (lights, TVs, music, games, and so on) with your visual attention. Paris-based NextMind is part of a growing number of startups building neural interfaces that rely on machine learning algorithms. There are invasive devices like the one from Elon Musk's Neuralink, which in August revealed a prototype showing readings from a pig's brain using a coin-shaped device implanted under the skull. There are also noninvasive devices like the electromyography wristband that translates neuromuscular signals into machine-interpretable commands from Ctrl-labs, which Facebook acquired in September 2019. NextMind is developing a noninvasive device — an electroencephalogram (EEG) worn on the back of your head, where your brain's visual cortex is located. When we spoke with NextMind CEO Sid Kouider last year, he promised the kits would begin shipping in Q2 2020. Then the pandemic hit. "We had about three, four months of delays due to COVID-19, but not more than that in terms of production," Kouider told VentureBeat. The company shipped "hundreds" of Dev Kits in November after producing its first thousand units. Another thousand units are set to be produced next month.

Read more of this story at Slashdot.

Programming columnist Mike Melanson writes: As part of its involvement in the recently announced Open Source Security Foundation (OpenSSF), Google has penned a blog post outlining one of the first steps it will take as part of this group, with an attempt at finding critical open source projects. "Open source software (OSS) has long suffered from a 'tragedy of the commons' problem," they write. "Most organizations, large and small, make use of open source software every day to build modern products, but many OSS projects are struggling for the time, resources and attention they need." So as a way to address this problem, and help fund those projects that need funding, Google is releasing the Criticality Score project. The project gives projects a criticality score (a number between 0 and 1) that is "is derived from various project usage metrics" such as "a project's age, number of individual contributors and organizations involved, user involvement (in terms of new issue requests and updates), and a rough estimate of its dependencies using commit mentions." From there, you can also add your own metrics, if you see fit... Abhishek Arya, one of the project's creators, points out that the project is still in its initial phases and welcoming feedback on "any ideas on metrics we can use." Arya also notes that the project is currently limited to ranking open source projects hosted on GitHub, but "will be expanding to our source control system in the near future." "Though we have made some progress on this problem, we have not solved it and are eager for the community's help in refining these metrics to identify critical open source projects," the blog post announcing the project concludes.

Read more of this story at Slashdot.

CNN reports: Virgin Galactic's supersonic rocket plane was scheduled to fire into the upper atmosphere Saturday, but after climbing more than 40,000 feet over New Mexico attached to its mothership, the space plane made an unexpected turn toward home rather than shooting skyward. The company confirmed that the space plane, which was carrying test pilots CJ Sturckow and Dave Mackay, safely landed. "The ignition sequence for the rocket motor did not complete," the company said via Twitter. "Vehicle and crew are in great shape. We have several motors ready at Spaceport America. We will check the vehicle and be back to flight soon." The root cause of the issue was not immediately clear... This mission was meant to be the third test flight of VSS Unity to exceed the 50-mile mark, which the US government considers to be the beginning outer space. CNN also reports that Virgin Galactic now has 600 customers "who so far have forked over between $200,000 to $250,000 each to reserve seats [for] their brief journey to the edge of space."

Read more of this story at Slashdot.

Long-time Slashdot reader zoobab shares this update about the long-standing Foundation for a Free Information Infrastructure, a Munich-based non-profit opposing ratification of a "Unified Patent Court" by Germany: The FFII is crowdfunding a constitutional complaint in Germany against the third attempt to impose software patents in Europe, calling on all software companies, independent software developers and FLOSS authors to donate. The Unitary Patent and its Court will promote patent trolls, without any appeal possible to the European Court of Justice, which won't be able to rule on patent law, and software patents in particular. The FFII also says that the proposed court system will be more expensive for small companies then the current national court system. The stakes are high — so the FFII writes that they're anticipating some tricky counter-maneuvering: Stopping the UPC in Germany will be enough to kill the UPC for the whole Europe... German government believe that they can ratify before the end of the year, as they consider the UK still a member of the EU till 31st December. The agenda of next votes have been designed on purpose to ratify the UPC before the end of the year. FFII expects dirty agenda and political hacks to declare the treaty "into force", dismiss "constitutional complaints", while the presence of UK is still problematic.

Read more of this story at Slashdot.

CNN reports: If it wasn't abundantly clear that content is king, especially in the Covid-19 era, Disney hammered that point home Thursday when it previewed dozens of new series and movies for its Disney+ streaming service. And investors are loving it. Shares of Disney jumped 13% Friday to a new all-time high. The stock is now up more than 20% this year, an impressive feat given that the pandemic has wreaked havoc on Disney's theme park business and forced its movie studios to delay big releases in theaters. Investors are clearly betting that the streaming strength will offset any lingering weakness in other areas of the House of Mouse empire: Disney raised its forecast for subscriber growth and is upping prices for Disney+. Wall Street analysts rushed to upgrade Disney following Thursday's event. At least 13 analysts boosted their price targets on the stock Friday morning. While Disney initially predicted it would have 60-90 million subscribers by 2024, they're now predicting 230-260 million, CNN reported earlier this week. "The sheer scale of content announced on Thursday was a loud reminder to the rest of the streaming world that Disney+ had an amazing year, acting as a lifeboat to a company ravaged by coronavirus, and that Disney is fully committed to the future of streaming." Besides the two new Star Wars series announced this week, Disney also announced several new series based on Marvel comic book characters: "The Falcon and the Winter Soldier" and "WandaVision" Samuel L. Jackson (as Nick Fury) in "Secret Invasion" Don Cheadle as War Machine in "Armor Wars" More Marvel-based shows about Hawkeye, Moon Knight, "Ironheart" Riri Williams, She Hulk, and Ms. Marvel A series of shorts titled "I Am Groot" and a "Guardians of the Galaxy Holiday Special" Other newly-announced Disney+ shows include: A live action Pinocchio starring Tom Hanks A reboot of "The Mighty Ducks" starring Emilio Estevez

Read more of this story at Slashdot.

Business Insider reports: Twitter on Saturday briefly took new action to stem the spread of President Donald Trump's false tweets about his loss in the 2020 election. Replies and likes were disabled on several of Trump's tweets Saturday morning before Twitter the company reversed course hours later, telling Business Insider the change was made "inadvertently...." "We try to prevent a Tweet like this that otherwise breaks the Twitter Rules from reaching more people, so we've disabled most of the ways to engage with it," the label said. But hours after, just before 10 a.m., with no public statement from Twitter, it appeared to have changed course, allowing users to like the tweets after first presenting a large warning that the contents of the post were disputed. "We inadvertently took action to limit engagements on the labeled Tweet you referenced," a Twitter spokesperson told Business Insider on Saturday. "This action has been reversed, and you can now engage with the Tweet, but in line with our Civic Integrity Policy it will continue to be labeled in order to give more context for anyone who might see the Tweet."

Read more of this story at Slashdot.

An anonymous reader quotes a report from CNN: A biotech conference in Boston last February that's already been flagged as a Covid-19 superspreading event led to at least 245,000 other cases across the US and Europe, a new genetic fingerprinting study shows. One single case seems to have been responsible for many of the other eventual cases, the team at the Broad Institute in Massachusetts reported. Their study finds two particular genetic fingerprints of viruses associated with the conference and then tracks those lineages across the US. One "was exported from Boston to at least 18 US states as well as to other countries, including Australia, Sweden, and Slovakia," the team, led by Bronwyn MacInnis, director of pathogen genomic surveillance at the Broad Institute, wrote in the journal Science. One was especially bad. A virus carrying one mutation -- a small genetic change they've flagged as C2416T -- was apparently carried to the conference by a single person, and ended up infecting 245,000 people. A subset of the viral strain with a mutation known as G26233T ended up in 88,000 of these cases. "A single introduction had an outsize effect on subsequent transmission because it was amplified by superspreading in a highly mobile population very early in the outbreak, before many public health precautions were put in place," the team wrote. "While Massachusetts accounted for most early spread related to the conference, Florida accounted for the greatest proportion of cases overall," they added.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Facebook said it has linked an advanced hacking group widely believed to be sponsored by the government of Vietnam to what's purported to be a legitimate IT company in that country. The so-called advanced persistent threat group goes under the monikers APT32 and OceanLotus. It has been operating since at least 2014 and targets private sector companies in a range of industries along with foreign governments, dissidents, and journalists in South Asia and elsewhere. It uses a variety of tactics, including phishing, to infect targets with fully featured desktop and mobile malware that's developed from scratch. To win targets' confidence, the group goes to great lengths to create websites and online personas that masquerade as legitimate people and organizations. Earlier this year, researchers uncovered at least eight unusually sophisticated Android apps hosted in Google Play that were linked to the hacking group. Many of them had been there since at least 2018. OceanLotus repeatedly bypassed Google's app-vetting process, in part by submitting benign versions of the apps and later updating them to add backdoors and other malicious functionality. FireEye published this detailed report on OceanLotus in 2017, and BlackBerry has more recent information here. On Thursday, Facebook identified Vietnamese IT firm CyberOne Group as being linked to OceanLotus. The group lists an address in Ho Chi Minh city. Email sent to the company seeking comment returned an error message that said the email server was misconfigured. A report from Reuters on Friday, however, quoted a person operating the company's now-suspended Facebook page as saying: "We are NOT Ocean Lotus. It's a mistake." At the time this post went live, the company's website was also unreachable. An archive of it from earlier on Friday is here.

Read more of this story at Slashdot.