Slashdot reader DevNull127 writes: In April a tourist in Hawaii followed GPS driving directions straight into a harbor. And one month later, another tourist did the exact same thing — driving into the same harbor. One onlooker remembers "screaming the whole time to get her attention but her GPS had told her to go there, so she drove right in."

When asked if they'd add warning signs, a state government spokeperson said no. "It's really clear that it is a ramp and it leads directly into the water." Although an information specialist for Hawaii's Department of Transportation did offer future tourists this advice.

"If you see a body of water, don't drive towards it."

The PyPi registry of open source Python packages "began evaluating ways to reduce the amount of identifying information that it stores," reports the Register, "even before the U.S. Justice Department came asking for data on suspect users."

But now, "the Python community package registry wants developers to understand that it's working to minimize the user data that it stores." The goal is not to be unable to respond to lawful requests for information; rather it's to store only the minimum amount of data necessary so as not to expose users to unnecessary privacy intrusion. Coincidentally, data minimization may prevent organizations from becoming a preferred source of on-demand surveillance: having excessive amounts of information about users invites legal demands, which staff then have to handle...

Mike Fiedler, a member of the PyPI admin team, said in a statement on Friday that the organization's effort to improve user privacy and security dates back to 2020. Since the receipt of the subpoenas in March and April, that effort has been reinvigorated.

Much of the concern focuses on IP address data, which gets stored in conjunction with web log access; user events such as logins; project events including uploads; events associated with recently introduced organizations; and administrative PyPI journal entries. According to Fiedler, PyPI was able to stop storing IP data for journal entries — an append-only transaction log — because these were only exposed to administrators... To obscure IP addresses, PyPI is salting them — adding an arbitrary value — and then hashing them — running the data through a one-way scrambling function that creates a value called a hash. This provides a way to store a reference to potentially identifying data without actually storing raw data... PyPI has been using its CDN provider Fastly to pass along a salted hash of the IP address for requests via a custom header, along with broad GeoIP data (the country and city where the user is located), and is using that instead of the raw IP address. In April, the registry adopted code changes for hashing and salting IP addresses for requests that PyPI handles directly in Warehouse, the web application that implements the official Python package index.

And over the past few days, it has been replacing IP addresses in the PyPI user interface with geolocation data. PyPI still relies on IP address information to identify abuse — the creation of malicious packages, harassments, and so on — but Fiedler says even that is being looked at. "We're thinking about how to manage that without storing IP data, but we're not there yet," he said. Fiedler says the PyPI team will be weighing whether it can remove IP data from event history records after a period of time and whether the service can handle all its requests via CDN.

Yes, that expensive Star Wars-themed hotel at Walt Disney World is closing September 30th — after opening barely one year ago. But Sfgate spoke to a couple who's already been three times, and before it closes are "currently planning a fourth and final voyage this summer." If you're counting, that's more than $15,000 their travel parties will have spent on the experience. Their first trip was hosted by Disney as a media preview; for the other visits, the pair split rooms with friends to lower the per-person cost. [The couple is Peter Sciretta and partner Kitra Remick, the couple behind the theme park vlog Ordinary Adventures.] "Any time that we went, we were bunking with people in one room to make the price cheaper because if you can fit four people in one room, it ends up being $1,000 or $1,500 each," Sciretta explained. "It's still expensive even when you split it, but to us and to a lot of people who went back, it was obviously worth it...."

"It's so hard to explain what it's like in there," Sciretta said, "and you saw that from Disney's marketing because they were unable to explain what it was like in there. It's like you are in a 'Star Wars' movie for two and a half days — not just inside, but you are part of a 'Star Wars' movie..." If you want to, you can make the fight between the Resistance and the Dark Side the whole experience — but if you don't, you can spend your time spying on storylines happening in darkened corners and stairwells, trying to sabotage other people's missions (which is actually a thing on the ship), going to lightsaber training, seeing a galactic songstress perform or just eating space food and drinking in the cantina.

The space food, Remick noted, was especially good, even those infamous blue shrimp. "Most of the stuff is otherworldly. It is so good," she said. "That was one of the things I was most excited about when we went back, eating all the food again. Not only does it look cool and Instagram-worthy, it actually tastes really good, too. And all the cocktails are amazing." There's even a cocktail, called the Krayt Reactor, that comes with a song and dance by cast members when you order it — it costs $79 but serves four people... According to information provided to SFGATE by Disney representatives, Galactic Starcruiser has been earning some of the highest guest satisfaction ratings in the history of Walt Disney World. It also won one of the theme park industry's highest honors: a Thea Award for Outstanding Achievement from the Themed Entertainment Association.

"I know hundreds of people that have gone at this point, and not one single person didn't plan on or didn't already go back a second time," Sciretta said. "I kind of do feel like even before it opened, [Disney] shot themselves in the foot with the marketing and the price. They were never able to recover no matter what people said about it."

"Formerly fringe beliefs that machines could suddenly surpass human-level intelligence and decide to destroy mankind are gaining traction," acknowledges the Washington Post. "And some of the most well-respected scientists in the field are speeding up their own timelines for when they think computers could learn to outthink humans and become manipulative.

"But many researchers and engineers say concerns about killer AIs that evoke Skynet in the Terminator movies aren't rooted in good science. Instead, it distracts from the very real problems that the tech is already causing..." It is creating copyright chaos, is supercharging concerns around digital privacy and surveillance, could be used to increase the ability of hackers to break cyberdefenses and is allowing governments to deploy deadly weapons that can kill without human control... [I]nside the Big Tech companies, many of the engineers working closely with the technology do not believe an AI takeover is something that people need to be concerned about right now, according to conversations with Big Tech workers who spoke on the condition of anonymity to share internal company discussions. "Out of the actively practicing researchers in this discipline, far more are centered on current risk than on existential risk," said Sara Hooker, director of Cohere for AI, the research lab of AI start-up Cohere, and a former Google researcher...

The ripple effects of the technology are still unclear, and entire industries are bracing for disruption, such as even high-paying jobs like lawyers or physicians being replaced. The existential risks seem more stark, but many would argue they are harder to quantify and less concrete: a future where AI could actively harm humans, or even somehow take control of our institutions and societies. "There are a set of people who view this as, 'Look, these are just algorithms. They're just repeating what it's seen online.' Then there is the view where these algorithms are showing emergent properties, to be creative, to reason, to plan," Google CEO Sundar Pichai said during an interview with "60 Minutes" in April. "We need to approach this with humility...."

There's no question that modern AIs are powerful, but that doesn't mean they are an imminent existential threat, said Hooker, the Cohere for AI director. Much of the conversation around AI freeing itself from human control centers on it quickly overcoming its constraints, like the AI antagonist Skynet does in the Terminator movies. "Most technology and risk in technology is a gradual shift," Hooker said. "Most risk compounds from limitations that are currently present."
The Post also points out that some of the heaviest criticism of the "killer robot" debate "has come from researchers who have been studying the technology's downsides for years."

"It is dangerous to distract ourselves with a fantasized AI-enabled utopia or apocalypse," a four-person team of researchers opined recently. "Instead, we should focus on the very real and very present exploitative practices of the companies claiming to build them, who are rapidly centralizing power and increasing social inequities."

SFGate reports: A proposed class-action lawsuit levels broad allegations that DoorDash, the San Francisco-headquartered food delivery giant, is engaging in fraudulent behavior — in part by charging iPhone users more than Android havers.

The complaint, a hefty 134-page airing of grievances about the fees and upsells faced while ordering on the app, filed by Maryland resident Ross Hecox and his children, contends that DoorDash conducts "price discrimination" by allegedly charging iPhone users an "expanded range fee" more often than their Android counterparts.

According to the suit, posted by Gizmodo, the fee — a markup to any deliveries outside of the user's immediate radius set by DoorDash — is arbitrarily applied without actually taking into account users' locations. At least seven tests with separate iPhone and Android devices were conducted by the plaintiffs to prove this point in the suit.

In one set of tests, an Android phone and an iPhone were used to place the same order — a breakfast sandwich with avocado and egg whites and a chocolate chip bagel from a nearby Panera Bread — to the same address simultaneously. In the first order, according to the suit, the iPhone was at the delivery location and the Android was 15 miles away; the iPhone user received the expanded range fee. In the second, the phones' locations were reversed, with the iPhone being used 15 miles away from the delivery site; the iPhone user, the suit alleges, was still charged the fee. In a third test involving Panera, the phones were both at the delivery location — the iPhone not only allegedly received the expanded range fee but was charged an additional dollar in delivery fees. Other tests allege that delivery fees on iPhone orders are "greatly" inflated.
DoorDash called the complaints "baseless and simply without merit," in a statement to Gizmodo.

A former CFO of a Seattle startup is accused of diverting $35 million and losing it when the crypto market crashed last year (Warning: source paywalled; alternative source), according to a report. The CFO allegedly used the funds for personal expenses and investments without authorization. The Seattle Times reports: Nevin Shetty, 39, was hired in March 2021 as CFO of a company called fabric, which makes software platforms for retail commerce. About a year later, after the company informed him it was letting him go over job performance concerns, he secretly took the money and transferred it to HighTower Treasury, a crypto platform he controlled as a side business, the indictment said. His idea was to pay the company 6% interest while retaining profits above that, but soon the $35 million investment was practically worthless, the U.S. Attorney's Office in Seattle said in a news release.

The indictment in U.S. District Court charged Shetty with four counts of wire fraud. He is scheduled to be arraigned May 25. Shetty's attorney, Cooper Offenbecher, said in an emailed statement that he and his client had been in regular contact with prosecutors and disagreed with the decision to bring an indictment. "As the CFO of his former employer, tasked with making investment decisions for its benefit, Mr. Shetty was personally devastated by these losses, which occurred as a result of a catastrophic crash in the cryptocurrency market in May 2022," Offenbecher wrote. "We look forward to responding to these allegations in Court."

Prosecutors, however, said that as the company raised hundreds of millions of dollars in startup funding, it adopted a conservative approach to managing that money -- a policy that Shetty had helped draft. According to the Seattle tech news website GeekWire, fabric had raised more than $293 million by February 2022 and was valued at $1.5 billion. In an emailed statement, the company said it had been cooperating with law enforcement and appreciated the work of the FBI and federal prosecutors. "While the amount taken is substantial, fabric remains very well-funded with years of runway," the statement said.

Google has launched the Pixel 7a for $499, featuring a 6.1-inch OLED display at 90Hz, Tensor G2 chip with 8GB RAM, and 64MP main camera. The Pixel 7a nearly matches the flagship Pixel 7 on specs but starts at a lower price. GSMArena.com reports: Yes, the 7a marks several firsts for the Pixel a series. For starters, its 6.1" OLED display now runs at 90Hz, the same refresh rate as the Pixel 7 (though that one has a slightly larger 6.3" display). The resolution is FHD+ and you get Gorilla Glass 3 protection. Speaking of protection, the phone is rated IP67 for dust and water resistance. It has a metal frame and a plastic back -- Google notes that it used recycled aluminum, glass and plastic to build the phone. For example, the visor is 100% recycled aluminum. Available colors are Charcoal, Sea and Snow.

Another major upgrade is the switch to the Tensor G2 chipset, which is now paired with 8GB of LPDDR RAM (up from 6GB on the 6a) and 128GB UFS 3.1 storage. This is the same configuration as the Pixel 7, so the a-phone will be just as fast at the various computational tasks. Also, note that Google is promising 5 years of security updates. Among them is the Super Res Zoom (up to 8x), which is enabled by the new 64MP camera (up from 12MP). The ultra wide camera has a 13MP sensor and a f/2.2 lens that is blessed with Dual Pixel autofocus. The front-facing camera was also bumped up to 13MP with a fixed-focus lens (f/2.2). The rear camera can record 5K video at up to 60fps, the front one tops out at 4K at 30fps.

The Pixel 7a supports sub-6GHz and mmWave flavors of 5G, though only models for select regions will have mmWave enabled. This is a dual-SIM device with one physical nano-SIM and one eSIM. The 7a is powered by a 4,385mAh battery that supports up to 18W wired charging and for the first time on an a-phone wireless charging is available too -- also at 18W. Note that the port on the bottom is USB-C 3.2 Gen 2, but the retail box comes only with a USB C-to-C cable with USB 2.0 wiring (and you have to supply your own charger). You can order the Pixel 7a via the Google Store.

Thanks to a crowdfunding campaign dating back to 2014, soldiers in Ukraine are now using Steam Decks to remotely operate a high-caliber machine gun turret. The weapon is called the "Sabre" and is unique to Ukraine. Motherboard reports: Ukrainian news outlet TPO Media recently reported on the deployment of a new model of the Sabre on its Facebook page. Photos and videos of the system show soldiers operating a Steam Deck connected to a large machine gun via a heavy piece of cable. According to the TPO Media post, the Sabre system allows soldiers to fight the enemy from a great distance and can handle a range of calibers, from light machine guns firing anti-tank rounds to an AK-47.

In the TPO footage, the Sabre is firing what appears to be a PKT belt-fed machine gun. The PKT is a heavy barrelled machine that doesn't have a stock and is typically mounted on vehicles like armored personnel carriers. It uses a solenoid trigger so it can be fired remotely, which is the cable running out of the back of the gun and into the complex of metal and wires on the side of the turret.

The Sabre system wasn't always controlled with a Steam Deck [...]. The first instances of the weapon appeared in 2014. The U.S. and the rest of NATO is giving Ukraine a lot of money for defense now, but that wasn't the case when Russia first invaded in 2014. To fill its funding gaps, Ukrainians ran a variety of crowdfunding campaigns. Over the years, Ukraine has used crowdfunding to pay for everything from drones to hospitals. One of the most popular websites is The People's Project, and it's there that the Sabre was born. The People's Project launched the crowdfunding campaign for Sabre in 2015 and collected more than $12,000 for the project over the next two years. It's initial goal was to deploy 10 of these systems.

An anonymous reader quotes a report from Motherboard: Imgur, a popular photo-uploading service that has been informally tied to Reddit since its 2009 founding, will remove two types of content from its platform starting next month: explicit or pornographic imagery, and images uploaded anonymously -- the latter with a lean on unused images, according to the company. While technically banned from Imgur for years through its community rules, adult content hasn't been actively removed (and is incredibly popular). Until now.

The move is also going to be disastrous for the continuity of the internet. Like Photobucket before it, Imgur has been widely used to host millions of photos that are linked to, embedded, or used elsewhere, and lots of these photos were uploaded by people who didn't bother to sign up for accounts. Imgur is especially popular as a host for Reddit, meaning the content of those old posts could suddenly disappear off the internet. The move will likely also break embeds in various forum posts and blog posts all over the internet, creating an unpleasant form of link rot. (The Archive Team, generally a harbinger of shuttering sites, is working on backing up this material, according to an announcement on Reddit.)

"Thousands of stunned guests were on hand Saturday night to watch a Disneyland malfunction for the ages," writes SFGate — when a 45-foot-tall animatronic dragon burst into flames, and continued burning for several minutes in front of the stunned crowd.

SFGate reports: The fire occurred during the 10:30 p.m. performance of Fantasmic, a show staged on the Rivers of America. The elaborate show uses ships, barges, projections on the water and fire effects to tell the story of Mickey Mouse's dreams and nightmares. Near the end of the show, the dragon form of Maleficent from "Sleeping Beauty," emerges from the island.

The big finale went awry Saturday, and flames engulfed the entire dragon. Video taken by shocked spectators shows the fire beginning on the dragon's face and rapidly spreading down its body as chunks of flaming debris fall to the ground. Smoke and heavy flames billow from the prop as firefighters begin hosing down the dragon. The remainder of the show was canceled, and guests were escorted out of the immediate area...

The dragon, one of the most memorable parts of Disneyland's beloved nighttime spectacular, has jokingly been referred to as Murphy, a reference to Murphy's law. Over the decades, it's been part of countless malfunctions and mishaps, although none quite so destructive as this. Though it is supposed to breathe fire, there are times when the effect doesn't work at all.
"Disneyland employees armed with garden hoses and fire extinguishers were no match for the inferno," reports the Orange County Register. "The dragon's head erupted into a fireball and a flamethrower effect from the dragon's mouth shot directly toward the stage, according to MiceChat."

The newspaper has a picture of the charred mechanical skeleton that was still lying on the ground Sunday on Tom Sawyer Island — and a 146-second video of the blaze. (Apparently realizing they're witnessing an unplanned fire, one spectator can be heard telling another one wryly, "Happy birthday, Danny.")

"Some spectators thought it was part of the show," reports the New York Times. One visitor told the newspaper, "My sister and I were talking about how it was impressive. I was like, 'Man, they can set that head on fire and it just stays perfectly intact?' So we were kind of amazed at Disney at first..."

When interviewed by the Associated Press, Ryan Laux, a frequent Disneyland visitor, "said Mickey vanished from the stage as soon as the dragon's head became engulfed in flames."

Then a voice over a loudspeaker announced the show wouldn't continue "due to unforeseen circumstances..." (as heard in the video). "We apologize for any inconvenience this may cause — and hope you enjoy the rest of your evening here at Disneyland. Once again, this performance cannot continue due to unforeseen circumstances. Thank you." At that moment the head burst into more flames, some members of the audience gasped in unison — and the announcement continued playing in Spanish. ("No podemos continuar con este presentacion...") Then cheery banjo music began playing.

At least six workers were eventually treated for smoke inhalation from the burning dragon prop, reports the New York Times.

In a statement Disney said they were now "temporarily suspending fire effects" in "select" shows in their parks around the world — "out of an abundance of caution."

Amazon is making its AI-powered coding assistant CodeWhisperer free for individual developers, reports the Verge, "undercutting the $10 per month pricing of its Microsoft-made rival." Amazon launched CodeWhisperer as a preview last year, which developers can use within various integrated development environments (IDEs), like Visual Studio Code, to generate lines of code based on a text-based prompt....

CodeWhisperer automatically filters out any code suggestions that are potentially biased or unfair and flags any code that's similar to open-source training data. It also comes with security scanning features that can identify vulnerabilities within a developer's code, while providing suggestions to help close any security gaps it uncovers. CodeWhisperer now supports several languages, including Python, Java, JavaScript, TypeScript, and C#, including Go, Rust, PHP, Ruby, Kotlin, C, C++, Shell scripting, SQL, and Scala.
Here's how Amazon's senior developer advocate pitched the usefulness of their "real-time AI coding companion": Helping to keep developers in their flow is increasingly important as, facing increasing time pressure to get their work done, developers are often forced to break that flow to turn to an internet search, sites such as StackOverflow, or their colleagues for help in completing tasks. While this can help them obtain the starter code they need, it's disruptive as they've had to leave their IDE environment to search or ask questions in a forum or find and ask a colleague — further adding to the disruption. Instead, CodeWhisperer meets developers where they are most productive, providing recommendations in real time as they write code or comments in their IDE. During the preview we ran a productivity challenge, and participants who used CodeWhisperer were 27% more likely to complete tasks successfully and did so an average of 57% faster than those who didn't use CodeWhisperer....

It provides additional data for suggestions — for example, the repository URL and license — when code similar to training data is generated, helping lower the risk of using the code and enabling developers to reuse it with confidence.

SFGate reports: A herculean effort is required to produce an event centered around the intellectual property of "Star Wars" (protected within the Disney galactic empire), but a film commissioner in Northern California was determined and got creative to solicit a response from the film franchise owners. "I offered to send my adult daughter, who's a chef, to Lucasfilm to make them meals if they let us do this," said Cassandra Hesseltine, commissioner for the Humboldt-Del Norte Film Commission. The plea caught the attention of the San Francisco-based company, and a "Star Wars" festival in the redwoods was born.

After a decade of planning, following an extensive back-and-forth to comply with IP rights, the film commission has announced the Forest Moon Festival. The two-day event commemorates the 40th anniversary of "Star Wars: Return of the Jedi" June 2 and 3 in Northern California. It includes four film screenings [outdoors and indoors] between the two counties and holiday-like fanfare, with costumes and parties in downtown Eureka and on Cal Poly Humboldt's campus in Arcata.

The festival's vision is to gather community members and outsider fans of the series for a summer jubilee akin to the Fourth of July, where folks are encouraged to dress up to the theme and congregate under the redwood trees.
The article also notes that in June the monthly street fair in the town of Eureka "is expected to feature a 20-person squadron of Stormtroopers marching down main street."

San Francisco autonomous vehicle company Cruise recalled and updated the software of its fleet of 300 cars, reports the San Francisco Chronicle, " after a Cruise taxi rear-ended a local bus "when the car's software got confused by the articulated vehicle, according to a federal safety report and the company."

The voluntary report notes that Cruise updated its software on March 25th. Since last month's low-speed crash, which resulted in no injuries, Cruise CEO Kyle Vogt said the company chose to conduct a voluntary recall, and the software update assured such a rare incident "would not recur...." As for the March bus collision, Vogt said the software fix was uploaded to Cruise's entire fleet of 300 cars within two days. He said the company's probe found the crash scenario "exceptionally rare" with no other similar collisions.

"Although we determined that the issue was rare, we felt the performance of this version of software in this situation was not good enough," Vogt wrote in a blog post. "We took the proactive step of notifying NHTSA that we would be filing a voluntary recall of previous versions of our software that were impacted by the issue." The CEO said such voluntary recalls will probably become "commonplace."

"We believe this is one of the great benefits of autonomous vehicles compared to human drivers; our entire fleet of AVs is able to rapidly improve, and we are able to carefully monitor that progress over time," he said.
The Cruise car was traveling about 10 miles per hour, and the collision caused only minor damage to its front fender, Vogt's blog post explained. San Francisco's buses have front and back coaches connected by articulated rubber, and when the Cruise taxi lost sight of the front half, it made the assumption that it was still moving (rather than recognizing that the back coach had stopped). Or, as Cruise told the National Highway Traffic Safety Administration, their vehicle ""inaccurately predicted the movement" of the bus. It was not the first San Francisco incident involving Cruise since June, when it became the first company in a major city to win the right to taxi passengers in driverless vehicles — in this case Chevrolet Bolts. The city's Municipal Transportation Agency and County Transportation Authority recorded at least 92 incidents from May to December 2022 in which autonomous ride-hailing vehicles caused problems on city streets, disrupting traffic, Muni transit and emergency responders, according to letters sent to the California Public Utilities Commission....

Just two days before the Cruise crash in March, the company had more problems with Muni during one of San Francisco's intense spring storms. A falling tree brought down a Muni line near Clay and Jones streets on March 21, and a witness reported on social media that two Cruise cars drove through caution tape into the downed wire. A company representative said neither car had passengers and teams were immediately dispatched to remove the vehicles.

On Jan. 22, a driverless Cruise car entered an active firefighting scene and nearly ran over hoses. Fire crews broke a car window to try to stop it.

InfoWorld reports: Zig, a general purpose programming language that interacts with C/C++ programs and promises to be a modern alternative to C, has made an appearance in the Tiobe index of programming language popularity. Zig entered the top 50 in the April edition of the Tiobe Programming Community Index, ranking 46th, albeit with a rating of just 0.19%. By contrast, the Google-promoted Carbon language, positioned as an experimental successor to C++, ranked just 168th.
Tiobe CEO Paul Jansen argues that high-performance languages "are booming due to the vast amounts of data that needs to be processed nowadays. As a result, C and C++ are doing well in the top 10 and Rust seems to be a keeper in the top 20." Zig has all the nice features of C and C++ (such as explicit memory management enhanced with option types) and has abandoned the not-so-nice features (such as the dreadful preprocessing). Entering the top 50 is no guarantee to become a success, but it is at least a first noteworthy step. Good luck Zig!
Tiobe bases its monthly ranking of programming language popularity on search engine results for courses, third party vendors, and engineers. Here's what they's calculated for the most popular programming languages in April of 2023:

• Python
• C
• Java
• C++
• C#
• Visual Basic
• JavaScript
• SQL
• PHP
• Go

April's top 10 was nearly identical to the rankings a year ago, but assembly language fell from 2022's #8 position to #12 in 2023. SQL and PHP rose one rank (into 2023's #8 and #9 positions) — and as in March, the rankings now shows Go as the 10th most popular programming language.

eFile.com, an IRS-authorized e-file software service provider used by many for filing their tax returns, has been caught serving JavaScript malware. BleepingComputer reports: eFile.com was caught serving malware, as spotted by multiple users and researchers. The malicious JavaScript file in question is called 'popper.js'. The development comes at a crucial time when U.S. taxpayers are wrapping up their IRS tax returns before the April 18th due date. BleepingComputer can confirm, the malicious JavaScript file 'popper.js' was being loaded by almost every page of eFile.com, at least up until April 1st. As of today, the file is no longer seen serving the malicious code.

On March 17th, a Reddit thread surfaced where multiple eFile.com users suspected the website was "hijacked." At the time, the website showed an SSL error message that, some suspected, was fake and indicative of a hack. Turns out that's indeed the case. [...] The malicious JavaScript file 'update.js', further attempts to prompt users to download next stage payload, depending on whether they are using Chrome [update.exe - VirusTotal] or Firefox [installer.exe - VirusTotal]. Antivirus products have already started flagging these executables as trojans.

BleepingComputer has independently confirmed these binaries establish a connection to a Tokyo-based IP address, 47.245.6.91, that appears to be hosted with Alibaba. The same IP also hosts the illicit domain, infoamanewonliag[.]online associated with this incident. Security research group, MalwareHunterTeam further analyzed these binaries, and stated that these contain Windows botnets written in PHP -- a fact that the research group mocked. Additionally, the group called out eFile.com for leaving the malicious code on its website for weeks: "So, the website of [efile.com]... got compromised at least around middle of March & still not cleaned," writes MalwareHunterTeam.

Remember that entrepreneur planning an ostentatious NFT-based restaurant/members-only club in San Francisco? Seven months later it's still "an empty husk of a building, hindered by construction delays and unfulfilled crypto dreams," reports SFGate: Last August, Joshua Sigel held a "groundbreaking" event at what he said would be the future home of Sho Restaurant, located atop Salesforce Park in San Francisco. He told the gathered media that construction of the proposed Japanese fine dining restaurant would begin in less than two months, once some permitting issues were resolved, with a targeted opening date of September or October of 2023.

Sigel maintained that he'd soon be offering 3,275 Sho Club NFT (non-fungible token) memberships — first via a private sale, then a larger public sale in late September — which would serve as the backbone of Sho Restaurant's clientele. (Sigel is the CEO of Sho Group, which encapsulates Sho Restaurant and Sho Club.) There were to be 2,878 "Earth" NFT memberships, priced at $7,500 each; 377 "Water" NFT memberships, priced at $15,000 each; and 20 "Fire" NFT memberships; priced at $300,000 each. The NFTs are basically membership cards for the restaurant, spruced up with Web3 jargon.... Each membership tier comes with increasingly luxurious benefits, though restaurant reservations would also be available for nonmembers.

Seven months later, things don't seem to be going very well for Sho Club or for Sho Restaurant. I recently walked over to Salesforce Park and peered inside the shell of the building that's supposed to become a restaurant; I saw an empty space that looks almost exactly the same as it did in August. The mock-up design photos that journalists looked at during the "groundbreaking" in August remain strewn about on the floor. Permits for Sho Restaurant haven't been issued, the result of Sho Restaurant designers not yet responding to a number of San Francisco Department of Building Inspection notes, among a host of permitting steps that haven't been completed. Sho Club social media accounts have been radio silent since late September....

Sho Club appears to have sold around 100 NFT memberships, rather than 3,275, as Sigel originally projected. I repeatedly reached out to Sigel, to Sho Club, and its public relations representatives. No one replied to my questions.

"Connecticut police have charged two people with cutting more than 2,000 fiber optic cables" on March 24, reports the Associated Press — leaving more than 15,000 people without internet access. Norwalk police said they arrested Asheville, North Carolina, residents Jillian Persons and Austin Geddings on Saturday during a surveillance operation. Both were charged with larceny and criminal mischief crimes, as well as interfering with police. Persons also was accused of giving a false statement to police. Both were detained on $200,000 bail....The outages caused by the cable cutting have since been restored, according to Optimum's website.
The Stamford Advocate investigated how many people were affected: Norwalk Deputy Police Chief Terry Blake said Sunday more than 40,000 customers in the area were left without internet service as a result of the vandalism. However, an Optimum spokesperson claimed at the time the outages only affected roughly 16,000 customers and the inflated numbers were inaccurate because of an issue with the company's online outage map.

Today a warning was published from the editorial board of the San Francisco Chronicle. "Experts say post-pandemic woes stemming from office workers staying home instead of commuting into the city could send San Francisco into a 'doom loop' that would gut its tax base, decimate fare-reliant regional transit systems like BART and trap it in an economic death spiral...." Despite our housing crisis, it was years into the COVID pandemic before our leaders meaningfully questioned the logic of reserving some of the most prized real estate on Earth for fickle suburbanites and their cars. Downtown, after all, was San Francisco's golden goose. Companies in downtown offices accounted for 70% of San Francisco's pre-pandemic jobs and generated nearly 80% of its economic output, according to city economist Ted Egan. And so we wasted generous federal COVID emergency funds trying to bludgeon, cajole and pray for office workers to return downtown instead of planning for change. We're now staring down the consequences for that lack of vision.

The San Francisco metropolitan area's economic recovery from the pandemic ranked 24th out of the 25 largest regions in the U.S., besting only Baltimore, according to a report from the Bay Area Council Economic Institute. In the first quarter of 2023, San Francisco's office vacancy rate shot up to a record-high 29.4% — the biggest three-year increase of any U.S. city. The trend isn't likely to end anytime soon: In January, nearly 30% of San Francisco job openings were for hybrid or fully remote work, the highest share of the nation's 50 largest cities. Amid lower property, business and real estate transfer taxes, the city is projecting a $728 million deficit over the next two fiscal years. Transit ridership remains far below pre-pandemic levels. In January, downtown San Francisco BART stations had just 30% of the rider exits they did in 2019, according to a report from Egan's office. Many Bay Area transit agencies, including Muni, are rapidly approaching a fiscal cliff.

San Francisco isn't dead; as of March, it was home to an estimated 173 of the country's 655 companies valued at more than $1 billion. Tourism is beginning to rebound. And new census data shows that San Francisco's population loss is slowing, a sign its pandemic exodus may be coming to an end. But the city can't afford to wait idly for things to reach equilibrium again. It needs to evolve — quickly. Especially downtown. That means rebuilding the neighborhood's fabric, which won't be cheap or easy. Office-to-housing conversions are notoriously tricky and expensive. Demolishing non-historic commercial buildings that no longer serve a purpose in the post-pandemic world is all but banned. And, unlike New York after 9/11, San Francisco is a city that can't seem to stop getting in its own way.
So what's the solution? The CEO of the Bay Area Council suggests public-private partnerships that "could help shift downtown San Francisco's focus from tech — with employees now accustomed to working from home — to research and development, biotech, medical research and manufacturing, which all require in-person workers."

And last week San Francisco's mayor proposed more than 100 changes to streamline the permitting process for small businesses, and on Monday helped introduce legislation making it easier to convert office buildings to housing, expand pop-up business opportunities, and fill some empty storefronts. This follows a February executive order to speed housing construction. The editorial points out that "About 40% of office buildings in downtown San Francisco evaluated in a study would be good candidates for housing due to their physical characteristics and location and could be converted into approximately 11,200 units, according to research from SPUR and the Urban Land Institute San Francisco."

But without some action, the editorial's headline argues that "Downtown San Francisco is at risk of collapsing — and taking much of the Bay Area with it."

Clancy William James writes via The Conversation: We have just published evidence in Nature Astronomy for what might be producing mysterious bursts of radio waves coming from distant galaxies, known as fast radio bursts or FRBs. Two colliding neutron stars -- each the super-dense core of an exploded star -- produced a burst of gravitational waves when they merged into a "supramassive" neutron star. We found that two and a half hours later they produced an FRB when the neutron star collapsed into a black hole. Or so we think. The key piece of evidence that would confirm or refute our theory -- an optical or gamma-ray flash coming from the direction of the fast radio burst -- vanished almost four years ago. In a few months, we might get another chance to find out if we are correct. [...]

The Laser Interferometer Gravitational-Wave Observatory (LIGO) has found two binary neutron star mergers. Crucially, the second, known as GW190425, occurred when a new FRB-hunting telescope called CHIME was also operational. However, being new, it took CHIME two years to release its first batch of data. When it did so, [Alexandra Moroianu, a masters student at the University of Western Australia and lead author of the study] quickly identified a fast radio burst called FRB 20190425A which occurred only two and a half hours after GW190425. Exciting as this was, there was a problem -- only one of LIGO's two detectors was working at the time, making it very uncertain where exactly GW190425 had come from. In fact, there was a 5% chance this could just be a coincidence. Worse, the Fermi satellite, which could have detected gamma rays from the merger -- the "smoking gun" confirming the origin of GW190425 -- was blocked by Earth at the time. [...]

LIGO and two other gravitational wave detectors, Virgo and KAGRA, will turn back on in May this year, and be more sensitive than ever, while CHIME and other radio telescopes are ready to immediately detect any FRBs from neutron star mergers. In a few months, we may find out if we've made a key breakthrough -- or if it was just a flash in the pan.

Huawei has reportedly completed work on electronic design automation (EDA) tools for laying out and making chips down to 14nm process nodes. The Register reports: Chinese media said the platform is one of 78 being developed by the telecoms equipment giant to replace American and European chip design toolkits that have become subject to export controls by the US and others. Huawei's EDA platform was reportedly revealed by rotating Chairman Xu Zhijun during a meeting in February, and later confirmed by media in China. [...] Huawei's focus on EDA software for 14nm and larger chips reflects the current state of China's semiconductor industry. State-backed foundry operator SMIC currently possesses the ability to produce 14nm chips at scale, although there have been some reports the company has had success developing a 7nm process node.

Today, the EDA market is largely controlled by three companies: California-based Synopsys and Cadence, as well as Germany's Siemens. According to the industry watchers at TrendForce, these three companies account for roughly 75 percent of the EDA market. And this poses a problem for Chinese chipmakers and foundries, which have steadily found themselves cut off from these tools. Synopsys and Cadence's EDA tech is already subject to several of these export controls, which were stiffened by the US Commerce Department last summer to include state-of-the-art gate-all-around (GAA) transistors. This January, the White House also reportedly stopped issuing export licenses to companies supplying the likes of Huawei.

This is particularly troublesome for Huawei, foundry operator SMIC, and memory vendor YMTC to name a few on the US Entity List, a roster of companies Uncle Sam would prefer you not to do business with. It leaves them unable to access recent and latest technologies, at the very least. So the development of a homegrown EDA platform for 14nm chips serves as insurance in case broader access to Western production platforms is cut off entirely.