The United States Space Force has activated its first and only unit dedicated to targeting other nations' satellites and the ground stations that support them. Space.com reports: The 75th Intelligence, Surveillance and Reconnaissance Squadron (ISRS) was activated on Aug. 11 at Peterson Space Force Base in Colorado. This unit is part of Space Delta 7, an element of the U.S. Space Force tasked with providing intelligence on adversary space capabilities. It'll do things like analyze the capabilities of potential targets, locate and track these targets as well as participate in "target engagement," which presumably refers to destroying or disrupting adversary satellites, the ground stations that support them and transmissions sent between the two.

Master Sgt. Desiree Cabrera, 75th ISRS operations superintendent, said the new unit will revolutionize the targeting capabilities of not just the Space Force, but also the entire U.S. military: "Not only are we standing up the sole targeting squadron in the U.S. Space Force, we are changing the way targeting is done across the joint community when it comes to space and electromagnetic warfare." The 75th ISRS will also analyze adversary space capabilities including "counterspace force threats," according to the Space Force's statement. Counterspace forces refer to adversary systems aimed at preventing the U.S. from using its own satellites during a conflict.

Bambu's X1C and P1P 3D printers started printing unattended, overnight, and without any additional user input, according to user reports from r/BambuLab and X. The Verge reports: Some woke up to failed prints. Some found a second copy of a previous print. And at least a few found their Bambu X1C or P1P had started smacking itself apart -- damaging components -- while trying to print a second copy atop the object they'd actually asked for. What happened? In an official blog post, Bambu says it's still investigating but suspects that a cloud outage is to blame. The company says its servers had two brief outages on Tuesday morning where the servers couldn't confirm that the printers had actually printed -- but instead of failing gracefully, they wound up sending the same print job again and again until it went through, Bambu's staff believes. "Simply explained, the print job sent to the printer before was trapped on the cloud and had a delayed start," writes Bambu.

When contacted by The Verge, Bambu would not go quite so far as to promise free repairs and replacements for all affected customers but says anyone who's suffered any damage should reach out to Bambu support ASAP. "For damage caused by this incident, we will offer the necessary solutions to our customers impacted by the Cloud Outage, in the form of part replacements or a printer replacement if the situation demands it," spokesperson Taylor Liu tells me.

An anonymous reader quotes a report from Ars Technica: A few months ago, an engineer in a data center in Norway encountered some perplexing errors that caused a Windows server to suddenly reset its system clock to 55 days in the future. The engineer relied on the server to maintain a routing table that tracked cell phone numbers in real time as they were being moved from one carrier to the other. A jump of eight weeks had dire consequences because it caused numbers that had yet to be transferred to be listed as having already been moved and numbers that had already been transferred to be reported as pending. "With these updated routing tables, a lot of people were unable to make calls, as we didn't have a correct state!" the engineer, who asked to be identified only by his first name, Simen, wrote in an email. "We would route incoming and outgoing calls to the wrong operators! This meant, e.g., children could not reach their parents and vice versa."

Simen had experienced a similar error last August when a machine running Windows Server 2019 reset its clock to January 2023 and then changed it back a short time later. Troubleshooting the cause of that mysterious reset was hampered because the engineers didn't discover it until after event logs had been purged. The newer jump of 55 days, on a machine running Windows Server 2016, prompted him to once again search for a cause, and this time, he found it. The culprit was a little-known feature in Windows known as Secure Time Seeding. Microsoft introduced the time-keeping feature in 2016 as a way to ensure that system clocks were accurate. Windows systems with clocks set to the wrong time can cause disastrous errors when they can't properly parse time stamps in digital certificates or they execute jobs too early, too late, or out of the prescribed order. Secure Time Seeding, Microsoft said, was a hedge against failures in the battery-powered on-board devices designed to keep accurate time even when the machine is powered down.

"You may ask -- why doesn't the device ask the nearest time server for the current time over the network?" Microsoft engineers wrote. "Since the device is not in a state to communicate securely over the network, it cannot obtain time securely over the network as well, unless you choose to ignore network security or at least punch some holes into it by making exceptions." To avoid making security exceptions, Secure Time Seeding sets the time based on data inside an SSL handshake the machine makes with remote servers. These handshakes occur whenever two devices connect using the Secure Sockets Layer protocol, the mechanism that provides encrypted HTTPS sessions (it is also known as Transport Layer Security). Because Secure Time Seeding (abbreviated as STS for the rest of this article) used SSL certificates Windows already stored locally, it could ensure that the machine was securely connected to the remote server. The mechanism, Microsoft engineers wrote, "helped us to break the cyclical dependency between client system time and security keys, including SSL certificates."

New York City is banning TikTok from city-owned devices and requiring agencies to remove the app within the next 30 days. From a report: The directive issued Wednesday comes after a review by the NYC Cyber Command, which a city official said found that TikTok "posed a security threat to the city's technical networks." Starting immediately, city employees are barred from downloading or using the app and accessing TikTok's website from any city-owned devices.

"While social media is great at connecting New Yorkers with one another and the city, we have to ensure we are always using these platforms in a secure manner," a New York City Hall spokesperson said in a statement to The Verge Wednesday. "NYC Cyber Command regularly explores and advances proactive measures to keep New Yorkers' data safe." The city cited US Office of Management and Budget guidelines discouraging TikTok's use on government devices as well as federal legislation banning the app that was passed earlier this year.

Google is evaluating tools that would use AI to perform tasks that some of its researchers have said should be avoided. From a report: Earlier this year, Google, locked in an accelerating competition with rivals like Microsoft and OpenAI to develop A.I. technology, was looking for ways to put a charge into its artificial intelligence research. So in April, Google merged DeepMind, a research lab it had acquired in London, with Brain, an artificial intelligence team it started in Silicon Valley. Four months later, the combined groups are testing ambitious new tools that could turn generative A.I. -- the technology behind chatbots like OpenAI's ChatGPT and Google's own Bard -- into a personal life coach.

Google DeepMind has been working with generative A.I. to perform at least 21 different types of personal and professional tasks, including tools to give users life advice, ideas, planning instructions and tutoring tips, according to documents and other materials reviewed by The New York Times. The project was indicative of the urgency of Google's effort to propel itself to the front of the A.I. pack and signaled its increasing willingness to trust A.I. systems with sensitive tasks. The capabilities also marked a shift from Google's earlier caution on generative A.I. In a slide deck presented to executives in December, the company's A.I. safety experts had warned of the dangers of people becoming too emotionally attached to chatbots.

An anonymous reader quotes a report from ZDNet: First shown off at 2022 CES, the Masonite M-PWR comes with a built-in Ring video doorbell and Yale smart lock, plus motion-activated LED lights and a door sensor -- all powered by your home's electrical system so there are no batteries to replace. An onboard battery backup keeps the door operational for 24 hours in the event of a power loss. Both doorbell and lock components can be upgraded over time as technology advances. If you were hoping for an all-in-one app, however, you'll be disappointed. To use all the door's features, you need the Yale app, the Ring app, and the M-PWR app.

What's all this technology going to cost you? The fiberglass Masonite M-PWR starts at $4,000 -- and that's for the basic model. Several finishes/designs/glass options are available, with pricing on the higher-end versions reaching $7,000. If you consider that a decent front door, Ring doorbell, and Yale smart lock from the same retailer can be had for under $1,000, this is clearly a door for people who want the finer things. And that price doesn't include installation, something most homeowners can't do on their own as the door needs to be hard-wired. The door has been available in new construction homes since 2022, but this marks the first time you can buy it separately.

According to Adweek, the New York Times updated its Terms of Service on August 3rd to prohibit its content from being used in the development of "any software program, including, but not limited to, training a machine learning or artificial intelligence (AI) system." That includes text, photographs, images, audio/video clips, "look and feel," metadata, and compilations. The Verge reports: The updated terms now also specify that automated tools like website crawlers designed to use, access, or collect such content cannot be used without written permission from the publication. The NYT says that refusing to comply with these new restrictions could result in unspecified fines or penalties. Despite introducing the new rules to its policy, the publication doesn't appear to have made any changes to its robots.txt -- the file that informs search engine crawlers which URLs can be accessed. The move follows a recent update to Google's privacy policy that discloses the search giant reserves the right to scrape just about everything you post online to build its AI tools.

China launched what is thought to be the world's first geosynchronous orbit synthetic aperture radar satellite on Saturday. SpaceNews reports: A Long March 3B rocket lifted off from Xichang Satellite Launch Center in southwest China at 1:36 p.m. Eastern (1736 UTC) Aug. 12. The Land Exploration-4 01 (Ludi Tance-4 (01)) satellite successfully entered geosynchronous transfer orbit, the China Aerospace Science and Technology Corp., (CASC) announced within an hour of liftoff. Few details of the satellite were provided by CASC. However the group's "blue book" outlining plans for 2023 released in January noted the launch of a "high-orbit 20-meter [resolution] SAR satellite."

The L-band synthetic aperture radar (SAR) satellite will provide all-day, all-weather observation of China and surrounding areas, boosting the country's disaster prevention, reduction, and relief capabilities. The land observation satellite series and "high-orbit SAR technology" are listed in the country's Medium and Long Term Development Plan for Civilian Space Infrastructure (2015-2025). The plan includes establishing high and medium resolution optical and synthetic aperture radar constellations for a range of land, marine and atmospheric monitoring. The series is separate from the China High-resolution Earth Observation System (CHEOS), which consists of Gaofen ("high resolution") satellites. China's Gaofen-4 satellite is a GEO optical satellite. SAR at GEO, while providing much lower resolution than satellites in low Earth orbit, can provide constant coverage and imagery despite cloud cover.

It is not yet known what orbital scheme the Land Exploration-4 (01) satellite will enter. An inclined GEO orbit would produce a "figure eight" ground track over the area of intended coverage. Chinese academics from the Beijing Institute of Technology have produced a study of various schemes, while others have published research into modified signal models for GEO SAR. The (01) designation suggests China could launch other SAR satellites into geosynchronous orbits. The satellite was developed by the China Academy of Spacecraft Technology (CAST.)

Tesla is hiring staff for the company's new "first of its kind" data centers. Electrek reports: Tesla has shared a new job posting for a "Sr. Engineering Program Manager, Data Center" role first spotted by Electrek last week. In the job posting, Tesla says that it will build "1st of its kind Data Centers": "This role will lead the end-to-end design and engineering of Tesla's 1st of its kind Data Centers and will be one of the key members of the factory engineering team." Tesla didn't explain how those data centers will be "1st of their kind," which is not something you'd expect in a job posting anyway.

But interestingly, the new effort comes as Tesla has been taking over data centers from Twitter. [...] The Information reported that Tesla has taken over one of the old Twitter data centers leased from NTT Data that the social media company was using in Sacramento. The report also mentions that Tesla is in talks with Prime Data Centers to use another data center that Twitter used to have in Sacramento.

Tesla is seeing its need for data processing increasing rapidly as it tries to take advantage of its growing fleet of millions of vehicles all equipped with cameras in order to improve the neural nets powering its self-driving effort. The automaker is also handling a growing number of connectivity features that it tries to sell to vehicle owners through a $10-a-month "Premium Connectivity" subscription service. On the energy side, Tesla is also handling a lot of data to operate its virtual power plant and its services to distributed energy assets, like Autobidder and Powerhub.

An anonymous reader quotes a report from Ars Technica: The US broadband industry is united in opposition to a requirement that Internet service providers list all of their monthly fees. Five lobby groups representing cable companies, fiber and DSL providers, and mobile operators have repeatedly urged the Federal Communications Commission to eliminate the requirement before new broadband labeling rules take effect. The trade associations petitioned the FCC in January to change the rules and renewed their call last week in a filing and in a meeting with FCC officials. The requirement that ISPs list all their monthly fees "would add unnecessary complexity and burdens to the label for consumers and providers and could result in some providers having to create many labels for any given plan," the groups said in the filing on Friday.

The trade groups said the FCC should instead "require providers to include an explanatory statement that such fees may apply and that they vary by jurisdiction, similar to the Commission's treatment of government-imposed taxes," or require "the display of the maximum level of government-imposed fees that might be passed through, so that consumers would not experience bill shock with respect to such fees." The filing was submitted by NCTA-The Internet & Television Association, which represents Comcast, Charter, Cox, and other cable companies. The NCTA's ex parte filing described a meeting with FCC officials that also included wireless industry trade group CTIA and USTelecom, which represents telcos including AT&T, Verizon, Lumen (formerly CenturyLink), Frontier, and Windstream.

Comcast submitted its own filing urging the FCC to scrap the rules in June. The calls to weaken the FCC's truth-in-billing rules angered consumer advocates, as we wrote at the time. "The label hasn't even reached consumers yet, but Comcast is already trying to create loopholes. This request would allow the big ISPs to continue hiding the true cost of service and frustrating customers with poor service," Joshua Stager, policy director at media advocacy group Free Press, told Ars. Congress required the FCC to implement broadband labels with exact prices for Internet service plans in a 2021 law, but gave the FCC some leeway in how to structure the rules. The FCC adopted specific label rules in November 2022. The labels must be displayed to consumers at the point of sale and include monthly price, additional charges, speeds, data caps, additional charges for data, and other information. The FCC rules aren't in force yet because they are subject to a federal Office of Management and Budget (OMB) review under the US Paperwork Reduction Act.

The Delhi High Court has ruled that Google's Ads program falls under the purview of the country's Trademarks Act and the company must remove ads that infringe upon trademarks in a major decision that may redefine online advertising's legal landscape. From a report: The decision), delivered by a division bench of Justice Vibhu Bakhru and Justice Amit Mahajan last week, observed that Google was an "active participant" in the use of the trademarks of proprietors. Google's practice of suggesting competitors' trademarks as keywords to advertisers yielded significant profits for the search giant via keyword sales. This case was spurred by a complaint from logistics firm DRS, which pointed out that searches for its trademark "Agarwal Packers and Movers" returned competitor websites. DRS alleged that Google's ad mechanism exploited its trademark to divert users to rival sites. Upholding the initial order, the division bench directed Google to act on DRS's grievances and remove offending ads.

Google's AI-powered Search Generative Experience (SGE) is getting a major new feature: it will be able to summarize articles you're reading on the web, according to a Google blog post. From a report: SGE can already summarize search results for you so that you don't have to scroll forever to find what you're looking for, and this new feature is designed to take that further by helping you out after you've actually clicked a link. You probably won't see this feature, which Google is calling "SGE while browsing," right away. Google says it's a new feature that's starting to roll out Tuesday as "an early experiment" in its opt-in Search Labs program. (You'll get access to it if you already opted in to SGE, but if you haven't, you can opt in to the feature on its own.) It will be available first in the Google app on Android and iOS, and the company is bringing it to the Chrome browser on desktop "in the days ahead."

Saudi Arabia and the United Arab Emirates are buying up thousands of the high-performance Nvidia chips crucial for building artificial intelligence software, joining a global AI arms race that is squeezing the supply of Silicon Valley's hottest commodity. From a report: The Gulf powerhouses have publicly stated their goal of becoming leaders in AI as they pursue ambitious plans to turbocharge their economies. But the push has also raised concerns about potential misuse of the technology by the oil-rich states' autocratic leaders. According to people familiar with the moves, Saudi Arabia has bought at least 3,000 of Nvidia's H100 chips -- a $40,000 processor described by Nvidia chief Jensen Huang as "the world's first computer [chip] designed for generative AI" -- via the public research institution King Abdullah University of Science and Technology (Kaust).

Meanwhile, the UAE has also secured access to thousands of Nvidia chips and has already developed its own open-source large language model, known as Falcon, at the state-owned Technology Innovation Institute in Masdar City, Abu Dhabi. "The UAE has made a decision that it wants toâ...âown and control its own computational power and talent, have their own platforms and not be dependent on the Chinese or the Americans," said a person familiar with Abu Dhabi's thinking.

In April, Alphabet CEO Sundar Pichai took an unusual step: merging two large artificial intelligence teams -- with distinct cultures and code -- to catch up to and surpass OpenAI and other rivals. Now the test of that effort is coming, with hundreds of people scrambling to release a group of large machine-learning models -- one of the highest-stakes products the company has ever built -- this fall. The Information: The models, collectively known as Gemini, are expected to give Google the ability to build products its competitors can't, according to a person involved with Gemini's development. OpenAI's GPT-4 large-language model can understand and produce conversational text. Gemini will go beyond that, combining the text capabilities of LLMs like GPT-4 with the ability to create AI images based on a text description, similar to AI-image generators Midjourney and Stable Diffusion, this person said. Gemini's image capabilities haven't been previously reported.

Google employees have also discussed using Gemini to offer features like analyzing charts or creating graphics with text descriptions and controlling software using text or voice commands. Google is betting on Gemini to power services ranging from its Bard chatbot, which competes with OpenAI's ChatGPT, to enterprise apps like Google Docs and Slides. Google also wants to charge app developers for access to Gemini through its Google Cloud server-rental unit. Google Cloud currently sells access to more primitive Google-made AI models through a product called Vertex AI. Those new features could help Google catch up with Microsoft, which has raced ahead with new AI features for its Office 365 apps and has also been selling access to OpenAI's models to its app customers.

Despite a record-breaking start in its first weeks of launch, engagement with Meta's Threads app continues to plummet. According to Similarweb, engagement is down 79% from a high of 2.3 million active users in early July to 576,000 as of August 7th. The Guardian reports: In addition to users jumping ship, large US companies like the fast food chain Wendy's, the clothing store Anthropologie and Rare Beauty, a makeup line, have all decreased the number of posts they publish on Threads, Adweek reports. On its busiest day, the number of users of Threads was less than half that of Twitter, according to Similarweb data. Twitter averages more than 100 million active daily users.

One of the Mac's built-in malware detection tools may not be working quite as well as you think. From a report: At the Defcon hacker conference in Las Vegas, longtime Mac security researcher Patrick Wardle presented findings today about vulnerabilities in Apple's macOS Background Task Management mechanism, which could be exploited to bypass and, therefore, defeat the company's recently added monitoring tool. There's no foolproof method for catching malware on computers with perfect accuracy because, at their core, malicious programs are just software, like your web browser or chat app. It can be difficult to tell the legitimate programs from the transgressors. So operating system makers like Microsoft and Apple, as well as third-party security companies, are always working to develop new detection mechanisms and tools that can spot potentially malicious software behavior in new ways.

Apple's Background Task Management tool focuses on watching for software "persistence." Malware can be designed to be ephemeral and operate only briefly on a device or until the computer restarts. But it can also be built to establish itself more deeply and "persist" on a target even when the computer is shut down and rebooted. Lots of legitimate software needs persistence so all of your apps and data and preferences will show up as you left them every time you turn on your device. But if software establishes persistence unexpectedly or out of the blue, it could be a sign of something malicious. With this in mind, Apple added Background Task Manager in macOS Ventura, which launched in October 2022, to send notifications both directly to users and to any third-party security tools running on a system if a "persistence event" occurs. This way, if you know you just downloaded and installed a new application, you can disregard the message. But if you didn't, you can investigate the possibility that you've been compromised.

"Teams across Google are working hard to prepare the web for the migration to quantum-resistant cryptography," writes Chrome's technical program manager for security, Devon O'Brien.

"Continuing with our strategy for handling this major transition, we are updating technical standards, testing and deploying new quantum-resistant algorithms, and working with the broader ecosystem to help ensure this effort is a success." As a step down this path, Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115. This hybrid mechanism combines the output of two cryptographic algorithms to create the session key used to encrypt the bulk of the TLS connection:

X25519 — an elliptic curve algorithm widely used for key agreement in TLS today
Kyber-768 — a quantum-resistant Key Encapsulation Method, and NIST's PQC winner for general encryption

In order to identify ecosystem incompatibilities with this change, we are rolling this out to Chrome and to Google servers, over both TCP and QUIC and monitoring for possible compatibility issues. Chrome may also use this updated key agreement when connecting to third-party server operators, such as Cloudflare, as they add support. If you are a developer or administrator experiencing an issue that you believe is caused by this change, please file a bug.
The Register delves into Chrome's reasons for implementing this now: "It's believed that quantum computers that can break modern classical cryptography won't arrive for 5, 10, possibly even 50 years from now, so why is it important to start protecting traffic today?" said O'Brien. "The answer is that certain uses of cryptography are vulnerable to a type of attack called Harvest Now, Decrypt Later, in which data is collected and stored today and later decrypted once cryptanalysis improves." O'Brien says that while symmetric encryption algorithms used to defend data traveling on networks are considered safe from quantum cryptanalysis, the way the keys get negotiated is not. By adding support for a hybrid KEM, Chrome should provide a stronger defense against future quantum attacks...

Rebecca Krauthamer, co-founder and chief product officer at QuSecure, told The Register in an email that while this technology sounds futuristic, it's useful and necessary today... [T]he arrival of capable quantum computers should not be thought of as a specific, looming date, but as something that will arrive without warning. "There was no press release when the team at Bletchley Park cracked the Enigma code, either," she said.

An anonymous reader shared this report from the San Francisco Standard: As autonomous vehicles become increasingly popular in San Francisco, some riders are wondering just how far they can push the vehicles' limits — especially with no front-seat driver or chaperone to discourage them from questionable behavior... The Standard has spoken to four separate Cruise car riders who said they've had sex or hooked up in the driverless vehicles in San Francisco over recent months and have provided ride receipts. The Standard was unable to find a source who said they'd had sex in a Waymo...

The rules and regulations surrounding robotaxis are murky, largely because the industry is so new... Unfortunately for the debaucherous among us, robotaxi companies currently use pretty extensive camera surveillance inside and outside of their cars. "We record video inside of the car for added safety and support," Cruise states on its website... When asked, both Cruise and Waymo sidestepped commenting directly on what is or isn't allowed in their cars.

Long-time Slashdot reader UnCivil Liberty writes: Following in the footsteps of three MIT students who were previously gagged from presenting their findings at Defcon 2008 are two Massachusetts teens (who presented at this year's Defcon without interference).

The four teens extended other research done by the 2008 hacker team to fully reverse engineer the "CharlieCard," the RFID touchless smart card used by Boston's public transit system. The hackers can now add any amount of money to one of these cards or invisibly designate it a discounted student card, a senior card, or even an MBTA employee card that gives them unlimited free rides. "You name it, we can make it," says Campbell.

An anonymous reader quotes a report from Reuters: The Internet Archive and a group of leading book publishers told a Manhattan federal court on Friday that they have resolved aspects of their legal battle over the Archive's digital lending of their scanned books. If accepted, the consent judgment would settle questions over potential money damages in the case and the scope of a ban on the Archive's lending and would clear the way for the Archive to appeal U.S. District Judge John Koeltl's decision that it infringed the publishers' copyrights.

The proposed order would require the Archive to pay Lagardere SCA's Hachette Book Group, News Corp's HarperCollins Publishers, John Wiley & Sons and Bertelsmann SE & Co's Penguin Random House an undisclosed amount of money if it loses its appeal. The order would also permanently block the Archive from lending out copies of the publishers' books without permission, pending the result of the appeal. They asked Koeltl to resolve a dispute over whether the order will apply only to the publishers' books that are already available for electronic licensing or books commercially available in any format.

The Internet Archive said in a blog post that the fight was "far from over," and founder Brewster Kahle said in a statement that "we must have strong libraries, which is why we are appealing this decision." Maria Pallante, the CEO of the Association of American Publishers, said in a statement that the plaintiffs were "extremely pleased" with the proposed injunction, which will "extend not only to the Plaintiffs' 127 works in suit but also to thousands of other literary works in their catalogs."