A Tesla Helped Police Track Down a Hate Crime Suspect

An anonymous reader quotes a report from Gizmodo: Throughout December, someone was setting fires at the Martin Luther King Jr. Community Presbyterian Church, a “predominately Black” congregation located in Springfield, Massachusetts. An FBI affidavit claims that the last of these fires, set on Dec. 28, “essentially destroyed” the building — burning away large parts of the interior. During this period, the same person is suspected of having carried out a “series of tire-slashings” targeted at vehicles near or around the church — a majority of which were owned by Black individuals. Now, 44-year-old Maine resident Dushko Vulchev has been arrested in connection to the crimes. He was charged in a federal court in Springfield on Thursday, a release from the U.S. Justice Department shows, and is potentially facing decades behind bars.

Court documents illustrate how state, local and federal authorities used a variety of surveillance footage and data collection to piece together Vulchev’s whereabouts and place him at or near these crimes. In particular, the vandal slipped up when he allegedly slashed the tires of a Tesla located not far from the church. Authorities say one of the car’s many pre-installed security cameras caught blatant images of the culprit as he damaged the tires, then later returned to steal them along with the vehicle’s rims. “Based on my training and experience and this investigation, I am aware that the Tesla mentioned above is equipped with cameras at various points around the body,” said the FBI agent who wrote the affidavit. “I have reviewed video footage retrieved from the Tesla showing an individual that I can identify as Vulchev…The video footage from the Tesla shows Vulchev at a close distance crouching near the Tesla and using a tire iron to remove the wheels.” Using other data collected and a variety of local surveillance footage, law enforcement was able to build a case against Vulchev.

Read more of this story at Slashdot.

Source: Slashdot

Google’s Project Zero Updates Vulnerability Disclosure Rules To Add Patch Cushion

The Google Project Zero security team has updated its vulnerability disclosure guidelines to add a cushion of 30 days to some security bug disclosures, so end-users have enough time to patch software and prevent attackers from weaponizing bugs. From a report: This week’s changes are of particular importance because a large part of the cybersecurity community has adopted Project Zero’s rules as the unofficial methodology for disclosing a security bug to software vendors and then to the general public. Prior to today, Google Project Zero researchers would give software vendors 90 days to fix a security bug. When the bug was patched, or at the end of the 90 days time window, Google researchers would publish details about the bug online (on their bug tracker). Starting this week, Project Zero says it will wait 30 days before publishing any details about the bug. The reasoning behind the extra time window is to allow users of the affected products time to update their software, an operation that can usually take days or weeks in some complex corporate networks.

Read more of this story at Slashdot.

Source: Slashdot

21.5-inch iMac supply dwindles amid chip shortages, possible refresh

Apple’s low-end, 21.5-inch iMac appears to be in short supply at Apple Stores and in Apple’s online storefront in the United States. The shortage could be a hint of an imminent change to the iMac lineup just a few days before Apple hosts a product launch event on April 20.

In particular, the cheapest, 1080p iMac (the rest of the 21.5-inch models have 4K displays) is seeing ship dates slipping back several days into late April or early May, which is usually a sign of low supply. This Mac in particular is also increasingly unavailable for pickup at physical Apple Stores around the US.

Meanwhile, the more expensive 27-inch iMac is shipping within a normal window, and it is showing as available at more retail stores.

Read 7 remaining paragraphs | Comments

Source: Tech – Ars Technica

The Quality of Your Coffee May Soon Be Determined by a Robot

The days of experts gathering in a sealed-off room to sip coffee and grade beans on their color, aroma and taste may be numbered. From a report: An Israeli company has developed a handheld device that is able to scan beans to determine their quality. The machine, powered by artificial intelligence, will need a human to input the quality parameters first, but after that, it will be able to classify coffee before it’s even roasted. The company has completed a pilot program with Carcafe, the Colombian division of Volcafe, one of the world’s largest coffee traders. A shift to computers would upend the traditional way coffee has been graded by humans, known as cupping. The well-paid and trained examiners, or Q graders, at the ICE Futures U.S. exchange in New York conduct the laborious task of determining the quality and value of the coffee beans received by the bourse. Trading houses and roasters also usually have their own graders.

Cupping is an involved process, not unlike that undertaken by wine sommeliers. Q graders weigh the coffee and grind it into a cup. They sniff the dry grounds, taking notes on the fragrance. Water heated to 200 degrees Fahrenheit (93 Celsius) is poured over the grounds and the graders smell the wet coffee. After 4 minutes, the crust that forms on top of the cup is broken and grounds and foam are removed. After waiting 15 minutes for the coffee to cool, and only then is the coffee slurped up in a spoon. “It’s the human that establishes the sensorial part,” said Oswaldo Aranha Neto, a coffee industry veteran who just joined Demetria as a board member. “You need to teach the robot what to do.”

Read more of this story at Slashdot.

Source: Slashdot

Backdoored developer tool that stole credentials escaped notice for 3 months

Backdoored developer tool that stole credentials escaped notice for 3 months

Enlarge (credit: Getty Images)

A publicly available software development tool contained malicious code that stole the authentication credentials that apps need to access sensitive resources. It’s the latest revelation of a supply chain attack that has the potential to backdoor the networks of countless organizations.

The Codecov bash uploader contained the backdoor from late January to the beginning of April, developers of the tool said on Thursday. The backdoor caused developer computers to send secret authentication tokens and other sensitive data to a remote site controlled by the hackers. The uploader works with development platforms including Github Actions, CircleCI, and Bitrise Step, all of which support having such secret authentication tokens in the development environment.

A pile of AWS and other cloud credentials

The Codecov bash uploader performs what is known as code coverage for large-scale software development projects. It allows developers to send coverage reports that, among other things, determine how much of a codebase has been tested by internal test scripts. Some development projects integrate Codecov and similar third-party services into their platforms, where there is free access to sensitive credentials that can be used to steal or modify source code.

Read 19 remaining paragraphs | Comments

Source: Tech – Ars Technica

Missing California Hiker Found After Mystery Photo Reveals Location

A mystery photo and a geography enthusiast helped locate a missing California hiker who is now safely back home. From a report: Rene Compean of Palmdale was on a hike Monday near Mount Waterman, a popular ski destination in the San Gabriel Mountains in Southern California. While the 45-year-old was on his outdoor adventure, he snapped a picture. Compean texted the shot to a friend. And then, he went off the map. He was reported missing at 6 p.m. by a friend, who received one last text from Compean saying he was worried he was lost and his cell phone battery was running low. The photo was turned over to investigators at the Los Angeles County Sheriff’s Department who posted it to social media, asking if anyone recognized the spot in the photograph. Benjamin Kuo saw the message and thought he might be able to help. The report adds: As a satellite image aficionado, he was already familiar with tracking California wildfires in remote areas. “I’ve got a very weird hobby, which is I love taking a look at photos and figuring out where they’re taken,” Kuo told NBC Los Angeles. Using satellite images, maps and the scenery below Compean’s feet in the photo, Kuo was able to estimate the coordinates of where he believed the man had gone missing. Kuo sent his tip to the sheriff’s office, and a helicopter was sent to survey the area Tuesday. There, as if by magic, was Compean.

Read more of this story at Slashdot.

Source: Slashdot

Elon Musk’s SpaceX Wins Contract To Develop Spacecraft To Land Astronauts on the Moon

NASA on Friday selected SpaceX to build spacecraft that would land astronauts on the moon for the first time since the last Apollo mission, according to a source selection document obtained by The Washington Post. From the report: The contract marks another major victory for the hard-charging company that vaults it to the top tier of the nation’s aerospace companies and solidifies it as one of the space agency’s most trusted partners. In winning the $2.9 billion contract, SpaceX beat out Jeff Bezos’ Blue Origin, which had formed what it called a “national team” by partnering with aerospace giants Lockheed Martin, Northrop Grumman and Draper. SpaceX also won over Dynetics, a defense contractor based in Huntsville, Ala. NASA had originally chosen all three companies for the initial phase of the contract, and was expected to choose two of them to build the lunar lander. In other major programs, NASA has chosen multiple providers to foster competition and to ensure it has redundancy in case one can’t deliver. But in choosing SpaceX alone, it sent a message that it fully trusts the growing company to fly its astronauts for its signature human exploration program — Artemis, a campaign to return astronauts to the moon for the first time since 1972.

Read more of this story at Slashdot.

Source: Slashdot

Cuomo Signs New York Bill Requiring Low-Cost Broadband Access

Governor Andrew Cuomo signed a bill on Friday requiring all Internet service providers in New York to offer affordable high-speed access for low-income families. From a report: The providers can charge those families no more than $15 a month, Cuomo said during a briefing Friday at the Northland Workforce Training Center in Buffalo. He was joined by Eric Schmidt, former chief executive officer of Alphabet, who chairs a 15-member state commission focusing on using technology to help the state reopen better than it was before the virus. Cuomo also said an emergency fund from Schmidt Futures and the Ford Foundation will provide free Internet access to 50,000 students statewide through the 2021-22 school year.

The bill passed by the state legislature caps a basic broadband plan at $15 a month and a higher-speed one at $20. Currently, a basic high-speed plan costs on average more than $50 a month, according to a statement from Assembly member Amy Paulin. Schmidt, who praised the embattled governor for his “extraordinary” leadership during the pandemic, said universal broadband access is the first and most important priority of the commission. Members were concerned about the “hundreds of thousands of people who apparently had no Internet access at all,” Schmidt said, an impediment to learning and tele-medicine.

Read more of this story at Slashdot.

Source: Slashdot

2.5 Billion T. Rex Inhabited the Planet, Researchers Say

For the first time, scientists have estimated how many Tyrannosaurus rex, the so-called king of dinosaurs, once roamed the Earth. From a report: The number is staggering: 2.5 billion Tyrannosaurus rex lived and died during the roughly 2.4 million years the species survived on the planet, according to a new study set to be published in the journal Science on Friday. The study may help contextualize the fossil record and the rarity of finding certain fossilized prehistoric organisms, according to lead researcher Charles Marshall, director of the University of California Museum of Paleontology. “I mean, to me, it’s just amazing we could have come up with a number,” Marshall told Axios. “Some people have asked me, ‘How does your number compare to other numbers of the total that have ever lived?’ The answer is it doesn’t because there weren’t any.”

Read more of this story at Slashdot.

Source: Slashdot

Nobody is Flying To Join Google’s FLoC

Google is all alone with its proposed advertising technology — FLoC– to replace third-party cookies. Every major browser that uses the open source Chromium project has declined to use it, and it’s unclear what that will mean for the future of advertising on the web. Firefox, Safari, Microsoft Edge, Vivaldi, and Brave have said they are not implementing Google’s FLoC into their browsers.

Read more of this story at Slashdot.

Source: Slashdot