Ars Technica

Hackers trying to extort the Rhode Island government infiltrated the state's public benefits system, causing state officials to shut down online services that let residents apply for Medicaid and other assistance programs.

"As part of this investigation today, we discovered that within the Rhode Island Bridges system, a cybercriminal had installed dangerous malware that constituted an urgent threat," Governor Dan McKee said at a Friday night press conference, according to The Providence Journal. "That is why tonight we have shut down the system. That means customers will temporarily not be able to access any customer portal related to the services on Rhode Island Bridges."

The vendor "Deloitte confirmed that there is a high probability that a cybercriminal has obtained files with personally identifiable information from RIBridges," McKee's office said in a press release. Rhode Island has "proactively taken the system offline so that the State and Deloitte can work to address the threat and restore the system as quickly as possible."

Read full article

Comments

Just as Amazon warehouse workers are threatening to launch the "first large-scale" unfair labor practices strike at Amazon in US history, Sen. Bernie Sanders (I-Vt.) released a report accusing Amazon of operating "uniquely dangerous warehouses" that allegedly put profits over worker safety.

As chair of the Senate Committee on Health, Education, Labor, and Pensions, Sanders started investigating Amazon in June 2023. His goal was "to uncover why Amazon’s injury rates far exceed those of its competitors and to understand what happens to Amazon workers when they are injured on the job."

According to Sanders, Amazon "sometimes ignored" the committee's requests and ultimately only supplied 285 documents requested. The e-commerce giant was mostly only willing to hand over "training materials given to on-site first aid staff," Sanders noted, rather than "information on how it tracks workers, the quotas it imposes on workers, and the disciplinary actions it takes when workers cannot meet those quotas, internal studies on the connection between speed and injury rates, and the company’s treatment of injured workers."

Read full article

Comments

T-Mobile today said it opened registration for the "T-Mobile Starlink" beta service that will enable text messaging via satellites in dead zones not covered by cell towers.

T-Mobile's announcement said the service using Starlink's low-Earth orbit satellites will "provid[e] coverage for the 500,000 square miles of land in the United States not covered by earth-bound cell towers." Starlink parent SpaceX has so far launched over 300 satellites with direct-to-cell capabilities, T-Mobile noted.

A registration page says, "We expect the beta to begin in early 2025, starting with texting and expanding to data and voice over time. The beta is open to all T-Mobile postpaid customers for free, but capacity is limited."

Read full article

Comments

The incoming Trump administration has even more plans to delay electric vehicle adoption than previously thought. According to Reuters, which has seen transition team documents, the Trump team wants to abolish EV subsidies, claw back federal funding meant for EV charging infrastructure, block EV battery imports on national security grounds, and prevent the federal government and the US military from purchasing more EVs.

During the campaign, candidate Trump made repeated references to ending a supposed EV mandate. In fact, policies put in place by current US President Joe Biden only call for 50 percent of all new vehicles to be electrified by 2032 under EPA rules meant to cut emissions by 56 percent from 2026 levels.

Instead, the new regime will be far more friendly to gas guzzling, as it intends to roll back EPA fuel efficiency standards to those in effect in 2019. This would increase the allowable level of emissions from cars by about 25 percent relative to the current rule set. US new vehicle efficiency stalled between 2008 and 2019, and it was only once the Biden administration began in 2021 that the EPA started instituting stricter rules on allowable limits of carbon dioxide and other pollutants from vehicle tailpipes.

Read full article

Comments

Medical accounts of red wine headaches go back to Roman times, but the experience is likely as old as winemaking—something like 10,000 years. As chemists specializing in winemaking, we wanted to try to figure out the source of these headaches.

Many components of red wine have been accused of causing this misery—sulfites, biogenic amines, and tannins are the most popular. Our research suggests the most likely culprit is one you may not have considered.

Sulfites have been a popular scapegoat for all sorts of ailments since it became mandatory in the 1990s to label them on wines in the US. However, not much evidence links sulfites directly to headaches, and other foods contain comparable levels to wine without the same effects. White wines also contain the same amount of sulfites as red wines.

Read full article

Comments

If you're looking to buy a TV in 2025, you may be disappointed by the types of advancements TV brands will be prioritizing in the new year. While there's an audience of enthusiasts interested in developments in tech like OLED, QDEL, and Micro LED, plus other features like transparency and improved audio, that doesn't appear to be what the industry is focused on.

Today's TV selection has a serious dependency on advertisements and user tracking. In 2025, we expect competition in the TV industry to center around TV operating systems (OSes) and TVs' ability to deliver more relevant advertisements to viewers.

That yields a complicated question for shoppers: Are you willing to share your data with retail conglomerates and ad giants to save money on a TV?

Read full article

Comments

A person in Louisiana is hospitalized with H5N1 bird flu after having contact with sick and dying birds suspected of carrying the virus, state health officials announced Friday.

It is the first human H5N1 case detected in Louisiana. For now, the case is considered a "presumptive" positive until testing is confirmed by the Centers for Disease Control and Prevention. Health officials say that the risk to the public is low but caution people to stay away from any sick or dead birds. A spokesperson for Louisiana's health department told Ars that the hospitalized patient had contact with both backyard and wild birds.

Although the person has been hospitalized, their condition was not reported. The spokesperson said the department would not comment on the patient's condition due to patient confidentiality and an ongoing public health investigation.

Read full article

Comments

A sophisticated and ongoing supply-chain attack operating for the past year has been stealing sensitive login credentials from both malicious and benevolent security personnel by infecting them with Trojanized versions of open source software from GitHub and NPM, researchers said.

The campaign, first reported three weeks ago by security firm Checkmarx and again on Friday by Datadog Security Labs, uses multiple avenues to infect the devices of researchers in security and other technical fields. One is through packages that have been available on open source repositories for over a year. They install a professionally developed backdoor that takes pains to conceal its presence. The unknown threat actors behind the campaign have also employed spear phishing that targets thousands of researchers who publish papers on the arXiv platform.

The objectives of the threat actors are also multifaceted. One is the collection of SSH private keys, Amazon Web Services access keys, command histories, and other sensitive information from infected devices every 12 hours. When this post went live, dozens of machines remained infected, and an online account on Dropbox contained some 390,000 credentials for WordPress websites taken by the attackers, most likely by stealing them from fellow malicious threat actors. The malware used in the campaign also installs cryptomining software that was present on at least 68 machines as of last month.

Read full article

Comments

Werner Herzog has made more than 60 films over his illustrious career. His documentaries alone span an impressive topical range, from the life and death of bear enthusiast Timothy Treadwell (Grizzly Man) to people who choose to live and work in Antarctica (the Oscar-nominated Encounters at the End of the World) or a haunting exploration of the oldest human paintings in France's Chauvet Cave (Cave of Forgotten Dreams). His latest offering, Theater of Thought, tackles what might be his most ambitious subject yet: the mysterious inner workings of the brain.

Theater of Thought premiered in 2022 at the Telluride Film Festival in Colorado and is now getting a theatrical release. Herzog's inspiration grew out of his conversations with Rafael Yuste, a Columbia University neurobiologist who also served as scientific advisor on the film. "How can we read thoughts?" he writes in his director's statement. "Can you implant a chip in your brain and in my brain, and see my new film without a camera? Why is it that some young people immerse themselves in video games and become addicted to completely artificial worlds? Sometimes mice even prefer invented cartoon worlds, so who is the ghost writer of our mind, of our reality?"

The topic might be scientific in nature, but Theater of Thought is not really a science documentary, despite Herzog's use of the classic talking head format. It's more of a personal, almost quixotic quest, with plenty of random branching digressions along the way. "It was like a road movie, one Monument Valley and one Grand Canyon, then one Mount Everest after the other," Herzog told Ars. "You just couldn't stop wondering and enjoying." For the viewer, it's as much a journey through the eccentric workings of Herzog's endlessly curious, nimble mind.

Read full article

Comments

Elon Musk has at least one more battle to wage against Securities and Exchange Commission Chair Gary Gensler, who will be leaving the agency when President-elect Trump takes over in January.

Musk yesterday posted a copy of a letter sent to Gensler by Musk's attorney, Alex Spiro. The letter dated December 12 says the SEC issued a settlement demand in its investigation into whether Musk violated federal securities laws in connection with 2022 purchases of Twitter stock, and that the SEC is investigating Neuralink. The Spiro letter said:

Yesterday the Commission Staff issued a settlement demand that required Mr. Musk agree within 48 hours to either accept a monetary payment or face charges on numerous counts. They indicated that this demand was the result of a directive from their superiors and that charges would be brought imminently unless Mr. Musk acquiesced. This demand follows a multi-year investigation and more than six years of harassment of Mr. Musk by the Commission and its Staff. More recently, the Staff subpoenaed me, Mr. Musk's attorney, for testimony and threatened to send a process server if I did not immediately cooperate. I categorically refused. This week, the Commission has also reopened an investigation into Neuralink.

Spiro accused the SEC of "an improperly motivated campaign" against Musk, his companies, and people associated with him. "We demand to know who directed these actions—whether it was you or the White House," Spiro wrote. "These tactics and misguided scheme will not intimidate us. We reserve all rights."

Read full article

Comments

A bitcoin investor who went to increasingly great lengths to hide $1 million in cryptocurrency gains on his tax returns was sentenced to two years in prison on Thursday.

It seems that not even his most "sophisticated" tactics—including using mixers, managing multiple wallets, and setting up in-person meetings to swap bitcoins for cash—kept the feds from tracing crypto trades that he believed were untraceable.

The Austin, Texas, man, Frank Richard Ahlgren III, started buying up bitcoins in 2011. In 2015, he upped his trading, purchasing approximately 1,366 using Coinbase accounts. He waited until 2017 before cashing in, earning $3.7 million after selling about 640 at a price more than 10 times his initial costs. Celebrating his gains, he bought a house in Utah in 2017, mostly funded by bitcoins he purchased in 2015.

Read full article

Comments

Formula 1’s recent popularity still feels a little strange to longtime fans of the sport, particularly in the US, where it had been so niche for so long. But the past five years have seen F1 rise meteorically, and a new, much younger fanbase infused with enthusiasm for the cutting-edge race cars and the athletes who pilot them has emerged. F1 Arcade capitalizes on that popularity, combining food and drinks—including Lewis Hamilton's agave tipple—with dozens and dozens of race simulators that let you race against friends or compete in teams against others.

With Washington, DC, chosen for F1 Arcade's second US location, I obviously had to go check it out.

My first visit to the arcade in DC's Union Market district was several weeks ago at the launch party, an affair that was packed with influencers and loud music. But I returned earlier this week, having booked a 45-minute, five-race session playing head-to-head against a friend. Prices vary depending on the number of races and whether you're that at peak time, starting at $22/player for three races off-peak and going up to $42/player for five races at peak time. There's no charge for people who are just spectating (or eating and drinking), not racing.

Read full article

Comments

ORLANDO, Florida—Earlier this year, officials at US Space Command released a list of priorities and needs, and among the routine recitation of things like cyber defense, communications, and surveillance was a relatively new term: "integrated space fires."

This is a new phrase in the esoteric terminology the military uses to describe its activities. Essentially, "fires" are offensive or defensive actions against an adversary. The Army defines fires as "the use of weapon systems to create specific lethal and nonlethal effects on a target."

The inclusion of this term in a Space Command planning document was another signal that Pentagon leaders, long hesitant to even mention the possibility of putting offensive weapons in space for fear of stirring up a cosmic arms race, see the taboo of talking about space warfare as a thing of the past.

Read full article

Comments

On Wednesday, a video from OpenAI's newly launched Sora AI video generator went viral on social media, featuring a gymnast who sprouts extra limbs and briefly loses her head during what appears to be an Olympic-style floor routine.

As it turns out, the nonsensical synthesis errors in the video—what we like to call "jabberwockies"—hint at technical details about how AI video generators work and how they might get better in the future.

But before we dig into the details, let's take a look at the video.

Read full article

Comments

The gap of time between how long Americans live and how much of that time is spent in good health only grew wider in the last two decades, according to a new study published in JAMA Network Open.

The study, which looked at global health data between 2000 and 2019—prior to the COVID-19 pandemic—found the US stood out for its years of suffering. By 2019, Americans had a gap between their lifespan and their healthspan of 12.4 years, the largest gap of any of the 183 countries included in the study. The second largest gap was Australia's, at 12.1 years, followed by New Zealand at 11.8 years and the UK at 11.3 years.

America also stood out for having the largest burden of noncommunicable diseases in the world, as calculated by the years lived with disease or disability per 100,000 people.

Read full article

Comments

Welcome to Edition 7.23 of the Rocket Report! We're closing in on the end of the year, with a little less than three weeks remaining in 2024. Can you believe it? I hardly can. The biggest question left in launch is whether Blue Origin will make its deadline for launching New Glenn by the end of this year. It's been a long-time goal of founder Jeff Bezos, but the clock is ticking. We wish them luck!

As always, we welcome reader submissions, and if you don't want to miss an issue, please subscribe using the box below (the form will not appear on AMP-enabled versions of the site). Each report will include information on small-, medium-, and heavy-lift rockets as well as a quick look ahead at the next three launches on the calendar.

Virgin Galactic studies Italian spaceport. The US-based suborbital space tourism company said Thursday it has signed an "agreement of cooperation" with Italy's civil aviation authority to study the feasibility of Virgin Galactic conducting spaceflight operations from Grottaglie Spaceport in the Puglia region of Southern Italy. Phase one of the study, anticipated to be completed in 2025, will examine Grottaglie’s airspace compatibility with Virgin Galactic’s requirements and unique flight profile.

Read full article

Comments

Large language models have found great success so far by using their transformer architecture to effectively predict the next words (i.e., language tokens) needed to respond to queries. When it comes to complex reasoning tasks that require abstract logic, though, some researchers have found that interpreting everything through this kind of "language space" can start to cause some problems, even for modern "reasoning" models.

Now, researchers are trying to work around these problems by crafting models that can work out potential logical solutions completely in "latent space"—the hidden computational layer just before the transformer generates language. While this approach doesn't cause a sea change in an LLM's reasoning capabilities, it does show distinct improvements in accuracy for certain types of logical problems and shows some interesting directions for new research.

Modern reasoning models like ChatGPT's o1 tend to work by generating a "chain of thought." Each step of the logical process in these models is expressed as a sequence of natural language word tokens that are fed back through the model.

Read full article

Comments

Following a pair of lawsuits alleging that chatbots caused a teen boy's suicide, groomed a 9-year-old girl, and caused a vulnerable teen to self-harm, Character.AI (C.AI) has announced a separate model just for teens, ages 13 and up, that's supposed to make their experiences with bots safer.

In a blog, C.AI said it took a month to develop the teen model, with the goal of guiding the existing model "away from certain responses or interactions, reducing the likelihood of users encountering, or prompting the model to return, sensitive or suggestive content."

C.AI said "evolving the model experience" to reduce the likelihood kids are engaging in harmful chats—including bots allegedly teaching a teen with high-functioning autism to self-harm and delivering inappropriate adult content to all kids whose families are suing—it had to tweak both model inputs and outputs.

Read full article

Comments

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of malicious code, security researchers said.

The vulnerability, tracked as CVE-2024-11972, is found in Hunk Companion, a plugin that runs on 10,000 sites that use the WordPress content management system. The vulnerability, which carries a severity rating of 9.8 out of a possible 10, was patched earlier this week. At the time this post went live on Ars, figures provided on the Hunk Companion page indicated that less than 12 percent of users had installed the patch, meaning nearly 9,000 sites could be next to be targeted.

“This vulnerability represents a significant and multifaceted threat, targeting sites that use both a ThemeHunk theme and the Hunk Companion plugin,” Daniel Rodriguez, a researcher with WordPress security firm WP Scan, wrote. “With over 10,000 active installations, this exposed thousands of websites to anonymous, unauthenticated attacks capable of severely compromising their integrity.”

Read full article

Comments

AT&T and Verizon reportedly are not notifying most customers whose call records were stolen in the ongoing attack attributed to Chinese hacking group Salt Typhoon. NBC News reported today that "the vast majority of people whose call records have been stolen by Chinese hackers have not been notified, according to industry sources, and there is no indication that most affected people will be notified in the near future."

US government officials said last week that major telecom companies have been unable to fully evict the Chinese state-sponsored hackers from their networks. There have been direct notifications to specific targets, such as government officials, whose calls were listened to and whose text messages were accessed. "President-elect Donald Trump, Vice President-elect JD Vance, senior congressional staffers and an array of US security officials were among scores of individuals to have their calls and texts directly targeted," The Wall Street Journal wrote.

For most other victims, the data accessed apparently didn't include the contents of communications. It instead consisted of metadata like the numbers that phones called and when. These people are not receiving notifications from carriers, NBC News wrote today:

Read full article

Comments