The Street interviewed Chad Anderson, founder/managing partner of the "space economy" investment firm Space Capital, who calls SpaceX's progress "unprecedented," and believes their next launch could carry "operational" payloads like Starlink satellites. Anderson added that Starship reaching orbital velocity and reentering the atmosphere at those speeds (roughly 16,000 miles per hour) was "a really big deal," though it's specifically important for the reusability of the vehicle, which would further cheapen the cost of launch.

"The fact that they did all those things and they can now move into operations as an investor is hugely important and significant," Anderson said. "Having an operational Starship vehicle is really important because, at the moment, they just can't launch Starlink satellites fast enough. Starship is going to be able to launch 10 times more than Falcon 9 can, and that's really important...."

The ship is so big that, according to Anderson, Starship could conceivably serve as a space station, or a hotel, or a manufacturing facility. There is also the potential of Starship actually competing with commercial airlines, flying, for example, from New York to Shanghai in 45 minutes.
Clayton Swope, senior fellow at CSIS, also believes Starship could be used for "last-mile delivery... where you could move something in less than an hour, anywhere from a point on Earth to another point on Earth, and you're just kind of using space as that transit point."

There's also defense applications. Defense One notes the U.S. Defense Department uses SpaceX to launch most of its satellites. "With a payload capacity of 100 to 150 tons, Starship could carry a bunch of satellites simultaneously and increase the Space Force's launch rate as it builds out a network of hundreds of satellites in low-Earth orbit." Once Starship is operational, it will be able to put things into higher orbits, which is key for the Pentagon's push to operate in the cislunar environment, the area between the geosynchronous orbit and the moon. "The Chinese have already begun cislunar operations and have put vehicles on the far side of the moon, which is something the U.S. doesn't really have the ability to do right now," said Bryan Clark, a senior fellow at the Hudson Institute.

However, the advantage the U.S. will get with Starship "won't last forever," and it will take years to build satellites specifically designed to take advantage of the rocket's payload capacity, said Todd Harrison, a senior fellow at the American Enterprise Institute. "At this rate, they will have Starship operational this year. We need payloads to go on that, if we're actually going to take advantage of it during this window of opportunity when it's a capability only we have. If you want those payloads available next year, you needed to start building them five years ago," Harrison said.

Starship could be used to put very large objects into space, such as fuel barges or energy stations, at a reasonable cost. "You could use this to put up an orbital bus that you can then put on and remove payloads from, so you can have a satellite on orbit that's basically a large docking station," Clark said... "[I]t could be a way to do that kind of thing where you establish essentially an unmanned, little space station that can carry various payloads."

"Engineers have sent a 'poke' to the Voyager 1 probe," reports CNN, "and received a potentially encouraging response..."

"A new signal recently received from the spacecraft suggests that the NASA mission team may be making progress in its quest to understand what Voyager 1 is experiencing..." [T]hey hope to fix a communication issue with the aging spacecraft that has persisted for five months. Launched in 1977, Voyager 1 and its twin, Voyager 2, are venturing through uncharted cosmic territory along the outer reaches of the solar system. While Voyager 1 has continued to relay a steady radio signal to its mission control team on Earth, that signal has not carried any usable data since November, which has pointed to an issue with one of the spacecraft's three onboard computers...

On March 3, the team noticed that activity from one part of the flight data system stood out from the rest of the garbled data. While the signal wasn't in the format the Voyager team is used to when the flight data system is functioning as expected, an engineer with NASA's Deep Space Network was able to decode it... The decoded signal included a readout of the entire flight data system's memory, according to an update NASA shared.

"The (flight data system) memory includes its code, or instructions for what to do, as well as variables, or values used in the code that can change based on commands or the spacecraft's status," according to a NASA blog post. "It also contains science or engineering data for downlink. The team will compare this readout to the one that came down before the issue arose and look for discrepancies in the code and the variables to potentially find the source of the ongoing issue."
"The source of the issue appears to be with one of three onboard computers, the flight data subsystem (FDS), which is responsible for packaging the science and engineering data before it's sent to Earth," according to NASA's statement.

CNN reminds readers that Voyager 1 "is currently the farthest spacecraft from Earth at about 15 billion miles (24 billion kilometers) away." Both Voyager 1 and Voyager 2 are now in interstellar space.

Thanks to Slashdot reader Thelasko for sharing the news.

Sheraz Sadiq reports via Oregon Public Broadcasting: An area that's nearly half the size of New Jersey in southern Oregon was recently named the world's largest dark sky sanctuary by DarkSky International. The nonprofit works to combat light pollution through advocacy and conservation, including a program that has certified more than 200 places around the world to protect the night sky. The Oregon Outback International Dark Sky Sanctuary spans 2.5 million acres of mostly public land in eastern Lake County, and could eventually grow to more than four times that size to include parts of Harney and Malheur Counties. To win certification as a Dark Sky Sanctuary, the applicants had to work with numerous stakeholders to draw the site's boundaries, monitor night sky quality, inventory outdoor lights and replace more than 60 lights on public and private lands. With the inclusion of parts of Harney and Malheur Counties, the sanctuary would surpass 11 million acres, notes KLCC. More than half of the area is under the control of the U.S. Bureau of Land Management.

Last month, the only known surviving copy of 32-bit OS/2 from Microsoft was purchased for $650. "Now, two of the internet's experts in getting early PC operating systems running today have managed to fire it up, and you can see the results," reports The Register. From the report: Why such interest in this nearly third-of-a-century old, unreleased OS? Because this is the way the PC industry very nearly went. This SDK came out in June 1990, just one month after Windows 3.0. If 32-bit OS/2 had launched as planned, Windows 3 would have been the last version before it was absorbed into OS/2 and disappeared. There would never have been any 32-bit versions: no Windows NT, no Windows 95; no Explorer, no Start menu or taskbars. That, in turn, might well have killed off Apple as well. No iPod, no iPhone, no fondleslabs. Twenty-first century computers would be unimaginably different. The surprise here is that we can see a glimpse of this world that never happened. The discovery of this pre-release OS shows how very nearly ready it was in 1990. IBM didn't release its solo version until April 1992, the same month as Windows 3.1 -- but now, we can see it was nearly ready two years earlier.

That's why Michal Necasek of the OS/2 Museum called his look The Future That Never Was. He uncovered a couple of significant bugs, but more impressively, he found workarounds for both, and got both features working fine. OS/2 2 could run multiple DOS VMs at once, but in the preview, they wouldn't open -- due to use of an undocumented instruction which Intel did implement in the Pentium MMX and later processors. Secondly, the bundled network client wouldn't install -- but removing a single file got that working fine. That alone is a significant difference between Microsoft's OS/2 2.0 and IBM's version: Big Blue didn't include networking until Warp Connect 3 in 1995.

His verdict: "The 6.78 build of OS/2 2.0 feels surprisingly stable and complete. The cover letter that came with the SDK stressed that Microsoft developers had been using the OS/2 pre-release for day-to-day work." Over at Virtually Fun, Neozeed also took an actual look at Microsoft OS/2 2.0, carefully recreating that screenshot from PC Magazine in May 1990. He even managed to get some Windows 2 programs running, although this preview release did not yet have a Windows subsystem. On his Internet Archive page, he has disk images and downloadable virtual machines so that you can run this yourself under VMware or 86Box.

Connor Jones reports via The Register: Stanford University says the cybersecurity incident it dealt with last year was indeed ransomware, which it failed to spot for more than four months. Keen readers of El Reg may remember the story breaking toward the end of October 2023 after Akira posted Stanford to its shame site, with the university subsequently issuing a statement simply explaining that it was investigating an incident, avoiding the dreaded R word. Well, surprise, surprise, ransomware was involved, according to a data breach notice sent out to the 27,000 people affected by the attack.

Akira targeted the university's Department of Public Safety (DPS) and this week's filing with the Office of the Maine Attorney General indicates that Stanford became aware of the incident on September 27, more than four months after the initial breach took place. According to Monday's filing, the data breach occurred on May 12 2023 but was only discovered on September 27 of last year, raising questions about whether the attacker(s) was inside the network the entire time and why it took so long to spot the intrusion.

It's not fully clear what information was compromised, but the draft letters include placeholders for three different variables. However, the filing with Maine's AG suggests names and social security numbers are among the data types to have been stolen. All affected individuals have been offered 24 months of free credit monitoring, including access to a $1 million insurance reimbursement policy and ID theft recovery services. Akira's post dedicated to Stanford on its leak site claims it stole 430 GB worth of data, including personal information and confidential documents. It's all available to download via a torrent file and the fact it remains available for download suggests the research university didn't pay whatever ransom the attackers demanded.

An anonymous reader shares an excerpt from a Wired article: The U.S. economy is showing remarkable health, but in the tech industry, layoffs keep coming. For those out of work, finding a new position can become a full-time job. And in tech -- a sector notoriously always looking for the next hot, new thing -- some people whose days as fresh-faced coders are long gone say that having decades of experience can feel like a disadvantage. Ageism is a longtime problem in the tech industry. Database startup RelevantDB went viral in 2021 after it posted a job listing bragging, "We hire old people," which played off industry stereotypes. In 2020, the US Equal Employment Opportunity Commission found that IBMhad engaged in age discrimination, pushing out older workers to make room for younger ones. (The company has denied engaging in "systemic age discrimination.") A recent LinkedIn ad that shows an older woman unfamiliar with tech jargon saying her son sells invisible clouds triggered a backlash from people who say it unfairly portrayed older people as out of touch. In response, Jim Habig, LinkedIn's vice president of marketing, says: "This ad didn't meet our goal to create experiences where all professionals feel welcomed and valued, and we are working to replace the spot." [...]

Tech companies have laid off more than 400,000 workers over the past two years, according to Layoffs.fyi, which tracks job cuts in the industry. To older workers, the purge is both a reminder of the dotcom bust, and a new frontier. The industry's generally consistent growth in recent decades as the economy has become more tech-centric means that many more senior workers -- which in tech can sometimes be considered to mean over 35 but includes people in their late forties, fifties, or sixties -- may have less experience with job hunting. For decades, tech workers could easily hop between jobs in their networks, often poached by recruiters. And as tech companies boomed during the Covid-19 pandemic's early days, increased demand for skills gave workers leverage. Now the power has shifted to the employers as companies seek to become efficient and correct that over hiring phase, and applicants are hitting walls. Workers have to network, stay active on LinkedIn, join message boards, and stand out. With four generations now clocking in to work, things can feel crowded.

Ethereum has successfully completed a major software upgrade that should make using the blockchain network ecosystem cheaper. The update enables transactions that previously cost $1 on linked Layer 2 networks such as Arbitrum, Polygon, and Coinbase's Base to be executed for just a cent.

The Dencun upgrade, a combination of the "Deneb" and "Cancun" portions of the update, introduces a new data storage system for Ethereum. Currently, most Layer 2 blockchains store data on Ethereum, and because this data is stored permanently on every Ethereum node, storage costs often account for around 90% of Layer 2 expenses. These costs are typically passed on to applications, which in turn charge consumers. With Dencun, Layer 2s can now store data in a new type of repository called blobs, which will be cheaper as the data will only be stored for approximately 18 days.

China is using AI in the operation of its 45,000km (28,000-mile) high-speed rail network, with the technology achieving several milestones, according to engineers involved in the project. From a report: An AI system in Beijing is processing vast amounts of real-time data from across the country and can alert maintenance teams of abnormal situations within 40 minutes, with an accuracy as high as 95 per cent, they said in a peer-reviewed paper. "This helps on-site teams conduct reinspections and repairs as quickly as possible," wrote Niu Daoan, a senior engineer at the China State Railway Group's infrastructure inspection centre, in the paper published by the academic journal China Railway.

In the past year, none of China's operational high-speed railway lines received a single warning that required speed reduction due to major track irregularity issues, while the number of minor track faults decreased by 80 per cent compared to the previous year. According to the paper, the amplitude of rail movement caused by strong winds also decreased -- even on massive valley-spanning bridges -- with the application of AI technology. [...] According to the paper, after years of effort Chinese railway scientists and engineers have "solved challenges" in comprehensive risk perception, equipment evaluation, and precise trend predictions in engineering, power supply and telecommunications. The result was "scientific support for achieving proactive safety prevention and precise infrastructure maintenance for high-speed railways," the engineers said.

An anonymous reader shares a report: If you're confused about what makes a PC an "AI PC," you're not alone. But finally have something of an answer: if it packs a GPU, a processor that boasts a neural processing unit and can handle VNNI and Dp4a instructions, it qualifies -- at least according to Robert Hallock, Intel's senior director of technical marketing. As luck would have it, that combo is present in Intel's current-generation desktop processors -- 14th-gen Core, aka Core Ultra, aka "Meteor Lake." All models feature a GPU, NPU, and can handle Vector Neural Network Instructions (VNNI) that speed some -- surprise! -- neural networking tasks, and the DP4a instructions that help GPUs to process video.

Because AI PCs are therefore just PCs with current processors, Intel doesn't consider "AI PC" to be a brand that denotes conformity with a spec or a particular capability not present in other PCs. Intel used the "Centrino" brand to distinguish Wi-Fi-enabled PCs, and did likewise by giving home entertainment PCs the "Viiv" moniker. Chipzilla still uses the tactic with "vPro" -- a brand that denotes processors that include manageability and security for business users. But AI PCs are neither a brand nor a spec. "The reason we have not created a category for it like Centrino is we believe this is simply what a PC will be like in four or five years time," Hallock told The Register, adding that Intel's recipe for an AI PC doesn't include specific requirements for memory, storage, or I/O speeds. "There are cases where a very large LLM might require 32GB of RAM," he noted. "Everything else will fit comfortably in a 16GB system."

An anonymous reader shared this story from the New York Times: Into the depleted field of journalism in America, a handful of websites have appeared in recent weeks with names suggesting a focus on news close to home: D.C. Weekly, the New York News Daily, the Chicago Chronicle and a newer sister publication, the Miami Chronicle. In fact, they are not local news organizations at all. They are Russian creations, researchers and government officials say, meant to mimic actual news organizations to push Kremlin propaganda by interspersing it among an at-times odd mix of stories about crime, politics and culture.

While Russia has long sought ways to influence public discourse in the United States, the fake news organizations — at least five, so far — represent a technological leap in its efforts to find new platforms to dupe unsuspecting American readers. The sites, the researchers and officials said, could well be the foundations of an online network primed to surface disinformation ahead of the American presidential election in November...

The Miami Chronicle's website first appeared on Feb. 26. Its tagline falsely claims to have delivered "the Florida News since 1937."

Amid some true reports, the site published a story last week about a "leaked audio recording" of Victoria Nuland, the U.S. under secretary of state for political affairs, discussing a shift in American support for Russia's beleaguered opposition after the death of the Russian dissident Aleksei A. Navalny. The recording is a crude fake, according to administration officials who would speak only anonymously to discuss intelligence matters.
From the Raw Story: The network was discovered by Clemson University's Media Forensics Hub by researchers Patrick Warren and Darren Linvill, who tell the Times that its websites are designed to lend journalistic credibility to slickly produced propaganda. "The page is just there to look realistic enough to fool a casual reader into thinking they're reading a genuine, U.S.-branded article," Linvill told the Times.

"Shares of Rivian Automotive surged 13% on Thursday," reports CNBC, "as the EV maker unveiled three new vehicles and announced more than $2 billion in savings related to pausing construction on a plant in Georgia."

CNBC notes that Rivian's current vehicles "start at roughly $70,000 and can top $100,000," so the new cheaper R2 midsize SUV (starting at $45,000) could be more appealing.

"Especially if it qualifies for the $7,500 EV tax credit," adds the Verge: "Seven percent of new vehicle sales are electric," [Rivian founder and CEO RJ] Scaringe notes.... "The reality is that Tesla continues to be wildly successful, and we want to pull from that 93 percent that haven't made the jump to pure EV, because the form factor didn't fit their lifestyle."
The article adds that Rivian "will use Tesla's NACS connectors for its future vehicles starting in 2025, which will allow Rivian owners to use the company's Supercharger Network. Both the R2 and R3 will have the NACS ports built natively into the vehicle..."

"I would say with absolute and complete certainty that the entire world is going to convert to electric vehicles," Scaringe tells The Verge. "I've never been more bullish on electrification. I've never been more bullish on Rivian."

More from CNBC: The announcements come at a crucial time for Rivian as it attempts to expand its customer base amid slower-than-expected EV sales in the U.S. after automakers flooded the first-adopter market with pricey all-electric vehicles in recent years. Rivian's sales pace has slowed in recent quarters, and the company widely disappointed investors last month by missing quarterly estimates and forecasting slightly lower production this year compared to 2023 due to plant downtime. The Amazon-backed company has been burning through cash to improve current EV production and narrow losses...

It will be capable of more than 300 miles of all-electric range on a single charge and 0-60 mph time in under3 seconds, the company said.
"Its battery will be capable of charging from 10 to 80 percent in under 30 minutes," notes Car and Driver.

UPDATE: The Verge reports that less than 24 hours after launching the R2, Rivian has already received more than 68,000 reservations.

It will go into production in the first half of 2026.

An anonymous reader quotes a report from Krebs on Security: There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. "ALPHV") as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change's network says the crime gang cheated them out of their share of the ransom, and that they still have the sensitive data Change reportedly paid the group to destroy. Meanwhile, the affiliate's disclosure appears to have prompted BlackCat to cease operations entirely. [...]

The affiliate claimed BlackCat/ALPHV took the $22 million payment but never paid him his percentage of the ransom. BlackCat is known as a "ransomware-as-service" collective, meaning they rely on freelancers or affiliates to infect new networks with their ransomware. And those affiliates in turn earn commissions ranging from 60 to 90 percent of any ransom amount paid. "But after receiving the payment ALPHV team decide to suspend our account and keep lying and delaying when we contacted ALPHV admin," the affiliate "Notchy" wrote. "Sadly for Change Healthcare, their data [is] still with us." [...] On the bright side, Notchy's complaint seems to have been the final nail in the coffin for the BlackCat ransomware group, which was infiltrated by the FBI and foreign law enforcement partners in late December 2023. As part of that action, the government seized the BlackCat website and released a decryption tool to help victims recover their systems. BlackCat responded by re-forming, and increasing affiliate commissions to as much as 90 percent. The ransomware group also declared it was formally removing any restrictions or discouragement against targeting hospitals and healthcare providers. However, instead of responding that they would compensate and placate Notchy, a representative for BlackCat said today the group was shutting down and that it had already found a buyer for its ransomware source code. [...] BlackCat's website now features a seizure notice from the FBI, but several researchers noted that this image seems to have been merely cut and pasted from the notice the FBI left in its December raid of BlackCat's network.

Fabian Wosar, head of ransomware research at the security firm Emsisoft, said it appears BlackCat leaders are trying to pull an "exit scam" on affiliates by withholding many ransomware payment commissions at once and shutting down the service. "ALPHV/BlackCat did not get seized," Wosar wrote on Twitter/X today. "They are exit scamming their affiliates. It is blatantly obvious when you check the source code of their new takedown notice." Dmitry Smilyanets, a researcher for the security firm Recorded Future, said BlackCat's exit scam was especially dangerous because the affiliate still has all the stolen data, and could still demand additional payment or leak the information on his own. "The affiliates still have this data, and they're mad they didn't receive this money, Smilyanets told Wired.com. "It's a good lesson for everyone. You cannot trust criminals; their word is worth nothing."

Taiwan doesn't have parking meters, writes long-time Slashdot reader Badlands, "but rather roving armies of maids on electric scooters that cruise their area with their smartphone and take a pic of your license plate and timestamp it, leaving a receipt under your windshield wipers."

But now one city will try "smart parking" services — which will also help drivers find vacant parking spots, according to Taiwan News: The service will utilize 3,471 geomagnetic sensors installed along 122 stretches of roadway in Banqiao, Yonghe, Zhonghe and Xindian Districts, according to a press release. The sensors will be linked to a publicly available online database to indicate where open parking spaces are available.

The "New Taipei Street Parking Inquiry Service" will be accessible through a main website run by the Department of Transportation. The service is also linked to two smartphone applications... Payments can be made automatically by linking one's app profile to their smartphone's telecommunications provider... For drivers that use spaces without linking their phone and vehicle to the smart network, cameras located along the street where the sensors are installed will allow the city to identify and bill drivers via mail, based on their vehicle's registration information.

Microsoft is "delighted to introduce some useful new features" for its "Copilot Preview for Windows 11," according to a recent blog post.

TechRepublic adds that "most features will be enabled by default... rolling out from today until April 2024." Windows 11 users will be able to change system settings through prompts typed directly into Copilot in Windows, currently accessible in the Copilot Preview via an icon on the taskbar, or by pressing Windows + C. Microsoft Copilot will be able to perform the following actions:

- Turn on/off battery saver.
- Show device information.
- Show system information.
- Show battery information.
- Open storage page.
- Launch Live Captions.
- Launch Narrator.
- Launch Screen Magnifier.
- Open Voice Access page.
- Open Text size page.
- Open contrast themes page.
- Launch Voice input.
- Show available Wi-Fi network.
- Display IP Address.
- Show Available Storage.

The new third-party app integrations for Copilot will give Windows 11 users new ways to interact with various applications. For example, making business lunch reservations through OpenTable...

Other new AI features for Windows 11 rolling out today include a new, AI-powered Generative Erase tool, which sounds reminiscent of Google's Magic Eraser tool for Google Photos. Generative Erase allows users to remove unwanted objects or artifacts from their photos in the Photos app.

Likewise, Microsoft's video editing tool Clipchamp is receiving a Silence Removal tool, which functions much as the name implies  — it allows users to remove gaps in conversation or audio from a video clip.

Voice access is another focal point of Microsoft's latest Windows 11 update, detailed in a separate blog post by Windows Commercial Product Marketing Manager Harjit Dhaliwal. Users can now use voice controls to navigate between multiple displays, aided by number and grid overlays that provide easy switching between screens.
A Copilot icon has already started appearing in the taskbar of some Windows systems. If you Google "microsoft installs copilot preview windows," Google adds these helpful suggestions.

People also ask: Why is Copilot preview on my computer?

How do I get rid of Copilot preview on Windows 10?

"Apparently there was some sort of update..." writes one Windows users. "Anyway, there is a logo at the bottom of the screen that is distracting and I'd like to get rid of it."

Lifehacker has already published an article titled "How to Hide (or Disable) Copilot in Windows 11."

"Artificial intelligence is feeling harder and harder to avoid," it begins, "but you still have options."

"A ransomware gang once thought to have been crippled by law enforcement has snarled prescription processing for millions of Americans over the past week..." reports the Washington Post.

"The hackers stole data about patients, encrypted company files and demanded money to unlock them, prompting the company to shut down most of its network as it worked to recover." Insurance giant UnitedHealthcare Group said the hackers struck its Change Health business unit, which routes prescription claims from pharmacies to companies that determine whether patients are covered by insurance and what they should pay... Change Health and a rival, CoverMyMeds, are the two biggest players in the so-called switch business, charging pharmacies a small fee for funneling claims to insurers. "When one of them goes down, obviously it's a major problem," said Patrick Berryman, a senior vice president at the National Community Pharmacists Association...

UnitedHealth estimated that more than 90 percent of the nation's 70,000-plus pharmacies have had to alter how they process electronic claims as a result of the Change Health outage. But it said only a small number of patients have been unable to get their prescriptions at some price. At CVS, which operates one of the largest pharmacy networks in the nation, a spokesperson said there are "a small number of cases in which our pharmacies are not able to process insurance claims" as a result of the outage. It said workarounds were allowing it to fill prescriptions, however...

For pharmacies that were not able to quickly route claims to a different company, the Change Health outage left pharmacists to try to manually calculate a patient's co-pay or offer them the cash price. Compounding the impact, thousands of organizations cut off Change Health from their systems to ensure the hackers did not infect their networks as well... The attack on Change Health has left many pharmacies in a cash-flow bind, as they face bills from the companies that deliver the medication without knowing when they will be reimbursed by insurers. Some pharmacies are requiring customers to pay full price for their prescriptions when they cannot tell if they are covered by insurance. In some cases, that means people are paying more than $1,000 out of pocket, according to social media posts.

The situation has been "extremely disruptive," said Erin Fox, associate chief pharmacy officer at University of Utah Health. "At our system, our retail pharmacies were providing three-day gratis emergency supplies for patients who could not afford to pay the cash price," Fox said by email. "In some cases, like for inhalers, we had to send product out at risk, not knowing if we will ever get paid, but we need to take care of the patients." Axis Pharmacy Northwest near Seattle is "going out on a limb and dispensing product with absolutely no inkling if we'll get paid or not," said Richard Molitor, the pharmacist in charge. UPDATE: CNN reports Change Healthcare has now announced "plans for a temporary loan program to get money flowing to health care providers affected by the outage." It's a stop-gap measure meant to give some financial relief to health care providers, which analysts say are losing millions of dollars per day because of the outage. Some US officials and health care executives told CNN it may be weeks before Change Healthcare returns to normal operations.
"Once standard payment operations resume, the funds will simply need to be repaid," the company said in a statement. Change Healthcare has been under pressure from senior US officials to get their systems back online. Officials from the White House and multiple federal agencies, including the department of Health and Human Services, have been concerned by the broad financial and health impact of the hack and have been pressing for ways to get Change Healthcare back online, sources told CNN...

In a message on its website Friday afternoon, Change Healthcare also said that it was launching a new version of its online prescribing service following the cyberattack.
Thanks to Slashdot reader CaptainDork for sharing the news.

In a series of tests using fake data, a U.S. government watchdog was able to steal more than 1GB of seemingly sensitive personal data from the cloud systems of the U.S. Department of the Interior. The experiment is detailed in a new report by the Department of the Interior's Office of the Inspector General (OIG), published last week. TechCrunch reports: The goal of the report was to test the security of the Department of the Interior's cloud infrastructure, as well as its "data loss prevention solution," software that is supposed to protect the department's most sensitive data from malicious hackers. The tests were conducted between March 2022 and June 2023, the OIG wrote in the report. The Department of the Interior manages the country's federal land, national parks and a budget of billions of dollars, and hosts a significant amount of data in the cloud. According to the report, in order to test whether the Department of the Interior's cloud infrastructure was secure, the OIG used an online tool called Mockaroo to create fake personal data that "would appear valid to the Department's security tools."

The OIG team then used a virtual machine inside the Department's cloud environment to imitate "a sophisticated threat actor" inside of its network, and subsequently used "well-known and widely documented techniques to exfiltrate data." "We used the virtual machine as-is and did not install any tools, software, or malware that would make it easier to exfiltrate data from the subject system," the report read. The OIG said it conducted more than 100 tests in a week, monitoring the government department's "computer logs and incident tracking systems in real time," and none of its tests were detected nor prevented by the department's cybersecurity defenses.

"Our tests succeeded because the Department failed to implement security measures capable of either preventing or detecting well-known and widely used techniques employed by malicious actors to steal sensitive data," said the OIG's report. "In the years that the system has been hosted in a cloud, the Department has never conducted regular required tests of the system's controls for protecting sensitive data from unauthorized access." That's the bad news: The weaknesses in the Department's systems and practices "put sensitive [personal information] for tens of thousands of Federal employees at risk of unauthorized access," read the report. The OIG also admitted that it may be impossible to stop "a well-resourced adversary" from breaking in, but with some improvements, it may be possible to stop that adversary from exfiltrating the sensitive data.

Starting today, Ford electric vehicle owners can use one of Tesla's 2,400+ superchargers, but there's a hitch. "They'll need to get an adapter that Ford will provide for free, although the company won't start shipping those until the end of March," notes the Associated Press. Product Reviewer MKBHD also notes that non-Teslas will need to park in a spot that blocks 2 spots where a Tesla would take up one. "If the charge station fills up the remaining spots with Teslas, the app will show 1 charger as available but the parking spot is blocked by the Mach-E," adds MKBHD. From the report: Last May, Ford became the first automaker to reach an agreement with the Austin, Texas-based Tesla to charge on its network, which is the largest and most well-placed in the U.S. Tesla has more than 26,000 plugs and nearly 2,400 Supercharger stations across the U.S. and Canada. Ford said its owners will have access to about 15,000 Tesla fast-charging plugs that are located strategically along travel corridors. Ford owners won't be able to use some older Tesla plugs.

Most other automakers followed Ford in joining Tesla's network and agreeing to switch to Tesla's plug, called the North American Charging Standard, which is smaller and easier to use than the current plugs on most other EVs sold in the two countries. Ford said adding the Tesla plugs will double the size of the network that can be used by Ford EV owners. There are nearly 166,000 Ford EVs in the U.S.

Ford is offering the adapters for free to the owners, who can sign up on the Ford.com website to reserve them between Thursday and June 30. The company will provide one free adapter per vehicle. Tesla's network was turned on Wednesday morning, and software enabling the Ford vehicles to charge at Tesla stations was to be sent out around the same time. Ford will switch to Tesla's charging connector with its second-generation EVs starting next year.

An anonymous reader quotes a report from Ars Technica: Video doorbell cameras have been commoditized to the point where they're available for $30-$40 on marketplaces like Amazon, Walmart, Temu, and Shein. The true cost of owning one might be much greater, however. Consumer Reports (CR) has released the findings of a security investigation into two budget-minded doorbell brands, Eken and Tuck, which are largely the same hardware produced by the Eken Group in China, according to CR. The cameras are further resold under at least 10 more brands. The cameras are set up through a common mobile app, Aiwit. And the cameras share something else, CR claims: "troubling security vulnerabilities."

Among the camera's vulnerabilities cited by CR:
- Sending public IP addresses and Wi-Fi SSIDs (names) over the Internet without encryption
- Takeover of the cameras by putting them into pairing mode (which you can do from a front-facing button on some models) and connecting through the Aiwit app
- Access to still images from the video feed and other information by knowing the camera's serial number.

CR also noted that Eken cameras lacked an FCC registration code. More than 4,200 were sold in January 2024, according to CR, and often held an Amazon "Overall Pick" label (as one model did when an Ars writer looked on Wednesday). CR issued vulnerability disclosures to Eken and Tuck regarding its findings. The disclosures note the amount of data that is sent over the network without authentication, including JPEG files, the local SSID, and external IP address. It notes that after a malicious user has re-paired a doorbell with a QR code generated by the Aiwit app, they have complete control over the device until a user sees an email from Eken and reclaims the doorbell. "These video doorbells from little known manufacturers have serious security and privacy vulnerabilities, and now they've found their way onto major digital marketplaces such as Amazon and Walmart," said Justin Brookman, director of tech policy at Consumer Reports, in a statement. "Both the manufacturers and platforms that sell the doorbells have a responsibility to ensure that these products are not putting consumers in harm's way."

Astronomers are investigating a star system 100 light-years away with six sub-Neptune planets in near-perfect orbital resonance, piquing the interest of scientists searching for alien technology, or technosignatures. Space.com reports: To be clear, no such evidence was found in the system, dubbed HD 110067. However, the researchers say they're not done looking yet. HD 11067 remains an interesting target for similar observations in the future. In our own tiny pocket of the cosmos, radio waves from satellites and telescopes beaming out in the plane of our solar system, meaning that if somebody outside our solar system watched Earth cross the face of our sun, they'd maybe be able to pick up a signal that coincides with the planet's transit.

HD 110067 is viewed edge on from Earth, so we are seeing the six planets in the plane of their system -- a view that gives us an excellent chance of picking up such a signal if there exists one, study co-author Steve Croft, a radio astronomer working with the life-searching Breakthrough Listen program at the University of California, Berkeley, told Space.com "Our technology in our own solar system has spread outside the habitable zone," Croft told Space.com. So technology-friendly civilization in HD 110067, if any, may have communication relays set up on multiple planets in the system, he said. "Even if it is a negative result, that still tells us something."

When HD 110067's discovery was announced, Croft and his team used the world's largest fully steerable telescope, the Green Bank Telescope (GBT) in West Virginia, and searched the system for signs of alien technology. The researchers looked for signals that were continuously present when the telescope was pointed at the system and absent when directed away, the smoking gun of technosignatures local to HD 110067. But such signals are difficult to distinguish from natural sources of radio waves and humankind's own technological signals, such as radio waves beaming from cell phones connected to Wi-Fi, SpaceX's Starlink satellite network in low Earth orbit. This creates a haystack of signals in which researchers look for a needle of a potential extraterrestrial signal, said Croft. "I should add we don't know if there are needles in the haystack," he said. "We don't really know what the needles look like." The research has been published in the journal Research Notes of the AAS.

Michael Larabel reports via Phoronix: Back in 2022 Cloudflare announced they were ditching Nginx for an in-house, Rust-written software called Pingora. Today Cloudflare is open-sourcing the Pingora framework. Cloudflare announced today that they have open-sourced Pingora under an Apache 2.0 license. Pingora is a Rust async multi-threaded framework for building programmable network services. Pingora has long been used internally within Cloudflare and is capable of sustaining a lot of traffic while now Pingora is being open-sourced for helping to build infrastructure outside of Cloudflare. The Pingora Rust code is available on GitHub.