A new report finds that blockchain systems might not be working as well as many crypto enthusiasts assume. From a report: The report was commissioned by the Defense Advanced Research Projects Agency, or DARPA, and the work was done by the software security research company Trail of Bits. Trail of Bits CEO Dan Guido says blockchain -- the public ledgers that keep track of cryptocurrencies, which are replicated on computers around the world -- isn't the egalitarian tech its advocates claim. "It's been taken for granted that the blockchain is immutable and decentralized, because the community says so," says Guido. But in practice, he says, these networks have evolved in ways that concentrate power in the hands of certain people or companies, including the large pools of "miners" whose computers earn virtual currency by maintaining the blockchains.

Guido's team calls these potential situations "unintended centralities" -- situations in which someone gains leverage over the decentralized system, creating opportunities for tampering with the record of who owns what. Another example in the report of this kind of concentration is the fact that 60% of Bitcoin traffic is handled by just three internet service providers. "Let's say somebody with great top-down control of the internet in their country starts to interfere with that network," Guido says. By slowing down or stopping legitimate blockchain traffic, an attacker could become the "majority" voice in the consensus of what's written to a blockchain at that moment. "They can rewrite history. They can censor transactions. They can make it so that you can't spend your Bitcoin," says Guido. "It's definitely something people would want to do if they want to 'grief' the network."

The Israeli Ministry of Defense plans to begin testing of a Medium Robotic Combat Vehicle (M-RCV) next year. New Atlas reports: Developed by the Ministry of Defense's Directorate of Defense Research and Development (DDR&D), the Tank and APC Directorate, and Israeli security industries, the robotic tank is based on a new robotic platform type BLR-2 made by Israeli firm BL. It features a 30-mm autonomous turret originally developed by the Tank and APC Directorate for the Eitan armored personnel carrier; the Elbit Iron Fist Active Protection System, which is a smaller, mountable version of the Iron Dome anti-projectile defense system; fire control and mission management systems; a robotic autonomous operations kit; and active and passive sensors for situational awareness.

In addition, the robotic vehicle carries a capsuled drone that it can deploy and retrieve for forward reconnaissance missions. It can also carry a variety of heavy loads, as well as an Israeli Aerospace Industries missile launcher and Rafael Advanced Defense Systems Spike missiles. According to Elbit, the robot can operate in all weathers in a largely autonomous mode and can integrate with uncrewed battlefield arrays. Field tests in representative scenarios are scheduled to start in 2023. You can view the M-RCV in action here.

An anonymous reader quotes a report from Ars Technica: The Federal Aviation Administration says it finally has a plan for the industry to replace or retrofit airplane altimeters that can't filter out transmissions from outside their allotted frequencies. The altimeter problem has prevented AT&T and Verizon from fully deploying 5G on the C-Band spectrum licenses the wireless carriers purchased for a combined $69 billion. The FAA was urging airlines to retrofit or replace altimeters in recent months and now says it has finalized a plan. An FAA statement on Friday said that "airlines and other operators of aircraft equipped with the affected radio altimeters must install filters or other enhancements as soon as possible."

AT&T and Verizon said they will be able to accelerate 5G deployments near airports in the coming months, but the carriers agreed to continue some level of "voluntary mitigations" in the airport areas until July 2023. Altimeters are used by airplanes to measure altitude. The FAA said a new "phased approach requires operators of regional aircraft with radio altimeters most susceptible to interference to retrofit them with radio frequency filters by the end of 2022. This work has already begun and will continue on an expedited basis."

Additionally, "filters and replacement units for the mainline commercial fleet should be available on a schedule that would permit the work to be largely completed by July 2023," the FAA said, continuing: "The radio-altimeter manufacturers have worked at an unprecedented pace with Embraer, Boeing, Airbus and Mitsubishi Heavy Industries to develop and test filters and installation kits for these aircraft. Customers are receiving the first kits now. In most cases, the kits can be installed in a few hours at airline maintenance facilities. Throughout this process, the FAA will work with both industries to track the pace of the radio altimeter retrofits while also working with the wireless companies to relax mitigations around key airports in carefully considered phases."

An anonymous reader quotes a report from BleepingComputer: Security researchers found that Adobe Acrobat is trying to block security software from having visibility into the PDF files it opens, creating a security risk for the users. Adobe's product is checking if components from 30 security products are loaded into its processes and likely blocks them, essentially denying them from monitoring for malicious activity. [...] In a post on Citrix forums on March 28, a user complaining about Sophos AV errors due to having an Adobe product installed said that the company "suggested to disable DLL-injection for Acrobat and Reader.

Replying to BleepingComputer, Adobe confirmed that users have reported experiencing issue due to DLL components from some security products being incompatible with Adobe Acrobat's usage of the CEF library: "We are aware of reports that some DLLs from security tools are incompatible with Adobe Acrobat's usage of CEF, a Chromium based engine with a restricted sandbox design, and may cause stability issues." The company added that it is currently working with these vendors to address the problem and "to ensure proper functionality with Acrobat's CEF sandbox design going forward." Minerva Labs researchers argue that Adobe chose a solution that solves compatibility problems but introduces a real attack risk by preventing security software from protecting the system.

RISC OS, the operating system of the original Arm computer, the Acorn Archimedes, is still very much alive -- and doing relatively well for its age. The Register reports: In June 1987, Acorn launched the Archimedes A305 and A310, starting at $982 and running a new operating system called Arthur. At the time, it was a radical and very fast computer. In his review (PDF) for Personal Computer World, Dick Pountain memorably said: "It loads huge programs with a faint burping noise, in the time it takes to blink an eye." Arthur was loosely related to Acorn's earlier MOS, the BBC Micro operating system but looked very different thanks to a prototype graphical desktop, implemented in BBC BASIC, that could charitably be called "technicolor." Renamed RISC OS, version 2 followed in 1989 -- the same year that Sun started selling its new SPARCstation 1 (a snip at $9,200) and DEC launched the MIPS R2000-chipset-based DECstation 3100 (for $10,800).

RISC OS has had a rather convoluted history, partly due to Acorn spinning out Arm, eventually pulling out of the computer market, rebranding as Element 14 and being acquired by Broadcom, where Arm co-designer Sophie Wilson still works today. And partly due to drama over the ownership of the OS post-Acorn at one point. One fork of RISC OS still supports Acorn-era Arm's odd 26-bit mode, meaning that today it mostly runs on the commercial Virtual Acorn emulator. The other branch, designed for the 32-bit mode of more recent Arm chips, is now owned by RISC OS Developments, which made it fully open source back in 2018. Development and maintenance is done by the team at RISC OS Open Ltd -- ROOL for short -- which offers downloads for a variety of current Arm hardware, such as the Titanium desktops. [...]

RISC OS Developments are still working on new functionality for the OS. Notably, it recently released a new TCP/IP stack, derived from OpenBSD. Right now, the main benefit is IPv6 support. A feature more significant to most users is still in development: Wi-Fi support. Also still under development, but available to paid backers, is a new RISC OS web browser, Iris. RISC OS does come with a choice of browsers -- NetSurf and Otter -- but the plan is that the new Iris browser will be a native app, with the RISC OS look and feel, but using the WebKit engine for better compatibility with the modern web. The main remaining limitation is SMP. As an OS from the 1980s, long before the 21st-century technology of mainstream multicore processors, RISC OS practically only supports a single CPU core. Various experimental efforts are under way to address this. One has got NetBSD running on another core, and another has the experimental Genode OS running alongside RISC OS. Another effort is working on adding SMP support into the RISC OS kernel itself.

China's chip industry is growing faster than anywhere else in the world, after US sanctions on local champions from Huawei to Hikvision spurred appetite for home-grown components. From a report: Nineteen of the world's 20 fastest-growing chip industry firms over the past four quarters, on average, hail from the world's No. 2 economy, according to data compiled by Bloomberg. That compared with just 8 at the same point last year. Those China-based suppliers of design software, processors and gear vital to chipmaking are expanding revenue at several times the likes of global leaders Taiwan Semiconductor Manufacturing Co. or ASML Holding NV.

That supercharged growth underscores how tensions between Washington and Beijing are transforming the global $550 billion semiconductor industry -- a sector that plays an outsized role in everything from defense to the advent of future technologies like AI and autonomous cars. In 2020, the US began restricting sales of American technology to companies like Semiconductor Manufacturing International Corp. and Hangzhou Hikvision Digital Technology, successfully containing their growth -- but also fueling a boom in Chinese chip-making and supply.

Wikimedia Enterprise, a first-of-its-kind commercial product designed for companies that reuse and source Wikipedia and Wikimedia projects at a high volume, today announced its first customers: multinational technology company Google and nonprofit digital library Internet Archive. Wikimedia blog: Wikimedia Enterprise was recently launched by the Wikimedia Foundation, the nonprofit that operates Wikipedia, as an opt-in product. Starting today, it also offers a free trial account to new users who can self sign-up to better assess their needs with the product. As Wikipedia and Wikimedia projects continue to grow, knowledge from Wikimedia sites is increasingly being used to power other websites and products. Wikimedia Enterprise was designed to make it easier for these entities to package and share Wikimedia content at scale in ways that best suit their needs: from an educational company looking to integrate a wide variety of verified facts into their online curricula, to an artificial intelligence startup that needs access to a vast set of accurate data in order to train their systems. Wikimedia Enterprise provides a feed of real-time content updates on Wikimedia projects, guaranteed uptime, and other system requirements that extend beyond what is freely available in publicly-available APIs and data dumps.

Organizations and companies of any size can access Wikimedia Enterprise offerings with dedicated customer-support and Service Level Agreements, at a variable price based on their volume of use. Interested companies can now sign up on the website for a free trial account which offers 10,000 on-demand requests and unlimited access to a 30-day Snapshot. Google and the Wikimedia Foundation have worked together on a number of projects and initiatives to enhance knowledge distribution to the world. Content from Wikimedia projects helps power some of Google's features, including being one of several data sources that show up in its knowledge panels. Wikimedia Enterprise will help make the content sourcing process more efficient.

Unidentified operatives have been using the fitness tracking app Strava to spy on members of the Israeli military, tracking their movements across secret bases around the country and potentially observing them as they travel the world on official business. From a report: By placing fake running "segments" inside military bases, the operation -- the affiliation of which has not been uncovered -- was able to keep tabs on individuals who were exercising on the bases, even those who have applied the strongest possible account privacy settings. In one example seen by the Guardian, a user running on a top-secret base thought to have links to the Israeli nuclear programme could be tracked across other military bases and to a foreign country.

The surveillance campaign was discovered by the Israeli open-source intelligence outfit FakeReporter. The group's executive director, Achiya Schatz, said: "We contacted the Israeli security forces as soon as we became aware of this security breach. After receiving approval from the security forces to proceed, FakeReporter contacted Strava, and they formed a senior team to address the issue." Strava's tracking tools are designed to allow anyone to define and compete over "segments," short sections of a run or bike ride that may be regularly raced over, like a long uphill climb on a popular cycling route or a single circuit of a park. Users can define a segment after uploading it from the Strava app, but can also upload GPS recordings from other products or services.

Microsoft, Epic Games, Meta, and 33 other companies and organizations have formed a standards group for "metaverse" tech. The Metaverse Standards Forum is supposed to foster open, interoperable standards for augmented and virtual reality, geospatial, and 3D tech. From a report: According to a press release, the Metaverse Standards Forum will focus on "pragmatic, action-based projects" like hackathons and prototyping tools for supporting common standards. It's also interested in developing "consistent terminology" for the space -- where many players can't even agree on what a "metaverse" is. In addition to the companies above, the group's founding members include major pre-metaverse entities like the World Wide Web Consortium (W3C), Nvidia, Qualcomm, Sony Interactive Entertainment, and Unity, in addition to newer ones like Lamina1, a blockchain payments startup co-founded by Snow Crash author Neal Stephenson.

Alphabet's Google is under investigation by Germany's antitrust watchdog amid concerns over potentially illegal terms for the use of its maps platform. From a report: The Federal Cartel Office said Tuesday it opened a formal probe after initial findings suggest that the US giant is limiting options to use alternative map providers when app developers and other businesses seek to combine their offerings with maps. The regulator is also looking at the terms for Google's Automotive Services, according to the statement. Officials are concerned Google limits the option to embed position data from Google Maps, Street View or the search function on maps of other providers, Andreas Mundt, the agency's president said. "We will check whether Google could extent its predominance in certain map services via this practice," Mundt said.

Amazon today announced a new effort in bringing quantum computing to its cloud -- at least in the long term. The company today launched the AWS Center for Quantum Computing, a new research effort that aims to push forward the science and engineering of networking quantum computers together, both for building more powerful, multi-processor networks for computation and for creating secure quantum communication networks. From a report: In recent years, Amazon and its AWS cloud computing unit made a number of major investments in quantum computing. With Amazon Braket, the company offers developers access to quantum computers from the likes of IonQ, Oxford Quantum Circuits, Rigetti and D-Wave, as well as other software tools and simulators. In addition to that, the company is also already running two more research-centric efforts: the AWS Center for Quantum Computing in Pasadena, California, which focuses on basic science like building better qubits and error correction algorithms, and the Amazon Quantum Solutions Lab, which puts an emphasis on helping enterprises prepare for the future of quantum computing. Basically, while Braket and the Quantum Solutions Lab focus on near-term practical solutions, the Center for Quantum Computing and now the Center for Quantum Networking focus on long-term research efforts.

Sony might be ready to announce a new lineup of gaming headsets, according to a report from 91Mobiles based on information provided by OnLeaks. From a report: Rather than being specifically PlayStation-branded, like Sony's Pulse headset, the three headsets will apparently be part of a new gaming hardware brand from Sony called "Inzone," which could also include a pair of gaming displays. Leaked images show the three so-called H-series headsets with a similar white color scheme to the existing Pulse headset. The H3 is wired, and has a USB-C port with a physical volume dial. There's a button marked "NC/AMB" shown in renders of the H3, which suggests it might support noise cancellation and have an ambient audio mode to allow players to hear what's going on around them.

Paige Thompson, a former Amazon employee accused of stealing the personal information of 100 million customers by breaching banking giant CapitalOne in 2019, has been found guilty by a Seattle jury on charges of wire fraud and computer hacking. From a report: Thompson, 36, was accused of using her knowledge as a software engineer working in the retail giant's cloud division, Amazon Web Services, to identify cloud storage servers that were allegedly misconfigured to gain access to the cloud stored data used by CapitalOne. That included names, dates of birth, Social Security numbers, email addresses and phone numbers, and other sensitive financial information, such as credit scores, limits and balances. Some one million Canadians were also affected by the CapitalOne breach. Thompson also accessed the cloud stored data of more than 30 other companies, according to a superseding indictment filed by the Justice Department almost two years after Thompson was first charged, which reportedly included Vodafone, Ford, Michigan State University and the Ohio Department of Transportation.

An anonymous reader quotes a report from The Register: More than half of the 24.6 billion stolen credential pairs available for sale on the dark web were exposed in the past year, the Digital Shadows Research Team has found. Data recorded from last year reflected a 64 percent increase over 2020's total (Digital Shadows publishes the data every two years), which is a significant slowdown compared to the two years preceding 2020. Between 2018 and the year the pandemic broke out, the number of credentials for sale shot up by 300 percent, the report said. Of the 24.6 billion credentials for sale, 6.7 billion of the pairs are unique, an increase of 1.7 billion over two years. This represents a 34 percent increase from 2020.

With all those credentials available for sale online, account takeover attacks have proliferated as well, the report said. Seventy-five percent of the passwords for sale online were not unique, noted Digital Shadows, which said everyone needs to be wary. Proactive account protection, consistent application of good authentication habits, and awareness of one's organizational digital footprint are necessary to protect against account takeover attacks, the study found. Individuals, the report said, should "use multi-factor authentication, password managers, and complex, unique passwords."

Aiming to produce environmentally friendly alternatives to plastic food wrap and containers, a Rutgers scientist has developed a biodegradable, plant-based coating that can be sprayed on foods, guarding against pathogenic and spoilage microorganisms and transportation damage. From a report: Their article, published in the science journal Nature Food, describes the new kind of packaging technology using the polysaccharide/biopolymer-based fibers. Like the webs cast by the Marvel comic book character Spider-Man, the stringy material can be spun from a heating device that resembles a hair dryer and "shrink-wrapped" over foods of various shapes and sizes, such as an avocado or a sirloin steak. The resulting material that encases food products is sturdy enough to protect bruising and contains antimicrobial agents to fight spoilage and pathogenic microorganisms such as E. coli and listeria.

The research paper includes a description of the technology called focused rotary jet spinning, a process by which the biopolymer is produced, and quantitative assessments showing the coating extended the shelf life of avocados by 50 percent. The coating can be rinsed off with water and degrades in soil within three days, according to the study. [...] The paper describes how the new fibers encapsulating the food are laced with naturally occurring antimicrobial ingredients -- thyme oil, citric acid and nisin. Researchers in the Demokritou research team can program such smart materials to act as sensors, activating and destroying bacterial strains to ensure food will arrive untainted. This will address growing concern over food-borne illnesses as well as lower the incidence of food spoilage [...].

Volvo Trucks said Monday that it had begun to test vehicles that use "fuel cells powered by hydrogen," with the Swedish firm claiming their range could extend to as much as 1,000 kilometers, or a little over 621 miles. CNBC reports: In a statement, Gothenburg-headquartered Volvo Trucks said refueling of the vehicles would take under 15 minutes. Customer pilots are set to begin in the next few years, with commercialization "planned for the latter part of this decade." Fuel cells for the vehicles will be provided by cellcentric, a joint venture with Daimler Truck that was established in March 2021. Alongside hydrogen fuel cell vehicles, Volvo Trucks -- which is part of the Volvo Group -- has also developed battery-electric trucks. [...] While there is excitement in some quarters about the potential of hydrogen-powered vehicles, there are hurdles when it comes to expanding the sector, a point acknowledged by Volvo Trucks on Monday. It pointed to challenges including the "large-scale supply of green hydrogen" as well as "the fact that refueling infrastructure for heavy vehicles is yet to be developed."

Described by the IEA as a "versatile energy carrier," hydrogen has a diverse range of applications and can be deployed in a wide range of industries. It can be produced in a number of ways. One method includes using electrolysis, with an electric current splitting water into oxygen and hydrogen. If the electricity used in this process comes from a renewable source such as wind or solar then some call it "green" or "renewable" hydrogen. Today, the vast majority of hydrogen generation is based on fossil fuels. Last week, Volvo Construction Equipment, which is also part of the Volvo Group, said it had commenced testing of a "fuel cell articulated hauler prototype."

Google is charging some small businesses for email and other apps after more than a decade of free use. Business owners say Google is being callous. The New York Times: When Google told some small businesses in January that they would no longer be able to use a customized email service and other workplace apps for free, it felt like a broken promise for Richard J. Dalton Jr., a longtime user who operates a scholastic test-prep company in Vancouver, British Columbia. "They're basically strong-arming us to switch to something paid after they got us hooked on this free service," said Mr. Dalton, who first set up a Google work email for his business, Your Score Booster, in 2008. Google said the longtime users of what it calls its G Suite legacy free edition, which includes email and apps like Docs and Calendar, had to start paying a monthly charge, usually around $6 for each business email address. Businesses that do not voluntarily switch to a paid service by June 27 will be automatically moved to one. If they don't pay by Aug. 1, their accounts will be suspended.

While the cost of the paid service is more of an annoyance than a hard financial hit, small-business owners affected by the change say they have been disappointed by the ham-handed way that Google has dealt with the process. They can't help but feel that a giant company with billions of dollars in profits is squeezing little guys -- some of the first businesses to use Google's apps for work -- for just a bit of money. "It struck me as needlessly petty," said Patrick Gant, the owner of Think It Creative, a marketing consultancy in Ottawa. "It's hard to feel sorry for someone who received something for free for a long time and now are being told that they need to pay for it. But there was a promise that was made. That's what compelled me to make the decision to go with Google versus other alternatives."

Google's decision to charge organizations that have used its apps for free is another example of its search for ways to get more money out of its existing business, similar to how it has sometimes put four ads atop search results instead of three and has jammed more commercials into YouTube videos. In recent years, Google has more aggressively pushed into selling software subscriptions to businesses and competed more directly with Microsoft, whose Word and Excel programs rule the market. After a number of the longtime users complained about the change to a paid service, an initial May 1 deadline was delayed. Google also said people using old accounts for personal rather than business reasons could continue to do so for free. But some business owners said that as they mulled whether to pay Google or abandon its services, they struggled to get in touch with customer support.

China is fine-tuning its censorship machine, this time proposing changes in how to regulate the billions of online comments posted in the country every day. From a report: On June 17, the internet regulator Cyberspace Administration of China (CAC) published a draft update on the responsibilities of platforms and content creators in managing online comments. One line stands out: all online comments would have to be pre-reviewed before being published. Users and observers are worried that the move could be used to further tighten freedom of expression in China. The new changes affect Provisions on the Management of Internet Post Comments Services, a regulation that first came into effect in 2017. Five years later, the Cyberspace Administration wants to bring it up to date.

Fraudsters who exploit LinkedIn to lure users into cryptocurrency investment schemes pose a "significant threat" to the platform and consumers, according to Sean Ragan, the FBI's special agent in charge of the San Francisco and Sacramento, California, field offices. From a report: "It's a significant threat," Ragan said in an exclusive interview. "This type of fraudulent activity is significant, and there are many potential victims, and there are many past and current victims." The scheme works like this: A fraudster posing as a professional creates a fake profile and reaches out to a LinkedIn user. The scammer starts with small talk over LinkedIn messaging, and eventually offers to help the victim make money through a crypto investment. Victims interviewed by CNBC say since LinkedIn is a trusted platform for business networking, they tend to believe the investments are legitimate. Typically, the fraudster directs the user to a legitimate investment platform for crypto, but after gaining their trust over several months, tells them to move the investment to a site controlled by the fraudster. The funds are then drained from the account.

Artem S. Tashkinov writes: Meta's Reality Labs division has revealed new prototypes in its roadmap toward lightweight, hyper-realistic virtual reality graphics. The breakthroughs remain far from consumer-ready, but the designs -- codenamed Butterscotch, Starburst, Holocake 2, and Mirror Lake -- could add up to a slender, brightly lit headset that supports finer detail than its current Quest 2 display.

Yet to be released headsets have features which have been sorely missing previously: near-retina-quality image offering about 2.5 times the resolution of the Quest 2's (sort of) 1832 x 1920 pixels per eye, letting users read the 20/20 vision line on an eye chart, high dynamic range (HDR) lighting with 20,000 nits of brightness and eye tracking. "The goal of all this work is to help us identify which technical paths are going to allow us to make meaningful enough improvements that we can start approaching visual realism." says the Meta CEO.