Stories
Slash Boxes
Comments

SoylentNews is people

Log In

Log In

Create Account  |  Retrieve Password


Site News

Join our Folding@Home team:
Main F@H site
Our team page


Funding Goal
For 6-month period:
2022-01-01 to 2022-06-30
(All amounts are estimated)
Base Goal:
$3500.00

Currently:
$ 2717.94

77.7%

Covers transactions:
2022-01-01 06:02:19 ..
2022-06-22 11:02:34 UTC
(SPIDs: [1748..1826])
Last Update:
2022-06-27 11:52:53 UTC --fnord666


Support us: Subscribe Here
and buy SoylentNews Swag


We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.

Which war to fight first

  • vi vs emacs
  • tabs vs spaces
  • static vs dynamic typing
  • gui vs text
  • functional vs OOP
  • Light vs Dark theme
  • Other (please specify)

[ Results | Polls ]
Comments:128 | Votes:212

posted by hubie on Friday July 01, @07:49PM   Printer-friendly [Skip to comment(s)]
from the break-the-ICE dept.

The 27 EU countries agree to support the 2035 fossil fuel car ban and compromise on fund to shield citizens from CO2 costs:

European Union countries have reached a deal backing stricter climate rules that will eliminate carbon emissions from new cars by 2035 and a multibillion-euro fund to shield poorer citizens from carbon dioxide (CO2) costs.

The 27 EU members found a common agreement on Wednesday morning on draft legislation aimed at slashing EU greenhouse gases by at least 55 percent in 2030 compared with 1990 rather than by a previously agreed 40 percent.

[...] The decision to introduce a 100 percent CO2 emissions reduction target by 2035 for new cars and vans will effectively prohibit the sale of new cars powered by petrol or diesel in the EU nations.

After fraught negotiations, they agreed to form a 59 billion euros ($61bn) EU fund to shield low-income citizens from the policy's costs over 2027-32.

[...] Europe's leading clean transport campaign group, Transport and Environment, said the EU governments' agreement is "historic" as it "breaks the hold of the oil industry over transport".

[...] By declaring that only cars and light utility vehicles which emit no CO2 can be sold from 2035, "we are sending a clear signal that we need to meet the climate targets. This gives the car industry the planning security it needs," she said.

[...] The overall goal is to put the EU on track to become climate-neutral in 2050 and to prod other big polluters, including the United States and China, to follow suit.


Original Submission

posted by janrinok on Friday July 01, @05:03PM   Printer-friendly [Skip to comment(s)]

New single-mode semiconductor laser delivers power with scalability:

Berkeley engineers have created a new type of semiconductor laser that accomplishes an elusive goal in the field of optics: the ability to maintain a single mode of emitted light while maintaining the ability to scale up in size and power. It is an achievement that means size does not have to come at the expense of coherence, enabling lasers to be more powerful and to cover longer distances for many applications.

A research team [...] showed that a semiconductor membrane perforated with evenly spaced and same-sized holes functioned as a perfect scalable laser cavity. They demonstrated that the laser emits a consistent, single wavelength, regardless of the size of the cavity.

The study's results are particularly relevant to vertical-cavity surface-emitting lasers, or VCSELs, in which laser light is emitted vertically out of the chip. Such lasers are used in a wide range of applications, including fiber optic communications, computer mice, laser printers and biometric identification systems.

VCSELs are typically tiny, measuring a few microns wide. The current strategy used to boost their power is to cluster hundreds of individual VCSELs together. Because the lasers are independent, their phase and wavelength differ, so their power does not combine coherently.

"This can be tolerated for applications like facial recognition, but it's not acceptable when precision is critical, like in communications or for surgery," said study co-lead author Rushin Contractor, an EECS Ph.D. student.

The study found that the BerkSEL design enabled the single-mode light emission because of the physics of the light passing through the holes in the membrane, a 200-nanometer-thick layer of indium gallium arsenide phosphide, a semiconductor commonly used in fiber optics and telecommunications technology. The holes, which were etched using lithography, had to be a fixed size, shape and distance apart.

[...] The semiconductor material and the dimensions of the structure used in this study were selected to enable lasing at telecommunications wavelength. Authors noted that BerkSELs can emit different target wavelengths by adapting the design specifications, such as hole size and semiconductor material.

Journal Reference: Scalable single-mode surface emitting laser via open-Dirac singularities, Nature (2022). DOI: 10.1038/s41586-022-05021-4


Original Submission

posted by janrinok on Friday July 01, @02:21PM   Printer-friendly [Skip to comment(s)]
from the graphics-are-overrated dept.

https://www.mentalfloss.com/article/29885/eaten-grue-brief-history-zork

Zork is a text-based video game, a genre also known as "interactive fiction," whose defining feature is the absence of typical video game graphics. Instead, the game's environments and the actions you take are described for you. For example, the first line of Zork is, "You are standing in an open field west of a white house, with a boarded front door. There is a small mailbox here." Using a series of simple commands, you direct the main character to do something, like "open mailbox." To which the game will reply, "Opening the small mailbox reveals a leaflet." Naturally, you would then "take leaflet," "read leaflet", and then maybe "walk east" to get to the house. The story unfolds from there as you collect items, like a sword, a lantern, rope, and other adventuring necessities, before entering a vast, underground cave where you'll face enemies inspired by The Lord of the Rings, like elves, trolls, and the darkness-lurking grue.

The young geeks got the idea for Zork from the first text-based video game, Adventure (also called Colossal Cave Adventure or ADVENT, because the computer it ran on could only use so many letters in the command line). Adventure was created in 1976 by Will Crowther, a student at Stanford, as a simulation of Mammoth Cave in Kentucky, with a few Tolkien-esque fantasy elements thrown in by fellow Stanfordite Don Woods. The MIT guys weren't impressed with Adventure's limited two-word command structure ("kill troll"), so they wrote Zork to understand complete sentences ("kill troll with sword").

Originally, Zork and Adventure were both written for the PDP-10, a room-sized computer mainframe that was popular with universities in the late-1970s. Adventure was written in a very common programming language called FORTRAN, so copies of the game spread rapidly among mainframe users. Zork, however, was written with MDL, a more specialized language that wasn't as popular. So, for a while, the only way to play Zork was to log on to the MIT PDP-10 through ARPAnet, an early version of the internet, and run it remotely. Zork was never officially announced to the world; people just heard about it through ARPANet, making it an early viral sensation.

Read on .....


Original Submission

posted by janrinok on Friday July 01, @02:20PM   Printer-friendly [Skip to comment(s)]

We have had to activate anti-spam measures.

Only logged in users may comment. Registered accounts may still post anonymously but must first log in and then select anonymous posting. These measures will be revoked as soon as possible

** Some stories will accept AC comments without having to log in. They are marked [* AC Friendly *] This is part of an experiment to assess the practicality of mixed stories. **

[Editor's Note - This story has been moved up the display queue so that new arrivals can see what has been happening. JR 01-07-22 15:09 UTC]

posted by janrinok on Friday July 01, @11:34AM   Printer-friendly [Skip to comment(s)]
from the hopefully-tears-of-joy dept.

NASA scientists say images from the Webb telescope nearly brought them to tears:

Six months have passed since a European rocket lofted the James Webb Space Telescope into orbit. Since that time, the ultra-complex telescope has successfully unfolded its expansive sunshield, commissioned its science instruments, and reached an observation point more than 1 million km from Earth.

This white-knuckle period in space followed nearly two decades of effort to design, build, and test the telescope on Earth prior to its launch on Christmas Day, 2021. But now, all of that effort is in the rearview mirror, and Webb's massive 6.5-meter diameter mirror is gazing outward and collecting scientific data and images. It is the largest and most powerful telescope that humans have ever put into space, and it's already revealing new insights about our cosmos.

"The images are being taken right now," said Thomas Zurbuchen, who leads NASA's scientific programs, during a news conference on Wednesday. "There is already some amazing science in the can, and some others are yet to be taken as we go forward. We are in the middle of getting the history-making data down."

NASA said it plans to release several images beginning at 10:30 am ET (14:30 UTC) on July 12, the result of Webb's "first light" observations. On Wednesday, space agency officials said the images and other data would include the deepest-field image of the universe ever taken—looking further into the cosmos than humans ever have before—as well as the spectrum of an atmosphere around an exoplanet. By looking in the infrared, Webb will be able to identify the fingerprints of small molecules, such as carbon dioxide and ozone, that will offer meaningful clues about the habitability of worlds around other stars.

NASA's deputy administrator, Pam Melroy, said she was blown away by the images Webb has produced so far. "What I have seen moved me, as a scientist, as an engineer, and as a human being," she said.

[...] Unfortunately, we will have to wait nearly two full weeks to see the final products from Webb's first observations. NASA said it will not be releasing any images early, even on an embargoed basis. But we've waited 20 years for Webb to come online and offer a truly worthy successor to the Hubble Space Telescope. I suppose we can wait a little while longer.


Original Submission

posted by janrinok on Friday July 01, @08:48AM   Printer-friendly [Skip to comment(s)]
from the patchable-and-preventable dept.

Patchable and Preventable Security Issues Lead Causes of Q1 Attacks:

Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for bulk of attacks.

Eighty-two percent of attacks on organizations in Q1 2022 were caused by the external exposure of a known vulnerabilities in the victim's external-facing perimeter or attack surface. Those unpatched bugs overshadowed breach-related financial losses tied to human error, which accounted for 18 percent.

The numbers come from Tetra Defense and its quarterly report that sheds light on a notable uptick in cyberattacks against United States organizations between January and March 2022.

The report did not let employee security hygiene, or a lack thereof, off the hook. Tetra revealed that a lack of multi-factor authentication (MFA) mechanisms adopted by firms and compromised credential are still major factors in attacks against organizations.

The study looks at the Root Point of Compromise (RPOC) in attacks. The RPOC is the initial entry point through which a threat actor infiltrates a victim organization and is categorized as the external exposure to a known vulnerability, or a malicious action performed by the user or a system misconfiguration.

"Incidents caused by unpatched systems cost organizations 54 percent more than those caused by employee error," according to the report.

[...] According to Tetra Defense, the widespread awareness about the Log4Shell vulnerability minimize the active exploitation and was only the third most exploited external exposure accounting for 22 percent of total incident response cases. The Microsoft Exchange vulnerability ProxyShell outpaces the Log4Shell and leads the way by accounting for 33 percent of cases.

The Tetra Defense revealed that nearly 18 percent of the events were caused by the unintentional action performed by an individual employee in the organization.

[...] "Advocating for better patching practices has almost become a cliché at this point as it's common knowledge that it plays a major role in reducing cyber risk," Tetra Defense noted.

"To best prevent exploitation of external vulnerabilities, organizations need to understand their attack surface and prioritize patching based on risk, all while ensuring they have the defenses in place to protect their systems knowing that that will have obstacles that will prevent them from immediately patching vulnerable systems," Tetra Defense added.


Original Submission

posted by janrinok on Friday July 01, @06:06AM   Printer-friendly [Skip to comment(s)]
from the this-movie-ends-badly dept.

New chip for robots conveys 'sense of touch' to human operators:

A Japanese startup is taking a major step toward commercializing real haptics technology that can replicate the exact feel and texture of objects, opening up new remote opportunities in health care, construction, manufacturing and other fields.

Motion Lib, launched out of Japan's Keio University, will enter a partnership with Tata Consultancy Services as early as this month to develop an advanced haptics feedback system that can be used in a variety of industries.

They aim to launch the system globally as early as 2024. TCS will also work on cloud infrastructure to store data of different tasks and movements that the system can carry out.

TCS has a market capitalization of around 12 trillion rupees ($153 billion), more than IBM, operating in 46 countries and working with over 2,000 startups. It partners with over 500 researchers worldwide, including at the Massachusetts Institute of Technology, and has the connections to introduce new technology to major corporations.

Conventional haptics systems cannot replicate small differences in resistance, making handling delicate items a challenge. Real haptics technology, first put into practical use by Keio University project professor Kohei Onishi, can simulate minute tactile sensations, allowing users to pick up balloons and potato chips via a robotic arm without damaging them, or figure out how hard they can squeeze a cake before crushing it, for example.

[...] The technology could also be used to store specialized skills as tactile data, so they can be recreated remotely and passed on to future generations.

[...] The global market for industrial robots is expected to double from 2021 to 2028 to over $165 billion, according to Statista. Real haptics could also augment users' strength, opening up new job opportunities for people with disabilities as well.

But they could potentially be used for military applications as well. Motion Lib's system is designed so remote feedback and controls can only be activated on robots and machines with its proprietary chip. [...] "We'll be able to protect the technology by keeping control over the chips," Onishi said.


Original Submission

posted by hubie on Friday July 01, @03:21AM   Printer-friendly [Skip to comment(s)]
from the to-infinity-and-beyond dept.

Rocket Lab sees payoff from CAPSTONE launch - SpaceNews:

The successful launch of a NASA lunar cubesat mission was the culmination of two and a half years of work at Rocket Lab that, the company's chief executive says, could enable "ridiculously low cost" planetary missions.

Rocket Lab's Electron launched NASA's Cislunar Autonomous Positioning System Technology Operations and Navigation Experiment (CAPSTONE) cubesat and the company's Lunar Photon kick stage June 28. The Photon will gradually raise its orbit over the next several days before a final burn that places CAPSTONE on a ballistic lunar trajectory.

The payload, with an overall mass of more than 300 kilograms, pushed the Electron to the limit. "Electron gave everything that it could give. We've never run the engines as hard as we ran them tonight," Peter Beck, chief executive of Rocket Lab, said in an interview a few hours after the launch, which took place in the evening in New Zealand. "We put the Lunar Photon exactly where it needed to be and we had some performance left over in the vehicle."

[...] The payoff, he said, is a system that can be used for other smallsat missions with high performance requirements. Rocket Lab is already planning to use the same kick stage for a privately funded mission to Venus, replacing the CAPSTONE cubesat with an atmospheric entry probe.

"We can go to Mars and to asteroids equally well," he said. "This really is an entirely new system for deep space exploration at just a ridiculously low cost."

Perhaps we're getting closer to the point where we can crowdsource a Soylent mission to Mars!


Original Submission

posted by hubie on Friday July 01, @12:34AM   Printer-friendly [Skip to comment(s)]
from the my-jacuzzi-needs-one-of-these dept.

Raspberry Pi Pico W Launches For $6

The Raspberry Pi Pico W is an update to last year's Raspberry Pi Pico using their in-house RP2040 silicon. The Pico W is a small update to this IoT platform that has already sold more than two million boards.

With the Raspberry Pi Pico W, there is now 802.11n wireless networking added to the Pico platform to make it more attractive for IoT use-cases. The Pico W retains pin compatibility with the original Pico. The Pico W makes use of an Infineon CYW43439 wireless chip.

Aside from the addition of 802.11n wireless networking, the Pico W is the same platform as the Pico. Rather than $4, this 802.11n WiFi variant will sell for $6 USD.

Also launching are two versions with pre-soldered headers:

Pico H ($5) and Pico WH ($7) add pre-populated headers, and our new 3-pin debug connector, to Pico and Pico W respectively. Pico H and Pico W are available today; Pico WH will follow in August.

[...] Eagle-eyed readers of datasheets will notice that CYW43439 supports both Bluetooth Classic and Bluetooth Low-Energy: we have not enabled Bluetooth on Pico W at launch, but may do so in the future.

Previously: Raspberry Pi Releases "Pico" Microcontroller at $4 Per Unit
Raspberry Pi Begins Selling its RP2040 Microcontroller for $1


Original Submission

posted by hubie on Thursday June 30, @09:51PM   Printer-friendly [Skip to comment(s)]
from the why-stop-at-just-reproductive-data? dept.

Democrats introduce bill to ban collection of reproductive health data:

Rep. Sara Jacobs (D-Calif.) and Sens. Mazie Hirono (D-Hawaii) and Ron Wyden (D-Ore.) introduced legislation Tuesday that would bar companies from retaining data about users' reproductive health without consent.

The bill would also give people the power to demand companies disclose and delete the data as well as the power to sue companies for violations of the law.

[...] The Democrats' My Body, My Data Act would protect personal data collected by entities not currently covered by the Health Insurance Portability and Accountability Act (HIPAA), including data collected by apps, cellphones and search engines.

Also see: Pass the "My Body, My Data" Act:

Privacy fears should never stand in the way of healthcare. That's why this common-sense bill will require businesses and non-governmental organizations to act responsibly with personal information concerning reproductive health care. Specifically, it restricts them from collecting, using, retaining, or disclosing reproductive health information that isn't essential to providing the service someone asks them for.

These restrictions apply to companies that collect personal information related to a person's reproductive or sexual health. That includes information such as data related to pregnancy, menstruation, surgery, termination of pregnancy, contraception, basal body temperature or diagnoses. The bill would protect people who, for example, use fertility or period-tracking apps or are seeking information about reproductive health services.

[...] Finally, while Rep. Jacobs' bill establishes an important national privacy foundation for everyone, it also leaves room for states to pass stronger or complementary laws to protect the data privacy of those seeking reproductive health care.

Link to the bill.


Original Submission

posted by hubie on Thursday June 30, @07:04PM   Printer-friendly [Skip to comment(s)]
from the hey-that's-the-same-password-I-use-on-my-luggage dept.

RansomHouse extortion group claims AMD as its latest victim:

AMD said it is investigating a potential data breach after RansomHouse, a relatively new data cybercrime operation, claims to have extorted data from the U.S. chipmaker.

An AMD spokesperson told TechCrunch that the company "is aware of a bad actor claiming to be in possession of stolen data," adding that "an investigation is currently underway."

RansomHouse, which earlier this month claimed responsibility for a cyberattack on Shoprite, Africa's largest retailer, claims to have breached AMD on January 5 to steal 450GB of data. The group claims to be targeting companies with weak security, and claimed it was able to compromise AMD due to the use of weak passwords throughout the organization.

"An era of high-end technology, progress and top security... there's so much in these words for the crowds. But it seems those are still just beautiful words when even technology giants like AMD use simple passwords to protect their networks from intrusion," RansomHouse wrote on its data leak site. "It is a shame those are real passwords used by AMD employees, but a bigger shame to AMD Security Department which gets significant financing according to the documents we got our hands on — all thanks to these passwords."

A portion of the stolen data leaked by RansomHouse and seen by TechCrunch suggests that AMD employees were using passwords as simple as "password," "123456" and "Welcome1." [...]

Unlike other cybercrime gangs, RansomHouse claims it's not a "ransomware" group, rather it describes its operation as a "professional mediators community," even if the end goal of extorting companies for money remains the same.

"We have nothing to do with any breaches and don't produce or use any ransomware," RansomHouse says on its dark web site. "Our primary goal is to minimize the damage that might be sustained by related parties. RansomHouse members prefer common sense, good conflict management and intelligent negotiations in an effort to achieve fulfilment [sic] of each party's obligations instead of having non-constructive arguments."

It sounds like they have someone with a marketing degree. So who do you suppose are the parties they are mediating between?


Original Submission

posted by hubie on Thursday June 30, @04:18PM   Printer-friendly [Skip to comment(s)]
from the there-goes-another-one dept.

A court in the British Virgin Islands has ordered the liquidation of Singapore-based Three Arrows Capital, underlining the crisis gripping the cryptocurrency sector:

Three Arrows Capital, a cryptocurrency-focused hedge fund, has plunged into liquidation, deepening the crisis engulfing the global digital assets sector.

Sky News has learnt that partners from Teneo in the British Virgin Islands has been lined up to handle the insolvency of the Singapore-based firm, which was set up in 2012 by Su Zhu and Kyle Davies.

Cryptocurrency insiders said on Wednesday that the liquidation would be a significant moment in the current unravelling of the cryptocurrency sector, which has grown at breakneck speed in recent years.

The firm's demise is likely to raise further questions, however, about the regulatory oversight to which cryptocurrencies and other digital assets are subject in the world's major financial centres.

[...] The crypto landscape is experiencing tumultuous change amid a collapse in valuations of assets such as stablecoins - digital currencies pegged to the value of assets such as the US dollar or gold.


Original Submission

posted by janrinok on Thursday June 30, @01:35PM   Printer-friendly [Skip to comment(s)]
from the can-I-at-least-claim-the-experience-on-my-resume? dept.

FBI warning: Crooks are using deepfakes to apply for remote tech jobs:

Scammers or criminals are using deepfakes and stolen personally identifiable information during online job interviews for remote roles, according to the FBI.

The use of deepfakes or synthetic audio, image and video content created with AI or machine-learning technologies has been on the radar as a potential phishing threat for several years.

The FBI's Internet Crime Complaint Center (IC3) now says it's seen an increase in complaints reporting the use of deepfakes and stolen personally identifiable information to apply for remote work roles, mostly in tech.

With some offices asking staff to return to work, one job category where there has been a strong push for remote work to continue is in information technology.

Reports to IC3 have mostly concerned remote vacancies in information technology, programming, database, and software-related job functions.

Highlighting the risk to an organization of hiring a fraudulent applicant, the FBI notes that "some of the reported positions include access to customer PII, financial data, corporate IT databases and/or proprietary information."

In the cases reported to IC3, the FBI says the complaints have been about the use of voice deepfakes during online interviews with potential applicants. But it also notes victims have noticed visual inconsistencies.

"In these interviews, the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking. At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually," the FBI said.

Complaints to IC3 have also described the use of stolen PII to apply for these remote positions.

"Victims have reported the use of their identities and pre-employment background checks discovered PII given by some of the applicants belonged to another individual," the FBI says.

[...] These contractors weren't typically engaged directly in hacking, but were using their access as sub-contracted developers within US and European firms to enable the nation's hacking activities, the agencies warned.


Original Submission

posted by janrinok on Thursday June 30, @10:52AM   Printer-friendly [Skip to comment(s)]
from the silver-bells-coral-shells-carousels dept.

Sea Corals Found To Be a Source of an Elusive "Anti-Cancer" Compound:

The ocean floor is riddled with mysteries, but scientists have just discovered one of its best-kept secrets. For the last 25 years, researchers have been looking for the source of a natural chemical that has shown promise in preliminary studies for treating cancer. Now, researchers at the University of Utah Health report that easy-to-find soft corals—flexible corals that resemble underwater plants—make the elusive compound.

After determining the source, the researchers went on to discover the animal's code for synthesizing the chemical. They were able to carry out the initial stages of re-creating the soft coral chemical in the laboratory by following those directions.

"This is the first time we have been able to do this with any drug lead on Earth," says Eric Schmidt, Ph.D., professor of medicinal chemistry at the University of Utah Health. He led the study with Paul Scesa, Ph.D., postdoctoral scientist and first author, and Zhenjian Lin, Ph.D., assistant research professor.

The breakthrough opens the door to generating the compound in big enough quantities for rigorous testing, which could one day result in a new cancer-fighting tool.

[...] Soft corals contain thousands of drug-like compounds that may be used as anti-inflammatory drugs, antibiotics, and other medicines. However, acquiring enough of these compounds has been a big obstacle to turning them into clinically useful medications. According to Schmidt, these other compounds should now be accessible using this new method.

Corals aren't the only animals that harbor potential therapeutics. Nature is crawling with snakes, spiders, and other animals known to carry chemicals with healing properties. Yet that compounds from soft corals offer distinct advantages for drug development, Schmidt says.

Unlike venomous chemicals that are injected into prey, corals use their chemicals to ward off predators that try to eat them. Since they are made to be eaten, the soft coral chemicals are easily digestible. Similarly, drugs derived from these types of compounds should be able to be given as pills with a glass of water, rather than taken by injection or other more invasive means. "These compounds are harder to find but they're easier to make in the lab and easier to take as medicine," says Schmidt.

These possibilities had been just out of reach for decades. Getting to this point took the right know-how and a little luck. [...]

Journal Reference:
Scesa, Paul D., Lin, Zhenjian, Schmidt, Eric W.. Ancient defensive terpene biosynthetic gene clusters in the soft corals, Nature Chemical Biology (DOI: 10.1038/s41589-022-01027-1)


Original Submission

posted by janrinok on Thursday June 30, @08:06AM   Printer-friendly [Skip to comment(s)]
from the internet-of-things-that-shouldn't-need-internet dept.

TechDirt: Not Even Your 'Smart' Jacuzzi Is Safe From The Internet Of Broken Things

The Internet of things — aka the tendency to bring Internet connectivity to devices whether they need them or not — has provided no shortage of both tragedy and comedy. "Smart" locks that are easy to bypass, "smart" fridges that leak your email credentials, or even "smart" barbies that spy on toddlers are all pretty much par for the course in an industry with lax privacy and security standards.

Even your traditional hot tub isn't immune from the stupidity. Hot tub vendor SmartTub thought it might be nice to control your hot tub from your phone (because walking to the tub and quickly turning a dial is clearly too much to ask).

But like so many IOT vendors more interested in the marketing potential than the reality, they allegedly implemented it without including basic levels of security standards for their website administration panel, allowing hackers to access and control hot tubs, all over the planet. And not just SmartTub brands, but numerous brands from numerous manufacturers, everywhere [. . . .]

For those who need reminders, let us not forget prior SN (horror) stories:


Original Submission