Mark Rober, a former NASA engineer, is launching a satellite called SAT GUS to take the most epic selfies from space! Simply upload your photo, it'll be displayed on a phone, and the satellite will snap a picture with Earth in the background. The satellite's name, a playful nod to Crunchlab's squirrel mascot, Phat Gus, adds to the fun and ingenuity of this project.
Microsoft's latest Patch Tuesday update revealed five zero-day vulnerabilities in Windows, raising concerns about system security. Furthermore, Microsoft's Recall feature, which captures and stores screen content every few seconds, has drawn heavy criticism for its inherent privacy risks. Even if users disable the feature, the possibility of government-mandated activation adds to the anxieties, given the near-ubiquitous nature of Microsoft IDs.
A mass exodus of top officials at the Cybersecurity and Infrastructure Security Agency (CISA) is raising serious concerns about the future of US cybersecurity. Five of CISA's six operational divisions and six of its ten regional offices will lose their top leaders by the end of the month. Departures include key personnel from multiple divisions and regional directors, many with years of experience and institutional knowledge. This loss of leadership and expertise could severely hamper CISA's ability to collaborate effectively with critical infrastructure operators, private security firms, and various levels of government, leaving the nation vulnerable to cyber threats. While CISA insists it remains committed to its mission, both internal employees and external experts express deep worry about the agency's weakened capacity and the significant security risks this poses.
CAR T-cell therapies have shown remarkable success in treating blood cancers, but their laborious ex vivo manufacturing and high cost limit their accessibility. To address these challenges, scientists are developing in vivo CAR T-cell therapies, which involve genetically engineering T cells directly within the body. This approach promises to simplify manufacturing, reduce costs, and benefit more patients. While in vivo methods face challenges like precise targeting of T cells and potential side effects, their potential is immense and could revolutionize cancer immunotherapy.
Sporting giant Adidas has announced another data breach affecting its customers. Attackers compromised a third-party customer service provider, stealing some customer data. Adidas assures that payment information and passwords were not compromised. This is the latest in a series of data breaches for Adidas, following previous incidents involving customers in Turkey, South Korea, and its US website. Adidas has launched an investigation and notified authorities, but the exact number of affected individuals and further details remain undisclosed, raising fresh concerns about data security.
This article explores the early days of personal computing in the mid-1970s, focusing on the passionate hobbyist community that sprung up around this nascent technology. Driven more by fascination than practicality, these enthusiasts built a vibrant ecosystem of clubs, magazines, and retail stores. While ambitious ventures like the Southern California Computer Society ultimately faltered due to mismanagement, their collective efforts laid the groundwork for the personal computer revolution. Their actions also shaped a powerful mythology, portraying themselves as liberators bringing computing power to the masses.
On May 20th, 2025, a malformed BGP message containing a corrupt BGP Prefix-SID attribute triggered routing instability and brief outages across the internet. Juniper's JunOS, failing to filter the erroneous message, propagated it to peers, while Arista's EOS reset sessions upon receiving it. The incident impacted numerous networks, including major internet exchanges, as the Bird routing software lacks BGP SID support, resulting in widespread dissemination of the faulty message. Investigation points to AS9304, AS135338, AS151326, and AS138077 as potential sources, with Starcloud (AS135338) or Hutchison (AS9304) considered more likely culprits. This highlights severe flaws in BGP error handling and the need for improved error tolerance in network devices.
This article delves into the remarkable story of Bill Benter and his $1B fortune amassed from Hong Kong horse racing, as detailed in "The Gambler Who Cracked the Horse-Racing Code." Benter's 1994 paper, "Computer Based Horse Race Handicapping and Wagering Systems: A Report," documented a successful betting model, though likely outdated upon publication. The paper offers valuable insight into applying mathematics to horse racing, particularly given the era's hardware and software limitations. This post presents an annotated version of the paper, including code and commentary. It analyzes model calibration, improvements in public odds estimates over decades (1986-1993, 1996-2003, 2006-2013, 2016-2023), and recreates adjustment factor fitting using PyTorch.
Dr. Vladimir Dinets, a research assistant professor at the University of Tennessee, observed a Cooper's hawk demonstrating remarkable adaptation to city life. The hawk learned to use the sound signal from extended red lights at an intersection to predict the formation of a car queue providing cover. It then ambushed birds near a house, utilizing the cars as camouflage during its attack. This indicates the hawk understood the correlation between the artificial signal and vehicle behavior, possessing excellent spatial memory to accurately strike prey even when obstructed from view. This showcases the exceptional intelligence and adaptability of urban raptors.
Glubux, a resourceful internet user, has powered his home for eight years using a system built from 1,000 recycled laptop batteries and a 7,000Wc solar panel installation. Overcoming challenges in cell balancing, electrical safety, and storage management, he created a self-sufficient energy system, drastically reducing his electricity bills. This inspiring project demonstrates the potential for individual action in sustainable energy and waste reduction.
Researchers significantly improved the compressive strength of biocemented materials by optimizing the packing density of aggregate mixtures. They employed the Modified Andreassen model to design an optimal particle size distribution curve, which was validated through compaction experiments. The optimized mix exhibited higher aggregate packing density during biomineralization, leading to reduced cementation solution consumption. Subsequently, an improved stop-flow pressure-based injection method was used for biomineralization experiments to investigate the impact of varying cementation solution pressure and concentration on biomineralization depth and compressive strength. Results showed that optimal UACP content, pressure, and concentration yielded high-strength, homogeneous biomineralized specimens, with a maximum compressive strength of 57.4 MPa – significantly exceeding previous studies. Lower flow rates and higher aggregate packing density were also found to be beneficial for achieving higher ultrasonic wave velocities and compressive strengths.
John Young, co-founder of the legendary internet archive Cryptome, passed away at age 89. Cryptome, predating WikiLeaks and other similar platforms, served as a vital repository of government documents and information the public had a right to know. Young's activism, rooted in his experiences protesting the Vietnam War and racial segregation, fueled his dedication to transparency. Cryptome's history includes clashes with Microsoft and disagreements with Julian Assange over funding and philosophies. Young's death marks the end of an era, but his legacy of fighting for information freedom continues.
Researchers at UC Riverside have developed MassQL, a new programming language that allows biologists and chemists to rapidly identify environmental pollutants without coding. Functioning like a search engine for mass spectrometry data, MassQL empowers researchers to find patterns previously requiring advanced programming skills. Already, it has identified flame retardants in waterways and unearthed previously unknown compounds. Overcoming the challenge of unifying chemist and computer scientist terminology, MassQL boasts over 30 applications, from detecting alcohol poisoning markers to finding ‘forever chemicals’ in playgrounds, revolutionizing environmental science research.
Invariant has discovered a critical vulnerability in the widely-used GitHub MCP integration (14k GitHub stars). A malicious GitHub Issue allows attackers to hijack a user's agent, forcing it to leak data from private repositories. This vulnerability, one of the first discovered by Invariant's automated security scanners for detecting 'Toxic Agent Flows,' involves injecting malicious prompts into a public repository. When a user queries their agent, it fetches the issue and is injected, potentially pulling private repo data into context and leaking it to a public repository accessible to the attacker. Mitigation strategies include granular permission controls and continuous security monitoring. Even highly aligned AI models are susceptible, highlighting the need for system-level security measures.
Starfish Neurotech announced an upcoming revolutionary miniaturized, ultra-low power chip for brain-computer interfaces. Designed for simultaneous recording and stimulation of multiple brain regions to treat neurological disorders, the 2x4mm chip boasts 1.1mW power consumption, 32 electrode sites, and 16 simultaneous recording channels. It supports wireless power and data transmission. Starfish seeks collaborators in wireless power delivery, communication, or custom implanted neural interfaces to further this technology.
Shenandoah University students have created a groundbreaking VR experience, "Following in Their Footsteps," recreating the Lewis and Clark Expedition. A nine-month project culminating in a cross-country journey, the team captured 360° video and interviews with over 20 experts. This immersive VR program aims to educate a wider audience about this pivotal moment in American history, offering interactive exploration of key locations and artifacts. Launching in Fall 2025, it promises a new perspective on this iconic adventure.
This article reveals the core difference between streaming and downloading video: whether the device retains cached video frames. Streaming players buffer frames to handle network fluctuations, which is essentially downloading. Platforms restrict downloads based on user trust, relying on users to delete cached files. Users can circumvent these restrictions, retaining copies. While differences exist in file order, transcoding, and DRM, the core distinction lies solely in whether the video file is retained.
DDoSecrets leaked 410GB of heap dump data from TeleMessage, an Israeli company, revealing communications from disaster responders, customs officials, US diplomats, White House staff, and Secret Service members. A trivial vulnerability allowed anyone to download Java heap dumps from the server. Analysis shows the data includes chat logs from various platforms like WhatsApp, Telegram, and Signal, some encrypted but much of it unencrypted, containing text messages, attachments, and metadata. Researchers identified thousands of TeleMessage customers, including major corporations from finance, energy, and other sectors, such as JPMorgan Chase and Scotiabank. While no extremely sensitive information has yet surfaced, the dataset offers numerous leads potentially sparking further investigations and news stories.
In the race to build all-optical AI data centers, TSMC is partnering with Avicena to leverage microLED-based interconnects. This innovative approach replaces traditional copper wires with a cost-effective, energy-efficient optical solution to address the exploding bandwidth demands of AI clusters. Avicena's LightBundle platform uses hundreds of blue microLEDs and imaging fibers, bypassing the complexity and high power consumption of laser-based solutions. By utilizing mature LED, camera, and display technologies, this approach promises higher reliability and scalability, potentially overcoming the bottlenecks in AI data center optical interconnects and enabling faster, lower-latency data transfer for demanding applications like large language models.
Security researcher Jeremiah Fowler uncovered a massive, unencrypted online database containing over 184 million unique account credentials. The database, easily accessible without password protection, included usernames, passwords, emails, and URLs for various services like Google, Microsoft, Apple, and even bank and government accounts. The data, likely collected by infostealer malware, poses significant risks including account takeovers, identity theft, ransomware attacks, and corporate espionage. Fowler contacted the hosting provider for removal and advises users to adopt strong password practices, utilize multi-factor authentication, employ password managers, and regularly monitor account activity for enhanced security.
Google's aggressive push into AI search, with features like AI Overviews and AI Mode, is changing how we interact with the web. AI Overviews provide summaries at the top of search results, reducing the need to click through to websites. AI Mode goes further, replacing traditional search with a conversational interface that answers questions and allows follow-up inquiries. While initially promising, AI Mode's reduced reliance on web links raises concerns about the impact on the website ecosystem. This article explores the trade-offs of Google's approach and its implications for the internet as a whole, suggesting that Google's prioritization of winning the AI race may come at the cost of the very web that fuels it.
Hacker News recently underwent a significant technical upgrade, abandoning its long-standing pagination system for improved performance. This change stems from a new compiler called Clarc, which compiles Hacker News' Arc Lisp code into Common Lisp, enabling multi-core operation and a significant performance boost. Clarc's development spanned several years, its core being a staged approach to building Arc, ultimately resulting in a smooth transition from Racket to SBCL. While Clarc's code hasn't been publicly released due to anti-abuse measures it contains, the upgrade nevertheless signifies a notable advancement in Hacker News' technical capabilities.
This article exposes a critical security flaw in Garmin smartwatches. Data stored in .FIT files, including GPS location, health metrics, and personal information, is easily accessible by simply connecting the watch to a computer. This vulnerability played a crucial role in a 2018 double murder case, where the suspect's Garmin watch data provided key evidence leading to a conviction. The article compares Garmin's security practices with Fitbit, Apple, and Samsung, recommending users regularly sync data to Garmin Connect, set a passcode, and take physical precautions to protect their privacy.
The author has open-sourced TeleMessage Explorer, a tool designed to analyze the massive data breach from TeleMessage, a company whose modified Signal app was used by Trump's former national security advisor. The tool allows journalists and researchers to sift through the data and uncover valuable insights. The post details how to use the tool, showcasing its ability to explore data, including Signal messages from a 24-year-old White House staffer. TeleMessage clients include DC Police, Andreessen Horowitz, and JP Morgan. The author encourages journalists to use the tool to unearth more stories while the data remains current.
A leaked document reveals hundreds of seemingly ordinary news and entertainment websites that were secretly operated by the CIA. These sites, publishing in multiple languages and covering diverse topics from sports and technology to finance, were used for intelligence gathering, propaganda dissemination, or other covert purposes. Investigators uncovered clues by analyzing website code, images, and domain registration information. The sheer scale of the operation is staggering and raises concerns about online security and information authenticity.
LaLiga's aggressive anti-piracy campaign, sanctioned by a court order, has resulted in the mass blocking of Cloudflare IP addresses, impacting millions of innocent websites and potentially jeopardizing access to critical emergency services in Spain. Cloudflare CEO Matthew Prince has strongly condemned this “bonkers” strategy, warning of potential fatalities. While LaLiga claims legal compliance, Prince insists Cloudflare has always been willing to cooperate, offering a clear process that LaLiga refuses to use. The controversy, dubbed #laligagate, sparks intense debate over internet censorship and copyright protection, highlighting the significant risks and potentially deadly consequences of large-scale blocking.
SK TES's Fredericksburg facility meticulously processes discarded laptops. Employees thoroughly inspect the machines, uncovering hidden drives, and rating them based on functionality, cosmetic condition, and component value. Retail-ready laptops receive full-body adhesive skins to mask blemishes before hitting the market. This process highlights the potential for e-waste recycling and the magic of tech restoration.
The 2015 Volkswagen emissions scandal, involving software designed to cheat on emissions tests, sent shockwaves through the global automotive industry. The deception resulted in billions in fines and settlements for VW, exceeding €30 billion. While former CEO Martin Winterkorn and other executives faced charges, Winterkorn continues to deny responsibility. The scandal remains a landmark case of corporate malfeasance with long-lasting consequences.
Japanese mobile carrier Docomo announced it will end support for its unique emoji designs by late June 2025. This marks the end of a significant emoji era that began in 1999, even though the set hasn't been updated since 2013. While surprisingly still in use on specific Japanese devices, Docomo's 698 emoji designs will be replaced by Google's Noto Color Emoji or Samsung's custom set, depending on the device. Docomo's early foray into symbolic communication, dating back to a simple heart icon on its 1995 pager, foreshadowed the emoji revolution. The company's 1999 i-mode emoji set played a foundational role in emoji standardization.
Former UK Deputy Prime Minister Nick Clegg argues that requiring artist consent for AI model training would effectively destroy the UK's AI industry. While the creative community pushes for the right to opt out of their work being used to train AI, Clegg contends that obtaining consent for vast datasets is impractical. He warns that such a requirement, implemented solely in Britain, would cripple the nation's AI sector. This debate follows the rejection of an amendment to the Data (Use and Access) Bill, which aimed to increase transparency in AI training data. The fight, however, continues.