GlitzyArmrest

Democratic lawmakers are probing SpaceX over Russia's reported use of Starlink in Ukraine, saying that recent developments raise questions about SpaceX's "compliance with US sanctions and export controls."

SpaceX CEO Elon Musk last month denied what he called "false news reports [that] claim that SpaceX is selling Starlink terminals to Russia," saying that, "to the best of our knowledge, no Starlinks have been sold directly or indirectly to Russia." But Musk's statement didn't satisfy US Reps. Jamie Raskin (D-Md.) and Robert Garcia (D-Calif.), who sent a letter to SpaceX President Gwynne Shotwell yesterday.

"Starlink is an invaluable resource for Ukrainians in their fight against Russia's brutal and illegitimate invasion. It is alarming that Russia may be obtaining and using your technology to coordinate attacks against Ukrainian troops in illegally occupied regions in Eastern and Southern Ukraine, potentially in violation of US sanctions and export controls," Raskin and Garcia wrote.

Musk has also stated that "Starlink satellites will not close the link in Russia." However, the concerns raised by Rankin and Garcia are about whether Russia used the broadband service in Ukraine. Their letter said that Ukraine last month "released intercepted audio communications between Russian soldiers that indicated Russian forces had illegally deployed and activated Starlink terminals in certain Russian-occupied areas in Eastern Ukraine."

Astra's long, strange trip in the space business is taking another turn. The company announced Thursday that it is going private at an extremely low valuation.

Four years ago, the rocket company, based in Alameda, California, emerged from stealth with grand plans to develop a no-frills rocket that could launch frequently. "The theme that really makes this company stand out, which will capture the imagination of our customers, our investors, and our employees, is the idea that every day we will produce and launch a rocket," Astra co-founder Chris Kemp said during a tour of the factory in February 2020.

Almost exactly a year later, on February 2, 2021, Astra went public via a special purpose acquisition company (or SPAC). "The transaction reflects an implied pro-forma enterprise value for Astra of approximately $2.1 billion," the company stated at the time. For a time, the company's stock even traded above this valuation.

But then, rockets started failing. Only two of the seven launches of the company's "Rocket 3" vehicle were successful. In August 2022, the company announced a pivot to the larger Rocket 4 vehicle. It planned to begin conducting test launches in 2023, but that did not happen. Accordingly, the company's stock price plummeted.

Last November Kemp and the company's co-founder, Adam London, proposed to buy Astra shares at $1.50, approximately double their price. The company's board of directors did not accept the deal. Then, in late February, Kemp and London sharply cut their offer to take the company private, warning of "imminent bankruptcy" if the company doesn’t accept their new proposal. They offered $0.50 a share, well below the trading value of approximately $0.80 a share

On Thursday, Astra said that this deal was being consummated.

Attackers have transformed hundreds of hacked sites running WordPress software into command-and-control servers that force visitors’ browsers to perform password-cracking attacks.

A web search for the JavaScript that performs the attack showed it was hosted on 708 sites at the time this post went live on Ars, up from 500 two days ago. Denis Sinegubko, the researcher who spotted the campaign, said at the time that he had seen thousands of visitor computers running the script, which caused them to reach out to thousands of domains in an attempt to guess the passwords of usernames with accounts on them.

Visitors unwittingly recruited

“This is how thousands of visitors across hundreds of infected websites unknowingly and simultaneously try to bruteforce thousands of other third-party WordPress sites,” Sinegubko wrote. “And since the requests come from the browsers of real visitors, you can imagine this is a challenge to filter and block such requests.”

Like the hacked websites hosting the malicious JavaScript, all the targeted domains are running the WordPress content management system. The script—just 3 kilobits in size—reaches out to an attacker-controlled getTaskURL, which in turn provides the name of a specific user on a specific WordPress site, along with 100 common passwords. When this data is fed into the browser visiting the hacked site, it attempts to log into the targeted user account using the candidate passwords. The JavaScript operates in a loop, requesting tasks from the getTaskURL reporting the results to the completeTaskURL, and then performing the steps again and again.

Twitter's former CEO Parag Agrawal, Chief Financial Officer Ned Segal, Chief Legal Counsel Vijaya Gadde and General Counsel Sean Edgett claim in the lawsuit filed Monday that they were fired without a reason on the day in 2022 that Musk completed his acquisition of Twitter, which he later rebranded X.

Because he didn't want to pay their severance, the executives say Musk "made up fake cause and appointed employees of his various companies to uphold his decision."

The lawsuit says not paying severance and bills is part of a pattern for Musk, who's been sued by "droves" of former rank-and-file Twitter employees who didn't receive severance after Musk terminated them by the thousands.

Last year, two Waymo robotaxis in Phoenix "made contact" with the same pickup truck that was in the midst of being towed, which prompted the Alphabet subsidiary to issue a recall on its vehicles' software. A "recall" in this case meant rolling out a software update after investigating the issue and determining its root cause.

In a blog post, Waymo has revealed that on December 11, 2023, one of its robotaxis collided with a backwards-facing pickup truck being towed ahead of it. The company says the truck was being towed improperly and was angled across a center turn lane and a traffic lane. Apparently, the tow truck didn't pull over after the incident, and another Waymo vehicle came into contact with the pickup truck a few minutes later. Waymo didn't elaborate on what it meant by saying that its robotaxis "made contact" with the pickup truck, but it did say that the incidents resulted in no injuries and only minor vehicle damage. The self-driving vehicles involved in the collisions weren't carrying any passenger.

After an investigation, Waymo found that its software had incorrectly predicted the future movements of the pickup truck due to "persistent orientation mismatch" between the towed vehicle and the one towing it. The company developed and validated a fix for its software to prevent similar incidents in the future and started deploying the update to its fleet on December 20.

Since Broadcom's $61 billion acquisition of VMware closed in November 2023, Broadcom has been charging ahead with major changes to the company's personnel and products. In December, Broadcom began laying off thousands of employees and stopped selling perpetually licensed versions of VMware products, pushing its customers toward more stable and lucrative software subscriptions instead. In January, it ended its partner programs, potentially disrupting sales and service for many users of its products.

This week, Broadcom is making a change that is smaller in scale but possibly more relevant for home users of its products: The free version of VMware's vSphere Hypervisor, also known as ESXi, is being discontinued.

Disney+ started getting strict about password sharing in Canada last year, and now it's expanding the restriction to the US. According to The Verge, the streaming service has been sending out emails to its subscribers in the country, notifying them about a change in its terms of service. Its service agreement now states that users may not share their passwords outside of their household "unless otherwise permitted by [their] service tier," suggesting the arrival of new subscription options in the future.

The Verge says Disney+ told subscribers that they can analyze the use of their account to "determine compliance," though it didn't elaborate on how its methods work exactly. "We're adding limitations on sharing your account outside of your household, and explaining how we may assess your compliance with these limitations," Disney+ reportedly wrote in its email. In its Service Agreement, the service describes "household" as "the collection of devices associated with [subscribers'] primary personal residence that are used by the individuals who reside therein." The rule already applies to new subscribers, but old ones have until March 14 to feel its effects.

More lost keys..

From a reddit post:

Just seen this on IRC:

"the TLDR is basically: Best case, site comes back up we continue and change things in the backend, okay case, site is down for a little bit while we rebuild backend with likely a new domain, and worst case we close out and refugee you all elsewhere (we might still do this last part too hook up the community even if we are working on the backend"

ETA: IRC admin wrote "I'm currently trying to set up a place where refugees can go to"

ETA2: As far as I understand, someone went away and I quote "without the return of (this person), AR's continued existence is up in the air, we are attempting to work on solutions but he unfortunately seemed to hold more keys to the castle than we were fully aware."

2024-02-06 update:

Hey AR Community,

It's been a stressfull few days.

We are diligently working in the background to try to avoid issues like the last few days going forward. We are also working to establish a more robust backend that doesn't depend on any single point of people failure.

Keep an eye out for changes and thanks for sticking with us as we get over the bumpy road ahead. Yes we know certain things are not working, we are working on it.

Most of all and above all else, I want to thank our community and our committed members. The out pouring of love has been incredible. The amount of love shown by everyone in this turbulent time has been eye opening to say the least.

Thanks

AR Staff

European Union regulators are concerned that Microsoft may be covertly controlling OpenAI as its biggest investor.

OpenAI has publicly responded to a copyright lawsuit by The New York Times, calling the case “without merit” and saying it still hoped for a partnership with the media outlet.

In a blog post, OpenAI said the Times “is not telling the full story.” It took particular issue with claims that its ChatGPT AI tool reproduced Times stories verbatim, arguing that the Times had manipulated prompts to include regurgitated excerpts of articles. “Even when using such prompts, our models don’t typically behave the way The New York Times insinuates, which suggests they either instructed the model to regurgitate or cherry-picked their examples from many attempts,” OpenAI said.

OpenAI claims it’s attempted to reduce regurgitation from its large language models and that the Times refused to share examples of this reproduction before filing the lawsuit. It said the verbatim examples “appear to be from year-old articles that have proliferated on multiple third-party websites.” The company did admit that it took down a ChatGPT feature, called Browse, that unintentionally reproduced content.

If you have the Brave Browser installed on your Windows devices, then you may also have Brave VPN services installed on the machine. Brave installs these services without user consent on Windows devices.

Brave Firewall + VPN is an extra service that Brave users may subscribe to for a monthly fee. Launched in mid-2022, it is a cooperation between Brave Software, maker of Brave Browser, and Guardian, the company that operates the VPN and the firewall solution. The firewall and VPN solution is available for $9.99 per month.

Vechev and his team found that the large language models that power advanced chatbots can accurately infer an alarming amount of personal information about users—including their race, location, occupation, and more—from conversations that appear innocuous.