The theme of this yearâs Carnival in Venice is âTutta colpa della Luna,â or âBlame the Moon,â inspired by the 50-year mark since humans first walked on the moon. Festivities kicked off this weekend, with a nighttime floating parade, and will last until March 5. Collected here, colorful images from the opening days of Carnival 2019 in Venice.
Artists perform during the "Tutta colpa della Luna" or "Blame the Moon" festivities down the Rio di Cannaregio, one of Venice's famed canals on February 16, 2019. - Venice began its annual Carnival festivities with a floating, night-time parade starting more than two weeks of celebrations.
(
Vincenzo Pinto / AFP / Getty)
In 1828, a teenager named Charles Darwin opened a letter to his cousin with âI am dying by inches, from not having anybody to talk to about insects.â Almost two centuries on, Darwin would probably be thrilled and horrified: People are abuzz about insects, but their discussions are flecked with words such as apocalypse and Armageddon.
The drumbeats of doom began in late 2017, after a German study showed that the total mass of local flying insects had fallen by 80 percent in three decades. The alarms intensified after TheNew York Times Magazine published a masterful feature on the decline of insect life late last year. And panic truly set in this month when the researchers Francisco Sánchez-Bayo and Kris Wyckhuys, having reviewed dozens of studies, claimed that âinsects as a whole will go down the path of extinction in a few decades.â The Guardian, in covering the duoâs review, wrote that âinsects could vanish within a centuryââa crisis that Sánchez-Bayo and Wyckhuys believe could lead to a âcatastrophic collapse of natureâs ecosystems.â
I spoke with several entomologists about whether these claims are valid, and what I found was complicated. The data on insect declines are too patchy, unrepresentative, and piecemeal to justify some of the more hyperbolic alarms. At the same time, what little information we have tends to point in the same worrying direction. How, then, should we act on that imperfect knowledge? Itâs a question that goes beyond the fate of insects: How do we preserve our rapidly changing world when the unknowns are vast and the cost of inaction is potentially high?
First, some good news: The claim that insects will all be annihilated within the century is absurd. Almost everyone I spoke with says that itâs not even plausible, let alone probable. âNot going to happen,â says Elsa Youngsteadt from North Carolina State University. âTheyâre the most diverse group of organisms on the planet. Some of them will make it.â Indeed, insects of some sort are likely to be the last ones standing. Any event sufficiently catastrophic to scour the world of insects would also render it inhospitable to other animal life. âIf it happened, humans would no longer be on the planet,â says Corrie Moreau from Cornell University.
The sheer diversity of insects makes them, as a group, resilientâbut also impossible to fully comprehend. There are more species of ladybugs than mammals, of ants than birds, of weevils than fish. There are probably more species of parasitic wasps than of any other group of animal. In total, about 1 million insect species have been described, and untold millions await discovery. And having learned of a creatureâs existence is very different from actually knowing it: Most of the identified species are still mysterious in their habits, their proclivities, andâcrucially for this discussionâtheir numbers.
Few researchers have kept running tallies on insect populations, aside from a smattering of species that are charismatic (monarch butterflies), commercially important (domesticated honeybees), or medically relevant (some mosquitoes). Society still has a lingering aversion toward creepy crawlies, and entomological research has long been underfunded. Where funds exist, theyâve been disproportionately channeled toward ways of controlling agricultural pests. The basic business of documenting insect diversity has been comparatively neglected, a situation made worse by the decline of taxonomistsâspecies-spotting scientists who, ironically, have undergone their own mass extinction.
When scientists have collected long-term data on insects, theyâve usually done so in a piecemeal way. The 2017 German study, for example, collated data from traps that had been laid in different parts of the country over time, rather than from concerted attempts to systematically sample the same sites. Haphazard though such studies might be, many of them point in the same dispiriting direction. In their review, Sánchez-Bayo and Wyckhuys found 73 studies showing insect declines.
But thatâs what they went looking for! They searched a database using the keywords insect and decline, and so wouldnât have considered research showing stability or increases. The studies they found arenât representative either: Most were done in Europe and North America, and the majority of insects live in the tropics. This spotty geographical spread makes it hard to know if insects are disappearing from some areas but recovering or surging in others. And without âgood baselines for population sizes,â says Jessica Ware from Rutgers University, âwhen we see declines, itâs hard to know if this is something that happens all the time.â
Itâs as if âour global climate dataset only involved 73 weather stations, mostly in Europe and the United States, active over different historical time windows,â explained Alex Wild from the University of Texas at Austin on Twitter. âImagine that only some of those stations measured temperature. Others, only humidity. Others, only wind direction. Trying to cobble those sparse, disparate points into something resembling a picture of global trends is ambitious, to say the least.â
For those reasons, itâs hard to take the widely quoted numbers from Sánchez-Bayo and Wyckhuysâs review as gospel. They say that 41 percent of insect species are declining and that global numbers are falling by 2.5 percent a year, but âtheyâre trying to quantify things that we really canât quantify at this point,â says Michelle Trautwein from the California Academy of Sciences. âI understand the desire to put numbers to these things to facilitate the conversation, but I would say all of those are built on mountains of unknown facts.â
Still, âour approach shouldnât be to downplay these findings to console ourselves,â Trautwein adds. âI donât see real danger in overstating the possible severity of insect decline, but there is real danger in underestimating how bad things really are. These studies arenât perfect, but weâd be wise to heed this warning now instead of waiting for cleaner studies.â
After all, the factors that are probably killing off insects in Europe and North America, such as the transformation of wild spaces into agricultural land, are global problems. âI donât see how those drivers would have a different outcome in a different area, whether we know the fauna there well or not,â says Jennifer Zaspel from the Milwaukee Public Museum.
Insects, though diverse, are also particularly vulnerable to such changes because many of them are so specialized, says May Berenbaum from the University of Illinois at Urbana-Champaign. âThereâs a fly that lives in the gills of a crab on one Caribbean island,â she says. âSo what happens if the island goes, or the crab goes? Thatâs the kind of danger that insects face. Very few of them can opportunistically exploit a broad diversity of habitats and supplies.â (That said, Sánchez-Bayo and Wyckhuys concluded that several once-common generalist species are declining, too.)
The loss of even a small percent of insects might also be disproportionately consequential. They sit at the base of the food web; if they go down, so will many birds, bats, spiders, and other predators. They aerate soils, pollinate plants, and remove dung and cadavers; if they disappear, entire landscapes will change. Given these risks, âdo we wait to have definitive evidence that species are disappearing before we do something?â Berenbaum asks.
Doing something is hard, though, because insect declines have so many factors, and most studies struggle to tease them apart. In their review, Sánchez-Bayo and Wyckhuys point the finger at habitat loss above all else, followed by pesticides and other pollutants, introduced species, and climate change, in that order. âIf it was one thing, weâd know what to do,â says Moreau from Cornell. Instead, we are stuck trying to tend to 1 million smaller cuts.
At least people are talking about the problemâa recent trend that surprised many of the entomologists I spoke with, who are more used to defending their interests to a creeped-out public. âSince when do people care about insects?â Berenbaum says. âIâm staggered by this!â She hopes that the apocalypse headlines will motivate people to take part in citizen-science projects, such as the BeeSpotter initiative she runs in Illinois. âThereâs a huge amount of diversity, but we can divide up the work,â she says.
Youngsteadt of North Carolina State is also confused by the sudden flux of interest, but it has meant a lot of invitations from community groups that want her to talk about the declines. She advises them to plant their gardens with native flowers, which promote a wider diversity of insects than neatly manicured lawns. Many people heed that advice to save beautiful species such as monarchs, âbut are shocked by all the bugs that come over,â Moreau says. âTheyâll see flies, bees, other caterpillars. They start appreciating the whole realm of insects out there. Going from âEw!â to âIâve heard theyâre in trouble; what can I do?â is a good thing.â
She and others hope that this newfound attention will finally persuade funding agencies to support the kind of research that has been sorely lackingâsystematic, long-term, widespread censuses of all the major insect groups. âNow more than ever, we should be trying to collect baseline data,â Ware says. âThat would allow us to see patterns if there really are any, and make better predictions.â Zaspel would also love to see more support for natural-history museums: The specimens pinned within their drawers can provide irreplaceable information about historical populations, but digitizing that information is expensive and laborious.
âWe should get serious about figuring out how bad the situation really is,â Trautwein says. âThis should be a huge wake-up call, and we should get on the ball instead of quibbling.â
âFreeBSD Mastery: Jailsâ is out for tech edit. Reviews are due back on the 25th, so I can get it to the copyeditor before I leave for a writing conference on the 28th. Right now the manuscript is laying fallow and Iâm not allowed to look at it. Next week, I need to be able â¦
A big, bright moon rises among bare branches yesterday evening. Bob King
Wow, what a moon last night! I suppose I swoon for every full moon. Each is an occasion unto itself. Winter full moons might be best â they climb high in the sky, and all that light gets reflected and amplified by the snow-covered landscape. I was amazed at how much moon-tinged sunlight filled the yard. For a second, I wondered if Iâd forgotten to turn off the garage light. I swear I could have read a book by that light. Maybe tonight if itâs clear.
Mercury will put in a nice appearance now through the first few days of March. Right now, it shines at magnitude -1, nearly as bright as Sirius. Look for it just to the south (left) of west about 7°-10° high 40 minutes after sunset well below the planet Mars. The constellation figures are included for reference. The planet will climb a little higher in the west as the week goes on. Stellarium
Tonightâs full moon will be a bit closer to full than last nightâs and rise shortly after sunset. Have your camera and binoculars ready to record and enjoy the sight. Then spin around to face the sunset direction for the side salad, a.k.a. the planet Mercury. Mercury runs both hot and cold with a surface temperature of 800° F (427° C) on a sunny day that plummets to â290° F (â180° C) at night. Of course, every day is sunny and every night is clear there because thereâs virtually no atmosphere. All that solar heat gets radiated back into space during the planetâs long night. On average, a complete day on Mercury lasts 176 Earth days.
Bonus! A perfect 22° halo ringed the moon around midnight last night. Halos form when pencil-shaped ice crystals in high clouds refract the moon or sunâs light into a circle. Bob King
The planet zips around the sun in just 88 days, so itâs usually visible for just a few weeks in the evening until it cycles back toward the sun and disappears in the solar glare. A couple weeks later the planet returns to the morning sky for a few weeks, disappears in the sunâs glare and returns to the evening sky. Back and forth it goes as if the sun were playing it like a yo-yo.
Because it orbits close to the sun Mercury never strays too far into the sky and is only visible in twilight. Bob King
Mercury reaches greatest elongation from the sun during the current apparition on Feb. 26, making this week and early the best time to see it. Right now, the little planet brightest because itâs in gibbous phase (like a moon between half and full) with most of its surface in sunlight. As it slenderizes to a crescent, it will fade. Itâs different from Venus in that way, which is brightest when seen as a thick crescent. Venus is bigger, closer and much more reflective than Mercury â all these advantages make up for its skimpy phase.
SemiBUGâs normal meeting place is not available this month, so thereâs an informal get-together at Leoâs next door, like last month.ÃÂ Itâs happening tonight at 7 PM.
Update: I put the wrong publish date on this â âtonightâ is the 19th for this, not the 17th.
Recently weâve talked about âstandard candles,â these being understood as objects in the sky about which we know the total luminosity because of some innate characteristic. Thus the Type 1a supernova, produced in a binary star system as material from a red giant falls onto a white dwarf, causing the smaller star to reach a mass limit and explode. These explosions reach roughly the same peak brightness, allowing astronomers to calculate their distance.
Even better known are Cepheid variables, stars whose luminosity and variable pulsation period are linked, so we can measure the pulsation and know the true luminosity. This in turn lets us calculate the distance to the star by comparing what we see against the known true luminosity.
This is helpful stuff, and Edwin Hubble used Cepheids in making the calculations that helped him figure out the distance between the Milky Way and Andromeda, which in turn put us on the road to understanding that Andromeda was not a nebula but a galaxy. Hubbleâs early distance estimates were low, but we now know that Andromeda is 2.5 million light years away.
I love distance comparisons and just ran across this one in Richard Gottâs The Cosmic Web: âIf our galaxy were the size of a standard dinner plate (10 inches across), the Andromeda Galaxy (M31) would be another dinner plate 21 feet away.â
Galaxies of hundreds of billions of stars each, reduced to the size of dinner plates and a scant 21 feet apart⦠Hubble would go on to study galactic redshifts enroute to determining that the universe is expanding. He would produce the Hubble Constant as a measure of the rate of expansion, and that controversial figure takes us into the realm of todayâs article.
For weâre moving into the exciting world of gravitational wave astronomy, and a paper in Physical Review Letters now tells us that a new standard candle is emerging. Using it, we may be able to refine the value of the Hubble Constant (H0), the present rate of expansion of the cosmos. This would be helpful indeed because right now, the value of the constant is not absolutely pinned down. Hubbleâs initial take was on the high side, and controversy has continued as different methodologies yield different values for H0.
Hiranya Peiris (University College London) is a co-author on the paper on this work:
âThe Hubble Constant is one of the most important numbers in cosmology because it is essential for estimating the curvature of space and the age of the universe, as well as exploring its fate.
âWe can measure the Hubble Constant by using two methods â one observing Cepheid stars and supernovae in the local universe, and a second using measurements of cosmic background radiation from the early universe â but these methods donât give the same values, which means our standard cosmological model might be flawed.â
Binary neutron stars appear to offer a solution. As they spiral towards each other before colliding, they produce powerful gravitational waves, ripples in spacetime, that can be flagged by gravitational experiments like the Laser Interferometer Gravitational Wave Observatory (LIGO) and Virgo. Astronomers can then compare the gravitational wave observation with the detected light of a binary neutron star merger, a result that produces the velocity of the system
Image: Artistâs vision of the death spiral of the remarkable J0806 system. Credit: NASA/Tod Strohmayer (GSFC)/Dana Berry (Chandra X-Ray Observatory).
Weâre closing on a refined Hubbleâs Constant, and researchers on the case, led by Stephen Feeney (Center for Computational Astrophysics at the Flatiron Institute, NY) think that observations of no more than 50 binary neutron stars should produce sufficient data to pin down H0. Weâll then have an independent measurement of this critical figure. And, says Feeney, â[w]e should be able to detect enough mergers to answer this question within 5-10 years.â
Nailing down the Hubble Constant will refine our estimates of the curvature of space and the age of the universe. Just a few years ago, who would have thought weâd be doing this by using neutron star interactions as what the researchers are now delightfully calling âstandard sirens,â allowing measurements that should solve the H0 discrepancy once and for all.
A final impulse takes me back to Hubble himself. The man had a bit of the poet in him, as witness his own outside perspective of our galaxy: âOur stellar system is a swarm of stars isolated in space. It drifts through the universe as a swarm of bees drifts through the summer air.â Found in The Realm of the Nebulae (1936).
The paper is Feeney et al., âProspects for Resolving the Hubble Constant Tension with Standard Sirens,â Physical Review Letters 122 (14 February 2019), 061105 (abstract).
Interesting -- although short and not very detailed -- article about Estonia's volunteer cyber-defense militia.
Padar's militia of amateur IT workers, economists, lawyers, and other white-hat types are grouped in the city of Tartu, about 65 miles from the Russian border, and in the capital, Tallinn, about twice as far from it. The volunteers, who've inspired a handful of similar operations around the world, are readying themselves to defend against the kind of sustained digital attack that could cause mass service outages at hospitals, banks, and military bases, and with other critical operations, including voting systems. Officially, the team is part of Estonia's 26,000-strong national guard, the Defense League.
[...]
Formally established in 2011, Padar's unit mostly runs on about ââŹ150,000 ($172,000) in annual state funding, plus salaries for him and four colleagues. (If that sounds paltry, remember that the country's median annual income is about ââŹ12,000.) Some volunteers oversee a website that calls out Russian propaganda posing as news directed at Estonians in Estonian, Russian, English, and German. Other members recently conducted forensic analysis on an attack against a military system, while yet others searched for signs of a broader campaign after discovering vulnerabilities in the country's electronic ID cards, which citizens use to check bank and medical records and to vote. (The team says it didn't find anything, and the security flaws were quickly patched.)
Mostly, the volunteers run weekend drills with troops, doctors, customs and tax agents, air traffic controllers, and water and power officials. "Somehow, this model is based on enthusiasm," says Andrus Ansip, who was prime minister during the 2007 attack and now oversees digital affairs for the European Commission. To gauge officials' responses to realistic attacks, the unit might send out emails with sketchy links or drop infected USB sticks to see if someone takes the bait.
A recurring discussion in Overwatch (as well as other online games) is whether or not women are treated differently from men. If you do a quick search, you can find hundreds of discussions about this, some of which have well over a thousand comments. These discussions tend to go the same way and involve the same debate every time, with the same points being made on both sides. Just for example, thesethreethreads on reddit that spun out of a single post that have a total of 10.4k comments. On one side, you have people saying "sure, women get trash talked, but I'm a dude and I get trash talked, everyone gets trash talked there's no difference", "I've never seen this, it can't be real", etc., and on the other side you have people saying things like "when I play with my boyfriend, I get accused of being carried by him all the time but the reverse never happens", "people regularly tell me I should play mercy[, a character that's a female healer]", and so on and so forth. In less time than has been spent on a single large discussion, we could just run the experiment, so here it is.
This is the result of playing 339 games in the two main game modes, quick play (QP) and competitive (comp), where roughly half the games were played with a masculine name (where the username was a generic term for a man) and half were played with a feminine name (where the username was a woman's name). I recorded all of the comments made in each of the games and then classified the comments by type. Classes of comments were "sexual/gendered comments", "being told how to play", "insults", and "compliments".
In each game that's included, I decided to include the game (or not) in the experiment before the character selection screen loaded. In games that were included, I used the same character selection algorithm, I wouldn't mute anyone for spamming chat or being a jerk, I didn't use voice chat, I never sent friend requests, and I was playing outside of a group in order to get matched with 5 random players. When playing normally, I might choose a character I don't know how to use well and I'll mute people who pollute chat with bad comments. There are a lot of games that weren't included in the experiment because I wasn't in a mood to listen to someone rage at their team for fifteen minutes and the procedure I used involved pre-committing to not muting people who do that.
Sexual or sexually charged comments
I thought I'd see more sexual comments when using the feminine name as opposed to the masculine name, but that turned out to not be the case. There was some mention of sex, genitals, etc., in both cases and the rate wasn't obviously different and was actually higher in the masculine condition.
Zero games featured comments were directed specifically at me in the masculine condition and two (out of 184) games in the feminine condition featured comments that were directed at me. Most comments were comments either directed at other players or just general comments to team or game chat.
Examples of typical undirected comments that would occur in either condition include ""my girlfriend keeps sexting me how do I get her to stop?", "going in balls deep", "what a surprise. *strokes dick* [during the post-game highlight]", and "support your local boobies".
The two games that featured sexual comments directed at me had the following comments:
"please mam can i have some coochie", "yes mam please" [from two different people], ":boicootie:"
"my dicc hard" [believed to be directed at me from context]
During games not included in the experiment (I generally didn't pay attention to which username I was on when not in the experiment), I also got comments like "send nudes". Anecdotally, there appears to be a different in the rate of these kinds of comments directed at the player, but the rate observed in the experiment is so low that uncertainty intervals around any estimates of the true rate will be similar in both conditions unless we use a strong prior.
The fact that this difference couldn't be observed in 339 games was surprising to me, although it's not inconsistent with McDaniel's thesis, a survey of women who play video games. 339 games probably sounds like a small number to serious gamers, but the only other randomized experiment I know of on this topic (besides this experiment) is Kasumovic et al., which notes that "[w]e stopped at 163 [games] as this is a substantial time effort".
All of the analysis uses the number of games in which a type of comment occured and not tone to avoid having to code comments as having a certain tone in order to avoid possibly injecting bias into the process. Sentiment analysis models, even state-of-the-art ones often return nonsensical results, so this basically has to be done by hand, at least today. With much more data, some kind of sentiment analysis, done with liberal spot checking and re-training of the model, could work, but the total number of comments is so small in this case that it would amount to coding each comment by hand.
Being told how to play
The most striking, easy to quantify, difference was the rate at which I played games in which people told me how I should play. Since it's unclear how much confidence we should have in the difference if we just look at the raw rates, we'll use a simple statistical model to get the uncertainty interval around the estimates. Since I'm not sure what my belief about this should be, this uses an uninformative prior, so the estimate is close to the actual rate. Anyway, here are the uncertainty intervals a simple model puts on the percent of games where at least one person told me I was playing wrong, that I should change how I'm playing, or that I switch characters:
Cond
Est
P25
P75
F comp
19
13
25
M comp
6
2
10
F QP
4
3
6
M QP
1
0
2
The experimental conditions in this table are masculine vs. feminine name (M/F) and competitive mode vs quick play (comp/QP). The numbers are percents. Est is the estimate, P25 is the 25%-ile estimate, and P75 is the 75%-ile estimate. Competitive mode and using a feminine name are both correlated with being told how to play. See this post by Andrew Gelman for why you might want to look at the 50% interval instead of the 95% interval.
For people not familiar with overwatch, in competitive mode, you're explicitly told what your ELO-like rating is and you get a badge that reflects your rating. In quick play, you have a rating that's tracked, but it's never directly surfaced to the user and you don't get a badge.
It's generally believed that people are more on edge during competitive play and are more likely to lash out (and, for example, tell you how you should play). The data is consistent with this common belief.
Per above, I didn't want to code tone of messages to avoid bias, so this table only indicates the rate at which people told me I was playing incorrectly or asked that I switch to a different character. The qualitative difference in experience is understated by this table. For example, the one time someone asked me to switch characters in the masculine condition, the request was a one sentence, polite, request ("hey, we're dying too quickly, could we switch [from the standard one primary healer / one off healer setup] to double primary healer or switch our tank to [a tank that can block more damage]?"). When using the feminine name, a typical case would involve 1-4 people calling me human garbage for most of the game and consoling themselves with the idea that the entire reason our team is losing is that I won't change characters.
The simple model we're using indicates that there's probably a difference between both competitive and QP and playing with a masculine vs. a feminine name. However, most published results are pretty bogus, so let's look at reasons this result might be bogus and then you can decide for yourself.
Threats to validity
The biggest issue is that this wasn't a pre-registered trial. I'm obviously not going to go and officially register a trial like this, but I also didn't informally "register" this by having this comparison in mind when I started the experiment. A problem with non-pre-registered trials is that there are a lot of degrees of freedom, both in terms of what we could look at, and in terms of the methodology we used to look at things, so it's unclear if the result is "real" or an artifact of fishing for something that looks interesting. A standard example of this is that, if you look for 100 possible effects, you're likely to find 1 that appears to be statistically significant with p = 0.01.
There are standard techniques to correct for this problem (e.g., Bonferroni
correction), but I don't find these convincing because they usually don't capture all of the degrees of freedom that go into a statistical model. An example is that it's common to take a variable and discretize it into a few buckets. There are many ways to do this and you generally won't see papers talk about the impact of this or correct for this in any way, although changing how these buckets are arranged can drastically change the results of a study. Another common knob people can use to manipulate results is curve fitting to an inappropriate curve (often a 2nd a 3rd degree polynomial when a scatterplot shows that's clearly incorrect). Another way to handle this would be to use a more complex model, but I wanted to keep this as simple as possible.
If I wanted to really be convinced on this, I'd want to, at a minimum, re-run this experiment with this exact comparison in mind. As a result, this experiment would need to be replicated to provide more than a preliminary result that is, at best, weak evidence.
One other large class of problem with randomized controlled trials (RCTs) is that, despite randomization, the two arms of the experiment might be different in some way that wasn't randomized. Since Overwatch doesn't allow you to keep changing your name, this experiment was done with two different accounts and these accounts had different ratings in competitive mode. On average, the masculine account had a higher rating due to starting with a higher rating, which meant that I was playing against stronger players and having worse games on the masculine account. In the long run, this will even out, but since most games in this experiment were in QP, this didn't have time to even out in comp. As a result, I had a higher win rate as well as just generally much better games with the feminine account in comp.
With no other information, we might expect that people who are playing worse get told how to play more frequently and people who are playing better should get told how to play less frequently, which would mean that the table above understates the actual difference.
However Kasumovic et al., in a gender-based randomized trial of Halo 3, found that players who were playing poorly were more negative towards women, especially women who were playing well (there's enough statistical manipulation of the data that a statement this concise can only be roughly correct, see study for details). If that result holds, it's possible that I would've gotten fewer people telling me that I'm human garbage and need to switch characters if I was average instead of dominating most of my games in the feminine condition.
If that result generalizes to OW, that would explain something which I thought was odd, which was that a lot of demands to switch and general vitriol came during my best performances with the feminine account. A typical example of this would be a game where we have a 2-2-2 team composition (2 players playing each of the three roles in the game) where my counterpart in the same role ran into the enemy team and died at the beginning of the fight in almost every engagement. I happened to be having a good day and dominated the other team (37-2 in a ten minute comp game, while focusing on protecting our team's healers) while only dying twice, once on purpose as a sacrifice and second time after a stupid blunder. Immediately after I died, someone asked me to switch roles so they could take over for me, but at no point did someone ask the other player in my role to switch despite their total uselesses all game (for OW players this was a Rein who immediately charged into the middle of the enemy team at every opportunity, from a range where our team could not possibly support them; this was Hanamura 2CP, where it's very easy for Rein to set up situations where their team cannot help them). This kind of performance was typical of games where my team jumped on me for playing incorrectly. This isn't to say I didn't have bad games; I had plenty of bad games, but a disproportionate number of the most toxic experiences came when I was having a great game.
Games at different ratings are probably also generally different environments and get different comments, but it's not clear if there are more negative comments at 2000 than 2500 or vice versa. There are a lot of online debates about this; for any rating level other than the very lowest or the very highest ratings, you can find a lot of people who say that the rating band they're in has the highest volume of toxic comments.
Other differences
Here are some things that happened while playing with the feminine name that didn't happen with the masculine name during this experiment or in any game outside of this experiment:
unsolicited "friend" requests from people I had no textual or verbal interaction with (happened 7 times total, didn't track which cases were in the experiment and which weren't)
someone on the other team deciding that my team wasn't doing a good enough job of protecting me while I was playing healer, berating my team, and then throwing the game so that we won (happened once during the experiment)
someone on my team flirting with me and then flipping out when I don't respond, who then spends the rest of the game calling me autistic or toxic (this happened once during the experiment, and once while playing in a game not included in the experiment)
The rate of all these was low enough that I'd have to play many more games to observe something without a huge uncertainty interval.
I didn't accept any friend requests from people I had no interaction with. Anecdotally, some people report people will send sexual comments or berate them after an unsolicited friend request. It's possible that the effect show in the table would be larger if I accepted these friend requests and it couldn't be smaller.
I didn't attempt to classify comments as flirty or not because, unlike the kinds of commments I did classify, this is often somewhat subtle and you could make a good case that any particular comment is or isn't flirting. Without responding (which I didn't do), many of these kinds of comments are ambiguous
Another difference was in the tone of the compliments. The rate of games where I was complimented wasn't too different, but compliments under the masculine condition tended to be short and factual (e.g., someone from the other team saying "no answer for [name of character I was playing]" after a dominant game) and compliments under the feminine condition tended to be more effusive and multiple people would sometimes chime in about how great I was.
Non differences
The rate of complements and the rate of insults in games that didn't include explanations of how I'm playing wrong or how I need to switch characters were similar in both conditions.
Other factors
Some other factors that would be interesting to look at would be time of day, server, playing solo or in a group, specific character choice, being more or less communicative, etc., but it would take a lot more data to be able to get good estimates when adding it more variables. Blizzard should have the data necessary to do analyses like this in aggregate, but they're notoriously private with their data, so someone at Blizzard would have to do the work and then publish it publicly, and they're not really in the habit of doing that kind of thing. If you work at Blizzard and are interested in letting a third party do some analysis on an anonymized data set, let me know and I'd be happy to dig in.
Experimental minutiae
Under both conditions, I avoided ever using voice chat and would call things out in text chat when time permitted. Also under both conditions, I mostly filled in with whatever character class the team needed most, although I'd sometimes pick DPS (in general, DPS are heavily oversubscribed, so you'll rarely play DPS if you don't pick one even when unnecessary).
For quickplay, backfill games weren't counted (backfill games are games where you join after the game started to fill in for a player who left; comp doesn't allow backfills). 6% of QP games were backfills.
These games are from before the "endorsements" patch; most games were played around May 2018. All games were played in "solo q" (with 5 random teammates). In order to avoid correlations between games depending on how long playing sessions were, I quit between games and waited for enough time (since you're otherwise likely to end up in a game with some or many of the same players as before).
The model used probability of a comment happening in a game to avoid the problem that Kasumovic et al. ran into, where a person who's ranting can skew the total number of comments. Kasumovic et al. addressed this by removing outliers, but I really don't like manually reaching in and removing data to adjust results. This could also be addressed by using a more sophisticated model, but a more sophisticated model means more knobs which means more ways for bias to sneak in. Using the number of players who made comments instead would be one way to mitigate this problem, but I think this still isn't ideal because these aren't independent -- when one player starts being negative, this greatly increases the odds that another player in that game will be negative, but just using the number of players makes four games with one negative person the same as one game with four negative people. This can also be accounted for with a slightly more sophisticated model, but that also involves adding more knobs to the model.
Appendix: comments / advice to overwatch players
A common complaint, perhaps the most common complaint by people below 2000 SR (roughly 30%-ile) or perhaps 1500 SR (roughly 10%-ile) is that they're in "ELO hell" and are kept down because their teammates are too bad. Based on my experience, I find this to be extremely unlikely.
People often split skill up into "mechanics" and "gamesense". My mechanics are pretty much as bad as it's possible to get. The last game I played seriously was a 90s video game that's basically online asteroids and the last game before that I put any time into was the original SNES super mario kart. As you'd expect from someone who hasn't put significant time into a post-90s video game or any kind of FPS game, my aim and dodging are both atrocious. On top of that, I'm an old dude with slow reflexes and I was able to get to 2500 SR (roughly 60%-ile) by avoiding a few basic fallacies and blunders despite have approximately zero mechanical skill. If you're also an old dude with basically no FPS experience, you can do the same thing; if you have good reflexes or enough FPS experience to actually aim or dodge, you basically can't be worse mechnically than I am and you can do much better by avoiding a few basic mistakes.
The most common fallacy I see repeated is that you have to play DPS to move out of bronze or gold. The evidence people give for this is that, when a GM streamer plays flex, tank, or healer, they sometimes lose in bronze. I guess the idea is that, because the only way to ensure a 99.9% win rate in bronze is to be a GM level DPS player and play DPS, the best way to maintain a 55% or a 60% win rate is to play DPS, but this doesn't follow.
Healers and tanks are both very powerful in low ranks. Because low ranks feature both poor coordination and relatively poor aim (players with good coordination or aim tend to move up quickly), time-to-kill is very slow compared to higher ranks. As a result, an off healer can tilt the result of a 1v1 (and sometimes even a 2v1) matchup and a primary healer can often determine the result of a 2v1 matchup. Because coordination is poor, most matchups end up being 2v1 or 1v1. The flip side of the lack of coordination is that you'll almost never get help from teammates. It's common to see an enemy player walk into the middle of my team, attack someone, and then walk out while literally no one else notices. If the person being attacked is you, the other healer typically won't notice and will continue healing someone at full health and none of the classic "peel" characters will help or even notice what's happening. That means it's on you to pay attention to your surroundings and watching flank routes to avoid getting murdered.
If you can avoid getting murdered constantly and actually try to heal (as opposed to many healers at low ranks, who will try to kill people or stick to a single character and continue healing them all the time even if they're at full health), you outheal a primary healer half the time when playing an off healer and, as a primary healer, you'll usually be able to get 10k-12k healing per 10 min compared to 6k to 8k for most people in Silver (sometimes less if they're playing DPS Moira). That's like having an extra half a healer on your team, which basically makes the game 6.5 v 6 instead of 6v6. You can still lose a 6.5v6 game, and you'll lose plenty of games, but if you're consistently healing 50% more than an normal healer at your rank, you'll tend to move up even if you get a lot of major things wrong (heal order, healing when that only feeds the other team, etc.).
A corollary to having to watch out for yourself 95% when playing a healer is that, as a character who can peel, you can actually watch out for your teammates and put your team at a significant advantage in 95% of games. As Zarya or Hog, if you just boringly play towards the front of your team, you can basically always save at least one teammate from death in a team fight, and you can often do this 2 or 3 times. Meanwhile, your counterpart on the other team is walking around looking for 1v1 matchups. If they find a good one, they'll probably kill someone, and if they don't (if they run into someone with a mobility skill or a counter like brig or reaper), they won't. Even in the case where they kill someone and you don't do a lot, you still provide as much value as them and, on average, you'll provide more value. A similar thing is true of many DPS characters, although it depends on the character (e.g., McCree is effective as a peeler, at least at the low ranks that I've played in). If you play a non-sniper DPS that isn't suited for peeling, you can find a DPS on your team who's looking for 1v1 fights and turn those fights into 2v1 fights (at low ranks, there's no shortage of these folks on both teams, so there are plenty of 1v1 fights you can control by making them 2v1).
All of these things I've mentioned amount to actually trying to help your team instead of going for flashy PotG setups or trying to dominate the entire team by yourself. If you say this in the abstract, it seems obvious, but most people think they're better than their rating. A survey of people's perception of their own skill level vs. their actual rating found that 1% of people thought they were overrated, 32% of people thought they were rated accurately, and the other 77% of people thought they were underrated.
Outside of obvious gameplay mistakes, the other big thing that loses games is when someone tilts and either starts playing terribly or flips out and says something to enrage someone else on the team, who then starts playing terribly. I don't think you can actually do much about this directly, but you can never do this, so 5/6th of your team will do this at some base rate, whereas 6/6 of the other team will do this. Like all of the above, this won't cause you to win all of your games, but everything you do that increases your win rate makes a difference.
Poker players have the right attitude when they talk about leaks. The goal isn't to win every hand, it's to increase your EV by avoiding bad blunders (at high levels, it's about more than avoiding bad blunders, but we're talking about getting out of below median ranks, not becoming GM here). You're going to have terrible games where you get 5 people instalocking DPS. Your odds of winning a game are low, say 10%. If you get mad and pick DPS and reduce your odds even further (say this is to 2%), all that does is create a leak in your win rate during games when your teammates are being silly.
If you gain/lose 25 rating per game for a win or a loss, your average rating change from a game is 25 (W_rate - L_rate) = 25 (2W_rate - 1). Let's say 1/40 games are these silly games where your team decides to go all DPS. The per-game SR difference of trying to win these vs. soft throwing is maybe something like 1/40 * 25 (2 * 0.08) = 0.1. That doesn't sound like much and these numbers are just guesses, but everyone outside of very high-level games is full of leaks like these, and they add up. And if you look at a 60% win rate, which is pretty good considering that your influence is limited because you're only one person on a 6 person team, that only translates to an average of 5SR per game, so it doesn't actually take that many small leaks to really move your average SR gain or loss.
Appendix: general comments on online gaming, 20 years ago vs. today
Since I'm unlikely to write another blog post on gaming any time soon, here are some other random thoughts that won't fit with any other post. My last serious experience with online games was with a game from the 90s. Even though I'd heard that things were a lot worse, I was still surprised by it. IRL, the only time I encounter the same level and rate of pointless nastiness in a recreational activity is down at the bridge club (casual bridge games tend to be very nice). When I say pointless nastiness, I mean things like getting angry and then making nasty comments to a teammate mid-game. Even if your "criticism" is correct (and, if you review OW games or bridge hands, you'll see that these kinds of angry comments are almost never correct), this has virtually no chance of getting your partner to change their behavior and it has a pretty good chance of tilting them and making them play worse. If you're trying to win, there's no reason to do this and good reason to avoid this.
If you look at the online commentary for this, it's common to see people blaming kids, but this doesn't match my experience at all. For one thing, when I was playing video games in the 90s, a huge fraction of the online gaming population was made up of kids, and online game communities were nicer than they are today. Saying that "kids nowadays" are worse than kids used to be is a pastime that goes back thousands of years, but it's generally not true and there doesn't seem to be any reason to think that it's true here.
Additionally, this simply doesn't match what I saw. If I just look at comments over audio chat, there were a couple of times when some kids were nasty, but almost all of the comments are from people who sound like adults. Moreover, if I look at when I played games that were bad, a disproportionately large number of those games were late (after 2am eastern time, on the central/east server), where the relative population of adults is larger.
And if we look at bridge, the median age of an ACBL member is in the 70s, with an increase in age of a whopping 0.4 years per year.
Sure, maybe people tend to get more mature as they age, but in any particular activity, that effect seems to be dominated by other factors. I don't have enough data at hand to make a good guess as to what happened, but I'm entertained by the idea that this might have something to do with it:
Iâve said this before, but one of the single biggest culture shocks Iâve ever received was when I was talking to someone about five years younger than I was, and she said âWait, you play video games? Iâm surprised. You seem like way too much of a nerd to play video games. Isnât that like a fratboy jock thing?â
Appendix: code and data
If you want to play with this data and model yourself, experiment with different priors, run a posterior predictive check, etc., here's a snippet of R code that embeds the data:
The model here is simple enough that I wouldn't expect the version of software used to significantly affect results, but in case you're curious, this was done with brms 2.7.0, rstan 2.18.2, on R 3.5.1.
Thanks to Leah Hanson, Sean Talts and Sean's math/stats reading group, Annie Cherkaev,
Robert Schuessler, Wesley Aptekar-Cassels, Julia Evans, Paul Gowder, Jonathan Dahan, Bradley Boccuzzi, Akiva Leffert, and one or more anonymous commenters for comments/corrections/discussion.
âThe study of the heavens from a purely aesthetic point of view is scorned in this technological age.â- James Muriden
âThe serene art of visual observing.â â Lee Cain
âI would rather freeze and fight off mosquitoes than play astronomy on a computer.â â Ben Funk
âThe high-tech devices pervading the market are ruining the spirit of the real meaning of recreational astronomy.â â Jorge Cerritos
âWhatever happened to what amateur astronomers really care about â simply enjoying the beauty of the night sky?â â Mark Hladik
âTo me, astronomy means learning about the universe by looking at it.â â Daniel Weedman
âNobody sits out in the cold dome any more â weâre getting further and further away from the sky all the time. You just sit in the control room and watch monitors.â Charles Kowal (Palomar Obs.)
âAll galaxies deserve to be stared at for a full 15 minutes.â â Michael Covington
âEvery tint that blooms in the flowers of Summer flames out in the stars at night.â J.D. Steele (ref. especially to double stars)
âBut letâs forget the astrophysics and simply enjoy the spectacle. â Scotty Houston
âI became an astronomer not to access the facts about the sky but to see and feel its majesty.â â David Levy
âThe feeling of being alone in the universe on a starlit night, cruising on wings of polished glass, flitting in seconds from a point millions of miles away to one billions of lightyears distant is euphoric.â Tom Lorenzin
ââ¦the fun of sight-seeing, the sheer joy of firsthand acquaintance with incredibly wonderful and beautiful things.â â Robert Burnham
âOne gentle dose of starlight to be taken each night just before retiring.â â Leslie Peltier
âTo me, telescope viewing is primarily an aesthetic experience.â Terry Dickinson
âSpend your nights getting intoxicated with photons!â â Telescope Advertisement
âTime spent with 2-billion-year-old photons is potent stuff.â â Peter Lord
âI am because I observe. â Thaddeus Banachiewicz
âThe views are so incredibly fantastic!â â Jack Newton
âWhen youâre in the observerâs cage of the 200-inchâ¦itâs romantic, beautiful, marvelous.â â Jesse Greenstein (Palomar Observatory)
âObserving all seems so natural, so real, so obvious. How could it possibly be any other way?â Jerry Spevak
âA night under the stars rewards the bug bites, the cloudy skies, the next-day fuzzies, and the thousands of frustrations with priceless moments of sublime beauty.â â Richard Berry
âAnd thereâs always that special pleasure in knowing that, when you look upon that distant light, it has traveled all those lightyears â such an incredible journey â just for you.â â Ken Fulton
âGazing into the beginning of everything, we are young once again. â Ron Evans
âBut it is to be hoped that [someone] will carry out the authorâs idea and study the whole visible heavens from what might be termed a picturesque point of view.â â T.W. Webb
âThis book is an effort to rescue the ancient love of simple stargazing from the avalanche of mathematics and physics under which modern astronomy threatens to bury it.â â Henry Neely
âBut are silent worship and contemplation the very essence of stargazing?â â David Levy
âTo gaze into space is to embark upon a spiritual quest, an experience of awe and wonder.â â Roger Ressmeyer
âHow can a person ever forget the scene, the glory of a thousand stars in a thousand huesâ¦.â â Scotty Houston
âDelightful planetary nebulae â ephemeral spheres that shine in pale hues of blue and green and float amid the golden and pearly star currents of our Galaxy on the foam of the Milky Way like the balloons of our childhood dreams. If you want to stop the world and get off, the lovely planetaries sail by to welcome you.â â Scotty Houston
âThe celestial actors are in place, a serene majesty washes over the stage, and I can almost hear the music of galactic trumpets in their opening bar.â- Scotty Houston (anticipating his death that happened shortly after he wrote this??)
And not lastly or least, the following is by a contemporary amateur, who has always claimed to be nothing more than a humble backyard observer, and a good friend of mine for many years.  The co-founder of the Observerâs Challenge report, which has gained a following all across the country and beyond.  The Challenge will celebrate its 120th consecutive monthly report, February 2019.  An amazing contribution to amateur astronomy for sure! Â
Last week was a tough one at work with several really long days and an out of town stay. That left me looking forward to a relaxing weekend at home with nothing specific on the agenda despite the ARRL DX CW Contest.
Itâs tough to completely ignore a big one like this, so Saturday afternoon I waded into the shallow end of the event. I spent an hour operating QRP on 40 meters and put a small number of stations in the log. While the band wasnât in great shape, itâs amazing how much better things work when lots of people are available to call.
Though it was a chilly 22F here, the magic of radio transported me to warm Caribbean waters. The Caymans, Costa Rica, Curacao, Bonaire, and the Virgin Islands. And just before wrapping up, I worked another bit of paradise, Hawaii.
We slept in on Sunday morning and enjoyed a lazy start to the day but before noon I was back in the shack for another hour. This time, it was QRP on 20 meters and another dose of Caribbean weather. French Guiana, the Bahamas, Montserrat, and Barbados. After that it was the Azores, Spain, Croatia, the Canary Islands, Madeira Island, and then even more Hawaii.
Nothing remarkable was worked but thereâs almost always a surprise. Turns out, I didnât have Barbados on 40 CW so that could be a plus, if he confirms.
Most of all, it was just plain fun, and a nice treat to call a DX station and have them call me back at the bottom of this wretched solar cycle. Radiosport enthusiasts are highly talented operators whose skill and patience never cease to amaze me.
It seems that someone from a company called Swift Recovery Ltd. is impersonating me -- at least on Telegram. The person is using a photo of me, and is using details of my life available on Wikipedia to convince people that they are me.
They are not.
If anyone has any more information -- stories, screen shots of chats, etc. -- please forward them to me.
The full moon rising over Duluthâs Park Point last fall. Thicker air near the horizon filters out the green, blues and violets from the rising moon, leaving the warmer hues to color it. Click the photo to find out when the moon rises for your town. Bob King
Iâm back! Due to server errors the blog was offline over the weekend. My apologies. In case you havenât heard, the full Snow Moon will light the sky tonight. It also happens to be the closest full moon of the year, one of three supermoons in 2019. Supermoons occur when the moon is full at the same time itâs close to the Earth. Not only does it appear larger â 7 percent wider than a typical full moon â but also brighter. Will you be able to tell the difference? Some people can and some canât. Iâm one of the latter.
Full moon is the best time to notice Earthâs shadow rising in the eastern sky. Itâs the gray band that comes up along with the moon. A clear view to the east is all you need to see it. Bob King
Moon and Earth will be closest tomorrow morning, Feb. 19 around 3 a.m. Central Time (4 a.m. Eastern; 2 a.m. Mountain and 1 a.m. Pacific) when 221,681 miles (356,761 km) will separate them compared to their average distance of 239,000 miles. Last monthâs Wolf supermoon passed into total eclipse, making for a spectacular sight. Tonightâs supermoon wonât be able to compete with that, but it does win âclosest full moon of the yearâ contest. Not by much. The Snow Moon will be about 360 miles (580 km) closer than the Wolf Moon.
Check out the difference in the shape and color in the moon between moonrise and when itâs high in the sky. Near the horizon, the extra thickness (density) of air acts like a prism and bends the bottom of the moon into the top, âsquishingâ it. Bob King
The moment of full moon, when the moonâs entire face is lit by the sun, happens tomorrow(Feb. 19) around 10 a.m. That means tonightâs âfull moonâ will appear a hair shy of full and rise not at sunset but nearly an hour before. Expect to see a big, bright moon lighting up the eastern sky earlier than usual! The following night it will rise not long after sunset in early twilight. In a darker sky the moon will make a more dramatic entry compared to its washed-out appearance in this eveningâs still-sunlit sky.
Tomorrow nightâs moon will be just past full, but I doubt weâll be able to tell the difference with the naked eye. Binoculars and telescopes â yes. Both nights, the moon shines from the constellation Leo not far from its brightest star, Regulus. Look left and below for Regulus tonight and to the right and above Tuesday night.
Take a look southeast tomorrow morning for three planets with Venus still close to Saturn. Stellarium
Did you happen to go out this morning at dawn to look at the planets? If you did you probably noticed that Venus glowed atop a dimmer companion. That was Saturn, and the two were in conjunction this morning just 1° apart. If you missed it, theyâll be nearly as close tomorrow morning (1.5°) and joined by Jupiter in the southeastern sky about an hour before sunrise.
After almost a month as VK2/VE3DTI it was time to get back to VA3/VE3. A short early flight in a Quantas Dash-8-300 provided the initial hop to Sydney, NSW. The change from domestic to International terminals was smooth using the free airport bus. The huge Boeing 777-400 of Air Canada took off with some delay for its non-stop transpacific flight to Vancouver, where, according to the original schedule, a change of airplanes would be required to board a direct flight to Ottawa. However, due to Ottawa weather conditions the flight YVR-YOW was cancelled and replaced with a flight YVR-YYZ (in the same craft flown from Sydney) and a connecting flight YYZ-YOW the same day was added to the schedule. However, on arrival to Toronto all flights to Ottawa had been cancelled. The best hope was a morning flight the following day. It was time to buy the latest John Grisham thriller and find a comfortable airport seat near a Starbucks⦠(spending a night in an airport may seem an uncomfortable proposition, but for anyone having just flewn economic class over the entire Pacific Ocean, it may appear as a rather appealing improvementâ¦). Luckily, in spite of Ottawa being under several feet of snow, the morning flight to Ottawa was on time. While fraying a path from the cab to the door of the house required some knee-deep wading, the appeal of home-sweet-home was too strong for the tall snow banks to deny entrance.
In the end, a large number of different species of native Australian birds had been photographed in their natural environments, around Armidale, in Katoomba and the Blue Mountains, and in the park surrounding the Wollomombi Falls. Also fourteen QSOs had been logged from Armidale, in three bands, four modes and seven different DXCCâs:
FK8IK, New Caledonia Is. (20M CW): 1738 KM
VK7CW, Tasmania: (40M CW) 1304 KM
ZL1MVL, New Zealand: (30M FT8) 2245 K
VK7BO, Tasmania: (30M FT8) 1285 KM
E51BQ, Rarotonga Is.(Cook Is.): (30M FT8) 4937 KM
ZL3GAV, New Zealand: (30M FT8) 2347 KM
3D2AG, Fiji: (30M CW) 3041 KM
VK3AHR, Australia; (40M SSB) 578 KM
ZL2IFB, New Zealand: (17M FT8) 2479 KM
YB1BML, Jawa Is.: (20M FT8) 5285 KM
VK7DD, Tasmania: (30M FT8) 1301 KM
JH7DFZ, Japan: (20M FT8) 7637 KM
FK8GX, New Caledonia Is. (40M FT8): 1703 KM
JI1LET, Japan (20M RTTY): 7529 KM
But that was not all⦠as a day before departure, face-to-face QSOs were also possible with prominent members of the Armidale & District Amateur Radio Club: Rick VK2RR, the current President of the Club, had provided pertinent advice on how to operate as a VK2 station and I insisted on thanking him in person. The ADARC meets every Saturday morning, in this occasion at the Cedar Lodge Motel owned by Rick. The following picture shows VK2/VE3DTI (wearing a RAC t-shirt)  flanked from left to right by Steve Lisle VK2SL, Rick Rodgers VK2RR-VK4HF and Richard Katsch VK2EIK. My appreciation goes to all of them for their kind reception, the opportunity to meet and find out about their careers and radio achievements:
The U.S. government â along with a number of leading security companies â recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.
This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers.
Before we delve into the extensive research that culminated in this post, itâs helpful to review the facts disclosed publicly so far. On Nov. 27, 2018, Ciscoâs Talos research division published a write-up outlining the contours of a sophisticated cyber espionage campaign it dubbed âDNSpionage.â
The DNS part of that moniker refers to the global âDomain Name System,â which serves as a kind of phone book for the Internet by translating human-friendly Web site names (example.com) into numeric Internet address that are easier for computers to manage.
Talos said the perpetrators of DNSpionage were able to steal email and other login credentials from a number of government and private sector entities in Lebanon and the United Arab Emirates by hijacking the DNS servers for these targets, so that all email and virtual private networking (VPN) traffic was redirected to an Internet address controlled by the attackers.
Talos reported that these DNS hijacks also paved the way for the attackers to obtain SSL encryption certificates for the targeted domains (e.g. webmail.finance.gov.lb), which allowed them to decrypt the intercepted email and VPN credentials and view them in plain text.
On January 9, 2019, security vendor FireEyereleased its report, âGlobal DNS Hijacking Campaign: DNS Record Manipulation at Scale,â which went into far greater technical detail about the âhowâ of the espionage campaign, but contained few additional details about its victims.
About the same time as the FireEye report, the U.S. Department of Homeland Security issued a rare emergency directive ordering all U.S. federal civilian agencies to secure the login credentials for their Internet domain records. As part of that mandate, DHS published a short list of domain names and Internet addresses that were used in the DNSpionage campaign, although those details did not go beyond what was previously released by either Cisco Talos or FireEye.
That changed on Jan. 25, 2019, when security firm CrowdStrikepublished a blog post listing virtually every Internet address known to be (ab)used by the espionage campaign to date. The remainder of this story is based on open-source research and interviews conducted by KrebsOnSecurity in an effort to shed more light on the true extent of this extraordinary â and ongoing â attack.
The âindicators of compromiseâ related to the DNSpionage campaign, as published by CrowdStrike.
PASSIVE DNS
I began my research by taking each of the Internet addresses laid out in the CrowdStrike report and running them through both Farsight Security and SecurityTrails, services that passively collect data about changes to DNS records tied to tens of millions of Web site domains around the world.
Working backwards from each Internet address, I was able to see that in the last few months of 2018 the hackers behind DNSpionage succeeded in compromising key components of DNS infrastructure for more than 50 Middle Eastern companies and government agencies, including targets in Albania, Cyprus, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Saudi Arabia and the United Arab Emirates.
For example, the passive DNS data shows the attackers were able to hijack the DNS records for mail.gov.ae, which handles email for government offices of the United Arab Emirates. Here are just a few other interesting assets successfully compromised in this cyber espionage campaign:
-nsa.gov.iq: the National Security Advisory of Iraq -webmail.mofa.gov.ae: email for the United Arab Emiratesâ Ministry of Foreign Affairs -shish.gov.al: the State Intelligence Service of Albania -mail.mfa.gov.eg: mail server for Egyptâs Ministry of Foreign Affairs -mod.gov.eg: Egyptian Ministry of Defense -embassy.ly: Embassy of Libya -owa.e-albania.al: the Outlook Web Access portal for the e-government portal of Albania -mail.dgca.gov.kw: email server for Kuwaitâs Civil Aviation Bureau -gid.gov.jo: Jordanâs General Intelligence Directorate -adpvpn.adpolice.gov.ae: VPN service for the Abu Dhabi Police -mail.asp.gov.al: email for Albanian State Police -owa.gov.cy: Microsoft Outlook Web Access for Government of Cyprus -webmail.finance.gov.lb: email for Lebanon Ministry of Finance -mail.petroleum.gov.eg: Egyptian Ministry of Petroleum -mail.cyta.com.cy: Cyta telecommunications and Internet provider, Cyprus -mail.mea.com.lb: email access for Middle East Airlines
The passive DNS data provided by Farsight and SecurityTrails also offered clues about when each of these domains was hijacked. In most cases, the attackers appear to have changed the DNS records for these domains (weâll get to the âhowâ in a moment) so that the domains pointed to servers in Europe that they controlled.
Shortly after the DNS records for these TLDs were hijacked â sometimes weeks, sometimes just days or hours â the attackers were able to obtain SSL certificates for those domains from SSL providers Comodo and/or Letâs Encrypt. The preparation for several of these attacks can be seen at cert.sh, which provides a searchable database of all new SSL certificate creations.
Letâs take a closer look at one example. The CrowdStrike report references the Internet address 139.59.134[.]216 (see above), which according to Farsight was home to just seven different domains over the years. Two of those domains only appeared at that Internet address in December 2018, including domains in Lebanon and â curiously â Sweden.
The first domain was âns0.idm.net.lb,â which is a server for the Lebanese Internet service provider IDM. From early 2014 until December 2018, ns0.idm.net.lb pointed to 194.126.10[.]18, which appropriately enough is an Internet address based in Lebanon. But as we can see in the screenshot from Farsightâs data below, on Dec. 18, 2018, the DNS records for this ISP were changed to point Internet traffic destined for IDM to a hosting provider in Germany (the 139.59.134[.]216 address).
Source: Farsight Security
Notice what else is listed along with IDMâs domain at 139.59.134[.]216, according to Farsight:
The DNS records for the domains sa1.dnsnode.net and fork.sth.dnsnode.net also were changed from their rightful home in Sweden to the German hosting provider controlled by the attackers in December. These domains are owned by Netnod Internet Exchange, a major global DNS provider based in Sweden. Netnod also operates one of the 13 ârootâ name servers, a critical resource that forms the very foundation of the global DNS system.
Weâll come back to Netnod in a moment. But first letâs look at another Internet address referenced in the CrowdStrike report as part of the infrastructure abused by the DNSpionage hackers: 82.196.11[.]127. This address in The Netherlands also is home to the domain mmfasi[.]com, which Crowdstrike says was one of the attackerâs domains that was used as a DNS server for some of the hijacked infrastructure.
As we can see in the screenshot above, 82.196.11[.]127 was temporarily home to another pair of Netnod DNS servers, as well as the server âns.anycast.woodynet.net.â That domain is derived from the nickname of Bill Woodcock, who serves as executive director of Packet Clearing House (PCH).
PCH is a nonprofit entity based in northern California that also manages significant amounts of the worldâs DNS infrastructure, particularly the DNS for more than 500 top-level domains and a number of the Middle East top-level domains targeted by DNSpionage.
TARGETING THE REGISTRARS
Contacted on Feb. 14 by KrebsOnSecurity, Netnod CEO Lars Michael Jogbäck confirmed that parts of Netnodâs DNS infrastructure were hijacked in late December 2018 and early January 2019 after the attackers gained access to accounts at Netnodâs domain name registrar.
Jogbäck pointed to a statement the company published on its Web site on Feb. 5, which says Netnod learned of its role in the attack on January 2 and has been in contact with all relevant parties and customers throughout this process.
âAs a participant in an international security co-operation, Netnod became aware on 2 January 2019 that we had been caught up in this wave and that we had experienced a MITM (man-in-the-middle) attack,â the statement reads. âNetnod was not the ultimate goal of the attack. The goal is considered to have been the capture of login details for Internet services in countries outside of Sweden.â
In an interview with this author on Feb. 15, PCHâs Woodcock acknowledged that portions of his organizationâs infrastructure were compromised after the DNSpionage hackers abused unauthorized access to its domain name registrar.
As it happens, the registrar records for both pch.net and dnsnode.net point to the same sources: Key-Systems GmbH, a domain registrar based in Germany; and Frobbit.se, a company in Sweden. Frobbit is a reseller of Key Systems, and the two companies share some of the same online resources.
Woodcock said the hackers phished credentials that PCHâs registrar used to send signaling messages known as the Extensible Provisioning Protocol (EPP). EPP is a little-known interface that serves as a kind of back-end for the global DNS system, allowing domain registrars to notify the regional registries (like Verisign) about changes to domain records, including new domain registrations, modifications, and transfers.
âAt the beginning of January, Key-Systems said they believed that their EPP interface had been abused by someone who had stolen valid credentials,â Woodcock said.
Key-Systems declined to comment for this story, beyond saying it does not discuss details of its reseller clientsâ businesses.
Netnodâs written statement on the attack referred further inquiries to the companyâs security director Patrik Fältström, who also is co-owner of Frobbit.se.
In an email to KrebsOnSecurity, Fältström said unauthorized EPP instructions were sent to various registries by the DNSpionage attackers from both Frobbit and Key Systems.
âThe attack was from my perspective clearly an early version of a serious EPP attack,â he wrote. âThat is, the goal was to get the right EPP commands sent to the registries. I am extremely nervous personally over extrapolations towards the future. Should registries allow any EPP command to come from the registrars? We will always have some weak registrars, right?â
DNSSEC
One of the more interesting aspects of these attacks is that both Netnod and PCH are vocal proponents and adopters of DNSSEC (a.k.a. âDNS Security Extensionsâ), which is a technology designed to defeat the very type of attack that the DNSpionage hackers were able to execute.
Image: APNIC
DNSSEC protects applications from using forged or manipulated DNS data, by requiring that all DNS queries for a given domain or set of domains be digitally signed. In DNSSEC, if a name server determines that the address record for a given domain has not been modified in transit, it resolves the domain and lets the user visit the site. If, however, that record has been modified in some way or doesnât match the domain requested, the name server blocks the user from reaching the fraudulent address.
While DNSSEC can be an effective tool for mitigating attacks such as those launched by DNSpionage, only about 20 percent of the worldâs major networks and Web sites have enabled it, according to measurements gathered by APNIC, the regional Internet address registry for the Asia-Pacific region.
Jogbäck said Netnodâs infrastructure suffered three separate attacks from the DNSpionage attackers. The first two occurred in a two-week window between Dec. 14, 2018 and Jan. 2, 2019, and targeted company servers that were not protected by DNSSEC.
However, he said the third attack between Dec. 29 and Jan. 2 targeted Netnod infrastructure that was protected by DNSSEC and serving its own internal email network. Yet, because the attackers already had access to its registrarâs systems, they were able to briefly disable that safeguard â or at least long enough to obtain SSL certificates for two of Netnodâsemail servers.
Jogbäck told KrebsOnSecurity that once the attackers had those certificates, they re-enabled DNSSEC for the companyâs targeted servers while apparently preparing to launch the second stage of the attack â diverting traffic flowing through its mail servers to machines the attackers controlled. But Jogbäck said that for whatever reason, the attackers neglected to use their unauthorized access to its registrar to disable DNSSEC before later attempting to siphon Internet traffic.
âLuckily for us, they forgot to remove that when they launched their man-in-the-middle attack,â he said. âIf they had been more skilled they would have removed DNSSEC on the domain, which they could have done.â
Woodcock says PCH validates DNSSEC on all of its infrastructure, but that not all of the companyâs customers â particularly some of the countries in the Middle East targeted by DNSpionage â had configured their systems to fully implement the technology.
Woodcock said PCHâs infrastructure was targeted by DNSpionage attackers in four distinct attacks between December 13, 2018 and January 2, 2019. With each attack, the hackers would turn on their password-slurping tools for roughly one hour, and then switch them off before returning the network to its original state after each run.
The attackers didnât need to enable their surveillance dragnet longer than an hour each time because most modern smartphones are configured to continuously pull new email for any accounts the user may have set up on his device. Thus, the attackers were able to hoover up a great many email credentials with each brief hijack.
On Jan. 2, 2019 â the same day the DNSpionage hackers went after Netnodâs internal email system â they also targeted PCH directly, obtaining SSLcertificates from Comodo for two PCH domains that handle internal email for the company.
Woodcock said PCHâs reliance on DNSSEC almost completely blocked that attack, but that it managed to snare email credentials for two employees who were traveling at the time. Those employeesâ mobile devices were downloading company email via hotel wireless networks that â as a prerequisite for using the wireless service â forced their devices to use the hotelâs DNS servers, not PCHâs DNNSEC-enabled systems.
âThe two people who did get popped, both were traveling and were on their iPhones, and they had to traverse through captive portals during the hijack period,â Woodcock said. âThey had to switch off our name servers to use the captive portal, and during that time the mail clients on their phones checked for new email. Aside from that, DNSSEC saved us from being really, thoroughly owned.â
Because PCH had protected its domains with DNSSEC, the practical effect of the hijack against its mail infrastructure was that for roughly an hour nobody but the two remote employees received any email.
âFor essentially all of our users, what it looked like was the mail server just wasnât available for a short period,â Woodcock said. âIt didnât resolve for a while if they happened to be checking their phone or whatever, and each person thought well thatâs funny, Iâll check it back in a while. And by the time they checked again it was working fine. A bunch of our staff noticed a brief outage in our email service, but nobody thought enough of it to discuss it with anyone else or open a ticket.â
But the DNSpionage hackers were not deterred. In a letter to its customers sent earlier this month, PCH said a forensic investigation determined that on Jan. 24 a computer which holds its Web site user database had been compromised. The user data stored in the database included customer usernames, bcrypt password hashes, emails, addresses, and organization names.
âWe see no evidence that the attackers accessed the user database or exfiltrated it,â the message reads. âSo we are providing you this information as a matter of transparency and precaution, rather than because we believe that your data was compromised.â
IMPROVEMENTS
Multiple experts interviewed for this story said one persistent problem with DNS-based attacks is that a great deal of organizations tend to take much of their DNS infrastructure for granted. For example, many entities donât even log their DNS traffic, nor do they keep a close eye on any changes made to their domain records.
Even for those companies making an effort to monitor their DNS infrastructure for suspicious changes, some monitoring services only take snapshots of DNS records passively, or else only do so actively on a once-daily basis. Indeed, Woodcock said PCH relied on no fewer than three monitoring systems, and that none of them alerted his organization to the various one-hour hijacks that hit PCHâs DNS systems.
âWe had three different commercial DNS monitoring services, none of which caught it,â he said. âNone of them even warned us that it had happened after the fact.â
Woodcock said PCH has since set up a system to poll its own DNS infrastructure multiple times each hour, and to alert immediately on any changes.
Jogbäck said Netnod also has beefed up its monitoring, as well as redoubled efforts to ensure that all of the available options for securing their domain infrastructure were being used. For instance, the company had not previously secured all of its domains with a âdomain lock,â a service that requires a registrar to take additional authentication steps before making any modifications to a domainâs records.
âWe are really sad we didnât do a better job of protecting our customers, but we are also a victim in the chain of the attack,â Jogbäck said. âYou can change to a better lock after youâve been robbed, and hopefully make it more difficult for someone to do it again. But I can truly say we have learned a tremendous amount from being a victim in this attack, and we are now much better off than before.â
Woodcock said heâs worried that Internet policymakers and other infrastructure providers arenât taking threats to the global DNS seriously or urgently enough, and heâs confident the DNSpionage hackers will have plenty of other victims to target and exploit in the months and years ahead.
âAll of this is a running battle,â he said. âThe Iranians are not just trying to do these attacks to have an immediate effect. Theyâre trying to get into the Internet infrastructure deeply enough so they can get away with this stuff whenever they want to. Theyâre looking to get as many ways in as possible that they can use for specific goals in the future.â
RECOMMENDATIONS
John Crain is chief security, stability and resiliency officer at ICANN, the non-profit entity that oversees the global domain name industry. Crain said many of the best practices that can make it more difficult for attackers to hijack a targetâs domains or DNS infrastructure have been known for more than a decade.
âA lot of this comes down to data hygiene,â Crain said. âLarge organizations down to mom-and-pop entities are not paying attention to some very basic security practices, like multi-factor authentication. These days, if you have a sub-optimal security stance, youâre going to get owned. Thatâs the reality today. Weâre seeing much more sophisticated adversaries now taking actions on the Internet, and if youâre not doing the basic stuff theyâre going to hit you.â
Some of those best practices for organizations include:
-Use DNSSEC (both signing zones and validating responses)
-Use registration features like Registry Lock that can help protect domain names records from being changed
-Use access control lists for applications, Internet traffic and monitoring
-Use 2-factor authentication, and require it to be used by all relevant users and subcontractors
-In cases where passwords are used, pick unique passwords and consider password managers
-Review accounts with registrars and other providers
In a recent commentary, while discussing season 2 of Star Trek: Discovery, I brought up the character Sybok, Spockââ¬â¢s half-brother who was never mentioned before he showed up in the fifth movie, or mentioned again after the fifth film ended.
At first I said that the name of the fifth movie was Star Trek: The Undiscovered Country. That was an error. The fifth movie was Star Trek: The Final Frontier. The Undiscovered Country was the sixth film. You would be surprised how embarrassing I found the error.
The fact that a week later Iââ¬â¢m forced to write a commentary for a comic that specifically mentions the fifth and sixth Star Trek movies is just fate rubbing my face in it.
As always, thanks for using my Amazon Affiliate links (US, UK, Canada).
When the idea of a YL only operation for a contest was suggested we considered a smaller contest like a QSO party or something like that. However when it was discussed, the YL's wanted something that would provide more activity so the CQ WW WPX SSB contest was chosen. It would be hosted at VE7IO.
Participants were six enthusiastic YL's, Marcy VE7JT, Christine VA7NLF, Margaret VE7TJF, Pam VE7PFH, Jeannie VA7QLT and Shirley VE7SHL. We used the call sign VE7JT.
Contest weekend arrived, the schedule was in place and everyone was keen to get going. We operated two radios in the high power category and happily everything worked well. We had to leave the night time operation dark, no pun intended, due to family commitments but the early morning and evening operation was covered.Â
By time they shut down on Friday we realized that this was going to be a good opportunity for the YLs.  Band conditions were looking very good and everyone now realized that this was going to be a fun weekend. Their best bands were 10, 15 and 20 meters with DX continuing to be heard late in the evening. They did not operate overnight and only had a very short opportunity to work 40m.
Over the past 3 years we have conducted contest training sessions here at VE7IO, VE7FO and VA7XB. The training program has been very successful and we can now proudly list a number of new very good contesters. The program has sparked interest in contesting so when the YL's asked if they could do a YL only contest entry with a training component it sounded like a great idea. Two of the operators were skilled in the "run" mode and this served to motivate the others as they watched and heard the DX stations calling us. With such good openings to the DX world, the "S&P" operators were able to log multipliers and see how their contributions increased the overall score. Between the "run" operation and the multipliers being added by the "S&P" operators, everyone had a great time and would definitely like to do this again.
Stan VA7NF dropped in on the Saturday to help with station management and plan strategy, the ladies just kept busy on the radios. Stan stayed most of the day and we both enjoyed assisting with band changes and monitoring activity.
For me this was the first time ever hosting an entirely YL group and it was great fun. We operated Multi/Multi (M/M) which gave us lots of latitude in making band changes and operating in the assisted mode. As a M/M entry they were nowhere near the big gun stations but the YL's were very proud of their accomplishment, having fun, learning new skills and achieving a reasonably good score.
It certainly seemed an advantage to have an all YL station. Whether it's their voice or their charm (they always added a greeting to their QSO) they always got a great response.
Operating time: 27 hrs. Score: 2,945,743
The graph clearly shows the down times but when they were on the air they did well.
MIT Hacker Tools. Generalized how-to-use UNIX tools. Much better than the usual overview articles you see, probably because itâs an actual course. (via)
[This year is the 20th anniversary of Cape Cod Light by Michael Hattersley. The other parts of this series are here.] Michael survived the AIDS epidemic without infection and died on his own terms, by his chosen vices of cigarettes and alcohol, but the toll the disease on him was inescapable. As with most gay men of his [â¦]
I have updated the Space Exploration History app with lots of new data. Ground Systems got a new entrant with South Korea, which is planning it's own Moon missions, the necessary ground infrastructure therefore has been added to the map.
In his 2008 white paper that first proposed bitcoin, the anonymous Satoshi Nakamoto concluded with: "We have proposed a system for electronic transactions without relying on trust." He was referring to blockchain, the system behind bitcoin cryptocurrency. The circumvention of trust is a great promise, but it's just not true. Yes, bitcoin eliminates certain trusted intermediaries that are inherent in other payment systems like credit cards. But you still have to trust bitcoin -- and everything about it.
Much has been written about blockchains and how they displace, reshape, or eliminate trust. But when you analyze both blockchain and trust, you quickly realize that there is much more hype than value. Blockchain solutions are often much worse than what they replace.
First, a caveat. By blockchain, I mean something very specific: the data structures and protocols that make up a public blockchain. These have three essential elements. The first is a distributed (as in multiple copies) but centralized (as in there's only one) ledger, which is a way of recording what happened and in what order. This ledger is public, meaning that anyone can read it, and immutable, meaning that no one can change what happened in the past.
The second element is the consensus algorithm, which is a way to ensure all the copies of the ledger are the same. This is generally called mining; a critical part of the system is that anyone can participate. It is also distributed, meaning that you don't have to trust any particular node in the consensus network. It can also be extremely expensive, both in data storage and in the energy required to maintain it. Bitcoin has the most expensive consensus algorithm the world has ever seen, by far.
Finally, the third element is the currency. This is some sort of digital token that has value and is publicly traded. Currency is a necessary element of a blockchain to align the incentives of everyone involved. Transactions involving these tokens are stored on the ledger.
Private blockchains are completely uninteresting. (By this, I mean systems that use the blockchain data structure but don't have the above three elements.) In general, they have some external limitation on who can interact with the blockchain and its features. These are not anything new; they're distributed append-only data structures with a list of individuals authorized to add to it. Consensus protocols have been studied in distributed systems for more than 60 years. Append-only data structures have been similarly well covered. They're blockchains in name only, and -- as far as I can tell -- the only reason to operate one is to ride on the blockchain hype.
All three elements of a public blockchain fit together as a single network that offers new security properties. The question is: Is it actually good for anything? It's all a matter of trust.
Trust is essential to society. As a species, humans are wired to trust one another. Society can't function without trust, and the fact that we mostly don't even think about it is a measure of how well trust works.
The word "trust" is loaded with many meanings. There's personal and intimate trust. When we say we trust a friend, we mean that we trust their intentions and know that those intentions will inform their actions. There's also the less intimate, less personal trust -- we might not know someone personally, or know their motivations, but we can trust their future actions. Blockchain enables this sort of trust: We don't know any bitcoin miners, for example, but we trust that they will follow the mining protocol and make the whole system work.
Most blockchain enthusiasts have a unnaturally narrow definition of trust. They're fond of catchphrases like "in code we trust," "in math we trust," and "in crypto we trust." This is trust as verification. But verification isn't the same as trust.
In 2012, I wrote a book about trust and security, Liars and Outliers. In it, I listed four very general systems our species uses to incentivize trustworthy behavior. The first two are morals and reputation. The problem is that they scale only to a certain population size. Primitive systems were good enough for small communities, but larger communities required delegation, and more formalism.
The third is institutions. Institutions have rules and laws that induce people to behave according to the group norm, imposing sanctions on those who do not. In a sense, laws formalize reputation. Finally, the fourth is security systems. These are the wide varieties of security technologies we employ: door locks and tall fences, alarm systems and guards, forensics and audit systems, and so on.
These four elements work together to enable trust. Take banking, for example. Financial institutions, merchants, and individuals are all concerned with their reputations, which prevents theft and fraud. The laws and regulations surrounding every aspect of banking keep everyone in line, including backstops that limit risks in the case of fraud. And there are lots of security systems in place, from anti-counterfeiting technologies to internet-security technologies.
In his 2018 book, Blockchain and the New Architecture of Trust, Kevin Werbach outlines four different "trust architectures." The first is peer-to-peer trust. This basically corresponds to my morals and reputational systems: pairs of people who come to trust each other. His second is leviathan trust, which corresponds to institutional trust. You can see this working in our system of contracts, which allows parties that don't trust each other to enter into an agreement because they both trust that a government system will help resolve disputes. His third is intermediary trust. A good example is the credit card system, which allows untrusting buyers and sellers to engage in commerce. His fourth trust architecture is distributed trust. This is emergent trust in the particular security system that is blockchain.
What blockchain does is shift some of the trust in people and institutions to trust in technology. You need to trust the cryptography, the protocols, the software, the computers and the network. And you need to trust them absolutely, because they're often single points of failure.
When that trust turns out to be misplaced, there is no recourse. If your bitcoin exchange gets hacked, you lose all of your money. If your bitcoin wallet gets hacked, you lose all of your money. If you forget your login credentials, you lose all of your money. If there's a bug in the code of your smart contract, you lose all of your money. If someone successfully hacks the blockchain security, you lose all of your money. In many ways, trusting technology is harder than trusting people. Would you rather trust a human legal system or the details of some computer code you don't have the expertise to audit?
Blockchain enthusiasts point to more traditional forms of trust -- bank processing fees, for example -- as expensive. But blockchain trust is also costly; the cost is just hidden. For bitcoin, that's the cost of the additional bitcoin mined, the transaction fees, and the enormous environmental waste.
Blockchain doesn't eliminate the need to trust human institutions. There will always be a big gap that can't be addressed by technology alone. People still need to be in charge, and there is always a need for governance outside the system. This is obvious in the ongoing debate about changing the bitcoin block size, or in fixing the DAO attack against Ethereum. There's always a need to override the rules, and there's always a need for the ability to make permanent rules changes. As long as hard forks are a possibility -- that's when the people in charge of a blockchain step outside the system to change it -- people will need to be in charge.
Any blockchain system will have to coexist with other, more conventional systems. Modern banking, for example, is designed to be reversible. Bitcoin is not. That makes it hard to make the two compatible, and the result is often an insecurity. Steve Wozniak was scammed out of $70K in bitcoin because he forgot this.
Blockchain technology is often centralized. Bitcoin might theoretically be based on distributed trust, but in practice, that's just not true. Just about everyone using bitcoin has to trust one of the few available wallets and use one of the few available exchanges. People have to trust the software and the operating systems and the computers everything is running on. And we've seen attacks against wallets and exchanges. We've seen Trojans and phishing and password guessing. Criminals have even used flaws in the system that people use to repair their cell phones to steal bitcoin.
Moreover, in any distributed trust system, there are backdoor methods for centralization to creep back in. With bitcoin, there are only a few miners of consequence. There's one company that provides most of the mining hardware. There are only a few dominant exchanges. To the extent that most people interact with bitcoin, it is through these centralized systems. This also allows for attacks against blockchain-based systems.
These issues are not bugs in current blockchain applications, they're inherent in how blockchain works. Any evaluation of the security of the system has to take the whole socio-technical system into account. Too many blockchain enthusiasts focus on the technology and ignore the rest.
To the extent that people don't use bitcoin, it's because they don't trust bitcoin. That has nothing to do with the cryptography or the protocols. In fact, a system where you can lose your life savings if you forget your key or download a piece of malware is not particularly trustworthy. No amount of explaining how SHA-256 works to prevent double-spending will fix that.
Similarly, to the extent that people do use blockchains, it is because they trust them. People either own bitcoin or not based on reputation; that's true even for speculators who own bitcoin simply because they think it will make them rich quickly. People choose a wallet for their cryptocurrency, and an exchange for their transactions, based on reputation. We even evaluate and trust the cryptography that underpins blockchains based on the algorithms' reputation.
To see how this can fail, look at the various supply-chain security systems that are using blockchain. A blockchain isn't a necessary feature of any of them. The reasons they're successful is that everyone has a single software platform to enter their data in. Even though the blockchain systems are built on distributed trust, people don't necessarily accept that. For example, some companies don't trust the IBM/Maersk system because it's not their blockchain.
Irrational? Maybe, but that's how trust works. It can't be replaced by algorithms and protocols. It's much more social than that.
Still, the idea that blockchains can somehow eliminate the need for trust persists. Recently, I received an email from a company that implemented secure messaging using blockchain. It said, in part: "Using the blockchain, as we have done, has eliminated the need for Trust." This sentiment suggests the writer misunderstands both what blockchain does and how trust works.
Do you need a public blockchain? The answer is almost certainly no. A blockchain probably doesn't solve the security problems you think it solves. The security problems it solves are probably not the ones you have. (Manipulating audit data is probably not your major security risk.) A false trust in blockchain can itself be a security risk. The inefficiencies, especially in scaling, are probably not worth it. I have looked at many blockchain applications, and all of them could achieve the same security properties without using a blockchain -- of course, then they wouldn't have the cool name.
Honestly, cryptocurrencies are useless. They're only used by speculators looking for quick riches, people who don't like government-backed currencies, and criminals who want a black-market way to exchange money.
To answer the question of whether the blockchain is needed, ask yourself: Does the blockchain change the system of trust in any meaningful way, or just shift it around? Does it just try to replace trust with verification? Does it strengthen existing trust relationships, or try to go against them? How can trust be abused in the new system, and is this better or worse than the potential abuses in the old system? And lastly: What would your system look like if you didn't use blockchain at all?
If you ask yourself those questions, it's likely you'll choose solutions that don't use public blockchain. And that'll be a good thing -- especially when the hype dissipates.
I have wanted to write this essay for over a year. The impetus to finally do it came from an invite to speak at the Hyperledger Global Forum in December. This essay is a version of the talk I wrote for that event, made more accessible to a general audience.
It seems to be the season for blockchain takedowns. James Waldo has an excellent essay in Queue. And Nicholas Weaver gave atalk at the Enigma Conference, summarized here. It's a shortened version of this talk.
This is another one of those little hacks that takes longer to describe than to build. Some time ago, I stumbled on a clever idea online that has been useful in my ham radio activities.
I used to use ball bungee fasteners in a variety of sizes as temporary fasteners. While they are handy, they have limitations for my uses. On occasion, I found that the sizes I had available were either too small or too large for the task at hand.
A year or two back, I found a great video on the MOD YouTube Channel. The video described how to make these simple, adjustable cable ties. I made up a few and found them handy for several ham-related applications.
A completed bungee cable tie, along with one of the two-hole cord locks I used.
These little devices have a multitude of uses but my main use is for antennas in the field. I use them to fasten a BALUN or UNUN to a telescopic pole for portable verticals.
I also found they are also handy for lashing odd items to the MOLLE loops on my backpack. In a recent post, I showed how I use them to secure a 19-foot telescopic pole to my sling pack.
I use one of the bungee ties to attach my 19-foot vertical matching box to the fiberglass pole.
Of course, they make great cable ties. Their ability to adjust allows them to fit a wide variety of cables.
I use 4mm diameter shock cord most often to make these. For some smaller, light-duty applications, I have used a thinner 2.5mm shock cord. I have found that the cord locks seem to hold better with the larger 4mm shock cord.
Construction is super simple.
Cut the shock cord to the desired length. Be sure to singe the cut ends with a lighter to prevent fraying.
Put the two ends through the holes in the cord lock.
Holding the two ends together, tie a simple overhand knot and snug it down.
To use them, place the bungee around whatever you need to fasten. Place the loop end over the cord lock to hold it. Press the button on the cord lock and pull the ends to cinch it down.
Thatâs all there is to it. In the time it took to write and edit this post, I could have made a ton of these things. Itâs not an Earth-shattering thing but sometimes it doesnât take much to amuse me.
OK, I admit to being dumb. I got another scam email yesterday of the same formulation as the earlier ones (mail From: me@mydomain, To: me@mydomain) attempting to extort bitcoin from me.
How? What had I missed this time?
Well, this was slightly different. Checking the mail headers (and my logs) showed that the email had a valid âSenderâ address (some bozo calling themselves âsusanne@mangomango.deâ) so my earlier âcheck_sender_accessâ test would obviously have allowed the email to pass. But what I hadnât considered was that the sender might then spoof the From: address in the data portion of the email (which is trivially easy to do).
Dumb, so dumb. So what to do to stop this?
Postfix allows for quite a lot of further directives to manage senders through the smtpd_sender_restrictions and mine were still not tight enough to stop this form of abuse. One additional check is offered by the reject_sender_login_mismatch directive which will:
âReject the request when $smtpd_sender_login_maps specifies an owner for the MAIL FROM address, but the client is not (SASL) logged in as that MAIL FROM address owner; or when the client is (SASL) logged in, but the client login name doesnât own the MAIL FROM address according to $smtpd_sender_login_maps.â
Now since I store all my user details in a mysql database called âvirtual_mailbox_mapsâ it is simple enough to tell postfix to use that database as the âsmtpd_sender_login_mapâ and check the âFromâ address against that, That way only locally authenticated valid users can specify a local âFrom:â address. Why I missed that check is just beyond me.
My postfix configuration now includes the following:
(Note that I chose to use the âreject_unauthenticated_sender_login_mismatchâ rather than the wider âreject_sender_login_mismatchâ because I only care about outside unauthenticated senders abusing my system. I can deal with auntenticated users differentlyâ¦)
[This year is the 20th anniversary of Cape Cod Light by Michael Hattersley. The other parts of this series are here.] When Michael moved to New York City he worked on political campaigns and served as assistant director of public affairs for the New York State Urban Development Corporation. I donât know a lot about his work on political campaigns. [â¦]
Valentineââ¬â¢s Day among humans and animals, fashion in New York City, dogs at play and in competition, a peasant-revolt reenactment in Croatia, family reunions at an Indian border fence, an icy dinosaur in Latvia, the Grammy Awards in Los Angeles, snow kayaking in Estonia, International Condom Day in Mexico City, and much more
Janelle MonÄÄe performs onstage during the 61st Annual Grammy Awards at the Staples Center in Los Angeles, California, on February 10, 2019.
(
Kevin Winter / Getty for the Recording Academy)
Ideas on interstellar propulsion are legion, from fusion drives to antimatter engines, beamed lightsails and deep space ramjets, not to mention Orion-class fusion-bomb devices. Weâre starting to experiment with sails, though beaming energy to a space sail is still an unrealized, though near-term, project. But given the sheer range of concepts out there and the fact that almost all are at the earliest stages of research, how do we prioritize our work so as to move toward a true interstellar capability? Marc Millis, former head of NASAâs Breakthrough Propulsion Physics project and founder of the Tau Zero Foundation, has been delving into the question in new work for NASA. In the essay below, Marc describes a developing methodology for making decisions and allocating resources wisely.
by Marc G Millis
In February 2017, NASA awarded a grant to the Tau Zero Foundation to compare propulsion options for interstellar flight. To be clear, this is not about picking a mission and its technology â a common misconception â but rather about identifying which research paths might have the most leverage for increasing NASAâs ability to travel farther, faster, and with more capability.
The first report was completed in June 2018 and is now available on the NASA Technical Report Server, entitled âBreakthrough Propulsion Study: Assessing Interstellar Flight Challenges and Prospects.â (4MB file at: http://hdl.handle.net/2060/20180006480).
This report is about how to compare the diverse propulsion options in an equitable, revealing manner. Future plans include creating a database of the key aspects and issues of those options. Thereafter comparisons can be run to determine which of their research paths might be the most impactive and under what circumstances.
This study does not address technologies that are on the verge of fruition, like those being considered for a probe to reach 1000 AU with a 50 year flight time. Instead, this study is about the advancements needed to reach exoplanets, where the nearest is 270 times farther (Proxima Centauri b). These more ambitious concepts span different operating principles and levels of technological maturity, and their original mission assumptions are so different that equitable comparisons have been impossible.
Furthermore, all of these concepts require significant additional research before their performance predictions are ready for traditional trade studies. Right now their values are more akin to goals than specifications.
To make fair comparisons that are consistent with the varied and provisional information, the following tactics are used: (1) all propulsion concepts will be compared to the same mission profiles in addition to their original mission context; (2) the performance of the disparate propulsion methods will be quantified using common, fundamental measures; (3) the analysis methods will be consistent with fidelity of the data; and (4) the figures of merit by which concepts will be judged will finally be explicit.
Regarding the figures of merit â this was one of the least specified details of prior interstellar studies. It is easy to understand why there are so many differing opinions about which concept is âbestâ when there are no common criteria with which to measure goodness. The criteria now include quantifiable factors spanning: (1) the value of the mission, (2) the time to complete the mission, and (3) the cost of the mission.
The value of a mission includes subjective criteria and objective values. The intent is to allow the subjective factors to be variables so that the user can see how their interests affect which technologies appear more valuable. One of those subjective judgments is the importance of the destination. For example, some might think that Proxima Centauri b is less interesting than the âOumuamua object. Another subjective factor is motive. The prior dominant â and often implicit â figure of merit was âwho can get there first.â While that has merit, it can only happen once. The full suite of motives continue beyond that first event, including gathering science about the destinations, accelerating technological progress, and ultimately, ensuring the survival of humanity.
Examples of the objective factors include: (1) time within range of target; (2) closeness to target (better data fidelity); and (3) the amount of data acquired. A mission that gets closer to the destination, stays there longer, and sends back more data, is more valuable. Virtually all mission concepts have been limited to fly-byâs. Table 1 shows how long a probe would be within different ranges for different fly-by speeds. To shift attention toward improving capabilities, the added value (and difficulty) of slowing at the destination â and even entering orbit â will now be part of the comparisons.
Table 1: Time on target for different fly by speeds and instrumentation ranges
Quantifying the time to complete a mission involves more than just travel time. Now, instead of the completion point being when the probe arrives, it is defined as when its data arrive back at Earth. This shift is because the time needed to send the data back has a greater impact than often realized. For example, even though Breakthrough StarShot aims to get there the quickest, in just 22 years, that comes at the expense of making the spacecraft so small that it takes an additional 20 years to finish transmitting the data. Hence, the time from launch to data return is about a half century, comparable to other concepts (46 yrs = 22 trip + 4 signal + 20 to transmit data). The tradeoffs of using a larger payload with a faster data rate, but longer transit time, will be considered.
Regarding the total time to complete the mission, the beginning point is now. The analysis includes considerations for the remaining research and the subsequent work to design and build the mission hardware. Further, the mission hardware, now by definition, includes its infrastructure. While the 1000 AU precursor missions do not need new infrastructure, most everything beyond that will.
Recall that the laser lightsail concepts of Robert Forward required a 26 TW laser, firing through a 1,000 km diameter Fresnel lens placed beyond Saturn (around 10 AU), aimed at a 1,000 km diameter sail with a mass of 800 Tonnes. Project Daedalus envisioned needing 50,000 tonnes of helium 3 mined from the atmospheres of the gas giant planets. This not only requires the infrastructure for mining those propellants, but also processing and transporting that propellant to the assembly area of the spacecraft. Even the more modest Earth-based infrastructure of StarShot is beyond precedent. StarShot will require one million synchronized 100 kW lasers spread over an area of 1 km2 to get it up to the required 100 GW.
While predicting these durations in the absolute sense is dubious (predicting what year concept A might be ready), it is easier to make relative predictions (if concept A will be ready before B) by applying the same predictive models to all concepts. For example, the infrastructure rates are considered proportional to the mass and energy required for the mission â where a smaller and less energetic probe is assumed to be ready sooner than a larger, energy-intensive probe.
The most difficult duration to estimate, even when relaxed to relative instead of absolute comparisons, is the pace of research. Provisional comparative methods have been outlined, but this is an area needing further attention. The reason that this must be included â even if difficult â is because the timescales for interstellar flight are comparable to breakthrough advancements.
The fastest mission concepts (from launch to data return) are 5 decades, even for StarShot (not including research and infrastructure). Compare this to the 7 decades it took to advance from the rocket equation to having astronauts on the moon (1903-1969), or the 6 decades to go from the discovery of radioactivity to having a nuclear power plant tied to the grid (1890-1950).
So, do you pursue a lesser technology that can be ready sooner, a revolutionary technology that will take longer, or both? For example, what if technology A is estimated to need just 10 more years of research, but 25 years to build its infrastructure, while option B is estimated to take 25 more years of research, but will require no infrastructure. In that case, if all other factors are equal, option B is quicker.
To measure the cost of missions, a more fundamental currency than dollars is used â energy. Energy is the most fundamental commodity of all physical transactions, and one whose values are not affected by debatable economic models. Again, this is anchoring the comparisons in relative, rather than the more difficult, absolute terms. The energy cost includes the aforementioned infrastructure creation plus the energy required for propulsion.
Comparing the divergent propulsion methods requires converting their method-specific measures to common factors. Laser-sail performance is typically stated in terms of beam power, beam divergence, etc. Rocket performance in terms of thrust, specific impulse, etc. And warp drives in terms of stress-energy-tensors, bubble thickness, etc. All these type-specific terms can be converted to the more fundamental and common measures of energy, mass, and time.
To make these conversions, the propulsion options are divided into 4 analysis groups, where the distinction is if power is received from an external source or internally, and if their reaction mass is onboard or external. Further, as a measure of propulsion efficiency (or in NASA parlance, âbang for buckâ) the ratio of the kinetic energy imparted to the payload, to the total energy consumed by the propulsion method, can be compared.
The other reason that energy is used as the anchoring measure is that it is a dominant factor with interstellar flight. Naively, the greatest challenge is thought to be speed. The gap between the achieved speeds of chemical rockets and the target goal of 10% lightspeed is a factor of 400. But, increasing speed by a factor of 400 requires a minimum of 160,000 times more energy. That minimum only covers the kinetic energy of the payload, not the added energy for propulsion and inefficiencies. Hence, energy is a bigger deal than speed.
For an example, consider the 1-gram StarShot spacecraft traveling at 20% lightspeed. Just its kinetic energy is approximately 2 TJ. When calculating the propulsive energy in terms of the laser power and beam duration, (100 GW for minutes) the required energy spans 18 to 66 TJ, for just a 1-gram probe. For comparison, the energy for a suite of 1,000 probes is roughly the same as 1-4 years of the total energy consumption of New York City (NYC @ 500 MW).
Delivering more energy faster requires more power. By launching only 1 gm at a time, StarShot keeps the power requirement at 100 GW. If they launched the full suite of 1000 grams at once, that would require 1000 times more power (100 TW). Power is relevant to another under-addressed issue â the challenge of getting rid of excess heat. Hypothetically, if that 100 GW system has a 50% efficiency, that leaves 50 GW of heat to radiate. On Earth, with atmosphere and convection, thatâs relatively easy. If it were a space-based laser, however, that gets far more dicey. To run fair comparisons, it is desired that each concept uses the same performance assumptions for their radiators.
Knowing how to compare the options is one thing. The other need is knowing which problems to solve. In the general sense, the entire span of interstellar challenges have been distilled into this âtop 10â list. It is too soon to rank these until after running some test cases:
Communication â Reasonable data rates with minimum power and mass.
Navigation â Aiming well from the start and acquiring the target upon arrival, with minimum power and mass. (The ratio of the distance traversed to a ½ AU closest approach is about a million).
Maneuvering upon reaching the destination (at least attitude control to aim the science instruments, if not the added benefit of braking).
Instrumentation â Measure what cannot be determined by astronomy, with minimum power and mass.
High density and long-term energy storage for powering the probe after decades in flight, with minimum mass.
Long duration and fully antonymous spacecraft operations (includes surviving the environment).
Propulsion that can achieve 400 times the speed of chemical rockets.
Energy production at least 160,000 times chemical rockets and the power capacity to enable that high-speed propulsion.
Highly efficient energy conversion to minimize waste heat from that much power.
Infrastructure creation in affordable, durable increments.
While those are the general challenges common to all interstellar missions, each propulsion option will have its own make-break issues and associated research goals. At this stage, none of the ideas are ready for mission trade studies. All require further research, but which of those research paths might be the most impactive, and under what circumstances? It is important to repeat that this study is not about picking âone solutionâ for a mission. Instead, it is a process for continually making the most impactive advances that will not only enable that first mission, but the continually improving missions after that.
For a very limited time, the Four State QRP Group has lowered its price for the HillTopper 40 and the HillTopper 20.
These single band, ultra-portable, CW transceiver kits were designed by Dave Benson and David Cripe and are easy to build and feature rich. And for the next few days only, can be purchased for just $80 US plus shipping.
Itâs a great opportunity to save a few bucks on a trail-friendly radio that you can build yourself and put to good use during the coming outdoor season. Itâs a limited time offering so donât delay.
I donât have much to say about this comic. Iâm sort of running out of things to say about me heaping abuse on Rick.
I will say that when we took the pictures I based these drawings on, I had no idea how often Iâd use that exaggerated cringe pose in panel four. That and the slightly irritated look in panel one make up half of that characterâs personality.
As always, thanks for using my Amazon Affiliate links (US, UK, Canada).
The shadow of the Opportunity Rover stretches across the barren Martian landscape in this self-portrait taken with the roverâs front hazard-avoidance camera on July 26, 2004. NASA/ JPL-Caltech
After nearly 15 years of faithful service and discovery, NASAâs Mars Opportunity rover mission came to an end this week. Launched in 2003 it landed on Marsâs Meridiani Planum on Jan. 25, 2003. When it last contacted mission control on June 10, 2018 it was under it had ambled across 28 miles (45 km) of dust, dunes, hills and rocks, making major discoveries along the way and sending back gobs of photos that made you feel like you were along for the ride.
Opportunity Rover completes Mars mission. Great summary of its travels on the Red Planet.
Weâd still be there were it not for a planet encircling dust storm that began in late May last year. Dust eventually grew so thick at the roverâs location it turned day into night and robbed the roving robot of the solar energy it needed to recharge its batteries to stay warm and maintain its instruments during nights of â100° F temperatures. NASA folks tried all summer and fall to contact Opportunity, hoping that an errant breeze would dust the solar panel of the stormâs debris. But by mid-winter, after months of silence, it was time to say farewell. Appropriately, Perseverance Valley became the roverâs final resting spot.
Opportunity, like its sister, Spirit, was designed to operate 90 Martian days or Sols, which are 39 minutes longer than an Earth day, and drive 1,000 yards (1,000 meters) but despite the harsh environment hung 60 time longer than its expiration date! Having had recent problems with my 5-year-old car in Earthâs relatively benign environment, should NASA ever decide to start making automobiles, Iâll be first in line to put my money down.
BB-sized gray-blue âblueberryâ concretions in the tracks of Opportunity rover on Mars. NASA / JPL-Caltech
During its Martian tour, Opportunity discovered abundant evidence for liquid water on Mars and the warmer, denser atmospheric conditions that go along with it. One of its first finds were small pellets nicknamed âblueberriesâ made of hematite, an iron-rich oxide common on Earth. They appear to be concretions that formed as water percolated through porous iron-rich rock. The dissolved material accumulated into layered spheres similar to hematite-rich spheres found on Earth. When the rock eroded, the harder blueberries tumbled out in turn.
Opportunity examines a mineral vein made of gypsum named Homestake in November 2011. The vein is about 18 inches (45 cm) long and the width of a thumb. NASA/JPL-Caltech/Cornell/ASUHeat Shield Rock, named for Opportunityâs heat shield which was located nearby, was the first meteorite found on a planet other than Earth. The photo was taken in Jan. 2005. NASA / JPL-Caltech
Other highlights included the discovery of the first meteorite on another planet, a big hunk of iron-nickel named Heat Shield Rock. Much later in 2011, the rover spied a bright vein of gypsum (calcium carbonate), a mineral that forms when water dissolves calcium from volcanic rocks along the rim of Endeavour Crater.The rover also found outcrops at the crater of what appeared to be sedimentary rock cut and filled with veins of material delivered by water there plus further evidence of warmer, wetter climes at Endurance Crater (below).
The Burns Cliff slope of Endurance Crater that was explored by Opportunity shows evidence of ancient dunes (along the bottom left), ground-water flow (middle banded section) and flowing streams where the rocky top meets the smooth rock below it. NASA / JPL-Caltech
During its long life, Opportunity took more than 228,000 photos and set the record for the longest one-day drive on Mars of 721 feet (220 meters) on March 20, 2005. I encourage you to spend a few minutes on the video just to get a sense of how much ground the rover covered. With its demise, Curiosity is now the sole operational rover on Mars. Because it runs on heat (converted into electricity) created by the decay of radioactive plutonium, itâs expected to power on for years to come no matter the weather as it climbs the slopes of Mt. Sharp in Gale Crater.
A favorite of mine. Opportunity photographs a partial solar eclipse of the sun by the moon Phobos. NASA / JPL-Caltech
Curiosity has its own Twitter account and yesterday paid tribute to Opportunity with a poem:
It seems to me you lived your life like a rover in the wind
It took $1.1 billion and a 1,000-strong team to prove Einstein right about gravitational waves. In 2016, the scientists behind the Laser Interferometer Gravitational-Wave Observatory, or LIGO, announced that they had finally detected these ripples in the fabric of space and time, formed by colliding black holes. âLIGO was a masterpiece of 21st-century engineering and science,â says James Evans, a sociologist at the University of Chicago who studies the history of science. âBut it was perhaps the most conservative experiment in history. It tested a 100-year-old hypothesis.â
âBig science,â of which LIGO is a prime example, is becoming more common. Funding agencies are channeling more money toward ever larger teams working on grand projects such as cataloging the diversity of our cells or sequencing the genomes of all species. Thereâs even a growing field of meta-research dedicated to studying how teams workâthe science of team science.
Some projects require these large teams, and three members of the LIGO team eventually won a Nobel Prize. But the comparative neglect of small teams and solo researchers is a problem, Evans says, because they produce very different kinds of work. He collaborated with his colleague Lingfei Wu to look at more than 65 million scientific papers, patents, and software projects from the past six decades. In every recent decade and in almost every field, Wuâs analysis found, small teams are far more likely to introduce fresh, disruptive ideas that take science and technology in radically new directions.
âBig teams take the current frontier and exploit it,â Evans says. âThey wring the towel. They get that last ounce of possibility out of yesterdayâs ideas, faster than anyone else. But small teams fuel the future, generating ideas that, if they succeed, will be the source of big-team development.â
That âruns counter to the usual thinking that large teams, which are typically better funded and work on more visible topics, are the ones that push the frontiers of science,â says StaÅ¡a MilojeviÄ, who studies information metrics in science at Indiana University Bloomington. She recently found a similar pattern by analyzing the titles of 20 million scientific papers and showing that bigger teams work on a relatively small slice of topics in a field. Other scientists have made similarpoints, but what Evans describes as a âGo teams!â attitude still persists. The results of the new analysis should âtemper some of that enthusiasm for large teams and demonstrate that there may be a tipping point after which their benefits decline,â says Erin Leahey from the University of Arizona, who has previously written about the âoverlooked costs of collaboration.â
The new analysis is based on the ways in which researchers cite past work. For example, when scientists cite Einsteinâs groundbreaking 1915 papers on general relativity, they tend not to refer back to the papers that Einstein himself cited. âThey see it as a conceptually new direction thatâs distinct from the things on which it built,â Evans says. But if scientists âthink that something is an incremental improvement, theyâll tell the whole story in the references.â For example, a 1995 paper describing a long-theorized state of matter called a BoseâEinstein condensate is almost always cited together with the papers in which the physicist Satyendra Nath Bose and Einstein predicted the stuffâs existence.
Wu quantified these differences using a âdisruption score,â originally created by other researchers to measure the innovativeness of inventions. Wu showed that it works well for scientific research. When ranked by their scores, papers that describe Nobel Prizeâwinning work appeared in the top 2 percent, as did those chosen by scientists who were asked to name the most disruptive papers in their field. Reviews that summarize earlier work are in the bottom half of the rankings, while the original studies theyâre based on appear in the top quarter. Itâs a âsimple yet brilliantâ method, especially because it works across data sources as diverse as papers, patents, and software, says Satyam Mukherjee of the Indian Institutes of Management.
Having tested this score in various ways to show that itâs valid, Wu used it to show that small teams produce markedly more disruptive work than large ones. Thatâs true even for patents, which are innovative by definition. Itâs true for highly cited work and poorly cited work. Itâs true in every decade from the 1950s to the 2010s. Itâs true in fields ranging from chemistry to social sciences.
So why are small teams more disruptive? Itâs possible that they do more theoretical work, while big teams (such as LIGO) are needed to test the resulting theories, but Evans and his colleagues couldnât find any evidence for this in their data. Another possibility: The most groundbreaking scientists prefer working in small teams. But Evans doesnât buy that, either. Even when the same people move from small teams to larger ones, he says, they end up doing less disruptive and more incremental science.
Instead, he and his colleagues found that large teams tend to build on recent, prominent work, while small teams delve more deeply into the past, drawing inspiration from older ideas that may have long been ignored. (Evans didnât use a fixed definition of âsmallâ or âlarge,â but most of his analyses compared teams ranging from one to 10 people; some scientists might consider a 10-person team to be on the small side.) At first, Evans was surprised by that difference; surely, large teams have more eyeballs and more collective memory? But he now suspects that scientists on large teams also argue and interfere with one another, and that theyâre more likely to find common ground in yesterdayâs hits. Large teams also require lots of funding, which makes them more pressured to pay the bills and drives them toward safer work. âWhat does a big movie-production studio bet on: Slumdog Millionaire or Transformers 9?â he asks.
But small teams also pay a heavy cost. Their disruptive work has no ready-made audience, and is less obviously relevant to their peers. As Evans and his colleagues found, such work takes much longer to be recognized and cited. Even if it eventually influences larger teams, as it often does, enough time passes that other researchers are less likely to cite the original, disruptive work.
You Na Lee, who studies scientific innovation at the National University of Singapore, says that research teams are now effectively behaving like firms, which also tend to be more disruptive at a small size. âThis study is evidence that the ecology of science and the ecology of innovation are becoming very similar,â she says. The big difference is that the business world actively encourages entrepreneurship and small start-ups. Thatâs not true for science, but âunconditionally allocating pots of government grants for small wild spirits can be a bold policy move,â she says.
But Evans cautions that money wonât work in isolation. When he and his colleagues analyzed funding trends from 2004 and 2014, they found that when small teams were funded by top government agencies such as the National Science Foundation, they were no more likely to produce disruptive work than large teams. Something about the current funding environment seems to strip small teams of their natural advantages, forcing them to behave like big ones. âItâs not that we can just shove money in their direction,â Evans says.
Still, he argues that agencies must find better ways of encouraging small teams. They donât just do different kinds of science, but they create work that large teams then build upon. Disenfranchise them, and you destabilize the foundations upon which big science rests. âIn 10 years, weâll be wondering where all the big ideas are,â Evans says. âSome people will wonder if science is slowing down and weâve eaten all the low-hanging fruit. And the answer will be yes, because weâve only built engines that do that.â
Sometimes you get an idea. And it's a fun idea, and it brings together a lot of cool weird things, and you think, "maybe this could actually work out." This post is the story of one such idea. It's also the story of a paper, "Bounds on extra dimensions from micro black holes in the context of the metastable Higgs vacuum," by me and Professor Robert McNees, just posted on the arxiv. Note added 14 February 2019: See note at bottom of post for important science correction!
A Bubble of Quantum Death
There are several ways the Universe could end, some dramatic, some pathetic, some just outright weird. My personal favorite is vacuum decay, in which the Universe succumbs to an expanding bubble of unimaginable destruction that arises from what could be described as a manufacturer's flaw in the fabric of the cosmos.
I first encountered the idea of vacuum decay as a grad student learning about some exotic ideas about dark matter, and in my readings I veered into the territory of some of the classic works examining whether or not our Universe is really as stable as we think. The idea is that it's possible that the fundamental nature of the Universe, what we call the "vacuum state," might not be unique. The Universe could, in principle, be in other vacuum states with different constants of nature and totally unrecognizable laws of physics.
As an abstract concept, this might not be a big deal. Maybe there are other ways the Universe could have been set up -- so what? But hereâs the problem: The Universe could transition from one vacuum state to another. And that would kill us all.
The picture looks like this: Maybe there are two possible vacuum states, one at a somewhat higher energy than the other. The higher energy one is called the "false vacuum," and the lower one the "true vacuum." If you're in a true vacuum, you're fine, and the Universe is stable. It's like living on the bottom of a valley -- there's nowhere to fall into. But if you're in a false vacuum, it's like being stuck in a little divot on the side of a cliff with the valley far below. A little bump could send you into the abyss.
There's a connection here to the Higgs field, a sort of energy field that pervades the Universe and is responsible for particles having mass. When I talk about "the vacuum state of the Universe," Iâm referring to the Higgs vacuum -- it has to do with properties of the Higgs field. A few years ago, scientists at the Large Hadron Collider completed a decades-long effort to detect the Higgs boson, a particle associated with the Higgs field that finally filled in the missing piece of the Standard Model of Particle Physics. Unfortunately, that discovery came with some ominous news about the state of the Higgs vacuum and the stability of the cosmos.
Sometime in the 60s or 70s, physicists started to explore the possibility that we live in a false vacuum -- a "metastable" universe that is precariously teetering on the edge of disaster. If an extremely high energy event happened somewhere in the Universe, it could kick the Higgs field over the metaphorical cliff and send that little part of the Universe into the true vacuum. Because the true vacuum is more stable than the false one, the transition would spread, creating a bubble of true vacuum within our space that would expand at the speed of light in all directions. This is called vacuum decay, and it's suuuuper fatal.
A diagram from Coleman & de Luccia 1980 showing a false vacuum (right-hand-side valley) and a true vacuum (left-hand-side valley). You can imagine our Universe as a ball sitting in the bottom of the right-hand-side valley, that could either be knocked over the hill into the other one, or tunnel through the barrier between.Â
If you're standing next to the vacuum decay event, you have no idea it's happened, and you definitely don't see it coming. When something travels at the speed of light, it can't send a signal ahead -- the first clue that it's occurred is that it's on top of you. And it's fatal in two ways. First, the bubble wall hits, carrying with it extreme energies that incinerate everything in its path. Second, once you're inside the bubble, you're in a kind of space that has different laws of physics. Your atoms don't hold together anymore, and you disintegrate immediately. Of course, you don't notice, because the bubble expands at the speed of light, and your nerve impulses travel far more slowly. So, that's a mercy.
In any case, vacuum decay is bad. And unfortunately, measurements of the properties of the Higgs boson suggest that our Universe is, in fact, metastable, and thus vulnerable to vacuum decay events. The bright side is that it would take an unimaginably huge amount of energy to kick us over the edge. We couldnât do it ourselves, and we don't know of anything in the Universe that could. And, in fact, the current favored hypothesis for the early universe suggests that if vacuum decay could be triggered, it would have happened in the very early universe, so perhaps it can't happen at all.
Figure from Degrassi et al. 2012, showing the possible stability states of the Higgs vacuum based on measurements of the Higgs boson mass and top quark mass. The little dot in the rectangle is where it appears our Universe sits, in the meta-stability region.Â
Still, at the moment, we don't really know. Even worse, vaccuum decay can happen in other ways. One particularly unsettling possibility is quantum tunnelling. Just as physicists discovered decades ago that particles can sometimes "tunnel" through barriers, a phenomenon fundamental to quantum theory and practically applied in electronics (like flash memory cards) every day, it's possible, if extraordinarily improbable, that the Higgs field could tunnel right through the barrier keeping it from the true vacuumâand that this could happen literally at any moment. But the probability is so small that throughout the whole observable universe, chances are it will not happen over a timespan much longer than the current age of the Universe which is 13.8 billion years. So, we're probably fine. Probably.
Death by Black Hole?
But there's another possibility. A couple years ago, a group of physicists, Philipp Burda, Ruth Gregory, and Ian Moss, calculated that black holes could also trigger vacuum decay (you can see the paper here). It turns out that if you leave a black hole alone long enough (according to theoretical work pioneered by Stephen Hawking), it'll "evaporate" -- slowly disappearing by letting out a little bit of radiation over time. As it gets smaller and smaller, it evaporates faster and faster, eventually disappearing completelyâpossibly in a dramatic final explosion.
The black holes we know about in the Universe, which range from a few to millions of times as massive as our Sun, would take many, many orders of magnitude longer than the age of the Universe to evaporate -- something north of 10 to the power of 64 years. But a tiny black hole could evaporate much more quickly. What the recent work showed was that when black holes are small enough that they're just about to finish evaporating completely, they can trigger vacuum decay. This is all theoretical of course, but if it's true, it tells us that primordial black holes -- tiny black holes that may have formed in the early universe -- would have to have been above a certain mass, or theyâd have already destroyed us.
Which brings us to our new paper. In this work, we show that the fact that tiny black holes haven't killed us all via vacuum decay can tell us something about the possibility that the Universe has more than three dimensions of space. It's a bit of an involved argument, but it's a fun one.
You may have heard people express concerns that the Large Hadron Collider might accidentally create a black hole that could swallow the Earth. (If you're worried about this, I recommend bookmarking the website www.hasthelargehadroncolliderdestroyedtheworldyet.com.) This can't happen for a lot of reasons, which I'll get into, so please don't panic. But scientists at the LHC actually have been hoping to create little black holes, because if they manage to make one (and watch it evaporate immediately), theyâll learn something about the structure of space itself. Those little black holes can only form in the LHC if there are more dimensions of space than we can perceive. And that would be a very exciting discovery. In fact, the lack of production of little black holes in the LHC can tell us that any extra dimensions that might exist have to be really really small.
Now, I just told you that little black holes can be incredibly, universe-destroying-ly dangerous, so why should we not be worried about this? The reason is that while the LHC is the most powerful particle collider ever created by humans, it's NOT the most powerful particle collider in the Universe. Cosmic rays -- high-energy particles that frequently get spit out by the matter swirling around supermassive black holes in other galaxies -- get to much higher energies than whatever the LHC can do, and they occasionally collide with each other out in space. Anything we can do, space can do better. So if the LHC could make little black holes capable of destroying the Universe via vacuum decay, the cosmos would have already done this, billions and billions of times over, all on its own.
But this is also an opportunity. Because just as we can place limits on how big extra dimensions are by not seeing black holes in the LHC, we can place even better limits on them by knowing that little black holes havenât been created out in space somewhere, because those collisions are at much higher energies. Generally speaking, we wouldn't notice if a cosmic ray collision in a galaxy several million light years away made a tiny black hole. But if Burda, Gregory, and Moss are correct that black hole evaporation can cause vacuum decay, then the production of tiny black holes would have extremely obvious consequences. Or rather, if we notice that we're still here, it hasn't happened.
So in 2016, while Professor McNees and I were chatting at a meeting at Caltech, we had the idea that we could figure out what kinds of particle collisions should make black holes and therefore cause vacuum decay, and we could then use that to place really strong limits on how big extra dimensions can be. While we were working out the details of this, another paper including Gregory, Moss, and some of their colleagues, mentioned this possibility and put forward some additional calculations showing that it's a reasonable thing to do. So we pressed on, and did some quantitative calculations, and found that not only could we get good limits, we could get much better limits on extra dimensions than anything previously published.
Little Curled Up Dimensions
When we talk about the "size" of extra dimensions, what we mean is that if there are other dimensions of space (just, other, hard-to-imagine directions besides up/down, left/right, front/back), they have to be limited in extent, like they're curled up somehow. It's weird to imagine a dimension having a limit, but you can think of it like if you have a sheet of paper where two dimensions are pretty large, but the third (the thickness) is much much smaller. If we lived on the sheet of paper, we could travel a long way up or down or across the page, but not very far into it. In a lot of theories of extra dimensions, the dimensions curl up around on themselves so if you go a little ways into them, you come back to where you started. Extra dimensions of space are a useful idea in physics because they might allow gravity to leak into the extra dimensions kind of like how ink can seep into a sheet of paper.
Some of the previous constraints on how big the extra dimensions can be come from things like measuring the force of gravity on very very small scales, around a millimeter, to see if any of the gravity might be leaking out into other dimensions. Then there's the LHC-black-hole-production attempts, and some more complicated calculations involving thinking about how particles carrying gravity in higher-dimensional theories could affect neutron stars and supernovae. The limits on the size of the extra dimensions depend on how many extra dimensions you think we might have, but for two extra dimensions (the most commonly explored possibility), the limits are generally around a millimeter, from measurements of the strength of gravity. Our method pushes that down to a few hundred femtometers -- not much larger than an atomic nucleus. For other methods, the limits are usually expressed in terms of an energy scale connected with the higher-dimensional theory, and in those terms, our limits are five or more orders of magnitude better than limits previously published.
Our limits on the size (L) of extra dimensions for different numbers of extra dimensions (n). The blue region is the region ruled out by our calculations, and the red dotted line is how big the extra dimensions would be in TeV-scale gravity, one of the most commonly discussed extra-dimension theories.Â
Our limits on the fundamental (energy) scale in the extra dimension theories, for different numbers of extra dimensions (n). The blue area is ruled out. All the previous limits are much lower -- below the bottom of this plot (around 12 or 13 on the vertical axis). See the paper for more details
The Fine Print
Of course, there are always caveats to any result in physics. In our case, our analysis depends on a few big assumptions: (1) that the vacuum is metastable (which is supported by measurements in the Standard Model of Particle Physics, but could be disproven if we get evidence of new kinds of physics that change the picture entirely), and (2) that black holes can indeed trigger vacuum decay. There are also some caveats around the energy scale at which the vacuum becomes metastable, and little assumptions about things like the way the extra dimensions are compactified (curled up) or how the cosmic rays happen. But we think this result is an exciting one, and it might present cool new opportunities to explore the stability and structure of our Universe. On the less fun side, this kind of work does suggest that there's really no way the LHC is ever going to make tiny black holes, which is a bummer, because those would be neat. But, if we do see black holes at the LHC, it'll be fantastic evidence that they can't destroy the Universe, which may be some consolation.
Theoretical physics is a journey, and sometimes it's a fun one that can take you to really wild places. I hope you've enjoyed taking this little diversion with me -- check out the paper if you want to get into the details, and hang out with me over on Twitter if you want to hear more about science, life, and weird new ways to destroy the Universe.
UPDATE: We Were Wrong About a Thing (but we fixed it)
Sometimes when talking about the self-correcting nature of science, scientists will say things like "Scientists love to be wrong! That's how we make progress!" This is only half true. It's fair to say that being wrong is how we make progress --- at least in the sense that disproving something is almost always more possible than proving something, and so every time someone is able to demonstrate that a theory doesn't work, it gives us a clue about where to go next. (For a more nuanced discussion of this, see this Cosmos article.) But I don't think any of us really love being wrong. At least, I sure don't, and I've never heard anyone proudly announce at morning coffee, "My equations didn't work at all! I have to start over now!" Mostly, when it happens, we get a bit sad, put on a brave face, and try to fix it.
So we do what we can to avoid being wrong. In our case, with this paper, we double-checked all our calculations, read a bunch of references, and sent our paper out to a few expert colleagues for comments before putting it on the arxiv. When the comments came back positive, we figured we were on pretty solid ground, so we went ahead and put the paper on the arxiv, with the hope that we would get MORE comments that might help us to see if there were any issues before we sent it to the journal for publication. The good thing about doing it this way is that instead of just the one or two referees you usually get in the peer review process, this opened our paper up to peer review by the entire physics community, which, we figured, gave us the best chance of ensuring our paper had the very best science.
And the process worked! We got an e-mail within a week or so from another physicist who had seen our paper on the arxiv and who happened to have thought about some of these issues before. And he reminded us of something that we had forgotten to take into account in our results. And he pointed out that as a result of the oversight, those amazing limits we got... did not quite hold up.
The issue is a slightly subtle one but the short version is that our analysis has to assume an instability scale --- an energy scale at which the Higgs becomes unstable --- and we can only really draw conclusions about extra dimensions for models with a fundamental scale above that energy. That means that instead of ruling out a huge range of extra dimension models, including the most commonly discussed ones, we're only ruling out a somewhat narrow range of models with scales that hover around the Higgs instability scale. Or, equivalently, a narrow range of extra dimension sizes. So our results plots had to be updated, and our main conclusions revised.
Our revised limits on the size (L) of extra dimensions for different numbers of extra dimensions (n). The blue region is the region ruled out by our calculations, the light blue a less conservative version of our limits, and the red dotted line is how big the extra dimensions would be in TeV-scale gravity, one of the most commonly discussed extra-dimension theories. In this new version of the plot, we can't rule that out.
Our revised limits on the fundamental (energy) scale in the extra dimension theories, for different numbers of extra dimensions (n). The blue area is ruled out; the light blue possibly ruled out. As in the previous version of the plot, all the previous limits are much lower -- below the bottom of this plot (around 12 or 13 on the vertical axis). So we're leaving a big gap, but we're also ruling out models that were totally inaccessible before.Â
After we made the revisions, we posted the revised version on the arxiv (the site makes it very easy and transparent to do this --- you can always access the previous versions, so everyone knows what's changed). When, after a little over two weeks, no one had contacted us with any more comments, we decided it was time to submit the paper and we sent it to the journal Physical Review D. We settled in for what we expected to be a long wait and a series of back-and-forth revisions, but amazingly, after only a week in review, the journal contacted us to say the paper was accepted! The reviewer only had a short comment: The paper reports an interesting analysis of black hole production in cosmic ray collisions and ensuing constraints on the fundamental scale. I am happy to recommend publication.
Despite the satisfaction of the speedy review and publication, I'll admit it was still a bit of a disappointment to learn that our limits were more, well, limited, than we had originally thought. At first glance, our results had really seemed like they could change the conversation around extra dimensions, with the only major caveat being that you had to take seriously the meta-stability of the vacuum (which, of course, many do). But as it is, the result is still a pretty cool one. This method can tell us something about energy scales that we really seemed to have no way of accessing. What it can tell us may not be what we're trying to learn to rule out the current most favored theories, but that doesn't mean that it won't prove to be a fruitful new direction.
I'm still proud of our work, and I still think that what we did is interesting. We're in a totally different regime right now, and we don't know where things will lead. In physics, you can't always get what you want, but you never know --- it might turn out, someday, to be exactly what you need.
Summertime in Antarctica is winding down these days, with the first sunset of the year coming to the South Pole in about two weeks. The people living and working at Antarctic coastal stations were able to experience a few weeks of constant daylight around Christmastime. Gathered below, recent images of the Antarctic landscape, wildlife, and research facilities, and some of the work taking place there.
Glaciers and icebergs surround the Gerlache Strait in Antarctica on February 9, 2019.
(
Ozge Elif Kizil / Anadolu Agency / Getty)
Itâs hard to fathom when we look at a globe, but our planet Earthâs substantial covering of ocean is relatively modest. Alternative scenarios involving âwater worldsâ include rocky planets whose silicate mantle is covered in a deep, global ocean, with no land in sight. Kilometer after kilometer of water covers a layer of ice on the ocean floor in these models, making it unlikely that the processes that sustain life here could develop â how likely is a carbon cycle in such a scenario, and without it, how do we stabilize climate and make an inhabitable world?
These are challenging issues as we build the catalog of exoplanets and try to figure out local conditions. But itâs also intriguing to ask what made Earth turn out as dry as it is. Tim Lichtenberg developed a theory while doing his thesis at the Eidgenössische Technische Hochschule in Zürich (he is now at Oxford), and now presents it in a paper in collaboration with colleagues at Bayreuth and Bern, as well as the University of Michigan. Lichtenberg thinks we should be looking hard at the radioactive element Aluminium-26 (26Al).
Go back far enough in the evolution of the Solar System and kilometer-sized planetesimals made of rock and ice moved in a circumstellar disk around the young Sun, eventually through the process of accretion growing into planetary embryos. In this era a supernova evidently occurred in the astronomical neighborhood, depositing 26Al and other elements into the mix. Using computer simulations of the formation of thousands of planets, the researchers argue that two distinct populations emerge, water worlds and drier worlds like Earth.
âThe results of our simulations suggest that there are two qualitatively different types of planetary systems,â says Lichtenberg: âThere are those similar to our Solar System, whose planets have little water. In contrast, there are those in which primarily ocean worlds are created because no massive star, and so no Al-26, was around when their host system formed. The presence of Al-26 during planetesimal formation can make an order-of-magnitude difference in planetary water budgets between these two species of planetary systems.â
Image: Planetary systems born in dense and massive star-forming regions inherit substantial amounts of Aluminium-26, which dries out their building blocks before accretion (left). Planets formed in low-mass star-forming regions accrete many water-rich bodies and emerge as ocean worlds (right). Credit: Thibaut Roger.
Because planets grow from these early planetesimals, their composition is critical. If a great part of a planetâs water comes from them, then the danger of accreting too much water is always present if many of the constituent materials come from the icy regions beyond the snowline. But radioactive constituents like 26Al inside the planetesimals can create heat that can evaporate much of the initial water ice content before accretion occurs. Dense star-forming regions are more likely to produce planets that manifest these latter outcomes.
Lichtenberg and team examined the decay heat from 26Al in terms of this early planetesimal evolution, which would have led to silicate melting and degassing of primordial water abundances. Their simulations of planet populations delved into internal structures that varied according to disk structures, planetary composition, and initial location of planetary embryos. They produced statistical variations of incorporated water in planets that varied in radius and initial 26Al abundance. In all, the authors achieved what they believe to be a statistically representative set of 540,000 individual simulations over 18 parameter sets.
Image: This is Figure 3 from the paper. Caption: Fig. 3 | Qualitative sketch of the effects of 26Al enrichment on planetary accretion. Left, 26Al-poor planetary systems; right, 26Al-rich planetary systems. RP, planetary radius. Arrows indicate proceeding accretion (middle), planetesimal water content (bottom right, blueâbrown) and live 26Al (bottom right, redâwhite). Credit: Lichtenberg et al.
We wind up with planetary systems with 26Al abundances similar to or higher than the Solar System forming terrestrial planets with lower amounts of water, an effect that grows more pronounced with distance from the host star, since embryos forming there are likely to be richer in water. Systems poor in 26Al are thus far more likely to produce water worlds. A remaining question involves the actual growth of rocky planets, as the paper notes:
If rocky planets grow primarily from the accumulation of planetesimals, then the suggested deviation between planetary systems should be clearly distinguishable among the rocky exoplanet census. If, however, the main growth of rocky planets proceeds from the accumulation of small particles, such as pebbles, then the deviation between 26Al-rich and 26Al-poor systems may become less clear, and the composition of the accreting pebbles needs to be taken into account.
The direction of future work to explore the question is clear;
⦠models of water delivery and planet growth need to synchronize the timing of earliest planetesimal formation, the mutual influence of collisions and 26Al dehydration, the potential growth by pebble accretion, and the partitioning of volatile species between the interior and atmosphere of growing protoplanets in order to further constrain the perspectives for rocky (exo-)planet evolution.
The paper is Lichtenberg et al., âA Water Budget Dichotomy of Rocky Protoplanets from 26Al-Heating,â Nature Astronomy Letters, 11 February 2019 (abstract). Thanks to John Walker for helpful information regarding this story.
Standard archeological techniques canât determine whether the prehistoric artists were hunter-gatherers or farmers. Analyzing the paintingsâ surfaces with techniques from biology offers much more information about how they worked and when they lived.
It's only a prototype, but this USB cable has an embedded Wi-Fi controller. Whoever controls that Wi-Fi connection can remotely execute commands on the attached computer.
Federal authorities this week arrested a North Carolina man who allegedly ran with a group of online hooligans that attacked Web sites (including this one), took requests on Twitter to call in bomb threats to thousands of schools, and tried to frame various online gaming sites as the culprits. In an ironic twist, the accused â who had fairly well separated his real life identity from his online personas â appears to have been caught after a gaming Web site he frequented got hacked.
On Feb. 12, the U.S. Justice Department announced the arrest of Timothy Dalton Vaughn, a 20-year-old from Winston-Salem, N.C. Vaughn is alleged to have been a key member of the Apophis Squad,àa gang of neâer-do-wells who made bomb threats against thousands of schools and launched distributed denial-of-service (DDoS) attacks against Web sites ââ¬â including KrebsOnSecurity on multiple occasions.
The feds say Vaughn used multiple aliases on Twitter and elsewhere to crow about his attacks, including âHDGZero,â âWantedByFeds,â and âXavier Farbel.â Among the Apophis Squadâs targets was encrypted mail service Protonmail, which reached out to this author last year for clues about the identities of the Apophis Squad members after noticing we were both being targeted by them and receiving demands for money in exchange for calling off the attacks.
Protonmail later publicly thanked KrebsOnSecurity for helping to bring about the arrest of Apophis Squad leader George Duke-Cohan â a.k.a. âopt1cz,â â7R1D3n7,â and âPl3xl3t,â â a 19-year-old from the United Kingdom who was convicted in December 2018 and sentenced to three years in prison. But the real-life identity of HDGZero remained a mystery to both of us, as there was little publicly available information at the time connecting that moniker to anyone.
The DDoS-for-hire service run by Apophis Squad listed their members.
That is, until early January 2019, when news broke that hackers had broken into the servers of computer game maker BlankMediaGames and made off with account details of some 7.6 million people who had signed up to play âTown of Salem,â the companyâs browser-based role playing game. That stolen information has since been posted and resold in underground forums.
A review of the leaked BlankMediaGames user database shows that in late 2018, someone who selected the username âhdgzeroâ signed up to play Town of Salem, registering with the email address xavierfarbel@gmail.com. The data also shows this person registered at the site using a Sprint mobile device with an Internet address that traced back to the Carolinas.
The Justice Department indictment against Vaughn and Duke-Cohan released this week alleges the pair were equally responsible for sending spoofed bomb threat emails to 2,000 schools in the United States and more than 400 in the U.K., falsely warning that various explosive devices were planted at the schools and would be detonated unless a ransom demand was paid.
In this snippet from a January 2018 online chat taken from a channel maintained by HDGZero, the accused can be seen claiming credit for the bomb threats and posting links to stories in various local media outlets about schools evacuating students in response to the threats. The bomb threat emails were made to look like they were sent by different high-profile squads of online gamers competing against one another in the wildly popular game Minecraft.
One of the many private Twitter messages I received from the Apophis Squad following DDoS attacks on KrebsOnSecurity.
The government maintains that, through their various Twitter handles, Duke-Cohan and Vaughn even offered to take requests for shutting down specific schools with bomb threats.
âWe are OPEN for request for school lockdowns / evacs,â read a tweet from the Twitter account @apophissquadv2, which the Justice Department says Duke-Cohan and Vaughn shared. âSend us your request to apophissquad@tuta.io (FREE).â
The government alleges that Vaughn also participated with Duke-Cohan in reporting the hijack of a United Airlines flight bound for the United States. That flight, which had almost 300 passengers on board, was later quarantined for four hours in San Francisco pending a full security check.
The indictment charges Vaughn and Duke-Cohan with conspiracy and eight additional felony offenses, including making threats to injure in interstate commerce and making interstate threats involving explosives. Vaughn is additionally charged with intentionally damaging a computer and interstate threat to damage a protected computer with intent to extort.
A Justice Department press release on the indictment states that if convicted of all 11 charges, Vaughn would face a statutory maximum sentence of 80 years in federal prison. If convicted of the nine charges in the indictment in which he is named, Duke-Cohan would face a statutory maximum sentence of 65 years in federal prison.
Limited amateur radio operation has commenced on Esâhail 2, a Qatari satellite launched late last year.
Its primary mission is to provide direct-to-home television services in the Middle East and North Africa region. But the spacecraft also carries two âPhase 4â amateur radio transponders operating in the 2400 MHz and 10450 MHz bands. A 250 kHz bandwidth linear transponder intended for conventional analogue operations and an 8 MHz bandwidth transponder for experimental digital modulation schemes and DVB amateur television.
Hams have longed dreamed about having a transponder in a stationary orbit and now they have one, though itâs parked over a hemisphere that doesnât include North America. Disappointing as that may be for those of us âover hereâ the platform provides plenty of opportunity for study and learning in the hope that we may one day gain access to a similar resource covering our hemisphere.
One way to indirectly participate is to access the online Web SDR receiver thatâs streaming live audio collected at the Goonhilly Earth Station. You can listen to live traffic from the amateur transponder when itâs active. Given its footprint, much of that traffic wonât be in English (though Iâve monitored several English speaking QSOâs) but you can certainly get a feel for what it would be like to have access to this kind of a communication platform on orbit.
Front Hazcam image, showing the current workspace. This is a block of more coherent bedrock, surrounded by rubbly terrain, with lots of small rocks, pebbles and sand.
Â
Today was a very busy planning day for the Curiosity operations team. We planned a 3-sol plan, with contact science, imaging, environmental monitoring and a drive.
Our weekend plan brought us to a block of coherent rock, a treat after spending many workspaces in more broken up and rubbly areas. The Geology (GEO) theme group uplinked lots of contact science here on Monday, so we are ready to leave and drive on to the next coherent block we have identified in the distance, a target known as âMidland Valley.â Before leaving however, we planned contact science on âLadder Hills,â a beautiful example of laminated bedrock. APXS will be used to determine the chemistry, to compare it to our other targets in this workspace âGannetâ and âCurlew.â MAHLI will take images of the laminations within Ladder Hills from two different angles â straight downwards onto the rock surface (the spot where APXS will also analyze), and from an oblique angle. ChemCam will acquire active LIBS (laser) analysis of Ladder Hills, in addition to analysis of âFyvie,â a large pebble for comparison with bedrock targets.
The plan features lots of Mastcam imagery. Both Fyvie and the post-drive AEGIS target will be imaged, in support of ChemCam science activities. Two mosaics will focus on the laminations in the workspace, in the targets Ladder Hills, âLadyburnâ and âLoch Gelly.â Multispectral documentation will be taken of the Curlew target, which was brushed in Mondayâs plan. There is a mosaic of two linear ridges in the distance (âGilles Hillâ).
Mid-way to our next stop at Midland Valley, we will stop at a small ripple field. Using Mastcam, we will image the undisturbed sand, before scuffing using the right wheel, back away a little, and then take another Mastcam image of the disturbed sand. These images will be used to further characterize the physical properties of the sand in this area. Then our drive resumes, hopefully ending on bedrock for our upcoming weekend plan. Following the drive, APXS will do overnight measurements of argon in the atmosphere, as part of a long range experiment looking at changes in argon abundances and seasonal variations.
In parallel to the very full GEO plan, the Environmental (ENV) theme group also has a very full plan. The main ENV activity is a ChemCam Passive Sky observation, which lets us measure the column abundance of water vapor, oxygen, water ice and dust in the atmosphere, and also gives us some idea of dust and water ice particle sizes. This is particularly interesting as we just had some regional dust storm activity on Mars, so thereâs still quite a lot of dust in the atmosphere above the rover. For this reason, weâre also very interested in the two Mastcam atmospheric opacity measurements in this plan, which will tell us how much dust is still up there; recently, opacities have been trending down. ENV planned some Navcam movies, as part of an ongoing campaign to examine martian clouds, their properties and abundances. The âzenithâ movie looks directly upwards to look at clouds and their direction, whilst the âsuprahorizonâ movie is targeted in a more horizontal direction, looking at clouds and variations in optical depth in the atmosphere above the north rim of the crater. ENV also planned Navcam and Mastcam âdust devilâ movies and surveys, which measure the number, location, and characteristics of dust-filled convective vortices, which in turn tells us about surface heating, convection, and winds near the surface. These observations are targeted lower than the suprahorizon movies, to search for dust devils across the crater floor on the slopes of Mount Sharp. Excitingly, this plan sees the very first use of Mastcam to take a dust devil movie, which will give colour images and better resolution (although over a smaller region) than Navcam. Finally, there were also standard RAD, REMS and DAN activities.
Written by Catherine OâConnell, Planetary Geologist at University of New Brunswick-Cooper
Some time back, Ján Su?an fixed up some firmware issues on DragonFly.  Heâs published a first stab at attaching firmware information to files; itâs up for review now and heâd like feedback. Please tell him what you think, if youâre interested in this topic.
A half century ago, humans first set foot on the moon, hundreds of thousands of young people gathered in New Yorkâs Catskill Mountains for a music festival that became a cultural milestone, and the war in Vietnam dragged on while protest and resistance grew. It was the year that Sesame Street premiered on Public TV, British troops were first sent into Northern Ireland, the Manson Family murders took place, that Richard Nixon became the 37th President of the United States, and much more.
A portrait of the crew of NASA's Apollo 11 mission to the moon; from left, the astronauts Buzz Aldrin, Michael Collins, and Neil Armstrong, as they pose on a model of the moon in 1969
(
Ralph Morse / The LIFE Picture Collection / Getty)
Sometimes the way we discover new things is by looking back, as witness the blue haze of Pluto. The image below comes, of course, from New Horizons, taken after the flyby and looking back in the direction of the Sun. Here weâre looking at a mosaic combining black and white LORRI images (Long Range Reconnaissance Imager) and enhancing them with lower-resolution color data from the Ralph/Multispectral Visible Imaging Camera (MVIC). The result, taken about 3.5 hours after closest approach, is in approximately true color.
Image: Pluto as seen by New Horizons from 200,000 kilometers after the flyby. The spectacular blue haze, extending to over 200 kilometers in altitude, is the result of sunlight acting on methane and other molecules in Plutoâs atmosphere to produce a photochemical haze. Credit: NASA/Johns Hopkins University Applied Physics Laboratory/Southwest Research Institute.
Ultima Thule likewise yields more of its secrets as we look at data from beyond the closest encounter. New Horizonsâ latest target produced departure imagery fleshing out our view of the objectâs shape by showing us parts of the KBO that were not illuminated by the Sun during the approach. We learn that the two lobes of Ultima Thule are not spherical at all, but rather that the larger lobe is flattened into a pancake shape, while the New Horizons team sees in the smaller lobe a resemblance to a dented walnut. Here is a video rendering of the data.
Image: Mission scientists created this âdeparture movieâ from 14 different images taken by the New Horizons Long Range Reconnaissance Imager (LORRI) shortly after the spacecraft flew past the Kuiper Belt object nicknamed Ultima Thule (officially named 2014 MU69) on Jan. 1, 2019. The central frame of this sequence was taken on Jan. 1 at 05:42:42 UT (12:42 a.m. EST), when New Horizons was 8,862 kilometers (5,494 miles) beyond Ultima Thule, some 6.6 billion kilometers (4.1 billion miles) from Earth. The objectâs illuminated crescent is blurred in the individual frames because a relatively long exposure time was used during this rapid scan to boost the cameraâs signal level â but the science team combined and processed the images to remove the blurring and sharpen the thin crescent. This is the farthest movie of any object in our Solar System ever made by any spacecraft. Credit: NASA/Johns Hopkins Applied Physics Laboratory/Southwest Research Institute/National Optical Astronomy Observatory.
âWeâve never seen something like this orbiting the Sun,â says mission PI Alan Stern, adding:
âWe had an impression of Ultima Thule based on the limited number of images returned in the days around the flyby, but seeing more data has significantly changed our view. It would be closer to reality to say Ultima Thuleâs shape is flatter, like a pancake. But more importantly, the new images are creating scientific puzzles about how such an object could even be formed.â
Image: New Horizons took this image of Ultima Thule on Jan. 1, 2019, when the NASA spacecraft was 8,862 kilometers (5,494 miles) beyond it. The image to the left is an âaverageâ of ten images taken by the Long Range Reconnaissance Imager (LORRI); the sharper processed view is to the right. Credit: NASA/Johns Hopkins Applied Physics Laboratory/Southwest Research Institute/National Optical Astronomy Observatory.
Observing stars as they disappeared when Ultima Thule passed in front of them allowed scientists to further refine the shape. The illustration below shows the evolution of our understanding, as weâve moved from the âsnowmanâ to the âpancakeâ model.
âWhile the very nature of a fast flyby in some ways limits how well we can determine the true shape of Ultima Thule, the new results clearly show that Ultima and Thule are much flatter than originally believed, and much flatter than expected,â adds Hal Weaver, New Horizons project scientist from the Johns Hopkins Applied Physics Laboratory. âThis will undoubtedly motivate new theories of planetesimal formation in the early solar system.â
Image: Scientistsâ understanding of Ultima Thule has changed as they review additional data. The âold viewâ in this illustration is based on images taken within a day of New Horizonsâ closest approach to the Kuiper Belt object on Jan. 1, 2019, suggesting that both âUltimaâ (the larger section, or lobe) and âThuleâ (the smaller) were nearly perfect spheres just barely touching each other. But as more data were analyzed, including several highly evocative crescent images taken nearly 10 minutes after closest approach, a ânew viewâ of the objectâs shape emerged. Ultima more closely resembles a âpancake,â and Thule a âdented walnut.â The bottom view is the teamâs current best shape model for Ultima Thule, but still carries some uncertainty as an entire region was essentially hidden from view, and not illuminated by the Sun, during the New Horizons flyby. The dashed blue lines span the uncertainty in that hemisphere, which shows that Ultima Thule could be either flatter than, or not as flat as, depicted in this figure. Credit: NASA/Johns Hopkins University Applied Physics Laboratory/Southwest Research Institute.
A year ago, the Norwegian Consumer Council published an excellent security analysis of children's GPS-connected smart watches. The security was terrible. Not only could parents track the children, anyone else could also track the children.
A recent analysis checked if anything had improved after that torrent of bad press. Short answer: no.
Guess what: a train wreck. Anyone could access the entire database, including real time child location, name, parents details etc. Not just Gator watches either -- the same back end covered multiple brands and tens of thousands of watches
The Gator web backend was passing the user level as a parameter. Changing that value to another number gave super admin access throughout the platform. The system failed to validate that the user had the appropriate permission to take admin control!
This means that an attacker could get full access to all account information and all watch information. They could view any user of the system and any device on the system, including its location. They could manipulate everything and even change users' emails/passwords to lock them out of their watch.
In fairness, upon our reporting of the vulnerability to them, Gator got it fixed in 48 hours.
This is a lesson in the limits of naming and shaming: publishing vulnerabilities in an effort to get companies to improve their security. If a company is specifically named, it is likely to improve the specific vulnerability described. But that is unlikely to translate into improved security practices in the future. If an industry, or product category, is named generally, nothing is likely to happen. This is one of the reasons I am a proponent of regulation.
In a world where the smartphone is now ubiquitous, photographers capture daily life in which the personal device is part of the moment. Whether it is used for communication, navigation, a flashlight, a wallet, or to take photos, itâs an essential part of life for many.
Fans use their phones as they attend a concert by the US DJ/production duo The Chainsmokers at the opening of the annual Byblos International Festival (BIF), in the ancient city of Byblos (Jbeil), north of Beirut, Lebanon, Aug. 1.
(Wael Hamzeh/REX/Shutterstock)
Chris Gammell wants to know: Whatâs in your circuit toolbox?
Personally, mine is somewhat understocked. I do know that in one of my journals, probably from back in the 1980s, I scribbled down a schematic of a voltage multiplier I had just built, with the classic diode and capacitor ladder topology. I probably fed it from a small bell transformer, and I might have gotten a hundred volts or so out of it. I was so proud at the time that I wrote it down for posterity with the note, âI made this today!â
I think the whole point of Chrisâ 2018 Hackaday Superconference talk is precisely what I was trying to get at when I made my âdiscoveryâ â we all have circuits that just work for us, and the more you have, the better. Most readers will recognize Chris from such venues as The Amp Hour, a weekly podcast he hosts with Dave Jones, and his KiCad tutorial videos. Chris has been in electrical engineering for nearly twenty years now, and heâs picked up a collection of go-to circuits that keep showing up in his designs and making life easier, which he graciously shared with the crowd.
As Chris points out, itâs the little circuits that can make the difference. Slide after slide of his talk had schematics with no more than a handful of components in them, covering applications from dead-simple LED power indicators and switch debouncing to IO expansion using a 74HC595. And as any sensible engineer might, Chrisâ toolbox includes a good selection of power protection circuits, everything from polarity reversal protection with a MOSFET and a zener to a neat little high-side driver shutoff using a differential amp and an optoisolator.
During the last four years of the CyMISS (Tropical Cyclone Intensity Measurements from the ISS) program, our team has acquired image sequences of several dozen powerful hurricanes, typhoons and tropical cyclones scattered across the globe. While 2018 proved to be a busy hurricane season in the Atlantic, it also saw a number of powerful tropical cyclones in the southern hemisphere earlier in the year. One of these storms was Tropical Cyclone Gita which was observed by the crew of the ISS in support of CyMISS during overpasses on February 13 and 14, 2018. The individual photographs from the original 240-image sequence from the February 13 overpass were remapped to approximate an overhead view before they were stitched together into a synoptic color mosaic covering an area of 1,200 by 800 kilometers shown below. Notice that the cloud bands of this southern hemisphere storm display a clockwise rotation â the opposite of its northern hemisphere kin. A high-resolution version of this synoptic mosaic with an image scale of 500 meters/pixel can be viewed by clicking on the image below (for more information on this overpass, see âCyMISS Image of the Month: Tropical Cyclone Gitaâ).
This mosaic shows Tropical Cyclone Gita as viewed from the ISS on February 13, 2018. It was created by remapping the original 240 photographs taken by the crew of the ISS to approximate an overhead view before stitching them together and covers an area of 1,200 by 800 kilometers. Click on the image to view a high resolution version with a scale of 500 meters/pixel. (A.J. LePage/Visidyne/JSC-NASA)
Februaryâs Image of the Month is a closeup 3D view of the eye Tropical Cyclone Gita created using images from a sequence of 240 photographs taken by the crew of the ISS during the February 14 overpass. When the four-minute photography session started at 19:55:00 GMT, Gita was located at about 21.5° S, 174.9° E in the South Pacific and was rated as a strong Category 3 storm with sustained winds of about 193 kph (120 mph). As was done with the earlier overpass images, the individual photographs from the original 240-image sequence were remapped to approximate an overhead view before they were stitched together into a synoptic color mosaic covering an area of 1,500 by 1,000 kilometers. A high-resolution version of this synoptic mosaic with an image scale of 500 meters/pixel can be viewed by clicking on the image below.
This synoptic image shows Tropical Cyclone Gita as viewed from the ISS on February 14, 2018 at about 19:57 GMT in the South Pacific. Covering an area of 1,500 by 1,000 km, this mosaic was created by remapping the original sequence of color photographs taken by the crew of the ISS to approximate an overhead view before stitching them together. Click on the image to view a high-resolution version with a scale of 500 meters/pixel. (A.J. LePage/Visidyne/NASA-JSC)
The Image of the Month is a 3D image created using a pair of close up photographs of the enormous 125-kilometer eye of Tropical Cyclone Gita taken a few seconds apart around 19:57:18 GMT. Only the red channel of the original color images was used in order to cut through any atmospheric haze and maximize the visibility of the cloud features. These images were remapped to approximate an overhead view before being combined to create an anaglyphic 3D image (a pair of stereo glasses with a red filter over the left eye and a blue filter on the right is required to reproduce the 3D effect). The resulting stereo view, which can be seen at full size with a scale of 100 meters/pixel by clicking on the image below, covers an area of 300 by 200 kilometers and clearly reveals a lot of complex structure in and around the eye of this storm.
This is a close up anaglyphic 3D view (left eye red, right eye blue) of the eye of Tropical Cyclone Gita as it appeared from the ISS at about 19:57:18 GMT on February 14, 2018. It was created by combining a pair of red-filtered images taken a few seconds apart which had been processed to approximate a common overhead view covering an area of 300 by 200 kilometers. Click on the image to view the full size version at a scale of 100 meters/pixel. (A.J. LePage/Visidyne/JSC-NASA)
The goal of the ongoing CyMISS (tropical Cyclone intensity Measurements from the ISS) project is to acquire image sequences of intense tropical cyclones (TCs), such as hurricanes, to support the development of an improved remote sensing method to determine more accurately the strength of these destructive storms using stereoscopy. The CyMISS team at Visidyne would like to thank the crew of the ISS as well as the staff at NASAâs Marshall Space Flight Center and Johnson Space Center for their ongoing efforts. The original images are courtesy of the Earth Science and Remote Sensing Unit at NASA Johnson Space Center. The work presented here is supported in part under CASIS Grant UA-2019-013.
I was shocked last night, when I saw a post to the Flying Pigs Facebook page by Brian KB9BVN, that Ken WA8REI had become a Silent Key.
Ken, being the avid QRPer, had contacted me many times over the years in QRP Sprints and just plain old QSOs. I particularly enjoyed when we would rag chew when Ken took his RV to the Upper Peninsula in Michigan and he would tell me how cold it was; or how much snow was on the ground, or how beautiful the foliage was in the Autumn.
Ken introduced me to; and got me involved in the QRP Polar Bears, where another SK, Ron WB3AAL was also quite active.
It was always a treat to run into Ken over the years and his call sign appears in my log many, many times. I will miss the cheeriness and friendliness that he was able to pass on - even through his dits and dahs. Ken was good people.
Kenneth Alan Louks (Obituary)
Kenneth A. Louks of Freeland, Michigan passed away February 10, 2019 at the age of 71.
Ken was a life-long resident of the Saginaw area. After graduating from Buena Vista High School in 1965, he entered Western Michigan University and obtained a bachelorâs degree in sociology. Ken served in the US Army from 1970-72 and was stationed in Stuttgart, West Germany where he was assistant to the Chaplain. Upon his honorable discharge, he was employed by the US Postal Service from 1972 to 2002, reaching the level of Mail Processing Manager at the Saginaw USPS facility.
Ken had a strong Christian faith and was past member of Sheridan Avenue United Methodist Church, Auburn UMC, and presently was a member of Hopevale Church. He enjoyed the Christian fellowship of all members at these houses of worship.
Ken was a gifted keyboardist from his youth and throughout his life. Ken was organist at Auburn UMC and part-time organist at Sheridan Avenue and Swan Valley UMC over the years. Ken also taught piano from his home. Even after a stroke at age 60 rendered his left hand paralyzed, Ken still played his electronic keyboard, recording and sharing his music, which were often arrangements of favorite hymns. Ken also played the dulcimer.
Ken loved his Lord and his country and was proud of his service in the Army. He enjoyed traveling our scenic country, either in his RV or Tahoe, often stopping at the homes of relatives or his ham radio buddies. He loved nature, and loved visiting relatives whether they were in Saginaw, Mayville or Florida.
Kenâs favorite hobby was amateur radio. Licensed in 1965 as WA8REI, he was very active on the air until his death. Ken loved to operate his radio, using Morse code, from wilderness areas as well as from his home. He made loyal friends on the air all over the world.
Ken was predeceased by his parents, Ferris and Donna Louks. He is survived by his brothers David (Kathryn) Louks, Paul (Vicky) Louks, a dear aunt G. Elaine Fox, and many treasured nieces, nephews and cousins.
Honoring Kenâs wishes, there will be no formal funeral service. His wish was for his friends and relatives to remember him in their hearts and give all thanks and praise to God for our time of grace. Also per Kenâs wishes, he will be cremated, and his remains interred at Great Lakes National Cemetery in Holly, Michigan at a later date. Those planning an expression of sympathy may wish to consider Hopevale Church of Saginaw
73, Ken! May you always have good DX and great propagation - RIP, my friend.
72 de Larry W2LJ QRP - When you care to send the very least!
I had not heard about this case before. Zurich Insurance has refused to pay Mondelez International's claim of $100 million in damages from NotPetya. It claims it is an act of war and therefor not covered. Mondelez is suing.
Those turning to cyber insurance to manage their exposure presently face significant uncertainties about its promise. First, the scope of cyber risks vastly exceeds available coverage, as cyber perils cut across most areas of commercial insurance in an unprecedented manner: direct losses to policyholders and third-party claims (clients, customers, etc.); financial, physical and IP damages; business interruption, and so on. Yet no cyber insurance policies cover this entire spectrum. Second, the scope of cyber-risk coverage under existing policies, whether traditional general liability or property policies or cyber-specific policies, is rarely comprehensive (to cover all possible cyber perils) and often unclear (i.e., it does not explicitly pertain to all manifestations of cyber perils, or it explicitly excludes some).
But it is in the public interest for Zurich and its peers to expand their role in managing cyber risk. In its ideal state, a mature cyber insurance market could go beyond simply absorbing some of the damage of cyberattacks and play a more fundamental role in engineering and managing cyber risk. It would allow analysis of data across industries to understand risk factors and develop common metrics and scalable solutions. It would allow researchers to pinpoint sources of aggregation risk, such as weak spots in widely relied-upon software and hardware platforms and services. Through its financial levers, the insurance industry can turn these insights into action, shaping private-sector behavior and promoting best practices internationally. Such systematic efforts to improve and incentivize cyber-risk management would redress the conditions that made NotPetya possible in the first place. This, in turn, would diminish the onus on governments to retaliate against attacks.
The Fermi Paradox is the supposed inconsistency between the ease with which a spacefaring species could settle the entire Milky Way given billions of years and the fact that they are not obviously in the Solar System right now. This, original form of the paradox was formulated most trenchantly by Michael Hart (more on him [â¦]
As Chris points out, itâs the little circuits that can make the difference. Slide after slide of his talk had schematics with no more than a handful of components in them, covering applications from dead-simple LED power indicators and switch debouncing to IO expansion using a 74HC595. And as any sensible engineer might, Chrisâ toolbox includes a good selection of power protection circuits, everything from polarity reversal protection with a MOSFET and a zener to a neat little high-side driver shutoff using a differential amp and an optoisolator.
