Enlarge/ The three recalled pouches linked to lead poisonings.
A spice grinder named Carlos Aguilera of Ecuador is the likely source of contaminated cinnamon containing extremely high levels of lead and chromium, which made its way into the apple cinnamon fruit pouches of US toddlers, according to an announcement by the Food and Drug Administration this week.
The FDA said Ecuadorian officials at the Agencia Nacional de Regulación, Control y Vigilancia Sanitaria (ARCSA) identified Aguilera as the cinnamon processor and reported to the FDA that his business is no longer operating. Aquilera received raw cinnamon sticks sourced from Sri Lanka, which, according to raw sample testing conducted by ARCSA, had no lead contamination upon their arrival. After Aguilera processed the cinnamon, it was supplied by a company called Negasmart to Austrofoods, the manufacturer of the apple cinnamon pouches.
According to FDA inspection documents obtained by CBS News, Austrofoods never tested its product for heavy metals at any point in production and repeatedly failed to identify the cinnamon as a raw ingredient needing such testing. “[Y]ou did not sample and test the raw material or the finished product for heavy metals,” the FDA wrote in its inspection report. Testing by the FDA immediately identified high levels of lead in the finished apple cinnamon puree and in the ground cinnamon powder Austrofoods used for the purees. The regulator also observed problems with Austrofood’s pasteurization and sanitation procedures, and noted equipment in poor condition that could have allowed metal pieces to break loose and get into food products.
Austrofood’s apple cinnamon fruit puree pouches were sold under three brands, all of which have been recalled: WanaBana apple cinnamon fruit puree pouches, Schnucks brand cinnamon-flavored applesauce pouches, and Weis brand cinnamon applesauce pouches.
The FDA reported that ARCSA’s investigation and legal proceedings are still ongoing to determine the ultimate responsibility for the contamination. The FDA acknowledged that it has “limited authority over foreign ingredient suppliers who do not directly ship product to the US. This is because their food undergoes further manufacturing/processing prior to export. Thus, the FDA cannot take direct action with Negasmart or Carlos Aguilera.”
Testing by the FDA hints that the cinnamon was contaminated with lead chromate, a vibrant yellow substance often used to bolster a spice’s appearance and weight artificially. It’s frequently been found contaminating turmeric sourced from India and Bangladesh.
The children exposed to the purees face uncertain long-term health effects. The effects of ingesting chromium are unclear, and it’s also not clear what form of chromium the children ingested from the pouches. Lead, on the other hand, is a potent neurotoxic metal that can damage the brain and nervous system. In young children, the effects of acute exposures could manifest as learning and behavior problems, as well as hearing and speech problems in the years to come.
Enlarge/ These mounted displays near the entrance let visitors touch, but not use, a Vision Pro.
Kyle Orland
For decades now, potential Apple customers have been able to wander in to any Apple Store and get some instant eyes-on and hands-on experience with most of the company’s products. The Apple Vision Pro is an exception to this simple process; the “mixed-reality curious” need to book ahead for a guided, half-hour Vision Pro experience led by an Apple Store employee.
As a long-time veteran of both trade show and retail virtual-reality demos, I was interested to see how Apple would sell the concept of “spatial computing” to members of the public, many of whom have minimal experience with existing VR systems. And as someone who’s been following news and hands-on reports of the Vision Pro’s unique features for months now, I was eager to get a brief glimpse into what all the fuss was about without plunking down at least $3,499 for a unit of my own.
After going through the guided Vision Pro demo at a nearby Apple Store this week, I came away with mixed feelings about how Apple is positioning its new computer interface to the public. While the short demo contained some definite “oh, wow” moments, the device didn’t come with a cohesive story pitching it as Apple’s next big general-use computing platform.
Setup snafus
After arriving a few minutes early for my morning appointment in a sparsely attended Apple Store, I was told to wait by a display of Vision Pro units set on a table near the front. These headsets were secured tightly to their stands, meaning I couldn’t try a unit on or even hold it in my hands while I waited. But I could fondle the Vision Pro’s various buttons and straps while getting a closer look at the hardware (and at a few promotional videos running on nearby iPads).
Two Vision Pro headsets let you see it from multiple angles at once.
Kyle Orland
Nearby iPads let you scroll through videos and information about the Vision Pro.
Kyle Orland
The outward-facing display is very subtle in person.
Kyle Orland
Without an appointment you can feel the headstrap with your hands but not with your skull.
Kyle Orland
To Apple’s credit, it did not even try to hide the external battery in these store displays.
Kyle Orland
After a few minutes, an Apple Store employee, who we’ll call Craig, walked over and said with genuine enthusiasm that he was “super excited” to show off the Vision Pro. He guided me to another table, where I sat in a low-backed swivel chair across from another customer who looked a little zoned out as he ran through his own Vision Pro demo.
Craig told me that the Vision Pro was the first time Apple Store employees like him had gotten early hands-on access to a new Apple device well before the public, in order to facilitate the training needed to guide these in-store demos. He said that interest had been steady for the first few days of demos and that, after some initial problems, the store now mostly managed to stay on schedule.
Unfortunately, some of those demo kinks were still present. First, Craig had trouble tracking down the dedicated iPhone used to scan my face and determine the precise Vision Pro light seal fit for my head. After consulting with a fellow employee, they decided to have me download the Apple Store app and use a QR code to reach the face-scanning tool on my own iPhone. (I was a bit surprised this fit scanning hadn’t been offered as part of the process when I signed up for my appointment days earlier.)
It took three full attempts, scanning my face from four angles, before the app managed to spit out the code that Craig needed to send my fit information to the back room. Craig told me that the store had 38 different light seals and 900 corrective lens options sitting back there, ready to be swapped in to ensure maximum comfort for each specific demo.
Sorry, I think I ordered the edamame…
Kyle Orland
Shhh… the Vision Pro is napping.
After a short wait, another employee brought my demo unit out on a round wooden platter that made me feel like I was at a Japanese restaurant. The platter was artistically arranged, from the Solo Knit Band and fuzzy front cover to the gently coiled cord leading to the battery pack sitting in the center. (I never even touched or really noticed the battery pack for the rest of the demo.)
At this point, Craig told me that he would be able to see everything I saw in the Vision Pro, which would stream directly to his iPad. Unfortunately, getting that wireless connection to work took a good five minutes of tapping and tinkering, including removing the Vision Pro’s external battery cord several times.
Once everything was set, Craig gave me a brief primer on the glances and thumb/forefinger taps I would use to select, move, and zoom in on things in the VisionOS interface. “You’re gonna pretend like you’re pulling on a piece of string and then releasing,” he said by way of analogy. “The faster you go, the faster it will scroll, so be mindful of that. Nice and gentle, nice and easy, and things will go smoothly for you.”
Fifteen minutes after my appointed start time, I was finally ready to don the Vision Pro.
A scripted experience
After putting the headset on, my first impression was how heavy and pinchy the Vision Pro was on the bridge of my nose. Thankfully, Craig quickly explained how to tighten the fit with a dial behind my right ear, which helped immediately and immensely. After that, it only took a minute or two to run through some quick calibration of the impressively snappy eye and hand tracking. (“Keep your head nice and still as you do this,” Craig warned me during the process.)
Enlarge/ Imagine this but with an Apple Store in the background.
Kyle Orland
As we dove into the demo proper, it quickly became clear that Craig was reading from a prepared script on his iPhone. This was a bit disappointing, as the genuine enthusiasm he had shown in our earlier, informal chat gave way to a dry monotone when delivering obvious marketing lines. “With Apple Vision Pro, you can experience your entire photo library in a brand new way,” he droned. “Right here, we have some beautiful shots, right from iPhone.”
Craig soldiered through the script as I glanced at a few prepared photos and panoramas. “Here we have a beautiful panorama, but we’re going to experience it in a whole new way… as if you were in the exact spot in which it was taken,” Craig said. Then we switched to some spatial photos and videos of a happy family celebrating a birthday and blowing bubbles in the backyard. The actors in the video felt a little stilted, but the sense of three-dimensional “presence” in the high-fidelity video was impressive.
After that, Craig informed me that “with spatial computing, your apps can exist anywhere in your space.” He asked me to turn the digital crown to replace my view of the store around me with a virtual environment of mountains bathed in cool blue twilight. Craig’s script seemed tuned for newcomers who might be freaked out by not seeing the “real world” anymore. “Remember, you’re always in control,” Craig assured me. “You can change it at any time.”
From inside the environment, Craig’s disembodied voice guided me as I opened a few flat app windows, placing them around my space and resizing them as I liked. Rather than letting these sell themselves, though, Craig pointed out how webpages are “super beautiful [and] easy to navigate” on Vision Pro. “As you can also see… text is super sharp, super easy to read. The pictures on the website look stunning.” Craig also really wanted me to know that “over one million iPhone/iPad apps” will work like this on the Vision Pro on day one.
Apple is purportedly working on a foldable iPhone internally, according to “a person with direct knowledge of the situation” speaking to The Information. They’re said to be clamshell-style devices that fold like Samsung’s Galaxy Z Flip series rather than phones that become tablets like the Galaxy Z Fold or Google’s Pixel Fold.
The phones are also said to be “in early development” or “could be canceled.” If they do make it to market, it likely wouldn’t be until after 2025.
The report has a long list of design challenges that Apple has faced in developing foldable phones: they’re too thick when folded up; they’re easily broken; they would cost more than non-foldable versions; the seam in the middle of the display tends to be both visible and feel-able; and the hinge on an iPad-sized device would prevent the device from sitting flat on a table (though this concern hasn’t stopped Apple from introducing substantial camera bumps on many of its tablets and all of its phones).
If many of those challenges sound familiar, it’s because it’s a detailed list of virtually every bad thing you could say about current foldable Android phones, even after multiple hardware generations. Our first Pixel Fold didn’t even survive the pre-release review period, and those well-earned durability concerns plus the relatively high cost have limited foldable phones to roughly 1.6 percent of all smartphone sales, according to recent analyst estimates.
It makes sense that Apple would be testing some big swings as it thinks about the next era of iPhone design; our iPhone 15 review called them the iPhone’s “final form,” insofar as it feels like there’s not much room to continue to improve on the iPhone X-style full-screen design that Apple has been iterating on since 2017. It sounds like foldable phones will only be in Apple’s future if the company can manage to overcome the same issues that have tripped up other foldables—though to be fair, the company does have a pretty good decadeslong track record on that front.
Enlarge/ US President Joe Biden speaks on the phone in the Rose Garden of the White House in Washington, DC, on May 1, 2023.
Getty Images | Brendan Smialowski
An anti-voting robocall that used an artificially generated clone of President Biden’s voice has been traced to a Texas company called Life Corporation “and an individual named Walter Monk,” according to an announcement by New Hampshire Attorney General John Formella yesterday.
The AG office’s Election Law Unit issued a cease-and-desist order to Life Corporation for violating a New Hampshire law that prohibits deterring people from voting “based on fraudulent, deceptive, misleading, or spurious grounds or information,” the announcement said.
As previously reported, the fake Biden robocall was placed before the New Hampshire Presidential Primary Election on January 23. The AG’s office said it is investigating “whether Life Corporation worked with or at the direction of any other persons or entities.”
“What a bunch of malarkey,” the fake Biden voice said. “You know the value of voting Democratic when our votes count. It’s important that you save your vote for the November election. We’ll need your help in electing Democrats up and down the ticket. Voting this Tuesday only enables the Republicans in their quest to elect Donald Trump again. Your vote makes a difference in November, not this Tuesday.”
The artificial Biden voice seems to have been created using a text-to-speech engine offered by ElevenLabs, which reportedly responded to the news by suspending the account of the user who created the deepfake.
The robocalls “illegally spoofed their caller ID information to appear to come from a number belonging to a former New Hampshire Democratic Party Chair,” the AG’s office said. Formella, a Republican, said that “AI-generated recordings used to deceive voters have the potential to have devastating effects on the democratic election process.”
Tech firms helped investigation
Formella’s announcement said that YouMail and Nomorobo helped identify the robocalls and that the calls were traced to Life Corporation and Walter Monk with the help of the Industry Traceback Group run by the telecom industry. Nomorobo estimated the number of calls to be between 5,000 and 25,000.
“The tracebacks further identified the originating voice service provider for many of these calls to be Texas-based Lingo Telecom. After Lingo Telecom was informed that these calls were being investigated, Lingo Telecom suspended services to Life Corporation,” the AG’s office said.
The Election Law Unit issued document preservation notices and subpoenas for records to Life Corporation, Lingo Telecom, and other entities “that may possess records relevant to the Attorney General’s ongoing investigation,” the announcement said.
Media outlets haven’t had much luck in trying to get a comment from Monk. “At his Arlington office, the door was locked when NBC 5 knocked,” an NBC 5 Dallas-Fort Worth article said. “A man inside peeked around the corner to see who was ringing the doorbell but did not answer the door.”
The New York Times reports that “a subsidiary of Life Corporation called Voice Broadcasting Corp., which identifies Mr. Monk as its founder on its website, has received numerous payments from the Republican Party’s state committee in Delaware, most recently in 2022, as well as payments from congressional candidates in both parties.”
A different company, also called Life Corporation, posted a message on its home page that said, “We are a medical device manufacturer located in Florida and are not affiliated with the Texas company named in current news stories.”
FCC warns carrier
The Federal Communications Commission said yesterday that it is taking action against Lingo Telecom. The FCC said it sent a letter demanding that Lingo “immediately stop supporting unlawful robocall traffic on its networks,” and a K4 Order that “strongly encourages other providers to refrain from carrying suspicious traffic from Lingo.”
“The FCC may proceed to require other network providers affiliated with Lingo to block its traffic should the company continue this behavior,” the agency said.
The FCC is separately planning a vote to declare that the use of AI-generated voices in robocalls is illegal under the Telephone Consumer Protection Act.
YouTube is still slowly dripping out stats about its subscriber base. After the announcement last week that YouTube Premium had hit 100 million subscribers, the company now says YouTube TV, its cable subscription plan, has 8 million subscribers.
Eight million subscribers might sound paltry compared to the 100 million people on Premium, but Premium is only $12. YouTube TV is one of the most expensive streaming subscriptions at $73 a month. The cable-like prices are because this is a cable-like service: a huge bundle of 100-plus channels featuring cable TV stalwarts like CNN, ESPN, and your local NBC, CBS, and ABC channels. $73 is also the base price. Like cable TV, there are additional add-on packages for premium movie channels like HBO and Showtime, 4K packages, and other sports and language add-ons. Let’s also not forget NFL Sunday Ticket, which this year became a YouTube TV exclusive, as a $350-a-year add-on to the $73-a-month service (there’s also a $ 450-a-year standalone package).
The subscriber numbers come from a “Letter from the YouTube CEO” blog post for 2024 from YouTube CEO Neal Mohan. With YouTube basically unable to get any bigger as the Internet’s defacto video host, Mohan says the “next frontier” for YouTube is “the living room and subscriptions.” Mohan wants users “watching YouTube the way we used to sit down together for traditional TV shows—on the biggest screen in the home with friends and family,” and says that “viewers globally now watch more than 1 billion hours on average of YouTube content on their TVs every day.”
YouTube TV’s 8 million subscribers make it one of the biggest cable TV providers. Leichtman Research Group‘s subscriber numbers for “Major Pay-TV Providers” (that means cable companies and their competitors) in Q3 2023 had No. 1 Comcast and No. 2 Charter both in the 14 million user range, with DirectTV in third with 11.9 million, and Dish in fourth at 6.7 million customers. Leichtman had YouTube TV in fifth, with 6.5 million users. With No. 4 Dish losing customers every quarter, YouTube TV is in fourth place now. It might be No. 3 soon. Leichtman’s numbers had YouTube TV as the fastest grower of the bunch, adding 600,000 customers in Q3, while DirecTV was the biggest loser, with half a million customers dumping their satellite dishes. Q3 marked the start of NFL Sunday Ticket moving from DirecTV to YouTube TV.
Naturally, these are all US numbers, and being nationwide puts YouTube TV on the same playing field as satellite companies, a big advantage compared to regional cable TV providers. YouTube TV has bigger ambitions than just the US, though. During the January earnings call, Google said it was “looking closely at” expanding the service to more countries. YouTube TV would need to clear an expansion with every single channel partner on the service, though, so it has a lot of negotiations to work through.
Enlarge/ A microSD card of “unknown origin” is soldered onto a USB interface board to serve as makeshift NAND storage.
CBL Data recovery
When a German data recovery firm recently made a study of the failed flash storage drives it had been sent, it noticed some interesting, and bad, trends.
Most of them were cheap sticks, the kind given away by companies as promotional gifts, but not all of them. What surprised CBL Data Recovery was the number of NAND chips from reputable firms, such as Samsung, Sandisk, or Hynix, found inside cheaper devices. The chips, which showed obvious reduced capacity and reliability on testing, had their manufacturers’ logo either removed by abrasion or sometimes just written over with random text.
Sometimes there wasn’t a NAND chip at all, but a microSD card—possibly also binned during quality control—scrubbed of identifiers and fused onto a USB interface board. On “no-name” products, there is “less and less reliability,” CBL wrote (in German, roughly web-translated). CBL did find branded products with similar rubbed-off chips and soldered cards but did not name any specific brands in its report.
While most chips had their manufacturer’s name scratched off their seals, one cheap USB stick simply stamped enough capital-letter text over the name to make it unintelligible.
Detail on a NAND chip that has its make and original name removed by abrasion (look for the circular pattern in a pre-defined area on the chip cover).
Beyond obvious physical corner-cutting, a general trend in NAND storage cells has contributed to a lower overall reliability, according to CBL. SLC, or single-level cell storage, has one bit per cell, 1 or 0, which are two different voltage levels. A QLC (quadruple-level) chip uses four bits per cell, which means 16 voltage levels that must be correct. QLC allows for denser storage, but, as we noted previously: “As the data density of NAND cells goes up, their speed and write endurance decreases—it takes more time and effort to read or write one of eight discrete voltage levels to a cell than it does to get or set a simple, unambiguous on/off value.”
With high-quality chips, there’s a lot of work put in to correct errors and control temperatures. With chips that are not actually chips or were grabbed from the quality-control discard bin and scrubbed of their logo, “data loss is not surprising,” CBL writes.
All told, CBL’s report makes the case for never putting anything you really need to keep stored long-term on a USB stick. This might not be a revelation for those who have read up on proper storage practices, but CBL has further recommendations for those keeping anything at all on USB sticks:
Keep them stored somewhere cool
Don’t use promotional sticks for anything of any importance
Write and read to a USB stick once or twice a year, to engage error correction (at least in higher-quality sticks)
Don’t stuff the disk full, if you can avoid it, to give data maintenance and error correction a fighting chance.
The market for affordable, pocket-sized storage has proven itself to be a messy one over the last few years. High-capacity storage is, in fact, getting cheaper, but not in every corner—at least, not when you look closely. In mid-2022, a “30TB” external SSD was listed on Walmart and AliExpress for just over $30. Inside were two microSD cards, hot-glued to a USB 2.0 board and loaded with firmware that both misrepresents itself to Windows and simply rewrites its limited space over and over as you copy to it.
Similarly, a “16TB” SSD, listed for a relatively reasonable $70 and sporting dozens of five-star reviews, seemed to be actually 64GB worth of microSD cards, as Review Geek discovered. We noted a plethora of similar cons when we wrote about it, along with the problem of Amazon sellers’ ability to disappear as soon as the jig is up, only to reappear soon after with a new batch of microSD cards upsold with exponentially more faux-capacity.
Enlarge/ Intel’s Core Ultra chips are some of the first x86 PC processors to include built-in NPUs. Software support will slowly follow.
Intel
When it announced the new Copilot key for PC keyboards last month, Microsoft declared 2024 “the year of the AI PC.” On one level, this is just an aspirational PR-friendly proclamation, meant to show investors that Microsoft intends to keep pushing the AI hype cycle that has put it in competition with Apple for the title of most valuable publicly traded company.
But on a technical level, it is true that PCs made and sold in 2024 and beyond will generally include AI and machine-learning processing capabilities that older PCs don’t. The main thing is the neural processing unit (NPU), a specialized block on recent high-end Intel and AMD CPUs that can accelerate some kinds of generative AI and machine-learning workloads more quickly (or while using less power) than the CPU or GPU could.
Qualcomm’s Windows PCs were some of the first to include an NPU, since the Arm processors used in most smartphones have included some kind of machine-learning acceleration for a few years now (Apple’s M-series chips for Macs all have them, too, going all the way back to 2020’s M1). But the Arm version of Windows is a insignificantly tiny sliver of the entire PC market; x86 PCs with Intel’s Core Ultra chips, AMD’s Ryzen 7040/8040-series laptop CPUs, or the Ryzen 8000G desktop CPUs will be many mainstream PC users’ first exposure to this kind of hardware.
Right now, even if your PC has an NPU in it, Windows can’t use it for much, aside from webcam background blurring and a handful of other video effects. But that’s slowly going to change, and part of that will be making it relatively easy for developers to create NPU-agnostic apps in the same way that PC game developers currently make GPU-agnostic games.
The gaming example is instructive, because that’s basically how Microsoft is approaching DirectML, its API for machine-learning operations. Though up until now it has mostly been used to run these AI workloads on GPUs, Microsoft announced last week that it was adding DirectML support for Intel’s Meteor Lake NPUs in a developer preview, starting in DirectML 1.13.1 and ONNX Runtime 1.17.
Though it will only run an unspecified “subset of machine learning models that have been targeted for support” and that some “may not run at all or may have high latency or low accuracy,” it opens the door to more third-party apps to start taking advantage of built-in NPUs. Intel says that Samsung is using Intel’s NPU and DirectML for facial recognition features in its photo gallery app, something that Apple also uses its Neural Engine for in macOS and iOS.
The benefits can be substantial, compared to running those workloads on a GPU or CPU.
“The NPU, at least in Intel land, will largely be used for power efficiency reasons,” Intel Senior Director of Technical Marketing Robert Hallock told Ars in an interview about Meteor Lake’s capabilities. “Camera segmentation, this whole background blurring thing… moving that to the NPU saves about 30 to 50 percent power versus running it elsewhere.”
Intel and Microsoft are both working toward a model where NPUs are treated pretty much like GPUs are today: developers generally target DirectX rather than a specific graphics card manufacturer or GPU architecture, and new features, one-off bug fixes, and performance improvements can all be addressed via GPU driver updates. Some GPUs run specific games better than others, and developers can choose to spend more time optimizing for Nvidia cards or AMD cards, but generally the model is hardware agnostic.
Similarly, Intel is already offering GPU-style driver updates for its NPUs. And Hallock says that Windows already essentially recognizes the NPU as “a graphics card with no rendering capability.”
Cable and satellite TV companies are defending their early termination fees (ETFs) in hopes of avoiding a ban proposed by the Federal Communications Commission.
The FCC voted to propose the ban in December, kicking off a public comment period that has drawn responses from those for and against the rules. The FCC plan would prohibit early termination fees charged by cable and satellite TV providers and require the TV companies to give prorated credits or rebates to customers who cancel before a billing period ends.
NCTA-The Internet & Television Association, the main lobby group representing cable companies like Comcast and Charter, opposed the rules in a filing submitted Monday and posted on the FCC website yesterday. DirecTV and Dish opposed the proposal, too.
The NCTA claimed that banning early termination fees would hurt consumers. “Discounted plans with ETFs are an advantageous choice for some consumers,” the lobby group said. The NCTA said the video industry is “hyper-competitive,” and that it is easy for customers to switch providers.
“In response to these marketplace realities, some cable operators offer discounts for consumers who choose to agree to remain customers for a longer term,” the NCTA said. “Longer subscriber commitments decrease a cable operator’s subscriber acquisition costs and provide a more predictable revenue stream, which in turn enables a cable operator to offer discounted monthly rates.”
Cable companies also recently urged the US to scrap a “click-to-cancel” regulation that aims to make it easier for consumers to cancel services.
NCTA opposes partial-month credits, too
TV providers will be less likely to offer discounts to long-term customers if they are unable to impose early termination fees on those who want to cancel before a contract expires, the NCTA said. Customers who don’t want the possibility of an ETF can just choose a month-to-month plan, the NCTA argued.
The NCTA also defended whole-month billing in cases where customers cancel partway through a month. Whole-month billing “is the norm for many other common services, including gym memberships, gaming subscriptions, and online publications,” the NCTA said.
Taken together, “prohibiting ETFs and whole-month billing would increase prices and impair competition, to consumers’ detriment,” the NCTA claimed. The NCTA also claims the proposal amounts to rate regulation and is not allowed under the FCC’s legal authority to “establish standards by which cable operators may fulfill their customer service requirements.”
The proposed “ban on ETFs and a proration requirement are not ‘customer service requirements’ by any common understanding of the term,” the NCTA said.
The FCC proposal said that “customer service” isn’t defined in the 1984 Cable Act, but that the legislative history suggests the term includes rebates, credits, and other aspects of the relationship between providers and customers.
“Although section 632 specifies certain topics that must be addressed in the Commission’s cable customer service rules, such as ‘communications between the cable operator and the subscriber (including standards governing bills and refunds),’ the list is not exhaustive,” the FCC said. “Because section 632(b) states that the standards must address these topics ‘at a minimum,’ the Commission has broad authority to adopt customer service requirements beyond those enumerated in the statute.”
Linux developers are in the process of patching a high-severity vulnerability that, in certain cases, allows the installation of malware that runs at the firmware level, giving infections access to the deepest parts of a device where they’re hard to detect or remove.
The vulnerability resides in shim, which in the context of Linux is a small component that runs in the firmware early in the boot process before the operating system has started. More specifically, the shim accompanying virtually all Linux distributions plays a crucial role in secure boot, a protection built into most modern computing devices to ensure every link in the boot process comes from a verified, trusted supplier. Successful exploitation of the vulnerability allows attackers to neutralize this mechanism by executing malicious firmware at the earliest stages of the boot process before the Unified Extensible Firmware Interface firmware has loaded and handed off control to the operating system.
The vulnerability, tracked as CVE-2023-40547, is what’s known as a buffer overflow, a coding bug that allows attackers to execute code of their choice. It resides in a part of the shim that processes booting up from a central server on a network using the same HTTP that the Internet is based on. Attackers can exploit the code-execution vulnerability in various scenarios, virtually all following some form of successful compromise of either the targeted device or the server or network the device boots from.
“An attacker would need to be able to coerce a system into booting from HTTP if it’s not already doing so, and either be in a position to run the HTTP server in question or MITM traffic to it,” Matthew Garrett, a security developer and one of the original shim authors, wrote in an online interview. “An attacker (physically present or who has already compromised root on the system) could use this to subvert secure boot (add a new boot entry to a server they control, compromise shim, execute arbitrary code).”
Stated differently, these scenarios include:
Acquiring the ability to compromise a server or perform an adversary-in-the-middle impersonation of it to target a device that’s already configured to boot using HTTP
Already having physical access to a device or gaining administrative control by exploiting a separate vulnerability.
While these hurdles are steep, they’re by no means impossible, particularly the ability to compromise or impersonate a server that communicates with devices over HTTP, which is unencrypted and requires no authentication. These particular scenarios could prove useful if an attacker has already gained some level of access inside a network and is looking to take control of connected end-user devices. These scenarios, however, are largely remedied if servers use HTTPS, the variant of HTTP that requires a server to authenticate itself. In that case, the attacker would first have to forge the digital certificate the server uses to prove it’s authorized to provide boot firmware to devices.
The ability to gain physical access to a device is also difficult and is widely regarded as grounds for considering it to be already compromised. And, of course, already obtaining administrative control through exploiting a separate vulnerability in the operating system is hard and allows attackers to achieve all kinds of malicious objectives.
Enlarge/ Mifepristone (Mifeprex) and misoprostol, the two drugs used in a medication abortion, are seen at the Women’s Reproductive Clinic, which provides legal medication abortion services, in Santa Teresa, New Mexico, on June 17, 2022.
Scientific journal publisher Sage has retracted key abortion studies cited by anti-abortion groups in a legal case aiming to revoke regulatory approval of the abortion and miscarriage medication, mifepristone—a case that has reached the US Supreme Court, with a hearing scheduled for March 26.
On Monday, Sage announced the retraction of three studies, all published in the journal Health Services Research and Managerial Epidemiology. All three were led by James Studnicki, who works for The Charlotte Lozier Institute, a research arm of Susan B. Anthony Pro-Life America. The publisher said the retractions were based on various problems related to the studies’ methods, analyses, and presentation, as well as undisclosed conflicts of interest.
Two of the studies were cited by anti-abortion groups in their lawsuit against the Food and Drug Administration (Alliance for Hippocratic Medicine v. FDA), which claimed the regulator’s approval and regulation of mifepristone was unlawful. The two studies were also cited by District Judge Matthew Kacsmaryk in Texas, who issued a preliminary injunction last April to revoke the FDA’s 2000 approval of mifepristone. A conservative panel of judges for the 5th Circuit Court of Appeals in New Orleans partially reversed that ruling months later, but the Supreme Court froze the lower court’s order until the appeals process had concluded.
Mifepristone, considered safe and effective by the FDA and medical experts, is used in over half of abortions in the US.
Criticism
Amid the legal dispute, the now-retracted studies drew immediate criticism from experts, who pointed out flaws. Of the three, the most influential and heavily criticized is the 2021 study titled “A Longitudinal Cohort Study of Emergency Room Utilization Following Mifepristone Chemical and Surgical Abortions, 1999–2015” (PDF). The study suggested that up to 35 percent of women on Medicaid who had a medication abortion between 2001 and 2015 visited an emergency department within 30 days afterward. Its main claim was that medication abortions led to a higher rate of emergency department visits than surgical abortions.
Critics noted a number of problems: The study looked at all emergency department visits, not only visits related to abortion. This could capture medical care beyond abortion-related conditions, because people on Medicaid often lack primary care and resort to going to emergency departments for routine care. When the researchers tried to narrow down the visits to just those related to abortion, they included medical codes that were not related to abortion, such as codes for ectopic pregnancy, and they didn’t capture the seriousness of the condition that prompted the visit. Medication abortions can cause bleeding, and women can go to the emergency department if they don’t know what amount of bleeding is normal. The study also counted multiple visits from the same individual patient as multiple visits, likely inflating the numbers. Last, the study did not put the data in context of emergency department use by Medicaid beneficiaries in general over the time period.
In contrast to Studnicki’s study, the American College of Obstetricians and Gynecologists notes that studies looking at tens of thousands of medication abortions have concluded that “Serious side effects occur in less than 1 percent of patients, and major adverse events—significant infection, blood loss, or hospitalization—occur in less than 0.3 percent of patients. The risk of death is almost non-existent.”
Enlarge/ Rows 25 and 26 in the Boeing plane that lost a door plug during flight.
NTSB
Four important bolts were missing from a Boeing 737 Max 9 that lost a passenger door plug during flight, the National Transportation Safety Board concluded in its investigation.
The NTSB’s preliminary report issued today is consistent with earlier news reports stating that investigators believed the bolts were missing when the plane left Boeing’s factory. The plane used by Alaska Airlines was forced to make an emergency landing on January 5 when the door plug—which is used instead of an emergency exit door—blew off the aircraft in mid-flight.
An absence of markings around the holes where bolts should have been installed was a key piece of evidence cited in the NTSB report:
Overall, the observed damage patterns and absence of contact damage or deformation around holes associated with the vertical movement arrestor bolts and upper guide track bolts in the upper guide fittings, hinge fittings, and recovered aft lower hinge guide fitting indicate that the four bolts that prevent upward movement of the MED [mid exit door] plug were missing before the MED plug moved upward off the stop pads.
The NTSB explained that a door plug is supposed to be “secured from moving vertically by a total of four bolts.”
“Once these bolts are installed, they are secured using castle nuts and cotter pins. Outboard motion of the plug is prevented by 12 stop fittings (6 along each forward and aft edge) installed on the fuselage door frame structure,” the NTSB said.
Obviously, the bolts were never found. “The two vertical movement arrestor bolts, two upper guide track bolts, forward lower hinge guide fitting, and forward lift assist spring were missing and have not been recovered,” the report also said.
Door plug is supposed to be simpler
The door plug covers a hole where an emergency exit door would otherwise be. Benefits of door plugs include more space for passengers, reduced weight, and a full-sized passenger window, the NTSB report said. The door plug is also supposed to simplify the configuration because it “does not have the complexity of a door with its associated parts, operations, and maintenance concerns.”
A “door plug is only intended to be opened for maintenance and inspection, which requires removing the vertical movement arrestor bolts and upper guide track bolts,” the NTSB said today. A recent Wall Street Journal report said that “Boeing and other industry officials increasingly believe the plane maker’s employees failed to put back the bolts when they reinstalled a 737 Max 9 plug door after opening or removing it during production.”
The preliminary report described the precarious moments after the door plug blew off. The captain reported hearing “a loud bang” when the plane reached an altitude of about 16,000 feet.
“The flight crew said their ears popped, and the captain said his head was pushed into the heads-up display (HUD) and his headset was pushed up, nearly falling off his head,” the NTSB report said. “The FO [first officer] said her headset was completely removed due to the rapid outflow of air from the flight deck.”
Flight crew reported “that the flight deck door was blown open and that it was very noisy and difficult to communicate.” They “immediately contacted air traffic control (ATC), declared an emergency, and requested a lower altitude.”
The plane returned to Portland International Airport in Oregon and landed on a runway “without further incident and taxied to the gate.” While everyone was safe, seven passengers and one flight attendant suffered minor injuries.
Enlarge/ Grasshoppers, beware! Robopteryx is here to flush you from your hiding place.
Jinseok Park, Piotr Jablonski et al., 2024
Scientists in South Korea built a robotic dinosaur and used it to startle grasshoppers to learn more about why dinosaurs evolved feathers, according to a recent paper published in the journal Scientific Reports. The results suggest that certain dinosaurs may have employed a hunting strategy in which they flapped their proto-wings to flush out prey, and this behavior may have led to the evolution of larger and stiffer feathers.
As reported previously, feathers are the defining feature of birds, but that wasn’t always the case. For millions of years, various species of dinosaurs sported feathers, some of which have left behind fossilized impressions. For the most part, the feathers we’ve found have been attached to smaller dinosaurs, many of them along the lineage that gave rise to birds—although in 2012, scientists discovered three nearly complete skeletons of a “gigantic” feathered dinosaur species, Yutyrannus huali, related to the ancestors of Tyrannosaurus Rex.
Various types of dino-feathers have been found in the fossil record over the last 30 years, such as so-called pennaceous feathers (present in most modern birds). These were found on distal forelimbs of certain species like Caudipteryx, serving as proto-wings that were too small to use for flight, as well as around the tip of the tail as plumage. Paleontologists remain unsure of the function of pennaceous feathers—what use could there be for half a wing? A broad range of hypotheses have been proposed: foraging or hunting, pouncing or immobilizing prey, brooding, gliding, or wing-assisted incline running, among others.
Enlarge/ Mounted Caudipteryx zoui skeleton at the Löwentor Museum in Stuttgart, Germany.
Co-author Jinseok Park of Seoul National University in South Korea and colleagues thought the pennaceous feathers might have been used to flush out potential prey from hiding places so they could be more easily caught. It’s a strategy employed by certain modern bird species, like roadrunners, and typically involves a visual display of the plumage on wings and tails.
There is evidence that this flush-pursuit hunting strategy evolved multiple times. According to Park et al., it’s based on the “rare enemy effect,” i.e., certain prey (like insects) wouldn’t be capable of responding to different predators in different ways and would not respond effectively to an unusual flush-pursuit strategy. Rather than escaping a predator, the insects fly toward their own demise. “The use of plumage to flush prey could have increased the frequency of chase after escaping prey, thus amplifying the importance of plumage in drag-based or lift-based maneuvering for a successful pursuit,” the authors wrote. “This, in turn, could have led to the larger and stiffer feathers for faster movements and more visual flush displays.”
To test their hypothesis, Park et al. constructed a robot dinosaur they dubbed “Robopteryx,” using Caudipteryx as a model. They built the robot’s body out of aluminum, with the proto-wings and tail plumage made from black paper and plastic ribbing. The head was made of black polystyrene, the wing folds were made of black elastic stocking, and the whole contraption was covered in felt. They scanned the scientific literature on Caudipteryx to determine resting posture angles and motion ranges. The motion of the forelimbs and tail was controlled by a mechanism controlled by custom software running on a mobile phone.
Enlarge/ Robopteryx faces off against a grasshopper and prepares to flap its wings.
Jinseok Park, Piotr Jablonski et al., 2024
Park et al. then conducted experiments with the robot performing motions consistent with a flush display using the band-winged grasshopper (a likely prey), which has relatively simple neural circuits. They placed a wooden stick with scale marks next to the grasshopper and photographed it to record its body orientation relative to the robot, and then made the robot’s forelimbs and tail flap to mimic a flush display. If the grasshopper escaped, they ended the individual test; if the grasshopper didn’t respond, they slowly moved the robot closer and closer using a long beam. The team also attached electrodes to grasshoppers in the lab to measure neural spikes as the insects were shown projected Cauderyx animations of a flush display on a flat-screen monitor.
The results: around half the grasshoppers fled in response to Robopteryx without feathers, compared to over 90 percent when feathered wings flapped. They also measured stronger neural signals when feathers were present. For Park et al., this is solid evidence in support of their hypothesis that a flush-pursuit hunting strategy may have been a factor in the evolution of pennaceous feathers. “Our results emphasize the significance of considering sensory aspects of predator-prey interactions in the studies of major evolutionary innovations among predatory species,” the authors wrote.
Not everyone is convinced by these results. “It seems to me to be very unlikely that a structure as complex as a pennaceous feather would evolve for such a specific behavioral role,” Steven Salisbury of the University of Queensland in Australia, who was not involved with the research, told New Scientist. “I am sure there are lots of ways to scare grasshoppers other than to flap some feathers at it. You can have feathers to scare grasshoppers and you can have them to insulate and incubate eggs. They’re good for display, the stabilization of body position when running, and, of course, for gliding and powered flight. Feathers help for all sorts of things.”
