US prepares for bird flu pandemic with $176M Moderna vaccine deal

Phase 3 trial is expected to begin next year.

US prepares for bird flu pandemic with $176M Moderna vaccine deal

Enlarge (credit: Getty | Justin Sullivan)

The US government will pay Moderna $176 million to develop an mRNA vaccine against a pandemic influenza—an award given as the highly pathogenic bird flu virus H5N1 continues to spread widely among US dairy cattle.

The funding flows through BARDA, the Biomedical Advanced Research and Development Authority, as part of a new Rapid Response Partnership Vehicle (RRPV) Consortium. The program is intended to set up partnerships with industry to help the country better prepare for pandemic threats and develop medical countermeasures, the Department of Health and Human Services said in a press announcement Tuesday.

In an announcement of its own Tuesday, Moderna noted that it began a Phase 1/2 trial of a pandemic influenza virus vaccine last year, which included versions targeting H5 and H7 varieties of bird flu viruses. The company said it expects to release the results of that trial this year and that those results will direct the design of a Phase 3 trial, anticipated to begin in 2025.

Read 11 remaining paragraphs | Comments

“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux

Full system compromise possible by peppering servers with thousands of connection requests.

“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux

Enlarge

Researchers have warned of a critical vulnerability affecting the OpenSSH networking utility that can be exploited to give attackers complete control of Linux and Unix servers with no authentication required.

The vulnerability, tracked as CVE-2024-6387, allows unauthenticated remote code execution with root system rights on Linux systems that are based on glibc, an open source implementation of the C standard library. The vulnerability is the result of a code regression introduced in 2020 that reintroduced CVE-2006-5051, a vulnerability that was fixed in 2006. With thousands if not millions of vulnerable servers populating the Internet, this latest vulnerability could pose a significant risk.

Complete system takeover

“This vulnerability, if exploited, could lead to full system compromise where an attacker can execute arbitrary code with the highest privileges, resulting in a complete system takeover, installation of malware, data manipulation, and the creation of backdoors for persistent access,” wrote Bharat Jogi, the senior director of threat research at Qualys, the security firm that discovered it. “It could facilitate network propagation, allowing attackers to use a compromised system as a foothold to traverse and exploit other vulnerable systems within the organization.”

Read 7 remaining paragraphs | Comments

SCOTUS agrees to review Texas law that caused Pornhub to leave the state

Law that requires porn sites to verify user ages faces First Amendment challenge.

A Texas flag painted on very old boards and hanging on a barn.

Enlarge (credit: Getty Images | Kathryn8)

The US Supreme Court today agreed to hear a challenge to the Texas law that requires age verification on porn sites. A list of orders released this morning shows that the court granted a petition for certiorari filed by the Free Speech Coalition, an adult-industry lobby group.

In March, the US Court of Appeals for the 5th Circuit ruled that Texas could continue enforcing the law while litigation continues. In a 2-1 decision, 5th Circuit judges wrote that "the age-verification requirement is rationally related to the government's legitimate interest in preventing minors' access to pornography. Therefore, the age-verification requirement does not violate the First Amendment."

The dissenting judge faulted the 5th Circuit majority for reviewing the law under the "rational-basis" standard instead of the more stringent strict scrutiny. The Supreme Court "has unswervingly applied strict scrutiny to content-based regulations that limit adults' access to protected speech," Judge Patrick Higginbotham wrote at the time.

Read 15 remaining paragraphs | Comments

Google’s greenhouse gas emissions jump 48% in five years

Google’s 2030 “Net zero” target looks increasingly doubtful as AI use soars.

Cooling pipes at a Google data center in Douglas County, Georgia.

Cooling pipes at a Google data center in Douglas County, Georgia. (credit: Google)

Google’s greenhouse gas emissions have surged 48 percent in the past five years due to the expansion of its data centers that underpin artificial intelligence systems, leaving its commitment to get to “net zero” by 2030 in doubt.

The Silicon Valley company’s pollution amounted to 14.3 million tonnes of carbon equivalent in 2023, a 48 percent increase from its 2019 baseline and a 13 percent rise since last year, Google said in its annual environmental report on Tuesday.

Google said the jump highlighted “the challenge of reducing emissions” at the same time as it invests in the build-out of large language models and their associated applications and infrastructure, admitting that “the future environmental impact of AI” was “complex and difficult to predict.”

Read 13 remaining paragraphs | Comments

LaLiga Demands €450 After ISPs Log Subscribers’ Visits to Pirate Servers

This February, Spanish football league LaLiga obtained a court order that supposedly allowed it to pursue mere viewers of pirate IPTV. A local court soon clarified that viewers would not be targeted. However, letters from LaLiga’s lawyers, demanding 450 euros to prevent legal action, run counter to those assurances. That the letters appear to rely on evidence supplied by Spanish ISPs, indicating which of their customers accessed specific ‘pirate’ servers, is of even greater concern.

From: TF, for the latest news on copyright battles, piracy and more.

pirate-view-card-footballWhen news began to break in early March, indicating that Spain’s most powerful football league had been authorized by a local court to track down people who simply viewed pirate streams, the story made for puzzling reading.

Claims in the media, that this related to pirate IPTV subscribers, spread like wildfire. That benefited LaLiga’s deterrent messaging campaign but lacked any basis in truth. That prompted a corrective statement by the Superior Court of Justice of Catalonia.

Not only did the Court state that mere viewers would not be targeted when LaLiga obtained alleged pirates’ identities from local ISPs, its statement clarified that this wasn’t about IPTV at all; it concerned card-sharing, an entirely different type of piracy.

“[T]he basis for agreeing to the requested preliminary diligence, can only be carried out against the ‘cardsharers’ who re-spread the signal and profit from it, and not against mere end users,” the statement explained.

And that was that, at least until letters from LaLiga’s lawyers started being delivered to homes in Spain last month.

Old School “Pay Up Or Else” Approach

The existence of the letters was first reported by lawyer David Maeztu who posted a section of one on X together with some explanatory notes.

laliga-settlement demand

“A conciliation claim [offer to settle] is filed against a user, who has been identified by his IP [address] because ‘it has been possible to confirm that from his Internet account [.] connections have been made to the pirate platform [.] from which access was provided’,” Maeztu explains.

“That is to say, it is a mere user connecting to a service. So yes, they intend to go against end users at least in a prior conciliation claim, which is not the same as a claim as such.”

In the letter above, LaLiga’s lawyer alleges that “at least on Day 32 of LALIGA EA SPORTS and Day 36 of LALIGA HYPERMOTION that took place between the 19th and April 22, 2024,” through the letter recipient’s internet connection, “illicit access to the audiovisual contents of LaLiga was obtained, without the consent of my client.”

The letter continues by stating that if the alleged infringer “immediately ceases the indicated behavior and, in any case, undertakes to restrict access through its network to those IP addresses, domains and web pages that allow illegal access to the referred contents,” and also “agrees to pay LaLiga 450.16 euros as compensation for the damages caused by his conduct,” the matter can be resolved.

In some respects, this sounds not dissimilar to an old school pay-up-or-else scheme, but as we suspected when reporting on this back in March, this goes way beyond anything seen before in a piracy case.

Spanish ISPs Appear to Be The Vital Component

Copyright infringement claims refer to allegedly infringing acts that have already happened; as such, claims for damages or compensation for infringements that haven’t happened yet face obvious challenges. It’s possible, based on a pattern of historical behavior, to obtain an injunction to restrain future infringement, but that’s usually as far as the law goes in these types of cases.

Based on information available at the time, our theory was that LaLiga had zero information that would allow it to identify any of the supposed infringers at Telefónica, Vodafone, Orange, MásMóvil and Digi, the ISPs listed in the court order. Without an IP address, LaLiga wouldn’t be able to identify an alleged infringers’ ISP, let alone the actual infringer.

When rightsholders observe an infringement taking place online, they typically link it to an IP address. They then ask the relevant ISP to provide the identity of the subscriber who was using that IP address at the time of the observed infringement. In March, everything pointed to LaLiga having zero evidence against any users of the ISPs in question; we assumed that the ISPs would be asked to trawl their databases looking for evidence, which in itself would’ve been extraordinary.

However, if we take a look at the letter published by David Maeztu, we see that the act[s] for which LaLiga is demanding 450 euros, supposedly took place in April – two months after the court order was obtained. That not only adds credibility to the theory that LaLiga had no evidence of infringement when it obtained the court order, it also suggests that the alleged offenses referenced in the settlement letters hadn’t even happened yet.

“This makes no sense, and it would be good if the operators [ISPs] explained how this is possible,” Maeztu notes.

ISPs’ Loyalties Seem to Lie With LaLiga

As Maeztu points out, this situation makes absolutely no sense, but when the major ISPs in Spain profit from broadcasting football, it seems at least possible that extraordinary requests may be received more sympathetically.

Based on information currently available, it seems reasonable to assume that LaLiga has supplied the ISPs with card-sharing server IP addresses, plus additional information such as ports, and the ISPs are now logging (or retrieving from their logs) the IP addresses that access those servers.

After matching those IP addresses to subscriber accounts, the personal details of those subscribers are handed over to LaLiga by their ISPs, quite possibly becoming the only evidence supporting the claims in the cash settlement letters themselves.

LaLiga president Javier Tebas Medrano previously stated that IP addresses collected by LaLiga “that transmit illegal content” would be sent to Spanish ISPs. The court order states that the IP address assigned to the user when they accessed the server “that enabled the audiovisual content to be shared unlawfully” would be handed over to LaLiga.

That appears to underline the importance of the ISPs in this process, while also running counter to the assurances of the Superior Court of Justice of Catalonia that users would not be targeted.

Implications Beyond a Few Card-Sharers?

After appearing to cross the threshold of ISPs providing evidence of infringement from inside their own networks, could this have implications beyond identifying people who obtain football matches for free?

For example, would the prospect of identifying the anonymous operator of a whistleblowing website, accused of posting content that undermines an individual’s fundamental right to honor under Spanish law, find new opportunity beyond the compliance of the website’s host?

Of course, in this hypothetical scenario, the fundamental right to honor would have to battle against the right to freedom of expression. However, should the alleged victim have deep enough pockets, it might be of some comfort to know that proactive monitoring to obtain evidence, from inside an ISP’s network, might not be the unthinkable prospect it once was.

But as Maeztu notes, it would be good if the operators took the opportunity to explain how all of this works. It would be interesting to hear how this arrangement doesn’t leave all internet users in Spain worse off than before, and why it was worth it for the sake of a few 450 euro ‘fines’.

From: TF, for the latest news on copyright battles, piracy and more.

Here’s how Michelin plans to make its tires more renewable

The tire company wants a completely sustainable tire by 2050.

Single green tire in a stack of tires

Enlarge / Tires are a growing source of microplastic pollution. Michelin says it wants to change that. (credit: Getty Images)

Reduce, Reuse, Recycle—it's more than just a fun alliteration tagline. It's also a set of instructions for how to consume in a way that's less destructive to our environment. We reduce our consumption and reuse what we already have, then recycle it once it no longer has any use. Unfortunately, many are going straight to recycling and calling it a day.

At its sustainability summit in Northern California at the Sonoma Raceway, Michelin laid out a new roadmap for its plans to become a more sustainable company. Most importantly, the company shared what it's been doing for decades to reduce the harm done to the world by its tires.

The company reiterated its desire to have 100 percent renewable tires by 2050. Companies make a lot of pronouncements like this, and they only sometimes come to fruition. But looking at Michelin's present efforts and past record, the company has a decent chance of succeeding.

Read 11 remaining paragraphs | Comments