Star Citizen Alpha 3.13: Underground Infamy - Official Update Trailer

Solar Flare/CME at Earth, Gulf Stream Change, Titanium Nova | SUSPICIOUS OBSERVERS Earth News

The Sun Triggered Another Megaquake | Data Confirmation

I'm Optimistic on Recovery, But Won't Be Smooth Sailing: Paul Krugman

Hey Kids! May The Force Be With You! New Lego $199.99 R2D2 Set To Go On Sale May 4th

A plug for source The Verge >

it’s so exciting to see Lego isn’t just bringing the set back, but it’s vastly improved it in the process.

The new and improved R2-D2 model is set to go on sale through Lego’s website on May 4th (of course) for $199.99.

Lego’s new $200 R2-D2 set is the droid you’re looking for

Bigger, more detailed, and less chunky then before

By Chaim Gartenberg@cgartenberg Apr 22, 2021, 9:54am EDT

(If you buy something from a Verge link, Vox Media may earn a commission. See our ethics statement.)

More

R2-D2 — everyone’s favorite droid from the Star Wars movies, unless you’re Anthony Daniels — is getting an updated $200 Lego collector’s set, and it’s the biggest and most accurate Lego model of the astromech droid yet.

The 2021 R2-D2 set is roughly the same in terms of physical size (about a foot tall) and piece count (2,314 pieces on the new model, versus 2,127) as the 2013 model. But Lego has taken the intervening years to polish its craft considerably. The new R2-D2 does away with the exposed studs on the blocky head of the original for a smoother look. Lego also rounded the body of the droid to make the whole thing more cylindrical and improved the detail on R2’s “face” for a more screen-accurate (and friendly) look.

The 2021 (left) and 2013 (right) Lego R2-D2 models / Images: Lego

The updated R2-D2 also has more hidden features. While the original model only offers a pop-up scomp link and buzz saw, the 2021 iteration swaps out the saw for a manipulator arm; adds the retractable periscope from Return of the Jedi; and, in what might be my favorite new addition, features a hidden pop-out Lego version of Luke’s green lightsaber (perfect for rescuing your buddies from a giant space slug’s sand barge).

 

 

Ethical Hacking: All The Data You Can Extract....Let's Call This One An EPIC HACK

In way over-my-head, but here is a Bombshell from Ars Technical yesterday:

HACKING THE HACKERS —

"For years, Israeli digital forensics firm Cellebrite has helped governments and police around the world break into confiscated mobile phones, mostly by exploiting vulnerabilities that went overlooked by device manufacturers.

Now, Moxie Marlinspike—creator of the Signal messaging app—has turned the tables on Cellebrite.

In epic hack, Signal developer turns the tables on forensics firm Cellebrite

Widely used forensic software can be exploited to infect investigators' computers.

Dan Goodin - 4/21/2021, 12:30 PM

More

"Wednesday, Marlinspike published a post that reported vulnerabilities in Cellebrite software that allowed him to execute malicious code on the Windows computer used to analyze devices. The researcher and software engineer exploited the vulnerabilities by loading specially formatted files that can be embedded into any app installed on the device.

Virtually no limits

“There are virtually no limits on the code that can be executed,” Marlinspike wrote.

He continued:

For example, by including a specially formatted but otherwise innocuous file in an app on a device that is then scanned by Cellebrite, it’s possible to execute code that modifies not just the Cellebrite report being created in that scan, but also all previous and future generated Cellebrite reports from all previously scanned devices and all future scanned devices in any arbitrary way (inserting or removing text, email, photos, contacts, files, or any other data), with no detectable timestamp changes or checksum failures. This could even be done at random, and would seriously call the data integrity of Cellebrite’s reports into question.

. . . Marlinspike included a video that shows UFED as it parses a file he formatted to execute arbitrary code on the Windows device. The payload uses the MessageBox Windows API to display a benign message, but Marlinspike said that “it’s possible to execute any code, and a real exploit payload would likely seek to undetectably alter previous reports, compromise the integrity of future reports (perhaps at random!), or exfiltrate data from the Cellebrite machine.”

. . .Marlinspike said he obtained the Cellebrite gear in a “truly unbelievable coincidence” as he was walking and “saw a small package fall off a truck ahead of me.” The incident does seem truly unbelievable. Marlinspike declined to provide additional details about precisely how he came into possession of the Cellebrite tools. . .

The vulnerabilities could provide fodder for defense attorneys to challenge the integrity of forensic reports generated using the Cellebrite software. Cellebrite representatives didn’t respond to an email asking if they were aware of the vulnerabilities or had plans to fix them. . ."

 

Feature Post: Facts USA > Interactive Charts

Refreshing with no Bullwhip Smack-Down

The State of the Earth  Earth Day is April 22. USAFacts has the data to help Americans understand the nation's status on climate, emissions, and more in The State of the Earth in Numbers. Explore these interactive charts with data from government agencies responsible for land conservation and energy production to understand the status of US land, sea, and more.  The average amount of precipitation is growing in Northeast states and along the Mississippi River. California had the greatest average annual precipitation drop over the past century. See more, including how the pandemic affected air quality, where the US ranks worldwide for CO2 emissions, and how National Park visits changed over the past year with this data collection from 1895 to 2020.  Some jobs rebound from pandemic losses Employers added 916,000 jobs to payrolls in March, the most of any month since August 2020. What’s driving this job growth? The data reveals both seasonal and pandemic-related changes. There were 8.2 million Americans without high school degrees working in March, down 10% compared to February 2020. Meanwhile, 58.6 million Americans with a bachelor’s degree or higher worked that month, down 0.3%. The unemployment rate fell for many racial groups in March, but it rose from 5.1% to 6% for Asian Americans. Black Americans had the highest overall unemployment rate that month (9.6%), followed by Hispanic Americans (7%). The leisure and hospitality industry added 280,000 jobs as the weather grew warmer, more Americans got vaccinated, and states loosened virus restrictions. Almost two-thirds of these new positions were at bars and restaurants.   Public and private education added 190,000 jobs as schools resumed in-person learning. Construction added 110,000 jobs after facing February losses that were likely weather-related. Parse the jobs picture by even more demographic data here.     Afghanistan troop withdrawal President Joe Biden announced last week that the US will begin drawing down troops from Afghanistan on May 1, concluding September 11. How many troops will that be? According to federal data, it’s not entirely clear. There were 13,329 troops in Afghanistan in 2017, the same year that the Defense Department stopped providing military deployment figures for Afghanistan, Iraq, and Syria.   Learn more about troop deployments at USAFacts. Childcare and the pandemic  Working parents faced childcare challenges when the pandemic closed daycares and moved schooling online. Now, childcare is keeping some people, particularly women, from returning to work as businesses and schools reopen. According to a recent Household Pulse Survey, almost 15% of all women aged 25 to 44 with kids are currently not working because of childcare. That’s compared to just over 2% of young men living with kids.   Furloughs or job loss due to shutdowns and temporary layoffs were the primary reasons for keeping women with kids out of work last spring. Childcare, however, has been the primary reason since mid-June. How much do income and the cost of childcare impact women reentering the workforce? See the charts at USAFacts to find out.  And finally... House Speaker Nancy Pelosi has invited President Joe Biden to address Congress on April 28. A president’s first joint address isn’t officially considered a state of the union, but much of the function is the same. So, before the speech, see the State of the Union in Numbers for a data-driven look at how the nation is doing in 11 key areas. Want the inside scoop from the team behind the State of the Union in Numbers? USAFacts President Poppy MacDonald and USAFacts Research Manager Olivia Martin talk through its major takeaways in this video, including insight into why the unemployment rate isn’t as high as one might think given the pandemic. See the video for the reason why.