77 Why is Maxwell's Theory so hard to understand? [pdf] (damtp.cam.ac.uk) 21
9 HPE sets end date for hobbyist licenses for OpenVMS (legacyos.org) 0
547 We’re working on 1M Covid-19 testing capacity per day (billiontoone.com) 174
62 Mosh Shell (jefftk.com) 33
1018 Apple Faceshield (support.apple.com) 547
133 Unverified.email (kerestey.net) 40
109 Office noise generator (imisstheoffice.eu) 65
189 Amazon to suspend delivery service that competes with UPS, FedEx (wsj.com) 115
180 Show HN: Wikipedia over DNS (wpodns.adtac.in) 37
297 A humble guide to database schema design (mikealche.com) 159
373 Data Science: Reality Doesn't Meet Expectations (dfrieds.com) 125
27 Programming Servo: Workers at your Service (medium.com) 0
122 Userdir URLs like https://example.org/~username/ are dangerous (blog.hboeck.de) 99
29 Story of the Roku Player (2013) (fastcompany.com) 10
5 The art of the hermit (spectator.co.uk) 3
9 Corona App – 10 requirements for the evaluation of “Contact Tracing” apps (ccc.de) 4
52 Show HN: Rust Implementation of Conway's Game of Life (github.com) 18
8 Hearts and Stomachs: Upton Sinclair’s “The Jungle” (wilsonquarterly.com) 1
54 The private and public lives of Albert Einstein (the-tls.co.uk) 17
132 Using SIMD to aggregate billions of values per second (questdb.io) 58
136 Interactive guide to Buffer Overflow exploitation (nagarrosecurity.com) 27
29 The silence of the owls: How owls fly without making a sound (knowablemagazine.org) 18
422 This Video Has X Views (youtube.com) 143
75 Show HN: Get a Hand LA (getahandla.com) 29
18 ‘Amazing’ Math Bridge Extended Beyond Fermat’s Last Theorem (quantamagazine.org) 1
41 Welcome to DiscDAG (solipsys.co.uk) 11
355 We abused Slack's TURN servers to gain access to internal services (rtcsec.com) 73
75 The Man Who Got No Whammies (2015) (priceonomics.com) 41
471 Running your own secure communication service with Matrix and Jitsi (matrix.org) 116
109 A Little Clojure (blog.cleancoder.com) 70
767 Multi-Body Muscle Simulation in Real Time (youtube.com) 22
973 New Jersey Needs COBOL Programmers, Says Governor Murphy (nymag.com) 338
93 A humble guide to database schema design (mikealche.com) 16
298 How we abused Slack's TURN servers to gain access to internal services (rtcsec.com) 5
643 QuestDB: Using SIMD to aggregate billions of values per second (questdb.io) 80
343 Migrating Duolingo’s Android app to 100% Kotlin (blog.duolingo.com) 47
9 When programming became a chore (medium.com) 3
180 Docker: Announcing the Compose Specification (docker.com) 35
54 Covid-19 tracking app developed for the Icelandic Directorate of Health has been open sourced. (github.com) 0
88 The JavaScript Black Hole (obsessivefacts.com) 33
4 /dev/null as a service (devnull-as-a-service.com) 2
35 Neural Networks silent film enhancing. [4K, 60fps, 3D] 1897 Lumiere brothers snowball fight. (youtu.be) 7
4 AsyncAPI Free Online Conference -> 22.04 (asyncapiconf.com) 0
8 Coronavirus Covid 19 dashboard and stat viewer. Simple app built in React JS (coronavirus-covid19-dashboard.com) 6
3 The presentation that started the whole Intel CPU security fiasco. The Memory Sinkhole - Unleashing An X86 Design Flaw Allowing Universal Privilege Escalation by Christopher Domas (youtube.com) 1
37 Wizards and warriors (ericlippert.com) 8
3465 This Video Has 164,608 Views (Tom Scott on web APIs) (youtube.com) 317
65 Crystal 0.34.0 released! (crystal-lang.org) 26
0 Printing Triangle on the Screen [THE HARD WAY] (youtube.com) 0
1 Is scalability of your web application UIs important to you? (github.com) 0
0 150 blogposts later.. (medium.com) 1
1 Test Doubles (principal-it.eu) 0
264 A concurrency C library 10x faster than Golang. (github.com) 93
19 Six Months With Julia: Parse-time Transpilation in 80 Lines or Less (medium.com) 3
0 Apollo Client and Local State Management (blog.soshace.com) 0
US Children With COVID-19 Less Likely To Be Hospitalized Than Adults, CDC Study Finds (npr.org) 2

According to a study published Monday by the CDC, people in the United States under the age of 18 are far less likely to fall ill with COVID-19 or require intensive care, compared with older Americans. NPR reports: The study looked at about 149,000 infections for which age was known that were reported in the U.S. through April 2. Of those, 2,572 were among people under the age of 18. That's less than 2% of total cases, even though that age group makes up 22% of the U.S. population. The CDC cautions that most reports of coronavirus cases among children are incomplete, which adds uncertainty to the report's specific numbers.

Relatively few children with COVID-19 ended up in the hospital, and fewer still required intensive care. But hospitalization status was known in only 29% of cases involving children. Based on the partial data analyzed in this study, between 5.7% and 20% of sick children end up in the hospital, and 2% or fewer end up in intensive care, the paper says. For adults ages 18-64, the proportion hospitalized was between 10% and 33%, and 1.4% to 4.5% required intensive care. Hospital admission was most common with children under the age of 1 or young people with underlying health conditions, the CDC report says. The study observed three deaths among the population it covered.
The authors conclude: "Because persons with asymptomatic and mild disease, including children, are likely playing a role in transmission and spread of COVID-19 in the community, social distancing and everyday preventive behaviors are recommended for persons of all ages to slow the spread of the virus, protect the health care system from being overloaded, and protect older adults and persons of any age with serious underlying medical conditions."

NASA Astronaut's Estranged Wife Charged With Lying About Space Crime Allegation (usatoday.com) 32

Last August, Slashdot reader bobstreo tipped us off to an interesting story where an astronaut accessed the bank account of her estranged spouse from the International Space Station, in what may have been the first allegation of a crime committed in space. We have now learned that the spouse has been indicted on charges of lying to federal authorities. USA Today reports: Summer Worden, 44, made false statements to NASA's Office of the Inspector General and the Federal Trade Commission, according a statement from U.S. Attorney Ryan Patrick. A federal jury in Houston returned the two-count indictment in late February, but it was unsealed Monday. Worden married Anne McClain, a decorated astronaut who was once set to be part of NASA's first all-female spacewalk, in 2014 and filed for divorce in 2018. In 2019, Worden filed a complaint with the Federal Trade Commission claiming McClain had stolen her identity while on a six-month mission aboard the International Space Station, although she saw no signs anyone had moved or used funds in the account, The New York Times reported. Worden's parents brought a separate complaint to NASA's Office of the Inspector General that described a "highly calculated and manipulative campaign" designed to win custody of the couple's child.

Through her lawyer, Rusty Hardin, McClain told The Times she had accessed the account but said she did so to ensure that the family's finances were in order and that there was enough money in the account to care for their child, who was born a year before they met. She said she was never told to stop using the account and continued to use the same password she had throughout the relationship. The indictment says Worden maintained multiple accounts at USAA Federal Savings Bank and she shared access to those accounts "with a commissioned officer in the U.S. Army on detail to NASA's Johnson Space Center." She lied about when she opened the account that had allegedly been improperly accessed and when she reset her login credentials in a complaint filed with the FTC in March 19, 2019, according to the indictment. Worden also allegedly made another false statement in an interview with NASA's Office of the Inspector General in July.
If Worden is convicted, she could face up to five years in prison on each count and a maximum fine of $250,000. She is expected to make an initial court appearance April 13.

Easy-To-Pick 'Smart' Locks Gush Personal Data, FTC Finds (arstechnica.com) 38

An anonymous reader quotes a report from Ars Technica: A padlock -- whether it uses a combination, a key, or "smart" tech -- has exactly one job: to keep your stuff safe so other people can't get it. Tapplock, Inc., based in Canada, produces such a product. The company's locks unlock with a fingerprint or an app connected by Bluetooth to your phone. Unfortunately, the Federal Trade Commission said, the locks are full of both digital and physical vulnerabilities that leave users' stuff, and data, at risk. The FTC's complaint (PDF) against Tapplock, released Monday, basically alleges that the company misrepresented itself, because it marketed its products as secure and tested when they were neither. A product -- any product -- simply being kind of crappy doesn't necessarily fall under the FTC's purview. Saying untrue things about your product in your advertisement or privacy policy, however, will make the commission very unhappy with you indeed.

The lock may be built with "7mm reinforced stainless steel shackles, strengthened by double-layered lock design with anti-shim and anti-pry technologies," as Tapplock's website promises, but according to the FTC, perhaps it should have considered anti-screwdriver technologies. As it turns out, a researcher was able to unlock the lock "within a matter of seconds" by unscrewing the back panel. Oops. The complaint also pointed to several "reasonably foreseeable" software vulnerabilities that the FTC alleges Tapplock could have avoided if the company "had implemented simple, low-cost steps."

One vulnerability security researchers identified allowed a user to bypass the account authentication process entirely in order to gain full access to the account of literally any Tapplock user, including their personal information. And how could this happen? "A researcher who logged in with a valid user credential could then access another user's account without being re-directed back to the login page, thereby allowing the researcher to circumvent Respondent's authentication procedures altogether," the complaint explains. A second vulnerability allowed researchers the ability to access and unlock any lock they could get close enough to with a working Bluetooth connection. That's because Tapplock "failed to encrypt the Bluetooth communication between the lock and the app," leaving the data wide open for the researchers to discover and replicate. The third vulnerability outlined in the complaint also has to do with a failure to secure communication data. That app that allows "unlimited" connections? The primary owner can of course add and revoke authorized users from the lock. But someone whose access was revoked could still access the lock because the vulnerability allowed for sniffing out the relevant data packets.
As part of the settlement, the FTC is requiring Tapplock to create a security program for its products. "That program is required to include training for employees; timely disclosure of 'covered incidents,' including both loss of personal information and also unauthorized access to systems; actual penetration testing of the network; and several other elements, including annual review," reports Ars Technica.

Verizon Is Cancelling Home Internet Installations During the Pandemic (theverge.com) 20

According to The Verge, Verizon is canceling scheduled appointments for internet installation and repairs, "[leaving] Fios subscribers without wired internet at a time when they're likely relying on it for work and to see friends and family during the COVID-19 pandemic." From the report: "We are minimizing our in-home installation work to critical needs to keep our employees and customers safe and to reduce the spread of COVID-19," Verizon says in a support document. "To reduce the spread of COVID-19 and keep our employees and customers safe, we are making every attempt to perform work without going into homes or small businesses and are limiting in-home installs to medical emergencies and critical installations," Verizon tells The Verge in a statement. Self-install options are also available for "qualified service orders," the company added.

However, Verizon actually changed the language in the support document sometime on Tuesday morning, according to Business Insider. Previously, the site said that "our technicians will not be able to enter your home or business to install new services or to do repair work." Here is the previous language, from a version of the page archived on Monday: "As a result of COVID-19, we are taking precautions to keep our employees and customers safe. At this time, our technicians will not be able to enter your home or business to install new services or to do repair work. Qualified orders will be provided self-install options, or you may proceed with placing an order for a technician-required installation and it will be held for future appointment priority. You will receive notification to select an installation date when we resume operations."

Netflix Tightens Its Parental Controls for Cooped-Up Kids (bloomberg.com) 15

Netflix is strengthening parental controls, offering more tools to limit what kids can watch on the world's most popular paid streaming service. From a report: Parents can now filter out titles they deem inappropriate and protect individual profiles with a PIN so kids can't use them, the company said Tuesday. These changes take effect for customers in all 190 countries where the streaming service is available.

Taiwan Tells Agencies Not To Use Zoom On Security Grounds (reuters.com) 22

Taiwan's cabinet has told government agencies to stop using the Zoom conferencing app due to privacy and security woes. Reuters reports: Zoom's daily users ballooned to more than 200 million in March, as coronavirus-induced shutdowns forced employees to work from home and schools switched to the company's free app for conducting and coordinating online classes. However, the company is facing a backlash from users worried about the lack of end-to-end encryption of meeting sessions and "zoombombing," where uninvited guests crash into meetings. If government agencies must hold video conferencing, they "should not use products with security concerns, like Zoom," Taiwan's cabinet said in a statement on Tuesday. It did not elaborate on what the security concerns were. The island's education ministry later said it was banning the use of Zoom in schools.

Taiwan would be the first government formally advising against use of Zoom, although some U.S. schools districts are looking at putting limits on its use after an FBI warning last month. Taiwan's cabinet said domestically-made conferencing apps were preferred, but if needed products from Google and Microsoft could also be considered.

It's a 'Cold War Every Day' Inside Apple's IS&T Group (buzzfeednews.com) 30

An anonymous reader shares an excerpt from a report via BuzzFeed News: A group inside Apple called Information Systems & Technology, or IS&T, builds much of the company's internal technology tools -- from servers and data infrastructure to retail and corporate sales software -- and operates in a state of tumult. IS&T is made up largely of contractors hired by rival consulting companies, and its dysfunction has led to a rolling state of war. "It's a huge contractor org that handles a crazy amount of infrastructure for the company," one ex-employee who worked closely with IS&T told me. "That whole organization is a Game of Thrones nightmare." Interviews with multiple former IS&T employees and its internal clients paint a picture of a division in turmoil, where infighting regularly prevents the creation of useful software, and whose contract workers are treated as disposable parts.

"There's a Cold War going on every single day," Archana Sabapathy, a former IS&T contractor who did two stints in the division, told me. Sabapathy's first stint at IS&T lasted more than three years, the second only a day. Inside the division, she said, contracting companies such as Wipro, Infosys, and Accenture are constantly fighting to fill roles and win projects, which are handed out largely on the basis of how cheaply they can staff up to Apple's needs. "They're just fighting for the roles," Sabapathy told me. "That's all they care about, not the work, not the deliverables, the effort they put in, or even talent. They're not looking for any of those aspects." IS&T is thus filled with vendor tribalism, where loyalty to one's contracting company trumps all. "Making a friendship is -- like you wouldn't even think about that," Sabapathy told me, speaking of cross-vendor relationships. "It's not the traditional American way of working anymore. You build relationships when you come to work because you spend most of your time here -- that's not there."
"Sabapathy told [BuzzFeed's Alex Kantrowitz] Apple employees' expectations for their IS&T contractors were unrealistic given that they saw the sum total they were paying the consulting companies ($150 to $120 an hour, she said) but the contractors themselves were making much less ($40 to $55 an hour) after the companies took their cut," writes Kantrowitz. "The approach leaves Apple with lesser contractors but the same high demands, a recipe for disappointment."

In closing, Kantrowitz suggests if Apple wants to become inventive again, "it will need to give its employees more time to develop new ideas." He adds: "IS&T could therefore become a division of strength at Apple one day, building tools that minimize work that supports existing products while making room for those ideas. But until Apple gives the division a hard look, its employees will be stuck spending their time reworking broken internal software, and wishing they were inventing instead."

Trump Threatens To Withhold Funding For World Health Organization (nytimes.com) 417

What better way to celebrate World Health Day than by threatening to withhold funding for the World Health Organization. That's exactly what President Trump said he was considering today at Tuesday's coronavirus press briefing. The New York Times reports: "We're going to put a hold on money spent to the W.H.O.; we're going to put a very powerful hold on it and we're going to see," Mr. Trump said, accusing the organization of having not been aggressive enough in confronting the dangers from the virus. "They called it wrong. They call it wrong. They really they missed the call." Mr. Trump appeared to be particularly angry at the W.H.O. for issuing a statement saying it did not support his decision on Jan. 31 to restrict some travel from China because of the virus. At the time, the group issued a statement saying that "restricting the movement of people and goods during public health emergencies is ineffective in most situations and may divert resources from other interventions."

"Don't close your borders to China, don't do this," Mr. Trump said, paraphrasing the group and accusing the organization of "not seeing" the outbreak when it started in Wuhan, China. "They didn't see it, how do you not see it? They didn't see it. They didn't report it. If they did see it, they must have seen it, but they didn't report." In fact, the W.H.O. repeatedly issued statements about the emergence of the virus in China and its movement around the world.
The budget for the W.H.O. is about $5 billion and comes from member countries around the world. "In 2017, the last year for which figures were available, the United States was required to spend $111 million based on the organization's rules, but sent an additional $401 million in voluntary contributions," reports The New York Times.

Trump said his government will investigate the organization and that "we will look at ending funding." It's unclear if he's planning to eliminate all funding, or only some.

WeWork Sues SoftBank In Intensifying Crisis Over Canceled $3 Billion Tender Offer (techcrunch.com) 12

Just days after SoftBank announced that it would not consummate its $3 billion tender offer for WeWork shares that would have bought out some of the equity held by the company's co-founder Adam Neumann along with venture capital firms like Benchmark and many individual company employees, the company is now retaliating, suing SoftBank over alleged breach of contract and breach of fiduciary duty. TechCrunch reports: In a press statement this morning, the Special Committee of WeWork's board said that it "regrets the fact that SoftBank continues to put its own interests ahead of those of WeWork's minority stockholders." WeWork's Special Committee argues that SoftBank already received the benefits of the contract it signed last year, which included board control provisions. It's demanding that SoftBank either complete the transaction, or offer cash to cover damages related to its scuttling of the deal. Under the terms of the tender offer proposed in November last year, SoftBank would buy upwards of $3 billion in shares from existing shareholders with the transaction closing at the beginning of April. As part of the terms of that contract, the co-working company and SoftBank agreed to a set of performance milestones that WeWork agreed to meet in exchange for the secondary liquidity. Such terms are customary in most financial transactions.

SoftBank in its statement last week said that WeWork failed to meet a number of those performance requirements, and said that it was within its rights under the tender offer contract to walk away from the deal. WeWork's financials have been rocked by the global pandemic of novel coronavirus, which has seen the company's co-working facilities mostly closed worldwide as part of public health mandates for social distancing. Given the disagreement between the parties, a lawsuit was all but inevitable.

Twitter CEO Jack Dorsey Sets Aside $1 Billion In Square Equity For Coronavirus Relief (cnbc.com) 19

An anonymous reader quotes a report from CNBC: Square and Twitter CEO Jack Dorsey said Tuesday he will set aside $1 billion in his Square equity to support relief efforts for COVID-19 and other causes once the pandemic is over. In a series of tweets, Dorsey said that after the pandemic is over, he will dedicate the money to causes like universal basic income (UBI) and girls' health and education. He said he's pulling the shares from his stake in Square instead of Twitter because he own more stock in the Square. Dorsey said he'll cash in the shares over time.

"The impact this money will have should benefit both companies over the long-term because it's helping the people we want to serve," Dorsey said on Twitter. Dorsey said that he wants to see the impact of his donation during his lifetime, and that "the needs are increasingly urgent." He also said he hopes it will inspire others to "do something similar." Dorsey also tweeted a link to a public Google Doc where people can track which organizations the fund's money will go to.
Dorsey isn't the only technologist to support relief efforts for COVID-19. Yesterday, Microsoft co-founder Bill Gates said his foundation will spend billions of dollars on coronavirus vaccine development.

Amazon's Jeff Bezos said he's donating $100 million to U.S. food banks. And Facebook CEO Mark Zuckerberg and his wife Priscilla Chan donated $25 million toward creating treatments for coronavirus through their philanthropic organization.

PS5's Controller, the DualSense, Revealed (ign.com) 40

Sony has revealed the DualSense, PlayStation 5's new controller that will "bring a sense of touch to PS5 gameplay." IGN reports: Announced on PlayStation.Blog, the DualSense will keep "much of what gamers love about DualShock 4 intact, while also adding new functionality and refining the design." Touch was a big inspiration when designing the DualSense, and haptic feedback is one of the ways this new controller will help bring PS5 games to life. Sony mentions that this feedback will add " a variety of powerful sensations you'll feel when you play, such as the slow grittiness of driving a car through mud." Adaptive triggers have also been incorporated to the L2 and R2 buttons, which will help players "feel the tension of your actions, like when drawing a bow to shoot an arrow."

The angle of the hand triggers were changed and some subtle updates were made to the grip. One thing that will be missing from the DualSense is the "Share" button that was featured on the DualShock 4. Sharing from the controller is not gone, but that previous button was replaced by the new "Create" button. Sony promises more details will be revealed on this change as we get closer to PlayStation 5's launch. DualSense will also have a built-in microphone array that will allow players to easily chat with friends, even for those who don't own a headset.

As for the controller's color, it is a bit of a non-traditional design as far as PlayStation is concerned. Usually, PlayStation controllers have a single color, but the DualSense has a two-toned design to make it stand apart. Additionally, the position of the light bar, which will be returning, was moved to "give it an extra pop." Now, the light bar sits on either side of the touch pad, as opposed to the top of the controller.
Here's a picture of the front of the controller:

Google Backs Apple's SMS OTP Standard Proposal 36

Google is now backing a standard proposed by Apple engineers in January to create a default format for one-time passcodes (OTP) sent via SMS to users during the two-factor authentication (2FA) process. From a report: The standard, proposed by Apple engineers working on the Safari WebKit project, has now reached the status of official Web Platform Incubator Community Group (WICG) specification draft. "We've moved 'Origin-bound one-time codes delivered via SMS' to @wicg_, where we're working on a shared spec with our collaborators at Google. Please take a look! Updated explainer, and specification," wrote Apple's Ricky Mondello. The proposal aims to fix some issues with the current state of SMS 2FA/OTP codes, all of which have different formats, unique per the websites sending the codes.

Samsung's Older Smart TVs Are Losing Remote Control App Support (engadget.com) 55

Samsung is killing its Smart View app for Android and iOS, which serves as a remote control for its older smart TVs. From a report: The company has updated the application's descriptions to announce that it will no longer be supported starting on October 5th. Android Police first spotted the changes and noted that, in addition to its capability as a remote control, Smart View can also beam music and media to the company's TVs. It's unclear how Samsung defines "older" -- hence which all models will be impacted.

Oil Companies Are Collapsing, but Wind and Solar Energy Keep Growing (nytimes.com) 177

A few years ago, the kind of double-digit drop in oil and gas prices the world is experiencing now because of the coronavirus pandemic might have increased the use of fossil fuels and hurt renewable energy sources like wind and solar farms. That is not happening. From a report: In fact, renewable energy sources are set to account for nearly 21 percent of the electricity the United States uses for the first time this year, up from about 18 percent last year and 10 percent in 2010, according to one forecast published last week. And while work on some solar and wind projects has been delayed by the outbreak, industry executives and analysts expect the renewable business to continue growing in 2020 and next year even as oil, gas and coal companies struggle financially or seek bankruptcy protection.

In many parts of the world, including California and Texas, wind turbines and solar panels now produce electricity more cheaply than natural gas and coal. That has made them attractive to electric utilities and investors alike. It also helps that while oil prices have been more than halved since the pandemic forced most state governments to order people to stay home, natural gas and coal prices have not dropped nearly as much. Even the decline in electricity use in recent weeks as businesses halted operations could help renewables, according to analysts at Raymond James & Associates. That's because utilities, as revenue suffers, will try to get more electricity from wind and solar farms, which cost little to operate, and less from power plants fueled by fossil fuels.

Xbox Co-creator Rob Wyatt Sues Atari For Failing To Pay Him for Design of VCS Console (venturebeat.com) 9

Xbox co-creator Rob Wyatt has filed a lawsuit against Atari for failing to pay him for the design work he did in creating the Atari VCS console. From a report: Tin Giant, Wyatt's company, filed the lawsuit in federal court in Colorado, alleging breach of contract and defamation. Tin Giant said that Atari owes it in excess of $261,720. Wyatt, a co-creator of the Xbox and cofounder of The Last Gameboard, said in an interview last year that he quit as lead architect for Atari. He alleged that Atari did not pay his company, Tin Giant, for six months of work. Atari CEO Fred Chesnais declined to comment in a statement, saying that he had not received a copy of the lawsuit yet. Atari has not developed a game console for more than 20 years.