Author: Maya Posch

1890 Articles

The Dark Side Of Package Repositories: Ownership Drama And Malware

September 8, 2021 by 77 Comments

At their core, package repositories sound like a dream: with a simple command one gains access to countless pieces of software, libraries and more to make using an operating system or developing software a snap. Yet the rather obvious flip side to this is that someone has to maintain all of these packages, and those who make use of the repository have to put their faith in that whatever their package manager fetches from the repository is what they intended to obtain.

How ownership of a package in such a repository is managed depends on the specific software repository, with the especially well-known JavaScript repository NPM having suffered regular PR disasters on account of it playing things loose and fast with package ownership. Quite recently an auto-transfer of ownership feature of NPM was quietly taken out back and erased after Andrew Sampson had a run-in with it painfully backfiring.

In short, who can tell when a package is truly ‘abandoned’, guarantee that a package is free from malware, and how does one begin to provide insurance against a package being pulled and half the internet collapsing along with it?

Continue reading “The Dark Side Of Package Repositories: Ownership Drama And Malware”

Screenshot of MacOS Lunar app

Controlling External Monitors On M1 Macs With Undocumented APIs

September 8, 2021 by 8 Comments

Display Data Channel (DDC) is a very useful feature of modern digital displays, as it allows the graphics card (and thus the OS) to communicate with a display and control features such as brightness and contrast. The biggest negative aspect here is the relatively poor access to this feature within an operating system like MacOS, which can change on a whim, as [Alin Panaitiu] found out recently.

Current displays implement DDC2, which is based around an I2C bus. Despite this, few OSes offer DDC-based control of features such as brightness which is where [Alin] developed a popular utility for MacOS that used undocumented APIs to talk DDC2 with external monitors via I2C. Until the new Arm-based Mac systems got released and these undocumented APIs got changed, that is.

Even though there are some ways around this, with some utilities using a simple software-based overlay to ‘dim’ the display, or using an external gamma adjustment via an external Raspberry Pi system hooked up to HDMI and using ddcutil, the best way is still via DDC2. Ultimately the new (undocumented) APIs that provide access were discovered, with another user going by the name [zhuowei] notifying [Alin] of the new IOAVServiceReadI2C and IOAVServiceWriteI2C methods with Arm-based MacOS.

After this it took some more sleuthing to figure out which of the devices on the I2C bus were which monitor in the case of multiple external monitors, but in the end it all worked again, adding hardware-based brightness controls back in the hands of MacOS users. Minus a few apparent hardware issues with HDMI on the M1 Mac Mini and some displays, but who is counting?

[Heading image: Screenshot of the Lunar app on MacOS. Credit: Alin Panaitiu]

Fusion Ignition: What Does The NIF’s 1.3 MJ Yield Mean For Fusion Research?

August 30, 2021 by 37 Comments

Earlier this month, Lawrence Livermore National Laboratory (LLNL) announced to the world that they had achieved a record 1.3 MJ yield from a fusion experiment at their National Ignition Facility (NIF). Yet what does this mean, exactly? As their press release notes, the main advancement of these results will go towards the US’s nuclear weapons arsenal.

This pertains specifically to the US’s nuclear fusion weapons, which LLNL along with Los Alamos National Laboratory (LANL) and other facilities are involved in the research and maintenance of. This traces back to the NIF’s roots in the 1990s, when the stockpile stewardship program was set up as an alternative to nuclear weapons testing. Much of this research involves examining how today’s nuclear weapons degrade over time, and ways to modernize the existing arsenal.

In light of this, one may wonder what the impact of these experimental findings from the NIF are beyond merely ensuring that the principle of MAD remains intact. To answer that question, we have to take a look at inertial confinement fusion (ICF), which is the technology at the core of the NIF’s experiments.

Continue reading “Fusion Ignition: What Does The NIF’s 1.3 MJ Yield Mean For Fusion Research?”

Golden Rice’s Appearance On Philippine Store Shelves And The Rise Of Biofortification

August 18, 2021 by 45 Comments

After decades in development, the Philippines became the first country on July 21st of this year to formally approve the commercial propagation of so-called golden rice. This is a rice strain that has been genetically engineered to produce beta-carotene in its grains. This is the same compound that has made carrots so famous, and is a significant source of vitamin A.

Getting enough vitamin A is essential for not only children and newborns, but also for pregnant and lactating women. Currently, vitamin A deficiency (VAD) is the primary cause of preventable childhood blindness and an important cause of infant mortality. While VAD is hardly the only major form of world-wide malnutrition, biofortification efforts like golden rice stand to dramatically improve the lives of millions of people around the globe by reducing the impact of VAD.

This raises questions of how effective initiatives like golden rice are likely to be, and whether biofortification of staple foods may become more common in the future, including in the US where fortification of foods has already become commonplace. Continue reading “Golden Rice’s Appearance On Philippine Store Shelves And The Rise Of Biofortification”

Figuring Out Earth’s Past Climate Through Paleoclimatology And Its Lessons For Today

August 11, 2021 by 28 Comments

Roughly 4.6 billion years ago, Earth would gain its first atmosphere, yet this was an atmosphere that was completely unlike the atmosphere we know today. Today’s oxygen-rich atmosphere we’re familiar with didn’t form until the Proterozoic, between 2,500 and 541 million years ago, when oxygen-producing bacteria killed off much of the previously thriving life from the preceding Archean.

This, along with studies of massive insects such as the 75 cm wingspan Meganeuropsis permiana dragonflies from the Permian, and reconstructed temperature, oxygen, and carbon dioxide levels via paleoclimatology show periods during which Earth’s atmosphere and accompanying climate would be unrecognizable to us humans.

Human history covers only a minuscule fraction of Earth’s history during arguably one of the latter’s coolest, least eventful periods, and yet anthropogenic (man-made) climate change now threatens to rapidly change this. But wait, how do we know what the climate was like over such vast time scales?  Let’s take a look into how we managed to reconstruct the Earth’s ancient climate, and what these findings mean for our prospects as a species today.

Continue reading “Figuring Out Earth’s Past Climate Through Paleoclimatology And Its Lessons For Today”

GitHub Copilot And The Unfulfilled Promises Of An Artificial Intelligence Future

August 2, 2021 by 36 Comments

In late June of 2021, GitHub launched a ‘technical preview’ of what they termed GitHub Copilot, described as an ‘AI pair programmer which helps you write better code’. Quite predictably, responses to this announcement varied from glee at the glorious arrival of our code-generating AI overlords, to dismay and predictions of doom and gloom as before long companies would be firing software developers en-masse.

As is usually the case with such controversial topics, neither of these extremes are even remotely close to the truth. In fact, the OpenAI Codex machine learning model which underlies GitHub’s Copilot is derived from OpenAI’s GPT-3 natural language model,  and features many of the same stumbles and gaffes which GTP-3 has. So if Codex and with it Copilot isn’t everything it’s cracked up to be, what is the big deal, and why show it at all?

Continue reading “GitHub Copilot And The Unfulfilled Promises Of An Artificial Intelligence Future”

More Than Just Hubble: The Space Observatories Filling The Skies Today And Tomorrow

July 28, 2021 by 9 Comments

Amidst the recent news about the Hubble Space Telescope’s troubles (and triumphant resurrection), it is sometimes easy to forget that although Hubble is a pretty unique telescope, it is just one of many space-based observatories that are currently zipping overhead right now or perched in a heliocentric orbit. So what is it that makes these observatories less known than the iconic Hubble telescope?

Hubble is one of the longest-lived space telescopes so far, and it is also the only space telescope that was both launched and serviced by the Space Shuttle. None of the other telescopes have this legacy, the high-profile, or troubled history of Hubble’s intended successor: the James Web Space Telescope (JWST).

Even so, the mission profiles of these myriad other observatories are no less interesting, least of the many firsts accomplished recently such as a long-term moon-based telescope (Chang’e 3’s LUT) and those of the many upcoming and proposed missions. Let’s take a look at the space observatories many of us have never heard of.

Continue reading “More Than Just Hubble: The Space Observatories Filling The Skies Today And Tomorrow”