What is time? NASA says Orions heat shield is good to go for Artemis IIbut does it matter? The Artemis II mission, as NASA currently envisions it, won't launch until April 2026. Stephen Clark Dec 5, 2024 8:03 pm | 0 The heat shield from the Artemis I mission, showing evidence of cracks and missing Avcoat material. Credit: NASA The heat shield from the Artemis I mission, showing evidence of cracks and missing Avcoat material. Credit: NASA Story textSizeSmallStandardLargeWidth *StandardWideLinksStandardOrange* Subscribers only Learn moreTwo years ago next week, NASA's Orion spacecraft splashed down in the Pacific Ocean to wrap up what, at first glance, seemed to be a highly successful unpiloted test flight that made a return to the Moon feel within reach.The Orion capsule descended under parachutes, right on target near a US Navy recovery ship on December 11, 2022. In 25-and-a-half days, the Orion spacecraft entered the Moon's sphere of influence, flew within about 60 miles (100 kilometers) of the lunar surface, and, for the most part, worked as designed in deep space. On top of that, the rocket's launch vehicle, NASA's heavy-lift Space Launch System, also performed near-flawlessly on its first flight, known as Artemis I.However, once NASA engineers got a closer look at the Orion spacecraft, their optimism faded. They saw cracks in the craft's heat shield and divots in the ablative thermal protection layer resembling potholes on a neglected street. This isn't what engineers expected, and they spent the next two years investigating the cause of the problem and determining whether it posed a safety risk for NASA's next Artemis mission, Artemis II. If the results weren't favorable, NASA might have to disassemble the Orion spacecraft, pushing back the flight a year or more beyond the Artemis II mission's already-delayed launch date.On NASA's roadmap to land astronauts on the Moon, Artemis II is the first mission that will put astronauts at the controls of the Orion spacecraft. Finally, agency officials announced the results of the heat shield inquiry Thursday. The conclusion among NASA's engineering team is to fly the Artemis II mission as intended, with a team of four astronauts on a circumlunar free return trajectory, taking them from Earth beyond the far side of the Moon, and then back home for a high-speed reentry and splashdown in the Pacific."Based on the data, we have decidedNASA unanimously and our decision-makersto move forward with the current Artemis II Orion capsule and heat shield, with a modified entry trajectory," said Bill Nelson, NASA's administrator. "Additionally, we need to complete our updates to the Orion environmental controls and life support systems that were identified earlier this year."NASA said the heat shield investigation and other issues with the Orion spacecraft have delayed the Artemis II launch until April 2026, a slip of seven months from the previous launch date in September 2025. The Artemis III mission, slated to be the Artemis program's first crewed lunar landing at the Moon's south pole, won't fly before mid-2027, about a year later than NASA's previous schedule.This follows NASA's announcement last January that Artemis II would miss its then-scheduled launch date in September of this year. Therefore, in less than 11 months, Artemis II's official launch date has slipped by 19 months.The root of the problemComing back from the Moon, the Orion spacecraft reenters the atmosphere traveling 32 times the speed of sound, about 30 percent faster than a spacecraft returning from low-Earth orbit. At this velocity, Orion encounters temperatures of up to 5,000 Fahrenheit (2,760 Celsius).The heat shield, made of a material called Avcoat, is attached to the base of the Orion spacecraft in 186 blocks. A char layer that builds up on the outer skin of the Avcoat material is supposed to ablate, or erode, in a predictable manner during reentry. Instead, fragments fell off the heat shield and left cavities in the Avcoat material at the end of the Artemis I mission.Substantial testing in ground facilities, including in wind tunnels and high-temperature arc jet chambers, allowed engineers to find the root cause.Orion flew a skip reentry profile during Artemis I, when it dipped into the atmosphere, skipped back into space, and then made a final descent into the atmosphere, sort of like a rock skipping across a pond. This profile allows Orion to fly longer distances downrange to target splashdowns near recovery teams in the Pacific Ocean and reduces g-forces on the spacecraft and the crew riding inside. It also splits up the heat load on the spacecraft into two phases."We have since determined that while the capsule was dipping in and out of the atmosphere, as part of that planned skip entry, heat accumulated inside the heat shield outer layer, leading to gases forming and becoming trapped inside the heat shield," said Pam Melroy, NASA's deputy administrator. "This caused internal pressure to build up and led to cracking and uneven shedding of that outer layer."An independent team of experts concurred with NASA's determination of the root cause, Melroy said. NASA administrator Bill Nelson, deputy administrator Pam Melroy, associate administrator Jim Free, and Artemis II commander Reid Wiseman speak with reporters Thursday in Washington, DC. Credit: NASA/Bill Ingalls Counterintuitively, this means NASA engineers are comfortable with the safety of the heat shield if the Orion spacecraft reenters the atmosphere at a slightly steeper angle than it did on Artemis I and spends more time subjected to higher temperatures.When the Orion spacecraft climbed back out of the atmosphere during the Artemis I skip reentry, a period known as the skip dwell, NASA said heating rates decreased and thermal energy accumulated inside the heat shields Avcoat material. This generated gases inside the heat shield through a process knownas pyrolysis."Pyrolysis is just burning without oxygen," said Amit Kshatriya, deputy associate administrator of NASA's Moon to Mars program. "We learned that as part of that reaction, the permeability of the Avcoat material is essential."During the skip dwell, "the production of those gases was higher than the permeability could tolerate, so as a result, pressure differential was created. That pressure led to cracks in plane with the outer mold line of the vehicle," Kshatriya said.NASA didn't know this could happen because engineers tested the heat shield on the ground at higher temperatures than the Orion spacecraft encountered in flight to prove the thermal barrier could withstand the most extreme possible heating during reentry."What we missed was this critical region in the middle, and we missed that region because we didn't have the test facilities to produce the low-level energies that occur during skip and dwell," Kshatriya said Thursday.During the investigation, NASA replicated the charring and cracking after engineers devised a test procedure to expose Avcoat heat shield material to the actual conditions of the Artemis I reentry.So, for Artemis II, NASA plans to modify the reentry trajectory to reduce the skip reentry's dwell time. Let's include some numbers to help illustrate the difference.The distance traveled by Artemis I during the reentry phase of the mission was more than 3,000 nautical miles (3,452 miles; 5,556 kilometers), according to Kshatriya. This downrange distance will be limited to no more than 1,775 nautical miles (2,042 miles; 3,287 kilometers) on Artemis II, effectively reducing the dwell time the Orion spacecraft spends in the lower heating regime that led to the cracking on Artemis I. NASA's inspector general report in May included new images of Orion's heat shield that the agency did not initially release after the Artemis I mission. Credit: NASA Inspector General With this change, Kshatriya said NASA engineers don't expect to see the heat shield erosion they saw on Artemis I. "The gas generation that occurs during that skip dwell is sufficiently low that the environment for crack generation is not going to overwhelm the structural integrity of the char layer."For future Orion spaceships, NASA and its Orion prime contractor, Lockheed Martin, will incorporate changes to address the heat shield's permeability problem.Waiting for what?NASA officials discussed the heat shield issue, and broader plans for the Artemis program, in a press conference in Washington on Thursday. But the event's timing added a coat of incredulity to much of what they said. President-elect Donald Trump, with SpaceX founder Elon Musk in his ear, has vowed to cut wasteful government spending.While that means there is a good chance for a change in how the US will return astronauts to the Moon, it doesn't necessarily imply a change in the what or why. Trump's association with Musk, Nelson said Thursday, is a good thing for the US space program.I am an optimist by nature, but in this particular case, I think that the relationship between Elon Musk and the president-elect is going to be a benefit in making sure that the funding for NASA is there, so I see that as a positive," said Nelson, a former Democratic senator from Florida who counts himself as a friend of President Joe Biden. On Wednesday, Trump nominated billionaire businessman, pilot, and private astronaut Jared Isaacman to replace Nelson as NASA's next administrator. Musk's influence and the selection of Isaacman to lead NASA suggest the space agency is about to undergo a significant strategic shift.This means an emphasis on speed and results, and there are widespread doubts NASA's current approach to the Artemis program can deliver either one. It's plausible, perhaps probable, that the Trump administration will attempt to cancel the Space Launch System rocket. NASA's inspector general reported the SLS rocket alone costs more than $2 billion to build and launch one time, a figure that doesn't include expenses on ground infrastructure or the Orion capsule it is supposed to boost into space. The Space Launch System rocket lifts off on the Artemis I mission. Credit: NASA/Bill Ingalls Ars has reported on how NASA might get to the Moon without the SLS rocket, potentially cobbling together commercial hardware from a range of companies like SpaceX, Blue Origin, and United Launch Alliance. This would not be a trivial undertaking, but it would get NASA out from under the more than $3 billion budget devoted to the SLS rocket and associated ground systems each year.The short-term future of the Orion program might be on a more stable footing. The heat shield problem aside, Orion is the only existing spacecraft with a fair chance of carrying people to the vicinity of the Moon within the next couple of years, enabling a US crew landing before China says it plans to do it in 2030. For the final leg of the journey to the Moon's south pole, NASA has contracts with SpaceX and Blue Origin to develop human-rated landers that will link up with the Orion capsule in lunar orbit.SpaceX's design is based on the company's powerful Starship rocket, which outclasses the SLS in terms of lift capacity and is designed for full reusability. SpaceX envisions Starship as a vehicle to transport more than 100 metric tons of cargo and people to the Moon and Mars, and eventually plans to certify it to launch and land on Earth with humans, a capability the rocket doesn't necessarily need to achieve NASA's initial goals with the Artemis program.While it won't be as impressive of a feat of landing astronauts on the Moon again, the Artemis II mission, as envisioned by NASA today, would be a notable achievement. Four astronauts, led by commander Reid Wiseman, are training for the Artemis II mission, and they will be the first people to fly near the Moon since the last Apollo mission in 1972. Their exact flight path will depend on the day they launch, but there's a chance Wiseman and his crewmates will travel farther from Earth than anyone in history.While Orion doesn't require the Space Launch System rocket, it does need a working heat shield. The spacecraft's reentry parameters won't change, regardless of which rocket the new NASA leadership chooses to launch Orion, so understanding the heat shield's performance remains an important matter."We have a large decision behind us," Wiseman said. "A lot of the uncertainty has been removed, and were wrapping things up on Orion."This may be true regarding the design of Orion's heat shield, but there's plenty of doubt about how the Trump administration might reshape the Artemis program come January.Stephen ClarkSpace ReporterStephen ClarkSpace Reporter Stephen Clark is a space reporter at Ars Technica, covering private space companies and the worlds space agencies. Stephen writes about the nexus of technology, science, policy, and business on and off the planet. 0 Comments Prev story

dun duh-nuh daaaaaah Indiana Jones and the Great Circle is pitch-perfect archaeological adventuring Review: Amazing open-world environs round out a tight, fun-filled adventure story. Kyle Orland Dec 5, 2024 7:00 pm | 15 No need to put Harrison Ford through the de-aging filter here! Credit: Bethesda / MachineGames No need to put Harrison Ford through the de-aging filter here! Credit: Bethesda / MachineGames Story textSizeSmallStandardLargeWidth *StandardWideLinksStandardOrange* Subscribers only Learn moreHistorically, games based on popular film or TV franchises have generally been seen as cheap cash-ins, slapping familiar characters and settings on a shovelware clone of a popular genre and counting on the license to sell enough copies to devoted fans. Indiana Jones and the Great Circle clearly has grander ambitions than that, putting a AAA budget behind a unique open-world exploration game built around stealth, melee combat, and puzzle solving.Building such a game on top of such well-loved source material comes with plenty of challenges. The developers at MachineGames need to pay homage to the source material without resorting to the kind of slavish devotion that amounts to a mere retread of a familiar story. At the same time, any new Indy adventure carries with it the weight not just of the character's many film and TV appearances but also well-remembered games like Indiana Jones and the Fate of Atlantis. Then there are game franchises like Tomb Raider and Uncharted, which have already put their own significant stamps on the Indiana Jones formula of action-packed, devil-may-care treasure-hunting. No, this is not a scene from a new Uncharted game. Credit: Bethesda / MachineGames Surprisingly, Indiana Jones and the Great Circle bears all this pressure pretty well. While the stealth-exploration gameplay and simplistic puzzles can feel a bit trite at points, the game's excellent presentation, top-notch world-building, and fun-filled, campy storyline drive one of Indy's most memorable adventures since the original movie trilogy.A fun-filled adventureThe year is 1937, and Indiana Jones has already Raided a Lost Ark but has yet to investigate the Last Crusade. After a short introductory flashback that retells an interactive version of Raiders of the Lost Ark's famous golden idol extraction, Professor Jones gets unexpectedly drawn away from preparations for midterms when a giant of a man breaks into Marshall College's antiquities wing and steals a lone mummified cat.Investigating that theft takes Jones on a globetrotting tour of locations along "The Great Circle," a ring of archaeologically significant sites around the world that house ancient artifacts rumored to hold great and mysterious power. Those rumors have attracted the attention of the Nazis (who else would you expect?), dragging Indy into a race to secure the artifacts before they threaten to alter the course of an impending world war. You see a whip, I see a grappling hook. Credit: Bethesda / MachineGames The game's overarching narrativetold mainly through lengthy cut scenes that serve as the most captivating reward for in-game achievementsdoes a pitch-perfect job of replicating the campy, madcap, fun-filled, adventurous tone Indy is known for. The writing is full of all the pithy one-liners and cheesy puns you could hope for, as well as countless overt and subtle references to Indy movie moments that will be familiar to even casual fans.Indy here is his usual mix of archaeological superhero and bumbling everyman. One moment, he's using his whip and some hard-to-believe upper body strength to jump around some quickly crumbling ruins. The next, he's avoiding death during a madcap fight scene through a combination of sheer dumb luck and overconfident opposition. The next, he's solving ancient riddles with reams of historical techno-babble and showing a downright supernatural ability to decipher long-dead languages in an instant when the plot demands it. You have to admit it, this circle is pretty great! Credit: Bethesda / MachineGames It all works in large part thanks to Troy Baker's excellent vocal performance as Jones, which he somehow pulls off as a compelling cross between Harrison Ford and Jeff Goldblum. The music does some heavy lifting in setting the tone, too; it's full of downright cinematic stirring horns and tension-packed strings that fade in and out perfectly in sync with the on-screen action. The game even shows some great restraint in its sparing use of the famous Indiana Jones theme, which I ended up humming to myself as I played more often than I actually heard it referenced in the game's score.Indy quips well off of Gina, a roving reporter searching for her missing sister who serves as the obligatory love interest/globetrotting exploration partner. But the game's best scenes all involve Emmerich Voss, the Nazi archaeologist antagonist who makes an absolute meal out of his scenery chewing. From his obsession with cranial shapes to his preening diatribes about the inferiority of American culture, Voss makes the perfect foil for Indy's no-nonsense, homespun apple pie forthrightness. Voss steals literally every scene he's in. Credit: Bethesda / MachineGames By the time the plot descends into an inevitable mess of pseudo-religious magical mysticism, it's clear that this is a story that doesn't take itself too seriously. You may cringe a bit at how over the top it all gets, but you'll probably be having too much fun to care.Take a look aroundIn between the cut sceneswhich together could form the basis for a strong Indiana Jones-themed episodic streaming miniseriesthere's an actual interactive game to play here as well. That game primarily plays out across three decently sized mapsone urban, one desert, and one water-logged marshthat you can explore relatively freely, broken up by shorter, more linear interludes in between.Following the main story quests in each of these locales generally has you zigzagging across the map through a series of glorified fetch quests. Go to location A to collect some mystical doodad, then return it to unlock some fun exposition and a reason to go to location B. Repeat as necessary.I say "point A" there, but it's usually more accurate to say the game points you toward "circle A" on the map. Once you get there, you often have to do a bit of unguided exploring to find the hidden trinket or secret entry point you need. Am I going in the right direction? Credit: Bethesda / MachineGames At their best, these exploration bits made me feel more like an archaeological detective than the usual in-game tourist blindly following a waypoint from location to location. At its worst, I spent 15 minutes searching through one of these map circles before finding my in-game partner Gina standing right next to the target I was probably intended to find immediately. So it goes.Traipsing across the map in this way slowly reveals the sizable scale of the game's environments, which often extend beyond what's first apparent on the map to multi-floor buildings and gigantic subterranean caverns. Unlocking and/or figuring out all of the best paths through these labyrinthine localeswhich can involve climbing across rooftops or crawling through enemy barracksis often half the fun.As you crisscross the map, you also invariably stumble on a seemingly endless array of optional sidequests, mysteries, and "fieldwork," which you keep track of in a dynamically updated journal. While there's an attempt at a plot justification for each of these optional fetch quests, the ones I tried ended up being much less compelling than the main plot, which seems to have taken most of the writers' attention. Indiana Jones, famous Vatican tourist. Credit: Bethesda / MachineGames As you explore, a tiny icon in the corner of the screen will also alert you to photo opportunities, which can unlock important bits of lore or context for puzzles. I thoroughly enjoyed these quick excuses to appreciate the game's well-designed architecture and environments, even as it made Indy feel a bit more like a random tourist than a badass archaeologist hero.Quick, hide!Unfortunately, your ability to freely explore The Great Circle's environments is often hampered by large groups of roaming Nazi and/or fascist soldiers. Sometimes, you can put on a disguise to walk among them unseen, but even then, certain enemies can pick you out of the crowd, something that was not clear to me until I had already been plucked out of obscurity more than a few times.When undisguised, you'll spend a lot of time kneeling and sneaking silently just outside the soldiers' vision cones or patiently waiting for them to move so you can sneak through a newly safe path. Remaining unseen also lets you silently take out enemies from behind, which includes pushing unsuspected enemy sentries off of ledges in a hilarious move that never, ever gets old. They'll never find me up here. Credit: Bethesda / MachineGames When your sneaking skills fail you amid a large group of enemies, the best and easiest thing to do is immediately run and hide. For the most part, the enemies are incredibly inept in their inevitable pursuit; dodge around a couple of corners and hide in a dark alley and they'll usually quickly lose track of you. While I appreciated that being spotted wasn't an instant death sentence, the ease with which I could outsmart these soldiers made the sneaking a lot less tense.If you get spotted by a group of just one or two enemy soldiers, though, it's time for some first-person melee combat, which draws heavy inspiration from the developers' previous work on the early '00s Chronicles of Riddick games. These fights usually play out like the world's most overdesigned game of Punch-Out!!you stand there waiting for a heavily telegraphed punch to come in, at which point you throw up a quick block or dodge and then counter with a series of rapid, crunchy punches of your own. Repeat until the enemy goes down.You can spice things up a bit here by disarming and/or unbalancing your foes with your whip or by grabbing a wide variety of nearby objects to use as improvised melee weapons. After a while, though, all the fistfights start to feel pretty rote and unmemorable. The first time you hit a Nazi upside the head with a plunger is hilarious. The fifth time is a bit tiresome. It's always a good time to punch a Nazi. Credit: Bethesda / MachineGames While you can also pull out a trusty revolver to simply shoot your foes, the racket the shots make usually leads to so much unwelcome enemy attention that it's rarely worth the trouble. Aside from a handful of obligatory sections where the game practically forces you into a shooting gallery situation, I found little need to engage in the serviceable but unexciting gun combat.And while The Great Circle is far from a horror game, there are a few combat moments of genuine terror with foes more formidable than the average grunt. I don't want to give away too much, but those with fear of underwater creatures, the dark, or confined spaces will find some parts of the game incredibly tense.Not so puzzlingMy favorite gameplay moments in The Great Circle were the extended sections where I didn't have to worry about stealth or combat and could just focus on exploring massive underground ruins. These feature some of the game's most interesting traversal challenges, where looking around and figuring out just how to make it to the next objective is engaging on its own terms. There's little of the Uncharted-style gameplay of practically highlighting every handhold and jump with a flashing red sign. When giant mechanical gears need placing, you know who to call! Credit: Bethesda / MachineGames These exploratory bits are broken up by some obligatory puzzles, usually involving Indiana Jones' trademark of unbelievably intricate ancient stone machinery. Arrange the giant stone gears so the door opens, put the right relic in the right spot, shine a light on some emblems with a few mirrors, and so on. You know the drill if you've played any number of similar action-adventure games, and you probably won't be all that engaged if you know how to perform some basic logic and exploration (though snapping pictures with the in-game camera offers hints for those who get unexpectedly stuck).But even during the least engaging puzzles or humdrum fights in The Great Circle, I was compelled forward by the promise of some intricate ruin or pithy cut scene quip to come. Like the best Indiana Jones movies, there's a propulsive force to the game's most exciting scenes that helps you push past any brief feelings of tedium in between. Here's hoping we see a lot more of this version of Indiana Jones in the future.A note on performanceIndiana Jones and the Great Circle has received some recent negative attention for having relatively beefy system requirements, including calling for GPUs that have some form of real-time ray-tracing acceleration. We tested the game on a system with an Nvidia RTX 2080 Ti and an Intel i7-8700K CPU with 32 GB of RAM, which puts it roughly between the "minimum" and "recommended" specs suggested by the publisher. Trace those rays. Credit: Bethesda / MachineGames Despite this, we were able to run the game at 1440p resolution and "High" graphical settings at a steady 60 fps throughout. The game did occassionally suffer some heavy frame stuttering when loading new scenes, and far-off background elements had a tendency to noticeably "pop in" when running, but otherwise, we had few complaints about the graphical performance.Kyle OrlandSenior Gaming EditorKyle OrlandSenior Gaming Editor Kyle Orland has been the Senior Gaming Editor at Ars Technica since 2012, writing primarily about the business, tech, and culture behind video games. He has journalism and computer science degrees from University of Maryland. He once wrote a whole book about Minesweeper. 15 Comments

Earlier this year, China-linked threat group Salt Typhoon allegedly breached major telecommunications companies, potentially gaining access to US wiretap systems. The full scope of the breach remains unknown, and the hackers are potentially still lurking in telecommunications networks.This breach is hardly the first time a group associated with China targeted critical infrastructure in the US. Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), and Christopher Wray, director of the FBI, have both been vocal about the threat China poses to US critical infrastructure.In a 2024 opening statement before the House Select Committee on Strategic Competition Between the United States and the Chinese Communist Party, Easterly said, Specifically, Chinese cyber actors, including a group known as Volt Typhoon, are burrowing deep into our critical infrastructure to be ready to launch destructive cyber-attacks in the event of a major crisis or conflict with the United States.In April, Wray brought up this concern at the Vanderbilt Summit on Modern Conflict and Emerging Threats. The fact is, the PRCs targeting of our critical infrastructure is both broad and unrelenting.At the Cyberwarcon conference, Morgan Adamski, executive director of US Cyber Command, chimed in with a warning about how Chinas position in critical infrastructure could cause disruptive cyberattacks if the two countries enter into a major conflict, Reuters reports.Related:If conflict does erupt between China and the US, what could disruptive cyberattacks on critical infrastructure look like? What can the government and critical infrastructure leaders do to prepare?The Possibility of Disruptive CyberattacksThe US has 16 critical infrastructure sectors. All of them are called critical because they would impact society to some degree were they to be taken offline, says Eric Knapp, CTO of OT forOPSWAT, a company focused on critical infrastructure cybersecurity. And they're all susceptible to cyberattack to some degree.Telecommunications and power could be prime targets for China in a conflict. Back from the dawn of time when people would go to war, you would try to eliminate your opponents ability to communicate and their ability to power their systems, says Knapp.But other sectors, such as water, health care, food, and financial services, could be targeted as well.The intent of these kind of operations may be to provide a distraction in order to slow down a US response, if there was to be one, in any sort of conflict involving Taiwan, says Rafe Pilling, director of threat intelligence for the counter threat unit at cybersecurity company Secureworks.Related:While it is uncertain exactly how these attacks would play out, there are real-world examples of how adversaries can attack critical infrastructure to their advantage. Unfortunately, there's a roadmap that we can look at that's happening in the real world right now in the Russia-Ukraine conflict, says Knapp.Leading up to and following Russias invasion of Ukraine, Russia executed many cyberattacks on Ukrainian critical infrastructure, including its power grid.If China were to use its positioning in US critical infrastructure to carry out similarly disruptive attacks, they would be dealing with very distributed systems. It would be very unlikely to see something like a nationwide power outage, Knapp tells InformationWeek.What you'd likely see is a cascade of smaller localized disruptions, says Pilling.Those disruptions could still be very impactful, potentially causing chaos, physical harm, death, and financial loss. But they would not last forever.Many of these sectors, for reasons completely unrelated to cyberattacks, are used to being able to resolve issues, work around problems, and get services up and running quickly, says Pilling. Resiliency and quick restoration of services, particularly in the energy sector, [are] an important part of their day-to-day planning.Related:Threat ActorsSalt Typhoon and Volt Typhoon are two widely recognized, Chinese cyber threat groups that target US critical infrastructure.All [of] these different Chinese threat actor groups, they have different motivations, different goals, different countries that they're attacking, says Jonathan Braley, director of threat intelligence at nonprofit Information Technology-Information Sharing and Analysis Center (IT-ISAC).In addition to pre-positioning for disruptive cyberattacks, motivations could also include intellectual property theft and espionage.While Salt Typhoon is the suspected culprit behind the major breach in the US telecommunications sector, it actively targets victims in other sectors as well. For example, the group reportedly targeted hotels and government, according to FortiGuard Labs.Targeting hotels and targeting telcos is often to get information about people's movements and what they've been saying to each other and who they've been communicating with. So, it's part of a collection for a wider intelligence picture, says Pilling.Volt Typhoon has targeted systems in several critical infrastructure sectors, including communications, energy, transportation, and water, according to CISA.They combine a number of tactics that make them quite stealthy, says Pilling. For example, Volt Typhoon makes use of living off the land techniques and will move laterally through networks. It often gains initial access via known or zero-day vulnerabilities.In some cases, they would use malware but for the vast majority of cases they were using built-in tools and things that were already deployed on the network to achieve their aims of maintained persistence in those networks, Pilling shares.Salt Typhoon and Volt Typhoon are just two groups out of many China-backed threat actors. IT-ISAC has adversary playbooks for threat actors across many different countries of origin.We have about 50 different playbooks for different Chinese nation state actors, which is a lot, Braley tells InformationWeek. I think if we look at other countries there might be a dozen or so.While China-linked threat groups pose a risk to critical infrastructure, they are not alone.As we approach various global conflicts, we need to be prepared that not only we're going to have these nation states coming out, [but] we also [have] to watch some of these hacktivist groups that are aligned with these countries as well, says Braley.Preparing Critical InfrastructureThe government and critical infrastructure operators both have roles to play in preparing for the potential of disruptive cyberattacks. Information sharing is vital. Government agencies like CISA can continue to raise awareness. Critical infrastructure operators can share insight into any malicious activity they discover to help other organizations.Critical infrastructure operators also have a responsibility to harden their cybersecurity posture.A lot of the basic hygiene that organizations need to be doing is not expensive cutting-edge cybersecurity work. It's the basics of making sure things are patched, minimizing attack surfaces externally, making sure that there is good monitoring across the network to detect intrusions early when they occur, says Pilling. I think it's a culture and a mind shift as much as need for more budget.

Open-source software is a lifesaver for startups and enterprises alike as they attempt to deliver value to customers faster. While open source use isnt considered dubious for business use like it once was, the very open nature of it leaves it open to poisoning by bad actors.Open-source AI and software can present serious national security risks -- particularly as critical infrastructure increasingly relies on them. While open-source technology fosters rapid innovation, it doesnt inherently have more vulnerabilities than closed-source software, says Christopher Robinson, chief security architect at the Open Source Security Foundation (OpenSSF). The difference is open-source vulnerabilities are publicly disclosed, while closed-source software may not always reveal its security defects.Incidents such as XZ-Utils backdoor earlier this year demonstrate how sophisticated actors, including nation-states, can target overextended maintainers to introduce malicious code. However, the XZ-Utils backdoor was stopped because the open-source communitys transparency allowed a member to identify the malicious behavior.At the root of these risks are poor software development practices, a lack of secure development training, limited resources, and insufficient access to security tools, such as scanners or secure build infrastructure. Also, the lack of rigorous vetting and due diligence by software consumers exacerbates the risk, says Robinson. The threats are not limited to open source but extend to closed-source software and hardware, pointing to a broader, systemic issue across the tech ecosystem. To prevent exploitation on a national level, trust in open-source tools must be reinforced by strong security measures.Related:Open Source: Get What You Paid For?A primary threat is the lack of support and funding for open-source maintainers, many of whom are unpaid volunteers. Organizations often adopt open-source software without vetting security, assuming volunteers will manage it.Another often overlooked issue is conflating trust with security. Simply being a trusted maintainer doesnt ensure a projects security. Lawmakers and executives need to recognize that securing open source demands structured, ongoing support.AI systems, whether open or closed source, are susceptible to prompt injection and model training tampering. OWASPs recent top 10 AI threats list highlights these threats, underscoring the need for robust security practices in AI development. Since AI development is software development, it can benefit from appropriate security engineering, says Robinson. OWASP is the Open Worldwide Application Security Project. Without these practices, AI systems become highly susceptible to serious threats. Recognizing and addressing these vulnerabilities is essential to a secure open-source ecosystem.Related:At the company level, boards and executives need to understand that using open-source software involves effective due diligence and monitoring and contributing back to its maintenance. This includes adopting practices like creating and sharing software bills of materials (SBOMs) and providing resources to support maintainers. Fellowship programs can also provide sustainable support by involving students or early-career professionals in maintaining essential projects. These steps will create a more resilient open-source ecosystem, benefiting national security.Mitigating threats to open source requires a multifaceted approach that includes proactive security practices, automated tools, and industry collaboration and support. Tools like OpenSSFs Scorecard, GUAC, OSV, OpenVEX, Protobom, and gittuf can help identify vulnerabilities early by assessing dependencies and project security, says Robinson. Integrating these tools into development pipelines ensures that high-risk issues are identified, prioritized and addressed promptly. Additionally, addressing sophisticated threats from nation-states and other malicious actors requires collaboration and information-sharing across industries and government.Related:Sharing threat intelligence and establishing national-level protocols will keep maintainers informed about emerging risks and better prepared for attacks. By supporting maintainers with the right resources and fostering a collaborative intelligence network, the open-source ecosystem can become more resilient.Infrastructure Is at RiskWhile the widespread use of open-source components accelerates development and reduces costs, it can expose critical infrastructure to vulnerabilities.Open-source software is often more susceptible to exploitation than proprietary code, with research showing it accounts for 95% of all security risks in applications. Malicious actors can inject flaws or backdoors into open-source packages, and poorly maintained components may remain unpatched for extended periods, heightening the potential for cyberattacks, says Nick Mistry, CISO at software supply chain security management company Lineaje. As open-source software becomes deeply embedded in both government and private-sector systems, the attack surface grows, posing a real threat to national security.To mitigate these risks, lawmakers and C-suite executives must prioritize the security of open-source components through stricter governance, transparent supply chains and continuous monitoring.Dependencies Are a ProblemOpen-source AI and software carry unique security considerations, particularly given the scale and interconnected nature of AI models and open-source contributions.The open-source supply chain presents a unique security challenge. On one hand, the fact that more people are looking at the code can make it more secure, but on the other hand, anyone can contribute, creating new risks, says Matt Barker, VP & global head, workload identity architecture at machine identity security company Venafi, a CyberArk Company. This requires a different way of thinking about security, where the very openness that drives innovation also increases potential vulnerabilities if were not vigilant about assessing and securing each component. However, its also essential to recognize that open source has consistently driven innovation and resilience across industries.Organizational leaders must prioritize rigorous evaluation of open-source components and ensure safeguards are in place to track, verify, and secure these contributions.Many may be underestimating the implications of mingling data, models, and code within open-source AI definitions. Traditionally, open source is applied to software code alone, but AI relies on various complex elements like training data, weights and biases, which dont fit cleanly into the traditional open-source model, says Barker. By not distinguishing between these layers, organizations may unknowingly expose sensitive data or models to risk. Additionally, reliance on open source for core infrastructure without robust verification procedures or contingencies can leave organizations vulnerable to cascading issues if an open-source component is compromised.Thus far, the US federal government has not imposed limits on open-source AI.If weve learned anything from AI these past few years, its that there are certainly great benefits and also great dangers, says Edward Tian, CEO of GenAI detection software provider GPTZero. On one hand, not imposing limits on open-source AI is beneficial when it comes to accessibility and equity. It better prevents monopolies and AI technology only being shaped by a few people. On the other hand, that also means AI can more easily be put in the hands of bad actors. This means there is a greater risk for AI being used for harm, like more advanced cyberattacks or scams, so it absolutely has the possibility of being a threat to national security.Governance MattersIn an AI context, open-source poisoning involves the manipulation of natural language models, potentially leading to security breaches and online manipulation. This can manifest in discriminatory outcomes, influence on public opinion and disruptions in critical infrastructure like power grids and transportation systems.To address open-source software risks, organizations should implement a robust governance strategy encompassing dependency management, diversified reliance, proactive vulnerability scanning and regular patching, says Ignacio Llorente, CEO at cloud and edge solution provider and consultancy OpenNebula. Security audits, code reviews, monitoring project health, and active community engagement are crucial for staying informed on emerging vulnerabilities and best practices, thereby enhancing the security and reliability of open-source integrations.Meanwhile, the White House is in transition while the accelerated pace of AI adoption and innovation continue.I would expect nothing less from [adversaries] to leverage open-source AI as a way to jeopardize national security whether it be data and information or whether it be [a] nation-state backed motive with deepfake, says Chris Hills, chief security strategist at cybersecurity company BeyondTrust. Boards and C-suites need to understand the risk, how it relates to their business, and what they can do to overcome the risk versus rewards for usage. They also need to understand that no matter how much they want to try to block the usage, the end user has far too many resources that will allow them or enable them to overcome any boundary put in place. Therefore, understanding the usage risk and educating their end users will help minimize the risk related to open-source AI usage.A Front-Row SeatAaron Shaha, chief of threat research and intelligence at SaaS-based MDR solution provider Blackpoint Cyber, says he finds watching the poisoning of open-source libraries and code distressing.Care and diligence should be used to ensure vetted libraries and distributions are used to limit risk. Consider having an AI policy that all workers read and sign, to prevent intellectual property issues, as well as hallucination problems, says Shaha. Adversarial governments and malicious hackers poisoning open-source code is a large problem. Care must be taken in implementation, as well as a renewed review process of code and binaries.Phil Morris, advisory CISO & managing director at security solution provider NetSPI, says the number of open-source models available on Hugging Face has increased over 10,000% in the past five years. With that level of growth, the potential for introducing vulnerabilities into a corporate ecosystem is a significant threat that must be addressed proactively.To mitigate risks of open-source AI, companies should implement governance teams, technical feasibility groups, and security awareness training to set guardrails for the appropriate use of AI. There are realistic attack vectors for open-source software, so this is a fresh opportunity to educate your leadership on how to manage these unique risks, says Morris. Just as with other instances of shadow IT, your risk profile has increased. Are you breaking down silos between the data science teams and the operational teams that have to support and monitor this technology? Are you running red-team exercises against these deployments? These are two best practices that can be overlooked in the rush to build and deploy these platforms.Its also important to understand the difference between vulnerabilities and threats.Over 62% of the open-source code in a typical app/API is never used and creates no danger, even if it has known vulnerabilities (CVEs), says Jeff Williams, co-founder and CTO at runtime application security company Contrast Security. Consequently, only five to 10% of CVEs in real world applications are actually exploitable. I recommend getting runtime context to confirm exploitability before investing in fixing issues that aren't dangerous.:Most organizations analyze open-source code and custom code separately, which obscures many risks and causes organizations to have a false sense of security.Custom code risks are more prevalent and more critical than open-source issues, says Williams. Organizations should leverage runtime security to analyze fully assembled applications and APIs, including custom code, libraries, frameworks and servers together.

A highly infectious strain of bird flu has been circulating worldwide since 2020ULISES RUIZ/AFP via Getty ImagesThe H5N1 bird flu virus that has spread worldwide is already better at infecting people than earlier strains. Whats more, a single mutation could allow it to infect the cells lining our noses and throats, making it more likely to go airborne.This change alone is not enough for the virus to be capable of causing a pandemic. However, if a virus with this mutation swapped genes with a human flu virus, it could acquire pandemic potential almost instantly. AdvertisementThe more people get infected, the more likely it is that something like this could arise, says Ian Wilson at the Scripps Research Institute in California. Despite this, Wilson thinks the risk remains low.A particularly virulent form of H5N1 bird flu evolved in the 1990s, probably in domestic birds in China, and spread worldwide. Around 2020, a new variant of this virus emerged and spread even more widely, reaching the Americas and Antarctica. It has infected domestic poultry in large numbers and is also spreading among dairy cows in the US, causing occasional human cases.A team led by Debby van Riel at the Erasmus University Medical Center in the Netherlands has now infected human nose and throat cells with H5N1 variants from 2005 and 2022. They have shown for the first time that the 2022 variant is better at binding to these cells and also better at replicating inside them. Its bad news, says van Riel. Get the most essential health and fitness news in your inbox every Saturday.Sign up to newsletterI dont think the chances of the virus becoming pandemic are extremely high, she says. But the fact that the virus is better at infecting humans will give it more opportunities to acquire additional mutations that increase its pandemic potential.Meanwhile, Wilson and his colleagues have been studying the crucial haemagglutinin protein of the flu virus. This protein binds to receptors on the outside of cells, determining which cells the virus can infect. Because it protrudes from the virus, it is also the main target of the immune system.At present, the H5N1 haemagglutinin binds mainly to receptors that in humans are found deep in the lungs. This means it can cause severe disease but it is unlikely to get out of the body and infect others. To do that, the virus needs to infect cells lining the nose and throat, meaning viruses can be coughed or sneezed out to infect others.Van Riels study suggests the virus can do this to some degree, but its not clear whether the virus is binding to the main receptors on these cells. It was thought that multiple mutations would be required for H5N1 to bind strongly to these receptors, but Wilsons team has now shown that with the current H5N1 variant, a single mutation is all it would take.This change alone would not result in a virus capable of going pandemic, says team member Jim Paulson, also at the Scripps Research Institute. We view this property as required but importantly not sufficient for transmission, for a pandemic virus, he says.Other changes are also necessary for the virus to start to replicate and spread from person to person, says Paulson, and these are not well understood. Theres a lot of biology that we dont even know, he says.Once an H5N1 virus infecting a human acquired the receptor-switching mutation, however, it would then have a chance of evolving these other changes as well.Whats more, in theory, it could acquire all the abilities it needs in one fell swoop by swapping genes with a human virus infecting the same individual. Several previous flu pandemics were caused by animal and human flu viruses swapping genes, says Paulson.This is highly concerning, says Aris Katzourakis at the University of Oxford, who was not involved in either study. Each spillover to a human gives the virus a roll of the dice.How deadly would an H5N1 pandemic be?If H5N1 bird flu does manage to start spreading from person to person, the big question is how deadly it would be. Of the people confirmed to be infected with the virus since 2003, half have died. However, the true infection fatality rate could be lower as many cases have probably gone undetected, and milder ones are more likely to be missed.Among the 60 or so people infected in the US since the dairy outbreak began, almost all have had mild symptoms only. Why is not understood, but one explanation is that many were infected via the eyes. That is known to have far milder outcomes, says Katzourakis.It is also thought that when viruses switch from binding to receptors deep in the lungs to those higher in the respiratory tract, they become less dangerous. But the puzzling aspects of the cases in the US have left Paulson unsure that this will hold true with H5N1. Now I just dont know what to think, to be honest, he says.I dont think there is any reason to be complacent in this respect, and anticipate mildness should this virus become readily human-to-human transmissible, says Katzourakis.Wilsons team studied the haemagglutinin protein in isolation, so there was no chance of a lab leak of the mutant protein. There was no virus used at all here, he says.Reference:bioRxiv DOI: 10.1101/2024.11.27.625596Journal reference:Science DOI: 10.1126/science.adt0180Topics:

There was a sharp fall in the number of low-lying clouds in 2023Bus Photography/Getty ImagesChanges in cloud cover may account for why global temperatures for the past two years have exceeded the predictions of climate models.2023 and 2024 saw temperature records repeatedly smashed, with both years now showing average temperatures around 1.5C above the pre-industrial level. Climate change plus an El Nio weather pattern are partly to blame, but neither factor fully explains the extraordinary warmth. AdvertisementNow, researchers believe the answer lies in a sharp drop in low-lying cloud cover in 2023. This change reduced Earths albedo the planets ability to reflect solar radiation back into space causing an increase in temperatures.Earths albedo has been declining since the 1970s, largely due to the melting of polar ice caps, which help to bounce sunlight back into space. But analysis of satellite data by Helge Goessling at the Alfred Wegener Institute in Germany and his colleagues revealed that 2023s planetary albedo hit a record low.Goessling and his colleagues then used a combination of weather observations and modelling to understand the causes of this drop, and found there had been a sharp fall in the number of low-lying clouds in 2023. The change was particularly pronounced in the Atlantic Ocean, which experienced some of the most unusual temperature extremes in 2023. The latest science news delivered to your inbox, every day.Sign up to newsletterWe were able to get an indication of where the clouds are actually changing, at which altitude in the atmosphere, says Goessling. It really is quite striking that this, this decrease of the cloud cover, is mostly happening in the lower levels.The findings could explain the additional 0.2C of missing heat scientists have been struggling to account for, once the impacts of background climate change and the 2023 El Nio are tallied. Its another piece of the puzzle, and I think quite an important one, says Goessling. Even though the study only assessed data from 2023, the findings may also explain why global temperatures have remained extremely high throughout 2024, despite El Nio fading earlier this year.Paulo Ceppi at Imperial College London says the study is timely because climate scientists are keen to understand the drivers of the recent record warmth. I think they make a pretty compelling case that albedo changes, in specifically low clouds, have been a major contributor to the changes in the radiation budget and therefore temperature, he says.The next question is why low-lying clouds are disappearing. Broadly, there are three explanations. It could be due to a global reduction in aerosol pollution, which helps clouds form and persist. Alternatively, it could be the result of global warming changing how clouds behave. Or it could simply be natural variability in the climate.Understanding which of these three factors is dominant is crucial, because it influences how sensitive Earths climate is to greenhouse gas pollution. If the lack of clouds is due to a climate change feedback, then the impact will accelerate in the coming years, pushing global temperatures higher than expected. The answer does have pretty profound implications for what we expect about future climate change, says Ceppi.Journal reference:Science DOI: 10.1126/science.adq7280Topics:climate change

The US Department of Defense has invested $2.4 million over two years in deepfake detection technology from a startup called Hive AI. Its the first contract of its kind for the DODs Defense Innovation Unit, which accelerates the adoption of new technologies for the US defense sector. Hive AIs models are capable of detecting AI-generated video, image, and audio content. Although deepfakes have been around for the better part of a decade, generative AI has made them easier to create and more realistic-looking than ever before, which makes them ripe for abuse in disinformation campaigns or fraud. Defending against these sorts of threats is now crucial for national security, says Captain Anthony Bustamante, a project manager and cyberwarfare operator for the Defense Innovation Unit. "This work represents a significant step forward in strengthening our information advantage as we combat sophisticated disinformation campaigns and synthetic-media threats, says Bustamante. Hive was chosen out of a pool of 36 companies to test its deepfake detection and attribution technology with the DOD. The contract could enable the department to detect and counter AI deception at scale. Defending against deepfakes is existential, says Kevin Guo, Hive AIs CEO. This is the evolution of cyberwarfare. Hives technology has been trained on a large amount of content, some AI-generated and some not. It picks up on signals and patterns in AI-generated content that are invisible to the human eye but can be detected by an AI model. Turns out that every image generated by one of these generators has that sort of pattern in there if you know where to look for it, says Guo. The Hive team constantly keeps track of new models and updates its technology accordingly. The tools and methodologies developed through this initiative have the potential to be adapted for broader use, not only addressing defense-specific challenges but also safeguarding civilian institutions against disinformation, fraud, and deception, the DOD said in a statement. Hives technology provides state-of-the-art performance in detecting AI-generated content, says Siwei Lyu, a professor of computer science and engineering at the University at Buffalo. He was not involved in Hives work but has tested its detection tools. Ben Zhao, a professor at the University of Chicago, who has also independently evaluated Hive AIs deepfake technology, agrees but points out that it is far from foolproof. Hive is certainly better than most of the commercial entities and some of the research techniques that we tried, but we also showed that it is not at all hard to circumvent, Zhao says. The team found that adversaries could tamper with images in a way that bypassed Hives detection. And given the rapid development of generative AI technologies, it is not yet certain how it will fare in real-world scenarios that the defense sector might face, Lyu adds. Guo says Hive is making its models available to the DOD so that the department can use the tools offline and on their own devices. This keeps sensitive information from leaking. But when it comes to protecting national security against sophisticated state actors, off-the-shelf products are not enough, says Zhao: Theres very little that they can do to make themselves completely robust to unforeseen nation-state-level attacks.

This is today's edition ofThe Download,our weekday newsletter that provides a daily dose of what's going on in the world of technology. OpenAIs new defense contract completes its military pivot At the start of 2024, OpenAIs rules for how armed forces might use its AI models were unambiguous: it prohibited anyone from using them for weapons development or military and warfare. It has slowly softened those restrictions over the course of this year, and now, OpenAI has announced that its technology will be deployed directly on the battlefield. The company is partnering with the defense-tech company Anduril, a maker of AI-powered drones, radar systems, and missiles, to help US and allied forces defend against drone attacks. Read our story to understand how, and why, this pivot unfolded.James ODonnell Would you eat dried microbes? This company hopes so. Whats new: A company best known for sucking up industrial waste gases is turning its attention to food. LanzaTech, a rising star in the fuel and chemical industries, is joining a growing group of businesses producing microbe-based food as an alternative to plant and animal products. Why it matters: The global food system is responsible for roughly 25% to 35% of all human-caused greenhouse gas emissions today, and much of that comes from animal agriculture. Alternative food sources could help feed the world while cutting climate pollution. Read the full story. Casey Crownhart To read more about the potential positive effects of alternative meat on the climate, check out the latest edition of The Spark, our weekly climate and energy newsletter. Sign up to receive it in your inbox every Wednesday. Google DeepMinds new AI model is the best yet at weather forecasting Google DeepMind has unveiled an AI model thats better at predicting the weather than the current best systems. The new model, dubbed GenCast, is the second AI weather model that Google has launched in just the past few months. In July, it published details of NeuralGCM, a model that combined AI with physics-based methods like those used in existing forecasting tools. That model performed similarly to conventional methods but used less computing power.GenCast is different, as it relies on AI methods alone. It works sort of like ChatGPT, but instead of predicting the next most likely word in a sentence, it produces the next most likely weather condition. But while its results are impressive, that doesn't mean the end of conventional meteorology as a field. Read the full story. Scott J Mulligan The must-reads Ive combed the internet to find you todays most fun/important/scary/fascinating stories about technology. 1 Donald Trump has appointed a billionaire astronaut to head up NASA Jarad Isaacman has been into space twice, and was the first private citizen to carry out a spacewalk. (CBS News)+ Unsurprisingly, hes also a close associate of Elon Musk. (Fast Company $)+ Will the appointment make Musk more amenable to NASA? (Economist $)2 The price of a single bitcoin has passed $100,000 Its a remarkable milestone for the famously volatile cryptocurrency. (NYT $)+ The industrys faithful hope Donald Trump will pass crypto-friendly laws. (The Guardian)+ Congrats, investors. What comes next, though? (FT $)3 Humane isnt giving up on its AI pin Despite few sales, it wants to embed the device in your phone and car. (The Verge)+ The pin made a special appearance in our inaugural AI Hype Index. (MIT Technology Review)4 Amazon deliveries are slower to arrive in low-income zip codes Despite the DC residents paying for the same Prime program as their richer neighbors. (WP $)+ A lawsuit claims Amazon covered up the real reason for the delays. (Ars Technica)5 Law enforcement has busted two major crypto laundering networksCriminals swapped huge sums of cash for crypto across crime networks. (Wired $) + Over in Dubai, crypto scams are running rampant. (Bloomberg $)6 Where it all went wrong for the worlds biggest offshore wind companyrsted was riding high on the clean energy waveuntil it wasnt. (FT $) + The UK is failing spectacularly to harness wind power properly. (Bloomberg $)+ Whats next for offshore wind. (MIT Technology Review)7 OnlyFans has quietly launched in ChinaAlthough pornography remains illegal in the country. (CNN) + Chinese gamers are using a Steam wallpaper app to get porn past the censors. (MIT Technology Review) 8 Were getting close to solving a major mystery of the universeIts biggest galaxies may have been formed by cosmic collisions. (The Guardian) + The galaxy which used to look like a sombrerodoesnt any more. (CNN)9 This winged drone can hop and jump Making it look a whole lot like a robotic bird. (IEEE Spectrum)+ Whats next for drones. (MIT Technology Review)10 Why X had a meltdown over a womans PhD thesis Go outside and touch some grass, all of you. (Vox)Quote of the day We never doubted. We never wavered. And we will never stop building. Kris Marszalek, chief executive of exchange Crypto.com, celebrates bitcoins colossal surge to a $100,000 valuation for a single coin in a post on X. The big story What the future holds for those born today Happy birthday, baby.August 2024 You have been born into an era of intelligent machines. They have watched over you almost since your conception. They let your parents listen in on your tiny heartbeat, track your gestation on an app, and post your sonogram on social media. Well before you were born, you were known to the algorithm.Your arrival coincided with the 125th anniversary of this magazine. With a bit of luck and the right genes, you might see the next 125 years. How will you and the next generation of machines grow up together? We asked more than a dozen experts to imagine your future. Read what they prophesied.Kara Platoni We can still have nice things A place for comfort, fun and distraction to brighten up your day. (Got any ideas? Drop me a line or tweet 'em at me.) + If you want the best pizza the world has to offer, you should head to Jersey City (apparently)+ Thinking of gifting something thats been previously owned this Christmas? Make sure you conduct these essential checks.+ What science can tell us about how to combat bullying.+ Uhohhoney fraud is on the rise!

A 7.0-magnitude earthquake struck off the shore of Northern California Thursday morning.Tsunami warnings have been lifted across northern California and southern Oregon.Aftershocks are ongoing, and there's a small chance they could outdo the first quake.A major earthquake struck near California's coast on Thursday, and aftershocks are still ongoing.The 7.0-magnitude earthquake struck at about 10:44 a.m. Pacific Time. Its epicenter was offshore, about 62 miles west-southwest of Ferndale, California, according to data from the United States Geological Survey.The USGS website reported more than 35 smaller quakes across that area over the ensuing three hours, of magnitudes ranging from 2.5 to 4.7, including two quakes that occurred inland."There's been quite a lot of aftershocks," Harold Tobin, Washington's state seismologist and the director of the Pacific Northwest Seismic Network, told Business Insider. A screenshot from the USGS earthquakes map shows dozens of aftershocks clustered around the 7.0 earthquake on Thursday, as of 3:40 p.m. Pacific Time. USGS/Esri/HERE/Garmin/ OpenStreetMap contributors/the GIS user community As of Thursday afternoon,forecasts up to 130 aftershocks with a magnitude of 3 or higher within the next week, and a 53% chance of aftershocks larger than magnitude 5."It's perfectly plausible that there could be a larger aftershock or more than one larger aftershock," Tobin said.The USGS estimates the odds are 1 in 100 of an aftershock with a magnitude of 7 or greater.The fault that slippedThe fault region which produced the 7.0 earthquake is a very seismically active one.It's called the Mendocino triple junction because three different tectonic plates meet there: the Pacific, North American, and Juan de Fuca plates.It's right between two notorious earthquake zones, at the northern end of the San Andreas fault and the southern end of the Cascadia Subduction Zone. The CSZ has some of the planet's greatest seismic potential, capable of producing quakes as big as 9.0.The Mendocino triple junction, however, is less impressive."Somewhere in the magnitude sevens range is about as big as things seem to get out there," Tobin said.The region has produced five earthquakes of magnitude 7 or larger in the past century, according to USGS.The Thursday quake could have slightly increased the chance of other earthquakes along adjacent faults by increasing stress in those areas."It's unlikely that it had a really large, significant impact" on those fault systems, though, Tobin said. The odds are "not zero, but very low," he added.Tsunami scareThe initial quake triggered tsunami warnings and evacuations which have since been canceled along the coast of northern California to southern Oregon, including the San Francisco Bay Area.The warnings lasted about an hour. The National Tsunami Warning Center canceled them around 11:54 a.m. local time, saying there was no longer a threat.Most likely, the reason there was no tsunami is that the earthquake came from plates moving side-by-side against each other. This is called a strike-slip earthquake. Because the motion was mostly horizontal, and not vertical, it didn't push the ocean above upward to create a wave.Even so, the warning was "warranted," Tobin said."Until we know enough parameters of the earthquake and can verify whether there is or isn't an actual wave, it's wise to have those warnings," he added.Possible earthquake damageThe USGS also reported on X a "low likelihood of shaking-related fatalities. Some damage is possible and the impact should be relatively localized."Governor Gavin Newsom declared a state of emergency for three counties in Northern California which were near the offshore epicenter of the quake."We're concerned about damage," he said in a press briefing, adding that the declaration would allow the state to "provide more resources."According to CNN, about 10,000 homes and businesses in Humboldt County the area nearest the epicenter were without power immediately after the large quake. As of Thursday afternoon, though, PowerOutage.us reported fewer than 500 customers without power there.Newsom said that "early damage assessments are being made," but that the state had no additional information to share yet.This is a developing story, check back for more information.

15. Lexington, KentuckyLexington, Kentucky. Getty Images Population of the metro area: 320,154Median home price: $331,000Median monthly rent: $1,600Median household income: $66,392Climate Vulnerability Index: 58th percentile (average vulnerability). This index shows areas of the US most likely to face challenges from climate change.Known for: Home to over 450 horse farms, Lexington is known as the horse capital of the world. While it doesn't have the Kentucky Derby, Keeneland Race Track holds its own horse races twice a year. 14. Madison, WisconsinMadison, Wisconsin. Walter Bibikow/Getty Images Population of the metro area: 280,305Median home price: $415,000Median monthly rent: $1,700Median household income: $70,484Climate Vulnerability Index: 6th percentile (lowest vulnerability)Known for: Wisconsin's capital is also the state's second-largest city. Madison is a college town, offering plenty of chances to see concerts and sporting events. 13. Charleston, South CarolinaCharleston, South Carolina. f11photo/Shutterstock Population of the metro area: 155,369Median home price: $617,500Median monthly rent: $2,800Median household income: $89,083Climate Vulnerability Index: 55th percentile (average vulnerability)Known for: With its cobblestone streets and 18th- and 19th-century buildings, Charleston is a dream for historic-architecture buffs. Plus, miles of beachy coastline are just a short trip from downtown. 12. Green Bay, WisconsinGreen Bay, Wisconsin. DenisTangneyJr/Getty Images Population of the metro area: 105,744Median home price: $318,000Median monthly rent: $999Median household income: $66,950Climate Vulnerability Index: 15th percentile (lowest vulnerability)Known for: Wisconsin's oldest city is home to the Green Bay Packers, a storied NFL team. Nature lovers can make the most of Green Bay's 25-mile Fox River State Trail, even in the winter. 11. Sarasota, FloridaSarasota, Florida. Sean Pavone/Shutterstock Population of the metro area: 57,602Median home price: $488,500Median monthly rent: $2,800Median household income: $68,870Climate Vulnerability Index: 24th percentile (lower vulnerability)Known for: Sarasota earned the nickname the Circus City because Ringling Bros. and Barnum & Bailey Circus moved its winter quarters to the beachy town in 1927. These days, the weather, leisurely pace of life, and lack of income tax all attract people to Florida. Sarasota, in particular, has become a magnet for workers, according to a January LinkedIn report. 10. Boulder, ColoradoBoulder, Colorado. Page Light Studios/Shutterstock Population of metro area: 105,898Median home price: $945,000Median monthly rent: $2,995Median household income: $75,923Climate Vulnerability Index: 12th percentile (lowest vulnerability)Known for: Not far from the Rocky Mountains, Boulder is known for outdoorsy activities, including rock climbing, hiking, skiing, and cycling. The city's median age is 28.6, giving it a youthful, lively energy. 9. AustinAustin. Kruck20/Getty Images Population of metro area: 979,882Median home price: $484,900Median monthly rent: $2,000Median household income: $91,501Climate Vulnerability Index: 20th percentile (lower vulnerability)Known for: An artsy, contemporary city, Austin is known for its vibrant nightlife, live music, eclectic cuisine, and college scene. It also has a long history of attracting tech giants, and even more companies have opened offices there since the pandemic. West Coasters in the industry have moved to the city, lured by the booming job market and comparatively low cost of living. 8. Virginia Beach, VirginiaVirginia Beach, Virginia. Kyle J Little/Shutterstock Population of metro area: 453,649Median home price: $384,500Median monthly rent: $2,195Median household income: $91,141Climate Vulnerability Index: 18th percentile (lowest vulnerability)Known for: Boasting a beloved boardwalk, Virginia Beach has miles of beaches, delectable seafood, and a mild climate. Murals, museums, and shops in the ViBe Creative District give the seaside destination some arty flair, too. 7. Huntsville, AlabamaHuntsville, Alabama. Denis Tangney/Getty Images Population of metro area: 225,564Median home price: $315,000Median monthly rent: $1,465Median household income: $73,319Climate Vulnerability Index: 54th percentile (average vulnerability)Known for: Since the start of the US space program in the 1950s Huntsville has been a hub for the aerospace and defense industries. Today it's bursting with startups, alongside long-standing workplaces like NASA and Boeing. Jeff Bezos' Blue Origin also has a facility for building rocket engines in Huntsville. 6. Raleigh, North CarolinaRaleigh, North Carolina. Getty Images Population of metro area: 482,295Median home price: $450,000Median monthly rent: $1,826Median household income: $86,309Climate Vulnerability Index: 13th percentile (lowest vulnerability)Known for: This capital city has a busy downtown, free museums, and miles of hiking trails. Part of North Carolina's Research Triangle, Raleigh has a long history of fostering technology and science companies, creating a strong local economy. 5. Charlotte, North CarolinaCharlotte, North Carolina. Getty Images Population of the metro area: 911,311Median home price: $424,900Median monthly rent: $1,950Median household income: $80,581Climate Vulnerability Index: 35th percentile (lower vulnerability)Known for: Second only to New York, Charlotte is a bustling banking hub. Locals can root for the city's professional basketball, football, and soccer teams or soak up the art and food scenes. 4. Greenville, South CarolinaGreenville, South Carolina. Sean Pavone/Shutterstock Population of the metro area: 72,824Median home price: $366,500Median monthly rent: $1,725Median household income: $73,536Climate Vulnerability Index: 55th percentile (average vulnerability)Known for: In the foothills of the Blue Ridge Mountains, Greenville attracts new residents with its moderate climate, burgeoning food reputation, and natural beauty. Greenville is also home to several major corporations, including Michelin, GE, and Lockheed Martin. 3. Colorado Springs, ColoradoColorado Springs, Colorado. Jacob Boomsma/Getty Images Population of the metro area: 488,664Median home price: $440,000Median monthly rent: $1,873Median household income: $83,215Climate Vulnerability Index: 34th percentile (average vulnerability)Known for: The US Olympic and Paralympic Training Center is located in Colorado Springs, making the city especially attractive to athletes. There are hundreds of miles of trails for hiking and mountain biking, and white water rafting is a popular summer activity. From the Garden of the Gods to the iconic Pikes Peak, gorgeous natural sights adorn the area. 2. Boise, IdahoBoise, Idaho. vkbhat / Getty Images Population of the metro area: 235,421Median home price: $472,500Median monthly rent: $1,774Median household income: $79,977Climate Vulnerability Index: 9th percentile (lowest vulnerability)Known for: Thousands of new residents flocked to Idaho's capital in the past decade, making it the US's fastest-growing city in 2018. Boise blends sought-after amenities such as microbreweries and cider houses with nearby scenic state parks full of rivers, canyons, and mountains. 1. Naples, FloridaNaples, Florida Mint Images/Getty Ima Population of the metro area: 19,704Median home price: $629,500Median monthly rent: $6,100Median household income: $135,657Climate Vulnerability Index: 32nd percentile (lower vulnerability)Known for: Located on Florida's Gulf Coast, Naples is like a postcard come to life, with white-sand beaches, luxurious residences, and over 1,350 holes of golf. The city has long attracted wealthy residents who can afford the high housing costs. Right now a $295 million compound is up for grabs, the most expensive home for sale in the US.Sources: Population and income data are from the US Census, median home price from Realtor.com, median rent from Zillow, and climate information from the Climate Vulnerability Index.This story was originally published on May 15, 2024, and most recently updated on December 4.