Slashdot

"Android has a bit of a malware problem," argues Wired, noting that " malware-ridden apps sneak into the official Play Store with disappointing frequency..." "After grappling with the issue for a decade, Google is calling in some reinforcements." This week, Google announced a partnership with three antivirus firms -- ESET, Lookout, and Zimperium -- to create an App Defense Alliance. All three companies have done extensive Android malware research over the years, and have existing relationships with Google to report problems they find. But now they'll use their scanning and threat detection tools to evaluate new Google Play submissions before the apps go live -- with the goal of catching more malware before it hits the Play Store in the first place. "On the malware side we haven't really had a way to scale as much as we've wanted to scale," says Dave Kleidermacher, Google's vice president of Android security and privacy. "What the App Defense Alliance enables us to do is take the open ecosystem approach to the next level. We can share information not just ad hoc, but really integrate engines together at a digital level, so that we can have real-time response, expand the review of these apps, and apply that to making users more protected."

Read more of this story at Slashdot.

"YouTube has a huge problem right now," argues videogame streamer Markiplier. "People's accounts are being suspended without reason, without provocation, and their appeals to get it back are being denied without explanation." Engadget revisits "YouTube's occasionally questionable moderation" -- in this case, people being banned simply for using too many emojis (or "emotes") in their comments to videogame-streamer Markiplier during a YouTube-produced choose-your-own-adventure special. The service says it has reinstated legions of Markiplier fans' accounts after they were banned simply for spamming emotes (and not even to a great degree) while voting during a live playthrough of the interactive movie A Heist with Markiplier. Not all of the accounts have been restored, Markiplier said, but YouTube added that it was "looking into" both why human moderators denied appeals and how it might "prevent this in the future." The change of heart came after Markiplier (aka Mark Fischbach) posted a video illustrating both how trivial the bans were, examples of denied appeals and the consequences for some users. As he explained, this didn't just kick people out of chat. It affected entire Google accounts -- people lost videos, channel memberships or access to important services they needed, all because they spammed several emotes in one line. He also blasted YouTube for claiming that appeals were carefully reviewed, noting that there was at least one instance where someone succeeded with an appeal, and was almost immediately banned again for seemingly no reason... The incident highlights the complications and limitations of YouTube's approach to moderation. While the sheer size of YouTube virtually mandates some form of automated policing, it's not guaranteed to correctly interpret everything (especially if it's asked to be particularly strict).

Read more of this story at Slashdot.

An anonymous reader quotes the BBC: A US financial regulator has opened an investigation into claims Apple's credit card offered different credit limits for men and women. It follows complaints -- including from Apple's co-founder Steve Wozniak -- that algorithms used to set limits might be inherently biased against women. New York's Department of Financial Services has contacted Goldman Sachs, which runs the Apple Card. Any discrimination, intentional or not, "violates New York law", the Department of Financial Services said. The Bloomberg news agency reported on Saturday that tech entrepreneur David Heinemeier Hansson had complained that the Apple Card gave him 20 times the credit limit that his wife got. In a tweet, Mr Hansson said the disparity was despite his wife having a better credit score. Later, Mr Wozniak, who founded Apple with Steve Jobs, tweeted that the same thing happened to him and his wife despite their having no separate bank accounts or separate assets. Banks and other lenders are increasingly using machine-learning technology to cut costs and boost loan applications. But Mr Hansson, creator of the programming tool Ruby on Rails, said it highlights how algorithms, not just people, can discriminate. "Apple and Goldman Sachs have both accepted that they have no control over the product they sell," Hansson posted angrily on Twitter. "THE ALGORITHM is in charge now! "All humans can do is apologize on its behalf, and pray that it has mercy on the next potential victims."

Read more of this story at Slashdot.

"If you've gone shopping for a new laptop lately, you may notice something missing in all newer models regardless of make," writes Slashdot reader ikhider. There's no removable battery. Whether mainstream or obscure manufacturer, the fact that pretty much all of them are made in the same area denote a similar approach to soldering batteries in. While battery technology may have improved, it is not to the extent that they no longer need to be replaced. Premium retention of charges generally tend to deplete in about a year or so. This impacts the device mobility and necessitates replacement. Also, the practical use of having a backup battery if you need one cannot even be applied. While some high-end models may have better quality batteries, it does not replace popping in a fresh, new one. This leads to one conclusion, planned obsolescence.If you want your laptop to still be mobile when the battery fizzles out, forget about it. Buy new instead. Pick your manufacturer, even those famed for building 'tank' laptops that last forever, all you need is a fresh battery, upgrade the RAM, and a new HD or SSD and away you go. While the second hand market still has good models with replaceable batteries, it is only a matter of time before that too fizzles away. If you had a limited budget, you could still get a good, second-hand machine [in the past], but now you are stuck with the low end. Consumers need to make their case to manufacturers, for their own best interest to leverage the life of a machine on their own terms, not the manufacturers. Bring back the removable laptop battery.

Read more of this story at Slashdot.

Slashdot reader dryriver writes: More and more professional 3D software like 3DMax, Maya, AutoCAD (Autodesk) and Substance Painter (Adobe) is now only available on a monthly or yearly subscription basis — you cannot buy any kind of perpetual license for these industry standard 3D tools anymore, cannot offline install or activate the tools, and the tools also phone home every few days over the internet to see whether you have "paid your rent". Stop paying your rent, and the software shuts down, leaving you unable to even look at any 3D project files you may have created with software. This has caused so much frustration, concern and anxiety among 3D content creators that, increasingly, everybody is trying to replace their commercial 3D software with Open Source 3D tools. Thankfully, open source 3D tools have grown up nicely in recent years. Some of the most popular FOSS 3D tools are the complete 3D suite Blender, polygon modeling tool Wings 3D, polygon modeling tool Dust3D, CAD modeling tool FreeCAD, PBR texturing tool ArmorPaint, procedural materials generator Material Maker, image editing tool GIMP, painting tool Krita, vector illustration tool Inkscape and the 2D/3D game engine Godot Engine. Along with these tools comes a beguiling possibility — while working with commercial 3D tools pretty much forced you to use Windows X in terms of OS choice in the past, all of the FOSS 3D tool alternatives have Linux versions. This means that for the first time, professional 3D users can give Windows a miss and work with Linux as their OS instead. In a comment on the original submission, dryriver offers some anecdotal evidence: Go on any major 3D software forum on the Internet and it is filled with enraged 3D users revolting against forced software subscriptions and threatening to switch to FOSS Blender as soon as possible. Some major 3D animation studios are also working Blender into their CGI pipeline. Companies like EPIC and Nvidia have begun donating to the Blender foundation. Its happening. The move away from commercial closed source tools - which are expensive, stagnant and don't offer you permanent licenses anymore - is in full swing. The fact that Blender has an innovative GPU accelerated realtime render engine called EEVEE that none of the commercial software has has only accelerated this trend. Blender is widely believed to have 2 - 3 million active users already, and the fact that V 2.80 comes with a much more usable UI is only accelerating things.

Read more of this story at Slashdot.

An anonymous reader quotes TechCrunch: Two security researchers have been crowned the top hackers in this year's Pwn2Own hacking contest after developing and testing several high profile exploits, including an attack against an Amazon Echo. Amat Cama and Richard Zhu, who make up Team Fluoroacetate, scored $60,000 in bug bounties for their integer overflow exploit against the latest Amazon Echo Show 5, an Alexa-powered smart display. The researchers found that the device uses an older version of Chromium, Google's open-source browser projects, which had been forked some time during its development. The bug allowed them to take "full control" of the device if connected to a malicious Wi-Fi hotspot, said Brian Gorenc, director of Trend Micro's Zero Day Initiative, which put on the Pwn2Own contest... When reached, Amazon said it was "investigating this research and will be taking appropriate steps to protect our devices based on our investigation," but did not say what measures it would take to fix the vulnerabilities -- or when. The same researchers also compromised Sony and Samsung smart TVs, and the Xiaomi Mi9 smartphone, according to ZDNet, which also reports that "Nobody wanted a piece of the Facebook Portal, and nor did they want to hack Google's Home assistant. "Security researchers chose to go after the easier targets, like routers and smart TVs, known for running weaker firmware than what you'd usually find on a smart speaker or home automation hub."

Read more of this story at Slashdot.

"Darwin may have been wrong and 'protocells' forming near hydrothermal vents undersea may actually be responsible for the origin of life as we know it," writes Slashdot reader nickwinlund77. From the article: An experiment replicating the hot, alkaline conditions found at the vents saw the successful creation of protocells -- regarded as a vital basic building block for life... For the new study, the research team tried creating protocells with a mixture of different fatty acids and fatty alcohols which had not previously been tested... The research, published in the journal Nature Ecology & Evolution, even suggests that heat and alkalinity might be not just useful but essential for spawning living things... At the vents, seawater comes into contact with minerals from the planet's crust, reacting to create a warm, alkaline environment containing hydrogen. This process creates the mineral-rich chimneys with alkaline and acidic fluids, providing a source of energy that facilitates chemical reactions between hydrogen and carbon dioxide to form increasingly complex organic compounds. Some of the world's oldest fossils, discovered by a UCL-led team, originated at such underwater vents.... The researchers also pointed out that deep-sea hydrothermal vents are not unique to Earth. The study's lead author, Nick Lane, professor of evolutionary biochemistry at UCL, said: "Space missions have found evidence that icy moons of Jupiter and Saturn might also have similarly alkaline hydrothermal vents in their seas. While we have never seen any evidence of life on those moons, if we want to find life on other planets or moons, studies like ours can help us decide where to look."

Read more of this story at Slashdot.

"Microsoft's Bing search engine reportedly still served up child porn, nearly a year after the tech giant said it was addressing the issue," reports CNET: The news comes as part of a Saturday report in The New York Times that looks at what the newspaper says is a failure by tech companies to adequately address child pornography on their platforms.... [A] former Microsoft executive told the Times that it now looks as if the company is failing to use its own tools. The Times' Saturday report notes that 10 years ago, Microsoft helped create software called PhotoDNA that "can use computers to recognize photos, even altered ones, and compare them against databases of known illegal images." But, the Times said, Bing and other search engines that use Bing's results are serving up imagery that doesn't pass muster with PhotoDNA.... The Bing news is part of a larger story from the Times about how various tech companies are dealing with child porn on their platforms. The Times criticizes a tech industry which they say is looking the other way: Amazon, whose cloud storage services handle millions of uploads and downloads every second, does not even look for the imagery. Apple does not scan its cloud storage, according to federal authorities, and encrypts its messaging app, making detection virtually impossible. Dropbox, Google and Microsoft's consumer products scan for illegal images, but only when someone shares them, not when they are uploaded. And other companies, including Snapchat and Yahoo, look for photos but not videos, even though illicit video content has been exploding for years. (When asked about its video scanning, a Dropbox spokeswoman in July said it was not a "top priority." On Thursday, the company said it had begun scanning some videos last month.) The largest social network in the world, Facebook, thoroughly scans its platforms, accounting for over 90 percent of the imagery flagged by tech companies last year, but the company is not using all available databases to detect the material. And Facebook has announced that the main source of the imagery, Facebook Messenger, will eventually be encrypted, vastly limiting detection.

Read more of this story at Slashdot.

Microsoft is planning to bring its Defender antivirus to Linux systems next year, reports ZDNet: Microsoft announced the brand change from Windows Defender to Microsoft Defender in March after giving security analysts the tools to inspect enterprise Mac computers for malware via the Microsoft Defender console. Rob Lefferts, corporate vice president for Microsoft's M365 Security, told ZDNet that Microsoft Defender for Linux systems will be available for customers in 2020. In October TechSpot reported that Defender placed in the top 10 among all major antivirus programs, narrowly beating established software like Bitdefender, Kaspersky, and Mcafee with an online protection rate of 99.96%, according to testing by independent lab AV-Comparative.

Read more of this story at Slashdot.

ZDNet reports: In the never ending war between the chip giants, AMD has released a salvo by unveiling what are the world's most powerful desktop processors -- the new 24-core AMD Ryzen Threadripper 3960X and 32-core AMD Ryzen Threadripper 3970X... These 3rd-generation Ryzen Threadripper Processors are built using AMD's 7-nanometer "Zen 2" core architecture, and both chips feature 88 PCIe 4.0 lanes with extraordinary power efficiency. On the performanced front, AMD claims that the new 32-core Ryzen Threadripper 3970X offers up to 90 percent faster performance over the competition... This performance doesn't mean the chips are power-hungry either, with AMD claiming they deliver up to 66 percent better power efficiency compared to previous generation processors. The new chips do, however, need a new socket. The new socket is called sTRX4, which offers expansion for serious multi-GPU and NVMe arrays, quad channel DDR4, ECC support, and unlocked overclocking.... [T]hey both will be available starting Tuesday, November 19. Engadget reports: After getting some wins against Intel in the desktop enthusiast processor race, AMD is trying to run up the score with its latest model, the Ryzen 9 3950X. It has 16 cores/32 threads, a 3.5 Ghz base clock with up to 4.7 GHz boost (on two cores) and 105 watt power consumption (TDP), and costs $749, compared to $1,199 for Intel's 12-core i9-9920X. At the same time, AMD claims it outperforms the i9-9920X in gaming and even more so for content creation, where those extra cores can be best exploited. According to the company, it'll do some Adobe Premiere tasks up to 26 percent quicker than an i9-9920X, and 42 percent faster than an 8-core i9-9900K. Better still, the Ryzen 9 3950X delivers 2.34 times more performance per watt than its Intel counterpart, and consumes 173W of absolute wall power compared to 304W for the i9-9920X. The power figures alone could be decisive for creators who run multiple workstations for 3D animation and rendering... If $749 is $700 too much, AMD has another option -- the Athlon 3000G. The dual-core processor runs at 3.5Ghz, but AMD said it's "the only unlocked option in its segment," meaning you can push it to around 3.9Ghz. That'll boost its performance ahead of Intel's $73 Pentium G5400, AMD said. The Athlon 3000G will arrive November 19th for $49.

Read more of this story at Slashdot.

PC Magazine recently interviewed Janelle Shane, the optics research scientist and AI experimenter who authored the new book "You Look Like a Thing and I Love You: How Artificial Intelligence Works and Why It's Making the World a Weirder Place." At one point Shane explains why any "black box" AI can be a problem: I think ethics in AI does have to include some recognition that AIs generally don't tell us when they've arrived at their answers via problematic methods. Usually, all we see is the final decision, and some people have been tempted to take the decision as unbiased just because a machine was involved. I think ethical use of AI is going to have to involve examining AI's decisions. If we can't look inside the black box, at least we can run statistics on the AI's decisions and look for systematic problems or weird glitches... There are some researchers already running statistics on some high-profile algorithms, but the people who build these algorithms have the responsibility to do some due diligence on their own work. This is in addition to being more ethical about whether a particular algorithm should be built at all... [T]here are applications where we want weird, non-human behavior. And then there are applications where we would really rather avoid weirdness. Unfortunately, when you use machine-learning algorithms, where you don't tell them exactly how to solve a particular problem, there can be weird quirks buried in the strategies they choose. Describing a kind of worst-case scenario, Shane contributed to the New York Times "Op-Eds From the Future" series, channeling a behavioral ecologist in the year 2031 defending "the feral scooters of Central Park" that humanity had been co-existing with for a decade. But in the interview, she remains skeptical that we'll ever acheive real and fully-autonomous self-driving vehicles: It's much easier to make an AI that follows roads and obeys traffic rules than it is to make an AI that avoids weird glitches. It's exactly that problem -- that there's so much variety in the real world, and so many strange things that happen, that AIs can't have seen it all during training. Humans are relatively good at using their knowledge of the world to adapt to new circumstances, but AIs are much more limited, and tend to be terrible at it. On the other hand, AIs are much better at driving consistently than humans are. Will there be some point at which AI consistency outweighs the weird glitches, and our insurance companies start incentivizing us to use self-driving cars? Or will the thought of the glitches be too scary? I'm not sure. Shane trained a neural network on 162,000 Slashdot headlines back in 2017, coming up with alternate reality-style headlines like "Microsoft To Develop Programming Law" and "More Pong Users for Kernel Project." Reached for comment this week, Shane described what may be the greatest danger from AI today. "For the foreseeable future, we don't have to worry about AI being smart enough to have its own thoughts and goals. "Instead, the danger is that we think that AI is smarter than it is, and put too much trust in its decisions."

Read more of this story at Slashdot.

A new article at Motherboard remembers when the MIDI file format became the main way music was shared on the internet "for an incredibly short but memorable period of time..." [I]n the hunt for additional features, the two primary developers of web browsers during the era -- Microsoft and Netscape -- added functionality that made audio files accessible when loading websites, whether as background music or as embedded files with a dedicated player. Either way, it was one of the earliest examples of a plug-in that much of the public ran into -- even before Flash. In particular, Microsoft's Internet Explorer supported it as far back as version 1.0, while Netscape Navigator supported it with the use of a plug-in and added native support starting in version 3.0. There was a period, during the peak of the Geocities era, where loading a website with a MIDI file was a common occurrence. When Geocities was shut down in 2019, the MIDI files found on various websites during that time were collected by The Archive Team. The Internet Archive includes more than 51,000 files in The Geocities MIDI Collection. The list of songs, which can be seen here, is very much a time capsule to a specific era. Have a favorite song from 1998? Search for it in here, sans spaces, and you'll probably find it...! They sound like a musical time capsule, and evoke memories of a specific time for many web surfers of the era. "Even in an age of high-quality MP3s, the chintzy sounds of MIDI files resonate on the Web," writer Douglas Wolk wrote for Spin in 2000, immediately adding the reason: "They play on just about anything smarter than a Tupperware bowl, and they're also very small...." The thing that often gets lost with these compositions of popular songs done in MIDI format is that they're often done by people, either for purposes of running a sound bank (which might come in handy, for example, with karaoke), or by amateurs trying to recreate the songs they enjoy or heard on the radio.... [I]ts moment in the sun reflected its utility during a period of time when the demand for multimedia content from the internet was growing -- but the ability for computers to offer it up in a full-fat format was limited. (Stupid modems....) MIDI is very much not dead -- far from it. Its great strength is the fact that a MIDI-supporting iPad can communicate with some of the earliest MIDI-supporting devices, such as the Commodore 64. Using a browser plugin called Jazz-Plugin, their writer even re-discovered John Roache's Ragtime MIDI Library. "[I]t occurred to me that I should spend more time writing about one of the things that makes the Web so special -- labors of love. Unlike any medium before it, the Web gives people with unusual talents and interests a chance to share their passions with fellow enthusiasts -- and with folks like me who just happen to drop by."

Read more of this story at Slashdot.

"Although the JavaScript library jQuery is no longer as popular as it was, it is still widely used. As a result at least six in ten websites are impacted by jQuery XSS vulnerabilities," reports I Programmer: Even more security issues are introduced by the jQuery libraries used to extend jQuery's capabilities. These findings come from open source security platform, Snyk and are included in "The state of JavaScript frameworks security report 2019". While this report is mainly devoted to a security review of the two leading JavaScript frameworks, Angular and React, it takes a "sneak peek" into the security vulnerabilities in three other frontend JavaScript ecosystem projects - Vue.js, Bootstrap and jQuery. jQuery was downloaded more than 120 million times in the last 12 months, which is equivalent to the number of downloads for Vue.js (40 million) and Bootstrap (79 million) combined. Snyk reports that four vulnerabilities had been found for Vue.js, all of which have been fixed. Bootstrap contained seven cross-site scripting (XSS) vulnerabilities. Three of these were disclosed in 2019 and there are no security fixes or upgrade paths to avoid them. In the case of jQuery, Snyk tracked six security vulnerabilities affecting jQuery across all of its releases to date. Four are medium severity Cross-Site Scripting vulnerabilities, one is a medium severity Prototype Pollution vulnerability, and the final one is a low severity Denial of Service vulnerability. The report concludes that unless you are using jQuery 3.4.0 and above then you are using vulnerable jQuery versions.

Read more of this story at Slashdot.

Slashdot reader dryriver writes: Using a compressed disk drive or hard drive has been possible for decades now. But when you do this in software or the operating system, the CPU does the compressing and decompressing. Are there any hard drives or SSDs that can work compressed using their own built in hardware for this? I'm not talking about realtime video compression using a hardware CODEC chip -- this does exist and is used -- but rather a storage medium that compresses every possible type of file using its own compression and decompression realtime hardware without a significant speed hit. Leave your best thoughts and suggestions in the comments. Are there storage devices with hardware compressiong built in?

Read more of this story at Slashdot.

"Despite its own solvency concerns, NPM Inc on Tuesday deployed code changes that add a 'funding' command to the latest version of the npm command-line tool, namely v6.13.0," reports the Register: Henceforth, developers creating packages for the JavaScript runtime environment Node.js can declare metadata that describes where would-be donors can go to offer financial support. Doing so involves adding a funding field to package.json, a file that lists various module settings and dependencies. The funding field should be a URL that points to an online funding service, like Patreon, or payment-accepting website.... In a phone interview with The Register, NPM Inc co-founder and co-CTO Isaac Schlueter said: "The problem we're solving is open source projects need funding and there are very few ways people can get that information in front of people using their code...." Schlueter allowed that NPM Inc's funding mechanism may reward good marketers more than it rewards good developers. But he believes it will work against that. "One thing nice about this approach is that it does take some of the marketing skill out of the equation," he said. "Because all you really have to do is set up a payment URL and then put that in your packages. You don't have to craft the message expertly, you'll show up on that list at the end of the install." "At the end of August, we made a promise to the community to invest time & effort to better support package maintainers," explains an announcement on the NPM blog. "This work is just the first, small step toward creating a means/mechanism for a more sustainable open source development ecosystem."

Read more of this story at Slashdot.

itwbennett writes: Security researcher Chris Kubecka has identified (and reported to Boeing and the Department of Homeland Security back in August) a number of security vulnerabilities in Boeing's networks, email system, and website. "[T]he company's failure to remedy the security failures she reported demonstrate either an unwillingness or inability to take responsibility for their information security," writes JM Porup for CSO online. The vulnerabilities include a publicly exposed test developer network, a lack of encryption on the boeing.com website, failure to use DMARC for email security, and, perhaps most notably, an email server infected with malware. For its part, Boeing says that the vulnerabilities Kubecka reported are "common IT vulnerabilities — the type of cyber-hygiene issues thousands of companies confront every day" and that the company has "no indication of a compromise in any aviation system or product that Boeing produces." What Porup's reporting and Kubecka's research clearly shows, however, is how poor information security practices can become aviation security risks.

Read more of this story at Slashdot.

"The hit programming language Python has climbed over once-dominant Java to become the second most popular language on Microsoft-owned open-source code-sharing site GitHub," reports ZDNet: Python now outranks Java based on the number of repository contributors, and by that metric Python is now second only to JavaScript, which has been in top spot since 2014, according to GitHub's 'State of the Octoverse' report for 2019... Another interesting aspect of GitHub's report is its ranking of fastest-growing languages. Google's Dart programming language and Flutter, for building UIs for iOS and Android apps, are getting major traction with developers on GitHub. Dart was the fastest-growing language between 2018 and 2019, with usage up a massive 532%. It was followed by the Mozilla-developed Rust, which grew a respectable 235%. Microsoft is experimenting with Rust in its Windows code base because it was designed to address memory-related security bugs -- the dominant flaw-type in Microsoft software over the past decade. Last year Kotlin, the Google-endorsed programming language for Android app development, was the fastest-growing language on GitHub. It's not a top-10 language yet, but it still grew 182% over the year. Microsoft-backed TypeScript, its superset of JavaScript, is also growing fast, up 161% over the past year as more developers use it to grapple with large-scale JavaScript apps. Other languages making up the top 10 fastest-growing category are HCL, PowerShell, Apex, Python, Assembly, and Go.

Read more of this story at Slashdot.

Long-time Slashdot reader taiwanjohn shared this article from Live Science: The mind-bending calculations required to predict how three heavenly bodies orbit each other have baffled physicists since the time of Sir Isaac Newton. Now artificial intelligence (A.I.) has shown that it can solve the problem in a fraction of the time required by previous approaches. Newton was the first to formulate the problem in the 17th century, but finding a simple way to solve it has proved incredibly difficult. The gravitational interactions between three celestial objects like planets, stars and moons result in a chaotic system -- one that is complex and highly sensitive to the starting positions of each body. Current approaches to solving these problems involve using software that can take weeks or even months to complete calculations. So researchers decided to see if a neural network -- a type of pattern recognizing A.I. that loosely mimics how the brain works -- could do better. The algorithm they built provided accurate solutions up to 100 million times faster than the most advanced software program, known as Brutus. That could prove invaluable to astronomers trying to understand things like the behavior of star clusters and the broader evolution of the universe, said Chris Foley, a biostatistician at the University of Cambridge and co-author of a paper to the arXiv database, which has yet to be peer-reviewed.

Read more of this story at Slashdot.

schwit1 tipped us off to an interesting new study. Newsweek reports: Babies of women who took acetaminophen -- a common painkiller marketed in the U.S. under the brand name Tylenol -- near the end of pregnancy had a higher likelihood of being diagnosed with autism spectrum disorders or with attention deficit hyperactivity disorder (ADHD), according to a study published in JAMA Psychiatry. The study, conducted by researchers from the Johns Hopkins University Bloomberg School of Public Health, cross referenced blood samples taken from the mother after the baby's birth and samples taken from the babies' umbilical cords, which were used to assess how much acetaminophen the mother had ingested. A mother-to-be who takes Tylenol during their pregnancy is liable to have some of the medication reach a developing fetus, as the drug has been demonstrated to cross the placenta, according to United Press International (UPI). The children involved in the study were reexamined when they were around 10 years old. Researchers found that those children whose umbilical cords had contained higher levels of acetaminophen were significantly more likely to have an autism spectrum disorder or ADHD than the children who did not appear to have been exposed to acetaminophen in utero. According to UPI's analysis of the findings, "the odds of these developmental disorders were more than twice as high in children exposed to acetaminophen near the time of birth. The association was strongest between exposure to acetaminophen and ADHD in the child."

Read more of this story at Slashdot.

Remember last month when "an international collaboration of researchers" suggested there was no reason to reduce consumption of red meat? Here's a response from Frank Hu, chairman of the Nutrition Department at the Harvard T.H. Chan School of Public Health: The recent guidelines published in the Annals of Internal Medicine should not change existing recommendations on healthy and balanced eating patterns for the prevention of chronic diseases. Guidance to reduce red and processed meats is based on a large body of evidence indicating that higher consumption of red meat -- especially processed red meat -- is associated with higher risk of Type 2 diabetes, cardiovascular disease, certain types of cancers, and premature death. While this guidance is supported by both national and international organizations, including the American Heart Association, American Cancer Society, and the World Health Organization, consumers should know that the new guidelines were released by a self-selected panel of 14 members. Furthermore, when my colleagues and I closely reviewed the studies informing the panel's decision, we saw that their findings contradicted their guidance. In short, the three meta-analyses of observational studies actually confirmed existing evidence on the potential for health benefits when cutting back on red and processed meats. However, because they based their analysis on a measure of three servings of red meat per week, the effects of an individual reducing consumption appeared small. But if you consider that about a third of U.S. adults eat one serving or more of red meat each day, the potential health benefits of reducing consumption become much greater... [N]utrition research is complex, and rarely do [its findings] reverse so abruptly. That's why it's so important to look beyond the headlines at the quality of the evidence behind the claims. Still, the publication of these new guidelines in such a prominent medical journal is unfortunate as it risks further harm to the credibility of nutrition science, eroding public trust in research as well as the recommendations they ultimately inform.

Read more of this story at Slashdot.