Attention, slackers — if you do remote work for a financial institution, using a mouse jiggler might not be the best career move. That’s what a dozen people learned this week as they became former employees of Wells Fargo after allegedly being caught “simulating keyboard activity” while working remotely. Having now spent more than twice as many years working either hybrid or fully remote, we get it; sometimes, you’ve just got to step away from the keyboard for a bit. But we’ve never once felt the need to create the “impression of active work” during those absences. Perhaps that’s because we’ve never worked in a regulated environment like financial services.

For our part, we’re curious as to how the bank detected the use of a jiggler. The linked article mentions that regulators recently tightened rules that require employers to treat an employee’s home as a “non-branch location” subject to periodic inspection. More than enough reason to quit, in our opinion, but perhaps they sent someone snooping? More likely, the activity simulators were discovered by technical means. The article contains a helpful tip to avoid powering a jiggler from the computer’s USB, which implies detecting the device over the port. Our guess is that Wells tracks mouse and keyboard activity and compares it against a machine-learning model to look for signs of slacking.

Speaking of the intersection of soulless corporate giants and AI, what’s this world coming to when AI walks you right into an online scam? That’s what happened to a Canadian man recently when he tried to get help moving Facebook to his new phone. He searched for a customer service number for Facebook and found one listed, but thought it would be wise to verify the number. So he pulled up the “Meta AI”-powered search tool in Facebook Messenger and asked if the number was legit. “No problem,” came the reply, so he called the number and promptly got attacked by the scammers on the other end, who within minutes used his PayPal account to buy $500 worth of Apple gift cards. From the sound of it, the guy did everything he should have to protect himself, at least up to a point. But when a company’s chatbot system gives you bad information about their own customer support, things like this are going to happen.

Just a reminder that we’re deep into con season now. Open Sauce should be just about wrapped up by the time this gets published, and coming up the week after is Teardown 2024 in Portland. The schedule for that has been released, which includes a workshop on retrocomputing with the “Voja4” Supercon badge. A little further on into the summer and back on the East Coast will be HOPE XV, which still has some tickets left. The list of speakers for that one looks pretty good, as does the workshop roundup.

And finally, if you have some STL models in need of a little creative mutilation, try out this STL twister online tool. It’s by our friend [Andrew Sink], who has come up with a couple of other interesting 3D tools, like the Banana for Scale tool and the 3D Low-Poly Generator. The STL Twister does pretty much what it says and puts the screws to whatever STL model you drop on it. The MakerBot Gnome mascot that pops up by default is a particularly good model for screwifying. Enjoy!

If there was one question we heard most often this week, it was “Did you see it?” With “it” referring to the stunning display of aurora borealis — and australis, we assume — on and off for several days. The major outburst here in North America was actually late last week, with aurora extending as far south as Puerto Rico on the night of the tenth. We here in North Idaho were well-situated for prime viewing, but alas, light pollution made things a bit tame without a short drive from the city lights. Totally worth it:

Hat tip to Tom Maloney for the pics. That last one is very reminiscent of what we saw back in 1989 with the geomagnetic storm that knocked Québec’s grid offline, except then the colors were shifted much more toward the red end of the spectrum back then.

Despite this being the strongest solar storm in almost 20 years, the damage was nearly non-existent, with reports limited to minor power grid disturbances and some GPS and satellite outages. Starlink service was reportedly impacted, but luckily no satellites deorbited, a distinct possibility for recently launched satellites still in lower orbits due to increased atmospheric drag. Still, it feels like we dodged a cosmic bullet here, and if you have any doubt about that, check this out — it’s a comparison of the sunspot group that just got us with the Carrington Event sunspots from 1859. What a difference a few degrees of latitude makes.

From the “Not Everything Needs to be IoT” files comes a story about the perils of security as an afterthought. The condensed version: tech journalist Kevin Purdy’s new home came with a Rinnai tankless water heater. He hooked up the Rinnai Control-R WiFi module to control the appliance remotely from a smartphone app, and as any good home automation geek would, eventually tried integrating it into Home Assistant. But then he discovered that for an early version of Control-R, there was absolutely no security on the company’s cloud service, making it possible to control any connected Rinnai water heater knowing nothing more than the user’s email address. No auth tokens, no passwords, nothing. Rinnai seems to have added authentication to their newer Rinnai Central system, but the whole story is worth a read, not least for the weaselly responses from Rinnai through a PR firm.

If you thought Clippy, the annoying animated desktop assistant from the bad old days of Microsoft Office 97, had died a well-deserved death in obscurity, think again. Clippy is back, this time as a wise-cracking assistant in an open-source tool called Winpilot, which is designed to eliminate bloatware and turn off annoying defaults in Windows 11. The irony of including an icon of annoyance in an application designed to make your user experience less annoying is rich indeed. It’s not really clear how Winpilot’s author, Belmin Hasanovic, is getting away with using Clippy; we’d have thought Microsoft would protect their IP a little more vigorously, especially when it says things like, “You know something, champ? This is bullsh*t. I started this gig in ’97. My ultimate goal was to take over Bill Gates job.”

The list of announced talks for HOPE XV keeps growing. It’s hard to say how many talks were added since last week, but it looks like a lot. Better get your proposals in soon if you want to have a chance at a talk.

And finally, we’ve featured the work of Montana wheelwright Dave Engels before, specifically the process of shrink-fitting iron tires onto the massive wooden wheels he builds for things like timber carts and borax wagons. The whole thing is a ballet of fire, steel, wood, smoke, steam, and people, and never fails to entertain. But giant wheels aren’t the only thing Engels works on, and some of the smaller wheels have pretty interesting processes behind them too. Fitting rubber tires to cart wheels is a perfect example, and one with a lot of surprises. We had no idea that these tires have steel wires running through them, to keep them firmly seated on the wooden wheel, which also has a shrink-fit steel rim. The machine that tensions the wires while compressing the rubber is fascinatingly complex, too. We were also taken by the parallels between this machine and a modern tire machine, as well as the clear lineage between solid rubber buggy wheels and modern pneumatic tires.