IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Tuesday, 17 April

06:57

Rambus launches fully programmable secure processing core Help Net Security

At RSA Conference 2018, Rambus announced the availability of the CryptoManager Root of Trust (CMRT), a fully programmable hardware security core built with a custom RISC-V CPU. The secure processing core creates a siloed architecture that isolates and secures the execution of sensitive code, processes and algorithms from the primary processor. This mitigates the risk of critical vulnerabilities like the recent Meltdown and Spectre security flaws and allows designers to optimize the primary processor for More

The post Rambus launches fully programmable secure processing core appeared first on Help Net Security.

06:06

Third-party and insider threats one of the biggest concerns to IT pros Help Net Security

External threats are not the main concern for IT professionals, but rather breaches that are linked to vulnerabilities caused by staff or third-party vendors operating within an organizations own network, Bomgars 2018 Privileged Access Threat Report reveals. In fact, 50% of organizations claimed to have suffered a serious information security breach or expect to do so in the next six months, due to third-party and insider threats up from 42% in 2017. Additionally, 66% More

The post Third-party and insider threats one of the biggest concerns to IT pros appeared first on Help Net Security.

05:20

Free Qualys services give orgs visibility of their digital certs and cloud assets Help Net Security

Qualys announced two new free groundbreaking services: CertView and CloudView. Harnessing the power and scalability of the Qualys Cloud Platform, Qualys CertView and CloudView enable organizations of all sizes to gain such visibility by helping them create a continuous inventory and assessment of their digital certificates, cloud workloads and infrastructure that is integrated into a single-pane view of security and compliance. Qualys CertView CertView helps customers inventory and assess certificates and underlying SSL/TLS configurations and More

The post Free Qualys services give orgs visibility of their digital certs and cloud assets appeared first on Help Net Security.

05:00

Moxa plugs serious vulnerabilities in industrial secure router Help Net Security

A slew of serious vulnerabilities in the Moxa EDR-810 series of industrial secure routers could be exploited to inject OS commands, intercept weakly encrypted or extract clear text passwords, expose sensitive information, trigger a crash, and more. Moxa EDR-810 series flaws The existence of the flaws has been revealed when the Cisco Talos team published a post detailing them on Friday. The good news is that theyve all been fixed, and Moxa is urging users More

The post Moxa plugs serious vulnerabilities in industrial secure router appeared first on Help Net Security.

03:14

Your Android phone says its fully patched, but is it really? Help Net Security

How do fully-maintained (i.e., patched) Android phones end up getting exploited? Searching for an answer to that question spurred security researchers to analyze thousands of Android firmwares for the presence of hundreds of patches. Their research led to an unwelcome discovery: most Android vendors regularly forget to include some patches in the security updates provided to users. The research Security Research Labs researchers Jakob Lell and Karsten Nohl explained how they went about making the More

The post Your Android phone says its fully patched, but is it really? appeared first on Help Net Security.

01:24

Shutdown rumors of Fortnite Battle Royale sparks panic among fans TechWorm

Fake News: Fortnite Battle Royale Isnt Shutting Down

Fortnite fans have been going through anxious moments for the last few days. It started last week when Fortnite Battle Royale, one of the most popular video games on the planet, was offline for most of the day (Thursday, April 12, 2018) due to emergency maintenance downtime. This made many fans to believe rumors of the game closing down leading to massive wave of panic.

This panic was further fueled when a screenshot of an alleged tweet from the official Fortnite account started doing the rounds online that it is ending Battle Royale due to a copyright infringement lawsuit from a competitor.

Due to the law suit against PubG on copyright infringement. We are sorry to inform you that Fortnite Battle Royale Will be coming to an end May 24, 2018. Save the world will still be in development and we will roll out ASAP. Thank you all for the support, the tweet dated April 10, 2018 said.

Thankfully, Fortnite game lovers can breathe a sigh of relief as all those rumors of Battle Royale shutting down is completely false.

There are three reasons for us to believe that the tweet is a hoax. Firstly, the tweet dated April 10 like the one above does not show up in the official Fortnite Twitter account feed nor any other social media accounts. Secondly, the incorrect grammar and spelling plus formatting inconsistencies (such as PUBG is incorrectly mentioned as PUBG) can be noticed in the entire tweet. Finally, Epic Games has not made any official announcement about Fortnites termination. In fact, Fortnites Twitter account has been posting about future updates to the game, and not about ending it.

All those Fortnite fans out there do not fear, as the tweet is likely a hoax. In fact, Fortnite is now back online after Epic Games had briefly shutdown the servers for some emergency maintenance. So, what are you waiting for? Be ready to jump out of the Battle Bus again!!!

Source: Forbes

The post Shutdown rumors of Fortnite Battle Royale sparks panic among fans appeared first on TechWorm.

01:12

Security researchers sinkholed EITest infection chain Help Net Security

Security researchers have managed to neutralize EITest, one of the oldest infection chains and thus preventing as many as two million potential malicious redirects a day. About EITest EITest relied on compromised websites mostly WordPress-based, but also using other CMSes to direct users to exploit kit landing pages and social engineering schemes, which then delivered a wide variety of malware. It has been in use, on and off, since at least 2011. Shortly More

The post Security researchers sinkholed EITest infection chain appeared first on Help Net Security.

01:08

New Class of Antibiotics Discovered: Odilorhabdins; IBM Uses Synthetic Polymers to Kill Bacteria SoylentNews

A new class of antibiotics to combat drug resistance

Called odilorhabdins, or ODLs, the antibiotics are produced by symbiotic bacteria found in soil-dwelling nematode worms that colonize insects for food. The bacteria help to kill the insect and, importantly, secrete the antibiotic to keep competing bacteria away. Until now, these nematode-associated bacteria and the antibiotics they make have been largely understudied.

[...] UIC's Alexander Mankin and Yury Polikanov are corresponding authors on the study and led the research on the antibiotic's mechanism of action. They found that ODLs act on the ribosome the molecular machine of individual cells that makes the proteins it needs to function of bacterial cells. "Like many clinically useful antibiotics, ODLs work by targeting the ribosome," said Polikanov, assistant professor of biological sciences in the UIC College of Liberal Arts and Sciences, "but ODLs are unique because they bind to a place on the ribosome that has never been used by other known antibiotics."

Odilorhabdins, Antibacterial Agents that Cause Miscoding by Binding at a New Ribosomal Site (DOI: 10.1016/j.molcel.2018.03.001) (DX)

Meanwhile, an IBM research team has designed a polymer that can target at least five types of drug-resistant bacteria:

Earlier versions of synthetic polymers created problems because they essentially exploded the bacteria, releasing dangerous toxins into the bloodstream. While other scientists are researching different approaches to avoid resistance, most involve finding new molecules or proteins. IBM's synthetic molecule employs a completely different strategy.

It carries a negative electrical charge, so is drawn like a magnet to the positively charged surfaces of infectious cells. Then it binds to the cell, pierces the membrane, enters it and turns the inner liquid contents into solids. The new ninja polymer kills bacteria so quickly, they don't have time to mutate.

The eventual goal, said Hedrick, is to create an entirely new class of therapeutics that could treat a spectrum of infectious diseases with a single mechanism without the onset of resistance.

Also at IBM.

A macromolecular approach to eradicate multidrug resistant bacterial infections while mitigating drug resistance onset (open, DOI: 10.1038/s4...

01:05

01:03

Elon Musks latest SpaceX idea involves a party balloon and bounce house Lifeboat News: The Blog

Elon Musk took to Twitter Sunday night to announce a new recovery method for an upper stage SpaceX rocket. A balloon a giant party balloon to quote him directly will ferry part of a rocket to a bounce house. Seriously.

If anyone else proposed this idea they would be ignored, but Elon Musk lately has a way of turning crazy ideas into reality.

It was just in 2012 that SpaceX launched and landed its first rocket and now the company is doing it with rockets significantly larger. And then early this year SpaceX made a surprise announcement that it would attempt to use a high-speed boat and large net to catch part of rocket. And it worked after a failed first attempt.

01:03

Huge solar tornadoes dont spin after all, study shows Lifeboat News: The Blog

Giant plasma tornadoes raging across the surface of the sun dont actually spin like astronomers once thought, new research shows.

Massive solar tornadoes, formally known as tornado prominences, which were first observed about 100 years ago, seemed to bear a striking resemblance to tornadoes on Earth. These gigantic structures each one several times the size of Earth are made of hot, flowing gas and tangled magnetic field lines, ultimately driven by nuclear reactions in the solar core.

However, using a method known as the Doppler effect, scientists have precisely measured the speed of the moving plasma, as well as its direction, temperature and density, revealing that twisters on the sun do not rotate like earthbound tornadoes do, according to a statement from the European Week of Astronomy and Space Science (EWASS) conference. [Secrets of Sun Super-Tornadoes Revealed (Gallery)].

01:02

We are going to have lung cancer patients living longer and better: A new kind of cancer treatment is about to change how we treat the disease Lifeboat News: The Blog

Cancer-drug makers found that using immunotherapy in combination with other drugs did a better job of treating lung cancer than chemotherapy alone.

01:02

Flaxseed-like particles can now grow bone, cartilage tissues for humans Lifeboat News: The Blog

Human stem cells have shown potential in medicine as they can transform into various specialized cell types such as bone and cartilage cells. The current approach to obtain such specialized cells is to subject stem cells to specialized instructive protein molecules known as growth factors. However, use of growth factors in the human body can generate harmful effects including unwanted tissue growth, such as a tumor.

Researchers at Texas A&M University have explored a new class of clay nanoparticles that can direct to become bone or .

Dr. Akhilesh Gaharwar, an assistant professor in the Department of Biomedical Engineering, and his students have demonstrated that a specific type of two-dimensional (2-D) nanoparticles, also known as nanosilicates, can grow bone and cartilage tissue from stem cells in the absence of . These nanoparticles are similar to flaxseed in shape, but 10 billion times smaller in size. Their work, Widespread changes in transcriptome profile of human induced by two-dimensional nanosilicates, has been published in Proceedings of the National Academy of Sciences this week.

01:02

The Planet That Took Us Beyond the Solar System Lifeboat News: The Blog

An unusual discovery in the 1990s paved the way for space telescopes to spot thousands of exoplanets.

00:43

Vulkan 1.1.73 Released With Fixes Phoronix

Vulkan 1.1.73 is out as the latest minor refinement since last month's big Vulkan 1.1 update...

00:41

Hackers attack Casinos fish tank thermometer to obtain sensitive data HackRead

By Waqas

The Internet of Things (IoT) has transformed the way we

This is a post from HackRead.com Read the original post: Hackers attack Casinos fish tank thermometer to obtain sensitive data

00:22

Psst! A whispering gallery for light boosts solar cells Lifeboat News: The Blog

The consists of thousands of tiny glass beads, only about one-hundredth the width of a human hair. When sunlight hits the coating, the waves are steered around the nanoscale bead, similar to the way sound waves travel around a curved wall such as the dome in St. Pauls Cathedral in London. At such curved structures, known as acoustic whispering galleries, a person standing near one part of the wall easily hears a faint sound originating at any other part of the wall.

Whispering galleries for light were developed about a decade ago, but researchers have only recently explored their use in solar-cell coatings. In the experimental set up devised by a team including Dongheon Ha of NIST and the University of Marylands NanoCenter, the light captured by the nanoresonator coating eventually leaks out and is absorbed by an underlying solar cell made of gallium arsenide.

00:22

Using Peptides to Regrow Human Teeth Lifeboat News: The Blog

Researchers at the University of Washington have developed a product that uses peptides to promote the regrowth of tooth enamel in order to treat dental cavities.

An end to tooth decay?

There are multiple regenerative medicine approaches being developed to combat tooth decay; for example, earlier this year, we discussed a method that uses gsk3 antagonists to spur the regeneration of teeth. This is a similar approach that is showing promising results.

00:15

Cybercriminals Hijack Router DNS to Distribute Android Banking Trojan The Hacker News

Security researchers have been warning about an ongoing malware campaign hijacking Internet routers to distribute Android banking malware that steals users' sensitive information, login credentials and the secret code for two-factor authentication. In order to trick victims into installing the Android malware, dubbed Roaming Mantis, hackers have been hijacking DNS settings on vulnerable and

00:01

Two-Cent Temperature Sensors Hackaday

When they need to add temperature control to a project, many hackers reach for a K-type thermocouple for their high-temperature needs, or an integrated temperature-sensing IC when it doesnt get that hot. The thermocouple relies on very small currents and extremely high gain, and you pretty much need a dedicated IC to read it, which can be expensive. The ICs arent as expensive, but theyre basically limited to boiling water. What do you do if you want to control a reflow oven?

Theres a cheaper way that spans a range between Antarctic winter and molten solder, and youve probably already got the parts on your shelf. Even if you dont, its only going to run you an extra two cents, assuming that youve already got a microcontroller with an ADC in your project. The BOM: a plain-vanilla diode and a resistor.

Ive been using diodes as temperature sensors in three projects over the last year: one is a coffee roaster that brings the beans up to 220 C in hot air, another is a reflow hotplate that tops out around 210 C, and the third is a toner-transfer iron that holds a very stable 130 C. In all of these cases, I dont really care about the actual numerical value of the temperature all that matters is reproducibility ...

00:00

Linux Foundation LFCS: James Medeiros

Title: 
Linux Foundation LFCS: James Medeiros

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Monday, 16 April

23:38

[$] The second half of the 4.17 merge window LWN.net

By the time the 4.17 merge window was closed and 4.17-rc1 was released, 11,769 non-merge changesets had been pulled into the mainline repository. 4.17 thus looks to be a typically busy development cycle, with a merge window only slightly more busy than 4.16 had. Some 6,000 of those changes were pulled after last week's summary was written. There was a lot of the usual maintenance work in those patches (over 10% of those changes were to device-tree files, for example), but also some more significant changes.

23:36

Colorado Teachers Plan Walkout for Monday April 16 SoylentNews

Common Dreams reports

Colorado's teachers' union expects more than 400 teachers at a rally that's planned for Monday at the state's Capitol in Denver.

[...] Englewood School District, outside the capital city, announced on Sunday that schools would be closed the following day as 70 percent of its teachers had indicated they wouldn't be working Monday. It was unclear on Sunday whether more school districts would be closing.

"We are calling Monday, April 16th a day of action", Kerrie Dallman, president of the Colorado Education Association (CEA), told KDVR in Denver.

[...] According to[1] KMGH in Denver, "The CEA estimates that teachers spend on average $656 of their own money for school supplies for students." The state's teacher salaries rank 46th out of 50, with educators making an average of $46,000 per year.

Public schools are underfunded by $828 million this year, Dallman told the Post, and lawmakers have said they could inject at least $100 million more into schools--but they have yet to do so.

[...] The planned protest follows a trend that was seen in West Virginia and Kentucky before moving west this month to Oklahoma and Arizona as well as Colorado. In all the states where teachers have walked out and rallied at their Capitols, teachers have reported paying for school supplies out of pocket, working second and third jobs to make ends meet, and coping with funding shortages while their legislators hand out tax cuts to corporations.

...

23:23

1-in-4 orgs using public cloud has had data stolen Help Net Security

McAfee has polled 1,400 IT professionals across a broad set of countries (and continents), industries, and organization sizes and has concluded that lack of adequate visibility and control is the greatest challenge to cloud adoption in an organization. However, the business value of the cloud is so compelling that some organizations are plowing ahead. Cloud services nearly ubiquitous According to the survey, the results of which have been unveiled at RSA Conference 2018, 97 percent More

The post 1-in-4 orgs using public cloud has had data stolen appeared first on Help Net Security.

22:45

Mainline Linux Kernel Almost Ready For Finally Supporting Unprivileged FUSE Mounts Phoronix

While the Linux 4.17 merge window officially closed yesterday with the release of Linux 4.17-rc1, FUSE maintainer Miklos Szeredi is now trying to get his changes added...

22:35

Notes on setting up Raspberry Pi 3 as WiFi hotspot Errata Security

I want to sniff the packets for IoT devices. There are a number of ways of doing this, but one straightforward mechanism is configuring a "Raspberry Pi 3 B" as a WiFi hotspot, then running tcpdump on it to record all the packets that pass through it. Google gives lots of results on how to do this, but they all demand that you have the precise hardware, WiFi hardware, and software that the authors do, so that's a pain.


I got it working using the instructions here. There are a few additional notes, which is why I'm writing this blogpost, so I remember them.
https://www.raspberrypi.org/documentation/configuration/wireless/access-point.md


Some things didn't work as described. The first is that it couldn't find the package "hostapd". That solution was to run "apt-get update" a second time.

The second problem was error message about the NAT not working when trying to set the masquerade rule. That's because the 'upgrade' updates the kernel, making the running system out-of-date with the files on the disk. The solution to that is make sure you reboot after upgrading.

Thus, what you do at the start is:

apt-get update
apt-get upgrade
apt-get update
shutdown -r now

Then it's just "apt-get install tcpdump" and start capturing on wlan0. This will get the non-monitor-mode Ethernet frames, which is what I want.


22:15

Talos experts found many high severity flaws in Moxa EDR-810 industrial routers Security Affairs

Security experts at Ciscos Talos group have discovered a total of 17 vulnerabilities in Moxa EDR-810 industrial routers manufactured by Moxa.

The Moxa EDR-810 is an integrated industrial multiport router that implements firewall, NAT, VPN and managed Layer 2 switch capabilities.

These devices are used in industrial environments to protect systems such as PLC and SCADA systems in factory automation and DCS in oil and gas organizations.

Today, Talos is disclosing several vulnerabilities that have been identified in Moxa EDR-810 industrial secure router. reads the security advisory published by Talos.

Moxa EDR-810 is an industrial secure router with firewall/NAT/VPN and managed Layer 2 switch functions. It is designed for Ethernet-based security applications in remote control or monitoring networks. Moxa EDR-810 provides an electronic security perimeter for the protection of critical assets such as pumping/ treatment systems in water stations, DCS systems in oil and gas applications, and PLC/SCADA systems in factory automation.

Researchers have discovered many high severity command injection vulnerabilities (CVE-2017-12120, CVE-2017-12121, CVE-2017-12125, CVE-2017-14432 to 14434) affecting the web server functionality.

Some of the issues discovered by Cisco Talos team could allow an attacker to escalate privileges and obtain a root shell on the target Moxa EDR-810 devices by simply sending specially crafted HTTP POST requests.

TALOS-2017-0472 is an exploitable command injection vulnerability that exists in the web server functionality of Moxa EDR-810. A specially crafted HTTP POST can cause a privilege escalation resulting in attacker having access to a root shell. reads the description for the CVE-2017-12120 flaw.

An attacker may be able to inject OS commands into the ifs= parm in the /goform/net_WebPingGetValue uri to trigger this vulnerability and take control over the targeted device.

Similar is the CVE-2017-12121 that resides in the web server functionality of Moxa EDR-810.

A specially crafted HTTP POST can cause a privilege escalation resulting in attacker having access to a root shell. An attacker can inject OS commands into the rsakey\_name= parm in the /goform/WebRSAKEYGen uri to trigger this vulnerability and take control over the targeted device. continues the analysis published by Talos.

...

22:05

Real-time detection of consumer IoT devices participating in DDoS attacks Help Net Security

Could we detect compromised consumer IoT devices participating in a DDoS attack in real-time and do someting about it? A group of researchers Princeton University have presented some encouraging results showing that the first part of that equation can be relatively easily solved. As IoT traffic is often distinct from that of other Internet connected devices and as machine learning has proved promising for identifying malicious Internet traffic, they decided to use these facts to More

The post Real-time detection of consumer IoT devices participating in DDoS attacks appeared first on Help Net Security.

22:00

MinerEye introduces AI-powered Data Tracker Help Net Security

MinerEye is launching MinerEye Data Tracker, an AI-powered governance and data protection solution that will enable companies to continuously identify, organize, track and protect vast information assets including undermanaged, unstructured and dark data for safe and compliant cloud migration. Most data tracking and classification technologies categorize data based on descriptive elements such as file size, type, name and location. MinerEye dives deeply into the basic data form to its essence to uncover and categorize More

The post MinerEye introduces AI-powered Data Tracker appeared first on Help Net Security.

21:59

New "Omniphobic" Coating Created by University of Michigan Researcher SoylentNews

A University of Michigan researcher has created a coating that could be used to repel water, oil, and other substances:

In an advance that could grime-proof phone screens, countertops, camera lenses and countless other everyday items, a materials science researcher at the University of Michigan has demonstrated a smooth, durable, clear coating that swiftly sheds water, oils, alcohols and, yes, peanut butter.

Called "omniphobic" in materials science parlance, the new coating repels just about every known liquid. It's the latest in a series of breakthrough coatings from the lab of Anish Tuteja, U-M associate professor of materials science and engineering. The team's earlier efforts produced durable coatings that repelled ice and water, and a more fragile omniphobic coating. The new omniphobic coating is the first that's durable and clear. Easily applied to virtually any surface, it's detailed in a paper published in ACS Applied Materials & Interfaces.

Tuteja envisions the new coating as a way to prevent surfaces from getting grimy, both in home and industry. It could work on computer displays, tables, floors and walls, for example.

[...] Ultimately, the team discovered that a mix of fluorinated polyurethane and a specialized fluid-repellent molecule called F-POSS would do the job. Their recipe forms a mixture that can be sprayed, brushed, dipped or spin-coated onto a wide variety of surfaces, where it binds tightly. While the surface can be scratched by a sharp object, it's durable in everyday use. And its extremely precise level of phase separation makes it optically clear.

Just what I needed for my keyboard, VR headset, countertop, toilet bowl, 1 gallon mayonnaise jar, t-shirts, patio deck, sailing ship, the inside of all of my body's cells, and synthetic killer bacteria.

Smooth, All-Solid, Low-Hysteresis, Omniphobic Surfaces with Enhanced Mechanical Durability (DOI: 10.1021/acsami.8b00521) (DX)

Related: Nissan Testing 'Super-Hydrophobic' and 'Oleophobic' Paint
LiquiGlide Slippery Coating Coming Inside Norwegian Mayo Bottles
Spray-on "Repellent" Could Make Freezers Frost Free


Original Submission

Read more of this story at SoylentNews.

21:53

Phoronix Test Suite 8.0 M3 Released With BSD Improvements, Test Inspector & More Phoronix

Phoronix Test Suite 8.0 Milestone 3 is now available for evaluation as the latest step towards the official 8.0-Aremark release due out later this quarter...

21:42

My letter urging Georgia governor to veto anti-hacking bill Errata Security

February 16, 2018

Office of the Governor
206 Washington Street
111 State Capitol
Atlanta, Georgia 30334


Re: SB 315

Dear Governor Deal:

I am writing to urge you to veto SB315, the "Unauthorized Computer Access" bill.

The cybersecurity community, of which Georgia is a leader, is nearly unanimous that SB315 will make cybersecurity worse. You've undoubtedly heard from many of us opposing this bill. It does not help in prosecuting foreign hackers who target Georgian computers, such as our elections systems. Instead, it prevents those who notice security flaws from pointing them out, thereby getting them fixed. This law violates the well-known Kirchhoff's Principle, that instead of secrecy and obscurity, that security is achieved through transparency and openness.

That the bill contains this flaw is no accident. The justification for this bill comes from an incident where a security researcher noticed a Georgia state election system had made voter information public. This remained unfixed, months after the vulnerability was first disclosed, leaving the data exposed. Those in charge decided that it was better to prosecute those responsible for discovering the flaw rather than punish those who failed to secure Georgia voter information, hence this law.

Too many security experts oppose this bill for it to go forward. Signing this bill, one that is weak on cybersecurity by favoring political cover-up over the consensus of the cybersecurity community, will be part of your legacy. I urge you instead to veto this bill, commanding the legislature to write a better one, this time consulting experts, which due to Georgia's thriving cybersecurity community, we do not lack.

Thank you for your attention.

Sincerely,
Robert Graham
(formerly) Chief Scientist, Internet Security Systems


21:30

15 Preparation Ideas for Your Next IoT Edge Project IEEE Spectrum Recent Content full text

Insight and knowledge from extensive experience in successful IoT edge device development.

This paper shares 15 planning ideas that limit frustration and save time and money throughout the course of your IoT edge device development process.  Valuable advice is supplied by Mentor, an electronics design organization with decades of embedded systems experience.

21:26

Multiple vulnerabilities in Jenkins plugins Open Source Security

Posted by Daniel Beck on Apr 16

Jenkins is an open source automation server which enables developers around
the world to reliably build, test, and deploy their software. The following
releases contain fixes for security vulnerabilities:

* Email Extension 2.62
* Google Login 1.3.1
* HTML Publisher 1.16
* S3 Publisher 0.11.0

Summaries of the vulnerabilities are below. More details, severity, and
attribution can be found here:
https://jenkins.io/security/advisory/2018-04-16/

We...

21:22

Capital One: Open Source in a Regulated Environment

Most people know Capital One as one of the largest credit card companies in the U.S. Some also know that were one of the nations largest banksnumber 8 in the U.S. by assets. But Capital One is also a technology-focused digital bank that is proud to be disrupting the financial services industrythrough our commitment to cutting edge technologies and innovative digital products. Like all U.S.

21:01

Low-Resolution Display Provides High-Nostalgia Animations Hackaday

High-definition displays are the de facto standard today, and weve come to expect displays that show every pore, blemish, and bead of sweat on everything from phones to stadium-sized Jumbotrons. Despite this,  low-resolution displays continue to have a nostalgic charm all their own.

Take this 32 x 16 display, dubbed PixelTimes, for instance. [Dominic Buchstaller] has gone a step beyond his previous PixelTime, a minimalist weather clock and home hub built around the same P10 RGB matrix. The previous build was a little involved, though, with a nice wood frame that took some time and skill to create.

This looks great and seems like a lot of fun, and [Dominic] kindly provides all the files youll need to build your own. It shouldnt take more than an hour to build once youve got all the parts.

20:43

Speak at Open Source Summit NA: Submit Your Proposal by April 29

Submit a proposal to speak at Open Source Summit North America taking place August 29-31, in Vancouver, B.C., and share your knowledge and expertise with 2,000+ open source technologists and community members. Proposals are being accepted through 11:59pm PDT, Sunday, April 29.

This years tracks/content will cover the following areas:

20:22

Flexible Polymer-Based Materials Record Brain Activity With Less Damage to Cells SoylentNews

Are we getting closer to a complete brain mapping? New devices explore more regions safely

Researchers at the University of Southern California Viterbi School of Engineering have developed thin, flexible polymer-based materials for use in microelectrode arrays that record activity more deeply in the brain and with more specific placement than ever before. What's more is that each microelectrode array is made up of eight "tines," each with eight microelectrodes which can record from a total 64 subregions of the brain at once.

In addition, the polymer-based material, called Parylene C, is less invasive and damaging to surrounding cells and tissue than previous microelectrode arrays comprised of silicon or microwires. However, the long and thin probes can easily buckle upon insertion, making it necessary to add a self-dissolving brace made up of polyethylene glycol (PEG) that shortens the array and prevents it from bending.

Professor Ellis Meng of the USC Viterbi Department of Biomedical Engineering and Michelson Center for Convergent Bioscience said that the performance of the new polymer-based material is on par with microwires in terms of recording fidelity and sensitivity. "The information that we can get out is equivalent, but the damage is much less," Meng said. "Polymers are gentler on the brain, and because of that, these devices get recordings of neuronal communication over long periods of time."

Acute in vivo testing of a conformal polymer microelectrode array for multi-region hippocampal recordings (DOI: 10.1088/1741-2552/aa9451) (DX)


Original Submission

Read more of this story at SoylentNews.

20:14

Casino Gets Hacked Through Its Internet-Connected Fish Tank Thermometer The Hacker News

Internet-connected technology, also known as the Internet of Things (IoT), is now part of daily life, with smart assistants like Siri and Alexa to cars, watches, toasters, fridges, thermostats, lights, and the list goes on and on. But of much greater concern, enterprises are unable to secure each and every device on their network, giving cybercriminals hold on their network hostage with just

20:08

Bitcoin web wallet addresses generated with a flawed library are exposed to brute-force attacks Security Affairs

Multiple vulnerabilities in the SecureRandom() function expose Bitcoin web wallet addresses generated by the flawed library to brute-force attacks.

Old Bitcoin web wallet addresses generated in the browser or through JavaScript-based wallet apps might be affected by a cryptographic vulnerability that could be exploited b attackers to steal funds.

According to the experts, the popular  JavaScript SecureRandom() library isnt securely random, this means that an attacker can launch brute-force attacks on private keys.

The flaw affects the JavaScript SecureRandom() function that is used for generating a random Bitcoin address and its adjacent private key, currently, it doesnt actually.

It will generate cryptographic keys that, despite their length, have less than 48 bits of entropy, [] so its output will have no more than 48 bits of entropy even if its seed has more than that, said the system administrator David Gerard.

SecureRandom() then runs the number it gets through the obsolete RC4 algorithm, which is known to be more predictable than it should be, i.e. less bits of entropy, Gerard added. Thus, your key is more predictable.

Gerard concluded that all Bitcoin addresses generated using the SecureRandom() function are vulnerable to brute-force attacks.

The conclusion seems to be that at least all wallets generated by js tools inside browsers since bitcoin exists until 2011 are impacted by the Math.random weakness if applicable to the related implementations, the Math.random or RC4 (Chrome) weakness between 2011 and 2013, and RC4 weakness for Chrome users until end of 2015 continues Gerard.

Gerard explained that several web-based or client-side wallet apps used the SecureRandom() function, the expert said that all Bitcoin addresses possibly affected are:

  • BitAddress pre-2013;
  • bitcoinjs before 2014;
  • current software that uses old repos they found on Github.

A user has thrown the same alert on the Linux Foundation mailing list:

A significant number of past and current cryptocurrency products contain a JavaScript class named SecureRandom(), containing both entropy collection and a PRNG. The entropy collection and the RNG itself are both deficient to the degree that key material can be recovered by a third party with medium complexity....

20:05

Qt 5.12 Will Likely Ship In November, Might Drop Alpha/Beta Tags Phoronix

With Qt 5.11 already due to ship at the end of next month, Qt developers have begun discussing the follow-on Qt 5.12 release to ship in late 2018...

20:04

Links 16/4/2018: Linux 4.17 RC 1, Mesa 18.0.1 RC, GNOME 3.28.1 Techrights

GNOME bluefish

Contents

GNU/Linux

  • Kernel Space

    • Remaining Subsystem Updates Land Ahead Of Linux 4.17-rc1
    • Linus Torvalds schedules Linux Kernel 5.0, then maybe delays meaningless release

      Linus Torvalds has suggested that the next Linux kernel could earn the number 5.0.

      Unless you count the fact it is shrinking, which Torvalds liked because by removing support for eight architectures, and a bunch of other removal and clean-ups we actually removed more lines than we added.

      Torvalds declared the reduction probably a first. Ever. In the history of the universe. Or at least kernel releases.

      He also said the most special thing that happened in 4.17 rc1 was purely numerology: weve passed the six million git objects mark, and that is reason enough to call the next kernel 5.0.

    • Kernel prepatch 4.17-rc1

      Linus has released 4.17-rc1 and closed the merge window for this release.

    • Linux 4.17-rc1
    • Linux 4.17-rc1

      So two weeks have passed, and the merge window was pretty normal and
      is now closed.

      This does not seem to be shaping up to be a particularly big...

19:56

Purism Hires GNOME Developer For Librem 5 UI/UX Designer Phoronix

Purism's latest hire to work on the Librem 5 privacy-minded Linux smartphone effort is a UI/UX designer who has long been involved with GNOME...

19:36

NVIDIA & Valve Are Among Those Backing X.Org's XDC2018 Phoronix

This year's X.Org Developers' Conference (XDC2018) has already received some big name sponsors...

19:23

NASAs TESS Satellite Will Supercharge Search for Nearby, Earth-Like Worlds Lifeboat News: The Blog

On Monday, April 16, the Transiting Exoplanet Survey Satellite (TESS) will launch from Cape Canaveral Air Force Station in Florida. NASAs new exoplanet hunter will train its sights on nearer, brighter stars than its predecessors did. If TESS lives up to scientists predictions, it could energize our search for life in the cosmos.

When the Kepler space telescope launched in 2009, scientists didnt know what fraction of stars hosted planets. The Kepler mission was a statistical exploration looking to see how frequently planets occur around stars, Harvard astronomer David Latham told Space.com. One of the big surprises from Kepler was to find this whole population of planets with sizes between that of Neptune and Earth and there arent any in our solar system, zero and theyre everywhere out there, said Latham, whos worked on the Kepler project for nearly 20 years.

Kepler is what made us become aware that planets are as common as telephone poles, SETI Institute astronomer Seth Shostak told Space.com. But the stars that Kepler was staring at for four years they were all somewhere between 500 and 1,500 light-years away. TESS will survey the local neighborhood for planets like Earth. [NASAs TESS Exoplanet-Hunter in Pictures].

19:23

Evidence mounts for habitability of Venus-like worlds Lifeboat News: The Blog

Climate models show exoplanets like Venus could hold oceans under the right conditions. Richard A. Lovett reports.

19:23

Cancer not only mutates but evolves other mechanisms to beat drugs Lifeboat News: The Blog

Cancer can be triggered by different causes. Melanoma is usually induced by the sun, by dangerous ultraviolet light damage. In the majority of cases, UV damage leaves a unique mutational footprint behind and as a result unstoppable cell proliferation is induced.

UV damage gives rise to point mutations changes in a single letter of the 3 billion letter human genome. These mutations can interfere with signals that tell cells when to grow and divide and when to stop. Mutations in a protein called BRAF, a major signaling regulator, cause growth signals to be stuck in the on position and drive cancer development.

Though scientists have managed to come up with drugs that target and turn off aberrant BRAF signaling, cancer cells are clever. They learn to adapt to these BRAF-inhibitors. Today, many patients respond to cancer treatment very positively at first. However, unfortunately many ultimately develop resistance and metastases.

19:22

A City-Sized Telescope Could Watch Space-Time Ripple 1 Million Times a Year Lifeboat News: The Blog

COLUMBUS, Ohio A gravitational wave detector thats 2.5 miles long isnt cool. You know whats cool? A 25-mile-long gravitational wave detector.

Thats the upshot of a series of talks given here Saturday (April 14) at the April meeting of the American Physical Society. The next generation of gravitational wave detectors will peer right up to the outer edge of the observable universe, looking for ripples in the very fabric of space-time, which Einstein predicted would occur when massive objects like black holes collide. But there are still some significant challenges standing in the way of their construction, presenters told the audience.

The current detectors you might think are very sensitive, Matthew Evans, a physicist at MIT, told the audience. And thats true, but theyre also the least sensitive detectors with which you can [possibly] detect gravitational waves. [8 Ways You Can See Einsteins Theory of Relativity in Real Life].

19:22

Why immuno-therapy is leaving markets abuzz across the world Lifeboat News: The Blog

The biotechnology sectors fastest-growing segment, immuno-oncology, has become the hottest buzzword for investment in Asia.

The field, that uses the bodys own immune system to help fight cancer, has seen two mega acquisitions in the United States in recent months.

And Hong Kong stock exchange is now tuning into its strong future, with Hong Kong Exchanges and Clearing (HKEX) already agreeing to revamp listing rules that will fast track applications by firms linked with the sector to help more innovative drugs and medical devices developers go public as soon as early this summer, and raise much-needed development cash.

19:11

TV Broadcaster Wants App Stores Blocked to Prevent Piracy TorrentFreak

After first targeting torrent and regular streaming platforms with blocking injunctions, last year Village Roadshow and studios including Disney, Universal, Warner Bros, Twentieth Century Fox, and Paramount began looking at a new threat.

The action targeted HDSubs+, a reasonably popular IPTV service that provides hundreds of otherwise premium live channels, movies, and sports for a relatively small monthly fee. The application was filed during October 2017 and targeted Australias largest ISPs.

In parallel, Hong Kong-based broadcaster Television Broadcasts Limited (TVB) launched a similar action, demanding that the same ISPs (including Telstra, Optus, TPG, and Vocus, plus subsidiaries) block several pirate IPTV services, named in court as A1, BlueTV, EVPAD, FunTV, MoonBox, Unblock, and hTV5.

Due to the similarity of the cases, both applications were heard in Federal Court in Sydney on Friday. Neither case is as straightforward as blocking a torrent or basic streaming portal, so both applicants are having to deal with additional complexities.

The TVB case is of particular interest. Up to a couple of dozen URLs maintain the services, which are used to provide the content, an EPG (electronic program guide), updates and sundry other features. While most of these appear to fit the description of an online location designed to assist copyright infringement, where the Android-based software for the IPTV services is hosted provides an interesting dilemma.

ComputerWorld reports that the apps which offer live broadcasts, video-on-demand, and catch-up TV are hosted on as-yet-unnamed sites which are functionally similar to Google Play or Apples App Store. Theyre repositories of applications that also carry non-infringing apps, such as those for Netflix and YouTube.

Nevertheless, despite clear knowledge of this dual use, TVB wants to have these app marketplaces blocked by Australian ISPs, which would not only render the illicit apps inaccessible to the public but all of the non-infringing ones too. Part of its argument that this action would be reasonable appears to be that legal apps such as Netflixs for example can also be freely accessed elsewhere.

It will be up to Justice Nicholas to decide whether the primary purpose of these marketplaces is to infringe or facilitate the infringement of TVBs copyrights. However, TVB also appears to have another problem which is directly connected to the copyright status in Australia of its China-focused live programming.

Justice Nicholas questioned wh...

18:16

Re: Re: Terminal Control Chars Open Source Security

Posted by Jakub Wilk on Apr 16

* David A. Wheeler <dwheeler () dwheeler com>, 2018-04-12, 17:18:

Similarly, tab is an "active" character in most shells.

In the worst case (the victim uses bash with bash-completion installed,
and the attacker has write access to the victim's filesystem), pasting
tab can be as bad as pasting LF.

Here's a proof of concept:

$ printf 'x := $(shell (echo; cowsay pwned)>/dev/tty)' > moo
$ make -f...

18:01

Custom Built Vacuum Tube Cassette Player Hackaday

As weve said many times here on Hackaday, its not our place to question why people make the things they make. Theres a legitimate need or utility for many of the projects we cover, no doubt about it. But theres also a large number of them which are so convoluted that they border on absurd. Not that we love the crazy ones any less, in fact, we usually like those the best.

So when we saw this incredible modification to a Panasonic RN-404 microcassette recorder which replaces the audio hardware with a custom built vacuum tube amplifier, we didnt bother asking what the point was. Perhaps its an attempt to make the most impractical method for recording and playing back audio, or maybe it was just to see if it was possible. No matter why it was done, its here now and its absolutely glorious.

If the look of the hardware didnt tip you off that this project makes use of old Soviet-era components, the video after the break certainly will. Specifically, its using 1ZH25R and 1S38A tubes which were originally intended for military use. Just like all cool old Soviet tech was. Say what you will about the Cold War, it certainly got the engineering juices flowing.

Theres quite a bit of informati...

18:01

Why You Should Buy Facebook While It's in Crisis SoylentNews

Why You Should Buy Facebook While It's In Crisis (archive)

In spite of the headlines, the hearings, and the hashtags, it does not look like many users are leaving Facebook. A survey conducted by Deutsche Bank concluded that "just 1% of respondents were deactivating or deleting their accounts." If the survey is representative of Facebook's 2 billion users, then 20 million users might leave. This may seem like a big loss, but it means 99% of users are staying.

Doug Clinton, the managing partner of Loup Ventures, estimates that each active user generates about $21 in profits for Facebook each year. The loss of 20 million users would therefore reduce Facebook's earnings by roughly $420 million. Facebook's pretax income last year was $20.5 billion. Does a 2% drop in pretax income justify a 9% loss of market value? I don't think so.


Original Submission

Read more of this story at SoylentNews.

17:44

Top 10 Most Pirated Movies of The Week on BitTorrent 04/16/18 TorrentFreak

This week we have three newcomers in our chart.

Maze Runner: The Death Cure is the most downloaded movie.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This weeks most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (3) Maze Runner: The Death Cure 6.8 / trailer
2 () Den of Thieves 7.0 / trailer
3 (2) 12 Strong 6.8 / trailer
4 (1) The Commuter 6.4 / trailer
5 (4) The Greatest Showman 7.9 / trailer
6 () Hostiles 7.3 / trailer
7 (7) The Post 7.2 / trailer
8 (6) ...

17:00

Maat Ancient Egypts Most Important Religious Concept Terra Forming Terra


In the end we have a codified code of conduct applying to all throughout society.  Any such code must compare favorably to any other such code unless you insist that the precepts of barbarism hold sway.  Thus it is certain that this was in the background of Judaism and Christianity.

Thus the contemplation of Maat had operated for at least 2000 years prior to our own religions.  how this applied to paganism is another question.  The nasty aspects of Baal come to mind, but there we remain mostly uninformed.

This is well worth recalling when reading other bodies of scripture.


Maat Ancient Egypts Most Important Religious Concept 

AncientPages.com | April 4, 2018 | Featured Stories, Myths & Legends, News
 
Share this:

http://www.ancientpages.com/2018/04/04/maat-ancient-egypts-most-important-religious-concept/

A. Sutherland - AncientPages.com - Maat represented the most essential religious concept of the Egyptian view of the world. It was a concept of order of the world that the gods, pharaohs and ordinary people had to obey.

Maat was the Harmony or Law of the Universe. Lack of Maat and her departure meant an inevitable return to the original chaos (Nu) and the end of the known world.

...

17:00

Watson Brake Terra Forming Terra




 There are many such structures in the USA.  What this does is confirm that the earliest such facility dates exactly contemporaneous with the appearance of the European bronze Age and the sea borne traffic between Europe and North America one thousand years before the Great Pyramid and Stonehenge.

I actually expected this to be particularly confirmed in exactly this way.  again all this is part of the early Atlantean global culture itself which hit its maximal global distribution about a thousand years later.  Wherever they could they established cultural centers such as this to impress upon locals their cultural precepts and surely established trade factories as well..

It is also noteworthy that the cultural conceptualization then became the local meme to produce many such centers throughout the SE USA and culminated worldwide with permanent stone structures as well.

The interesting question is the actual homeland of all this global activity. 

 
Mysterious Watson Brake: Oldest Mound Complex In North America With Earthworks Raised For Unknown Purpose

AncientPages.com | February 21, 2018 | Ancient Places, Civilizations, Featured Stories, News

Share this:

Ellen Lloyd - AncientPages.com - In northern Louisiana, North America there is a very interesting and mysterious ancient site known as Watson Brake. This ancient site challenges our knowledge about North American history as the mounds have been found to be the earliest known remnants of human construction in the New World.

 
Mounds At Watson Brake Were Raised By Complex Ancient Society

Located in the floodplain of the Ouachita River near Monroe, Watson Brake consists of 11 ancient mounds that measure from three to 25 feet in height...

17:00

Qanon Syrian Smoke and Iran's road to Freedom Terra Forming Terra


For the record, i am pretty sure that Q is Trump himself. Recalls that he sleeps only around four hours per night which means when he has to. Otherwise he is mentally engaged but also late in the evening he is is not under demands. This easily allows him to do q posts to his conspiratorium and read feedback. He also has spent years reading intel reports from his commercial suppliers who must be far better than the usual suspects outside of mil intel. The time frames fits him. It is often late at night and possibly from the situation room.

We have now been treated to a flash bang story over Syria all of which was telegraphed in fine detail to the world well ahead of the fireworks.  This is not war but mostly a deliberate distraction that allows naval forces to be concentrated in the Middle East.  If anything, Russia acts like they are in on the Gag and are hamming it up as well.

Recall that Assad disarmed his chemical stockpile over a year ago and that Russia guaranteed it.  Those buildings we just blew up would have been either empty or certainly decommissioned.  Thus this was a failsafe way to respond to a likely false flag event put on by the DEEP State.  At worst those buildings were evacuated and if something was actually going on then the culprits can never talk about it.

In the meantime it all provides excellent cover for placing a large force in position to open conversations with Iran.  A maximum event would see Qum assembly of Mullahs flash banged prior to regime change.  They are by nature terribly vulnerable to the USSS gravity ships.  Neutralization will open the door to free elections and a revised Constitution.

Of course a more modest demonstration and a guarantee of a long life may achieve the same results as with North Korea which is already a done deal.
Do you get the clear impression that all the world's meddlers have suddenly sobered up and are all cutting the best...

17:00

Is Legendary Norumbega In North America A Lost Viking Settlement? Terra Forming Terra



   
Essentially this is the Hudson Valley that is claimed here as a territory that is Norse.  We expected as much and this map provides period confirmation.  Quite plausibly, the Mayfair landed well north along the coast in order to avoid this settlement.  After all you did have better choices in the form of this self same Hudson Valley which the Dutch set up a mere six years later.

Both powers were Protestant and the Dutch had the real navy at this point.  It took Henry VIII and a century of building to make the British navy strong enough to protect colonies and also oppose the Dutch and the Spanish.

Of course all this has been written out of our history books to avoid land claims.

The missing aspect of all this is that it was painfully easy for the Norse to simply join into the colony making enterprise by merely adjusting one's name and picking up the dialect.  By the by, just how the hell did those Pilgrims communicate with those 'Indians' at all?  Much too easily it seems.

.

Is Legendary Norumbega In North America A Lost Viking Settlement?
  ...

17:00

We May Never Truly Fathom Other Cultures - Facts So Romantic Nautilus


Our discrete cultural universes are not easily bridged.Inca Princess - La Gran usta Mama Occollo (early 1800s) / Denver Art Museum / Wikicommons

If theyre honest and humble enough, people who study societies that existed in the Americas before the arrival of Europeans will admit that they dont really understand those societies. Theyll know the facts about pre-Hispanic cultures and chronologies, yet how people in those societies thought, their values and psychologies, remain maddeningly out of reach. Its like reading poetry in translation: Youll know what its about, and youll get the basic meaning, but youll never completely grasp the nuance. There is something in their way of thinking that is very alien to us, Harvard archaeologist Gary Urton once told me. He was talking about the Inca of South America, which he has a spent a lifetime studying.

I dont think any of us living today can comprehend the violence of worship in the Mexica culture (or Aztecs, as they are more popularly known), which Ive written about for Archaeology. The Mexica waged war not principally to defeat rival states or gain territory, but to gather warm bodies for human sacrifice. Prisoners were hustled up to the temple summit,
Read More

16:31

Workshops Announced For Hackaday Belgrade Hackaday

Hackaday is hosting a full conference in Belgrade, Serbia, on 26 May. Today were excited to announce the workshops that will take place at Hackaday Belgrade. Workshop tickets are available now, but space is extremely limited and we expect these workshops to fill up fast so purchase your ticket right now!

Details of each workshop are listed below. Topics this year include bringing art to your PCB designs, learning the fundamentals of e-textiles, and getting up-to-speed with FPGAs.

You must have a Hackaday Belgrade ticket in order to purchase a workshop ticket. This is our premier European conference, with the best hardware and technology culture youll find anywhere. We think of it as a Hacker Village that comes together for one incredible weekend in May. There will be a bar meetup the night before, talks and workshops all day on Saturday, followed by IDM and DJ sets during the hardware badge hacking which goes late into the night. In addition to the experience of being around a critical mass of excellent people, well have refreshments and food throughout and the conference badge youll get is a piece of custom electronics for you to play with and hack on throughout the day.

Its entertainment. Its professional development. Its the crowd of people youve always wanted to hang out with. This isnt hype, its Hackaday Belgrade.

Creating Art in PCB

Brian Benchoff

This workshop will guide attendees through the process of creating art in PCBs. Topics covered will be the layer stackup of the modern PCB (copper, fiberglass, soldermask, and silkscreen), the current state-of-the-art using Chinese board houses, and how to implement graphics in PCB art using KiCad.

Interactive Poetic Glove

Lavoslava Beni

In this e-textile workshop, participants will create a unique interactive wearable that generates sounds of various frequencies and responds to the touch (pressure). This includes learning about electronic elements and circuits with emphasis on the capacitive, conductive, and resistive properties of fabrics and yarns.

FPGA Development 101

Miodrag Milanovic

...

16:25

Attackers exfiltrated a casinos high-roller list through a connected fish tank Security Affairs

Nicole Eagan, the CEO of cybersecurity company Darktrace, revealed that is company investigated that hack of an unnamed casino that was breached via a thermometer in a lobby fish tank.

Internet of things devices are enlarging our attack surface, smart devices are increasingly targeted by hackers in the wild.

The case we are going to discuss demonstrate it, Nicole Eagan, the CEO of cybersecurity company Darktrace, revealed that is company investigated that hack of an unnamed casino that was breached via a thermometer in a lobby aquarium.

Theres a lot of internet of things devices, everything from thermostats, refrigeration systems, HVAC [air conditioning] systems, to people who bring in their Alexa devices into the offices. Theres just a lot of IoT. It expands the attack surface and most of this isnt covered by traditional defenses. Nicole Eagan, the CEO of cybersecurity company Darktrace, told the WSJ CEO Council in London on Thursday.

The attackers used that to get a foothold in the network. They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud, 

The hackers stole the casinos high-roller database through a thermometer in the lobby fish tank.

fish tank

This isnt the first a thermometer hack reported by experts at Darktrace, in July 2017 hackers attempted to exfiltrate data from a US casino by hacking into an Internet-connected fish tank.

A connected fish tank included sensors used to control the temperature, food distribution, and cleanliness of the tank.

Somebody got into the fish tank and used it to move around into other areas (of the network) and sent out data, said Justin Fier, Darktraces director of cyber intelligence. 

At the time, hackers exfiltrated 10 GB of data that were sent out to a device in Finland.

...

16:03

Nitschke's "Suicide Machine" Draws Crowds at Amsterdam Funeral Fair SoylentNews

Submitted via IRC for fyngyrz

Euthanasia advocate displays 'Sarco', a pod that fills with nitrogen, which he hopes will one day be available as a 3D-printable device

[...]

Called the "Sarco", short for sarcophagus, the 3D-printed machine invented by Australian euthanasia activist Philip Nitschke and Dutch designer Alexander Bannink comes with a detachable coffin, mounted on a stand that contains a nitrogen canister.

"The person who wants to die presses the button and the capsule is filled with nitrogen. He or she will feel a bit dizzy but will then rapidly lose consciousness and die," said Nitschke. The Sarco was a device "to provide people with a death when they wish to die," Nitschke said.

Source:
https://www.theguardian.com/society/2018/apr/15/nitschke-suicide-machine-amsterdam-euthanasia-funeral-fair


Original Submission

Read more of this story at SoylentNews.

15:01

RIP DIP ARM Hackaday

Every month, semiconductor manufacturers across the globe retire old devices. A product that has been superseded, isnt selling well, or maybe whose application has declined, is removed from the catalogue and ceases to be manufactured. Usually these moments pass unnoticed, just one old device among many. Who is going to remark upon the demise of a chip for a VGA card for example, or a long-ago-left-behind Flash memory chip?

One has come to our attention that is pretty unremarkable, but that could concern some of our readers. NXP have stopped manufacturing the LPC810M021FN8. What on earth is an LPC810M021FN8, you ask, the answer being that it appears to have been the last microcontroller with an ARM core available in a DIP package. Even that in itself is hardly earth-shattering, for if you really must use an ARM core rather than any of the myriad 8, 16, or 32 bit microcontrollers still available you can always get a DIP breakout board for a small surface mount chip.

This turn of events comes as a reminder that, while breadboard-friendly and popular among a section of our community, DIP packages are now particularly old-school. Other once-popular devices such as the LPC1114 have also long-since ceased to be available in this format, and we have to wonder how long we will be able to take advantage of DIP packages for some of the other microcontroller families.

A few years ago this news might have come as something of a disaster, but it now has more of a sense of the passing of a bygone era. Its normal to use microcontroller dev boards in a larger DIP format for prototyping, so maybe getting used to a bit of surface-mount soldering on a break-out board will be only for the truly hard-core when the last DIP package has been retired. Other than that of course, the 555 is still available in a DIP8, and you can make anything with one of them!

If you didnt have a chance to take the 810 for a test drive, the usual suppliers still list it in stock, Adafruit have a starter pack for it, and it will no doubt be possible to find it in small quantities for years to come.

[Thanks Tod E. Kurt for the tip]

14:20

Dipolar Molecule Created Using Lasers SoylentNews

https://phys.org/news/2018-04-atoms-combined-dipolar-molecule.html

Harvard Assistant Professor of Chemistry and Chemical Biology Kang-Kuen Ni and colleagues have combined two atoms for the first time into what researchers call a dipolar molecule. The work is described in a new paper published in Science.

Researchers say the discovery holds great promise for the future of quantum computing, as the dipolar molecule constitutes a new type of qubit, the smallest unit of quantum information, which could lead to more-efficient devices.

[...] "It's true that for every reaction," Ni said, "atoms and molecules combine individually at the microscopic level. What we have done differently is to create more control over it. We grab two different species of individual atoms with optical tweezers and shine a pulse of laser to bind them. The whole process is happening in an ultra-high vacuum, with very low air density."

Though short-lived, the reaction proved that a molecule could form by using the laser stimulus, rather than additional atoms, as the catalyst.

DOI: 10.1126/science.aar7797


Original Submission

Read more of this story at SoylentNews.

13:05

Kernel prepatch 4.17-rc1 LWN.net

Linus has released 4.17-rc1 and closed the merge window for this release. "This does not seem to be shaping up to be a particularly big release, and there seems to be nothing particularly special about it. The most special thing that happened is purely numerology: we've passed the six million git objects mark, and that is reason enough to call the next kernel 5.0. Except I probably won't, because I don't want to be too predictable."

12:50

A Look at the Ad-Targeting Tools AggregateIQ Left Exposed Online SoylentNews

From Engadget:

Throughout discussions about Cambridge Analytica, parent company Strategic Communication Laboratories (SCL) and how they came to obtain information on some 87 million Facebook users, you've probably also heard the name AggregateIQ. The Canada-based data firm has now been connected to Cambridge Analytica operations as well as US election campaigns and the Brexit referendum. Now, cybersecurity firm UpGuard has discovered a large code repository that AggregateIQ left exposed online, and through that we're getting a better look at the company, what it does and how it does it.

From the first of Upguard's multipart series:


Original Submission

Read more of this story at SoylentNews.

12:01

Superb Wood Floor Inlay Shows Off Computer-Augmented Tools Hackaday

Its been a few years since we first started hearing about tools of the future changing the way we work but this astounding whole-room floor inlay might be the best argument for them yet.

The Shaper Origin

A couple of years ago we wrote a hands-on preview of a unique tool called the Shaper Origin. If a milling machine is classically defined as having a stationary tool head with moving stock, the Origin is the reverse. To use an Origin the user adheres specially marked tape to the stock material, then holds the origin down and moves it much like a hand router.

The Origin has a camera which tracks the fiducial patterns on the tape, allowing it to know its precise position, even across an entire room. The operator sees a picture on the screen of the tool that guides them with superimposed lines, while the tool head makes its own precision adjustments to perfectly cut the design in the X, Y, and Z.

...

12:00

HappyBeeHost 1GB OpenVZ VPS $2/month and more! Low End Box

Aaron from HappyBeeHost is back with a third offer for our readers. They are still in the OVH Datacenter in London and have plenty to offer! There is two coupon codes listed below with the products so be sure to use those to take advantage of their sale properly!

In their own words:

HappyBeeHost is a leading provider of high-performance, low-cost web hosting solutions. We operate on a diverse range of flexible products in a highly secured environment coupled with at most customer care. We believe in being leaders rather than followers. Within a short span of time since we have stepped into the competitive web industry, we have left our traces through our competencies, methodologies and business ethics.

*We are providing this exclusive offer for our new SATA virtual server plans starting at just 2 USD/month (Use Coupon code HPYSALE for life time). Also, the SSD VPS range is starting from 5 USD/month (Use Coupon code LEB50 for life time)*

They offer PayPal as payment methods. As always, please ensure you read their Terms of Service.

Offers:

VM-Starter:

1GB RAM
1GB vSwap
4x vCPU
30GB HDD Space
1TB Transfer
1Gbps Uplink
1x IPv4
OpenVZ/SolusVM
Coupon: HPYSALE
$2/month
[Order Now]

VM-Economy:

2GB RAM
2GB vSwap
4x vCPU
40GB HDD space
2TB transfer
1Gbps uplink
1x IPv4
OpenVZ/SolusVM
Coupon: HPYSALE
$5/month

(more after break)

VMSSD-Starter:

1GB RAM
1GB vSwap
4x vCPU
30GB SSD space
1TB transfer
1Gbps uplink
1x IPv4
OpenVZ/SolusVM
Coupon: LEB50
$5/month

11:57

Let's stop talking about password strength Errata Security

Picture from EFF -- CC-BY license
Near the top of most security recommendations is to use "strong passwords". We need to stop doing this.

Yes, weak passwords can be a problem. If a website gets hacked, weak passwords are easier to crack. It's not that this is wrong advice.

On the other hand, it's not particularly good advice, either. It's far down the list of important advice that people need to remember. "Weak passwords" are nowhere near the risk of "password reuse". When your Facebook or email account gets hacked, it's because you used the same password across many websites, not because you used a weak password.

Important websites, where the strength of your password matters, already take care of the problem. They use strong, salted hashes on the backend to protect the password. On the frontend, they force passwords to be a certain length and a certain complexity. Maybe the better advice is to not trust any website that doesn't enforce stronger passwords (minimum of 8 characters consisting of both letters and non-letters).

To some extent, this "strong password" advice has become obsolete. A decade ago, websites had poor protection (MD5 hashes) and no enforcement of complexity, so it was up to the user to choose strong passwords. Now that important websites have changed their behavior, such as using bcrypt, there is less onus on the user.


But the real issue here is that "strong password" advice reflects the evil, authoritarian impulses of the infosec community. Instead of measuring insecurity in terms of costs vs. benefits, risks vs. rewards, we insist that it's an issue of moral weakness. We pretend that flaws happen because people are greedy, lazy, and ignorant. We pretend that security is its own goal, a benefit we should achieve, rather than a cost we must endure.

We like giving moral advice because it's easy: just be "stronger". Discussing "password reuse" is more complicated, forcing us discuss password managers, writing down passwords on paper, that it's okay to reuse passwords for crappy websites you don't care about, and so on.

What I'm trying to say is that the moral weakness here is us. Rather then give...

11:49

Linux 4.17-rc1 Kernel Released: A Ton Of New Functionality While Shedding Old Code Phoronix

Just like clockwork the Linux 4.17-rc1 kernel was released tonight following the two week long merge window...

11:00

Week in review: Emergency alert systems easily hacked, the cost of GDPR compliance Help Net Security

Heres an overview of some of last weeks most interesting news and articles: One in 10 C-level execs say GDPR will cost them over $1 million Companies are taking the new General Data Protection Regulation (GDPR) much more seriously than HIPAA and PCI: 99 percent are actively involved in the process to become GDPR-compliant, despite the cost and internal reorganization involved, a new survey that polled 300 C-level security executives has shown. Researchers use power More

The post Week in review: Emergency alert systems easily hacked, the cost of GDPR compliance appeared first on Help Net Security.

10:29

Art Bell Dead: Radio Host Dies, Cause of Death Unclear SoylentNews

Submitted via IRC for Sulla

From heavy.com:

Art Bell, the radio host, is dead. How did he die? The cause of death is not yet known.

From The Washington Post:

Long before fake news became a political topic, Mr. Bell made a good living encouraging Americans to accept the most fantastic and unlikely tales, to believe that we are not alone, to accept that in a world where the pace of life seemed to quicken with every passing year, there were forces from beyond that were trying to tell us something.

Sources:
https://heavy.com/news/2018/04/art-bell-dead-cause-of-death-dies-how/
https://www.washingtonpost.com/local/obituaries/art-bell-mysterious-narrator-of-the-american-nightscape-is-dead-at-72/2018/04/14/b6f2b278-4015-11e8-974f-aacd97698cef_story.html?utm_term=.7a7db7da9686


Original Submission

Read more of this story at SoylentNews.

10:15

Linux 4.17 Offers Some Promising Power-Savings Improvements Phoronix

Of the many improvements to be found in the in-development Linux 4.17 kernel -- nicely summarized in our Linux 4.17 feature overview -- one of the features I've been anxious the most to begin benchmarking has been the reported power management improvements. Here are my initial power/performance tests of Linux 4.17 that for some systems is seeing a measurable drop in power usage, even in some cases under load while without sacrificing the performance.

10:09

DistroWatch Weekly, Issue 759 DistroWatch.com: News

This week in DistroWatch Weekly: Review: Neptune 5.0News: elementary's new generation of apps, building containers on Red Hat, MX publishes new FAQ, antiX introduces Sid editionTips and tricks: Fix filenames, manage networks from the command line and more command line tipsReleased last week: Red Hat Enterprise Linux 7.5,....

10:00

HPR2531: Plot And Story Hacker Public Radio

Lostnbronx talks about plot and story, as well as characters and backgrounds, in storytelling of all types. These things are closely tied together, and a problem with one can easily be a problem with all.

09:00

Hackaday Links: April 15th, 2018 Hackaday

San Fransisco is awash in electric scooters. Three companies Lime, Bird, and Spin have been dumping smart electric scooters on the sidewalks of San Fransisco over the last few weeks. The business plan for all these companies is to allow anyone to ride them via an app. $1 unlocks the scooter, and rides are fifteen cents a minute. No one, it appears, is looking at the upside of abandoned, dead electric scooters: theyre a remarkable source of lithium batteries and brushless motors. Hello, my name is Mr. Cyberpunk. My friends and I drive around the city collecting abandoned electric scooters to harvest their batteries and motors. A quick hit from a drill in the middle of the top panel of a Bird scooter disables the cellular modem, but then you dont get to harvest the Particle dev board. Youre welcome, Mr. Doctorow, for the scene in your next novel.

There are a huge number of tips and tricks that are obvious if you already know them, and genius if you dont. Working with wood? Need to hide a gap? Use sawdust and wood glue to make DIY wood filler. The trick here is using sawdust from whatever youre trying to hide a gap in, but its not a bad idea to keep a few small containers of different sawdusts if youre working with exotic tropical hardwoods. Titebond III, mango.

Ever since the Bayeux tapestry meme generator of 2003, embroidery has been recognized as a legitimate art form. [Irene Posch] is using traditional embroidery skills to create a computer. Conductive thread exists, but you cant make a computer out of just wire; you need some sort of switching element. This is a relay computer, with the relays built out of beads, coils of conductive thread, and a tiny flippy bit. This is the best picture youre going to get of the relay. This is still a work in progress and the density of components means this will probably never meet any reasonable definition of computer, but it is digital logic, done completely with tools in the embroidery toolset.

You know whats awesome? Hashtag Badgelife. What is Badgelife? Its the hardware demoscene of independent electronic conference badges, mostly going down at DEF CON every year. This year, Badgelife is bigger than ever. Want proof? AND!XOR, the folks behind...

08:37

Bridge to Kennedy Space Center Needs Replacement; Florida Representatives Ask for More Cash for SLS SoylentNews

A bridge linking the Kennedy Space Center to the mainland needs replacement:

In fast-track fashion, traffic engineers hope to finish design work on a future replacement State Road 405 bridge across the Indian River by January 2021.

The aging bridge serves as a critical corridor linking the mainland with Kennedy Space Center and Cape Canaveral Air Force Station and the bridge must shoulder heavyweight spacecraft payloads and similar freight.

But by 2021, the drawbridge could prove unsafe for spacecraft and other heavy cargo, a NASA engineering study determined. Bridge replacement could cost $140 million and no construction funding has been earmarked yet, said Bob Kamm, Space Coast Transportation Planning Organization executive director.

Traffic in and around the Kennedy Space Center has increased massively in recent years.

Congressmen want more money to upgrade the facilities at Kennedy Space Center, as well as to provide for the Space Launch System and Orion projects:

A letter sent last month by U.S. Rep. Bill Posey, the Rockledge Republican who sits on the House Space Subcommittee, and co-signed by 10 other members of Florida's delegation, urges $557 million for the exploration ground systems improvements in the 2019 federal budget, and another $17 million for other construction. It also calls for $150 million in 2019 to build a new mobile launcher that could support the SLS rocket for 40 years, a recent NASA policy direction change from plans now seen as problematic to retrofit the current mobile launcher. The letter also calls for another $2.15 billion for the SLS rocket development, and $1.35 billion for the final Orion crew vehicle development.


Original Submission

Read more of this story at SoylentNews.

08:11

50 Years of Earth in Photos from Space Lifeboat News: The Blog

These photos are quite literally out of this world.

07:43

Enhanced longevity and metabolism Lifeboat News: The Blog

Disruption of the regulator for G protein signaling 14 (RGS14) knockout (KO) in mice extends their lifespan and has multiple beneficial effects related to healthful aging, that is, protection from obesity, as reflected by reduced white adipose tissue, protection against cold exposure, and improved metabolism. The observed beneficial effects were mediated by improved mitochondrial function. But most importantly, the main mechanism responsible for the salutary properties of the RGS14 KO involved an increase in brown adipose tissue (BAT), which was confirmed by surgical BAT removal and transplantation to wildtype (WT) mice, a surgical simulation of a molecular knockout. This technique reversed the phenotype of the RGS14 KO and WT, resulting in loss of the improved metabolism and protection against cold exposure in RGS14 KO and conferring this protection to the WT BAT recipients. Another mechanism mediating the salutary features in the RGS14 KO was increased SIRT3. This mechanism was confirmed in the RGS14 X SIRT3 double KO, which no longer demonstrated improved metabolism and protection against cold exposure. Loss of function of the Caenorhabditis elegans RGS14 homolog confirmed the evolutionary conservation of this mechanism. Thus, disruption of RGS14 is a model of healthful aging, as it not only enhances lifespan, but also protects against obesity and cold exposure and improves metabolism with a key mechanism of increased BAT, which, when removed, eliminates the features of healthful aging.

06:40

IAM, Patently-O and Watchtroll (the Patent Trolls Lobby) Try to Stop Patent Oppositions/Petitions (PTAB) Techrights

Chasing PTAB in vain as neither courts nor the patent office will disagree with PTAB

Chase

Summary: In spite of fee hikes, introduced by Iancus interim predecessor, petitions (IPRs) at the PTAB continue to grow in number and the patent maximalists are losing their minds over it

THE previous post focused on the USPTOs evacuation from software patenting, or at least courts determination to do so. Software patents are rapidly deteriorating and they gradually go away. Some languish until their expiry and some get invalidated before expiry. So their value is very low. At least in the US

Software patents are rapidly deteriorating and they gradually go away.PTAB often receives much of the credit, but without 35 U.S.C. 101 (and Alice which led to its current form) not much would have changed. We are still seeing 101 invoked inside and outside courtrooms. It happens pretty much every day. In Sound View Innovations, LLC v Hulu, LLC a US district court says data organization patent encompassed patentable subject matter, but we think its a software patent and Hulu should appeal to CAFC. CAFC is a lot stricter than district courts and would likely invalidate these crappy patents. This Docket Report says:

The court denied without prejudice defendants motion to dismiss because plaintiff sufficiently pleaded that the asserted claims of its data organization patent encompassed patentable subject matter and that the claims did not lack an inventive concept.

This isnt the end of that. Theres further recourse.

Lloyd is like a lobbyist of software patents and patent trolls in the United States.Meanwhile at IAM, Richard Lloyd does not one but two pieces about Iancu [1,...

06:25

Mesa 18.0.1 Being Released In A Few Days With About Four Dozen Fixes Phoronix

Mesa 18.0.1 is being planned for release on Wednesday as the first stable point release / maintenance update for this quarterly installment to Mesa 3D...

06:16

U.S. Judge Says UberBLACK Drivers Are Not Company's Employees SoylentNews

A U.S. judge in Philadelphia has ruled that limousine drivers for Uber Technologies Inc [UBER.UL] are independent contractors and not the companys employees under federal law, the first ruling of its kind on a crucial issue for the ride-hailing company.

U.S. District Judge Michael Baylson on Wednesday said San Francisco-based Uber does not exert enough control over drivers for its limo service, UberBLACK, to be considered their employer under the federal Fair Labor Standards Act. The drivers work when they want to and are free to nap, run personal errands, or smoke cigarettes in between rides, Baylson said.

The legal classification of workers has been a major issue for gig economy companies that rely on independent contractors. Uber, in particular, has been hit with dozens of lawsuits in recent years claiming that its drivers are employees and are entitled to minimum wage, overtime, and other legal protections not afforded to contractors.

An Uber spokeswoman said the company is pleased with the decision.

Jeremy Abay, a lawyer for the plaintiffs, said he would appeal the ruling to the Philadelphia-based 3rd U.S. Circuit Court of Appeals. The 3rd Circuit would be the first federal appeals court to consider whether Uber drivers are properly classified as independent contractors.

[...] The case is Razak v. Uber Technologies Inc, U.S. District Court for the Eastern District of Pennsylvania, No. 2:16-cv-00573.


Original Submission

Read more of this story at SoylentNews.

06:02

Binary Stars in Lost In Space Ending Could Be a Real Place In Our Galaxy Lifeboat News: The Blog

The ending of the new Netflix Lost In Space reboot puts the Robinson family in far out space. But, the binary star system they see could be a real place in the Milky Way. It bears a strong resemblance to VFTS 352, an actual binary star in the Large Magellanic Cloud in our own milky way galaxy.

06:01

Rotary Encoders Become I2C Devices Hackaday

Rotary encoders are the bees knees. Not only do you get absolute positioning, you can also use a rotary encoder (with a fancy tact button underneath) for an easy UI for any electronics project. Theres a problem with rotary encoders, though: its going to use Gray code or something weird, and getting a rotary encoder to work with your code isnt as easy as a simple button.

For his Hackaday Prize project, [fattore.saimon] has come up with the solution for using multiple rotary encoders in any project. Its a board that turns a rotary encoder into an I2C device. Now, instead of counting rising and falling edges, adding a rotary encoder to a project is as easy as connecting four wires.

The project is built around the PIC16F18344, a small but surprisingly capable microcontroller that reads a rotary encoder and spits data out as an I2C slave device. Also on board are a few pins for an RGB LED, general purpose pins, the ability to set all seven bits of the I2C address (who wants 127 rotary encoders?), and castellated holes for connecting several boards together.

This project is an update of [fattore]s earlier I2C Encoder, and there are a lot of improvements in the current version. Its slightly smaller, has better connectors, and uses a more powerful microcontroller. Thats just what you need if you want a ton of rotary encoders for all those cool interactive projects.

The HackadayPrize2018 is Sponsored by:

05:55

Microsoft engineer charged with money laundering linked to Reveton ransomware Security Affairs

The Microsoft network engineer Raymond Uadiale (41)  is facing federal charges in Florida for the alleged involvement in Reveton Ransomware case.

The man is suspected to have had a role in helping launder money obtained from victims of the Reventon ransomware.

Uadiale currently works at Microsoft site in Seattle since 2014, according to Florida police between October 2012 and March 2013 he operated online with a UK citizen that used the moniker K!NG.

K!NG was responsible for Reveton ransomware distribution meanwhile Uadiale is accused to have managed the victims payments and shared them with K!NG.

The judge did a double take when he heard that Uadiale has been working for Microsoft in the Seattle area since 2014. reported the SunSentinel.

Cybersecurity, dont tell me? U.S. Magistrate Judge Barry Seltzer quipped. Are they aware of the charges?

Assistant U.S. Attorney Jared Strauss confirmed in court that Uadiale involvement in Reveton campaign occurred before he was hired by Microsoft and prosecutors dont have any evidence that he had any involvement in actually spreading the malware.

Reveton is described as drive-by malware because unlike many viruseswhich activate when users open a file or attachmentthis one can install itself when users simply click on a compromised website. Once infected, the victims computer immediately locks, and the monitor displays a screen stating there has been a violation of federal law. reads an alert published by the FBI in 2012.

Reveton ransomware

The Reveton ransomware locks the screen on the infected devices and requests victims to buy GreenDot MoneyPak vouchers and insert their code into the Reveton screen locker to unlock them.

The locked screen would display a fake message purportedly from the FBI or other law enforcement agency would claim the user had violated federal law.

While K!NG was accumul...

05:42

AI chips are going to bring new brains to smart speakers, PCs, cars, and phones you can afford Lifeboat News: The Blog

Processors with artificial intelligence will spread from todays top-end phones to cars, PCs, security cameras, smart speakers and mainstream phones.

05:42

A Last Minute Linux 4.17 Pull To Help Non-PCID Systems With KPTI Meltdown Performance Phoronix

While the Linux 4.17 kernel merge window is closing today and is already carrying a lot of interesting changes as covered by our Linux 4.17 feature overview, Thomas Gleixner today sent in a final round of x86 (K)PTI updates for Meltdown mitigation with this upcoming kernel release...

05:07

Android P may get iPhone X-like gesture-based navigation bar TechWorm

Google appears to be testing iPhone X-like gesture control in Android P

In an unrelated blog post about the DNS over TLS support in Android P Developer Preview, Google accidentally shared a screenshot from a device that appears to be running the second Android P Developer Preview. The screenshot suggested that Google is working on a possible iPhone X-like gesture navigation interface to replace the existing buttons for Android P. The post contained a screenshot of the DNS settings with a navigation bar that is completely different from what is currently on Android 8.1 Oreo.

The solid circular shape center home button is replaced by a pill shape button like on the iPhone X. Further, the blue color scheme indicates that the phone is running the Google Pixel 2 XL theme. Also, the Recent Apps button or multi-tasking button, is completely missing. However, the back button is still there, which according to Stephen Hall from 9to5Google, is only shown contextually.

Shortly after the blog post publication, Google quickly edited the screenshot to crop out the navigation bar. However, you can check out the original, uncropped image, which is still on Googles servers by clicking here.

Whether the leaked screenshot is true or not, can only be confirmed once Google officially announces it. With the Google I/O 2018 coming up next month, we are hopeful to learn more about Android P.

The post Android P may get iPhone X-like gesture-based navigation bar appeared first on TechWorm.

04:47

Conspiracy Theorists Believe That Nibiru Will End The World On April 23 TechWorm

Nibiru: Will the world end in April 2018?

Predictions regarding the extinction of humanity, or huge collapse of civilization, the destruction of the planet or even the universe has been going on as long as mankind has walked the Earth.

Now, conspiracy theorists have come up with fresh fears that the world will end as early as April 23, as a giant mysterious death star Nibiru also known as Planet X, is set to cause destruction across the Earth. Nibiru is supposed to be a large object that is on a collision course with Earth.

David Meade, a Christian numerologist and who writes for Planet X News told the Daily Express newspaper that the occurrence of an apocalypse on April 23 will ultimately destroy our Earth. It is claimed that the Sun, Moon and Jupiter will align in the constellation Virgo, igniting the beginning of the biblical Rapture, which is also known as the second coming of Jesus Christ.

Conspiracy theorists say a passage in the bible from the book of Revelation 12:1-2 points to the end of the world. Astrological constellations are said to match up with passage 12:1-2 of the Book of Revelations, which reads: And a great sign appeared in heaven: a woman clothed with the sun, with the moon under her feet, and on her head a crown of 12 stars. She was pregnant and was crying out in birth pains and the agony of giving birth.

The woman in the passage is believed to be Virgo, where the Sun and Moon are claimed to align, along with the Jupiter, which represents the Messiah, that matches the planetary alignment due to take place on April 23, theorists say.

Meade believes that on that night, Nibiru or Planet X will suddenly appear in the sky and may collide with our Earth or may fly very close to Earth that will bring finally bring destruction on our planet in the form of massive volcanic eruptions, earthquakes, and tsunamis on Earth.

Meade has referred to this spring as an end of days convergence.

Responding to the latest claims, pessimists say that this type of particular astrological alignment happens every 12 years, but Meade believes it otherwise.

He says: By early April of 2018, the disappearance of the Church (all true Christians worldwide also known as the Rapture) will occur.

This will be followed quickly by the rise of the Antichrist, the appearance of Planet X and World War III.

Seven years of Tribulation will ensure. This is beyond any shadow of doubt.

He also said that the upcoming planetary alignment is a unique once-in-a-century sign.

He added: During this time frame, on April 23, 2018 the moon appears under the feet of the Constellation Virgo.

The Sun appears to precisely clothe Virgo Jupiter is birthed on April...

04:44

The Patent Trial and Appeal Board (PTAB) is Ending Software Patents One Patent at a Time Techrights

Software patents now in a deadlock

A command line

Summary: At an accelerating pace and with growing determination, PTAB (part of AIA) crushes patent trolls and software patents; the statistics and latest stories speak for themselves

THE USPTO, owing to the Leahy-Smith America Invents Act (AIA) and the Patent Trial and Appeal Board (PTAB), improves patent quality, but patent maximalists arent happy. To them, patent quality is a threat, not a goal. Patent Docs, a site of patent maximalists which we mentioned in our previous post, has just promoted this event (webinar) which explores the AIAs impact on an inventorship determination?

What were expecting to happen there is based on who attends and speaks; its an event of patent maximalists.

One patent maximalist, writing in his blog yesterday, showed patent backlog decreasing as well as (apparently) the number of applications and patents too. Some sources say that this year will see a turnaround in the sense that the number of patents granted will have declined. Whats not declining is post-grant reassessments and invalidations.

According to Docket Navigator, 411 petitions were filed in the first quarter, up on 373 petitions in the fourth quarter of 2017, so PTAB rises still, smashing bogus patents. As Managing IP put it on Thursday:

Managing IP analyses Docket Navigator data on PTAB petitions filed in the first quarter of 2018 to reveal the most active entities and law firms

Patent Trial and Appeal Board (PTAB) filing for the first quarter arrested a downward trend. Some 411 petitions were filed in the first quarter, up on 373 petitions in the fourth quarter of 2017 and 393 in the third quarter.

Very good. PTAB is about cracking down on patents rather than granting more and more of them (irrespe...

03:55

Google Announces Two "Semantic Experiences" for Book Searching and Word Association SoylentNews

Google's latest AI experiments let you talk to books and test word association skills

Google today announced a pair of new artificial intelligence experiments from its research division that let web users dabble in semantics and natural language processing. For Google, a company that's primary product is a search engine that traffics mostly in text, these advances in AI are integral to its business and to its goals of making software that can understand and parse elements of human language.

The website will now house any interactive AI language tools, and Google is calling the collection Semantic Experiences. The primary sub-field of AI it's showcasing is known as word vectors, a type of natural language understanding that maps "semantically similar phrases to nearby points based on equivalence, similarity or relatedness of ideas and language." It's a way to "enable algorithms to learn about the relationships between words, based on examples of actual language usage," says Ray Kurzweil, notable futurist and director of engineering at Google Research, and product manager Rachel Bernstein in a blog post. Google has published its work on the topic in a paper here, and it's also made a pre-trained module available on its TensorFlow platform for other researchers to experiment with.

The first of the two publicly available experiments released today is called Talk to Books, and it quite literally lets you converse with a machine learning-trained algorithm that surfaces answers to questions with relevant passages from human-written text. As described by Kurzweil and Bernstein, Talk to Books lets you "make a statement or ask a question, and the tool finds sentences in books that respond, with no dependence on keyword matching." The duo add that, "In a sense you are talking to the books, getting responses which can help you determine if you're interested in reading them or not."

The second experiment is Semantris, a game that tests word association skills (while collecting data from users).

The very first thing I thought of to ask "Talk to Books" is "What is a cactus?" The first result is "peyote. A species of small cactus, or the powerful drug decocted therefrom by the Indians of Mexico and the western United States and widely used for medicinal, ceremonial, and religious purposes. G.P.M." Thanks, Google.

Also at...

03:43

How Pirates Use New Technologies for Old Sharing Habits TorrentFreak

While piracy today is more widespread than ever, the urge to share content online has been around for several decades.

The first generation used relatively primitive tools, such as a bulletin board systems (BBS), newsgroups or IRC. Nothing too fancy, but they worked well for those who got over the initial learning curve.

When Napster came along things started to change. More content became available and with just a few clicks anyone could get an MP3 transferred from one corner of the world to another. The same was true for Kazaa and Limewire, which further popularized online piracy.

After this initial boom of piracy applications, BitTorrent came along, shaking up the sharing landscape even further. As torrent sites are web-based, pirated media became even more public and easy to find.

At the same time, BitTorrent brought back the smaller and more organized sharing culture of the early days through private trackers.

These communities often focused on a specific type of content and put strict rules and guidelines in place. They promoted sharing and avoided the spam that plagued their public counterparts.

That was fifteen years ago.

Today the piracy landscape is more diverse than ever. Private torrent trackers are still around and so are IRC and newsgroups. However, most piracy today takes place in public. Streaming sites and devices are booming, with central hosting platforms offering the majority of the underlying content.

That said, there is still an urge for some pirates to band together and some use newer technologies to do so.

This week The Outline ran an interesting piece on the use of Telegram channels to share pirated media. These groups use the encrypted communication platform to share copies of movies, TV shows, and a wide range of other material.

Telegram allows users to upload files up to 1.5GB in size, but larger ones can be split, in common with the good old newsgroups.

These type of sharing groups are not new. On social media platforms such as Facebook and VK, there are hundreds or thousands of dedicated communities that do the same. Both public and private. And Reddit has similar groups, relying on external links.

According to an administrator of a piracy-focused Telegram channel, the appeal of the platform is that the groups are not shut down so easily. While that may be the case with hyper-private groups, Telegram will still pull the plug if it receives enough complaints about a channel.

The same is true for Discord, another application that can be used to share content in private communities. Discord is particularly popular among gamers, but pirates hav...

03:42

A Clinical-Grade Implant May Cure Blindness! Lifeboat News: The Blog

A clinical-grade retinal implant made of human #embryonic stem cell (#hESC)derived RPE grown on a synthetic substrate has been developed by Kashani and team. The progressive binding disease that causes loss of the retinal pigment epithelium (RPE) of the eye is known as #Non-neovascular age-related macular degeneration (#NNAMD). Currently there are only preventative measures that can be taken but there is no effective treatment. Some preventative measures include quitting smoking and the use of specific nutritional supplements to reduce the risk of developing NNAMD. The implant was not only shown to be safe in a first-in-human phase 1 clinical trial in five patients with advanced NNAMD, but also well tolerated. Plausible therapeutic effects on visual clarity were reported in the experimental results, indicating that this approach may be beneficial for treating retinal disorders involving #RPE loss.

03:01

Fail Of The Week: Casting A Bolt In A 3D-Printed Mold Hackaday

Heres a weird topic as a Fail of the Week. [Pete Prodoehl] set out to make a bolt the wrong way just to see if he could. Good for you [Pete]! This is a great way to learn non-obvious lessons and a wonderful conversation starter which is why were featuring it here.

The project starts off great with a model of the bolt being drawn up in OpenSCAD. Thats used to create a void in a block which then becomes two parts with pegs that index the two halves perfectly. Now its time to do the casting process and this is where it goes off the rail. [Pete] didnt have any flexible filament on hand, nor did he have proper mold release compound. Considering those limitations, he still did pretty well, arriving at the plaster bold seen above after a nice coat of red spray paint.

One side of the mold didnt make it

He lost part of the threads getting the two molds apart, and then needed to sacrifice one half of the mold to extract the thoroughly stuck casting. Weve seen quite a bit of 3D printed molds here, but they are usually not directly printed. For instance, heres a...

02:21

Academics and Think Tanks for Patent Maximalism Techrights

Theodore R. Bromund, Ph.D.

Summary: Right-wing think tanks and impressionable academics continue to lobby for patent maximalism, rarely revealing the funding sources and motivations; in reality, however, such maximalism mainly helps large (already-wealthy) corporations, monopolists, and law firms

THE UNITED States may have a serious problem with money in politics/policy. Money buys law. It buys legislation. It also buys influence/lobbying from academia. Its all about money. This is why the US ended up with terrible patent policy and up until a few years ago (owing largely to a court which is hard to corrupt) there was no hope. A bunch of large and powerful law firms had a grip on the patent system. This grip is nowadays slipping away and in response to it they make a public showing of disdain against the changes. Sometimes they also bash courts and judges.

As is typical for a Sunday, Patent Docs lists some patent-centric events, streams, conferences (symposium/webcast/other), lobbying etc. Its nothing but patent maximalism up on display.

Some of the topics of upcoming events/webinars promoted by Patent Docs today: Ethics (in patent law), double patenting and Patent Ownership Rights. They're not ownership or even a right. Patent Docs also mentioned this summit on biosimilars. It disclosed that Patent Docs author Kevin Noonan is a co-chair of this conference (shameless self-promotion perhaps).

As is typical for a Sunday, Patent Docs lists some patent-centric events, streams, conferences (symposium/webcast/other), lobbying etc. Its nothing but patent maximalism up on display.The Intellectual Property Owners Association (IPO), a patent extremists front group that lobbies for software patents and other bad things,...

01:50

Tesla Battery Degradation Less Than 10% After 160,000 Miles cryptogon.com

Via: Electrek: Battery degradation is one of the biggest concerns for electric car owners and potential buyers, but data from Tesla battery packs have been very reassuring so far. Now the latest data shows less than 10% degradation of the energy capacity after over 160,000 miles on Teslas battery packs. A group of Tesla owners []

01:33

Grow Algae to Generate Electricity While Sequestering Carbon SoylentNews

Algae-forestry, bioenergy mix may help make CO2 vanish from thin air

"Algae may be the key to unlocking an important negative-emissions technology to combat climate change," said Charles Greene, Cornell professor of Earth and Atmospheric Sciences and a co-author of new research reported in Earth's Future [open, DOI: 10.1002/2017EF000704] [DX], published March 24 by the American Geophysical Union.

"Combining two technologies BECCS and microalgae production may seem like an odd couple, but it could provide enough scientific synergy to help solve world hunger and at the same time reduce the level of greenhouse gases that are changing our climate system," Greene said. Based on an idea first conceptualized by co-author Ian Archibald of Cinglas Ltd., Chester, England, the scientists call the new integrated system ABECCS, or algae bioenergy with carbon capture and storage.

The ABECCS system can act as a carbon dioxide sink while also generating food and electricity. For example, a 7,000-acre ABECCS facility can yield as much protein as soybeans produced on the same land footprint, while simultaneously generating 17 million kilowatt hours of electricity and sequestering 30,000 tons of carbon dioxide per year.

The ABECCS system's economic viability depends on the value of the nutritional products being produced and the price of carbon. Even without a price on carbon, microalgae production in a fish-farming, aquacultural sense is commercially viable today if the algae are priced as a fishmeal replacement in aquafeeds.


Original Submission

Read more of this story at SoylentNews.

01:15

A Look At The Meltdown Performance Impact With DragonFlyBSD 5.2 Phoronix

Besides looking at the HAMMER2 performance in DragonFlyBSD 5.2, another prominent change with this new BSD operating system release is the Spectre and Meltdown mitigations being shipped. In this article are some tests looking at the performance cost of DragonFlyBSD 5.2 for mitigating the Meltdown Intel CPU vulnerability...

01:13

OS Release: ReactOS 0.4.8 DistroWatch.com: News

ReactOS is an open source operating system which strives to provide binary compatibility with Microsoft windows applications and drivers. The ReactOS project has released a new version, ReactOS 0.4.8, which brings many improvements to the desktop interface. "Taskbar settings and dialogs have been rewritten by Giannis so now....

01:01

Hackaday & Tindie UK Tour Adds Milton Keynes Hackaday

Hackaday and Tindie are on the road in the UK and we want you to grab one of your projects and come hang out! We have three meetups scheduled over the coming week:

Fresh from our Dublin Unconference and following our London meetup which is happening today, Hackaday and Tindie are staying on the road. Weve already told you about Nottingham on the 18th, and Cambridge on the 19th, to those two were adding Milton Keynes on the 23rd.

Well be at convening at Milton Keynes Makerspace on the evening of Monday the 23rd, a community hackspace venue with easy access and parking, and a vibrant community of members. It shares an industrial unit with the local Men In Sheds, so look out for their sign. Entry is free but please get a ticket so we know the amount of pizza and soft drinks we need to arrange. Bring along whatever you are working on, wed love to see one of your projects, whatever it is!

At the end of the month we will also be at Maker Faire UK in Newcastle, Meeting you, our readers, is important to us, and though we cant reach everywhere we would like to try to get further afield in the future. Please watch this space.

00:42

Alzheimers Reversed Lifeboat News: The Blog

Researchers at Gladstone Institutes in San Francisco report that a gene variant associated with Alzheimers works differently in mice and humans, and they also demonstrate how modifying this gene could potentially prevent the plaques associated with Alzheimers from forming and damaging the brain.

An ApoE3 gene variant is associated with Alzheimers disease

The gene apolipoprotein E3 (ApoE3) has a variant known as ApoE4, which is associated with the development and progress of Alzheimers disease. People with just one copy of the ApoE4 gene are at twice the risk as people without this gene variant. Some people even have two copies of the ApoE4 gene, which makes their risk of Alzheimers a staggering twelve times greater.

00:01

One-Pixel Attack Fools Neural Networks Hackaday

Deep Neural Networks can be pretty good at identifying images almost as good as they are at attracting Silicon Valley venture capital. But they can also be fairly brittle, and a slew of research projects over the last few years have been working on making the networks image classification less likely to be deliberately fooled.

One particular line of attack involves adding particularly-crafted noise to an image that flips some bits in the deep dark heart of the network, and makes it see something else where no human would notice the difference. We got tipped with a YouTube video of a one-pixel attack, embedded below, where changing a single pixel in the image would fool the network. Take that robot overlords!

We cant tell what these are either..

Or not so fast. Reading the fine-print in the cited paper paints a significantly less gloomy picture for Deep Neural Nets. First, the images in question were 32 pixels by 32 pixels to begin with, so each pixel matters, especially after its run through a convolution step with a few-pixel window. The networks they attacked werent the sharpest tools in the shed either, with somewhere around a 68% classification success rate. What this means is that the netw...

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Sunday, 15 April

23:20

The Many Great Features & Changes Coming For The Linux 4.17 Kernel Phoronix

Linus Torvalds is expected by the end of the day to release Linux 4.17-rc1, thereby marking the end of the two-week merge window that saw a lot of changes and new features land for Linux 4.17. Here is our original feature overview of the changes to be found in this next major release of the Linux kernel, which should premiere as stable by the middle of June.

23:13

"Depressed" and "Hallucinating" AI SoylentNews

Could artificial intelligence get depressed and have hallucinations?

As artificial intelligence (AI) allows machines to become more like humans, will they experience similar psychological quirks such as hallucinations or depression? And might this be a good thing?

Last month, New York University in New York City hosted a symposium called Canonical Computations in Brains and Machines, where neuroscientists and AI experts discussed overlaps in the way humans and machines think. Zachary Mainen, a neuroscientist at the Champalimaud Centre for the Unknown, a neuroscience and cancer research institute in Lisbon, speculated [36m video] that we might expect an intelligent machine to suffer some of the same mental problems people do.

[...] Q: Why do you think AIs might get depressed and hallucinate?

A: I'm drawing on the field of computational psychiatry, which assumes we can learn about a patient who's depressed or hallucinating from studying AI algorithms like reinforcement learning. If you reverse the arrow, why wouldn't an AI be subject to the sort of things that go wrong with patients?

Q: Might the mechanism be the same as it is in humans?

A: Depression and hallucinations appear to depend on a chemical in the brain called serotonin. It may be that serotonin is just a biological quirk. But if serotonin is helping solve a more general problem for intelligent systems, then machines might implement a similar function, and if serotonin goes wrong in humans, the equivalent in a machine could also go wrong.

Related: Do Androids Dream of Electric Sheep?


Original Submission

Read more of this story at SoylentNews.

22:42

Four Notable Things About the Most Distant Star Scientists Have Ever Glimpsed Lifeboat News: The Blog

Looking at the distant star is literally looking back in time.


Thanks to gravitational lensing, the Hubble telescope captured an image of the most distant star ever seen, 9 million light years away.

22:25

UK GCHQ director confirmed major cyberattack on Islamic State Security Affairs

GCHQ director Jeremy Fleming announced this week that the U.K. has launched a major cyberattack on the Islamic State (IS) terrorist organization.

According to the spy chief, the GCHQ the attack was launched in collaboration with the U.K. Ministry of Defence and has distributed operations of the Islamic State.

The UK intelligence believes this is the first time it systematically and persistently degraded an adversarys online efforts as part of a wider military campaign,

Fleming explained that UK cyber experts have operated to disrupt online activities and networks of the Islamic State, and deter an individual or group.

These operations have made a significant contribution to coalition efforts to suppress Daesh propaganda, hindered their ability to coordinate attacks, and protected coalition forces on the battlefield, GCHQ chief told an audience at the Cyber UK conference in Manchester.

In 2017 there were times when Daesh found it almost impossible to spread their hate online, to use their normal channels to spread their rhetoric, or trust their publications. Of course, the job is never done they will continue to evade and reinvent. But this campaign shows how targeted and effective offensive cyber can be, 

Mr. Fleming did not reveal details of the cyber attacks because it was too sensitive to talk about, he praised the success of such kind of operations against a threat that is abusing technology to spread propaganda.

Much of this is too sensit...

22:18

[$] A look at terminal emulators, part 2 LWN.net

A comparison of the feature sets for a handful of terminal emulators was the subject of a recent article; here I follow that up by examining the performance of those terminals. This might seem like a lesser concern, but as it turns out, terminals exhibit surprisingly high latency for such fundamental programs. I also examine what is traditionally considered "speed" (but is really scroll bandwidth) and memory usage, with the understanding that the impact of memory use is less than it was when I looked at this a decade ago (in French).

Subscribers can read on for part 2 from guest author Antoine Beaupr.

21:48

OpenCL C++ / OpenCL 2.2 Support Begins Its Journey To Mainline LLVM Clang Phoronix

A few weeks back we reported on plans for OpenCL C++ support to be mainlined in LLVM's Clang C/C++ compiler front-end and that work is now happening...

21:30

Hacking With Mir's EGMDE Desktop To Support Different Keymaps, Custom Wallpapers Phoronix

At the end of March longtime Mir developer Alan Griffiths of Canonical announced EGMDE, the Mir Desktop Environment as a desktop example implementing Mir/MirAL APIs and supporting Wayland clients. Griffiths has now put out his latest article in guiding interested developers in working with the code...

21:18

AMD's GPUOpen Has Opened The Window System Agent Library Phoronix

As part of the AMDVLK/XGL/PAL driver stack is now the WSA library...

21:09

Sex Workers Turn to Open-Source Social Network Based in Australia SoylentNews

[A] Melbourne-based company Assembly Four created Switter after its founders learned that social media platforms were either removing sex workers' content or banning their accounts. Without the time or resources to build a whole new network from scratch, the group turned to Mastodon.

The Verge reports:

Sex workers are running out of safe online spaces. Craigslist is no longer displaying personal ads. The controversial classifieds site Backpage, which many escorts used to screen clients, has been seized by the FBI. Adult content is disappearing off Google Drive, and many sex workers say they're being forced off social media. With the news that President Trump has signed the Allow States and Victims to Fight Online Sex Trafficking Act (FOSTA), their options will continue to dwindle and with it, the ability for many sex workers to pay their bills, let alone do so safely.

Over the past few weeks, sex workers have been turning to an unexpected platform to remain online: the social network Mastodon, under a new instance called "Switter." Melbourne-based company Assembly Four created Switter after its founders learned that social media platforms were either removing sex workers' content or banning their accounts. Without the time or resources to build a whole new network from scratch, the group turned to Mastodon.

Although ostensibly aimed at sex trafficking prevention, FOSTA's reduction of legal protections for websites is having disastrous consequences for sex workers. Faced with the new potential for litigation, many websites are removing any content or avenues that could possibly violate FOSTA. It's disconnecting many of the most vulnerable sex workers from crucial resources.

[...] Switter may offer a temporary salve for the community, yet sex workers say it cannot stand as a last bastion, an end-all be-all answer for their profession. Assembly Four says it's prepared to continue working to make it a safe destination for sex workers, but that they need real change.

"The best-case scenario would be the opposite," says Hunt. "The best-case scenario would be if we didn't need to have safe spaces, if public spaces were somewhere we were accepted."

Fast-Company, Buzzfeed, Vice and...

21:01

Shutter Bug Goes Extreme with Scratch-Built Film Camera Hackaday

Should a camera build start with a sand mold and molten aluminum? Thats the route [CroppedCamera] took with this thoroughly impressive camera project.

When we think of cameras these days, chances are we picture the ones that live inside the phones in our pockets. Theyre the go-to image capture devices for most of us, but even for the more photographically advanced among us, when a more capable camera is called for, its usually an off-the-shelf DSLR from Canon, Nikon, or the like. Where do hand-built cameras fall in todays photography world? Theyre a great way to add a film option to your camera collection.

...

20:56

Wine-Staging 3.6 Released, Carrying ~930 Patches, Fixes For CSMT Toggling & Dead Rising Phoronix

Based off Friday's release of Wine 3.6 is now a new Wine-Staging release that is carrying about 930 patches atop the upstream Wine code-base...

20:40

KDE Plasma 5.13 Is Getting Further Polished Ahead Of Its June Release Phoronix

KDE Plasma 5.13 will be starting up even faster, focusing more on Wayland improvements, improved monitor hot-plugging, GTK global menu support, and a lot of polishing throughout...

19:43

Made for each other: Indian start-ups and Chinese investors Lifeboat News: The Blog

Once known as the source of dumb money investments that could hurt, instead of help, tech start-ups in the long-run Chinese investors now have found many happy recipients. In India, start-ups from fintech to e-commerce to transport have all rolled out the red carpet for Chinese investors, not only for their capital but also for their successful track records in similar markets.


Western funding still dominates Indias start-up scene, but entrepreneurs are turning East for cash and expertise that will keep them viable in the long term.

By Coco Liu

0 Share

19:42

A final dash across the United States: Updates from the 2018 March for Science Lifeboat News: The Blog

The March for Science celebrated its anniversary today. And while the turnout around the world was significantly smaller than last year, supporters havent lost any of their energy.


The crowds were much smaller for the second March for Science, but the concerns may have been even more intense.

19:42

The Next Time Friday The 13th Happens In April, It Will Come With A Big Asteroid Lifeboat News: The Blog

The next time Friday the 13th happens in April, in 2029, it will coincide with the flyby of a large asteroid that will only narrowly miss Earth. Its the cosmic equivalent of buzzing the treetops, said one expert.

BuzzFeed News Reporter

Reporting From

Washington, DC

18:55

Blue Origin to Compete to Launch U.S. Military Payloads SoylentNews

Blue Origin's orbital rocket in the running to receive U.S. military investment

Blue Origin submitted a proposal late last year in what's expected to be a four-way competition for U.S. Air Force funding to support development of new orbital-class rockets, a further step taken by the Jeff Bezos-owned company to break into the military launch market, industry officials said. The proposal, confirmed by two space industry sources, puts Blue Origin up against SpaceX, Orbital ATK and United Launch Alliance, which could use Blue Origin's BE-4 engine to power its next-generation Vulcan rocket. It also sets up the New Glenn rocket, in development by Blue Origin, to be certified by the Air Force for national security missions.

Blue Origin received funding in an earlier phase of the Air Force's initiative to help companies develop new liquid-fueled U.S.-built booster engines in a bid to end the military's reliance on the Russian RD-180 powerplant, which drives the first stage of ULA's Atlas 5 rocket. The Air Force's money supported development of the BE-4 engine, which was designed with private money, and is still primarily a privately-funded program. The Pentagon funding announced in early 2016 for the BE-4 program was directly awarded to ULA, which routed the money to Blue Origin's engine program.

SpaceX, Orbital ATK and Aerojet Rocketdyne also received Air Force funding in 2016 for propulsion work. SpaceX used the Air Force money for its methane-fueled Raptor engine, which will power the company's next-generation super-heavy BFR launcher. Orbital ATK is developing its own launcher for national security missions, which would use solid-fueled rocket motors for the initial boost into space, then use a hydrogen-fueled upper stage for orbital injection. Aerojet Rocketdyne's AR1 engine is a backup option for ULA's new Vulcan rocket.

Previously: U.S. Air Force Awards SpaceX $40.7 Million for Raptor Engine Development
Aerojet Rocketdyne Seeks More U.S. Air Force Funding for AR1 Rocket Engine

Related: Jeff Bezos' Vision for Space: One Trillion Population in the Solar System
NASA Opens Door to Possibly Lowering SLS Cost Using Blue Origin's Engines
SpaceX BFR vs. ULA Vulcan Showdown in the 2020s


Original Submission

...

18:48

Pirate Site-Blocking? Music Biz Wants App Blocking Too TorrentFreak

In some way, shape or form, Internet piracy has always been carried out through some kind of application. Whether thats a peer-to-peer client utilizing BitTorrent or eD2K, or a Usenet or FTP tool taking things back to their roots, software has always played a crucial role.

Of course, the nature of the Internet beast means that software usage is unavoidable but in recent years piracy has swung more towards the regular web browser, meaning that sites and services offering pirated content are largely easy to locate, identify and block, if authorities so choose.

As revealed this week by the MPA, thousands of platforms around the world are now targeted for blocking, with 1,800 sites and 5,300 domains blocked in Europe alone.

However, as the Kodi phenomenon has shown, web-based content doesnt always have to be accessed via a standard web browser. Clever but potentially illegal addons and third-party apps are able to scrape web-based resources and present links to content on a wide range of devices, from mobile phones and tablets to set-top boxes.

While its still possible to block the resources upon which these addons rely, the scattered nature of the content makes the process much more difficult. One cant simply block a whole platform because a few movies are illegally hosted there and even Google has found itself hosting thousands of infringing titles, a situation thats ruthlessly exploited by addon and app developers alike.

Needless to say, the situation hasnt gone unnoticed. The Alliance for Creativity and Entertainment has spent the last year (1,2,3) targeting many people involved in the addon and app scene, hoping theyll take their tools and run, rather than further develop a rapidly evolving piracy ecosystem.

Over in Russia, a country that will happily block hundreds or millions of IP addresses if it suits them, the topic of infringing apps was raised this week. It happened during the International Strategic Forum on Intellectual Property, a gathering of 500 experts from more than 30 countries. There were strong calls for yet more tools and measures to deal with films and music being...

18:05

TrueMove H, the biggest 4G mobile operator in Thailand suffered a data leak Security Affairs

TrueMove H, the biggest 4G mobile operator in Thailand suffered a data leak, 46000 peoples data store on an AWS bucked were left on accessible online, including driving licenses and passports.

Lets speak about a new data breach, this time the victim is TrueMove H, the biggest 4G mobile operator in Thailand.

The operator exposed online customers personal data that were stored in an Amazon AWS S3 bucket.

The leaked data also includes scans of identity documents, the data were left accessible until April 12, when the company restricted the access.

The huge trove of data was discovered by security researcher Niall Merrigan that attempted to notify the issue to TrueMove H, but the operator did not respond.

Merrigan told El Reg that the AWS bucked contained 46,000 records for a total of 32GB.

The experts published a blog post on the case, he explained that tools like bucket stream and bucket-finder allow scanning the internet for open S3 AWS buckers.

Merrigan used the bucket-finder tool to find open S3 Buckets when noticed the one belonging to the TrueMove H.

The output from bucket-finder showed several issues such as config files, source code and other potential information disclosures. Bucket finder only gets the top 1000 files via the AWS S3 API. To simplify things, I loaded the results into a small SQL database for analysis. I found all the sites that had 1000 files and did a quick visual scan to see what they contained and if there was a way to identify the owner if the need arose. wrote the expert.

One such owner was True Move H, the second largest mobile operator in Thailand, 

TrueMove H

Representatives...

18:01

Hide Secret Messages In Plain Sight With Zero-Width Characters Hackaday

Fingerprinting text is really very nifty; the ability to encode hidden data within a string of characters opens up a large number of opportunities. For example, someone within your team is leaking confidential information but you dont know who. Simply send each team member some classified text with their name encoded in it. Wait for it to be leaked, then extract the name from the text the classic canary trap.

Heres a method that hides data in text using zero-width characters. Unlike various other ways of text fingerprinting, zero width characters are not removed if the formatting is stripped, making them nearly impossible to get rid of without re-typing the text or using a special tool. In fact youll have a hard time detecting them at all even terminals and code editors wont display them.

To make the process easy to perform, [Vedhavyas] created a command line utility to embed and extract a payload using any text. Each letter in the secret message is converted to binary, then encoded in zero-width characters. A zero-width-non-joiner character is used for 0, and a zero-width-space character for 1.

[Vedhavyas] tool was inspired by a...

17:24

Towards a Posthuman Life Lifeboat News: The Blog

Https://paper.li/e-1437691924#/


When we speak of posthumanism we refer to the expansion of the natural faculties of the human being, and more concretely to the fusion between meat and digital technology

According to Wikipedia a cyborg is an organism that has restored function or enhanced abilities due to the integration of some artificial component or technology that relies on some sort of feedback. For the essential author Donna Haraway the cyborg is a figure born from the interface between the automaton and autonomy. As blogger and author Plcida Ye-Y explains for Haraway the cyborg is at the same time what we are carnality- and what we can be future cyborg, emancipatory possibilities- therefore if our future depends on thinking differently, the cyborg offers us a transitory ontology for the present, an imagery that recognizes the process of constant redefinition that is going to suppose take on the new era. Evidently this theories affect a large number of topics: technology, epistemology, politics, science, art, or feminism.

In reference to this hybridation between humans and communication machiens catalonian philosopher and UOC teacher Pau Alsina explains in his text Humanism 2.0: Art, science, technology and society that the image of the body and the body itself are found in the impacts caused by the information and communication technologies, seeing themselves in this way propelled to the understanding of the new experiences that come to us. This point of view includes from the perspective of Derrick de Kerckhove the creation of new types of human typologies identities, and sensorial experiences like: teleception, expansion, multiple personality or proprioception.

16:48

Analysts Question Whether Curing Patients is a Sustainable Business Model SoylentNews

One-shot cures for diseases are not great for businessmore specifically, theyre bad for longterm profitsGoldman Sachs analysts noted in an April 10 report for biotech clients, first reported by CNBC.

The investment banks report, titled The Genome Revolution, asks clients the touchy question: Is curing patients a sustainable business model? The answer may be no, according to follow-up information provided.

[...] The potential to deliver one shot cures is one of the most attractive aspects of gene therapy, genetically engineered cell therapy, and gene editing. However, such treatments offer a very different outlook with regard to recurring revenue versus chronic therapies... While this proposition carries tremendous value for patients and society, it could represent a challenge for genome medicine developers looking for sustained cash flow.

[...] Ars reached out to Goldman Sachs, which confirmed the content of the report but declined to comment.


Original Submission

Read more of this story at SoylentNews.

15:35

Art Bell Dead at Age 72Days After Supporting a Friends Plan to Drive Into Area 51 cryptogon.com

Art Bell has been in poor health for decades and he was a heavy smoker, so I cant say that his death comes as much of a surprise. But Just before he died, Art was supporting radio host Heather Wade in her plan to drive into Area 51 as an act of civil disobedience. Initially, []

15:01

Big Mouth Billy Bass Channels Miley Cyrus Hackaday

Heres a Big Mouth Billy Bass with extra lip thanks to Alexa. If youre not already familiar, Big Mouth Billy Bass is the shockingly popular singing animatronic fish designed to look like a trophy fish mounted to hang on your wall. In its stock condition, Billy uses a motion sensor to break into song whenever someone walks by. Its limited to a few songs, unless you like to hack things in which case its a bunch of usable parts wrapped in a humorous fish! Hackadays own [Bob Baddeley] combined the fish with an Amazon Echo Dot, connecting the two with an ATtiny84, and having Billy speak for Alexa.

[Bob] had a few problems to solve, including making Billys mouth move when there was audio playing, detecting when the Echo was on, moving the motors and playing the audio. After a bit of research and a lot of tweaking, a Fast Fourier Transform algorithm designed for the ATtiny was used was used to get the mouth moving. The mouth didnt move a lot because of the design of the fish, and [Bob] modified it a bit, but there was only so much he could do.

Its all well and good for the fish to lie there and sing, but [Bob] wanted Billy to move when Alexa was listening, and in order the detect this, the best bet was to watch for the Dots light to turn on. He tried a couple of things but decided that the simplest method was probably the best and ended up just taping a photo-resistor over the LED. Now Billy turns to look at you when you ask Alexa a question.

With a few modifications to the Dots enclosure, everything now fits inside the original mounting plaque and, after some holes were drilled so the Dot could hear, working. Billy has gone from just a few songs to an enormous entire library of songs to sing!

Weve seen Alexa combined with Big Mouth Billy Bass before, but just demos and never an excellent guide like [Bobs].  The nice thing about this guide is that once youve hacked the hardware, its a breeze to add new functionality using Alexa skills.

14:45

WHOIS is Dead as Europe Hands DNS Overlord ICANN an Ultimatum SoylentNews

The Whois public database of domain name registration details is dead.

In a letter [PDF] sent this week to DNS overseer ICANN, Europe's data protection authorities have effectively killed off the current service, noting that it breaks the law and so will be illegal come 25 May, when GDPR comes into force.

The letter also has harsh words for ICANN's proposed interim solution, criticizing its vagueness and noting it needs to include explicit wording about what can be done with registrant data, as well as introduce auditing and compliance functions to make sure the data isn't being abused.

ICANN now has a little over a month to come up with a replacement to the decades-old service that covers millions of domain names and lists the personal contact details of domain registrants, including their name, email and telephone number.

ICANN has already acknowledged it has no chance of doing so: a blog post by the company in response to the letter warns that without being granted a special temporary exemption from the law, the system will fracture.

[...] Critics point out that ICANN has largely brought these problems on itself, having ignored official warnings from the Article 29 Working Party for nearly a decade, and only taking the GDPR requirements seriously six months ago when there has been a clear two-year lead time.

One company that is caught in the middle of the dispute is sanguine about the possible death of the service. "Is this the end of public Whois? Yes, in its current form," CEO of Irish registrar Blacknight, Michele Neylon told us. "But is it going to go completely dark? No."

"That decision probably cost us money, but if we have to choose between operating legally or illegally our path is clear," he wrote in a blog post this week.


Original Submission

R...

13:37

AI Creates a 3D Model of a Person from Just a Few Seconds of Video cryptogon.com

Via: Science: Transporting yourself into a video game, body and all, just got easier. Artificial intelligence has been used to create 3D models of peoples bodies for virtual reality avatars, surveillance, visualizing fashion, or movies. But it typically requires special camera equipment to detect depth or to view someone from multiple angles. A new algorithm []

12:31

Apple Struggling to Sell "Superior" HomePods SoylentNews

Apple's HomePod has failed to take away much market share from rival devices such as Amazon Echo and Google Home:

When Apple Inc.'s HomePod smart speaker went on sale in January, it entered a market pioneered and dominated by Amazon's Echo lineup of Alexa-powered devices. Apple has been touting the HomePod's superior sound quality but so far hasn't enticed many consumers to part with $349.

By late March, Apple had lowered sales forecasts and cut some orders with Inventec Corp., one of the manufacturers that builds the HomePod for Apple, according to a person familiar with the matter.

At first, it looked like the HomePod might be a hit. Pre-orders were strong, and in the last week of January the device grabbed about a third of the U.S. smart speaker market in unit sales, according to data provided to Bloomberg by Slice Intelligence. But by the time HomePods arrived in stores, sales were tanking, says Slice principal analyst Ken Cassar. "Even when people had the ability to hear these things," he says, "it still didn't give Apple another spike."

During the HomePod's first 10 weeks of sales, it eked out 10 percent of the smart speaker market, compared with 73 percent for Amazon's Echo devices and 14 percent for the Google Home, according to Slice Intelligence. Three weeks after the launch, weekly HomePod sales slipped to about 4 percent of the smart speaker category on average, the market research firm says. Inventory is piling up, according to Apple store workers, who say some locations are selling fewer than 10 HomePods a day. Apple declined to comment.

Also at BGR and AppleInsider.

See also: Why Apple's HomePod Is Three Years Behind Amazon's Echo

Related: Apple's "HomePod" Sinks Users Deeper Into a Walled Garden


Original Submission

Read more of this story at SoylentNews.

12:01

Neon Lamps Light Up Dim Ion Motor Hackaday

Small pinwheel type ion motors fall into the category of a fun science experiment or something neat to do with high voltage, but Hackadays own [Manuel Rodriguez-Achach] added a neat twist that incorporates neon lamps.

Normally youd take a straight wire and make 90 degree bends at either end but pointing in opposite directions, balance it on a pole, and apply a high voltage with a moderate amount of current. The wire starts spinning around at the top of the pole, provided the ends of the wire are sharp enough or the wire has a small enough diameter. If your power supply has ample current available then in the dark youll even see a purplish glow, called a corona, at the tips of the wire.

[Manuel] made just such an ion motor but his power supply didnt have the necessary current to produce a strong enough corona to be visible to his camera. So he very cleverly soldered neon lamps on the two ends of the wires. One leg of each lamp goes to the wire and the other end of the lamp acts as the sharp point left out in the air for emitting the ions.

The voltage needed across each lamp in order to ignite it is that between the high voltage power supplys output and the potential of the surrounding air. That air may be initially at ground potential but he also bends the other output terminal of the power supply such that its tip is also up in the air. This way it sprays ions of the opposite polarity into the surrounding air.

Either way, the neon lamps light up and the wire spins around on the pole. Now, even without a visible corona, his ion motor makes an awesome display. Check it out in the video below.

For more about these ion motors, sometimes called electric whirls, check our article about all sorts of interesting non-electromagnetic motors.

10:27

The Raspberry Pi 3B+ as an SDR Without the SDR! SoylentNews

Weve become used to software-defined radio as the future of radio experimentation, and many of us will have some form of SDR hardware. From the $10 RTL USB sticks through to all-singing, all-dancing models at eye-watering prices, there is an SDR for everyone.

What about the idea of an SDR without any external hardware? Instead of plugging something into your Raspberry Pi, how about using the Pi itself, unmodified? Thats just what the Nexmon SDR project has achieved, and this has been made possible through clever use of the on-board Broadcom 802.11ac WiFi chip. The result is a TX-capable SDR, albeit one only capable of operating within the 2.4 GHz and 5 GHz spectrum used by WiFi.


Original Submission

Read more of this story at SoylentNews.

09:01

Mc Lighting Takes the Pain out of Blinking Hackaday

If you want to blink a ton of WS2812-alike LED pixels over WiFi, the hardware side of things is easy enough: an LED strip, and ESP8266 unit, and a beefy enough power supply to feed them. But the software side thats where it can be a bit of a pain.

Enter Mc Lighting. It makes the software side of things idiot-proof. Flash the firmware onto the ESP8266, and youve got your choice of REST, WebSockets, or MQTT to get the data in. This means that itll work with Homekit, NodeRed, or an ESP-hosted web interface that you can pull up from any smartphone.

The web interface is particularly swell, and has a bunch of animations built in. (Check out the video below.) This means that you can solder some wires, flash an ESP, and your least computer-savvy relatives can be controlling the system in no time. And speaking of videos, Mc Lightings author [Tobias] has compiled a playlist of projects that use the library, also just below. The docs on GitHub are great, and also check out the wiki.

So what are you waiting for? Do you or your loved ones need some blink in your life? And while youre ordering LED strips, get two. Youre going to want to build TWANG! as well.



08:30

A Look At The HAMMER2 File-System Performance With DragonFlyBSD 5.2 Phoronix

With this week's release of DragonFlyBSD 5.2 this popular BSD operating system is promoting its own HAMMER2 file-system as stable. As a result, here are a few fresh benchmarks of HAMMER vs. HAMMER2 on DragonFlyBSD 5.2 while more tests are forthcoming.

08:25

New Hampshire Court: First Amendment Says You Can Call a Patent Troll a Patent Troll SoylentNews

TechDirt reports

A New Hampshire state court has dismissed a defamation suit filed by a patent owner unhappy that it had been called a "patent troll". The court ruled [PDF] that the phrase "patent troll" and other rhetorical characterizations are not the type of factual statements that can be the basis of a defamation claim. While this is a fairly routine application of defamation law and the First Amendment, it is an important reminder that patent assertion entities--or "trolls"--are not shielded from criticism. Regardless of your view about the patent system, this is a victory for freedom of expression.

[...] The court went on to explain that "patent troll" is a term without a precise meaning that "doesn't enable the reader or hearer to know whether the label is true or false". The court notes that the term could encompass a broad range of activity (which some might see as beneficial, while others see it as harmful).

The court also ruled that challenged statements such as "shakedown" and comparisons to "blackmail" were non-actionable "rhetorical hyperbole". This is consistent with a long line of cases finding such language to be protected. Indeed, this is why John Oliver can call coal magnate Robert Murray a "geriatric Dr. Evil" and tell him to "eat shit". As the ACLU has put it, you can't sue people for being mean to you. Strongly expressed opinions, whether you find them childish or hilariously apt (or both), are part of living in a free society.


Original Submission

Read more of this story at SoylentNews.

08:21

Killing Patent Quality and Encouraging Covert Software Patents Using the Buzzwords Du Jour Techrights

Du JourSummary: The epidemic of buzzwords and/or hype waves that are being exploited to dodge or bypass patent scope/limitations, as seen in Europe and the US these days

THE granting of software patents seems to have become routine at the EPO to the point where large law firms publicly assert that its now easier to get such patents from the EPO than from the USPTO. Its a travesty because software patents are unofficially forbidden in Europe. Its like they swapped roles. Good for the US, bad for Europe.

Watch what the EPO has just formally said: European patent applications related to smart, connected objects are rising rapidly, achieving a growth rate of 54% in the last three years.

Its a travesty because software patents are unofficially forbidden in Europe.They have tagged this Industry 4.0 (buzzword) and 4IR, which is what the EPO calls software patents these days, so they basically brag about granting bogus software patents. This is where supposed growth comes from: bogus software patents.

We arent bashing EPO examiners; we know theyre primarily victims of really terrible management. Battistelli destroyed the EPO and he'll be receiving two more years of salary as a bonus for it. Theres no justice in this world. If there was, he would be detained like his padrone.

Anyway, some good people remain at the EPO. Theyre technical people, i.e. theyre not top-level management (Team Battistelli is almost consistently nontechnical and under-qualified).

We arent bashing EPO examiners; we know theyre primarily victims of really terrible management....

07:31

Testing RADV's Out-of-Order Rasterization Vulkan Performance Phoronix

With the RADV Vulkan driver recently landing improvements to its out-of-order rasterization support, I ran some performance benchmarks of this non-default feature to see if it made much of a deal for today's Vulkan Linux games...

07:06

Crisis of Quality at the EPO Extends to Staff (Notably Examiners) and Management as Institutional Integrity is Severely Compromised Techrights

Erosion of patents/staff retention rates and corrupt management plague the patent office once known as the best in the world (now known as perhaps the most corrupt)

Summary: A rather pessimistic but likely realistic outlook for the European Patent Office (EPO), which seems unable to attract the sort of staff it attracted for a number of decades

THE quality (or skills/experience level) of EPO recruits has taken a massive dive. Its a deterioration that EPO insiders keep complaining about. Its not just a decline in patent quality but also the abilities of examiners. Many are leaving only to be replaced by far less experienced people. Just see what people who come for a job interview are saying. Some of them are rather shocked.

Many are leaving only to be replaced by far less experienced people.Making the right decisions on patent grants requires a high level of expertise, the EPO wrote a few days ago, so the EPO provides a two-year training programme for newly recruited examiners.

With layoffs in the making, one must wonder if theres any future for them (or what kind of future). Its worth noting that the management too is of bad quality; a lot of managers are simply friends and allies of Battistelli (some appear to have been hired owing to family connections). How about that Croatian bully who was hired by Battistelli and had his contract renewed at his proposal? The only thing EPO gets from Croatia seems very dodgy officials who censor the Croatian media. To put things in perspective, Croatian media wrote some days ago that Croatian patents are something like a thousandth of what Germany gets. To quote:

In 2017, Croatian researchers and innovators have registered just ten patents.

In five years, Croatian researchers and innovators have registered just 55 patents with the European Patent Office (EPO). Last year, they...

06:51

Google Search Receives Fewer Takedown Notices Than Before TorrentFreak

In recent years Google has had to cope with a continuous increase in takedown requests from copyright holders, which target pirate sites in search results.

Just a few years ago the search engine removed only a few thousand URLs per day. This has since grown to millions and has kept growing, until recently.

Around a year ago Google received a billion takedown requests a year, and for a while, it stabilized at roughly 20 million requests per week. By October last year, Google search had processed over three billion DMCA requests since it started counting.

After that, it appears that things calmed down a little. Where Googles weekly takedown chart went up year after year, its now trending in a downward direction.

During the past half year, Google received only 375 million takedown requests. That translates to roughly 15 million per week or 750 million per year. This is a 25% decrease compared the average in 2016.

Does this mean that copyright holders can no longer find enough pirated content via the search engine? We doubt it. But its clear that some of the big reporting agencies are sending in less complaints.

Degban, for example, which was at one point good for more than 10% of the weekly number of DMCA requests, has disappeared completely. Other big players, such as the Mexican anti-piracy outfit APDIF and Remove Your Media, have clearly lowered their volumes.

APDIFs weekly DMCA volume

Of all the big players, UK Music Group BPI has been most consistent. Their average hasnt dropped much in recent years, but is certainly not rising either.

Its too early to tell whether this trend will hold, but according to the numbers we see now, Google will for the first time have a significant decrease in the number of takedown requests this year.

Despite the decrease, Google is under quite a bit of pressure from copyright holders to improve its takedown efforts. Most would like Google to delist pirate site domains entirely.

While the search engine isnt willing to go that far, it does give a lower ranking to sites for which it receives a large volume of takedown requests. In addition, the company recently started accepting...

06:42

Becoming Transhuman: The Complicated Future of Robot and Advanced Sapient Rights Lifeboat News: The Blog

My article for the Cato Institute via Cato Unbound is out. Cato is one of the leading think tanks in the world, so Im excited they are covering transhumanism:


Zoltan Istvan describes a complicated future when humans arent the only sapients around anymore. Citizenship for Sophia was a publicity stunt, but it wont always be so. Istvan insists that if technology continues on the path it has traveled, then there is only one viable option ahead for humanity: We must merge with our creations and go full cyborg. If we do not, then machines may easily replace us.

06:17

Apple Leak: If You Leak from Apple, We'll Have You Arrested, Says Apple SoylentNews

El Reg reports:

Apple has gone full swivel-eyed, control-freak crazy on its own employees with a demented internal memo decrying information leaks.

"In 2017, Apple caught 29 leakers. 12 of those were arrested", says the terror missive from Cupertino, ironically leaked to Bloomberg. "Among those were Apple employees, contractors and some partners in Apple's supply chain."

It then threatens long-lasting harm to anyone stupid enough to let anyone know anything about its products before, you know, it launches them and tries to sell as many as humanely possible.

"These people not only lose their jobs, they can face extreme difficulty finding employment elsewhere", the letter rants.

[...] "Leakers do not simply lose their jobs at Apple. In some cases, they face jail time and massive fines for network intrusion and theft of trade secrets both classified as federal crimes."

What a lovely company.

Unless you're the FCC.


Original Submission

Read more of this story at SoylentNews.

06:00

Shoes That Tell You Where to Go Hackaday

The worst thing about walking around while trying to follow directions is that you have to keep looking down at them to get the next turn. At best, youll miss out on the scenery; at worst, you might walk into traffic.

Wouldnt it be great if you didnt have to look down? Yes it would, and with Walkity, theres no need to look down. Walkity is a set of cuffs that slip on the backs of your shoes, pairs with your phone, and uses haptic feedback to tell you where to go. Each one has an Arduino Mini Pro, an NRF24L01 to talk to its mate, a Bluetooth module, a vibration motor, and what must be the thinnest, most flexible LiPo currently available on Earth. The specified cell is PGEB0083559, a 65 mAH cell that is 0.8 mm thick!

Your smartphone will vibrate in your pocket during naviation but our experience has been that of still not knowing which way to turn. Walkitys feedback is simple and intuitive. The left cuff vibrates to indicate a left turn, right for right, and both vibrate when you reach your destination. Going the wrong way? Walkity will vibrate vigorously to let you know its time to pull over. Its a great example of a an entry for the Human Computer Interface Challenge of the Hackaday Prize!

We often see haptic feedback used for navigation, but it can also be used to teach new skills.

The HackadayPrize2018 is Sponsored by:

05:22

The FEBS Journal Lifeboat News: The Blog

The inflammation cancer connection.


The FEBS J ournal

Volume 285, Issue 4

05:14

Malware researcher have dismantled the EITest Network composed of 52,000 Security Affairs

Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign and shut down it.

Malware researchers from Abuse.ch, BrillantIT, and Proofpoint have sinkholed the control infrastructure behind EITest campaign that leveraged on a network of hacked servers exploited by crooks to distribute traffic (TDS).

The network was used to redirect users to compromised domains hosting exploit kits, delivering malware or used for other fraudulent activities such as tech scams.

EITest infrastructure was first discovered back in 2011, from middle 2014 crooks started using it as a TDS botnet.

researchers traced the chain via server side artifacts and some historical analysis of server side compromises to infections as early as 2011 when it was redirecting to a private EK known as Glazunov. wrote Proofpoint researcher Kafeine.

The infection chain appears to have paused between the end of 2013 and the beginning of July 2014, when it began directing into Angler

Hackers installed a backdoor on the compromised machines and used it to redirect legitimate traffic to malicious websites, for this reason, experts defined EITest as the king of traffic distribution.

EITest is one of the longest malicious delivery campaigns that has continued to evolve. In the spring of 2017, it started redirecting Internet Explorer users to tech support scams in addition to the existing redirections with the fake Chrome fonts. reads the analysis published Malware dont need coffee. website.

Actors behind this campaign are generating hundreds of domains per day.The only purpose of those domains names is to redirect users to tech support scams or malicious websites.

According to researcher Kafeine, crooks behind the EITest campaign started selling hijacked traffic from hacked sites for $20 per 1,000 users, selling traffic blocks of 50-70,000 visitors, generating between $1,000 and $1,400 per block of traffic.

in the past month the activity behind this infection chain has primarily consisted of social engineering [1] and tech support scams [3] leading to ransomware. added Kafeine.

Early 2018, a malware a researcher at BrillantIT was able...

05:03

Scientists Just Achieved The Worlds Most Precise Chemical Reaction Lifeboat News: The Blog

Scientists have just performed the worlds most precisely controlled chemical reaction, sticking together just two atoms from elements that wouldnt normally form a molecule.

The two elements sodium and caesium produced an interesting alloy-like molecule. On top of that, this method of creation could set the way of making just the kind of materials we might need in future technology.

A team of Harvard University scientists used laser tweezers to manipulate individual atoms of the two alkali metals into close proximity, and provided a photon to help them bond into a single molecule.

05:02

In the hope of a cure: can stem cells treat autism? Lifeboat News: The Blog

A key trial, based in the U.S., looks to test if stem cells can help treat autism.

05:02

Googles astounding new search tool will answer any question Lifeboat News: The Blog

Vancouver, British Columbia, Canada

Imagine if you could gather thousands of writers in a circle to discuss one question. What would optimist Thomas L. Friedman say about intervening in Syria, for example? Would chaos theorist Santo Banerjee concur?

Google now has a way to convene that kind of forumin half a second. Speaking to TED curator Chris Anderson yesterday (April 13), legendary futurist Ray Kurzweil introduced Talk to Books a new way to find answers on the internet that should bring pleasure to researchers, bookworms and anyone seeking to expand their thinking on a range of topics.

04:51

MPAA and RIAA Still Cant Go After Megaupload TorrentFreak

Well over six years have passed since Megaupload was shutdown, but there is still little progress in the criminal proceedings against its founders.

The United States wants New Zealand to extradite the men but have thus far failed to achieve that goal. Dotcom and his former colleagues are using all legal means to prevent this eventuality and a final conclusion has yet to be reached.

While all parties await the outcome, the criminal case in the United States remains pending. The same goes for the lawsuits filed by the MPAA and RIAA in 2014.

Since the civil cases may influence the criminal proceedings, Megauploads legal team previously managed to put these cases on hold, and last week another extension was granted.

Previous extensions didnt always go this easy. Last year there were concerns that the long delays could result in the destruction of evidence, as some of Megauploads hard drives were starting to fail.

However, after the parties agreed on a solution to back-up and restore the files, this is no longer an issue.

With the preservation order in place, and there being no other objection, Defendant Megaupload hereby moves the Court to enter the attached proposed order, continuing the stay in this case for an additional six months, Megauploads legal team recently informed the court.

Without any objections from the MPAA and RIAA, U.S. District Court Judge Liam OGrady swiftly granted Megauploads request to stay both lawsuits until October this year.

While the US Government hopes to have Dotcom in custody by that time, the entrepreneur has different plans. Following a win at the Human Rights Tribunal in New Zealand, he hopes to put the criminal case behind him soon.

If that indeed happens, the MPAA and RIAA might have their turn.

The latest stay order

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

...

04:49

The Blockchaining of Software Patents (to Dodge the Rules/Guidelines) Now Coming to Europe Techrights

Its really just a topological trick and it is barely unprecedented

What is the Difference Between a Blockchain and a Database?
Reference: What is the Difference Between a Blockchain and a Database?

Summary: A lot of software patents are being declared invalid (or not granted in the first place); having said that, using all sorts of hype waves (like calling databases blockchains) firms and individuals manage to still be granted software patents and sometimes patent trolls hoard these

TACKLING software patents is a process which takes a lot of time. There are many such patents out there and software patents arent typically marked as such. At the EPO they keep coming up with new buzzwords and the USPTO allows software patents as long as their abstract nature is disguised somehow. Patent lawyers now make a career out of manipulating or fooling examiners. Examiners oughtnt find that amusing because it takes its toll on the reputation of examiners, not these mischievous law firms reputation. The presumption of honesty just isnt there anymore. Closer and longer scrutiny of patent applications may be needed. We have said all this before, so rather than repeat ourselves lets look at examples from the past weeks news.

The OSIs Simon Phipps was a feature story/item in Linux Journal some days ago. Here is the part about software patents:

Software patents represent one of several areas into which OSI has been expanding. Patents have long been a thorny issue for open source, because they have the potential to affect not only people who develop software, but also companies who merely run open-source software on their machines. They also can be like a snake in the grass; any software application can be infringing on an unknown patent.

OSI has been rather disappointing in the sense that it did virtually nothing on the subject; to be fair, thats not a uniqu...

03:58

China Is Nationalizing Its Tech Sector cryptogon.com

Via: Bloomberg: As Bloomberg News reported this week, a key stumbling block in trade negotiations between China and the U.S. has been Beijings extensive support for its technology firms. But if President Donald Trumps administration thinks that will change any time soon, it hasnt been paying attention: Far from reducing support for the tech sector, []

03:56

Facebook Deletes Richard Spencer's Accounts in Hate Speech Crackdown SoylentNews

On the Daily Dot:

The Facebook pages of Richard Spencer, the alt-right leader who was famously punched in the face last year, have been suspended.

The pages for the National Policy Institute, a lobbying group of sorts for white nationalists, and Spencer's online magazine "altright.com," vanished on Friday after Vice sent the social network an inquiry about hate groups. They had a combined following of almost 15,000 followers.

The action was taken just days after Mark Zuckerberg emphasized during his testimony before Congress that Facebook does not allow hate speech. But it wasn't until Vice flagged the accounts that Facebook suspended them. The social network said in a statement that it identifies violating pages using human monitors, algorithms, and partnerships with organizations.

Also at Engadget and Vice.


Original Submission

Read more of this story at SoylentNews.

03:45

Mesa's Gallium HUD Gets A Simple Option Phoronix

The Gallium3D Heads-Up Display (HUD) has matured into quite a useful option for Mesa users over the past several years. There is now a Gallium HUD "simple" option...

03:40

Donald Trump Claims Mission Accomplished cryptogon.com

Via: Independent: Donald Trump has claimed mission accomplished over the raids on Syria echoing the ill-fated words of George W Bush fifteen years earlier when he spoke about Iraq. Speaking hours after US, UK and French forces hit three targets in Syria they said were associated with the production, storage and use of chemical []

03:38

New malware mine cryptocurrency without open browser session HackRead

By Waqas

Initially, the cryptomining malware aimed at generating cryptocurrency using open browser

This is a post from HackRead.com Read the original post: New malware mine cryptocurrency without open browser session

03:22

A Spooky Quantum Experiment Creates What May Be the Most Entangled Controllable Device Yet Lifeboat News: The Blog

If youve read anything about quantum computers, you may have encountered the statement, Its like computing with zero and one at the same time. Thats sort of true, but what makes quantum computers exciting is something spookier: entanglement.

A new quantum device entangles 20 quantum bits together at the same time, making it perhaps one of the most entangled, controllable devices yet. This is an important milestone in the quantum computing world, but it also shows just how much more work there is left to do before we can realize the general-purpose quantum computers of the future, which will be able to solve big problems relating to AI and cybersecurity that classical computers cant.

Were now getting access to single-particle-control devices with tens of qubits, study author Ben Lanyon from the Institute for Quantum Optics and Quantum Information in Austria told Gizmodo. Soon, we can get to the level where we can create super-exotic quantum states and see how they behave in the lab. I think thats very exciting.

03:03

There is no such thing as past or future: physicist Carlo Rovelli on changing how we think about time Lifeboat News: The Blog

Seven Brief Lessons on Physics sold over a million copies around the world. Now Rovelli is back to explore the mysteries of time. He tells about student revolution and how his quantum leap began with an acid trip.

Extract from Carlo Rovellis new book: on the elastic concept of time.

03:03

Venus Visits Night Sky This Month: How to See It Lifeboat News: The Blog

Venus will appear with many vivid stellar landmarks in Aprils night sky.

03:02

How quantum computing could wreak havoc on cryptocurrency Lifeboat News: The Blog

Quantum computing is promising to be one of the biggest technological revolutions of the modern era.

By harnessing the power of quantum mechanics, machines will be able to achieve data processing of speed and complexity unattainable with current computers. Traditional computers are based on a binary model on a system of switches that can be either on or off, represented with a 1 or a 0.

Quantum computers are different in that their switches can be in both the on and off positions at the same time, called superpositions. This ability to be in two simultaneous states is what makes quantum computers faster. Much faster.

03:01

When Stirling Engines Meet 3D Printers Hackaday

Lets face it, everybody wants to build a Stirling engine. Theyre refined, and generally awesome. Theyre also a rather involved fabrication project which is why you dont see a lot of them around.

This doesnt remove all of the complexity, but by following this example 3D printing a Sterling engine is just about half possible. This one uses 3D printing for the frame, mounting brackets, and flywheel. That wheel gets most of its mass from a set of metal nuts placed around the wheel. This simple proof-of-concept using a candle is shown off in the video after the break, where it also gets an upgrade to an integrated butane flame.

Stirling engines operate on heat, making printed plastic parts a no-go for some aspects of the build. But the non-printed parts in this design are some of the simplest weve seen, comprising a glass syringe, a glass cylinder, and silicone tubing to connect them both. The push-pull of the cylinder and syringe are alternating movements caused by heat of air from a candle flame, and natural cooling of the air as it moves away via the tubing.

Wed say this one falls just above mid-way on the excellence scale of these engines (and thats great considering how approachable it is). On the elite side of things, heres a 16-cylinder work of art. The other end of the scale may not look as beautiful, but theres nothing that puts a bigger smile on our faces than clever builds using nothing but junk.

02:51

Critical Vulnerability in Drupal CMS Used for Cryptomining HackRead

By Uzair Amir

For your information, Drupal is also an open-source content management

This is a post from HackRead.com Read the original post: Critical Vulnerability in Drupal CMS Used for Cryptomining

02:30

DXVK 0.42 Brings DXGI Gamma Control, HLSL Bits For Tessellation/Geometry Shaders Phoronix

DXVK 0.42 is now available as the open-source project implementing the Direct3D 11 API over Vulkan for the benefit of Wine-based gamers...

01:59

Fortnite server crashes, Pornhub respond with hilarious tweet TechWorm

Pornhub ask Epic to get Fortnites servers fixed or their servers would crash next

Epic Games, the studio behind the insanely popular video game Fortnite Battle Royale of 2018, in the early hours of Thursday had tweeted that its Fortnite servers was encountering server difficulties due to the latest 3.5 update and would be down for emergency maintenance to tackle numerous bugs and technical issues.

Were bringing the servers offline for emergency upkeep. We apologize for this inconvenience. We presently dont have any ETA on when servers shall be again up. Keep up to date with our standing web page right here: https://t.co/3y0X6buriO

Pornhub, one of the internets biggest adult sharing sites, took the opportunity to reply with a hilarious tweet saying, Please hurry or our servers will crash next, indirectly hinting at the huge increase in traffic to their website while Fortnite servers are down.

While the tweet by Pornhub was certainly a joke, the Pornhub insights team at the end of March had released information that theres been a huge spike in people searching for Fortnite porn videos on their website.

...

01:42

New Trojan Malware Could Mind-Control Neural Networks Lifeboat News: The Blog

Each new technological breakthrough comes seemingly prepackaged with a new way for hackers to kill us all: self-driving cars, space-based weapons, and even nuclear security systems are vulnerable to someone with the right knowledge and a bit of code. Now, deep-learning artificial intelligence looks like the next big threat, and not because it will gain sentience to murder us with robots (as Elon Musk has warned): a group of computer scientists from the US and China recently published a paper proposing the first-ever trojan for a neural network.

Neural networks are the primary tool used in AI to accomplish deep learning, which has allowed AIs to master complex tasks like playing chess and Go. Neural networks function similar to a human brain, which is how they got the name. Information passes through layers of neuron-like connections, which then analyze the information and spit out a response. These networks can pull off difficult tasks like image recognition, including identifying faces and objects, which makes them useful for self-driving cars (to identify stop signs and pedestrians) and security (which may involve identifying an authorized users face). Neural networks are relatively novel pieces of tech and arent commonly used by the public yet but, as deep-learning AI becomes more prevalent, it will likely become an appealing target for hackers.

The trojan proposed in the paper, called PoTrojan, could be included in a neural network product either from the beginning or inserted later as a slight modification. Like a normal trojan, it looks like a normal piece of the software, doesnt copy itself, and doesnt do much of anything Until the right triggers happen. Once the right inputs are activated in a neural network, this trojan hijacks the operation and injects its own train of thought, making sure the network spits out the answer it wants. This could take the form of rejecting the face of a genuine user and denying them access to their device, or purposefully failing to recognize a stop sign to create a car crash.

...

01:42

China could become a major space power by 2050 Lifeboat News: The Blog

Chinas comprehensive space plansincluding launches, robotic moon bases, and interplanetary manned missionswill make the country a major space power by 2050.

01:25

Latest F-35 Flight Tests Finish--and US Stops Accepting New Jets SoylentNews

El Reg reports:

Contract wrangle overshadows milestone

The F-35 fighter jet has completed one of its years-long flight testing programmes--just in time for the United States to suspend all deliveries of the new supersonic aircraft.

[...] Finishing SDD means that Block 3F of the aircraft's operating system can now be frozen and rolled out to all worldwide users. That block is not without its own rather fundamental problems, as the US Department of Operational Test and Evaluation has found. Flight tests will continue to validate later versions of the software, such as the still-in-beta Block 4, as well as ironing out bugs discovered during Block 3F testing and deferred to later releases.

However, even as the flight test programme came to a close, the US Department of Defence stopped accepting new jets from manufacturer Lockheed Martin over a contract wrangle. Reuters summarised it in the following terms: "Neither party discovered the issue at the time of production, so each has pointed to the other to fix it."

An American government spokesman said: "This is not a safety of flight issue but rather a contractual resourcing issue that needs to be resolved. The [US] government has implemented this pause to ensure the warfighter receives a quality product from industry."


Original Submission

Read more of this story at SoylentNews.

00:58

Facebook shuts down pages affiliated with Richard Spencer The Hill: Technology Policy

Facebook has taken down two pages associated with the white supremacist Richard Spencer, Vice reported.The two pages belonged to Spencers National Policy Institute and his website altright.com.Facebook confirmed to BuzzFeed that the pages were shut...

Friday, 13 April

16:54

MAP_STACK Stack Register Checking Committed to -current OpenBSD Journal

The MAP_STACK anti-ROP mechanism described in a recent article has been committed to -current. The commit message includes:

Implement MAP_STACK option for mmap().  Synchronous faults (pagefault and
syscall) confirm the stack register points at MAP_STACK memory, otherwise
SIGSEGV is delivered. sigaltstack() and pthread_attr_setstack() are modified
to create a MAP_STACK sub-region which satisfies alignment requirements.
Observe that MAP_STACK can only be set/cleared by mmap(), which zeroes the
contents of the region -- there is no mprotect() equivalent operation, so
there is no MAP_STACK-adding gadget.
This opportunistic software-emulation of a stack protection bit makes
stack-pivot operations during ROPchain fragile (kind of like removing a
tool from the toolbox).

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog