IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Thursday, 15 November

07:37

Internal poll: Morale declines at Facebook after year of scandals The Hill: Technology Policy

Employee morale is reportedly declining at Facebook after a rough year for the company. According to internal poll results conducted by the company and obtained by the Wall Street Journal, just over half of Facebook employees, 52 percent, say...

07:33

AMD Stages Latest Radeon/AMDGPU Changes For Linux 4.21 Kernel Phoronix

AMD has posted their initial set of AMDGPU driver changes slated to go into the future Linux 4.21 kernel by way of DRM-Next...

07:27

Calif. Man Pleads Guilty in Fatal Swatting Case, Faces 20+ Years in Prison Krebs on Security

A California man who pleaded guilty Tuesday to causing dozens of swatting attacks including a deadly incident in Kansas last year now faces 20 or more years in prison.

Tyler Raj Barriss, in an undated selfie.

Tyler Barriss, 25, went by the nickname SWAuTistic on Twitter, and reveled in perpetrating swatting attacks. These dangerous hoaxes involve making false claims to emergency responders about phony hostage situations or bomb threats, with the intention of prompting a heavily-armed police response to the location of the claimed incident.

On Dec. 28, 2018, Barriss placed a call from California to police in Wichita, Kansas, claiming that he was a local resident whod just shot his father and was holding other family members hostage.

When Wichita officers responded to the address given by the caller 1033 W. McCormick they shot and killed 28-year-old Andrew Finch, a father of two who had done nothing wrong.

Barriss admitted setting that fatal swatting attack in motion after getting in the middle of a dispute between two Call of Duty gamers, 18-year-old Casey Viner from Ohio and Shane Gaskill, 20, from Wichita.

Viner allegedly asked Barriss to swat Gaskill. But when Gaskill noticed Barriss Twitter account (@swattingaccount) suddenly following him online, he tried to deflect the attack. Barriss says Gaskill allegedly dared him to go ahead with the swat, but then gave Barriss an old home address 1033 W. McCormick which was then being occupied by Finchs family.

Viner and Gaskill are awaiting trial. A more detailed account of their alleged dispute is told here.

According to the Justice Department, Barriss pleaded guilty to making hoax bomb threats in phone calls to the headquarters of the FBI and the Federal Communications Commission in Washington, D.C. He also made bomb threat and swatting calls from Los Angeles to emergency numbers in Ohio, New Hampshire, Nevada, Massachusetts, Illinois, Utah, Virginia, Texas, Arizona, Missouri, Maine, Pennsylvania, New Mexico, New York, Michigan, Florida and Canada.

U.S. Attorney Stephen McAllister...

06:39

Science Minister Sam Gyimah and the EPO Are Eager to Attack Science by Bringing Patent Trolls to Europe/European Union and the United Kingdom Techrights

Sam Gyimah

Summary: Team UPC has managed to indoctrinate or hijack key positions, causing those whose job is to promote science to actually promote patent trolls and litigation (suppressing science rather than advancing it)

THE European Patent Office (EPO) has just ended EPOPIC. We wrote about the second and first day (more on the latter) because of the EPOs promotion of software patents in Europe.

Its no secret that UPC is for patent trolls; its most vocal proponents and most aggressive pushers are technically serving patent trolls from the US.The event was finished around midday today and no controversial talks were scheduled (we can agree with most of what was said there, focusing on patents as information sources that need to be linked, searched, and made accessible though open data).

The EPO wants this event to be more of an echo chamber next time and the only time it mentioned AI (earlier today) it was in relation to search, not patent scope. The EPO rewteeted this: Honored to have the chance to contribute our thoughts about the future of #ArtificialIntelligence for #patent search at the #EPOPIC alongside three great speakers. https://twitter.com/epoorg/status/1062387433348710402

Its worth noting that at no point did the EPO mention the UPC, at least not in tweets. Its almost as though its presumed dead.

One person remarked on the EPOs promotion of software patents in Europe by saying: 1) On June, 2015 the Paris High Court, said: Article 52 of the EPC is perfectly clear and does not require any interpretation: computer programs as such are excluded from patentability, and the reason for this is that they are covered by copyright. https://www.april.org/en/paris-high-court-reaffirms-ban-software-patents (there...

06:30

Mastering OpenSCAD Workflow Hackaday

As you may have noticed in our coverage, were big fans of OpenSCAD around these parts. The fact that several of the Hackaday writers organically found and started using the parametric CAD package on their own is not only a testament to our carefully cultivated hive mind but also to the type of people it appeals to. Hackers love it because it allows you to model physical objects as if you were writing software: models are expressed in code, and its plain text source files can be managed with tools like git and make. If youre a real Pinball Wizard you could design objects and export them to STL without ever using a graphical interface.

But as you might expect, with such power comes a considerable learning curve. OpenSCAD devotee [Uri Shaked] recently wrote in to share with us his workflow for designing complex interacting mechanisms, which serves as an excellent primer to the world of parametric design. From animating your models to recreating the vitamins of your build, his post contains plenty of tips that can help both new and veteran OpenSCAD users alike.

Perhaps the biggest takeaway from his post is that you should be thinking of your projects as a whole, rather than as individual models. [Uri] recalls his early attempts at designing mechanisms: designing each component individually, printing it out, and only then finding out if it fits together with the other pieces. This method of trial and error is probably familiar to anyone whos designed their own 3D printed parts but its slow and wastes materials. The alternative, as he explains it, is to design all of the pieces...

06:19

Samsung's "8nm" Exynos 9820 SoC Adds "Neural Processing Unit" SoylentNews

Samsung's next flagship processor has an NPU for on-device AI

Samsung Electronics is the latest mobile system-on-chip vendor to start using dedicated hardware for on-device machine learning. The Exynos 9 Series 9820, which will undoubtedly be used in the international versions of the Galaxy S10, has a neural processing engine (NPU) that is claimed to deliver up to seven times faster AI performance than the S9's 9810. NPUs can be used to speed up tasks like image processing and AR [(Augmented Reality)].

[...] Elsewhere, Samsung is claiming the Exynos 9820's fourth-generation custom CPU cores will provide a 20-percent boost to conventional single-core performance and 15-percent in multi-core or a 40-percent improvement in power efficiency. The GPU uses ARM's new Mali G76 cores, first seen in the Kirin 980, for what is claimed to be 40 percent greater performance or 35 percent better power efficiency.

The Exynos 9810 SoC had support for "10bit 4K120 encode & decode". The Exynos 9820 supports 8K30 and 4K150.

Also at Android Central and Wccftech.


Original Submission

Read more of this story at SoylentNews.

05:56

[$] Device-tree schemas LWN.net

Device trees have become ubiquitous in recent years as a way of describing the hardware layout of non-discoverable systems, such as many ARM-based devices. The device-tree bindings define how a particular piece of hardware is described in a device tree. Drivers then implement those bindings. The device-tree documentation shows how to use the bindings to describe systems: which properties are available and which values they may have. In theory, the bindings, drivers and documentation should be consistent with each other. In practice, they are often not consistent and, even when they are, using those bindings correctly in actual device trees is not a trivial task. As a result, developers have been considering formal validation for device-tree files for years. Recently, Rob Herring proposed a move to a more structured documentation format for device-tree bindings using JSON Schema to allow automated validation.

05:51

USF Revisits EPO Abuses, Highlighting an Urgent Need for Action Techrights

Recent: EPO Insider: Under Antnio Campinos the Union Busting Done by the Administration Continues Even Worse Than Before

Mafia Battistelli
Can Union Syndicale Fdrale (USF) stop the Mafia-like culture of EPO management?

Summary: Staff Representation Disciplinary Cases a message circulated at the end of last week reveals the persistence of union-busting agenda and injustice at the EPO

Some time this afternoon SUEPO published Two press communications from USF Union Syndicale Fdrale. Translations in German and French will follow soon, it said. SUEPO is recalling the time Battistelli was brought up by USF again perhaps one last time (way back in summer) and one post published earlier today [1, 2]. USF links to this piece about the corrupt management; the curators use screenshots/images as a PDF with the one conspicuously missing name. Theyve rubbed off Elodie Bergots name. Why? Shes a big part of the problem at the European Patent Office (EPO); why would they be redacting her name as though she deserves protection from scrutiny? Were threats issued?

Here is the letter alluded to in some very recent articles (USF has uploaded it):

Munich 09.11.2018
sc18151cp 0.2.1/5.2

Staff Representation Disciplinary Cases Urgent action needed

Dear colleagues,

In June 2018, the ILO Administrative Tribunal, with a series of judgments, set aside disciplinary measures inflicted on EPO staff representatives / SUEPO officials, and on one former staff member now employed by SUEPO. It is clear to even the inattentive observer that the cases resulted from a political campaign launched by the previous President and his Administration, aimed at weakening any opposition to their plans.

In the meantime the new President, Mr. Campinos, has concluded the two cases con...

05:00

3D Printering: Blender Tips For Printable Objects Hackaday

3D models drawn in Blender work great in a computer animated virtual world but dont always when brought into a slicer for 3D printing. Slicers require something which makes sense in the real world. And the real world is far less forgiving, as Ive found out with my own projects which use 3D printed parts.

Our [Brian Benchoff] already talked about making parts in Blender with his two-part series (here and here) so consider this the next step. These are the techniques Ive come up with for preparing parts for 3D printing before handing them off to a slicer program. Note that the same may apply to other mesh-type modeling programs too, but as Blender is the only one Ive used, please share your experiences with other programs in the comments below.

Fixing Shape Issues

...

04:55

Fedora Perfecting Their Flicker-Free Boot Experience With A New Plymouth Theme Phoronix

The recent release of Fedora 29 the long-desired goal of a flicker-free boot experience to the Linux desktop was finally achieved... Well, assuming you are for now using Intel graphics and set a couple extra settings and don't have any quirky hardware. While all of the key components are in place, for Fedora 30 and beyond they will likely be taking care of the "rough edges" and already there is work on a new Plymouth boot theme for pairing with this flicker-free boot process...

04:42

Nintendo Wins Lawsuit Against ROM Sites, Defendants Agree to Pay $12.23 Million SoylentNews

Nintendo wins $12m lawsuit against ROM sites run by a married couple

Nintendo has won a legal battle against pirate ROM websites LoveROMS.com and LoveRETRO.co. The judgement from the Arizona court has resulted in the owners of the now-defunct sites having to pay the Japanese game developer $12.23 million in damages.

The ROM site owners are married couple Jacob and Cristian Mathias, who registered the two sites under their company, Mathias Designs. Their legal troubles started this past summer when Nintendo filed a complaint with the federal court against them. In order to avoid a drawn-out legal battle the couple took down the two websites in July and put up a notice that said they were under maintenance.

As TorrentFreak notes, however, the couple soon owned up and admitted to both direct and indirect copyright as well as trademark infringement of Nintendo's games and other copyrighted content. The two ROM sites the Mathias couple ran offered pirated copies of Nintendo's retro games, including Super Mario World, Mario Kart 64, Super Mario All-Stars, and many more. People were able to download these pirate copies and play them on PC and other platforms they weren't intended for with an emulator, thereby bypassing Nintendo's hardware ecosystem entirely.

As the paperwork obtained by TorrentFreak shows, both parties the Mathias couple and Nintendo have now reached an agreement after the dispute was raised this summer.

Also at Motherboard.

Previously: Nintendo Sues ROM Sites
EmuParadise Removes ROMs After Nintendo Sued Other ROM Sites


Original Submission

Read more of this story at SoylentNews.

04:37

Links 14/11/2018: KDevelop 5.3, Omarine 5.3, Canonical Not for Sale Techrights

GNOME bluefish

Contents

GNU/Linux

  • Meet TASBot, a Linux-Powered Robot Playing Video Games for Charity

    Can a Linux-powered robot play video games faster than you? Only if he takes a hint from piano rollsand doesnt desync.

    Let me begin with a brief history of tool-assisted speedruns. It was 2003. Less than half the developed world had internet access of any kind, and YouTube hadnt been created yet. Smartphones were rare and nascent. Pentium III processors still were commonplace, and memory was measured in megabytes. It was out of this primordial ooze that an interesting video file circulated around the weban 18MB .wmv labeled only as a super mario bross3 time attack video [sic]. What followed was an absolutely insane 11-minute completion of the game by someone named Morimoto replete with close calls, no deaths and Mario destroying Bowser after apparently effortlessly obtaining 99 lives. The only other context was a link to a page written in Japanese, and the rough encoding that Windows Media Video format was known for in that era made it difficult for casual viewers to observe that it was an emulator recording rather than the output of a real Nintendo Entertainment System (NES) console.

  • Desktop

04:34

Apples New Patent Hints At In-Display Selfie Camera TechWorm

Next Apple iPhone may have a hole in its display, patent reveals

Apple who started the notch design standard that saw every other Android OEM incorporating in its smartphone is looking to trend set another legacy.

The Cupertino giant who had filed a patent back in June for a camera cut-out in the display has finally been approved. The patent titled Integrated Camera Window was approved by the United States Patent and Trademark Office (USPTO) on November 8.

The folks at LetsGoDigital who discovered Apples new patent shows an iPhone with a hole for the camera in the display. In other words, Apple is looking to place the iPhones front camera under the devices screen in its future phones, thereby killing the notch design.

With this patent, Apple joins the list of companies such as Samsung, Asus, and LG who have filed similar patents in the past. However, Apples patent is a bit different from its contemporaries.

According to the patent, Apple wants to fit the camera window with a cover glass where cover glass refers to the display. This display technology is presently applicable only to the LCD screen.

Apparatus, systems, and methods for camera integration with a cover glass and for processing cover glass to provide a camera window for an electronic device are disclosed. A camera window can be integrated into the cover glass. The apparatus, systems, and methods are especially suitable for cover glasses, or displays (e.g., LCD displays), assembled in small form factor electronic devices such as handheld electronic devices (e.g., mobile phones, media players, personal digital assistants, remote controls, etc., the patent description reads.

Besides iPhones, other electronic devices such as portable computers, tablet computers, displays, monitors, televisions as well as iPads, MacBooks, and iMacs could see in-display camera technology soon.

While patents are filed all the time, it is not necessary that every patent is converted into a finished commercial product or even a prototype. Whether or not, Apple will go ahead and implement the display technology in its future devices, only time will tell.

The post Apples New Patent Hints At In-Display Selfie Camera appeared first on TechWorm.

04:19

Cloudflare launches its 1.1.1.1 DNS service for Android and iOS smartphones TechWorm

Cloudflares privacy-focused 1.1.1.1 DNS service now available on iOS and Android

Earlier this year, Cloudfare Inc., a website performance and security company, had rolled out a new free public domain name system (DNS) resolver service with 1.1.1.1 as its IP address on April Fools day. The company has now released the mobile apps of the 1.1.1.1 privacy-first DNS resolver service for Android and iOS users.

The 1.1.1.1. app makes your Internet faster and more private. It is darn easy to set up. And, the best part: its free!

It is the right thing to do. We are making it easier for everyone to make their experience when they use the Internet more private. People should not have to pay to have a more private Internet.

Beyond that, millions of websites rely on Cloudflare for performance and security. By getting more users on 1.1.1.1, we make those sites faster. That makes Cloudflare better, and it makes the Internet better, a win-win, Mohd Irtefa the Product Manager at Cloudflare, said in a blog post.

For those unaware, DNS services are usually provided by Internet Service Providers (ISPs), and allow you to change a domain name, for instance, like Google.com into an IP address that routers and switches can understand. DNS basically changes names of websites into numbers, which could slow down your web browsing if you arent using a speedy DNS server.

While Cloudflares 1.1.1.1 DNS service is a basic DNS server, it is different from your ISPs or other DNS alternatives like Google Public DNS and Cisco OpenDNS, as its goal is to provide users faster internet connection and offer utmost privacy.

Any time you are on a public internet connection people can see what sites you visit. Even worse, your Internet Service Provider is very possibly selling all of your browsing history to the highest bidder. We have a tool called 1.1.1.1 which makes it easy to get a faster, more private, Internet experience added Mohd Irtefa.

The mobile app uses a support feature like VPN (virtual private network), which directs your mobile traffic towards the 1.1.1.1 DNS servers. Cloudflares DNS server funnels DNS traffic that not only makes it difficult for your ISP to track the sites you are visiting, but it also allows you to freely browse the site you want without having your connection censored or hijacked.

Cloudflare is committed to not tracking users or selling advertising. However, it needs to keep logs of user data for 24 hours to prevent abuse and debugging issues, after which all the logs will be purged. The company has also retained KPMG, the well-respected auditing firm, to audit their code and practices annually and publish a publi...

04:03

DaVinci Resolve 15.2 Video Editor Released With More Improvements For Its Linux Build Phoronix

Back in August marked the release of DaVinci Resolve 15 with Linux support for this professional-grade video editing solution that also supports visual effects and audio post-production capabilities. That has now been succeeded by DaVinci Resolve 15.2...

04:02

Results: Linux Foundation Technical Board Election 2018 LWN.net

The results of the 2018 election for members of the Linux Foundation's Technical Advisory Board have been posted; the members elected this time around are Chris Mason, Laura Abbott, Olof Johansson, Dan Williams, and Kees Cook. Abbott and Cook are new members to the board this time around. (The other TAB members are Ted Ts'o, Greg Kroah-Hartman, Jonathan Corbet, Tim Bird, and Steve Rostedt).

03:57

Pirate Set-Top Boxes Used By 45% of Online Thai Consumers TorrentFreak

This morning, the Asia Video Industry Associations (AVIA) Coalition Against Piracy (CAP), which represents the interests of groups including the MPA and other major companies, revealed the results of a commissioned YouGov survey.

In a recent study of the content viewing behavior of Thai consumers, it was revealed that 45% of consumers use a TV box which can be used to stream pirated television and video content, CAP writes.

These TV boxes, also known as Illicit Streaming Devices (ISDs), allow users to access hundreds of pirated television channels and video-on-demand content, usually with a low annual fee.

In the above paragraph, the precise definition of consumer isnt particularly clear. Also, the use of the phrase can be used is open to ambiguity. TorrentFreak spoke with Neil Gane, General Manager of CAP, who was happy to clarify on both fronts.

The survey focused on Internet-connected/online consumers. [T]he survey also included consumers who are online and yet dont view video content, as all respondents were given the option to select Not applicable I dont watch television and video content, Gain explained.

Gane further clarified that the 45% of consumers does not include users who use general piracy-capable devices such as computers, laptops, mobile phones, or Firestick/Chromecast dongles etc.

CAPs General Manager added that while most devices can be used to stream pirated content, the survey was solely focused on TV boxes pre-loaded with infringing app(s), which by definition would make them illicit streaming devices (ISDs).

Examples of pirate applications found on such devices include Mango TV, HD Playbox, and U Play, which provide access to streaming movies and TV shows, mainly on Android.

With the details established, the claims of the effects of piracy-enabled devices are more easily digested. CAP says that of the 45% of consumers who bought such a device, more than two in three (69%) stated that they canceled all or some of their subscriptions to legal pay TV services.

The YouGov research also established that younger people are attracted to piracy-configured devices. They are particularly popular among 18 to 24-year-olds, with more than three in four (77%) canceling legitimate subscription services as a result of owning ISDs, especially international online subscriptions (40%).

Of course, no recent anti-piracy announcement would be complete without claims about malware running riot.

The damage that piracy does to the creative indu...

03:56

Koch-backed groups blast carveouts to corporations after Amazon announcement The Hill: Technology Policy

Groups backed by wealthy GOP donor Charles Koch on Wednesday criticized cities and states that give out special incentives to corporations, following Amazon's announcement that it was splitting its second headquarters between New York City and...

03:50

Cyber espionage group used CVE-2018-8589 Windows Zero-Day in Middle East Attacks Security Affairs

Kaspersky revealed that the CVE-2018-8589  Windows 0-day fixed by Microsoft Nov. 2018 Patch Tuesday has been exploited by at least one APT group in attacks in the Middle East.

Kaspersky Lab experts revealed that the CVE-2018-8589 Windows zero-day vulnerability addressed by Microsoft November 2018 Patch Tuesday has been exploited by an APT group in targeted attacks against entities in the Middle East.

Kaspersky reported the flaw to Microsoft on October 17, the security firm observed attacks against systems protected by its solution and attempting to exploit the zero-day flaw affecting the Win32k component in Windows.

The flaw could be exploited by an authenticated attacker to execute arbitrary code in the context of the local user, it ties the way Windows handles calls to Win32k.sys.

Kaspersky Lab described the CVE-2018-8589 flaw as a race condition in win32k!xxxMoveWindow that is caused by the improper locking of messages sent synchronously between threads.

CVE-2018-8589

The CVE-2018-8589 vulnerability only affects Windows 7 and Windows Server 2008.

Attackers exploited the flaw as the first stage of a malware installer aimed at a limited number of entities in the Middle East.

At the time of writing it is not unclear how the malware had been delivered by the threat actors.

The exploit was executed by the first stage of a malware installer in order to gain the necessary privileges for persistence on the victims system. So far, we have detected a very limited number of attacks using this vulnerability. The victims are located in the Middle East. reads the analysis published by Kaspersky.

Kaspersky did not explicitly attribute the attack to a specific threat actor but...

03:30

Friday Hack Chat: All About Crypto Hackaday

What is crypto? Crypto means hidden, and its meant hidden since before the Greek alphabet was written, but dont let that stop you from arguing. For this weeks Hack Chat, were going to be talking all about cryptography, a medium of exchange for secrets. If you need confidentiality, integrity, or authenticity, you need cryptography.

Our guest for this weeks Hack Chat will be none other than Nick Sayer. Nick is a frequent attendee of the Hackaday meetups and hes been building gadgets and gizmos and selling them on Tindie for years now. Hes given talks on design for manufacturing. This year, he designed and developed the Orthrus, an appliance that creates a cryptographically secured USB volume from two microSD cards. Basically, its like the Captain Planet team, only instead of rings, you need all the SD cards, and...

03:22

National facial recognition database to use loyalty rewards to identify American shoppers MassPrivateI

image credit: Zenus Biometrics

For years, I have been warning people about facial recognition in retail stores, but this story might convince you to avoid retail stores altogether.

A recent article in Biometric Update. com (BU) reveals that retail stores have a master plan to convince Americans to accept facial biometrics.

BU interviewed four facial biometric company CEO's and what they revealed is frightening.

The article starts off innocuously enough by telling us that U.S. retail biometrics is used primarily in loss-prevention but things quickly take a turn for the worse.

BU's interview with FaceFirst CEO Peter Tripp is especially disconcerting, as he reveals how retailers plan to use a "facial recognition opt-in environment."

There is another step though that exists which has more to do with consumer loyalty, and consumer experience, that is not quite as expensive an endeavor, and I think there are lots of folks looking at ways of doing that in a friendly opt-in environment, where privacy is not the cornerstone issue, Tripp said."


If any of this sounds familiar its because they are doing the exact same thing with digital drivers licenses.

Biometric companies are trying to convince Americans to accept digital drivers license by tying them to loyalty rewards programs.  Last year the Lincoln Motor Company installed...

03:18

Congressional panel warns of national security threat from Chinese tech The Hill: Technology Policy

A congressional advisory panel warned that internet-linked electronics manufactured in China could pose a national security threat to the United States. The U.S.-China Economic and Security Review Commission on Tuesday explained the dangers of...

03:12

Stable kernel updates LWN.net

Stable kernels 4.19.2, 4.18.19, 4.14.81, and 4.9.137 have been released. They all contain a relatively large set of important fixes and users should upgrade.

03:05

Google Chrome Labs Releases "Squoosh" Image Optimization Tool SoylentNews

Google Chrome Labs releases open source, browser-based image optimization tool, Squoosh

As web pages have advanced over the years, they have also dramatically increased in size. This has gradually contributed to pages loading slower and slower. To help web developers easily optimize their pages, Google Chrome Labs has released a new web tool called Squoosh that can downsize, compress, and reformat images.

[...] Supporting a variety of web formats like MozJPEG and WebP and traditional ones like PNG, Squoosh allows you to quickly make your images web-ready. The app is able to do 1:1 visual comparisons of the original image and its compressed counterpart, to help you understand the pros and cons of each format.

Squoosh.


Original Submission

Read more of this story at SoylentNews.

03:03

Security updates for Wednesday LWN.net

Security updates have been issued by Arch Linux (powerdns and powerdns-recursor), Debian (ceph and spamassassin), Fedora (feh, flatpak, and xen), Red Hat (kernel, kernel-rt, openstack-cinder, python-cryptography, and Red Hat Single Sign-On 7.2.5), and Ubuntu (python2.7, python3.4, python3.5).

03:02

Linux Foundation's Acumos Wants To Make It Easier Deploying AI Apps Phoronix

The latest software initiative out of the Linux Foundation -- and in particular their Deep Learning Foundation -- is the Acumos AI "Athena" release that tries to make it easier dealing with artificial intelligence apps...

03:00

The Value of Cardboard In Product Design Hackaday

A while ago, [Eric Strebel] created a backpack hanger. The result was great by just bolting this backpack hanger to the wall, he kept his backpack off the floor and out of the way. There was even a place for him to set his phone to charge. [Eric] is thinking about turning this idea into a product, and just posted a video on his process of making a cardboard mockup.

Since this is a study in industrial design, any mockup will need to keep in mind how the finished article will be constructed. In this case, [Eric] is going to use 4-5mm thick aluminum, cut on a water jet, bent into place, and finally anodized. The finished product will be made out of bent sheet aluminum, so this little bit of product design will use Matboard a thick, heavy cardboard often used for mounting pictures in frames. The Matboard will substitute for the aluminum, as it is carefully cut, bent, and glued into shape.

The tools for this build are simple, just a hobby knife, razor blade, ruler, and a pen. But there are a few tricks to working with Matboard. To bend these pieces perfectly, [Eric] is painting one side with water. This loosens the fibers in the Matboard, allowing for perfect creases before one layer of the build is glued together.

Once a few layers of this Matboard are glued together, the finished product becomes less like cardboard and more like a very soft wood. This allows [Eric] to use belt sanders and countersink drill bits to give a little bit of polish to this one-off prototype. This finished article works great, and now [Eric] is looking at taking this idea into production.

02:34

November 2018 Patch Tuesday: Microsoft fixes 63 flaws, one actively exploited zero-day Help Net Security

As part of the November 2018 Patch Tuesday, Microsoft has released 62 security patches and several advisories. There are 12 critical vulnerabilities among those patched this month, but CVE-2018-8589, a Windows Win32k elevation of privilege flaw thats being actively exploited by attackers, is not one of them. The attacks exploiting the flaw were flagged by Kaspersky Lab. The exploit was executed by the first stage of a malware installer in order to gain the necessary More

The post November 2018 Patch Tuesday: Microsoft fixes 63 flaws, one actively exploited zero-day appeared first on Help Net Security.

02:26

7 New Meltdown and Spectre-type CPU Flaws Affect Intel, AMD, ARM CPUs The Hacker News

Disclosed earlier this year, potentially dangerous Meltdown and Spectre vulnerabilities that affected a large family of modern processors proven that speculative execution attacks can be exploited in a trivial way to access highly sensitive information. Since then, several more variants of speculative execution attacks have been discovered, including Spectre-NG, SpectreRSB, Spectre 1.1,

02:01

Hack My House: Opening Raspberry Pi to the Internet, but Not the Whole World Hackaday

If youve followed along with our series so far, you know weve set up a network of Raspberry Pis that PXE boot off a central server, and then used Zoneminder to run a network of IP cameras. Now that some useful services are running in our smart house, how do we access those services when away from home, and how do we keep the rest of the world from spying on our cameras?

Before we get to VPNs and port forwarding, there is a more fundamental issue: Do you trust your devices? What exactly is the firmware on those cheap cameras really doing? You could use Wireshark and a smart switch with port mirroring to audit the cameras traffic. How much traffic would you need to inspect to feel confident the camera never sends your data off somewhere else?

Thankfully, theres a better way. One of the major features of surveillance software like Zoneminder is that it aggregates the feeds from the cameras. This process also has the effect of proxying the video feeds: We dont connect directly to the cameras in order to view them, we connect to the surveillance software. If you dont completely trust those cameras, then dont give them internet access. You can make the cameras a physically separate network, only connected to the surveillance machine, or just set their IP addresses manually, and dont fill in the default route or DNS. Whichever way you set it up, the goal is the same: let your surveillance software talk to the cameras, but dont let the cameras talk to the outside world.

Edit: As has been pointed out in the comments, leaving off a default route is significantly less effective than separate networks. A truly malicious peice of hardware could easily probe for the gateway.

This idea applies to more than cameras. Any device that doesnt need internet access to function, can be isolated in this way. While this could be considered paranoia, I consider it simple good practice. Join me after the break to discuss port forwarding vs. VPNs.

For the Lazy: Port Forwarding

There are two broad categories of solutions to the problem of remote access, the first being port forwarding. Simply forwarding the assigned port from your router to the server is certainly easiest, but its also the least secure. The logs of a port 80 (HTTP) or 22 (SSH) exposed to the internet are frightening to sift through. And before you assume youll never be found in the vast sea of open ports, I present Robert Graham and masscan. Able to scan every IP address for a given port in just a few minutes, youre not hiding that w...

02:00

Trying DragonFlyBSD & FreeBSD On The Intel Core i9 9900K With ASUS PRIME Z390-A Phoronix

Since last month's Intel Core i9 9900K launch for this eight core / sixteen thread processor we have explored its performance for Linux gaming, how the performance and power efficiency go from the Intel 990X to 9900K, the Spectre mitigation costs, and the Intel Coffeelake Refresh performance across various Linux distributions. For those curious about using the new Intel CPUs and Z390 motherboards with one of the BSD operating systems, I spent a few days over the weekend trying out FreeBSD and DragonFlyBSD releases with the i9-9900K and ASUS PRIME Z390-A motherboard combination.

01:55

Burned to Death Because of a Rumour on WhatsApp SoylentNews

Two innocent men have been burned alive by a massive lynch mob after WhatsApp rumours branded them child abductors.

A large crowd gathered outside the police station after rumours spread about the two men.

A mob dragged two men out of a police station, savagely beat them and then set them on fire, killing them, after a false rumour was spread on WhatsApp about the pair being child kidnappers.

The mother of one of the men made a desperate plea for the crowd to stop as she watched the lynching unfold on a Facebook livestream.

https://www.bbc.co.uk/news/world-latin-america-46145986


Original Submission

Read more of this story at SoylentNews.

01:44

Apple says nothing as Apple ID accounts mysteriously locked down Graham Cluley

Apple says nothing as Apple ID accounts mysteriously locked down

Has someone been trying to hack into a large number of Apple ID accounts?

Read more in my article on the Hot for Security blog.

01:27

NVIDIA unveils the Quadro RTX 4000 GPU with 2,304 CUDA Cores, 8GB GDDR6 memory TechWorm

NVIDIA announces mid-range Quadro RTX 4000 with Turing GPU, 2304 Cores and 8 GB VRAM

NVIDIA announced its new Quadro RTX 4000 graphics card for workstation professionals at the annual Autodesk University Conference in Las Vegas yesterday. This is the companys first mid-range professional GPU in Quadro RTX family that is powered by the NVIDIA Turing architecture and the NVIDIA RTX platform.

The Quadro RTX family already consists of the Quadro RTX 8000, RTX 6000, and RTX 5000. The single-slot design of the new Quadro RTX 4000 allows the GPU to fit in a variety of workstation chassis.

Meet todays demanding professional workflows with GPU accelerated ray tracing, deep learning, and advanced shading. The NVIDIA Quadro RTX 4000, powered by the NVIDIA Turing architecture and the NVIDIA RTX platform, delivers best-in-class performance and features in a single-slot PCI-e form factor. Design and create like never before with faster time to insight and faster time to solution, NVIDIA said.

According to specifications provided by NVIDIA, the graphics card has 36 RT cores to enable real-time ray tracing of objects and environments with physically accurate shadows, reflections, refractions, and global illumination.

Further, it packs 2,304 CUDA cores, 288 Turing Tensor Cores for 57 TFLOPS of deep learning performance, and comes with 8GB of ultra-fast GDDR6 memory that provides over 40 percent more memory bandwidth than the previous generation Quadro P4000. It also supports video creation and playback for multiple video streams with resolutions up to 8K.

In addition, it provides hardware support for VirtualLink, improved performance with VR applications, including Variable Rate Shading, Multi-View Rendering and VRWorks Audio, and more.

In terms of performance, the Quadro RTX 4000 offers up to 43T RTX-OPS and 6 Giga Rays/s. The FP32 compute performance is estimated at 7.1 TFLOPS, which translates into a boost clock of around 1540 MHz. The TU106-based Quadro has a 160W rated TDP and has been enclosed into a single-slot cooling solution, which should easily fit in any workstation case. It draws power from a single 8-pin PCIe power connector.

Ernesto Pacheco, Director of Visualization at the global architectural firm, CannonDesign, which is one of the early users of the Quadro RTX 4000 said, Our designers need tools that unleash their creative freedom to design amazing buildings. Real-time rendering with the new Quadro RTX 4000 is unbelievably fast and smooth right out of the gate no latency and the quality and accuracy of the lighting is outstanding. It will enable us to accelerate our workflow and let our designers focus on the design process without the technology slowing them down.

The Quadro RTX 4000 will be available starting December on nvidia.com at an estimated price tag of $900. I...

01:07

How ZTE Helps Venezuela Create China-Style Social Control cryptogon.com

Via: Reuters: Chinese telecoms giant ZTE is helping Venezuela build a system that monitors citizen behavior through a new identification card. The fatherland card, already used by the government to track voting, worries many in Venezuela and beyond. The card is increasingly linked by the government to subsidized food, health and other social programs []

00:55

BEC scammers stole 19m from film company Path Help Net Security

The Dutch branch of the French film production and distribution company Path has lost over 19 million euros to BEC scammers, Dutch News reported. The scam Information about how the scammers pulled it off has been gleaned from court documents relating to a unfair dismissal lawsuit brought against Path France by Edwin Slutter, the Dutch branchs former chief financial officer. The attack started on March 8, when Path Nederland director Dertje Meijer received an email More

The post BEC scammers stole 19m from film company Path appeared first on Help Net Security.

00:44

Adobe Patch Tuesday updates for November 2018 fix known Acrobat flaw Security Affairs

Adobe Patch Tuesday updates for November 2018 addresses three flaws in Flash Player, Acrobat and Reader, and Photoshop CC.

Adobe Patch Tuesday updates for November 2018 fixes three flaws in Flash Player, Acrobat and Reader, and Photoshop CC.

The most severe issue is an information disclosure vulnerability, tracked as CVE-2018-15979, due to the availability of the proof-of-concept (PoC) exploit.

The flaw rated as important severity affects Adobe Acrobat and Reader for Windows, its exploitation could lead the leak of the users hashed NTLM password.

Adobe has released security updates for Adobe Acrobat and Reader for Windows to resolve an important vulnerability.  Successful exploitation could lead to an inadvertent leak of the users hashed NTLM password. reads the advisory published by Adobe.

The vulnerability was discovered by free exploit detection service EdgeSpot, it received a priority rating of 1, which means that the risk of exploitation is high.

In April 2018, Assaf Baharav, a security expert at Check Point, demonstrated that exploiting a the flaw (CVE-2018-4993) it was possible to use weaponized PDF files to steal Windows credentials, precisely the associated NTLM hashes, without any user interaction.

The attackers just need to trick victims into opening a file, Baharav explained that attackers could take advantage of features natively found in the PDF standard to steal NTLM hashes.

The attacker can then use this to inject malicious content into a PDF and so when that PDF is opened, the target automatically leaks credentials in the form of NTLM hashes. wrote Baharav.

The researcher used a specially crafted PDF document for his proof-of-concept.

When a victim would open the PDF document it would automatically contact a remote SMB server controlled by the attacker, this leads to the exposure of the NTLM details in the SMB requests, including the NTLM hash for the authentication process.

The NTLM details are leaked through the SMB traffic and sent to the attackers server which can be further used to cause various SMB relay attacks. continues the expert.

According to EdgeSpot, Adobe failed to properly address patch the CVE-2018-4993 vulnerability discovered by Check Point.

In April or May 2018, Check Point released a...

00:25

Patch Tuesday, November 2018 Edition Krebs on Security

Microsoft on Tuesday released 16 software updates to fix more than 60 security holes in various flavors of Windows and other Microsoft products. Adobe also has security patches available for Flash Player, Acrobat and Reader users.

As per usual, most of the critical flaws those that can be exploited by malware or miscreants without any help from users reside in Microsofts Web browsers Edge and Internet Explorer.

This weeks patch batch addresses two flaws of particular urgency: One is a zero-day vulnerability (CVE-2018-8589) that is already being exploited to compromise Windows 7 and Server 2008 systems.

The other is a publicly disclosed bug in Microsofts Bitlocker encryption technology (CVE-2018-8566) that could allow an attacker to get access to encrypted data. One mitigating factor with both security holes is that the attacker would need to be already logged in to the targeted system to exploit them.

Of course, if the target has Adobe Reader or Acrobat installed, it might be easier for attackers to achieve that log in. According to analysis from security vendor Qualys, there is now code publicly available that could force these two products to leak a hash of the users Windows password (which could then be cracked with open-source tools). A new update for Acrobat/Reader fixes this bug, and Adobe has published some mitigation suggestions as well.

In addition, Adobe pushed out a security update for Windows, Mac, Linux and Chrome versions of Flash Player. The update fixes just one vulnerability in Flash, but Im sure most of us would rather Flash died off completely already. Adobe said it plans to end support for the plugin in 2020. Google Chrome is now making users explicitly enable Flash eve...

00:18

Climate Change Causing More Severe Wildfires, Larger Insect Outbreaks in Temperate Forests SoylentNews

Submitted via IRC for Bytram

Climate change causing more severe wildfires, larger insect outbreaks in temperate forests

A warmer, drier climate is expected is increase the likelihood of larger-scale forest disturbances such as wildfires, insect outbreaks, disease and drought, according to a new study co-authored by a Portland State University professor.

The study, published Oct. 19 in the journal Nature Communications, sought to provide a more complete snapshot of disturbances in the world's temperate forests by quantifying the size, shape and prevalence of disturbances and understanding their drivers.

The study found that while many temperate forests are dominated by small-scale disturbance events -- driven largely by windstorms and cooler, wetter conditions -- there was also a strong link between high disturbance activity and warmer and drier-than-average climate conditions. Andrs Holz, a co-author and geography professor in PSU's College of Liberal Arts and Sciences, said this suggests that with a warming climate, disturbances are expected to become larger and more severe in some temperate forests including the western U.S.

"Under the warmer conditions we have been seeing, it is likely that we're going to see a higher probability of areas that tend to have very big disturbances," he said.

Among the study's findings:

Areas with low disturbance activity were largely associated with windstorms under cooler, rainy conditions, while areas with large disturbance activity were largely associated with wildfires, bark beetle outbreaks and drought under warmer, drier conditions.

In the majority of landscapes outside protected areas, disturbance patches were generally larger and less complex in shape than in protected areas. For example, human-made disturbances like logging are simpler in shape than the path a wildfire, storm or insect outbreak might take inside a protected area. But in landscapes affected by large-scale fires or outbreaks, the size and complexity of what happens inside and outside the protected areas are more comparable.

"Climate change is mimicking the footprint of disturbances in protected areas to what we are doing through land-use change outside of protected areas," Holz said. "Under warmer conditions, we might see more similarities between protected areas and their surroundings in some temperate forests globally."


Original Submission

Read more of this...

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Wednesday, 14 November

23:45

NVIDIA Working On An EGLStreams Back-End For KDE On Wayland Phoronix

With no recent activity on the NVIDIA-led Unix device memory allocation work that all developer communities could get behind to supersede GBM and EGLStreams for use by Wayland compositors, NVIDIA is working on an EGLStreams back-end for KDE's KWin compositor...

23:00

Memory Mapping Methods in the Super Nintendo Hackaday

Not only is the Super Nintendo an all-around great platform, both during its prime in the 90s and now during the nostalgia craze, but its relative simplicity compared to modern systems makes it a lot more accessible from a computer science point-of-view. That means that we can get some in-depth discussion on how the Super Nintendo actually does what it does, and understand most of it, like this video from [Retro Game Mechanics Explained] which goes into an incredible amount of detail on the mechanics of the SNESs memory system.

Two of the interesting memory systems the SNES uses are called DMA and HDMA. DMA stands for direct memory access, and is a way for the Super Nintendo to access memory independently of the CPU. The advantages to this are that its incredibly fast compared to more typical methods of accessing memory. This isnt particulalry unique, but the HDMA system is. It allows the SNES to do all kinds of interesting tricks with its video output display like changing color gradients and doing all kinds of masking effects.

If youre interested in the inner workings of classic consoles like the SNES, this video gets way down in the weeds in the system itself. Its interesting to see how programmers were able to squeeze more capability from these limited (by modern standards) systems by manipulating memory like the DMA and HDMA systems do.  [Retro Game Mechanics Explained] is a great resource for exploring in-depth aspects of lots of classic games, like how speedrunners can execute arbitrary code in old Mario games.

22:56

Collabora Revives Work On Alpha Compositing Protocol For Wayland Phoronix

Collabora's Scott Anderson has revived work on the alpha compositing protocol for Wayland, which is based upon the work done by Google on this functionality for Chromium on Wayland...

22:48

Virtualizing the Clock

Dmitry Safonov wanted to implement a namespace for time information. The twisted and bizarre thing about virtual machines is that they get more virtual all the time. There's always some new element of the host system that can be given its own namespace and enter the realm of the virtual machine. But as that process rolls forward, virtual systems have to share aspects of themselves with other virtual systems and the host system itselffor example, the date and time.

22:46

Mark Your Calendar: All Infectious Diseases are Seasonal SoylentNews

Submitted via IRC for Bytram

Mark your calendar: All infectious diseases are seasonal

Most of us are aware of the seasonal cycle of influenza outbreaks, which for Americans peak in the winter. In a new paper, Micaela Martinez, PhD, a scientist at the Columbia Mailman School of Public Health, makes a case that all infectious diseases have a seasonal element. The "Pearl" article appears in the journal PLOS Pathogens.

Martinez collected information from the World Health Organization, the U.S. Centers for Disease Control and Prevention, and peer-reviewed publications to create a calendar of epidemics for 69 infectious diseases, from commonplace infections to rare tropical diseases. A given year will see outbreaks of flu in the winter, chickenpox in the spring, and gonorrhea and polio in the summer -- to name a few of the best described seasonal outbreaks.

She found seasonality occurs not just in acute infectious diseases like flu but also chronic infectious diseases like Hepatitis B, which depending on geography, flares up with greater regularity certain times of the year. Preliminary work has shown that even HIV-AIDS has a seasonal element, thought to be driven by seasonal changes in malnutrition in agricultural settings.

[...] "Seasonality is a powerful and universal feature of infectious diseases, although the scientific community has largely ignored it for the majority of infections," says Martinez, an assistant professor of Environmental Health Sciences. "Much work is needed to understand the forces driving disease seasonality and understand how we can leverage seasonality to design interventions to prevent outbreaks and treat chronic infections."


Original Submission

Read more of this story at SoylentNews.

22:06

KDevelop 5.3 Released With Better C++, Python & PHP Support Phoronix

KDevelop 5.3 is out today as the first major release to this KDE integrated development environment in about one year...

21:44

The Growing Significance Of DevOps For Data Science

DevOps involves infrastructure provisioning, configuration management, continuous integration and deployment, testing and monitoring.  DevOps teams have been closely working with the development teams to manage the lifecycle of applications effectively.

21:39

GNOME Mutter Brings More Fixes, Shell 3.31.2 Has Some Performance Work Phoronix

New development releases of GNOME Shell and Mutter are out today in the 3.31 development series along with new 3.30 stable point releases that back-port more fixes for these important pieces to the GNOME desktop...

21:18

It Looks Like The Raptor Blackbird Open-Source Motherboard Will Sell For Just Under $900 Phoronix

Many have been curious to learn more about the Blackbird from Raptor Computing Systems as a lower-cost POWER9, open-source hardware alternative to their higher-end Talos II hardware that we've been recently benchmarking. The possible price has been revealed...

21:14

Bill Godbout, A Legend in the S-100 Community, Perishes in California's Camp Fire at Age 79 SoylentNews

R.I.P. Bill Godbout, 79:

Bill Godbout, a legend in the S-100 community for his 1970s-1980s work at Godbout Electronics and CompuPro, perished November 8 due to the Camp wildfire in Concow, California. He was 79.

There is a family-led GoFundMe campaign to support their needs in this difficult time.

Godbout was an important advocate for the industry-standard S-100 bus in its early days, as well as being a parts supplier for electronic music projects, according to 1970s microcomputing expert Herb Johnson.

Godbout was born October 2, 1939. He talked about his introduction to computing in an interview with InfoWorld magazine for their February 18, 1980 issue. "My first job out of college was with IBM. I served a big-system apprenticeship there, but I think the thing that really triggered [my interest] was the introduction of the 8008 by Intel," he said. "I was fascinated that you could have that kind of capability in a little 18-pin package."

Steven Levy, in his book Hackers: Heroes of the Computer Revolution, wrote about Godbout's Silicon Valley electronics business. "Bill Godbout... bought junk on a more massive scale usually government surplus chips and parts which were rejected as not meeting the exacting standards required for a specific function, but perfectly acceptable for other uses. Godbout, a gruff, beefy, still-active pilot who hinted at a past loaded with international espionage and intrigues for government agencies whose names he could not legally utter, would take these parts, throw his own brand name on them, and sell them, often in logic circuitry kits that you could buy by mail order."

Does anyone else remember the days of the S-100 Bus? One of my first jobs actually entailed using an Altair 8800 on which the S-100 bus was based. Though I had no personal connection with him, I recall often seeing his name mentioned in the various articles I read.

One of the long-Long timers has passed. R.I.P.


Original Submission

Read more of this story at SoylentNews.

20:56

6 Best Practices for High-Performance Serverless Engineering

When you write your first few lambdas, performance is the last thing on your mind. Permissions, security, identity and access management (IAM) roles and triggers all conspire to make the first couple of lambdas, even after a hello world trial just to get your first serverless deployments up and working. But once your users begin to rely on services your lambdas provide, its time to focus on high-performance serverless.

Here are some key things to remember when youre trying to produce high-performance serverless applications.

20:55

63 New Flaws (Including 0-Days) Windows Users Need to Patch Now The Hacker News

It's Patch Tuesday once againtime for another round of security updates for the Windows operating system and other Microsoft products. This month Windows users and system administrators need to immediately take care of a total of 63 security vulnerabilities, of which 12 are rated critical, 49 important and one moderate and one low in severity. <!-- adsense --> Two of the vulnerabilities

20:37

The MartyMcFly investigation: Italian naval industry under attack Security Affairs

Experts at Yorois Cyber Security Defence Center along with Fincantieris security team investigated the recently discovered Martymcfly malware attacks.

Background

On October 17th we disclosed the MartyMcFly Threat (Rif. Analysis) where unknown attackers were targeting Italian naval industries. The analysis was cited by  Kasperskys ICS CERT who exposed a wider threat extension across multiple countries such as: Germany, Spain, and India. Thanks to Kasperskys extended analysis we decided to harvest more indicators and to check more related threats by asking a joint cyber force with Fincantieri, one of the biggest player on Naval Industry across Europe. Fincantieri who was not involved in the previous MartyMcFly attack identified and blocked additional threats targeting their wide infrastructure intercepted on during the week of 20th August 2018, about a couple of months before the MartyMcFly campaign. Our task was to figure out if there were a correlation between those attacks targeting Italian Naval Industries and try to identify a possible attribution.

Malicious Email

Fincantieris security team shared with us a copy of a malicious email, carefully themed as the ones intercepted by the Yorois Cyber Security Defence Center between 9th and 15th October. At first look the message appears suspicious due to inconsistent senders domain data inside the SMTP headers:

  • From: alice.wu@anchors-chain.com
  • Subject: Quotation on Marine Engine & TC Complete
  • User-Agent: Horde Application Framework 5
  • X-PPP-Vhost: jakconstruct.com

The email messages have been sent from a mailbox related to the jakconstruct.com domain name, which is owned by the Qataris AK CONSTRUCTION W.L.L., suggesting a possible abuse of their email infrastructure.

...

20:03

Custom Frontend Login Registration Form (WP Plugin) - Multiple XSS Vulnerabilities Bugtraq

Posted by Socket_0x03 on Nov 14

========================================================================================
Custom Frontend Login Registration Form v1.01 (WP Plugin) - Multiple XSS Vulnerabilities
========================================================================================

20:00

[SECURITY] [DSA 4339-1] ceph security update Bugtraq

Posted by Moritz Muehlenhoff on Nov 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-4339-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
November 13, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : ceph
CVE ID : CVE-2017-7519 CVE-2018-1086...

20:00

Backyard Planetarium with Magnets Hackaday

If you are a Hackaday reader, you probably like space in real life, fiction, or both. A trip to a planetarium is a great treat, but what if you could have a planetarium in your backyard? [Ecasill] thought so and used a Zip Tie domes kit to create just such a thing. It takes some sewing and a projector, but theres a problem. The dome needs to come down if there is going to be bad weather. The answer? Magnetic dowel rods.

Because the magnets are brittle, plastic dip covers them after epoxy sticks them in place. The cloth has steel bolts to adhere, too. All in, the setup cost about $2,000. That includes a projector, a mirror ball, a sound system, and all the construction.

There were a few items that need improvement. In particular, [Ecasill] wants to use Velcro to tighten up the dome fabric to make it smoother. We were impressed with the dome construction and the clever use of magnets. If you didnt want a planetarium, you might be able to use this idea as a makeshift observatory or some other backyard structure.

The projector has to, paradoxically, project to a small area big enough for a mirrored ball. [Ecasill] provides a link to the site that gives all the information and software about setting up such a projector.

This isnt the first planetarium weve seen. A lot of planetariums do as many laser shows as space shows and you could do that, too.

19:42

New Jersey Supreme Court Ruling Could Lead to Tossing of Up to 20,667 Drunk Driving Convictions SoylentNews

20,667 Drunken-Driving Convictions Tainted by Bad Breathalyzer Test in New Jersey

More than 20,000 drunken-driving convictions in New Jersey could be in jeopardy after the state's highest court ruled on Tuesday that breathalyzer tests used to win those judgments were inadmissible.

The unanimous ruling by the Supreme Court stems from criminal charges brought more than two years ago against a State Police sergeant who was accused of falsifying calibration records on breath test devices that were used in five of New Jersey's 21 counties.

It is unclear how state courts and law enforcement officials will now proceed. The Supreme Court ruling does not automatically expunge all the drunken-driving convictions, but the justices did note that defendants tested by the affected breath machines could now seek to challenge their convictions. The decision also raises questions about cases that are still moving through the judicial system.

[...] The ruling is the latest development in an odd case that began more than two years ago, when Sgt. Marc W. Dennis, whose duties included calibrating breath test devices, was charged with falsely certifying that he had followed proper calibration procedures. As a result, the accuracy of all the breath tests that he calibrated, known in New Jersey as Alcotests, could not be trusted, the Supreme Court of New Jersey ruled.

Also at NBC.


Original Submission

Read more of this story at SoylentNews.

19:00

Q anon attacks second only to POTUS!! Terra Forming Terra

 

 This is actually unbelievable but the mainstream news has mounted a huge attack on Q.  Not bad for a 'conspiracy theory'.   This attention will actually  reinforce the reach of Q.  They are clearly becoming desperate as the removal of Sessions has opened up the floodgates of something called due process.  There are already over 60,000 sealed indictments. We are been told to expect something big, but that may be misdirection.   The big story now developing is the exposure of DEM electoral corruption.  There it is better to  first run a long drum beat of leaked testimony and whistle blowers to focus attention.  This controversy will rile the waters and lead to action going into the new house in January.   Testimony may even lead to some of those Dems been blocked from taking their seats pending an investigation or even a special election.   I am not really expecting this but do understand that the monkeys were all surveilled. this time around at least in targeted elections.  There is nothing worse for a criminal.
As you perhaps know, we are tracking Q.  This resource is clearly Mil Intel and difficult to track unless you already have the mindset from extensive prior exposure.  Mil Intel and the Trump Administration is engaged in a flat out GLOBAL WAR with the DEEP STATE in order to RESTORE the REPUBLIC.  The majority is happening behind the curtain but the noise is getting terrific.  This is mythic but there is a long worked out plan been implemented. This election was a set up to trap the DEMS in election fraud and to out them before January.  So it is front and center.  Takedowns on those 60,000 sealed indictments may not go public until February.  As in what is the rush when you are clearly winning . 
 Q !!mG7VJxZNCI No.467...

19:00

The Man McMaster Couldn't Fire Terra Forming Terra

This man's name arose recently from Q.  He surely looks like a Mil Intell operative and part of the team handling planing and implementation of the PLAN.

We also have Senate control and a shift to senate oversight for the DOJ and the FBI.  We also have Q noting that  Gowdy, Goodlatte, and Sessions are all free agents and also central to the PLAN. 

Please do not forget Gen Flynn who is surely in charge of the PLAN. 

Do you feel the Noose tightening?


Now read this.


The Man McMaster Couldn't Fire

19:00

Australian goat industry: High demand pushes prices up in 2017 Terra Forming Terra



19:00

Microdosers of LSD and magic mushrooms are wiser and more creative Terra Forming Terra



 

 We have several natural substances which are clearly mind altering.  Micro dosing has been indicated as a useful clinical methodology to assist the brain to make beneficial changes.

Recall that the brain evolves slowly to stimulus such as education.  Even memory evolves inside the brain.  Thus the case for micro dosing is compelling as we can monitor those changes far better that way.

A PTSD  patient has pretty specific issues that are readily observed and identified.  Applying  small doses of CBD and mapping those changes is a far better strategy than simply going for it.  You will arrive at the same destination, but the brain will have the time to make all the internal alterations. 

The same applies for LSD and THC and even alcohol.

A significant take home here is that this all needs to become mainstream to support mind development generally even with the clearly healthy and successful.


...

19:00

Worlds Oldest Fossils Now Appear to Be Squished Rocks - Facts So Romantic Nautilus


Reprinted with permission from Quanta Magazines Abstractions blog.

Two years ago, scientists announced that they had found evidence of life in 3.7-billion-year-old rocks, suggesting that life arose on Earth extremely quickly. A new analysis of rocks from the same location calls that conclusion into doubt.Photograph by Abigail Allwood

In August 2016, a research team claimed to have unearthed evidence of life in a remote outcrop of 3.7-billion-year-old rocks in Greenland. This bold claim not only pushed back the origin of life by at least 220 million years, it also added to a growing body of evidence that challenged the standard story of Earths violent beginning, as Quanta Magazine reported this year in Fossil Discoveries Challenge Ideas About Earths Start. Joining a series of ancient fossil findsas well as geological evidence from Earth and the moonthe Greenland discovery added weight to the idea that Earth was warm and watery from the outset, and that in such conditions, life emerged quickly.

But a follow-up study published in Nature last month makes the case that those Greenlandian signs of life may just be a case of squished rock and mistaken identity. In it, the authors argue that the geologic features that were taken as clear marks of
Read More

18:46

Piracy Debt Collectors Back Off After Massive Backlash in Finland TorrentFreak

For more than a decade, alleged file-sharers around the world have been pressured to pay significant settlement fees.

These so-called copyright-trolling efforts are fairly straightforward. Copyright holders obtain a list of pirating IP-addresses and then request a subpoena from the court, compelling ISPs to hand over the associated customer data.

In recent years, several news reports have appeared on these cases in the US, Canada, Sweden, Denmark and elsewhere. In Finland, they have been a common sight since 2013.

Adultia is one of the companies thats active in the Nordic country which, as its name suggests, deals with adult content. Helped by the Cyprus-based company M.I.C.M, it obtained personal details of thousands of Finnish subscribers, asking them to pay up, or face legal action.

At the start of this year, the company appeared to have halted its practices. No new letters were being reported, which was carefully celebrated as a win by copyright troll opponents, many of whom are active in the local MuroBBS community.

However, the excitement didnt last as the letters returned after a few months, albeit in a different form.

At the end of September, several people who were previously targeted by Adultia started to receive new letters. While the accusations and details were the same as before, they were sent by KTC Finland Oy this time, which is a local debt collection agency.

Example of a new letter

The letters were reported in the MuroBBS forum where they raised eyebrows. According to several activists, these debt collection bills were not lawful, as the earlier letters from Adultia were not official debts, but accusations.

In response, several opponents helped to draft template response letters, accusing the debt collecting company of breaking the rules. These were sent to the debt collection outfit, as well as government officials.

After a few weeks, this had the desired effect. Late last month, Timo Korhonen, chief inspector of Finlands Regional State Administrative Agencies (AVI) in Finland, wrote a post on MuroBBS stating that KTCs actions were now under investigation.

AVIs involvement has weight as it ensures that companies, including debt collectors, follow local rules and regulations. In case of severe violations,...

18:15

Second Day of EPOPIC: Yet More Promotion of Software Patents in Europe in Defiance of Courts, EPC, Parliament and Common Sense Techrights

From the EPO Gazette:

Software patents in Europe

Summary: Using bogus interpretations of the EPC ones that courts have repeatedly rejected the EPO continues to grant bogus/fake/bunk patents on abstract ideas, then justifies that practice (when the audience comes from the litigation industry)

YESTERDAY we covered day one of EPOPIC, taking note of overt promotion of software patents in Europe by the Antnio Campinos-led European Patent Office (EPO).

Day two of this event had yet more of the same, namely promotion of software patents in Europe. As people who are programmers probably know already, "AI" just means software; its a particular kind of software, but its still software. I myself have written algorithms in this domain under more than one employer and more than one university. Despite the fact that were talking about algorithms here, the EPO is blatantly working around the law again. Yesterday it wrote: AI and the patent system: The fundamental concepts of patent law will adapt from the protection of hardware innovation, to the protection of software innovation.

When they say patent law will adapt they mean to say will be worked around (or violated) and by software innovation they mean programming. The EPO mentioned AI in another context (management of patents themselves), e.g. Patent information professionals will be able to leverage AIs ability to quickly process massive amounts of data to surface important information. Samuel Davis shares great insights on this topic at #EPOPIC [] What are the areas where the EPO uses AI? Automatic pre-classification of applications Au...

18:06

Facebook flaw could have exposed private info of users and their friends Security Affairs

Security experts from Imperva reported a new Facebook flaw that could have exposed private info of users and their friends

A new security vulnerability has been reported in Facebook, the flaw could have been exploited by attackers to obtain certain personal information about users and their network of contacts.

The recently discovered issue raises once again the concerns about the privacy of the users of social network giant.

The vulnerability was discovered by security experts from Imperva, it resides in the way Facebook search feature displays results for queries provided by the users.

The good news for Facebook users is that this flaw has already been patched and did not allow attackers to conduct massive scraping of the social network for users information.

The page used to display the results of the users queries includes iFrame elements associated with each result, experts discovered that the URLs associated to those iFrames is vulnerable against cross-site request forgery (CSRF) attacks.

The exploitation of the flaw is quite simple, an attacker only needs to trick users into visiting a specially crafted website on their web browser where they have already logged into their Facebook accounts.

The website includes a javascript code that will get executed in the background when the victim clicks anywhere on that page.

For this attack to work we need to trick a Facebook user to open our malicious site and click anywhere on the site, (this can be any site we can run JavaScript on) allowing us to open a popup or a new tab to the Facebook search page, forcing the user to execute any search query we want. reads the analysis published by Imperva.

Since the number of iframe elements on the page reflects the number of search results, we can simply count them by accessing the fb.frames.length property.

By manipulating Facebooks graph search, its possible to craft search queries that reflect personal information about the user.

Searching something like pages I like named `Imperva` the exports noticed they were forcing the social network to return one result if the user liked the Imperva page or zero results if not.

Composing specific queries it was possible to extract data about the users friends, below some interesting examples of queries provided by the experts:

  • Check if the current Facebook users have friends from Israel: https://www.facebook.com/search/me/friends/108099562543414/home-residents/intersect
  • Check if the user has friends named Ron: https://www.facebook.com/search/str/ron/users-named/me/friends/intersect
  • Check if the user has taken photos in certain locations/countries:...

18:05

Diabetics Are Hacking Their Own Insulin Pumps SoylentNews

Submitted via IRC for SoyCow0824

Diabetics are hacking old insulin pumps to make them smarter here's what happened when I tried it

There is a revolution in the Type 1 diabetes community and thousands of people are now hacking their insulin pumps for better blood sugar management. CNBC's Erin Black, who was diagnosed with Type 1 diabetes 20 years ago, decided to try out the hacked system. Here's what happened.

Type 1 diabetes is a disease that affects more than 1.2 million Americans. I'm one of them. It's a disease that impairs the body's ability to produce the hormone insulin, which normally comes from the pancreas. So insulin has to be injected.

Managing blood sugars can be very difficult, and patients use a pump to help mimic the activity of the pancreas. However, pumps don't automatically adjust insulin levels for diabetics. And the manual process is tedious and can be dangerous.

But a few years ago, people figured out how to hack their insulin pumps to make them automatically adjust insulin levels more precisely.


Original Submission

Read more of this story at SoylentNews.

18:01

ISACA refreshes COBIT framework to address latest business technology trends and standards Help Net Security

ISACA released its first update to the COBIT framework in nearly seven years. The new version, COBIT 2019, provides guidance to help enterprises better govern and manage their information and technology. The COBIT framework is used by enterprises in all industries around the globe, and COBIT publications have been downloaded more than one million times. ISACA introduced COBIT in 1996 to provide and organize a set of controls for IT. The new iteration of COBIT More

The post ISACA refreshes COBIT framework to address latest business technology trends and standards appeared first on Help Net Security.

18:00

Cybersecurity and ethical data management: Getting it right Help Net Security

Data can provide information, information can lead to insight and knowledge, and knowledge is power. Its no wonder, then, that seemingly everybody in this modern, computerized world of ours loves to suck data from everyone and everything. We are getting used to it, more or less, but many are striving and fighting to set healthy boundaries for data collection and use. Ethical considerations for data collection and use Laura Norn, director of research at Obsidian More

The post Cybersecurity and ethical data management: Getting it right appeared first on Help Net Security.

17:55

Aruba introduces new secure, AI-powered mobility innovations for the experience edge Help Net Security

Aruba released a new family of 802.11ax (Wi-Fi 6) IoT-ready wireless access points and complementary access switches, along with innovations in security, intelligent power management, and Artificial Intelligence (AI)-powered automation and service assurance, to deliver the performance, simplicity and reliability that organizations need to give users exceptional digital experiences. The new wireless access points support the latest Wi-Fi standard and are to be Wi-Fi Alliance (WFA) certified for the new WPA3 and Enhanced Open security More

The post Aruba introduces new secure, AI-powered mobility innovations for the experience edge appeared first on Help Net Security.

17:55

HITB Armory: Independent security researchers to showcase their tools Help Net Security

Organized in collaboration with Maximiliano Soler from ToolsWatch and Matteo Beccaro from Opposing Force, the HITB Armory is a brand new area of HITB2018DXB where independent researchers will get to show off their projects, run their demos and allow you to play around with their security tools. Selected from a Call for Tools process, researchers will have 30 minutes to present their tools onstage, followed by a 3-hour demonstration session at the exhibition space. In More

The post HITB Armory: Independent security researchers to showcase their tools appeared first on Help Net Security.

17:47

Allegations That Antnio Campinos Bought His Presidency and is Still Paying for it Techrights

When the politician met the banker

Campinos and Battistelli in 2011

Summary: Rumours persist that after Battistelli had rigged the election in favour of his compatriot nefarious things related to that were still visible

THERE have been several rumours swirling about Antnio Campinos, but evidence is at times lacking or relatively weak. The European Patent Office (EPO) is corrupt, no doubt, and theres plenty evidence to show it. Demonstrating that Campinos plays an active role in it, however, isnt easy. Days ago we mentioned EPO outsourcing rumours; we asked for input and got some input a couple of days later.

We already saw Battistelli doing this many times in the past. Its a form of corruption.As readers may recall, Battistelli clearly meddled/intervened to have Campinos set up as his successor. Take Belgium for example (we wrote about half a dozen articles about it, since more than a year ago, as this relates the UPC and EUIPO). Inside sources said that its vote was more or less bought.

Based on LinkedIn job postings, sources tell us, other countries may have had their vote bought (rewards given after the vote, not before or throughout). We already saw Battistelli doing this many times in the past. Its a form of corruption. Weve been giving examples since 2014.

Were told that the job postings have nothing to do with outsourcing but more to do with national patent offices and Council delegates (as was the case in Belgium). As one source framed it: Is Antnio Campinos paying for the votes which made him the seventh president of the EPO, or for future support?

His election was a rigged process (we wrote about it countless times before) and the effect of this rigged election may be more profound and long-lasting than people care to realise.A curious aspect of this is that the job advertisements on the EPOs LinkedIn page aren&#821...

17:45

Ransomware is the leading cyber threat experienced by SMBs Help Net Security

Ransomware continues to be the leading cyber attack experienced by SMBs over viruses and spyware, according to Datto. Their report surveyed 2,400 MSPs that support the IT needs of nearly half a million SMBs around the globe. The survey also revealed the powerful impact these attacks have on businesses, including that: Revenue lost to downtime can cripple a small business: The average attack is 10 times more costly to the business than the ransom itself, More

The post Ransomware is the leading cyber threat experienced by SMBs appeared first on Help Net Security.

17:30

Hackaday Meetup at Electronica: Thursday Hackaday

Hackadays parent company Supplyframe is at Electronica in Munich this week booth C5-223. On Thursday from 16:00 18:00, theyll be hosting a Hackaday Happy Hour, with a beer and coffee bar, for everyone in the Hackaday community. Theyd love to see you and hear what youre working on, be it for your day job or your night job.

If you missed the #badgelife exhibit at Supercon, its here at Electronica. There will also be some of those mysterious cubes you may have heard about. Richard Hogben and Bogdan Rosu will be DJing fresh beats. Stop by and say hi to [Sophi Kravitz], [Majenta Strongheart], [Alek Bradic], and everyone else from the Supplyframe team.

Hackadays own [Elliot Williams] will also be wandering around Electronica Wednesday afternoon. He cant promise free beer, but if you want to crawl around Electronica with [Elliot], meet up at the Supplyframe booth at 14:30 on Wednesday.

17:30

Despite rise in security awareness, employees poor security habits are getting worse Help Net Security

Despite an increased focus on cybersecurity awareness in the workplace, employees poor cybersecurity habits are getting worse, compounded by the speed and complexity of the digital transformation. Of the 1,600 global employees Vanson Bourne surveyed, 75% of respondents admitted to reusing passwords across accounts, including work and personal. Organizations are at varying stages of the digital transformation, and that evolution has presented an increasingly complex IT environment to manage securely. Yet the survey findings points More

The post Despite rise in security awareness, employees poor security habits are getting worse appeared first on Help Net Security.

17:15

FlawedAmmy: Dangerous RAT enteres most wanted malware list Help Net Security

The latest Check Point Global Threat Index reveals that while cryptomining malware continues to dominate the rankings, a remote access Trojan has reached the top tens list for the first time. During the month of October, Check Point researchers discovered a widespread malware campaign spreading a remote access trojan (dubbed FlawedAmmy) that allows attackers to take over victims computers and data. The campaign was the latest and most widespread delivering the FlawedAmmyy RAT, following a More

The post FlawedAmmy: Dangerous RAT enteres most wanted malware list appeared first on Help Net Security.

17:00

Whats the Difference? Ask an Op Amp Hackaday

If youve ever wondered why an op amp has the little plus and minus symbols on it, its because at the heart of it, the device is a differential amplifier. The problem is that ideally, at least it has infinite gain so it works like a comparator and thats not what you usually want. So we put resistors around the thing to constrain it and get useful amplification out of it. [Stephen Mendes] does the analysis for you about how the standard configuration for a differential amplifier works. He assumes you know the stock formulae for the inverting and non-inverting amplifier configurations and uses superposition.

[Stephen] mentions thats the easiest way to do it and then goes on to do it sort of how we would do it as a check. We think thats the easier method, but maybe its a matter of preference. Either way, you get the right answer.

With superposition, you basically ignore one input at a time. This reduces the circuit into an inverting amplifier when you short one power source to ground and a non-inverting when you short the other one. Superposition tells you that the real answer is the sum of those two answers.

The other way we hate to call it the easier way is to remember two simplifying assumptions about op amps. First, assume the op amp will do whatever it can do to make the plus and minus terminals have the same voltage. Next, assume the inputs are totally open which, for todays op amps, isnt too far from the truth.

Based on that, it is easy to see that V2 is divided by the voltage divider of R3 and R4. So you know the plus voltage. By our assumptions, then, you know the minus voltage too, because it should be the same. If you know that voltage and R1 you can compute the current through R1. Because the op amp terminals are open circuit (or, at least, we are pretending they are) you know the current through R1 must also be the current through R2. So we know the voltage across R2 which leads to knowing the voltage at Vo.

Lets try a numeric version of that. Say V1=5 and V2=8. R1 and R3=10K and R2 and R4 are 20K.

  • Vplus is 8V times R4/(R3+R4) or 5.3V
  • That means Vminus is also 5.3V
  • The current through R1 must be (5.3-5)/10000 = 33.3 microamps (sign depending on which way you consider it flowing)
  • The current through R2, then must be the same, so 33.3 microamps
  • To get that current through R2 with 5.3 V on one side, you need to solve .0000333 = (Vo-5.3)/20000
  • If you carry enough digits, thats 6V; if you rounded like I did you get 5.966V which is close enough

If you write out the math like [Stephen] does youll see the gain is 2 and since the difference in voltage is 3V, a 6V output makes pe...

16:58

WIPO Corruption and Coverup Mirror EPO Tactics Techrights

Older: The Dark Side of WIPO and Attempts to Suppress Information Mirror the EPOs Tactics

When Exposing A Crime Is Treated As Committing A Crime, You Are Being Ruled By The Criminals Themselves.

Summary: Suppression of staff representatives and whistleblowers carries on at WIPO and the EPO; people who speak out about abuses are themselves being treated like abusers

THE suppressions at the European Patent Office (EPO) are profound. These involve a total lack of transparency (worse than before), including gagging of staff representatives. The EPOs management keeps pretending that this isnt happening, but only based on a bunch of nonsense (doublespeak). It remains true that the EPO lies to staff and to journalists (the public).

It remains true that the EPO lies to staff and to journalists (the public).Barney Dixons article which was cited by SUEPO on the same day (as publication) is the latest SUEPO-related coverage from IPPro Patents. Misleading article headline is followed by the part at the end which balances it somewhat, if not outright refutes it (EPO doubles down on staff rep email ban, unlike whats being suggested in the headline and start/middle). To quote IPPro Patents:

The European Patent Office has partially ended a ban on mass emails to EPO staff from staff representatives.

Under immediate EPO past-president, Benot Battistelli, a blocking system was introduced to occlude all mass emails to staff from staff representatives, including the Central Staff Committee (CSC), local staff committees, and the Staff Union of the EPO (SUEPO).

In a communiqu to staff on 5 November, Campinos revealed that staff representatives would now be able to send mass emails for certain purposes.

He explained: In the scope of our regular discu...

16:31

Apple's T2 Security Chip Can Prevent Unauthorized Third-Party Repair of Devices SoylentNews

Apple's T2 chip will block some third-party repairs of new devices

Small repair shops and tech enthusiasts who attempt to fix their new Apple devices may be taking a serious risk in doing so. According to a report from The Verge, Apple confirmed that its new T2 security chip is designed to lock down devices after repair if it doesn't recognize certain authorized replacement parts.

Word of this new policy came out last month in an Apple document circulated among authorized service providers. In order to replace certain hardware components, such as the Touch ID sensor or the logic board on new Macs, the provider must run a specific piece of diagnostic software.

This program, called "AST 2 System Configuration," works in conjunction with the T2 security chip. If this step isn't performed on devices with the T2 chip, it could result in an inoperable machine.

[...] Apple only provides the special application to its own stores and authorized service providers. That means that unauthorized service providers, small repair shops, and individuals can't completely and properly replace certain parts of new Macs.

Also at Engadget, Notebookcheck, and MacRumors.

Previously: Apple's T2 Security Chip Prevents Linux From Installing on New Macs


Original Submission

Read more of this story at SoylentNews.

16:06

Tips for an Information Security Analyst/Pentester career - Ep. 69: My failed OSCP exam attempt- What I did wrong and what I'd change The S@vvy_Geek Tips Hacking & Pentesting Blog

On Monday I just completed my first OSCP exam attempt.

I didn't feel ready for it and I was right because I failed miserably.


I couldn't hack a single machine.

I realized, working as a professional pentester, that OSCP exam looks much more like a CTF than a real-world pentest.

I'm glad I don't have to rely on that cert to work in the industry so far.

I can't hack machines this fast and I need to improve on that.

Even though the exam machines weren't impossible per se, time ticking away is a factor that severely puts your nerves to the test.

I ended up having a horrible headache from all the thinking and trying.

I tried to keep my cool, ran all my enumeration scripts and I found very detailed information about my target.

I ran niko, dirbuster and dirsearch on web servers.

I tried to look for manual exploits online for each possible vulnerable service detected, but none of the ones I found would work.

I kept going for 10 hours until I was exhausted at 2 am.

I slept for seven hours and then I kept going for a while until I realized that was it.

The development machine is pretty straightforward but, unlike the lab, you don't have PUTTY on it and I don't thrive in a strict Windows environment.

I hate having to run Python on Windows.

I need to brush up my command prompt skills.

What I did wrong

  • I focused too much on lab machines and, though I learned a lot from them, I didn't improve my detection and recon skills enough and they're paramount in the exam. Quickly sensing what services are vulnerable and can be leveraged for an exploit is a very important skill and I need to improve on that. In a real-world pentest, you normally have way more time to complete an engagement. I scanned some machines for more than a week. You don't have this benefit in the OSCP exam, so you need to quickly assess what you can attack. Sometimes it took me days to hack a single machine in the lab. I need to dramatically improve this skill.
  • I started getting discouraged and, though I took bre...

14:54

3D Printers Can Spew Toxic Cancer-Causing Chemicals, New Report Reveals SoylentNews

Submitted via IRC for SoyCow0824

3D Printers Can Spew Toxic Cancer-Causing Chemicals, New Report Reveals

Multi-year research conducted by Georgia Institute of Technology and UL Chemical Safety suggests low-cost 3D-printing devices could pose a health risk by harming indoor air quality.

Publishing their work in two separate studies in Aerosol Science and Technology, one in 2017 and another in 2018, the researchers tested how 3D printers emitted particles when in a controlled environment. They found that as a byproduct, 3D printers generate a range of different-sized particles, including ultrafine particles, which can be inhaled into the pulmonary system, resulting in adverse effects on respiratory health.

These printers tend to produce particles that are very small, especially at the beginning of the print process, and in an environment without good ventilation, they could significantly reduce indoor air quality, said lead researcher Rodney Weber in a statement

[...]We found that one of the overriding principles is the temperature of the filament, said Weber. If you use a filament that requires a higher temperature to melt, such as ABS plastic, you produce more particles than PLA plastic filaments, which require lower temperatures.

[...] The researchers recommend a few steps you can take at home to lessen the impact on air quality when using 3D printers, including operating them only in well-ventilated areas, setting the nozzle temperature on the lowest suggested setting, keeping a distance from operating machines, and using materials and machines that have been tested and shown to have low emissions.


Original Submission

Read more of this story at SoylentNews.

14:40

Snap says DOJ, SEC investigating its IPO disclosures The Hill: Technology Policy

Snap Inc. told Reuters Tuesday that the Justice Department and Securities and Exchange Commission subpoenaed the social media company about their March 2017 initial public offering. Snap, the parent company of mobile app Snapchat, said...

14:00

Non-Nefarious Raspberry Pi Only Looks Like a Hack Hackaday

Were going to warn you right up front that this is not a hack. Or at least thats how it turned out after [LiveOverflow] did some digital forensics on a mysterious device found lurking in a college library. The path he took to come to the conclusion that nothing untoward was going on was interesting and informative, though, as is the ultimate purpose of the unknown artifacts.

As [LiveOverflow] tells us in the video below, he came upon a Reddit thread of which we can now find no trace describing a bunch of odd-looking devices stashed behind garbage cans, vending machines, and desks in a college library. [LiveOverflow] recognized the posted pictures as Raspberry Pi Zeroes with USB WiFi dongles attached; curiosity piqued, he reached out to the OP and offered to help solve the mystery.

The video below tells the tale of the forensic fun that ensued, including some questionable practices like sticking the devices SD card into the finders PC. What looked very hackerish to the finder turned out to be quite innocuous after [LiveOverflow] went down a remote-diagnosis rabbit hole to discern the purpose of these devices. We wont spoil the reveal, but suffice it to say theyre part of a pretty clever system with an entirely non-nefarious purpose.

We thought this was a fun infosec romp, and instructive on a couple of levels, not least of which is keeping in mind how civilians might see gear like this in the wild. Hardware and software that we deal with every day might look threatening to the general public. Maybe the university should spring for some labels describing the gear next time.

13:17

Y Combinator Unveils Another Climate Change "Moonshot": Flood a Desert SoylentNews

Would flooding the deserts help stop global warming?

Imagine flooding a desert half the size of the Sahara. Using 238 trillion gallons of desalinated ocean water to do the job. Creating millions of 1-acre-square micro-reservoirs to grow enough algae to gobble up all of Earth's climate-changing carbon dioxide. For an encore: How about spreading the water and fertilizer (the dead algae) to grow a vast new forest of oxygen-producing trees? A Silicon Valley venture capital firm, Y Combinator, unveiled the radical desert flooding plan as one of four "moonshot" scenarios that it hopes innovators will explore as potential remedies to catastrophic global warming. But would it work? And should it even be tried?

With unlimited capital and political will both far from given experts said the scheme would stand a chance of reducing dangerous greenhouse gas levels. But while they generally believe the climate crisis has become severe enough to push even extreme options onto the table, the experts cautioned against interventions that might create as many problems as they solve. "We do not want to have this be purely profit driven," said Greg Rau, a University of California, Santa Cruz climate scientist and part of the team that helped Y Combinator craft the request for proposals. "We are trying to benefit the planet, not just make money. So we need this kind of research and development first, but then oversight and governance over how any of this is deployed."

Read more of this story at SoylentNews.

13:05

Wine 3.0.4 Is En Route With New Icons, Dozens Of Bug Fixes Phoronix

Wine 4.0 should be out in early 2019 as the next major stable release of this increasingly used software for running Windows games and applications on Linux and other operating systems. For those not riding the bi-weekly development releases that lead up to the eventual Wine 4.0, Wine 3.0.4 is coming in the days ahead as the latest stable point revision...

12:54

NEW 'Off The Wall' ONLINE 2600 - 2600: The Hacker Quarterly

NEW 'Off The Wall' ONLINE

Posted 14 Nov, 2018 1:54:19 UTC

The new edition of Off The Wall from 13/11/2018 has been archived and is now available online.

11:46

[$] Debian, Rust, and librsvg LWN.net

Debian supports many architectures and, even for those it does not officially support, there are Debian ports that try to fill in the gap. For most user applications, it is mostly a matter of getting GCC up and running for the architecture in question, then building all of the different packages that Debian provides. But for packages that need to be built with LLVMapplications or libraries that use Rust, for examplethat simple recipe becomes more complicated. How much the lack of Rust support for an unofficial architecture should hold back the rest of the distribution was the subject of a somewhat acrimonious discussion recently.

11:40

Intel Speeds Up Rollout of 5G Modems SoylentNews

Intel has announced that it will speed up the launch of its 5G modem "by more than a half-year". It will have peak speeds of up to 6 Gbps:

2019 is shaping up to be a big year for 5G, and Intel one of tech's biggest mobile players has finally announced its plans for the next-generation network in the form of its new XMM 8160 5G modem. The XMM 8160 modem is set to be released to manufacturers sometime in the second half of 2019, with the first devices using the chip coming in early 2020.

Intel has big ambitions for the XMM 8160 5G. It envisions using it across phones, PCs, and broadband hubs, with peak speeds of up to 6 gigabits per second. The modem will support both the standalone and non-standalone specs for the 5G NR (New Radio) standard, as well as legacy support for 4G, 3G, and 2G networks all in one chipset. Additionally, Intel says that the modem will support both millimeter wave (mmWave) spectrum as well as lower-band parts of the spectrum.

Qualcomm's Snapdragon X50 5G NR modem will be available to device makers that want to introduce 5G support in 2019.

Also at EE Times and Engadget.

Previously: Apple Could Switch From Qualcomm to Intel and MediaTek for Modems
Intel Announces Development of 5G Modems (Due in 2019)

Related: Intel Integrates LTE Modem Into Custom Multi-Chip Module for New HP Laptop


Original Submission

Read more of this story at SoylentNews.

11:34

Hillicon Valley: Trump eyes staff shake-up | Amazon taps NYC, Northern Virginia for new offices | What it will mean for DC | Tech firms buck Trump on cyber pact | Defense official warns against hacking back The Hill: Technology Policy

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen...

11:00

The Mighty D Battery Becomes A USB Powerbank Hackaday

[Jan] is one of those people whos always playing around with synthesizers, and in this day and age, that means a lot of USB cables supplying power. If you want to make a synth setup portable, your best option is looking at USB powerbanks with their fancy lithium cells. These will work just fine, but remember: you can buy D cells just about anywhere, and they actually hold a ridiculous amount of energy. Theyre cheap albeit one-use and disposable, so why not build a USB power bank out of a massive pair of batteries?

The build started off, naturally, with a pair of Energizer D cells that hold 20,000mAh. A battery holder for these cells is cheap and easy to source, leaving the only other needed component a cheap 5V boost converter. This was simply hot glued to the back of the battery holder in parallel, a simple switch was added, and the entire thing was fitted in a neat little 3D printed case that looks like a car (motorcycle?) battery.

Testing the with a phone revealed this thing will charge at 570mA from 3V, which is more than sufficient for [Jan]s needs. Sure, using disposable batteries in 2018 is more than a little wasteful, but a project like this is meant to be a simple solution to the problem of providing power to USB devices anywhere. You can get D cell batteries everywhere, and what this build produces in damage to the environment is more than made up for in its convenience.

11:00

HPR2683: Using Open source tools to visualize the heartrate and blood oxygen saturation level of my stepchild Hacker Public Radio

Using Python, PHP, JQuery and Linux to visualize the heartrate and blood oxygen saturation level of my stepdaughter. Jeroen Baten talks about how he used his knowledge of a couple of open source tools to visualize the heartrate and oxygen saturation in the blood of one of his children and how this aided a pediatrician at the Wilhelmina childrens hospital to come to the right conclusion and treatment. This talk is a mix of tech and 43 surgery sessions on one single human being.

10:03

Facebook's Firing of Palmer Luckey Dredged Up Again SoylentNews

Ex-Facebook exec ousted from company sparked controversy with pro-Trump views: report

A former top executive at Facebook who was ousted from the company may have been fired over his support for Donald Trump during the 2016 campaign, according to The Wall Street Journal.

The Journal reported Sunday that Palmer Luckey has recently told people that he was fired for supporting Trump before that year's presidential election. Luckey's donation in September 2016 to NimbleAmerica, a group that funded ads attacking Hillary Clinton, reportedly sparked backlash within Facebook.

Six months after making that donation, Luckey was no longer at the company. The Journal noted that Facebook CEO Mark Zuckerberg testified in front of Congress this year that Luckey's departure had nothing to do with his political beliefs.

According to the Journal, Luckey was first put on leave and later fired. In the fall of 2016, Zuckerberg pressured Luckey to voice support publicly for Gary Johnson, the libertarian nominee in that year's election, the Journal reported, citing internal emails and sources familiar with the conversations.

"Zuckerberg lied to Congress" could become a bipartisan statement.

Palmer Luckey.

Also at NBC.

Previously: Founder of Oculus VR, Palmer Luckey, Departs Facebook
Oculus Co-Founder Pitches Virtual Border Wall

Related: Oculus VR Founder Palmer Luckey on the Need for "Unlimited Graphics Horsepower"
Facebook/Oculus Ordered to pay $500 Million to ZeniMax
Palmer Luckey Donates to CrossVR Patreon
Oculus Co-Founder Brendan Iribe Leaves Facebook


Original Submission

Read more of this story at SoylentNews.

10:01

Microsofts Patch Tuesday updates for November 2018 fix actively exploited Windows flaw Security Affairs

Microsofts Patch Tuesday updates for November 2018 fixed more than 60 vulnerabilities, including an actively exploited Windows flaw.

Microsofts Patch Tuesday updates for November 2018 addressed 63 vulnerabilities, including an actively exploited Windows privilege escalation vulnerability.

Twelve of the flaws were rated as Critical, 49 are rated Important, two vulnerabilities were publicly known at the time of release (CVE-2018-8584, a Windows ALPC elevation of privilege issue, and CVE-2018-8566, a BitLocker security feature bypass flaw), and one of them was reportedly under active attack.

9 of the 12 Critical flaws addressed with Microsofts Patch Tuesday updates for November 2018 are remote code execution (RCE) vulnerabilities in the Chakra scripting engine in Microsoft Edge. The remaining three Critical bugs affects in the Windows Deployment Services TFTP Server, Microsoft Graphics Components, and Windows VBScript Engine.

The flaw exploited in attacks in the wild is tracked as CVE-2018-8589 and could be exploited by an authenticated attacker to execute arbitrary code in the context of the local user, it ties the way Windows handles calls to Win32k.sys.

The vulnerability was reported by experts from Kaspersky Lab, it has been actively exploited by threat actors. The CVE-2018-8589 vulnerability only affects Windows 7 and Windows Server 2008.

 CVE-2018-8589 Win32k Elevation of Privilege Vulnerability
Just like last month, November has a Win32K (kernel-mode drivers) elevation of privilege vulnerability listed as currently under active attack. Also like last month, this bug was reported by researchers at Kaspersky Labs, indicating this bug is being used in malware. reads the description published by Zero Day Initiative.

Again, this is likely being used in targeted attacks in combination with other bugs. Malware often uses kernel elevation bugs to go from user-mode to admin-mode, allowing them full control of a target system.

Microsoft has addressed a Windows ALPC Elevation of Privilege Vulnerability tracked as CVE-2018-8584 that was disclosed last month by the researcher that goes online with the moniker SandboxEscaper.

SandboxEscaper published a tweet containing a link to a Github page hosting a proof-of-concept (PoC) exploit for a privilege escalation vulnerability affecting Microsoft Data Sharing (dssvc.dll).

...

09:38

Useful Consumer Review Random Thoughts

The backlight to the monitor in the hallway half died, and the monitor was more than ten years old, so getting a replacement seemed more prudent than trying to get it fixed.

I wanted a kinda small monitor for the table. The main use cases is me scanning record sleeves and paying bills (because this is the only computer I have with a numeric keyboard), so its not like a need a huge one. The rest of the time its showing the cover of whatever album Im playing in the stereo

But then I happened on to the Eizo EV2730Q monitor: Its square! I mean, as in having a 1:1 width/height factor! 19201920! How cromulent! Album covers are square, too, so thatd perhaps look totally cool in the hallway?

Behold!

It is, indeed, square. It kinda visually looks like its taller than its wide, but Ive measured it, and its not.

So whats it like?

Well, its a monitor.

I was briefly excited when I learned that it had a USB hub built-in, because I thought I could use it to charge gadgets and get rid of an external USB hub, but its a fucking non-powered hub. How lame is that? If I connect my keyboard and something power-draining to the hub at the same time, my keyboard goes AWO...

09:31

C++20 Making Progress On Modules, Memory Model Updates Phoronix

This past week was an ISO C++ committee meeting in San Diego, which happened to be their largest meeting ever, and they managed to accomplish a lot in drafting more planned changes around the C++20 language update...

09:31

Facebook reveals details of foreign campaign to influence midterms The Hill: Technology Policy

Facebook on Tuesday revealed new details about a batch of Russia-linked accounts on its platform and Instagram that attempted to spread politically divisive content in advance of the midterm elections. The accounts posted divisive content...

09:30

Designing for EMI Testing: A Step-by-Step Guide IEEE Spectrum Recent Content full text

Solve your EMI problems more efficiently with oscilloscope solutions

Download this free white paper and learn how to analyze EMI for more efficient R&D and  improved time-to-market.

Key take-aways:

  • Understand the basic steps involved in EMI testing
  • Learn to use probes to discover an inteference signal
  • Discover how to analyze the interference behavior using a digital oscilloscope

...

09:00

Five ways Amazon HQ2 could impact the DC area The Hill: Technology Policy

Amazons new Northern Virginia headquarters is set to to send economic tremors throughout the Washington, D.C., region.The arrival of 25,000 highly skilled tech workers and millions of dollars in planned investments is likely to accelerate the...

08:48

Google services temporarily disrupted after traffic rerouted through China, Russia The Hill: Technology Policy

Google services temporarily went down on Monday after the sites traffic was routed through other networks, including some in China and Russia. Traffic intended for Google addresses was rerouted to Russian network operator TransTelekom, China's...

08:26

AnandTech Interview With AMD CTO Mark Papermaster Regarding Rome (Zen 2 Epyc) SoylentNews

Naples, Rome, Milan, Zen 4: An Interview with AMD CTO, Mark Papermaster

The goal of AMD's event in the middle of the fourth quarter of the year was to put into perspective two elements of AMD's strategy: firstly, its commitment to delivering a 7nm Vega based product by the end of the year, as the company promised in early 2018, but also to position its 7nm capabilities as some of the best by disclosing the layout of its next generation enterprise processor set to hit shelves in 2019. [...] We sat down with AMD's CTO, Mark Papermaster, to see if we could squeeze some of the finer details about both AMD's strategy and the finer points of some of the products from the morning sessions.

[...] Ian Cutress: Forrest explained on the stage that the datacenter of today is very different to the datacenter ten years ago (or even 3-5 years ago). What decisions are you making today to predict the datacenter of the future?

Mark Papermaster: We believe we will be positioned very well it all ties back to my opening comments on Moore's Law. We all accept that the traditional Moore's Law is slowing down, and that while process does still matter you have to be agile about how you put the pieces together, otherwise you cannot win. We leveraged ourselves to have scalability in our first EPYC launch. We leveraged our ability in our chiplet approach here to combine really small 7nm CPU dies with tried and proven 14nm for the IO die. That modularity only grows in importance going forward. We've stated our case as to where we believe it is necessary to keep pace on a traditional Moore's Law growth despite the slowing of the process gains per node and the length of time between major semiconductor nodes. I think you'll see others adopt what we've done with the chiplet approach, and I can tell you we are committed.

[...] IC: Where does Rome sit with CCIX support?

MP: We didn't announce specifically those attributes beyond PCIe 4.0 today, but I can say we are a member of CCIX as we are with Gen Z. Any further detail there you will have to wait until launch. Any specific details about the speeds, feeds, protocols, are coming in 2019.

Read more of this story at SoylentNews.

08:00

Apple 1 Emulator Is A Perfect Fit For Supercon Badge Hackaday

Supercon badge hackers had to be ready to present their show-and-tell by 6 pm Sunday evening. This ruthless unmoving deadline meant every badge hack on stage represents an accomplishment in time management, and some luck, in addition to their own technical merits. But that deadline also meant a few fantastic projects lost their race against the clock. We were rooting for [Jac Goudsmit] to build an Apple I emulator as his badge expansion, but he wasnt quite done when our badge hack ceremony began. After Supercon he went home, finished the project, and documented everything in a detailed writeup.

Our 2018 Supercon badge is built on a retro-computing theme, and the default firmware came with a BASIC interpreter as well as a Z80 emulator running CP/M. So an Apple 1 emulator should feel right home with its contemporaries. Mechanically speaking, all the parts were a tight fit on the badge expansion board given out to every attendee at Supercon. So tightly that [Jac] had to file down the two main chips in order to fit them side by side. The breadboard-like pattern of connected holes on the expansion board, intended to help ease in beginners for their badge hack soldering, proved to be an inconvenience in tightly packed arrangements such as this.

...

07:57

Radeon Linux Driver Preparing Adaptive Backlight Management (ABM) Phoronix

The "AMDGPU" Radeon Linux kernel graphics driver is preparing support for "Adaptive Backlight Management" as a backlight power-savings feature for laptops...

07:29

Links 13/11/2018: HPC Domination (Top 500 All GNU/Linux) and OpenStack News Techrights

GNOME bluefish

Contents

GNU/Linux

  • An illustrated tour of Unix history

    Unix pioneer Rob Pike was there from the start, physically transporting key elements of the Toronto distribution of Unix to Berkeley when he started grad school, and then to Bell Labs, working alongside Dennis Ritchie and other key Unix programmers to develop and refine everything from modern editors to compilers to windowing systems.

    His hour-long illustrated memoir of the deep history of Unix is delightful, touching on the people and institutional forces that shaped the operating environment that has come to dominate modern computing (he even gives a mention to Cardiac, the cardboard computer that shaped my own computing life).

  • All Servers Are Now On Linux!

    The next step for these servers is to massage them into actual Linux Daemons, which shouldnt be HUGE, but it will take a minor rewrite of some bits of code. Not a huge issue until I have a real server though. So, really the next step is to get the base functionality built out in the next 3 Servers(Mob, Narrative, & Social)

  • The Linux desktop: With great success comes great failure

    And what do roughly 95.6% of all websites run on? With the exception of Microsoft sites, the answer is Linux. Facebook? Linux. Google? Linux. Yahoo? Linux. Netflix? Linux. I can go on and on. You may use Windows on your desktop, but its effectively just a front end to Linux-based services and data. You might as well be using a Chromebook (running on Linux-based Chrome OS, by the way).

    But as a matter of fact, Windows is no longer the top end-user operating system. Oh yes, it does still dominate the desktop, but the desktop hasnt been king of the end-user hill for some time. By StatCounters reckoning, the most popular end-user operating system...

07:11

Apollo 11 Supplementary Communications Have Been Unearthed, Digitized, and Published SoylentNews

Behind-the-scenes audio from Apollo 11 mission have now been made public for first time. These consist of thousands of hours of audio communications between the astronauts, mission control, and backroom support staff recorded by NASA over the course of the entire mission. The tapes have been in storage for decades with only a small fraction previously made public. The original motivation for digging them out was simply to find a large set of audio data to help develop tools for assessing how teams work together. However, now that they are digitized they have been made available online for general use, education, research, or enjoyment.

The main air-to-ground recordings and on-board recordings from the historic mission have been publicly available online for decades. But that was just a fraction of the recorded communications for the mission. Thousands of hours of supplementary conversations ("backroom loops") between flight controllers and other support teams languished in storage at the National Archives and Records Administration building in Marylanduntil now.

Thanks to a year-long project to locate, digitize, and process all that extra audio (completed in July), diehard space fans can now access a fresh treasure trove of minutiae from the Apollo 11 mission. And those records are now preserved for future generations.


Original Submission

Read more of this story at SoylentNews.

06:54

Domain Registrars and Registries Dont Want to Police Piracy TorrentFreak

There are plenty of options for copyright holders to frustrate the operations of pirate sites, but one of the most effective is to attack their domain names.

In recent years, various entertainment industry groups have called on the domain name industry to help out on this front.

As a result, the MPAA signed a landmark agreement with the Donuts registry under which the movie industry group acts as a trusted notifier of pirate domains. A similar deal was later announced with the Radix registry.

This was later followed by a much more ambitious plan. Last year, the Domain Name Association, which counts prominent registrars and registries among its members, unveiled its Healthy Domains Initiative, a voluntary self-regulation scheme to tackle all kinds of abuse.

According to the initially published outline, it would institute a copyright arbitration policy to deal with pervasive instances of copyright infringement. This would allow copyright holders to request that domain names be taken offline, without going to court.

This plan, also referred to as SCDRP, was listed as a proposal from the Public Internet Registry (PIR). PIR oversees the registrations of .org domains, including ThePirateBay.org, which was a likely candidate for this arbitration process.

According to Idaho Law Professor Annemarie Bridy, who recently published a handbook chapter on developments in copyright-related domain and DNS regulation, the arbitration plan would dwarf that of the MPAAs trusted notifier agreements.

If PIR were to implement the SCDRP, the RIAA would almost certainly succeed in having the Pirate Bay quietly shut down without subjecting itself to the expense and publicity associated with a lawsuit against its longtime nemesis, Bridy writes.

Original peoposal

However, more than a year has passed and the proposed arbitration scheme appears to have vanished.

The Domain Name Associations Healthy Domains Initiative is still alive...

06:32

Debian Packages To Eliminate Vendor-Specific Patches, Affecting Downstreams Like Ubuntu Phoronix

Debian packages have supported the concept of vendor-specific patches whereby when DPKG unpacks a source package on different operating systems / distributions (such as Debian vs. Ubuntu), different patches could be selectively applied. Ubuntu is one of the main benefactors of this feature while effective immediately these vendor-specific patches to source packages will be treated as a bug and will be unpermitted following the Debian 10 "Buster" release...

06:30

ESP8266 Wi-Fi Instant Camera is a Simple Shooter Hackaday

If a camera that combines the immediate gratification of a Polaroid with cloud hosting sounds like something that tickles your fancy, look no farther than this ESP-powered point and shoot camera created by [Martin Fasani]. Theres no screen or complicated configuration on this camera; just press the button and the raw picture pops up on the online gallery. Somehow its simultaneously one of the most simplistic and complex implementations of the classic instant camera concept, and we love it.

The electronics in the camera itself, which [Martin] calls the FS2, is quite simple. At the core, its nothing more than the ESP board, an ArduCAM camera module, and a momentary button for the shutter. To make it portable he added a 2000 mAh Li-ion battery and an Adafruit Micro Micro USB charger. [Martin] added support for an optional 12864 OLED display for user feedback. Everything is housed in a relatively spacious 3D printed enclosure, leaving some room for possible future hardware.

There are firmware versions for both the ESP8266 and ESP32, so fans of either generation of the popular microcontroller are invited to the party. Processing images is obviously a bit faster if you go with the more powerful 32-bit chip, but on the flip sid...

06:30

Hotend Becomes the Z Probe with a Kinematic Coupling Hackaday

3D Printer tool changers are bedazzling to watch, but even failed attempts at tool changers can yield something marvelous. Such is the case for [Raymond] who transformed a tool changer attempt into a perfectly capable z-level probe that uses the hotend itself as a limit switch.

The secret sauce behind this mechanism: a kinematic coupling. This coupling takes two planar surfaces and perfectly constrains them relative to each other by mating them together at exactly 6 points of contact. The result is that repeatedly separating and joining the two surfaces will always land them in the same spot within a few microns. To transform these surfaces into a switch, we need only run a small current between the points of contact. That was easy since there were all-metal balls and pins making the connection. Both surfaces are held together with magnets with the upper surface holding the hotend. To trip the limit switch, the printer simply lowers the z-height until the hotend probes the bed, defeating the magnets and breaking the current. Presto! No switches or P.I.N.D.A. probes. Just good old fashioned electricity and steel pins.

With so much focus on pricey probes and repeatable switches, its great to see some good old-fashioned geometry guiding the precision behind this printers sensing. Its also heartwarming hear that the whole project was actually inspired by another coupling-equipped 3D printer that landed here a few years ago! Finally, if youre curious to see some other folks getting some more mileage out of kinematic couplings, have a look at this homebrew CNC touch probe.

05:58

Dem senators pressure FTC to investigate deceptive internet marketing to children The Hill: Technology Policy

A trio of Democratic senators is pushing for the Federal Trade Commission to probe manipulative advertising practices on phone apps aimed at children. The FTC has a statutory obligation to protect consumers from unfair and deceptive...

05:45

Another Facebook Bug Could Have Exposed Your Private Information The Hacker News

Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information about users and their friends, potentially putting the privacy of users of the world's most popular social network at risk. Discovered by cybersecurity researchers from Imperva, the vulnerability resides in the way Facebook search feature displays results for

05:40

Robots Getting a Grip on General Manipulation IEEE Spectrum Recent Content full text

How a new generation of grippers with improved 3D perception and tactile sensing is learning to manipulate a wide variety of objects

This is a guest post. The views expressed here are solely those of the author and do not represent positions of IEEE Spectrum or the IEEE.

While robots have prepared entire breakfasts since 1961, general manipulation in the real world is arguably an even more complex problem than autonomous driving. It is difficult to pinpoint exactly why, though. Closely watching the 1961 video suggests that a two-finger parallel gripper is good enough for a variety of tasks, and that it is only perception and encoded common sense that prevents a robot from performing such feats in the real world. Indeed, a recent Science article reminded us that even contact-intensive assembly tasks such as assembling a piece of furniture  are well within the realm of current industrial robots. The real problem is that the number of possible manipulation behaviors is very large, and the specific behaviors required to prepare a club sandwich arent necessarily the same as those required to assemble a chair.

From a strictly industrial perspective, general manipulation may not even be a problem that is worth solving. Indeed, you can build a machine for anything, from preparing fantastic espresso, doing your dishes, harvesting a field of wheat, or mass-producing a sneaker. This is how the majority of robots are currently employed in industry. Even those marketed as collaborative robots mostly become parts of a sophisticated machine in an automated line (that gets away with less safety caging). Any attempts to develop more generalized manipulation solutions that an academic might be interested in are benchmarked against these use cases. This makes the advantage of a general solution less obvious, and they risk getting stuck in a valley of inefficiency where investors and industry lose interest. However, manufacturing and delivery processes involve a long tail of highly varying manipulation steps. Even if each step is of negligible value, their cumulative cost is economically significant.

So how do we know whether a manipulation solution is general enough to unlock this value? The robotics community has proposed a series of challenges that require either solving a large variety of tasks or a manipulating a large variety of objects, including RoboCup@Home, the IROS manipulation challenge, and the Amazon Picking Challenge. While these comp...

05:38

New IRS chief to make updating agency technology a priority The Hill: Technology Policy

New IRS Commissioner Charles Rettig spoke Tuesday about his desire to modernize the agency's technology in his first public presentation since starting the job last month.In a speech at a conference hosted by the American Institute of CPAs, Rettig...

05:37

Elite North Koreans arent opposed to exploiting internet for financial gain HackRead

By David Balaban

According to a report from Recorded Future, it seems the ruling elite in North Korea are now using the Internet more and more to take advantage of money-making opportunities and avoid various economic sanctions. Not only is the Kim regime utilizing interbank transfer systems, online gaming, and even cryptocurrencies, theyre exploiting them for money. The []

This is a post from HackRead.com Read the original post: Elite North Koreans arent opposed to exploiting internet for financial gain

05:29

DOJ official: Evidence, not Trump tweets, led to Comcast probe The Hill: Technology Policy

The Department of Justice's assistant attorney general for antitrust, Makan Delhrahim, said Tuesday that evidence drove the DOJ's antitrust probe of Comcast, not outside political pressure."As far as what we do in our enforcement...

05:01

Mechanisms: Lead Screws and Ball Screws Hackaday

Translating rotary motion to linear motion is a basic part of mechatronic design. Take a look at the nearest 3D-printer or CNC router at least the Cartesian variety and youll see some mechanism that converts the rotation of the the motor shafts into the smooth linear motion needed for each axis.

Hobby-grade machines are as likely as not to use pulleys and timing belts to achieve this translation, and that generally meets the needs of the machine. But in some machines, the stretchiness of a belt wont cut it, and the designer may turn to some variety of screw drive to do the job.

Lead Screws

We have all seen CNC projects where the builder has built a linear actuator from a length of hardware store threaded rod. Chopped to size with a hacksaw, held in place with a couple of bearings, and attached to a stepper with a coupling of some type, these screw drives do a decent job of producing linear motion. But its far from a perfect solution, mechanically speaking.

The main problem with this arrangement is the thread profile. As we mentioned in our post on screw threads, the V-thread profile on threaded fasteners is optimized for providing a high axial clamping force and a non-overhauling property, or the tendency for the fastener to self-lock. This requires a high friction arrangement, which is not optimal for a screw drive.

...

05:00

Zume, the Robotic Pizza Company, Makes Pies Only a Robot Could Love IEEE Spectrum Recent Content full text

But Zumes investors have given it unicorn status anyway

Zume, the robotic pizza maker, is now valued at more than US $2 billion, thanks to its latest round of investment. According to The Wall Street Journal, this latest infusion of funds$375 millioncame entirely from SoftBank; and the Japanese conglomerate apparently has another $375 million at the ready should Zume need it. The valuation, in Silicon Valley terms, makes the new company a unicorn, one of the rare breed of startups thought to be worth over $1 billion.

This is just wrong. Because its just not good pizza.

Zume, based in Mountain View, Calif., launched three years ago. The company set out to revolutionize pizza delivery by turning pizza-making over to robots, and then cooking the pizza in the back of delivery vans in ovens controlled through cloud-based software. Zume has pitched van-based ovens as a vastly more efficient model for pizza delivery than using people to make the pizzas, cooking them in large ovens at the restaurant, and then sending the already-cooked pizzas out with drivers. The company has also indicated that using robots for making crusts, spreading sauce, and cutting slices can improve quality control. And Zume hopes that, once it gets the technology established for pizza, it will be able to adapt the systems to other food products and sell robots instead of just pizzas.

Right now, the company has a small delivery radius in Silicon Valley. Im in it; I often spot a Zume truck parked about a mile from my house. So, a couple of months ago, I tried it for the first time. I invited a friend over to join my husband and me in what we expected would be a treat.

A treat it was not. We ordered two pizzas from the rather limited menu: the Veggie Zupreme and the Sgt. Pepperoni. The biggest problem was the crust. The texture and taste could best be described as cardboard. The toppings were skimpy, particularly on the veggie; the couple of scraps of peppers and flakes of mushrooms had no resemblance to the piles of brightly colored vegetables pictured on the Web site. The quality of the cheese and sauce were fine; I wouldnt say the sauce was particularly flavorful, but it wasnt bad.

Zumes business vision touts its ability to get pizza to your door within 20 minutes. On my first order, the app initially estimated that the delivery time would be 27 minutes. About 15 minutes later, it provided an update: The pizzas would arrive in another 23 minutesfor a total of 38 minutes. Ultimately, it took closer to 50 minutes. Hint for Zume: Dont suggest a precision that isnt there. Saying 27 minutes sets...

04:59

Intense Tests Reveal Elusive, Complex Form of Nitrogen SoylentNews

Submitted via IRC for Bytram

Get your nitrogen crystals here!

Intense tests reveal elusive, complex form of nitrogen

The study shows for the first time that simple molecular elements can have complex structures at high pressures. It could inform similar studies in other elements, researchers say.

An international team of scientists led by the University of Edinburgh used a high-pressure diamond-tipped anvil to squeeze tiny amounts of nitrogen at pressures half a million times that of Earth's atmosphere, while heating it to about 500 Celsius.

[...] Their findings resolve speculation over the structure of this form of nitrogen, known as -N2. It was discovered 15 years ago but its structure was unknown until now.

Unusually complex phase of dense nitrogen at extreme conditions (open, DOI: 10.1038/s41467-018-07074-4) (DX)


Original Submission

Read more of this story at SoylentNews.

04:25

SpaceX to Launch CubeSat Containing Soul of First African American Astronaut IEEE Spectrum Recent Content full text

The mysterious satellite is a collaboration between artist Tavares Strachan and Los Angeles County Museum of Art

A Falcon 9 rocket due to take off from Vandenberg Air Force Base in California next week will launch a unique cargo into orbit alongside the usual communications and observation satellitesthe soul of Robert Henry Lawrence Jr., the first African American astronaut.

The launch manifest for the SSO-A SmallSat Express mission, organized by Seattle-based Spaceflight Industries, lists a spacecraft called Enoch, owned by LACMAthe Los Angeles County Museum of Art. And for months, that was all that was publicly known about the satellite.

Now, IEEE Spectrum has learned that Enoch contains a 24-karat-gold canopic jar with a bust of Lawrence. Canopic jars were used by ancient Egyptians to house the organs of the deceased for use in the afterlife. This jar was blessed at a Shinto shrine in Japan and recognized as a container for Lawrences soul, according to the museum.

[Lawrence is] someone who has a mostly untold story, who I look at as a hero but who wasnt necessarily considered one when I was a child in school, says Tavares Strachan, the artist behind Enoch, in an interview with IEEE Spectrum.

Although Guion Bluford Jr. was the first African American to reach space, on a space shuttle in 1983, Lawrence was the first black astronaut, selected for training in 1967. Just six months later, Lawrence died in the crash of an F-104 Starfighter jet while teaching a junior pilot shuttle-landing techniques.

A black guy doing space exploration with the U.S. government wasnt a normal situation in 1960s America. He was traversing a very difficult time, says Strachan. Strachan first learned about Lawrence while researching an earlier project on cultural invisibilitythe tendency for minority figures to get written out of history.

A gold jar with a bust etched into the top, displayed on a black stand. Photo: Tavares Strachan/LACMA Enoch holds this canopic jar sculpture with a bust of astronaut Robert Henry Lawrence Jr.

The Enoch project began back in 2014, when Strachan was selected...

04:00

A Look At The GCC 9 Performance On Intel Skylake Against GCC 8, LLVM Clang 7/8 Phoronix

With GCC 9 embarking upon its third stage of development where the focus ships to working on bug/regression fixes in preparation for releasing the GCC 9.1 stable compiler likely around the end of Q1'2019, here is a fresh look at the GCC 9 performance with its latest development code as of this week compared to GCC 8.2.0 stable while using an Intel Core i9 7980XE test system running Ubuntu Linux. For good measure are also fresh results from LLVM Clang 7.0 stable as well as LLVM Clang 8.0 SVN for the latest development state of that competing C/C++ open-source compiler.

03:26

Facebook Messenger to offer Unsend feature to delete sent messages HackRead

By Waqas

Facebook has made many efforts so far to refine its Messenger app. This year in May, Facebook CEO Mark Zuckerberg along with other executives of the social network admitted that the Facebook Messenger has to be refined since the current app contained many useless features while lacked critically important ones. Such as, its UI could []

This is a post from HackRead.com Read the original post: Facebook Messenger to offer Unsend feature to delete sent messages

03:26

That Domain You Forgot to Renew? Yeah, its Now Stealing Credit Cards Krebs on Security

If you own a domain name that gets decent traffic and you fail to pay its annual renewal fee, chances are this mistake will be costly for you and for others. Lately, neglected domains have been getting scooped up by crooks who use them to set up fake e-commerce sites that steal credit card details from unwary shoppers.

For nearly 10 years, Portland, Ore. resident Julie Randall posted pictures for her photography business at julierandallphoto-dot-com, and used an email address at that domain to communicate with clients. The domain was on auto-renew for most of that time, but a change in her credit card details required her to update her records at the domain registrar a task Randall says she now regrets putting off.

Julierandallphoto-dot-com is now one of hundreds of fake ecommerce sites set up to steal credit card details.

Thats because in June of this year the domain expired, and control over her site went to someone who purchased it soon after. Randall said she didnt notice at the time because she was in the middle of switching careers, didnt have any active photography clients, and had gotten out of the habit of checking that email account.

Randall said she only realized shed lost her domain after failing repeatedly to log in to her Instagram account, which was registered to an email address at julierandallphoto-dot-com.

When I tried to reset the account password through Instagrams procedure, I could see that the email address on the account had been changed to a .ru email, Randall told KrebsOnSecurity. I still dont have access to it because I dont have access to the email account tied to my old domain. It feels a little bit like the last ten years of my life have kind of been taken away.

Visit julierandallphoto.com today and youll see a Spanish language site selling Reebok shoes (screenshot above). The site certainly looks like a real e-commerce shop; it has plenty of product pages and images, and of course a shopping cart. But the site is noticeably devoid of any SSL certificate (the entire site is http://, not https://), and the products for sale are all advertised for roughly half their normal cost.

A review of the neighboring domains that reside at Internet addresses adjacent to julierandallphoto-dot-com (196.196.152/153.x, etc.) shows hundreds of other domains that were apparently registered upon expiration over the past few months and which now feature similar http-only online shops i...

03:22

Researchers Find New Pathway to Regulate Immune Response, Control Diseases SoylentNews

Submitted via IRC for Bytram

Researchers find new pathway to regulate immune response, control diseases

Researchers at The University of Texas at Arlington have found a potential new pathway to regulate immune response and potentially control inflammatory diseases of the central nervous system such as meningitis and sepsis. "We need to know what turns on inflammatory response to bacterial infection to be able to modulate the process," said Subhrangsu Mandal, the UTA associate professor of chemistry who led the research. "If we can do so, we can control inflammatory diseases of the central nervous system that have been hard to treat up to now, such as sepsis and meningitis, as well as cancer and muscular dystrophy, which can also be seen a kind of inflammation," he added.

[...] The researchers have found that the long non-coding RNA molecule HOTAIR present in white blood cells has the capacity to signal these cells to activate immune response in the presence of bacteria. RNA, or ribonucleic acid, is present in all living cells. Its primary role is to carry instructions from DNA. "Knowing that HOTAIR has a role in the signaling pathway also means that we can use it as a biomarker for bacterial infection," he added. "Simple blood tests could indicate infection much more quickly, enabling better treatment for patients of rapidly-moving diseases such as septic shock and meningitis, which have been hard to treat up to now."

The researchers used the resources of UTA's North Texas Genome Center to demonstrate that noncoding RNA expression -- including HOTAIR -- is induced in white blood cells treated with lipopolysaccharide, which are molecules found on the outer membrane of bacterial cells. The research showed that HOTAIR gene was expressed alongside cytokines, which are excreted by cells as part of immune response, and inflammatory response genes such as iNOS. As a result, it is possible to conclude that HOTAIR is a key regulator for pathogen-induced cytokine expression, immune response and inflammation.

LncRNA HOTAIR regulates lipopolysaccharide-induced cytokine expression and inflammatory response in macrophages (open, DOI: 10.1038/s41598-018-33722-2) (DX)


Original Submission

Read more of this story at SoylentNews.

03:11

Beyond Finding Stuff with the Linux find Command

Title: 
Beyond Finding Stuff with the Linux find Command

02:53

02:43

Security updates for Tuesday LWN.net

Security updates have been issued by Debian (firmware-nonfree and imagemagick), Fedora (cabextract, icecast, and libmspack), openSUSE (icecast), Red Hat (httpd24), Slackware (libtiff), SUSE (apache-pdfbox, firefox, ImageMagick, and kernel), and Ubuntu (clamav, spamassassin, and systemd).

02:42

02:35

Introducing Jake Glass, FSF campaigns and licensing intern FSF blogs

Hello software freedom supporters! I am Jake Glass, and I will be interning for both the campaigns and the licensing teams this fall/winter. I am a recent graduate of the University of Michigan, where I earned an engineering degree in computer science, and I am currently in the process of applying to law school.

During my summers as an undergraduate, I worked in software development, where I began to consider the ethical ramifications of computing. I realized that my peers and I were often unintentionally building tools to exert social and political control. As the Snowden leaks were emerging around this time, it became clear to me that the pervasiveness of these tools is an imminent threat to freedom worldwide. This was my original motivation in supporting the free software movement: how can we be sure the programs running on our own machines are not spying on us without having access to the source, as required by the Four Freedoms? My interest in these issues concerning copyrights, patents, and civil rights on the Internet has convinced me to attend law school, where I can engage in formal study of these topics.

The FSF's campaigns target important opportunities for free software adoption and development, empower people against specific threats to their freedom, and build communities around free software. My work with the campaigns team will focus on preparing written material for the Libreplanet 2019 conference and the 2019 fundraising season. On the licensing side, I will be assisting in the FSF Licensing & Compliance Lab, the preeminent resource of free licensing for free software developers for over 20 years. Specifically, I will be helping free software developers with their questions sent to licensing@gnu.org, along with creating some new licensing educational material for gnu.org and fsf.org. I like to quickly describe my internship as copywriting and copyrights! Im excited to explore the legal and ethical questions concerning computing while building my writing and analytical skills through a organization contributing to global good.

Outside of internet and software freedom, my technology interests include machine learning, data science, and distributed systems. When I'm not working with tech, I enjoy cooking, hockey, biking, and card games.

02:24

Facebook is the least-trusted major tech company- study TechWorm

Facebook Is the Least Trusted Major Tech Company Among Americans For Protecting Personal Data, Suggests Polls

Facebook, the social networking giant, has been voted as the least trustworthy tech company, according to a recent survey conducted by Fortune. Thanks to Facebooks increasing scrutiny for its handling of data privacy, ad targeting, and propaganda that has made its users trust the company the least.

According to the survey, only 22 percent of Americans trust Facebook with their personal information out of all major tech companies. On the other hand, Amazon with 49 percent ranks the highest in terms of trust, followed by Google (41 percent), Microsoft (40 percent), and Apple (39 percent).

Facebook is in the bottom in terms of trust in housing your personal data, said Harris Poll CEO John Gerzema. Facebooks crises continue rolling in the news cycle. The poll was carried out by Harris Poll on behalf of Fortune in mid-October that surveyed over 2,000 U.S. adults.

This obvious lack of trust is bad news for Facebook, which is mainly due to factors such as leadership, ethics, trust, and image. Also, the Cambridge Analytica scandal earlier this year where up to 87 million Facebook users data was shared without their permission, along with the September data breach in which roughly 50 million of its users data was exposed through an attack on its network, has only attributed to Facebooks low rankings.

Additionally, 48 percent of those who took the survey admitted to viewing Facebook more negatively than six months ago.

According to the survey, only 59 percent of respondents said they were at least somewhat confident in Zuckerbergs leadership in the ethical use of data and privacy information. With 77 percent, Amazon CEO Jeff Bezos came in first, followed by Apples CEO Tim Cook at 72 percent, Microsofts CEO Satya Nadella at 71 percent, and Googles CEO Sundar Pichai at 68 percent.

That would be a C or D in grade school, Gerzema said about Zuckerberg.

Facebook declined to comment on the poll. The company instead pointed to recent remarks made by Zuckerberg where he said that Facebook continues to invest in security and that its defenses are improving.

Not only the Facebook users, but some of the companys major investors too are disappointed by Zuckerberg. Last month, several major public investment funds had proposed removing Zuckerberg as the companys chairman of the board.

Source: PYMTS

The post Facebook is the least-trusted major tech company- study appeared first on...

02:23

Ubuntu 19.04 Development Starts Off With Python 3.7, Merged Usr Directories Phoronix

Ubuntu 19.04 "Disco Dingo" development is now officially underway...

02:19

OPNFV Gambia Doing What We Do Best While Advancing Cloud Native

Today, the OPNFV community is pleased to announce the availability of Gambia, our seventh platform release! I am extremely proud of the way the community rallied together to make this happen and provide the industry with another integrated reference platform for accelerating their NFV deployments.

02:11

Amazon officially picks New York, Northern Virginia for new offices The Hill: Technology Policy

Amazon on Tuesday officially announced that it would split its "second headquarters" between New York City and Arlington, Va., after a more than yearlong search.The announcement comes after dozens of cities tried to woo the ...

02:08

New additions to RSA Conference Advisory Board bring wealth of industry knowledge Help Net Security

RSA Conference, the worlds leading information security conferences and expositions, today announced the addition of nine new members to its Advisory Board for a total of 16 members across a wide array of positions in the industry. This expansion falls under the governance pillar of the new diversity and inclusion initiative that was also announced today. We are beyond excited to welcome these nine industry titans to our Advisory Board, said Sandra Toms, Vice President More

The post New additions to RSA Conference Advisory Board bring wealth of industry knowledge appeared first on Help Net Security.

02:02

10 Best Free Sports Streaming Sites TechWorm

A majority of people still rely on either cable or satellite-based television services for watching live sports or for streaming.

Surprisingly there are many other reliable services that can be used for free live sports streaming. So these are some of the best free sports streaming sites that are worth checking out.

Top 10 Best Free Sports Streaming Sites

ALSO READ: Watch TV Shows Online For Free | Sites For Streaming Full Episodes

ESPN

The first and one of the most popular free live sports streaming site on the list is ESPN. You can easily stream many major sports on ESPN and a majority of content is available in HD. ESPN allows users to watch both live sports streams and replays. Moreover, ESPN also offers detailed updates about ongoing sports events.

As for downsides, ESPN is only available for US residents. Furthermore, some games require a valid cable or satellite subscription.

VISIT ESPN

HotStar

The next most reliable website for free sports streaming is HotStar. This free sports streaming site has gained immense popularity due to its many nifty features. Well, theres no need of signing up for the service and you can straightway watch live streams and replays of your favorite sports. HotStar is very prominent in the Indian region.

Different sports like football, cricket, table tennis, hockey, and many others have dedicated sections on Hotstar. As for downsides, the free account on HotStar delays the live stream by a few minutes. Overall, HotStar is a perfect sports streaming site that offers HD content.

VISIT Hotstar

Laola1

Laola1 is a popular live sports streaming website that is based in Austria. You can watch Football, Ice Hockey, Motorsports, Table Tennis, Handball, and many other sports using this free sports streaming website. Laola1 has a clean UI and the vide...

02:00

Alice Evans: Brucellosis, or Why We Pasteurize Milk Hackaday

Its easy to forget how much illness and death was caused by our food and drink just one hundred years ago. Our modern food systems, backed by sound research and decent regulation, have elevated food safety to the point where outbreaks of illness are big news. If you get sick from a burger, or a nice tall glass of milk, its no longer a mystery what happened. Instead we ask why, and who screwed up?

In the early 20th century though, many food-borne illnesses were still a mystery, and microbiology was a scientific endeavor that was just getting started. Alice Catherine Evans was an unlikely figure to make a dent in this world at the time, but through her research at the United States Department of Agricultures (USDA), and later at the Hygienic Laboratory (now the National Institute of Health) she had a huge impact on the field of bacteriology, the dairy industry, and consumer safety.

Childhood and Education

In her memoirs, Alice describes her childhood and continuing education as a straight path with limited options:

Until my academic education was completed I seemed never to have an opportunity to make a choice in matters concerning my future. I always stepped into the only suitable opening I could see on my horizon.

Growing up on a farm in rural Pennsylvania, her primary education took place in the local one-room schoolhouse with good teachers most of the time. With no high school available in her district, she traveled to a nearby town for her secondary eduction.

Without the financial means to attend college, she pursued the only professional career available to women at the time: teaching. She taught grades 14 for four years, but despite finding the children interesting, she quickly grew bored with teaching the same curriculum over and over again. I was glad when I found a way to escape, she said of that time.

Her escape was facilitated by another opportunity that presented itself: the College of Agriculture at Cornell University started offering a tuition-free two-year course for rural teachers intended to help them foster a love of nature in their students. Using savings from her time spent teaching, she attended this Nature Study course, and studied botany, zoology, entomology, ornithology, geology, and meteorology. By the time she was done with her studies, she was hooked:

I was no longer interested in obtaining the certificate to which I was eligible. My interest in science had been whetted by the basic courses I had taken, and I wanted to continue the study of science any branch of biologic science would satisfy me.

Luckily, at this time the college was accepting out-of-state students, tuition-free, to its regular courses. Wit...

01:44

Intel Core i9 9980XE Released As A Skylake-X Refresh Phoronix

This morning Intel officially announced the Core i9 9980XE as the refreshed Skylake-X part succeeding the Core i9 7980XE...

01:36

Ocasio-Cortez blasts tax breaks for Amazon, says HQ2 will displace the working class The Hill: Technology Policy

Rep.-elect Alexandria Ocasio-Cortez (D-N.Y.) criticized Amazon on Monday over the news that it has picked Long Island City in Queens as the site of a new headquarters, arguing it will hurt the local community in the New York City borough."Weve been...

01:35

Target and other high profile Twitter accounts exploited for cryptocurrency scams Graham Cluley

The latest high profile account to be abused by scammers to promote a cryptocurrency giveaway? US retail giant Target.

01:29

The USPTO and EPO Pretend to Care About Patent Quality by Mingling With the Terms Patent and Quality Techrights

A working coup: The EPOs Working Party on Quality is Battistellis Own Ministry of Truth

Short: EPOs Working Party for Quality is to Quality What the Democratic Peoples Republic of Korea is to Democracy

Ministries of Nineteen Eighty-Four
Reference: Ministries of Nineteen Eighty-Four

Summary: The whole patent quality propaganda from EPO and USPTO management continues unabated; they strive to maintain the fiction that quality rather than money is their prime motivator

AS we noted in our previous post, the European Patent Office (EPO) keeps promoting software patents in Europe (even in those words, not CII); the U.S. Patent and Trademark Office (USPTO) is meanwhile moving in the exact opposite direction (in practice at least). It has gotten a lot harder to receive US software patents and then successfully enforce these.

It has gotten a lot harder to receive US software patents and then successfully enforce these.Janal Kalis wrote: The USPTO Reported 28 New PTAB Decisions Regarding 101 Eligibility. All of the Decisions Affirmed the Examiners Rejections.

Kalis alludes to the Patent Trial and Appeal Board (PTAB) and to 35 U.S.C. 101, which helps eliminate most if not all software patents in the US. Programmers in the US are happy and programmers in Europe should be paying closer attention to what the EPO is up to; Ideas are cheap, as one European opponent of software patents put it yesterday, execution difficult (patents dont cover execution/impleme...

01:27

Operation Shaheen Pakistan Air Force members targeted by nation-state attackers Security Affairs

Security firm Cylance has uncovered a sophisticated state-sponsored campaign, tracked as Operation Shaheen, against the Pakistan Air Force.

According to the experts the campaign was carried out by a nation-state actor tracked as the White Company with access to zero-day exploits and exploit developers.

The preliminary findings detail one of the groups recent campaigns, a year-long espionage effort directed at the Pakistani Air Force. Cylance calls the campaign Operation Shaheen and the organization The White Companyin acknowledgement of the many elaborate measures the organization takes to whitewash all signs of its activity and evade attribution. reads the press release published by Cylance.

The Pakistani Air Force is not just an integral part of the countrys national security establishmentincluding its nuclear weapons programbut it is also the newly announced home of the countrys National Centre for Cyber Security. A successful espionage operation against such a target could yield significant tactical and strategic insight to a range of foreign powers.

As part of Operation Shaheen, White Company hackers targeted members of the Pakistan Air Force with spear-phishing messages that weaponized lure files with names referenced events, government documents, or news articles of interest for the targets (i.e. the Pakistani Air Force, the Pakistani government, and Chinese Military and advisers in Pakistan).

Attackers initially used phishing messages with links to compromised websites, then they switched to emails using infected Word documents as attachments.

In both cases, the researchers found, the emails were specifically crafted to reference topics that would be relevant to appeal to the targets: the Pakistani Air Force, the Pakistani government, and Chinese Military and advisers in Pakistan.

We cannot say with precision where those documents went, or which were successful. However, we can say that the Pakistan Air Force was a primary target. This is evident by the overriding themes expressed in document filenames, the contents of the decoy documents, and the specificity employed in the military-themed lures. continues the report published by Cylance.

In addition, as explained below, the malware delivered by these lures was delivered from domains not just of legitimate, compromised Pakistani organizations a common tactic attackers use to make any traffic the tar...

01:26

Amazon Reportedly Picks New York, Northern Virginia for HQ2 SoylentNews

Amazon Reportedly Picks New York, Northern Virginia for HQ2 :

Decision to be formally announced as soon as Tuesday, The Wall Street Journal reports.

[...] It appears Amazon couldn't settle on a single site for its second corporate headquarters and has decided to divide the duties between a second and third headquarters.

The online retailing giant is expected to announce as soon as Tuesday it's chosen New York City and northern Virginia's Crystal City for its planned second headquarters  -- dubbed HQ2, The Wall Street Journal reported Monday night, citing people familiar with the matter. Other cities may get other responsibilities, the newspaper added.

Amazon's HQ2 gained attention as one of the biggest corporate projects in the US, with the e-retailer planning to hire 50,000 workers and spend $5 billion. The company fueled excitement about its plans by inviting cities to pitch themselves as sites for the development.

It was reported earlier this month that Amazon was examining the option of creating two separate 25,000-person campuses, in part due to the need to hire enough tech talent and partly to ease housing and traffic concerns. Two HQ2 projects would also ensure that Seattle remains Amazon's definitive headquarters.

I don't suppose Amazon would settle for one 30,000 person campus and one 20,000 person campus, should they be able to cut a better deal with one city over the other?


Original Submission

Read more of this story at SoylentNews.

01:04

Read issue #194 of Lifeboat News! Lifeboat News

Read issue #194 of Lifeboat News!

00:59

00:53

[security bulletin] MFSBGN03831 rev. - Service Management Automation, remote disclosure of information Bugtraq

Posted by cyber-psrt on Nov 13 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM03286178
Version: 1

MFSBGN03831 rev. - Service Management Automation, remote disclosure of
information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2018-11-12
Last Updated:...

00:52

[security bulletin] MFSBGN03830 rev.1 - Service Manager, unauthorized disclosure of information Bugtraq

Posted by cyber-psrt on Nov 13 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286177

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM03286177
Version: 1

MFSBGN03830 rev.1 - Service Manager, unauthorized disclosure of information

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2018-11-12
Last Updated:...

00:46

[security bulletin] MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data Bugtraq

Posted by cyber-psrt on Nov 13 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM03286176
Version: 1

MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of
data

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2018-11-12
Last Updated:...

00:43

[slackware-security] libtiff (SSA:2018-316-01) Bugtraq

Posted by Slackware Security Team on Nov 13

[slackware-security] libtiff (SSA:2018-316-01)

New libtiff packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/libtiff-4.0.10-i586-1_slack14.2.txz: Upgraded.
This update fixes some denial of service security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456...

00:31

The Ceph Storage Project Gets a Dedicated Open-Source Foundation

Ceph is an open source technology for distributed storage that gets very little public attention but that provides the underlying storage services for many of the worlds largest container and OpenStack deployments. Its used by financial institutions like Bloomberg and Fidelity, cloud service providers like Rackspace and Linode, telcos like Deutsche Telekom, car manufacturers like BMW and software firms like SAP and Salesforce.

00:14

Yannis Skulikaris Promotes Software Patents at EPOPIC, Defending the Questionable Practice Under Antnio Campinos Techrights

Summary: The reckless advocacy for abstract patents on mere algorithms from a new and less familiar face; the EPO is definitely eager to grant software patents and it explains to stakeholders how to do it

THEREs no excuse for what Antnio Campinos does at the European Patent Office (EPO). Its not good at all, but media turns a blind eye to it, as we shall explain in our next post. Nothing has changed for the better and quite a few things actually got worse.

Nothing has changed for the better and quite a few things actually got worse.EPOPIC started yesterday. It was opened/commenced by Campinos. He did not say anything important, at least based on the corresponding EPO tweets (e.g. [1, 2, 3]). Hes the quiet president, an EPO President who tries not to rattle any golden cages. So we shall focus on more vocal people those who shamelessly promote software patents in Europe.

Corrupt EPO officials have long been promoting software patents like never before; its not entirely new a thing, but before Battistelli it was somewhat contained. Under Battistelli it became very much evident and under Campinos this promotion of software patents is done about three times a day; theyve become a rogue institution begging to be reprimanded. But who can ever reprimand them? Theyre positioned above the law, unlike the U.S. Patent and Trademark Office (USPTO), which habitually gets sued.

Corrupt EPO officials have long been promoting software patents like never before; its not entirely new a thing, but before Battistelli it was somewhat contained.WTF, Benjamin Henrion wrote yesterday, quoting the EPO: 2018 may well be the turning point for the EPO and patent information, with the disruptive emergence of AI, B...

00:04

Push Technology releases Diffusion Intelligent Data Platform 6.2 Help Net Security

Push Technology released new functionality in their Diffusion Intelligent Data Platform to increase security authentication and authorization handling, facilitate transitioning from REST-based applications to streaming data applications, simplify development of multi-user and collaborative applications, and enhance data compression for large payload distribution applications. The Diffusion Intelligent Data Platform synchronizes, manages, and distributes data among applications, devices, and systems via web, mobile, and satellite networks. Security New security functionality for Authentication and Authorization handling provides More

The post Push Technology releases Diffusion Intelligent Data Platform 6.2 appeared first on Help Net Security.

00:00

Cathay Pacific waited six months before disclosing the security breach Security Affairs

Cathay Pacific has admitted that it was under attack for three months and it took six months to disclose the data breach.

At the end of October, Cathay Pacific Airways Limited, the flag carrier of Hong Kong, announced that had suffered a major data breach affecting up to 9.4 million passengers.

Exposed data includes passport numbers, identity card numbers, email addresses, and credit card details were accessed, information exposed varies for each affected passenger.

The IT staff at Cathay discovered an unauthorized access of systems containing the passenger data of up 9.4 million people. Hackers also accessed 403 expired credit card numbers and twenty-seven credit card numbers with no CVV were accessed.

Cathay Pacific notified the incident to local police and legislators, it also set up a website for customers want to know if their personal data may have been exposed.

Now Cathay Pacific has admitted that it was under attack for three months and it took six months to disclose the data breach.

In the official statement released by the airline, the company declared it had detected suspicious activity earlier March 2018.

A written submission by Cathay Pacific Airways Limited to Hong Kongs Legco reveals the company confirmed to be aware that in March it was under a full-scale attack on its servers. The attacks continued during the investigation, for three months the company was under siege.

During this phase of the investigation, Cathay was subject to further attacks which were at their most intense in March, April and May but continued thereafter. These ongoing attacks meant that internal and external IT security resources had to remain focused on containment and prevention. reads the written submission.

Remediation activities began as part of this effort and continued throughout. Even as the number of successful attacks diminished, we remained concerned that new attacks could be mounted. 

...

Tuesday, 13 November

23:58

Snow launches SaaS usage visibility to help businesses optimize cloud investments Help Net Security

Snow Software (Snow) introduced Snow for SaaS to give organizations visibility to their growing portfolio of SaaS applications in use within their enterprises. Businesses can use that insight to optimize investments, drive operational efficiency, manage risk and compliance and improve their products and services. Business users are deploying SaaS applications to move faster and react to ever-changing business needs. Gartner expects SaaS to reach 45 percent of total application software spending by 2021. Organizations benefit More

The post Snow launches SaaS usage visibility to help businesses optimize cloud investments appeared first on Help Net Security.

23:56

Amazon Web Services launches second GovCloud Region in the United States Help Net Security

Amazon Web Services (AWS) launched the AWS GovCloud (US-East) Region, its second GovCloud infrastructure region in the United States. With the launch of the AWS GovCloud (US-East) Region, AWS now provides 57 Availability Zones across 19 geographic regions globally with another 12 Availability Zones and four regions coming online in Bahrain, Hong Kong SAR, South Africa, and Sweden between the end of 2018 and the first half of 2020. The AWS GovCloud Regions meet the More

The post Amazon Web Services launches second GovCloud Region in the United States appeared first on Help Net Security.

23:50

Another Nail in The Coffin for Free Speech in EU SoylentNews

As the days go by our hard won freedoms and liberty are slowly being eroded. In Europe a crushing blow has been made to freedom of speech with a European Court of Human Rights upholding a conviction for saying that the person known as Muhammad ten centuries ago was technically a paedophile based on information in historical texts. The statement was made in reference to Muhammad's marriage to a six year old child name called Aisha. The court found that Presenting objects of religious worship in a provocative way capable of hurting the feelings of the followers of that religion could be conceived as a malicious violation of the spirit of tolerance, which was one of the bases of a democratic society.. In giving its ruling that "Muhammad was not a worthy subject of worship" the court has additionally demonstrated a complete misunderstanding as to the religion involved which worships "Allah", a word meaning 'God', not 'Muhammad' who claimed to be a prophet of this god. Freedom of speech is dying.


Original Submission

Read more of this story at SoylentNews.

23:47

1 in 5 merchants compromised by Magecart get reinfected Help Net Security

The Magecart threat looms large for online retailers and their customers, as the criminal groups that have been assigned this collective name are constantly trying out new tricks for stealthily compromising the shops and achieving persistence. According to security researcher Willem de Groot, the Magecart attackers have become so adept at the latter that many online merchants end up having to clean their shops many times. In the last quarter, 1 out of 5 breached More

The post 1 in 5 merchants compromised by Magecart get reinfected appeared first on Help Net Security.

23:45

Systems Engineer Salary Rises Even Higher with Linux Experience

System administration is a very reactive role, with sysadmins constantly monitoring networks for issues. Systems engineers, on the other hand, can build a system that anticipates users needs (and potential problems). In certain cases, they must integrate existing technology stacks (e.g., following the merger of two companies), and prototype different aspects of the network before it goes live.

23:34

Cynet Review: Simplify Security with a True Security Platform The Hacker News

In 1999, Bruce Schneier wrote, "Complexity is the worst enemy of security." That was 19 years ago (!) and since then, cyber security has only become more complex. Today, controls dramatically outnumber staff available to support them. The Bank of America has a $400-million cyber budget to hire security staff and implement a broad array of products. But what if your budget and

23:25

Microsoft's New Open-Source Project Is "Shader Conductor" For Cross-Compiling HLSL Phoronix

The latest open-source project out of Microsoft under an MIT license is Shader Conductor, which allows for cross-compiling HLSL to other languages -- including GLSL for OpenGL/Vulkan usage...

23:14

NGO Teaching Migrants to Lie to Border Guards cryptogon.com

Via: Russia Today: A group that helped over 15,000 refugees and migrants to get into Europe has been caught on tape admitting to systematically training asylum seekers to exploit screening interviews by feigning trauma and persecution. Ariel Ricker, the executive director of Advocates Abroad, a major non-profit NGO which provides legal aid to migrants, has []

23:00

Unique Flat-Screen Display Put to Use in CRT Game Boy Hackaday

The cathode-ray tube ruled the display world from the earliest days of TV until only comparatively recently, when flat-screen technology began to take over. CRTs just kept getting bigger over that time until they reached a limit beyond which the tubes got just too bulky to be practical.

But there was action at the low end of the CRT market, too. Tiny CRTs popped up in all sorts of products, from camcorders to the famous Sony Watchman. One nifty CRT from this group, a flat(tish) tube from a video intercom system, ended up in [bitluni]s lab, where hes in the process of turning it into a retro Game Boy clone with a CRT display. The display, which once showed the video from a door-mounted camera, was a gift from a viewer. Date codes on the display show its a surprisingly recent device; were monochrome TFT displays that hard to come by in 2007? Regardless, its a neat design, with the electron gun shooting upward toward a curved phosphor screen. With a little Google-assisted reverse engineering, [Bitluni] was able to track done the video connections needed to use his retro game console, which uses an ESP32 that outputs composite video. He harvested the intercom speaker for game audio, added a temporary Nintendo gamepad, and soon he was playing Tetris in glorious monochrome on the flat screen.

The video below is only the first in a series where the prototype will be stuffed into one nice tidy package. It certainly still needs some tweaking, but its off to a great start. We cant wait to see the finished product.

[baldpower] tipped us off to this one. Thanks again!

The Shiny New Features Of Mesa 18.3 For Open-Source Intel / Radeon Graphics Drivers Phoronix

Being well into the Mesa 18.3 feature freeze and that quarterly update to these open-source OpenGL/Vulkan drivers due out in about two weeks, here is a look at all of the new features and changes you can expect to find with this big update...

22:58

The U.S. Chamber of Commerce is Working for Patent Trolls and Patent Maximalists Techrights

The US Chamber of Commerce International IP Index

Summary: The patent trolls propagandists are joining forces and pushing for a patent system that is hostile to science, technology, and innovation in general (so as to enable a bunch of aggressive law firms to tax everybody)

TECHRIGHTS has habitually noted that the U.S. Chamber of Commerce meddles in the affairs of the U.S. Patent and Trademark Office (USPTO), as well as other patent offices affairs. It is an international harasser like USTR. Among the recent articles we wrote on the subject (in no particular order):

Thanks to Patent Docs, we now see that the villainous Chamber of Commerce (CoC) is working closely with the patent trolls lobby, IAM. IAM staff has long cited CoCs propaganda and and here they are together at last: (maybe in the past too)

The U.S. Chamber of Commerce Global Innovation Policy Center (GIPC), together with IAM.

This is scheduled for later today. CoC typically re...

22:46

FIDO2: The Passwordless web is coming, says OneSpan Graham Cluley

FIDO2: The Passwordless web is coming, says OneSpan

Graham Cluley Security News is sponsored this week by the folks at OneSpan. Thanks to the great team there for their support!

More than 10,000 customers in 100 countries rely on OneSpan to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems.

Often, the first hurdle in customer engagement is the login password. Not only is creating and managing passwords a major annoyance, the login password is also notoriously vulnerable to data breaches.

FIDO authentication solves this problem by replacing the traditional password with strong authentication options ranging from biometrics to software and hardware tokens.

In essence, FIDO authentication offers an interoperable and standardized ecosystem of authenticators for use with mobile and online applications. It enables organizations to deploy strong authentication for login and transaction validation, without the incremental cost of in-house development.

Recently, the FIDO Alliance (Fast Identity Online) announced the availability of its FIDO2 protocol. Read more on the OneSpan blog and discover:

  • What FIDO2 is
  • How it impacts the traditional login and password
  • Why financial institutions (FIs) should pay attention

To learn more, make sure to check out the full article on the OneSpan blog.


If youre interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

22:39

LDAP Authentication In Linux

Title: 
LDAP Authentication In Linux

22:13

Supercomputer on ISS will soon be Available for Science Experiments SoylentNews

Submitted via IRC for AndyTheAbsurd

Astronauts will soon be able to use a supercomputer to help run science experiments on the International Space Station. The Spaceborne Computer, a joint project between NASA and Hewlett Packard Enterprise, launched to the ISS in 2017. Its been limited to running diagnostic tests, figuring out how well a computer built for Earth could survive in space.

Now it will be available to process data for space-based experiments, which should save researchers on the ground valuable time. It will also save precious bandwidth in the tightly-controlled stream of data that NASA manages between the ISS and the ground. The exact experiments that the supercomputer will run in the next few months have not yet been disclosed.

Source: A supercomputer on the ISS will soon be open for science experiments


Original Submission

Read more of this story at SoylentNews.

22:00

Advocates draw battle lines over national privacy law The Hill: Technology Policy

Internet privacy advocates are drawing a line in the sand for lawmakers as Congress begins considering a federal data privacy bill.A coalition of 34 public interest groups on Tuesday released a set of privacy principles that they want codified in...

21:36

Mesa Gets Testing Patches For New Zen Optimization Around Thread Pinning Phoronix

It was just yesterday that the AMD Zen L3 thread pinning was dropped from Mesa due to that optimization not panning out as intended for benefiting the new AMD processors with the open-source Linux graphics driver stack. Lead Mesa hacker Marek Olk is already out with a new Zen tuning implementation that may deliver on the original optimization goal...

21:03

Systemd-Free, XBPS-Powered Void Linux Releases New Images Phoronix

If you are looking for a new Linux distribution to experiment with, Void Linux is one of the interesting ones that is an original creation and community driven that often doesn't receive the attention it deserves. Void Linux is built off its BSD-licensed XBPS packaging system, is a rolling-release platform, uses runit as the init system instead of systemd, opts for LibreSSL in place of OpenSSL, optional musl libc usage, and has a wealth of other changes...

20:53

SETTV IPTV Service Ordered to Pay DISH $90,000,000 in Piracy Damages TorrentFreak

Back in April, the Alliance for Creativity and Entertainment, the global anti-piracy alliance featuring several Hollywood studios, Amazon, Netflix, and dozens of other entertainment companies, sued Florida-based SET Broadcast, LLC.

The popular unauthorized IPTV was accused of being a piracy tool offering copyright-infringing streams to a large number of subscribers. Early June, SETTV went offline after a second lawsuit was filed against the company.

In a Florida court, DISH Network and encryption partner NagraStar sued several individuals, companies and trusts collectively doing business as SETTV via the domain SETTVNOW.com. The plaintiffs stated that the complex business structure was designed to frustrate enforcement efforts and hide profits made by SET Broadcast and various individuals.

Defendants created a pirate streaming television service they have branded SET TV, the complaint reads, citing offenses under the Federal Communications Act (FCA).

Defendants sell subscriptions and devices for the SET TV pirate streaming service, which includes numerous television channels that were received without authorization from DISHs satellite service and were subsequently retransmitted without authorization on the SET TV pirate streaming service.

DISH and NagraStar alleged that for only $20 per month, SET TV gave users access to more than 500 live channels, including on-demand content and PPV broadcasts. The company also sold pre-configured hardware devices that came pre-loaded with the SET TV application. As a result, the plaintiffs demanded a permanent injunction plus huge damages.

In an agreed judgment handed down by a Florida court (the merits of the case were not considered), the demands of DISH and NagraStar have now been met.

DISH is awarded statutory damages of $90,199,000 under the FCA. The statutory damages are calculated at the parties agreed upon $500 for each of the 180,398 subscribers that were acquired directly by Defendants and provided with unauthorized access to DISHs television programming using Defendants SetTV streaming service. Defendants are jointly and severally liable for all damages awarded herein, the judgment reads.

The defendants in the case (and anyone acting in concert with them) are also permanently enjoined from receiving, retransmitting, or copying, or assisting others in receiving, retransmitting, or copying, any of DISHs satellite or over-the-top Internet transmissions of television programming or any conten...

20:35

Latest Top500 List: Upgraded US Supercomputers Claim Top Two Spots; China has Most Systems SoylentNews

Upgraded US Supercomputers Claim top two Spots on Top500 List:

China has more of the 500 fastest machines on the planet than ever, and the US hits an all-time low.

The US now can claim the top two machines on a list of the 500 fastest supercomputers, as Sierra, an IBM machine for nuclear weapons research at Lawrence Livermore National Laboratory, edged out a Chinese system that last year was the very fastest.

The Top500 list ranks supercomputers based on how quickly they perform a mathematical calculation test called Linpack. The top machine, IBM's Summit at Oak Ridge National Laboratory, had claimed the No. 1 spot in June with a speed of 122.3 quintillion mathematical operations per second, or 122.3 petaflops.

But an upgrade gave it a score of 143.5 petaflops on the newest list. To match that speed, each person on the planet would have to perform 19 million calculations per second. Sierra got an upgrade, too, boosting its performance from 71.6 petaflops to 94.6 petaflops and lifting it from third place to second.

The top machine on the first TOP500 list in June of 1993 was a Thinking Machines Corporation CM-5/1024 with 1,024 cores and was rated at Rpeak of 131.0 GFlop/s and Rmax of 59.7 GFlop/s. The least performant system is listed at the bottom of Page 5 of he list was a C3840 Made by Sharp of Japan which had 4 cores and had RPeak and RMax scores of 0.5 and 0.4 GFlop/s respectively. The fasted Cray Research machine in 1993 rated 9th place at 15.2/13.7 GFlop/s for RPeak and RMax.

Where on that first list would today's smartphones land?

More at Top500 and The Register.


Original Submission

Read more of this story at SoylentNews.

20:23

When Silicon Valley gets religion and vice versa Lifeboat News: The Blog

Some of the tech worlds brightest luminaries hope to postpone the unpleasantness of death, or avoid it entirely. Calico, a secretive company founded by Google, is looking for ways to lengthen human lifespans. Billionaires Larry Ellison, Peter Thiel, and Jeff Bezos have all contributed huge sums for research into anti-aging treatments. Ray Kurzweil, one of the tech industrys leading futurists, has described three scientific and technological bridges that might lead to radically longer life.


20:00

Low-energy ESP8266-based Board Sleeps Like a Log Until Triggered Hackaday

Given the popularity of hacking and repurposing Amazon Dash buttons, there appears to be a real need amongst tinkerers for a simple do something interesting on the internet when a button is pressed device. If you have this need but dont feel like fighting to bend a Dash device to your will, take a look at [Kevin Darrah]s trigBoard instead.

The trigBoard is a battery-powered, ESP8266-based board that includes some clever circuitry to help it barely sip power (less than one microamp!) while waiting to be triggered by a digital input. This input could be a magnetic reed switch, push button, or similar, and you can configure the board for either normally open or normally closed switches.

The clever hardware bits that allow for such low power consumption are explained in [Kevin]s YouTube video, which weve also embedded after the break. To summarize: the EPS8266 spends most of its time completely unpowered. A Texas Instruments TPL5111 power timer chip burns 35 nanoamps and wakes the ESP8266 up every hour to check on the battery. This chip also has a manual wake pin, and its this pin along with more power-saving circuitry thats used to trigger actions based on the external input.

Apparently the microcontroller can somehow distinguish between being woken up for a battery check versus a button press, so you neednt worry about accidentally sending yourself an alert every hour. The default firmware is set up to use Pushbullet to send notifications, but of course you could do anything an EPS8266 is capable of. The code is available on the projects wiki page.

The board also includes a standard micro-JST connector for a LiPo battery, and can charge said battery through a micro-USB port. The trigBoards full schematic is on the wiki, and pre-built devices are available on Tindie.

[Kevin]s hardware walkthrough video is embedded after the break.

...

19:51

Google Services down due to BGP leak, traffic hijacked through Russia, China, and Nigeria Security Affairs

Google services were partially inaccessible on Monday due to a BGP leak that caused traffic redirection through Russia, China, and Nigeria.

A BGP leak caused unavailability of Google service on Monday, the traffic was redirected through Russia, China, and Nigeria.

At the time it is not clear if the incident was the result of an error or a cyber attack on the BGP protocol.

Its unclear if the incident was caused by a configuration issue or if it was the result of a malicious attack.

Route hijacking, also known as BGP hijacking, occurs when the routing tables for groups of IP addresses are intentionally or accidentally corrupted.

Recently security researchers Chris C. Demchak and Yuval Shavitt revealed that over the past years, China Telecom has been misdirecting Internet traffic through China.

China Telecom is currently present in North American networks with 10 points-of-presence (PoPs) (eight in the United States and two in Canada), spanning major exchange points.

The two researchers pointed out that the telco company leverages the PoPs to hijack traffic through China, it has happened several times over the past years,

Within the BGP forwarding tables, administrators of each AS announce to their AS neighbors the IP address blocks that their AS owns, whether to be used as a destination or a convenient transit node. states the paper.

Errors can occur given the complexity of configuring BGP, and these possible errors offer covert actors a number of hijack opportunities. If network AS1 mistakenly announces through its BGP that it owns an IP block that actually is owned by network AS2, traffic from a portion of the Internet destined for AS2 will actually be routed to and through AS1. If the erroneous announcement was maliciously arranged, then a BGP hijack has occurred.

The latest BGP leaks were first reported by the network monitoring firm ThousandEyes, the traffic to Google services, including Search, G Suite, and various Google Cloud services, was directed through TransTelecom in Russia, Nigerian ISP MainOne, and China Telecom.

...

19:34

Origami Terra Forming Terra




This has been evolving through my own lifetime and the concepts extend into chemistry to produce proteins.  It has a clear game like aspect that has given it life.  Now we have 30,000 + shapes and a number of evolved memes that are allowing us to potentially model the behavior of proteins.

It will become a natural extension of organic chemistry and it will become possible to engineer behavior.  It will lend itself to AI assistence.

No one could ever have imagined this from folding a paper airplane.

Origami

November 02, 2018


Playing with paper



With the ancient art of origami, a sheet of paper can become almost anything. But in the modern age, the practice has moved beyond decorative planes and cranes. By fusing paper folding and technology, scientists and engineers are using the art form to help shape the future. 
Origami ...

19:03

Alarm Over Talks to Implant UK Employees With Microchips SoylentNews

From The Guardian:

Britain's biggest employer organisation and main trade union body have sounded the alarm over the prospect of British companies implanting staff with microchips to improve security.

UK firm BioTeq, which offers the implants to businesses and individuals, has already fitted 150 implants in the UK.

The tiny chips, implanted in the flesh between the thumb and forefinger, are similar to those for pets. They enable people to open their front door, access their office or start their car with a wave of their hand, and can also store medical data.

[...] Steven Northam, the founder and owner of Hampshire-based BioTeq, told the Guardian that most of its 150 implants have been for individuals, while some financial and engineering firms have also had the chips implanted in their staff.

BioTeq has also implanted them in employees of a bank testing the technology, and has shipped them to Spain, France, Germany, Japan and China.

We recently covered similar technology being used in Sweden but the idea of implanting a tracking chip in a human for identification is nothing new.


Original Submission

Read more of this story at SoylentNews.

19:00

More Accurate World Map Wins Prestigious Design Award Terra Forming Terra

AuthaGraph Map

Of course it distorts the oceans rather badly, but it does conserve land area.  All map work should work against alternate projections and this one is particularly valuable.  At least Europe compares nicely to India and the Indonesian archipelago compares to the USA as does Brazil and China.

The sub sea should also be mapped in in order to allow for lining up edges in the Atlantic and to check voids in the Pacific.  The perimeter has been left out here.

That is picky though for an excellent piece of work..

 

More Accurate World Map Wins Prestigious Design Award

Published November 3, 2016
Updated August 23, 2018
 https://allthatsinteresting.com/authagraph-world-map?
The AuthaGraph map is the most accurate map you'll ever see. You probably won't like it.

AuthaGraph Map

...

The Human Brain Can Create Structures in Up to 11 Dimensions Terra Forming Terra

main article image



The word dimension is distracting but perhaps properly is an indication of uniqueness and allows the usage of the mathematics in order to generate inferences.  Cliques exist and these are a powerful indication of meaning in space and surely in time as well..
 
At this instance it is a new beginning.
 
All good.

The Human Brain Can Create Structures in Up to 11 Dimensions

SIGNE DEAN 
 
Conceptual illustration of brain networks (l) and topology (r), courtesy of Blue Brain Project
 
21 APR 2018

https://www.sciencealert.com/science-discovers-human-brain-works-up-to-11-dimensions


Last year, neuroscientists used a classic branch of maths in a totally new way to peer into the structure of our brains.

What they discovered is that the brain is full of multi-dimensional geometrical structures operating in as many as 11 dimensions.

We're used to thinking of the world from a 3-D perspective, so this may sound a bit tricky, but the results of this study could be the next major step in understanding the fabric of the human brain - the most complex structure we know of.

This brain model was produced by a team of researchers from the Blue Brain Project, a Swiss research initiative devoted to building a supercomputer-powered reconstruction of the human brain.

The team used algebraic topology, a branch of mathematics used to describe the properties of objects and spaces regardless of how they change shape.

They found that groups of neurons connect into 'cliques', and that the number of neurons in a clique would lead to its size as a high-dimensional geometric object (a mathematical dimensional concept, not a space-time one).

"We found a world that...

19:00

Ratcliffe, Gowdy join list of potential attorney general picks Terra Forming Terra



Unsurprising to see Gowdy's name here as he is now obviously available.   Yet he joins a short list of key individuals clearly read in including Sessions to the PLAN.  Good men are been recruited and pre positioned.  

What that does do is pretty well render the public narrative as suspect.  The core objective is literally draining the swamp.  Mil Intel has been involved for decades and all are willing participants.  Watch the show.

It is now clear that the voter fraud system operated by the Democrats is been outed and expect this to fill the media for weeks and months to come.  We are seeing them been caught in action with a  full spotlight on them.  This was totally planned.

The DEMs will literally need to reconstitute them self.  It is that bad and it will be that public..



Ratcliffe, Gowdy join list of potential attorney general picks

Congressmen, confidantes and TV commentators are among those being considered by the White House.

Rep. John Ratcliffe speaks to media on Capitol Hill in October.Carolyn Kaster / AP

Nov. 10, 2018 / 10:27 AM PST

By Leigh Ann Caldwell and Julia Ainsley

https://www.nbcnews.com/politics/justice-department/ratcliffe-gowdy-join-list-potential-attorney-general-picks-n934616


WASHINGTON Two members of congress, a cabinet official, a presidential confidant and a frequent guest on Fox News are among those being considered by President Donald Trump to be the next attorney general, multiple sources tell NBC News.



One of those, former New Jersey Governor Chris Christie, was a close adviser to the president in his 2016 presidential campaign. He has been largely sidelined by the administration since then but resurfaced at the White House on Thursday for what White House officials said was for a previously scheduled meeting on prison reform.


Rep. John Ratcliffe, R-Texas, and retiring Rep. Trey Gowdy of South Carolina, have also joined the list of those in the running, the sources say.



Ratcliffe, a former political appointee of President George W. Bush who was later appointed to be U.S. Attorney of the Eas...

18:51

Expert found a way to bypass Windows UAC by mocking trusted Directory Security Affairs

David Wells, a security expert from Tenable, devised a method to bypass Windows User Account Control (UAC) by spoofing the execution path of a file in a trusted directory. 

A security researcher from Tenable has discovered that is possible to bypass Windows User Account Control (UAC) by spoofing the execution path of a file in a trusted directory.

User Account Control (UAC) is a technology and security mechanism that aims to limit application software to standard user privileges until an administrator authorizes an increase or elevation.

Some programs can auto-elevate privileges bypassing UAC, to prevent abuses Windows implements a series of additional security checks to allow that only a specific group of trusted executables can auto-elevate.

Executables that can auto-elevate have specific configuration, need to be properly signed, and to run from a Trusted Directory (i.e. C:\Windows\System32).

David Wells researcher discovered the Appinfo.dll (AIS) will use RtlPrefixUnicodeString API to see if the target executable path begins with C:\Windows\System32\ for one of the trusted directory checks.

Then the researcher created a directory called C:\Windows \ (with a space after the word Windows) by using the CreateDirectory API and prepending a \\?\ to the directory name and then created a System32 directory in it.

So for bypassing this check, I construct a directory called C:\Windows \ (notice trailing space after Windows). This wont pass the RtlPrefixUnicodeString check of course, and Ill also mention that this is somewhat invalid (or in the very least unfriendly) directory name, as Windows does not allow trailing spaces when you create a directory (try it). wrote the expert.

Using the CreateDirectory API however, and prepending a \\?\ to the directory name I want to create, we can bypass some of these naming filter rules and send the directory creation request directly to file system.

Then the expert copied a signed, auto elevating executable from C:\Windows\System32, and discovered that upon its execution no UAC prompt is triggered.

When this awkward path is sent to AIS for an elevation request, the path is passed to GetLongPathNameW, which converts it back to C:\Windows\System32\winSAT.exe (space removed). Perfect! This is now the string that trusted directory checks are performed against (using RtlPrefixUnicodeString) for the rest of the routine. explained the expert.

The beauty is that after the trusted directory check is done with this converted path string, it is then freed, and rest of checks (and final elevated execution request) are done with the original executable path name (with...

18:42

HITB Security Conference to feature CTF, free to the public hacking games and challenges Help Net Security

In two weeks, one of the most gruelling security challenges returns to the Middle East! As part of Hack in the Boxs (HITB) return to Dubai after an 8-year gap, the HITB Security Conference will be bringing back a wide range of free to the public hacking games and challenges, including its ever-popular HITB Capture The Flag (CTF) competition. HITBs CTF competition will see over 20 international teams battle it out in Dubai on 27 More

The post HITB Security Conference to feature CTF, free to the public hacking games and challenges appeared first on Help Net Security.

18:14

eBook: The DevOps Roadmap for Security Help Net Security

DevOps is concerned with uniting two particular tribes: development and operations. These tribes have seemingly competing priorities: developers value features while operations value stability. These contradictions are largely mitigated by DevOps. A strong argument could be made that the values of the security tribe defensibility could just as easily be brought into the fold, forming a triumvirate under the DevSecOps umbrella. The security tribes way forward is to find ways to unify with More

The post eBook: The DevOps Roadmap for Security appeared first on Help Net Security.

18:02

How Much Hotter Is Your Hometown Than When You Were Born? Lifeboat News: The Blog

What you do on the Internet is nobodys business but yours. At ProxySite.com, we stand between your web use and anyone who tries to sneak a peek at it. Instead of connecting directly to a website, let us connect to the website and send it back to you, and no one will know where youve been. Big Brother (or other, less ominous snoops) wont be able to look over your shoulder and spy on you to see what youre reading, watching or saying.

18:00

Arm Leads Project to Develop an Armpit-Sniffing Plastic AI Chip IEEE Spectrum Recent Content full text

In a quest for penny-priced plastic sensors, Arm and its partners are demonstrating a stripped-down form of machine learning

Body odor is a stubborn problem. Not just for people, but also for sensors. Sensors and the computing attached to them struggle to perceive armpit odors in the way humans do, because B.O. is really a complex mix of dozens of gaseous chemicals. The United Kingdoms PlasticArmPit project is designing the first machine-learning-enabled flexible plastic sensor chip. Its target audience: those who think they might stink. The prototype chip will be manufactured and tested in 2019.

The project is part of a broader effort Arm has been involved in to drive the cost of plastic IoT devices down below US $0.01 so that they can be embedded in all sorts of consumer goods, including disposable ones.

The plastic chip will consist of sensor arrays, a bespoke machine-learning processor, and their interface. All of these will be built on a thin plastic film, although the sensor array is currently made on a separate piece of plastic. A battery and display may be integrated into the device later. The team consists of Arm, which designed the machine-learning circuitry and developed tools that will make it easy for others to produce such designs; PragmatIC, which makes amorphous-oxide-based flexible electronics, NFC, and RFID chips and the systems to build them; the University of Manchester, which developed the plastic gas-sensing technology and a model of human smell perception; and Unilever, which lent its consumer-products expertise and its U.K. odor-testing lab.

The sensor arrays are a collection of field-effect transistors made from organic semiconductors that have been chemically modified. We tune the materials within the device to be responsive to different gaseous analytes, explains Krishna Persaud, who developed them at the University of Manchester along with his colleague Michael Turner. As gases bind to the transistors semiconductor channels, they alter the characteristics of the devices performance.

ARM sensor Image: Arm A sliver of flexible plastic could contain sensor arrays and the machine-learning circuits to interpret their output.

Each device has eight different types of sensors. But theyre n...

17:55

What mid-market security budgets will look like in 2019 Help Net Security

As 2018 draws to a close, IT and security pros around the country will greet the arrival of budget season with a collective sigh. Negotiating for IT budgets at small or mid-market companies is always a challenge and can be especially difficult if youre asking for increased security spending from an executive who doesnt understand the risks of being unprepared for a data breach. However, security budgets are changing rapidly as awareness of security issues More

The post What mid-market security budgets will look like in 2019 appeared first on Help Net Security.

17:45

M&A transactions may be stalling due to GDPR compliance concerns Help Net Security

An increasing number of M&A transactions may be stalling because of concerns over GDPR compliance, according to a survey of EMEA M&A professionals conducted by Merrill Corporation. Overall, the survey highlights the significant role due diligence plays in determining M&A success, while providing insight into the challenges faced by M&A professionals today. The implementation of the GDPR stood out as a major hurdle for mergers and acquisitions, with more than half of respondents (55 percent) More

The post M&A transactions may be stalling due to GDPR compliance concerns appeared first on Help Net Security.

17:30

Cyber attacks ranked as top risk in Europe, North America, East Asia and the Pacific Help Net Security

There are significant differences in risk perceptions across the eight regions covered in the World Economic Forums Regional Risks for Doing Business report. Over 12,000 executives highlighted concerns ranging from economic to political, societal and technological. Unemployment, failure of national governance and energy price shocks were among the top worries of executives across various regions. Cyber attacks are the number one risk in Europe, East Asia and the Pacific and North America. This points to More

The post Cyber attacks ranked as top risk in Europe, North America, East Asia and the Pacific appeared first on Help Net Security.

17:26

Humans Are About to Touch the Deepest Corners of the Ocean for the First Time SoylentNews

Business Insider:

[...] In December, explorer and investor Victor Vescovo, along with scientist Alan Jamieson from Newcastle University, are embarking on a groundbreaking mission more than 6.5 miles under the waves. The two are heading out in a new $48 million dollar submarine system to better map the bottom of the world's five oceans.

They're calling the mission, which will be the first time people travel to the bottom of each of the world's seas, "Five Deeps."

"Our depth of ignorance about the oceans is quite dramatic," Vescovo said as he introduced the mission to an audience in New York. "Four of the oceans have never even had a human being go to their bottom. In fact, we don't even know with great certainty where the bottom of the four are."

First up on the five-dive trip will be the Puerto Rico Trench, the deepest point in the Atlantic Ocean. It's a spot no human has ever explored, and it's so deep that any communications from the submarine will take seven seconds to travel back up.

The team believes it's possible to find a location deeper than the Challenger Deep.


Original Submission

Read more of this story at SoylentNews.

17:15

Narrow gap between CEO, CIO and CISO roles means companies are struggling to secure digital assets Help Net Security

Responsibility for information security is not falling to any one senior executive function, according to the 2018 Risk:Value report from NTT Security, which surveyed 1,800 senior decision makers from non-IT functions in global organisations. Responsibility for day-to-day security At a global level, 22 per cent of respondents believe the CIO is ultimately responsible for managing security, compared to one in five (20 per cent) for the CEO and 19 per cent for the CISO. In More

The post Narrow gap between CEO, CIO and CISO roles means companies are struggling to secure digital assets appeared first on Help Net Security.

17:00

Advent Calendar Tracks The Days Until Christmas Hackaday

Internet-connected Advent calendarWhats a hacker to do when Halloweens over and a new source of ideas is needed for more hacks? Make something for Christmas of course. Thats what [Dario Breitenstein] did when he made his Advent calendar both as a decoration and to help instill some Christmas spirit.

Designed in SketchUp, its a WS2812 LED strip mounted in a clean looking walnut enclosure. The light diffuses through 3D-printed PETG lids with vinyl over them to outline the days. Naturally, it had to be Internet-connected and so an ESP8266 based WEMOS D1 mini board fetches the date and time from an NTP server. Sundays light up in red and Christmas Eve in purple.

This appears to be just the thing hackers like [vk2zay] could use for inspiration during their sort-of-annual Advent Calendar of Circuits wherein a different circuit is made each day leading up to Christmas.

16:22

Scientists predict a dark matter hurricane will collide with the Earth Lifeboat News: The Blog

Yes, heres the story of the dark matter hurricane a cosmic event that may provide our first glimpse of the mysterious, invisible particle.

  • by
  • Jackson Ryan

16:22

We Just Got Closer Than Ever to Unlocking Graphenes Superconducting Powers Lifeboat News: The Blog

Scientists are now closer than ever to being able to use graphene as a superconductor to conduct electricity with zero resistance making it useful for developing energy efficient gadgets, improving medical research, upgrading power grids, and much more besides.

The key to the new approach is heating a silicon carbide (SiC) crystal, itself a superconductor, until the silicon atoms have all evaporated. This leaves two graphene layers on top of each other in a way that, in certain conditions, offers no resistance to electrical current.

A similar dual-layer approach was also successfully used to turn graphene into a superconductor earlier this year. The difference here is the layers dont have to be carefully angled on top of each other, which should make it easier to reproduce at scale.

16:06

Xfce Support For "Primary Display" Output Handling Finally Being Squared Away Phoronix

The latest feature on deck for the long overdue Xfce 4.14 desktop update is support for the RandR primary display/output functionality...

15:57

After Conquering the World, Smartphone Faces Uncertain Future cryptogon.com

The last phone I bought was a heavily discounted Samsung Galaxy Note 4. Its fine. I have no plans to upgrade. Id consider buying a modern flagship-grade phone if it included a 3.5mm headphone jack and an easily removable back and battery. There are no high end phones with easily removable batteries and the 3.5mm []

15:49

BGP Hack Steals Google (at Least for an Hour or so) SoylentNews

The Register reports a hack, speculated to be intentional instead of the usual finger fumble, whereby all of Google's traffic was routed for just over an hour to servers in Russia and China.

The Register story: https://www.theregister.co.uk/2018/11/13/google_russia_routing/.

It quotes this update from Google: https://status.cloud.google.com/incident/cloud-networking/18018#18018002

Excerpt from the update:

The issue with Google Cloud IP addresses being erroneously advertised by internet service providers other than Google has been resolved for all affected users as of 14:35 US/Pacific. Throughout the duration of this issue Google services were operating as expected and we believe the root cause of the issue was external to Google. We will conduct an internal investigation of this issue and make appropriate improvements to our systems to help prevent or minimize future recurrence.

As BGP is "broken by design", i.e. assumes trust where there is no longer any, what is perhaps surprising is that it took so long to happen. Does not augur well.

So much for "the internet always routes around damage". Maybe "always" takes time to happen...

Exercise for the reader: is it possible to circumvent this effectively, and if so, how? Has my paranoia-meter misfired, and there's really nothing to worry about?


Original Submission

Read more of this story at SoylentNews.

14:39

Amazon may announce Tuesday new headquarters in NYC, DC The Hill: Technology Policy

Amazon.com Inc. is reportedly planning to announce on Tuesday its decision to split its second headquarters between two cities, The Wall Street Journal reported Monday.  The company reportedly made the surprise decision to pick two sites New...

14:27

Robots Are Coming for Europes Jobs cryptogon.com

Via: Bloomberg: Robots are coming for peoples jobs in Europe, and the countries in the ex-communist east are particularly vulnerable. With the use of industrial robots rising globally, the average worker in Slovakia the worlds top car producer per capita faces a 62 percent median probability that his or her job will be []

14:22

Quantum leap for mass as science redefines the kilogramme Lifeboat News: The Blog

Sealed in a vault beneath a dukes former pleasure palace among the sycamore-streaked forests west of Paris sits an object the size of an apple that determines the weight of the world.

Forged against a backdrop of scientific and political upheaval following the French Revolution, a single, small cylinder of platinum-iridium alloy has laid largely undisturbed for nearly 130 years as the worlds benchmark for what, precisely, is a kilogramme.

The international prototype of the kilogramme, or Le Grand K as it is tenderly known, is one of sciences most hallowed relics, an analogue against which all other weights are compared and a totem of the metric system that accompanied the epoch of liberty, equality and fraternity.

14:12

The Next Version of HTTP Wont be Using TCP SoylentNews

In its continued efforts to make Web networking faster, Google has been working on an experimental network protocol named QUIC: "Quick UDP Internet Connections." QUIC abandons TCP, instead using its sibling protocol UDP (User Datagram Protocol). UDP is the "opposite" of TCP; it's unreliable (data that is sent from one end may never be received by the other end, and the other end has no way of knowing that something has gone missing), and it is unordered (data sent later can overtake data sent earlier, arriving jumbled up). UDP is, however, very simple, and new protocols are often built on top of UDP.

QUIC reinstates the reliability and ordering that TCP has but without introducing the same number of round trips and latency. For example, if a client is reconnecting to a server, the client can send important encryption data with the very first packet, enabling the server to resurrect the old connection, using the same encryption as previously negotiated, without requiring any additional round trips.


Original Submission

Read more of this story at SoylentNews.

14:00

NFPHosting VPS Reseller Pools 2 VPS @ $19/yr, 4 VPS @ $29/yr & more in LA, NY, and CHI! Low End Box

Nathan from over @ NFP Hosting has just sent in a new offer for us! They are proud to present us with more VPS Reseller plans located in Los Angeles, New York and Chicago! You can find their ToS/Legal Docs here. They accept PayPal, Credit Cards, Alipay, Ethereum and Bitcoin.

More about the company: 

NFPHosting.com was founded in 2006 as an e-commerce hosting provider after seeing the lack of hosts who can deliver quality. Throughout the years of learning the ins and outs of running a hosting company, and seeing the opportunities to expand in the marketplace, NFP Hosting throughout the years added additional services to serve a wider variety of markets. NFP Hosting today offers everything the basic consumer looking to start a website may need, all the way up to the advanced (technical) user looking to set up a cluster of servers. At NFP Hosting, there is no waiting around. Services are instantly provisioned, and 24/7 customer support comes standard with our plans. No compromises. No excuses. Its really as simple as that.

We are the provider for the people. Our motto is: Premium Solutions. Friendly People. Service Delivered. This means always going above and beyond, and going the extra mile. Hence why customers love NFP Hosting. Real results, real performance!

HERES THE OFFERS:

Divide up your resources across multiple VMs, or use it all, its your choice. Deploy in 3 locations on-demand. Screenshots of our Virtualizor reseller panel: here

VPS Reseller #1

  • Create Up To 2 VPS!
  • 2 CPU Cores
  • 60GB Disk Space
  • 2048MB (2GB) RAM
  • 4096MB (4GB) vSwap
  • 3TB Monthly Bandwidth
  • 1000Mbps Network Port
  • 2 IPv4 Addresses
  • Chicago, Los Angeles and NY
  • Virtualizor Reseller Panel
  • $19/year
  • [ORDER]

VPS Reseller #2

  • Create Up To 4 VPS!
  • 4 CPU Cores
  • 120GB Disk Space
  • 4096MB (4GB) RAM
  • 8192MB (8GB) vSwap
  • 5TB Monthly Bandwidth
  • 1000Mbps Network Port
  • 4 IPv4 Addresses
  • Chicago, Los Angeles and NY
  • Virtualizor Reseller Panel
  • $29/year
  • [ORDER]
...

14:00

Hacked Heating Instruments for the DIY Biology Lab Hackaday

[Justin] from The Thought Emporium takes on a common molecular biology problem with these homebrew heating instruments for the DIY biology lab.

The action at the molecular biology bench boils down to a few simple tasks: suck stuff, spit stuff, cool stuff, and heat stuff. Pipettes take care of the sucking and spitting, while ice buckets and refrigerators do the cooling. The heating, however, can be problematic; vessels of various sizes need to be accommodated at different, carefully controlled temperatures. Its not uncommon to see dozens of different incubators, heat blocks, heat plates, and even walk-in environmental chambers in the typical lab, all acquired and maintained at great cost. Its enough to discourage any would-be biohacker from starting a lab.

[Justin] knew It doesnt need to be that way, though. So he tackled two common devices:  the incubator and the heating block. The build used as many off-the-shelf components as possible, keeping costs down. The incubator is dead simple: an insulated plastic picnic cooler with a thermostatically controlled reptile heating pad. That proves to be more than serviceable up to 40, at the high end of what most yeast and bacterial cultures require.

The heat block, used to heat small plastic reaction vessels called Eppendorf tubes, was a little more complicated to construct. Scrap heat sinks yielded aluminum stock, which despite going through a bit of a machinists nightmare on the drill press came out surprisingly nice. Heat for the block is provided by a commercial Peltier module and controller; it looks good up to 42, a common temperature for heat-shocking yeast and tricking them into taking up foreign DNA.

Were impressed with how cheaply [Justin] was able to throw together these instruments, and were looking forward to seeing how he utilizes them. Hes already biohacked himself, so seeing what happens to yeast and bacteria in his DIY lab should be interesting.

13:55

U.S. Army Personnel to Compete in eSports to Boost Recruitment cryptogon.com

In other news: Too Fat to Fight: Military Threatened by Childhood Obesity. Via: Stars and Stripes: The Army is putting together a team of video gamers from within its ranks to try to reach young Americans in the digital worlds where they spend much of their time. More than 15 years after launching Americas Army, []

13:16

Florida Airport Shut Down Over Suspicious Package That Ended Up Being Provisional Ballots? cryptogon.com

Via: TownHall: Late Sunday evening the Ft. Lauderdale Airport was shut down due to a suspicious package left outside of one of the terminals. Reports are coming in that an Avis rental car employee discovered provisional ballot boxes left in the back of a rental car that had just been returned by a Broward County []

12:36

Librem 5 Development Kits: We are Getting There SoylentNews

A few weeks ago we published an update about the forthcoming [release] of our Librem 5 development kits when we ran into some issues which caused delays. Today were bringing you another update on the hardware fabrication process, as well as some pictures and a video. At the same time as the last update got posted, I was on my way to California, where we are fabricating our development kit and base boards (we are bringing everything to life there, and shipping from that same facility).

The story of fabricating the entire devkit hardware from the ground-up included crossing paths with a couple of storms:

- Hurricane Florence caused some shipping delays for component parts, and one of our packages also got lost in Memphismaybe it enjoyed the music and drinks a bit too much? We dont know because we never heard back from it again. So we had to procure additional parts.

- The typhoon in south east China caused a week of factory shutdowns, which included our PCB design prototypes!

- Almost right after that was a Chinese holiday, the Golden Week, which is in practice a two week holiday. Luckily we could expedite the PCBs at a fab in Los Angeles and courier ship to us!

All in all, we had a setback of about three weeks before we were able to make the first prototypes of the boards.

[...]

All parts for the final production of the dev kits are procured and still waiting in the magazines on the machines to be placed on the final boards. The kernel team is making amazing progress on mainline Linux 4.18+, we are in intense communication with other Linux i.MX 8M mainlining partners. The kernel, the GPU drivers and MESA will see quite some i.MX 8M patches from usand yes, upstream first was and is our motto, everything we do is and will be pushed upstream!

After all this, I am reluctant to give a new timeline for shipping the dev kits

https://puri.sm/posts/librem5-2018-11-hardware-report/


Original Submission

Read more of this story at SoylentNews.

11:30

Team UPC, Fronting for Patent Trolls From the US, is Calling Facts Resistance Techrights

Tilman Mller-Stoy
Image source

Summary: The tactics of Team UPC have gotten so tastelessly bad and its motivation so shallow (extortion in Europe) that one begins to wonder why these people are willing to tarnish everything thats left of their reputation

THE European Patent Office (EPO) is granting patents of laughable quality; in order for these patents to be worth a euro (or a cent) it will need equally laughable courts, headed by someone corrupt like Battistelli. Will that ever materialise? No. Its unlikely. But Team UPC never gives up.

Team UPC/Bird & Birds Sally Shorthose has just published two articles [1, 2] about Brexit. Both mention the UPC, as one might expect (the usual spiel). Honest? No. Polite? Yes.

More radical or outspoken elements of Team UPC have been smearing people who speak for Europes interests rather than the lawyers interests. Team UPC nowadays attacks the Max Planck Institute anonymously and also attacks the complainant anonymously. Team UPC then wonders why the complaint was filed anonymously? The study from the Max Planck Institute did not resort to name-calling, but Team UPCs language upsets even a pro-UPC person, who wrote: Prof. Tilmann has published a rebuttal to Lamping/Ullrich (The Impact of Brexit on Unitary Patent Protection and its Court), see GRUR Int. 2018, 1094. Irre...

11:12

WordPress GDPR Compliance plugin hacked to spread backdoor HackRead

By Waqas

Update your GDPR Compliance plugin right now. Security researchers have identified a critical vulnerability in the popular WP GDPR Compliance plugin assisting over 100,000 website owners around the world to comply with European privacy regulations known as GDPR that was announced by European Union on May 25th, 2018. The vulnerability was discovered by researchers at Wordfence which allows hackers to []

This is a post from HackRead.com Read the original post: WordPress GDPR Compliance plugin hacked to spread backdoor

11:06

Hillicon Valley: Social media struggles with new forms of misinformation | US, Russia decline to join pledge on fighting cybercrimes | Trump hits Comcast after antitrust complaint | Zuckerberg pressed to testify before global panel The Hill: Technology Policy

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen...

11:00

Arduino Provides Hands-Free Focus for Digital Inspection Scope Hackaday

With surface-mount technology pushing the size of components ever smaller, even the most eagle-eyed among us needs some kind of optical assistance to do PCB work. Lots of microscopes have digital cameras too, which can be a big help unless the camera fights you.

Faced with a camera whose idea of autofocus targets on didnt quite coincide with his, [Scott M. Baker] took matters into his own hands foot, actually by replacing mouse inputs to the camera with an outboard controller. His particular cameras autofocus can be turned off, but only via mouse clicks on the cameras GUI. Thats disruptive while soldering, so [Scott] used an Arduino Pro Micro and a small keypad to mimic the mouse movements needed to control the camera.

At the press of a key, the Arduino forces the mouse cursor up to the top left corner of the screen, pulls down the camera menu, and steps down the proper distance to toggle autofocus. The controller can also run the manual focus in and out or to take a screenshot. Theres even a footswitch that forces the camera to refocus if the field of view changes. It looks really handy, and as usual [Scott] provides a great walkthrough in the video below.

Like it or not, if shrinking technology doesnt force you into the microscope market, entropy will. If youre looking for a buyers guide to microscopes, you could do worse than [Shahriar]s roundup of digital USB scopes. Or perhaps youd prefer to dumpster dive for yours.

11:00

HPR2682: (NOT) All About Blender Hacker Public Radio

The first part of what began a serious attempt to sit down and discuss Blender, a free and open-source piece of awesome, that slowly (rapidly) devolved into a meandering discussion. Mostly about video games. http://openmw.org/en/ https://www.blender.org/ https://www.blender.org/support/tutorials/ https://danielpocock.com/quick-start-blender-video-editing https://m.youtube.com/user/BlenderFoundation https://m.youtube.com/watch?v=_lGfeS050Xw http://zombiemud.org/ BloodPong https://www.youtube.com/watch?v=GHrg48sa4ZA https://www.youtube.com/watch?v=vqZQFbKxkxg https://www.youtube.com/watch?v=VCYrErmTIjA

10:59

10:59

Excessive Posting of Selfies is Associated with Increase in Narcissism SoylentNews

Science Daily:

A new study has established that excessive use of social media, in particular the posting of images and selfies, is associated with a subsequent increase in narcissism.
...
They also assessed the participants' usage of social media -- including Twitter, Facebook, Instagram and Snapchat -- during that same period.

Narcissism is a personality characteristic that can involve grandiose exhibitionism, beliefs relating to entitlement, and exploiting others.

Those who used social media excessively, through visual postings, displayed an average 25% increase in such narcissistic traits over the four months of the study.

This increase took many of these participants above the clinical cut-off for Narcissistic Personality Disorder, according to the measurement scale used.

TLDR: Social media encourages narcissism.


Original Submission

Read more of this story at SoylentNews.

10:47

The Federal Circuit Bar Association (FCBA) Will Spread the Berkheimer Lie While Legal Certainty Associated With Patents Remains Low and Few Lawsuits Filed Techrights

Recent: Number of US Patent Lawsuits Was More Than 50% Higher Half a Decade Ago

Summary: New figures regarding patent litigation in the United States (number of lawsuits) show a decrease by about a tenth in just one year; theres still no sign of software patents making any kind of return/rebound in the United States, contrary to lies told by the litigation industry (those who profit from frivolous lawsuits/threats)

THE U.S. Patent and Trademark Office (USPTO) can grant all the patents it wants; that still does not mean that such patents are necessarily enforceable.

Meanwhile, the European Patent Office (EPO) keeps promoting software patents in Europe a matter that escalated under Antnio Campinos and a subject we shall cover tomorrow.

Things will only exacerbate if Iancu (of the litigation industry) further reduces the standards of examination and squashes Patent Trial and Appeal Board (PTAB) inter partes reviews (IPRs) little by little.The more these patent offices diverge/deviate from courts, the worse the presumption of validity will get. They voluntarily reduce the legal certainty associated with their patents (US patents and European Patents).

Earlier today Patent Docs published this ad for FCBA (intentionally misleading name), which is pushing the Berkheimer lie. This was then boosted by Janal Kalis and said:

The Federal Circuit Bar Association (FCBA) Patent Litigation Committee will be offering a webcast entitled Litigating 101 Issues After Berkheimer on November 14, 2018 from 3:00 pm to 4:30 pm...

10:01

[$] C library system-call wrappers, or the lack thereof LWN.net

User-space developers may be accustomed to thinking of system calls as direct calls into the kernel. Indeed, the first edition of The C Programming Language described read() and write() as "a direct entry into the operating system". In truth, user-level "system calls" are just functions in the C library like any other. But what happens when the developers of the C library refuse to provide access to system calls they don't like? The result is an ongoing conflict that has recently flared up again; it shows some of the difficulties that can arise when the system as a whole has no ultimate designer and the developers are not talking to each other.

09:22

Russia Suspected of Jamming GPS Signal in Finland SoylentNews

BBC:

Finnish Prime Minister Juha Sipila has said the GPS signal in his country's northern airspace was disrupted during recent Nato war games in Scandinavia.

He said he believed the signal had been jammed deliberately and that it was possible Russia was to blame because it had the means to do so.

Finland is not a Nato member but joined the war games which began last month.

Norway also reported GPS problems during the exercises near Russia's north-western borders.
...
The Finnish region of Lapland and northern parts of Norway close to the Russian border were affected, with the Norwegian regional airline Widere confirming its pilots had experienced GPS disruption, Germany's DW news site reports.

However, the airline pointed out that pilots aboard civilian aircraft had other options when a GPS signal failed.

Finland has called "shenanigans" on Russia.


Original Submission

Read more of this story at SoylentNews.

09:02

November DSLWP-B images of the Moon and Earth Daniel Estvez

In previous posts, I have already spoken about the chance of DSLWP-B taking images of the Moon and Earth during the beginning of November. The window to take these images was between November 6 and 9. This window included the possibility of taking an Earthrise image, with the Earth appearing from behind the Moon.

The planning for the activations of the Amateur payload made by Wei Mingchuan BG2BHC was as follows.

7 Nov 2018 08:13 to 7 Nov 2018 10:13
8 Nov 2018 09:40 to 8 Nov 2018 11:40
9 Nov 2018 12:00 to 9 Nov 2018 14:00
10 Nov 2018 14:00 to 10 Nov 2018 16:00
11 Nov 2018 13:30 to 11 Nov 2018 15:30

On November 7, from 8:13 to 9:33 UTC, a total of 9 images with 10 minutes of spacing between each would be taken. These images would be downloaded during the activations on the next days. As usual, an image would also be taken when the Amateur payload powered up on November 8 to 11, but the main focus was on downloading the sequence of images taken on November 7. This is a complete report of the images taken and downloaded.

According to the telemetry, the SSDV ID of the images taken on November 7 was 133 to 141. This corresponds to IDs 5 to 13 in the camera buffer of 16 images (actually, the ID in the camera buffer can be obtained by reducing the SSDV ID modulo 16).

The stations and people collaborating in these activities have been the Dwingeloo radiotelescope PI9CAM, in charge of receiving the SSDV images on the 70cm Amateur band; Reinhard Khn DKL5A, who has been providing telecommand using his large 2m Moonbounce station; Wei Mingchuan, who planned and coordinated the activities; and myself, coordinating the activities over the weekend, when Wei was not available. The people in charge of operating the radiotelescope have been Tammo Jan Dijkema, Cees Bassa, Paul Boven PE1NUT, and Auke Klazema (I hope not to forget anyone).

On November 7, after the series of 9 images was taken, the last of them was downloaded. The exposition in this image was very good. As usual, some small chunks were lost, probably due to jumps in the onboard TCXO on DSLWP-B.

Update 2018-11-13: Tammo Jan tells me that most of the lost chunks in the image below are due to problems with the clock of the USRP B210 used to received the signal in Dwingeloo. The lost chunks in the other days are due to the DSLWP-B TCXO, however.

...

08:48

Mesa Drops Support For AMD Zen L3 Thread Pinning, Will Develop New Approach Phoronix

It was just a few months back that the Mesa/RadeonSI open-source AMD Linux driver stack received Zen tuning for that CPU microarchitecture's characteristics. But now AMD's Marek Olk is going back to the drawing board to work on a new approach for Zen tuning...

08:37

Hacking the hackers IOT botnet author adds his own backdoor on top of a ZTE router backdoor Security Affairs

The author of an IoT botnet is distributing a backdoor script for ZTE routers that also includes his own backdoor to hack script kiddies

A weaponized IoT exploit script is being used by script kiddies, making use of a vendor backdoor account to hack the ZTE routers. Ironically, this is not the only backdoor in the script. Scarface, the propagator of this code has also deployed his custom backdoor to hack any script kiddie who will be using the script.

With top names in IOT (Paras/Nexus/Wicked) being inactive, Scarface/Faraday is presently a go to name for script kiddies for buying IoT botnet code as well as weaponized exploits. While Scarface mostly has a good credibility, we observed that he has released a weaponized ZTE ZXV10 H108L Router known vulnerability with a backdoor which compromises the system of the script kiddie when they run it.

The vulnerability is a known one and involves the usage of a backdoor account in ZTE Router for login followed a command injection in manager_dev_ping_t.gch. The code by Scarface targets devices on a different port, 8083 though( justifying why our NewSky honeypots are seeing a surge of this vulnerability usage on port 8083 instead of the standard 80/8080 ports). It is, however, not the only difference.

IoT botnet

In the leaked code snippet, we see login_payload for the backdoor usage and command_payload for the command injection. However, there is one more variable, auth_payload, which contains Scarfaces backdoor, encoded in base64.

This backdoor code is executed sneakily via exec, separately from the three steps of the actual vulnerability (using the vendor backdoor, command injection and log out) which are shown in the image below:

...

08:00

Fail of the Week: Leaf Blowers Cant Fly Hackaday

Leaf blowers, the main instrument of the suburban Saturday symphony, are one of the most useful nuisances. It doesnt take much work with a rake to convince even the most noise-averse homeowner to head to the Big Box Store to pick one up to speed lawn chores. Once you do buy one, and feel the thrust produced by these handheld banshees, you might wonder, If I let go of this thing, would it fly? 

What can we learn from all this? Not much other than it would take a lot of effort to make a leaf blower fly. We appreciate all of [Peter]s hard work here, but we think hes better off concentrating on his beautiful homebrew ultralight instead.

[baldpower] tipped us off to this one.

07:37

Nintendo Wins $12 Million From Pirate ROM Site Operators TorrentFreak

This summer, Nintendo made it totally clear that websites offering access to its retro-games and ROMs will not be tolerated.

The Japanese game developer filed a complaint at a federal court in Arizona, accusing LoveROMS.com and LoveRETRO.co of massive copyright and trademark infringement.

Faced with millions of dollars in potential damages, the operator of the sites, Jacob Mathias, swiftly took the platforms offline. The legal action also led to the shutdown several other ROM sites, who feared they could be next.

It quickly became clear that the Mathias and his wife, who was later added to the complaint, were not looking forward to a drawn-out legal battle. Instead, they engaged in settlement discussions with Nintendo, hoping to resolve the matter without too much bloodshed.

Today we can report that both sides have indeed reached a deal. They agreed to a consent judgment and a permanent injunction that will resolve all outstanding disputes.

Paperwork obtained by TorrentFreak shows that Mathias and his wife admit that their involvement with the websites constituted direct and indirect copyright and trademark infringement, which caused Nintendo irreparable injury.

However, on paper, the married couple wont be getting off cheaply. On the contrary, they actually agreed to a judgment that exceeds $12 million.

Plaintiff is hereby awarded judgment against all Defendants, jointly and severally, in the amount of $12,230,000, the proposed language reads.

Unsigned final judgment

It seems unlikely that the couple has this kind of money in the bank, or that a jury would have reached a similar figure. So why the high amount?

We can only speculate but its possible that Nintendo negotiated such a high number, on paper, to act as a deterrent for other site operators. In practice, the defendants could end up paying much less.

It wouldnt be the first time that a judgment in court is more than what the parties agreed to privately. This happened before in the MPAAs lawsuit against Hotfile, where a $80 million judgment in court translated to $4 million behind the scenes settlement.

In addition to the monetary judgment, both parties also agreed on a permanent injunction. This will prevent the couple from infringing Nintendos copyrights going forward.

They further have to hand over all Ni...

07:36

ARMv8.5 Support Lands In GCC Compiler With Latest Spectre Protection Phoronix

Landing just in time with the GCC 9 branching being imminent is ARMv8.5-A support in the GNU Compiler Collection's ARM64/AArch64 back-end...

07:15

Legendary Marvel Comics Writer-Editor Stan Lee Has Died at Age 95 SoylentNews

Reports are coming in from all across the web that Marvel Comics icon Stan Lee has died:

Stan Leethe Marvel Comics legend responsible for cultural icons from Spider-Man and Iron Man to X-Men and Black Pantherhas died according to multiple reports from places like TMZ and The Hollywood Reporter [(THR)].

THR spoke with a source that said Lee died early Monday morning at Cedars-Sinai Medical Center in Los Angeles. TMZ spoke to Lee's daughter, J.C., who said an ambulance rushed to Lee's Hollywood Hills home early Monday morning to take him to Cedars-Sinai. That outlet noted Lee had suffered several illnesses over the last year or so, including dealing with pneumonia. Lee was 95 years old.

[...] Indisputably, Lee's decades-spanning career has spawned some of the most beloved pop culture characters and franchises of all time. He began working on comics as an assistant at Timely Comics in 1939; that entity would eventually morph into Marvel Comics in the 1960s. Alongside other eventual giants of the industry like Jack Kirby and Steve Ditko, Lee helped create seemingly every adored comic hero this side of Batman, Superman, and Wonder Woman: in addition to the credits above, Lee had a hand in the Hulk, Doctor Strange, the Fantastic Four, Daredevil, and characters like Ant-Man and Thor.

Also at: Hollywood Reporter, The Daily Beast, c|net, ComicBook.com, and NPR.


Original Submission   Alternate Submission

Read more of this story at SoylentNews.

06:30

Lego Tardis Spins Through the Void Hackaday

Using LEGO Technic gears and rods seems like a great way of bringing animation to your regular LEGO creation. Using gears and crank shafts you can animate models from your favorite TV show or movie like LEGO kinetic sculpture maker, [Josh DaVid] has done when he created a spinning TARDIS.  Crank the handle and the sculpture spins through space and time.

The large gear stays in place. The hidden gears, turned by the crank, rotate a shaft from below that goes through the large gear making the TARDIS rotate around the main axis. Connected to the TARDIS model is a smaller gear, at an angle, that meshes with the larger, stationary, gear. This smaller gear is what causes the TARDIS to rotate around its own axis while the whole thing rotates around the main axis. If your hand gets too tired, you can substitute a LEGO motor.

Its a neat effect, and you can get the plans [Josh]s Etsy page. The best part, however, is that you can get a set with all the parts as well! The TARDIS is a popular item here and weve had plenty of projects with it as the focus: Everything from a tree topper to sub-woofers. The only question we have, of course, is, Is it bigger on the inside?

 

06:00

Undoing Aging 2019 will be held March 28-30 in Berlin, Germany. Lifeboat News

Undoing Aging 2019 will be held March 28-30 in Berlin, Germany. Our Judith Campisi, Aubrey de Grey, and Michael Greve will be speaking/participating. Undoing Aging 2019 is not only open to the scientific community but also welcomes all interested members of the broader rejuvenation movement. The conference will feature a student poster session showing the work of innovative undergraduate and graduate students in the field of damage repair. Learn more!

05:53

Six Things IEEE Members Should Know About Group Term Life Insurance IEEE Spectrum Recent Content full text

Term life affordably protects your loved ones, especially during your high earning years and the high spending inherent in raising a family

As a technology professional, youre astute and pay close attention to detail. Chances are that this attention to detail has extended to taking steps to ensure that your loved ones are financially prepared should the unimaginable happen. Often, you are provided with life insurance as a part of your employment package. However, term life affordably protects your loved ones, especially during your high earning years and the high spending inherent in raising a family. Here are six things you should know about term life insurance, including how it now may be faster and easier to access.

Group Term Life Insurance What It Is

Group term life insurance guarantees the payment of the amount of coverage upon the death of the insured, during a specified term. When the term expires, the policy can be renewed until age 99, or allowed to expire. Typically, term life insurance is purchased to cover major expenses immediately and provide high coverage while being affordable enough to budget easily.

Mercer

Figure 1: A family of four in the Silicon Valley area of California would require a minimum of approximately $130K annually just to meet basic needs.

The Staggering Realities Why Term Life is Important

Term life insurance helps to protect your growing family when it would be very difficult for all of the expenses to be covered by your spouse without causing major upheaval. According to the Economic Policy Institute, as of March 2018, a two-parent, two-child family in the San Jose/Sunnyvale/Santa Clara metro area costs $10,758 per month ($129,092 per year) to secure a modest yet adequate standard of living. This does not include higher education, family vacations and much in the way of entertainment.

Given the higher incomes earned by many IEEE members, the $130,000 estimate is very modest.

How Term Life Fits

Term life insurance helps provide a safety net that can be used for many reasons beyond your childrens education. It pays off your mortgage so that your family can remain in the same house and neighborhood. It provides an emergency fund, giving your spouse time to adjust and to continue on with his or her career. It also provides for the long-term future of your spouse, providing retirement funds that would be less, given that you would no longer be there to contribute. It may also be used to pay for a daughters wedding, credit card debt, student loans and more.

Im Too Busy for a Medical Exam

Too busy? Then you may be in lu...

05:42

UK companies microchip employees, sparking fears from unions Lifeboat News: The Blog

Microchips could be implanted into employees of UK firms to track worker efficiencies.

Business.

05:42

Physicists wrangled electrons into a quantum fractal Lifeboat News: The Blog

The tiny, repeating structure could reveal weird behavior of electrons in fractional dimensions.

05:42

You are not alone; social media giant Facebook is down HackRead

By Carolina

You are not alone; the social media giant Facebook is down in many countries around the world for almost a half an hour starting from 6 pm (UK time). In some cases, Facebooks site and application both are suffering an outage. The reason for this outage is currently unknown and there has been no statement []

This is a post from HackRead.com Read the original post: You are not alone; social media giant Facebook is down

05:42

Trump turns attention to Comcast over alleged antitrust violations The Hill: Technology Policy

President Trump on Monday lashed out at Comcast after a group representing small cable providers asked the Department of Justice to investigate the company over antitrust concerns. "American Cable Association has big problems with Comcast. They...

05:38

Impact of the Midterm Elections May be Felt at NASA SoylentNews

The outcomes of several races in the 2018 midterm elections may have an impact on the Europa Clipper mission, as well as other NASA priorities:

Perhaps the most significant loss occurred in Texas's Seventh Congressional District, home to thousands of the employees at the Johnson Space Center in Houston. A political newcomer, Lizzie Pannill Fletcher, defeated the incumbent John Culberson, who has served in the House since 2001. Culberson, an attorney, doesn't have a science background. But he grew up in the 1960s building telescopes, toying with model rockets, and reading popular science magazines. For the past four years, Culberson has pushed his colleagues in the House and the Senate to steadily grow nasa's budget, for projects including its climate-science programswhich may come as a surprise, given the congressman's party line on climate change.

Culberson has fiercely supported one mission in particular: a journey to one of Jupiter's moons, the icy Europa. As chair of the House Subcommittee on Commerce, Justice, and Science, Culberson more than doubled the amount of money the space agency requested from Congress for an orbiter around Europa, from $265 million to $545 million. He also threw in $195 million to support a lander to the moon, which nasa hadn't even planned for, but would of course accept. Scientists suspect that Europa's frozen crust covers a liquid ocean that may sustain microbial life. Culberson was intent on sending something there to find it. "This will be tremendously expensive, but worth every penny," he said last year, during a visit to nasa's Jet Propulsion Laboratory to check its progress.

With Culberson out of the House, the funding portfolio for the Europa mission could change. "I don't see any obvious members of Congress, Republican or Democratic, who'd be taking up that mantle of leading the Europa efforts, so I imagine that those are likely to start to wane," said Casey Dreier, a senior space-policy adviser at the Planetary Society, a nonprofit space-advocacy group.

Dreier said the development of the Europa orbiter, known as Clipper, will certainly continue. Since nasa formally approved the mission in 2015, engineers and scientists have made...

05:27

Facebook goes down for some users The Hill: Technology Policy

Some Facebook users on Monday have been unable to access the site.Users who cannot logon are receiving the following error message: "Sorry, something went wrong. We're working on it and we'll get it fixed as soon as we can."Downdetector, a site that...

05:17

Startup Lanetix Pays US $775,000 to Software Engineers Fired for Union Organizing IEEE Spectrum Recent Content full text

Will this unionization effort remain a one-off? Or stir up a movement among software engineers?

Quick, by show of virtual handshow many engineers reading this belong to a union?

If that question got many yes answers, Id be surprised (if you put your hand up, please comment below). And if many of those positive responses were software engineers, Id be stunned. Unionizing efforts among engineers are the real unicornsfar rarer than the kinds of unicorns the tech industry likes to promote.

But back in January, an effort to unionize software engineers made the news when Lanetix, a company that creates cloud-based tools for the shipping and transportation industry, fired 14 engineers shortly after they petitioned to be represented by the Communications Workers of America (CWA). The CWA then filed charges with the U.S. National Labor Relations Board (NLRB), indicating that the firing of the 14and one earlier terminationwas clearly in retaliation for union organizing activity (Lanetix had stated that it was a layoff due to the companys poor fourth quarter and said the jobs were going to be outsourced). The firings reportedly were the culmination of months of effort by the company to disrupt the union organizing effort.

In late August, the agency took up the case, filing a complaint [PDF] against Lanetix and asking for a court to require that the fired engineers be reinstated with back pay. According to the NLRB complaint, threats against the engineers started last November, when company officials told employees that they were aware that employees were participating in an external Slack organization, discussing wages, hours, and working conditions and threatened reprisals if the discussions continued. The complaint also indicated that, after the January firings, remaining employees were told that the terminations were due to union activity.

Last week, with hearings on the case about to begin in Washington, D.C., Lanetix settled, agreeing to paid the 15 former workers a total of US $775,000. Thats not an insignificant amount of money for the startup; according to Crunchbase, Lanetixs funding to date totals $9.2 million.

In a statement, former Lanetix developer Sahil Talwar called the set...

05:01

Sprite_TMs Magic Paintbrush Hackaday

When it comes to hackers we love, theres no better example than Jeroen Domburg, a.k.a. Sprite_TM. Sprites now working for Espressif, makers of the fantastic ESP8266 and ESP32, where he created a miniature Game Boy and turned this PocketSprite into a real product. Hes installed Linux on a hard drive, and created a Matrix of virtualized Tamagotchis. In short, if youre looking for someone whos building the coolest, most technical thing of sometimes questionable utility, you need look no further than Sprite_tm.

Sprite was back at this years Superconference, and again hes bringing out the big guns with awesome hardware hacks. This time, though, Sprite is tapping into his artistic side. Sprite is very accomplished in making PCB art and DaveCAD drawings, but actual art is something thats been out of reach. No problem, because you can just buy an inkjet printer and make your own art. Sprites doing something different, and hes turning his inkjet into a Magic Paintbrush.

...

04:48

Feral Announces Linux System Requirements For Vulkan-Powered Total War: WARHAMMER II Phoronix

With Feral Interactive preparing to release Total War: WARHAMMER II for Linux and macOS later this month, today they announced the system requirements for this latest native game port...

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog