IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Friday, 17 August

14:02

The One About a Russian Satellite Raising Alarm with U.S. cryptogon.com

Just a few stories for context about this Russian satellite situation: Mystery Russian Satellites Behaviour Raises Alarm in U.S.: A mysterious Russian satellite displaying very abnormal behaviour has raised alarm in the US, according to a State Department official. We dont know for certain what it is and there is no way to verify it, []

13:49

Children Are Susceptible to Peer Pressure From Robots SoylentNews

Submitted via IRC for Fnord666

[...] In a study published today in the journal Science Robotics, researchers from Germany and the UK demonstrated that children are susceptible to peer pressure from robots. The findings, say the researchers, show that, as robots and AIs become integrated into social spaces, we need to be careful about the influence they wield, especially on the young.

The paper's authors ask, "For example, if robots recommend products, services, or preferences, will compliance [...] be higher than with more traditional advertising methods?" They note that robots are being introduced to plenty of other domains where social influence could be important, including health care, education, and security.

[...] Although it's the susceptibility of the children that leaps out in this experiment, the fact that the adults were not swayed by the bots is also significant. That's because it goes against an established theory in sociology known as "computer are social actors," or CASA. This theory, which was first outlined in a 1996 book, states that humans tend to interact with computers as if they were fellow humans. The results of this study show that there are limits to this theory, although Belpaeme says he and his colleagues were not surprised by this.

Source: https://www.theverge.com/2018/8/15/17688120/social-influence-robots-ai-peer-pressure-children


Original Submission

Read more of this story at SoylentNews.

13:27

Inflation: Venezuela Will Cut Five Zeros from Currency cryptogon.com

Ah yes, ye ole Zimbucks solution: Via: WRAL: Faced with nearly incomprehensible inflation 32,714 percent as of Wednesday Venezuelan officials thought they had a solution: They changed the color of the bank notes and increased their denomination. Then they said they would lop off three zeros. And when that didnt seem enough, they []

12:30

[SECURITY] [DSA 4275-1] keystone security update Bugtraq

Posted by Moritz Muehlenhoff on Aug 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-4275-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 16, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : keystone
CVE ID : CVE-2018-14432
Debian Bug :...

12:27

[SECURITY] [DSA 4274-1] xen security update Bugtraq

Posted by Moritz Muehlenhoff on Aug 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-4274-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 16, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : xen
CVE ID : CVE-2018-3620 CVE-2018-3646

This...

12:24

[SECURITY] [DSA 4273-1] intel-microcode security update Bugtraq

Posted by Moritz Muehlenhoff on Aug 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-4273-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 16, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : intel-microcode
CVE ID : CVE-2018-3639...

12:21

SEC Consult SA-20180813-0 :: SQL Injection, XSS & CSRF vulnerabilities in Pimcore Bugtraq

Posted by SEC Consult Vulnerability Lab on Aug 16

SEC Consult Vulnerability Lab Security Advisory < 20180813-0 >
=======================================================================
title: SQL Injection, XSS & CSRF vulnerabilities
product: Pimcore
vulnerable version: 5.2.3 and below
fixed version: 5.3.0
CVE number: CVE-2018-14057, CVE-2018-14058, CVE-2018-14059
impact: High
homepage: https://pimcore.com/en...

12:11

MIT Scientists Crack the Case of Breaking Spaghetti in Two SoylentNews

Submitted via IRC for Fnord666

Pasta purists insist on plonking dry spaghetti into the boiling pot whole, but should you rebel against convention and try to break the strands in half, you'll probably end up with a mess of scattered pieces.

[...] It wasn't until 2006 that a pair of French physicists successfully explained the dynamics at work and solved the mystery. They found that, counterintuitively, a spaghetti strand produces a "kick back" traveling wave as it breaks. This wave temporarily increases the curvature in other sections, leading to many more breaks.

[...] This isn't just fun and games for the sake of idle curiosity (not that there's anything wrong with that). A collaboration between Audoly and Columbia University computer scientist Eitan Grinspun led to developing an Adobe paint brush that bends and moves, introduced in Adobe Illustrator 5 and Adobe Paint Brush 5. The MIT scientists say their new work could be used to better understand how cracks form and spread in similarly structured materials and brittle structuresbridge spans, for instance, or human bones. The secret could lie in the pasta.

Source: MIT scientists crack the case of breaking spaghetti in two


Original Submission

Read more of this story at SoylentNews.

12:00

Digital Dining With Charged Chopsticks Hackaday

Eating Cheetos with chopsticks is a famous lifehack but eating unsalted popcorn could join the list if these chopsticks take hold and people want to reduce their blood pressure. Salt is a flavor enhancer, so in a way, this approach can supplement any savory dish.

Smelling is another popular machine hack in the kitchen, and naturally, touch is popular beyond phone screens. You have probably heard some good audio hacks here, and we are always seeing fascination stuff with video.

11:41

[$] The first half of the 4.19 merge window LWN.net

As of this writing, Linus Torvalds has pulled just over 7,600 non-merge changesets into the mainline repository for the 4.19 development cycle. 4.19 thus seems to be off to a faster-than-usual start, perhaps because the one-week delay in the opening of the merge window gave subsystem maintainers a bit more time to get ready. There is, as usual, a lot of interesting new code finding its way into the kernel, along with the usual stream of fixes and cleanups.

11:35

Google acknowledges it tracks users even with location setting disabled The Hill: Technology Policy

Google has revised descriptions on its website to clarify that it continues to track users' whereabouts even after they have turned off their location settings.The move came after an Associated Press investigation earlier this week found...

10:57

On Status of KKLT Not Even Wrong

(Warning, this is just more about the topic of the last posting, which for most people will be a good reason to stop reading now. On the other hand, if youre obsessed with the controversy over string theory, you might find this interesting).

I finally got around to watching some more of the Simons Center Workshop on the Swampland talks, and noticed a remarkable exchange at the end of Thomas Van Riets talk On Status of KKLT (starting at 1:30). The first commenter (a German, Arthur Hebecker?) starts off saying I think you are doing something that is very dangerous, with the danger being that KKLT will get thrown out and people will think that it is a theorem that string theory has no dS vacua. He is interrupted by Vafa who tells him that your statement is defamatory, lets calm down. The German goes on to explain to Vafa the significance of the danger he is concerned about:

Maybe for you in the US its fine at Harvard, for me it will be a pain because people will turn against me. The little standing that string theory and new physics at all has in Germany will be harmed by a backlash on us that we have been talking nonsense all the time, which is not true.

Van Riet after a while interjects that there is an even worse danger:

The opposite happened and actually back-reacted very badly. We had the books by Woit and Smolin and it was based on the existence of the multiverse as a correct statement, right? And thats when the criticism of string theory took off, right?

Someone else in the audience (Iosif Bena?) comes in on the Vafa/Van Riet side of the argument, criticizing multiverse mania:

I think the main problem was that at the beginning people in the KKLT camp, they came up with, OK string theory has the multiverse, were not going to do physics anymore, the anthropic principle They came up with all these ideas that hurt string theory much much worse, at least in Europe, at least in my part of Europe. And you know, essentially hurt us heavily Then there were these books by Woit and Smolin that were very popular

Its remarkable to see publicly acknowledged by string theorists just how damaging to their subject multiverse mania has been, and rather bizarre to see that they attribute the problem to my book and Lee Smolins. The source of the damage is actually different books, the ones promoting the multiverse, for example this one. A large group of prominent theorists, especially many from the West Coast, including the group at Stanford and the late Joe Polchinski at Santa Barbara, used the existence...

10:53

spice CVE-2018-10873: post-auth crash or potential heap corruption when demarshalling Open Source Security

Posted by Doran Moppert on Aug 16

Frediano Ziglio reported a missing check in the code generated by
spice-common/python_modules/demarshal.py, which could be exploited to
cause integer overflow leading to a crash and/or heap OOB read/writes.

The generated code is used in both client and server, so both are
vulnerable. The most obvious outcome is a crash (since the overflowed
integers are very large), but it's possible a crafty attacker could
leverage this into worse, even...

10:42

How cancer cells communicate and how we can slow them down Lifeboat News: The Blog

When cancer cells are closely packed together in a tumor, theyre able to communicate with each other and coordinate their movement throughout the body. What if we could interrupt this process? In this accessible talk about cutting-edge science, Hasini Jayatilaka shares her work on an innovative method to stop cancer cells from communicating and halt their fatal ability to spread.

This talk was presented at an official TED conference, and was featured by our editors on the home page.

10:39

Firefox Add-On With 220,000+ Installs Caught Collecting Users Browsing History SoylentNews

A popular Firefox add-on is secretly logging users' browsing history, according to reports from the author of the uBlock Origin ad blocker and Mike Kuketz, a German privacy and security blogger. The add-on in question is named Web Security and is currently installed by 222,746 Firefox users, according to the official Mozilla Add-ons Portal. The add-on's description claims Web Security "actively protects you from malware, tampered websites or phishing sites that aim to steal your personal data."

Its high install count and positive reviews got the add-on on a list of recommended security and privacy add-ons on the official Firefox blog last week.

But this boost of attention from the Mozilla team didn't go down as intended. Hours after Mozilla's blog post, Raymond Hill, the author of the uBlock Origin ad blocker pointed out on Reddit that the add-on exhibited a weird behavior.

"With this extension, I see that for every page you load in your browser, there is a POST to http://136.243.163.73 Hill said. "The posted data is garbled, maybe someone will have the time to investigate further."

Hill's warning went under the radar for a few days until yesterday, when Kuketz, a popular German blogger, posted an article about the same behavior. Hours later, a user on Kuketz's forum managed to decode the "garbled" data, revealing that the add-on was secretly sending the URL of visited pages to a German server. Under normal circumstances, a Firefox add-on that needs to scan for threats might be entitled to check the URLs it scans on a remote server, but according to a format of the data the add-on was sending to the remote server, Web Security appears to be logging more than the current URL.

The data shows the plugin tracking individual users by an ID, along with their browsing pattern, logging how users went from an "oldUrl" to a "newUrl." This logging pattern is a bit excessive and against Mozilla's Addon Portal guidelines that prohibit add-ons from logging users' browsing history.

Source: Firefox Add-On With 220,000+ Installs Caught Collecting Users' Browsing History


Original Submission

Read more of this story at SoylentNews.

10:23

Physicists fight laser chaos with quantum chaos to improve laser performance Lifeboat News: The Blog

To tame chaos in powerful semiconductor lasers, which causes instabilities, scientists have introduced another kind of chaos.

High-powered semiconductor lasers are used in materials processing, biomedical imaging and industrial research, but the emitted light they produce is affected by instabilities, making it incoherent.

The instabilities in the laser are caused by optical filaments; light structures that move randomly and change with time, causing chaos. Removing these instabilities has long been a goal in physics, but previous strategies to reduce filaments have usually involved reducing the power of the laser.

10:23

A filter that turns saltwater into freshwater just got an upgrade Lifeboat News: The Blog

Smoothing out a material used in desalination filters could help combat worldwide water shortages.

10:23

Settling Arguments About Hydrogen With 168 Giant Lasers Lifeboat News: The Blog

With gentle pulses from gigantic lasers, scientists at Lawrence Livermore National Laboratory in California transformed hydrogen into droplets of shiny liquid metal.

Their research, reported on Thursday in the journal Science, could improve understanding of giant gas planets like Jupiter and Saturn whose interiors are believed to be awash with liquid metallic hydrogen.

The findings could also help settle some fractious debates over the physics of the lightest and most abundant element in the universe.

10:23

The Invisible Forest Under The Sea Lifeboat News: The Blog

Half of the planets oxygen comes from tiny plants under the oceans surfacephytoplankton.

10:22

China will send a rover to the far side of the Moon in December Lifeboat News: The Blog

The United States and Russia arent the only two nations working hard at realizing their space-faring dreams. China has quickly ramped up its high-flying ambitions in the past couple of decades and late 2018 will mark a real milestone for the countrys space program. The country just announced that it plans on launching a lunar rover to the far side of the Moon in December of this year.

The announcement comes via Chinas state-run news agency CCTV, and China seems bullish on the prospect of being the first country to explore the far side of Earths moon with a robotic rover.

The mission, named Change 4, follows in the footsteps of its predecessor (you guessed it, Change 3) which saw a rover nicknamed Jade Rabbit land on the near side of the Moon back in 2013. That rover ran out of steam in August of 2016, and the model that will be flying to the far side is built largely of backup parts from the Change 3 mission.

10:22

Wheat gene map to help feed the world Lifeboat News: The Blog

Researchers are set to develop higher yield wheat varieties requiring less water after making a gene map.

10:14

FCC chief after Alex Jones controversy: Enforcement has nothing to do with content The Hill: Technology Policy

Federal Communications Commission (FCC) Chairman Ajit Pai on Thursday said the FCC this week shut down a pirate radio station because it was broadcasting illegally, not because it was known for airing controversial radio host Alex Jones."...

10:00

HPR2620: Thoughts on language learning part 1 Hacker Public Radio

This is the first part of a 3 part series in which I ramble on about my thoughts on language learning. Im no expert and I barely know one language well. In a nutshell: Teach as much as possible in the new language, focusing on vocabulary. Rather than starting with baby books, which might not be a bad idea, try to use a similar approach but assume the learners know a bit about how the world works. The goal is to get to about age 5-6 level in vocabulary so the learner can then switch to language books in the new language which already exist.

09:06

210 Million-Year-Old Pterosaur Predates Most Dinosaurs SoylentNews

Winged reptiles thrived before dinosaurs

Palaeontologists have found a new species of pterosaur - the family of prehistoric flying reptiles that includes pterodactyl. It is about 210 millions years old, pre-dating its known relatives by 65 million years.

Named Caelestiventus hanseni, the species' delicate bones were preserved in the remains of a desert oasis. The discovery suggests that these animals thrived around the world before the dinosaurs evolved.

[...] Finding a pterosaur in an ancient Triassic-aged sand dune is a hugely pleasant surprise. What makes this discovery so remarkable is that very few pterosaurs are known from the entire Triassic Period, which means that we have few fossils that tell the story of how these strange winged reptiles evolved during the first 30 million years of their history.

It's a trifecta: a Triassic pterosaur from a new place, preserved in an immaculate way, and found in rocks from an environment that we didn't think they lived in so early during their evolution. What this means is that pterosaurs were already geographically widespread and thriving in a variety of environments very early in their evolution.

Dinosaurs first appeared during the Triassic period, between 243 and 233.23 million years ago.

Caelestiventus hanseni gen. et sp. nov. extends the desert-dwelling pterosaur record back 65 million years (DOI: 10.1038/s41559-018-0627-y) (DX)


Original Submission

Read more of this story at SoylentNews.

09:02

Within 5 years, the world could widely accept that we are within striking distance of a post aging world Lifeboat News: The Blog

George Church, Age-X, HIV, Aubrey, a lil bit of everything here.


Within 5 years, the world could widely accept that we are within striking distance of a post-aging world. This could be with the achievement of mice that would normally die at the age of three getting life extension at the age of two and living beyond 5 years. It might be after that with the similar treatments to reverse aging in dogs. It could be with the first age reversal treatments in humans that make people look significantly younger but also restore muscle and other body functions.

Investors would then accelerate any funding needed to complete several very promising anti-aging treatments which are currently being worked upon.

One of the many George Church companies is Rejuvenate Bio. This is a stealth company that has been running tests to reverse aging in dogs.

09:00

A Surprisingly Practical Numitron Watch Hackaday

Regular Hackaday readers are surely familiar with Nixie tubes: the fantastically retro cold cathode display devices that hackers have worked into all manner of devices (especially timepieces) to give them an infusion of glowing faux nostalgia. But unfortunately, Nixie displays are fairly fragile and can be tricky to drive due to their high voltage requirements. For those who might want to work with something more forgiving, a possible alternative is the Numitron that uses incandescent filaments for each segment.

There hasnt been a lot of prior-art that utilizes Numitrons, but that might be changing, given how fantastic this wristwatch created by [Dycus] looks. With a multi-day battery life, daylight readability, and relatively straightforward construction, the Filawatch is likely to end up being something of a reference design for future Numitron watches.

08:36

The Problems and Promise of WebAssembly (Project Zero) LWN.net

Over at Google's Project Zero blog, Natalie Silvanovich looks at some of the bugs the project has found in WebAssembly, which is a binary format to run code in the browser for web applications. She also looks to the future: "There are two emerging features of WebAssembly that are likely to have a security impact. One is threading. Currently, WebAssembly only supports concurrency via JavaScript workers, but this is likely to change. Since JavaScript is designed assuming that this is the only concurrency model, WebAssembly threading has the potential to require a lot of code to be thread safe that did not previously need to be, and this could lead to security problems. WebAssembly GC [garbage collection] is another potential feature of WebAssembly that could lead to security problems. Currently, some uses of WebAssembly have performance problems due to the lack of higher-level memory management in WebAssembly. For example, it is difficult to implement a performant Java Virtual Machine in WebAssembly. If WebAssembly GC is implemented, it will increase the number of applications that WebAssembly can be used for, but it will also make it more likely that vulnerabilities related to memory management will occur in both WebAssembly engines and applications written in WebAssembly."

08:28

ASUS Begins Offering Linux-Based Endless OS On Select Laptops Phoronix

It has been a while since ASUS last offered any Linux options for laptops, but they appear to have a new effort underway with Endless OS...

08:27

Debian: 25 years and counting LWN.net

The Debian project is celebrating the 25th anniversary of its founding by Ian Murdock on August 16, 1993. The "Bits from Debian" blog had this to say: "Today, the Debian project is a large and thriving organization with countless self-organized teams comprised of volunteers. While it often looks chaotic from the outside, the project is sustained by its two main organizational documents: the Debian Social Contract, which provides a vision of improving society, and the Debian Free Software Guidelines, which provide an indication of what software is considered usable. They are supplemented by the project's Constitution which lays down the project structure, and the Code of Conduct, which sets the tone for interactions within the project. Every day over the last 25 years, people have sent bug reports and patches, uploaded packages, updated translations, created artwork, organized events about Debian, updated the website, taught others how to use Debian, and created hundreds of derivatives." Happy birthday to the project from all of us here at LWN.

08:22

Smartphones are damaging this generations mental health Lifeboat News: The Blog

Anti-social media.


A new paper suggests that an increase in mobile phone ownership could have led to a rise in mental health problems in young people.

08:21

Hillicon Valley: Twitter CEO Jack Dorsey sits down with The Hill | Drama over naming DHS cyber office | Fallout over revoking Brennan's security clearance | Google workers protest censored search engine for China The Hill: Technology Policy

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Morgan Chalfant (@mchalfant16) and Olivia Beavers (@olivia_beavers),...

08:02

NYU Offers Full-Tuition Scholarships for All Medical Students Lifeboat News: The Blog

Doctor? Who?


New York University said Thursday that it will cover tuition for all its medical students regardless of their financial situation, a first among the nations major medical schools and an attempt to expand career options for graduates who wont be saddled with six-figure debt [Editors note: the link may be paywalled]. From a report: School officials worry that rising tuition and soaring loan balances are pushing new doctors into high-paying fields and contributing to a shortage of researchers and primary care physicians. Medical schools nationwide have been conducting aggressive fundraising campaigns to compete for top prospects, alleviate the debt burden and give graduates more career choices. NYU raised more than $450 million of the roughly $600 million it estimates it will need to fund the tuition package in perpetuity, including $100 million from Home Depot founder Kenneth Langone and his wife, Elaine. The school will provide full-tuition scholarships for 92 first-year students another 10 are already covered through M.D./PhD programs as well as 350 students already partway through the M.D.-only degree program.

07:50

Twitter reverses decision to block GOP candidate from promoting video The Hill: Technology Policy

A Republican congressional candidate in California is accusing Twitter of censorship for briefly deciding not to allow her to run a campaign ad depicting gruesome images of Cambodia's Khmer Rouge regime.A spokesperson for Twitter confirmed the video...

07:37

Dems urge tech companies to remove 3D-gun blueprints The Hill: Technology Policy

A group of Democratic senators are urging tech companies to ban the publication of 3D gun blueprints on their platforms.The lawmakers told companies in letters made public Thursday and dated Aug. 14th that the blueprints would "allow users from all...

07:30

Power the Small Cells to Prepare for 5G IEEE Spectrum Recent Content full text

This webinar will share some basic knowledge about 5G, explain how it will impact the entire telecommunications infrastructure. Then it will focus on small cells and how to power and secure this equipment.

In recent months we have seen more and more pilot projects with 5G equipment around the world. This new technology will have a significant impact on the entire infrastructure, especially with the development of edge computing and the new antennas (called small cells) that we will need to power and secure.

The principle of edge computing is to add more data processing capabilities to the edge of the network (i.e., close to the users). The purpose is both to reduce the latency (the time between the request of a data and the reception of this one) and to decongest the network at the core level.

Since 5G operates with millimeter waves, the range of the signal is greatly reduced. As a result, we will need to add thousands of small cells throughout urban areas to provide sufficient coverage.

In this webinar, we will give some basic knowledge about 5G, explain how it will impact the entire telecommunications infrastructure, and then we will focus on small cells and how to power and secure this equipment.

PRESENTER:
 
 ...

New Zealand Bans Sales of Homes to Foreigners SoylentNews

New Zealand bans sales of homes to foreigners

New Zealand's parliament has banned many foreigners from buying existing homes in the country - a move aimed at making properties more affordable. The ban only applies to non-residents. Australians and Singaporeans are exempt because of free-trade deals.

New Zealand is facing a housing affordability crisis which has left home ownership out of reach for many. Low interest rates, limited housing stock and immigration have driven up prices in recent years.

[...] [Foreigners] are now banned from purchasing most types of homes - but they will be able to make limited investments in new apartments in large developments.

[...] Chinese investors have been among the biggest and most active offshore buyers of property in the New Zealand market. Also, some wealthy Americans - like Silicon Valley tech billionaire Peter Thiel - have become New Zealand citizens or have bought property in the country. Average prices in New Zealand have risen more than 60% in the past 10 years, while in Auckland - the country's largest city - they have almost doubled.


Original Submission

Read more of this story at SoylentNews.

07:20

Trying to make the DSLWP-B GMSK decoder more robust Daniel Estvez

If youve being following my latest posts, probably youve seen that Im taking great care to decode as much as possible from the SSDV transmissions by DSLWP-B using the recordings made at the Dwingeloo radiotelescope. Since Dwingeloo sees a very high SNR, the reception should be error free, even without any bit error before Turbo decoding.

However, there are some occasional glitches that corrupt a packet, thus losing an SSDV frame. Some of these glitches have been attributed to a frequency jump in the DSLWP-B transmitter. This jump has to do with the onboard TCXO, which compensates frequency digitally, in discrete steps. When the frequency jump happens, the decoders PLL loses lock and this corrupts the packet that is being received (note that a carrier phase slip will render the packet undecodable unless it happens very near the end of the packet).

There are other glitches where the gr-dslwp decoder is at fault. The ones that Ive identify deal in one way or another with the detection of the ASM (attached sync marker). Here I describe some of these problems and my proposed solutions.

The relevant part of the GNU Radio OQPSK decoder for DSLWP-B can be seen below. There are three custom blocks. The first block, QT GUI FFT Correlator Hier correlates against the 64bit ASM that marks the beginning of a packet. It uses an FFT to search in the frequency domain. Essentially, it has a matched filter whose taps are formed by the GMSK-modulated ASM. The signal is first routed through this filter, then a block of samples at the output of the filter is taken, and the FFT of this block is calculated. A peak in the FFT indicates a correlation at the particular frequency corresponding to the bin where the peak has occured and the particular time corresponding to the samples where the block has been taken. This algorithm is very similar to the one I use for my GMSK detector.

DSLWP-B GNU Radio decoder

When the Correlator Hier block detects a correlation peak, it sends tags with the correlation parameters to the downstream blocks. These tags inform of the estimated frequency and phase, signal amplitude and Eb/N0, and (impl...

07:13

Links 16/8/2018: MAAS 2.4.1, Mesa 18.2 RC3 Techrights

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • How to install Linux apps on your Chromebook

      Chromebooks are great because theyre simple: theres a lot you can get done with web services without exposing yourself to the troubles and security issues that plague more complex platforms.

      But if you need to do a bit more with your Chromebook, you have a few options. Most Chromebooks these days allow you to install apps from the Google Play Store, which should fill most productivity gaps. If not, youll soon have one more option: installing Linux apps. To be clear, youve been able to install Linux apps on Chromebooks for years because Chrome OS is Linux. But, its about to get much easier.

    • Top 5 Features Still Missing From Chrome OS
    • Walmarts selling an all-aluminum Chromebook with a comfy keyboard for just $220

      If youre not considering a Chromebook when youre shopping for a notebook, youre doing it wrong. Googles low-cost laptops are typically light, fast, secure, and have almost everything you need for remote work a.k.a. the Internet. Today, you can get in on the action for a great price. Walmart is selling the Acer Chromebook 14 (CB3-431-C6ZB) for $220. Thats about $30 to $40 cheaper than youd usually pay for this laptop....

06:23

End of an Era in Indian Politics Lifeboat News: The Blog

India keeps losing its stalwarts of Indian politics this year. First J.Jayalitha of AIADMK in Tamilnadu then K. Karunanidhi of DMK in Tamilnadu and Somnath Chatterjee of Communist Party in W.Bengal and now Indias most popular Prime Minister after Pt Jawahar Lal Nehru and Mrs Indira Gandhi, Atal Bihari Vajapayee who was admitted in All India Institute of Medical Sciences took his last breath  today at 05;02 PM in New Delhi.
Atal Bihari Vajpayee is regarded as a great orator who gave India a strong opposition party including bringing a non Congress government in power for first time which completed its full tenure. Apart from this he had a very long and fruitful career as leader of opposition,Foreign Minister,Prime Minister,Poet,Social Servant,Journalist and Writer.He was such a great charismatic leader that Indias first Prime Minister Pt Jawahar Lal Nehru had predicted that he would become Prime Minister of the country when Atal Bihari was still in his youth and was sitting in opposition of Nehru.
He was such a great stalwart that he was regarded as a tall and great leader not with in his party but out side party.It was during his Prime Ministership that India Visited a swift in its foreign policy and USA started getting close through the Civilian Nuclear Deal .His USA counter part President Bush also appraised him for his cooperation in Civilian Nuclear Deal. He extended his hands of friendship towards Pakistan through Lahore Summit and a Bus Service.
He was born in Madhya Pradesh in North India on December 25,1924 but has lived his political life in Uttar Pradesh. During the demolition of Babri Mosque in Ayodhya he apologized to the nation but at the same time advocated that a scientific investigation be allowed to extract the proof of Ram Temple and ordered an excavation of site of dispute. While he advocated that a friendly ties be maintained with Pakistan he warned Pakistan from any unwanted steps towards borders and Kashmir. It was during his Prime Ministership that Pakistani troops infiltrated above the hills of Kargil and pushed back by Indian Army.It was referred as Kargil War. It was during his tenure that a scientist from a minority Muslim community was credited with honor of becoming President of India The highest constitutional post in India who pioneered Indias Missile program and tested second Nuclear Bomb in the Run of Pokharan successfully despite being aware of geo-political odds and reciprocations .

His legendary speeches on many occasions including at the time of his resignation from a 13 days government,his speech during Kargil War,his advice during Gujrat Riots,his speech in Hindi in United Nations when he was external Affairs Minister his speech on Ayodhya Issue,his poetry and journalism are regarded as milestones of Indian Politics,Society and Literature. He sheltered and nourished a chain of new age politicians including current Prime Minister Narendra Modi.

He will be regarded as on...

06:00

Hanging, Sliding Raspi Camera Adds Dimension To Octoprint Hackaday

Are you using Octoprint yet? Its so much more than just a way to control your printer over the internet, or to keep tabs on it over webcam when youre off at work or fetching a beer. The 3D printing community has rallied around Octoprint, creating all sorts of handy plug-ins like Octolapse, which lets you watch the print blossom from the bed via time-lapse video.

Hackaday alum [Jeremy S Cook] wanted to devise a 3D-printable mount for a Raspi camera after finding himself inspired by [Tom Nardi]s excellent coverage of Octoprint and Octolapse. He recently bought a wire shelving unit to store his printer and printer accessories, and set to work. We love the design he came up with, which uses the flexibility of the coolant hose to provide an endlessly configurable camera arm. But wait, theres more! Since [Jeremy] mounted it to the rack with zip ties, the whole rig shimmies back and forth, providing a bonus axis for even more camera views. Slide past the break to see [Jeremy]s build/demo video.

Its great to be able to monitor a print from anywhere with internet access, but the camera is almost always set up for a tight shot on the print bed. How would you ever know if youre about to run out of filament? For that, you need a fila-meter.

05:50

Los Angeles to Become the First City to Use Body Scanners in Rail Transit Systems SoylentNews

Submitted via IRC for Fnord666

LA to become the first city to use body scanners in rail transit systems

The Los Angeles County Metropolitan Transportation Authority just announced its plans to become the first city to use portable body scanners in its subway and light-rail systems to help detect the presence of explosive devices.

"We're dealing with persistent threats to our transportation systems in our country," TSA administrator David Pekoske in a statement. "Our job is to ensure security in the transportation systems so that a terrorist incident does not happen on our watch."

The portable scanners will begin rolling out in a few months, the executive director of security for the LA Metro Alex Wiggins said yesterday. According to the AP, the scanners will be able to conduct full-body scans from 30 feet away and are capable of scanning more than 2,000 passengers per hour.

[...] The city is one of several in which the TSA has piloted these new body scanners, although LA will be the first to fully adopt them. The agency has also worked with public transit officials from San Francisco's Bay Area Rapid Transit, New Jersey's transit system, as well as Amtrak stations at New York's Penn Station and DC's Union Station. Wiggins assured passengers that screenings in the LA Metro would be well-marked and that those choosing to opt out could do so by leaving the station.


Original Submission

Read more of this story at SoylentNews.

05:45

ISP Has No Safe Harbor Defense in Piracy Case, Record Labels Argue TorrentFreak

Last year several major record labels, represented by the RIAA, filed a lawsuit against ISP Grande Communications accusing it of turning a blind eye to pirating subscribers.

According to the RIAA, the Internet provider knew that some of its subscribers were frequently distributing copyrighted material, but failed to take any meaningful action in response.

Grande refuted the accusations and filed a motion to dismiss the case. The ISP partially succeeded as the claims against its management company Patriot were dropped. The same was true for the vicarious infringement allegations, as the court saw no evidence that the ISP had a direct financial interest in the infringing activity.

The labels were not willing to let go so easily.

They submitted a motion for leave to file an amended complaint including new evidence obtained during discovery. And a few days ago, they upped the pressure with a motion for summary judgment, arguing that Grande has no safe harbor defense.

In order to get safe harbor protection, the DMCA requires ISPs to adopt and reasonably implement a policy for terminating the accounts of repeat copyright infringers. According to the motion, it is clear that Grande failed to do so. As such, the company should be held directly liable.

For years, Grande claimed in its online Acceptable Use Policy that it had a policy of terminating repeat infringers. Grande continued to assert that claim in its pleadings and written discovery responses in this suit.

None of that was true. The undisputed record evidence establishes that Grandes Acceptable Use Policy was a sham, the labels motion reads.

There can be little dispute over Grandes failing policy, the labels state. They point out that corporate paperwork and testimony of Grandes senior executives clearly show that there wasnt an adequate repeat infringer policy.

Indeed, the documents and testimony demonstrate that rather than a policy for terminating repeat infringers, Grande consciously chose the opposite: a policy allowing unlimited infringement by its subscribers, the labels write.

At the same time, there was no lack of DMCA notices. The labels note that the ISP received at least 1.2 million notices of alleged copyright infringement between 2011 and 2016. This includes hundreds of thousands of notices from Rightscorp.

Despite these repeated warnings, the company didnt terminate a single subscriber from October 2010 until June 2017, the labels allege. This changed after the la...

05:32

New Engineering Journal from Annual Reviews IEEE Spectrum Recent Content full text

The inaugural volume of the Annual Review of Control, Robotics, and Autonomous Systems is now available online!

Annual Reviews

The Annual Review of Control, Robotics, and Autonomous Systems highlights the theoretical and applied research in control and robotics that drives and enriches the engineering of autonomous systems. This new journal is the first of its kind to cover both the broad fields of control and robotics and their fundamental roles in the increasingly important area of autonomous systems.

View the full Table of Contents for Volume 1 here: https://www.annualreviews.org/toc/control/1/1

Free online preview is available now.

Topics in the first volume cover control and its connections to game theory, distributed optimization, Kalman filtering, geometric mechanics, privacy, data-driven strategies, and deep learning, together with robotics and its connections to manipulation, materials, mechanisms, planning, decision-making, and synthesis. Applications include artificial touch, soft micro and bio-inspired robotics, minimally invasive medical technologies, rehabilitative robotics, autonomous flight, airspace management, and systems biology.

"The opportunities are enormous for control, robotic, and autonomous systems to help make the world a better place. Search and rescue, environmental monitoring, surgical assistance, and smart grids are just a few of the high-impact applications. The Annual Review of Control, Robotics, and Autonomous Systems provides a much-needed unifying forum for the richly varied and ever-evolving research that promotes creativity and advances control, robotics, and the engineering of autonomous systems. Researchers and practitioners alike will find the articles of great value in learning and integrating across the many interconnected disciplines that contribute to this fantastically exciting field."

-Dr. Naomi Ehrich Leonard, Editor

Gain insights into top research faster with Annual Reviews.

Annual Reviews is a non-profit publisher dedicated to synthesizing and integrating knowledge to stimulate the progress of science and benefit society. For more than 85 years, Annual Reviews has published top-cited reviews by invited experts. Our authors synthesize research and identify areas for further investigation and help researchers and students in biomedical, life, physical, and social sciences advance their fields.

Sign up to get email alerts for the next volume of Annual Review of Control, Robotics, and Autonomous Systems. https://www.annualreviews.org/userpreferencecenter

...

04:22

Two Industries in One Field Lifeboat News: The Blog

Now that we are starting to see the arrival of actual therapies aimed at targeting the processes of aging directly in order to prevent age-related diseases, it has become easier to separate two very distinct groups.

The first group consists of the snake oil salesmen peddling unproven supplements and therapies to whoever is foolish enough to buy and take things on faith without using the scientific method. The hucksters have long been a plague on our field, preying on the gullible and tainting legitimate science with their charlatanry and nonsense. One example is the biotech company that makes bold claims yet never delivers on those claims in practice, offering data based on poorly designed experiments and tiny cohorts that are statistically irrelevant; another example is the supplement peddler selling expensive supplement blends with flashy names, which, on inspection, turn out to be commonly available herbs and minerals mixed and sold at a high markup. These sorts of people have plagued our community and given the field a reputation of snake oil.

The second group are the credible scientists, researchers, and companies who have been working on therapies for years and sometimes more than a decade. Many of these therapies are following the damage repair approach advocated by Dr. Aubrey de Grey of the SENS Research Foundation over a decade ago. The basic idea is to take an engineering approach to the damage that aging does to the body and to periodically repair that damage in order to keep its level below that which causes pathology. These therapies are now starting to arrive, with some already in human trials right now, and this marks a milestone in our field: the credible science has finally outstripped the snake oil, and the focus can move from pseudoscience to real, evidence-based science.

04:22

Google employees organize against censored search service for China The Hill: Technology Policy

Google employees are protesting the companys reported efforts to build a censored search service that would allow it to enter the Chinese market.More than a thousand workers have signed a letter, obtained by The Hill, demanding greater transparency...

04:16

AT&T sued for enabling SIM swap fraud Help Net Security

A cryptocurrency investor is suing AT&T because criminals were able to empty his accounts through SIM swap fraud (aka account port out fraud), even though he had already asked for additional protections to be set up on his AT&T account. He is asking the US District Court for the Central District of California to find in his favor and award him $24 million of compensatory damages and over $200 million of punitive damages. Given all More

The post AT&T sued for enabling SIM swap fraud appeared first on Help Net Security.

04:00

A Twist in Graphene Could Make for Tunable Electronic Devices IEEE Spectrum Recent Content full text

A single material could be 'twisted' into various components of a circuit with distinct electronic properties

Engineering a band gap into graphene has become almost a rite of passage for research groups who work with the material. While many have accomplished this feat, many more have written off graphene in digital logic applications because of the fact that you have to give it a band gap.

It turns out that all of that engineering of graphene has revealed another feature: tunable electronic properties. This is accomplished by combining graphene with another material that has a very large band gap, like boron nitrideso-called heterostructuresor by giving graphene a twist.

Now, an international team of researchers from Columbia University, the National Institute for Materials Science in Tsukuba, Japan and the Centre National de la Recherche Scientifique (CNRS) in France have overcome some of the limitations that previous attempts to twist graphene have faced.

In research described in the journal Science, the group demonstrated proof of principle for a twisting technique using graphene/boron nitride heterostructures. They showed that their technique can control the rotation of the graphene, and demonstrated how the electrical, optical, and even mechanical properties of the device can be dynamically varied with this technique.

By finding a way to change the angle of the twist of graphene in relation to the boron nitride and even alter that angle after manufacturing, the researchers believe this fresh approach could lead to new kinds of electronic devices.

All of this twisting of graphene with other two-dimensional (2D) materials occurs because there is very low friction between them. Also, there is no strong chemical bonding between the crystal planes, so they slide easily over one another. The researchers realized that a benefit of the low sliding friction is that devices could be intentionally designed to be rotatable, according to Cory Dean, an assistant professor at Columbia and co-author of the research.

In our fabricati...

03:44

Valve Seems to be Working on Tools to Get Windows Games Running on Linux SoylentNews

Submitted via IRC for Fnord666

Valve appears to be working on a set of "compatibility tools," called Steam Play, that would allow at least some Windows-based titles to run on Linux-based SteamOS systems.

Yesterday, Reddit users noticed that Steam's GUI files (as captured by SteamDB's Steam Tracker) include a hidden section with unused text related to the unannounced Steam Play system. According to that text, "Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems."

Other unused text in the that GUI file suggests Steam Play will offer official compatibility with "supported tiles" while also letting users test compatibility for "games in your library that have not been verified with a supported compatibility tool." That latter use comes with a warning that "this may not work as expected, and can cause issues with your games, including crashes and breaking save games."

Tools that let users run Windows apps in Linux are nothing new; Wine has existed for decades, after all. But an "official" Steam-based compatibility tool, with the resources and backing of Valve behind it, could have a huge impact on the Linux development space that could reach well beyond games. Assuming it worked for a wide range of titles, the Steam Play system could also help ameliorate one of SteamOS' biggest failingsnamely, the relative lack of compatible games when compared to Windows.

With all that said, some caution is warranted before getting too excited about these possibilities. For one, we don't know what specific form Steam Play will take. Valve could simply be preparing a wrapper that lets users run existing emulation tools like Wine and DOSBox on top of SteamOS without actively advancing the state of that emulation directly.

Source: https://arstechnica.com/gaming/2018/08/valve-seems-to-be-working-on-tools-to-get-windows-games-running-on-linux/


Original Submission

Read more of this s...

03:24

A Quick Look At The Windows Server vs. Linux Performance On The Threadripper 2990WX Phoronix

One of the frequent requests/comments stemming from the launch-day Windows 10 vs. Linux benchmarks on the new AMD Threadripper 2990WX were questions about whether this 32-core / 64-thread processor would do better with Windows Server given Microsoft's obvious tuning of that Windows flavor to high core/thread counts... Well, here are some initial figures with Windows Server 2016 and a Windows Server 2019 preview.

03:01

Getting Kitted to Teach your First Hardware Workshop Hackaday

I was always a sucker for art classes in my early days. There was something special about getting personal instruction while having those raw materials in your hands at the same time. Maybe it was the patient voice of the teacher or the taste of the crayons that finally got to my head. Either way, I started thinking: I want to do this; I want to teach this stuff.

Last year at Hackaday Superconference I got my chance. Hardware workshops with real hardware were so rare; I just had to bring one to the table! What follows is my tale of joys and woes bringing together a crew to take their first few steps into the world of cable-driven animatronics. If youre thinking about getting your feet wet with teaching your own hardware workshop, read on. Ive packed this story with as much of my own learnings as I could to set you on a path to success.

The good news is that Supercon returns every year. I you want to take part in some epic workshops like this one, grab a ticket for this years conference now. If you want to host a hardware workshop, the Call for Proposals is still open! Okay, lets dive in.

2016 was the year of the tentacle

In July of 2017 I saw the call for workshop proposals go out. The year before that I had taken some inspiration from the...

03:01

Hanging Up on Mobile in the Name of Security Krebs on Security

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. Increasingly frequent, high-profile attacks like these are prompting some experts to say the surest way to safeguard ones online accounts may be to disconnect them from the mobile providers entirely.

The claims come in a lawsuit filed this week in Los Angeles on behalf of Michael Terpin, who co-founded the first angel investor group for bitcoin enthusiasts in 2013. Terpin alleges that crooks stole almost $24 million worth of cryptocurrency after fraudulently executing a SIM swap on his mobile phone account at AT&T in early 2018.

A SIM card is the tiny, removable chip in a mobile device that allows it to connect to the providers network. Customers can legitimately request a SIM swap when their existing SIM card has been damaged, or when they are switching to a different phone that requires a SIM card of another size.

But SIM swaps are frequently abused by scam artists who trick mobile providers into tying a targets service to a new SIM card and mobile phone that the attackers control. Unauthorized SIM swaps often are perpetrated by fraudsters who have already stolen or phished a targets password, as many banks and online services rely on text messages to send users a one-time code that needs to be entered in addition to a password for online authentication.

Terpin alleges that on January 7, 2018, someone requested an unauthorized SIM swap on his AT&T account, causing his phone to go dead and sending all incoming texts and phone calls to a device the attackers controlled. Armed with that access, the intruders were able to reset credentials tied to his cryptocurrency accounts and siphon nearly $24 million worth of digital currencies.

According to Terpin, this was the second time in six months someone had hacked his AT&T number. On June 11, 2017, Terpins phone went dead. He soon learned his AT&T password had been changed remotely after 11 attempts in AT&T stores had failed. At the time, AT&T suggested Terpin take advantage of the companys extra security feature a customer-specified six-digit PIN which is required before any account changes can be made.

Terpin claims an investigation by AT&T into the 2018 breach found that an employee at an AT&T store in Norwich, Conn. somehow executed the SIM...

02:42

Global Renewable power spending has been virtually flat for seven years and most countries will need expensive grid upgrades to handle more solar and wind Lifeboat News: The Blog

Global investment in renewable energy (Solar, Wind, Hydro and biofuel) edged up 2% in 2017 to $279.8 billion, taking cumulative investment since 2010 to $2.2 trillion. The level of global renewable power spending has been virtually flat for seven years. There has been an increase in overall installed renewable power each year because of the dropping prices. A 2% increase in spending has resulted in 10% increase in global installations from 2016 to 2017.

A record 157 gigawatts of renewable power capacity was commissioned in 2017, up from 143GW in 2016. This was more than the 70GW of net fossil fuel generating capacity added last year. However, the installed fossil fuel power generates more kilowatt hours because of the low capacity factors of solar and wind power.

02:40

KDE Applications 18.08 Released Phoronix

Today the quarterly update to the collection of KDE software applications has shipped with its newest features...

02:33

FCC chair says White House called him about Sinclair-Tribune merger The Hill: Technology Policy

Federal Communications Commission (FCC) Chairman Ajit Pai on Thursday revealed that White House counsel Don McGahn called him about the merger between Sinclair Broadcast Group and Tribune Media last month as the deal was imploding due to...

02:26

Sketchy Crypto-mining Containers Removed from Docker Repository TechWorm

In case you havent heard, Docker is shaping up to be one of the most disruptive technologies to date that are currently at our disposal. And its deemed as such rightly so. It has the potential to completely replace virtual machines because its incredibly self-sustaining, resource-efficient, and openly compatible across a wide variety of computer systems.

If you arent familiar with containerism, then well give you the quick and simple version. See, the use of virtual machines is the current trend, because virtual machines allow for the optimal utilization of the power of a computer system.

Prior to the use of virtual machines, systems were limited to running a single process for fear that running two processes simultaneously would lead to a metaphorical tug-of-war for resources between the two processes. This would lead to crashes, of course. That used to be a serious issue because computer systems werent used efficiently; often, only half of the computers capabilities were utilized.

Virtual machines granted the ability to run multiple processes simultaneously without the risk of these processes taking resources from each other. You can say that these processes are quarantined from each other, resource-wise.

Now, containers such as Docker run on the same principle as virtual machines, but to a higher degree. While processes are quarantined in virtual machines, in containerism each program (well refer to this as images from here on) comes packaged with the resources required to run it. This ensures that the image can run on any system, because it already comes with the components to make it function.

These are, however, a few additional advantages from using Docker.

Now, about a few months ago, security companies Fortinet and Kromtech exposed a total of 17 Docker images that were tampered with. These Docker images were found to contain Monero Miners, which rob users of computing power in order to mine cryptocurrency.

Further investigation found that as a collective, the 17 images were downloaded at least 5 million times. This suggests that the instigators were able to inject scripts into vulnerable containers.

These tainted images were found on the Docker repository, Docker Hub. Of course, this presents a worrisome problem that exploits have been found this early. Fortunately, the images have since been removed from the repository, though its clear that the crypto criminals might have gotten away with as much as $90,000 from the scheme.

While I do agree that its a paltry amount when compared to what other unscrupulous users gain, the mere fact that they were able to tamper with images is worrying. Theres an arms race between criminals and proper users, and this has rung true for every piece of technology out there.

This is why its incredibly important to opt for...

02:22

Study to Help Develop Vibrant Future Commercial Space Economy Lifeboat News: The Blog

Last week, NASA announced the awardees for an ongoing effort to foster commercial activity in space. This effort allows 13 companies to study the future of commercial human spaceflight in low-Earth orbit, including long-term opportunities for the International Space Station.

Im pleased to share that NanoRacks is one of these awardees.

This study is not only a big step for NanoRacks, but a big step for the commercial space ecosystem. Today, we are the largest commercial user of the International Space Station and are proud of the impact weve made to help foster this ecosystem and bring customers from all over the world into to orbit. This study will allow us to take our vision to the next step and detail the viability for habitable and automated platforms for low-Earth orbit.

02:14

Mystery Russian Satellite's Behaviour Raises Alarm In US SoylentNews

A mysterious Russian satellite displaying "very abnormal behaviour" has raised alarm in the US, according to a State Department official. "We don't know for certain what it is and there is no way to verify it," said assistant secretary Yleem Poblete at a conference in Switzerland on 14 August.

She voiced fears that it was impossible to say if the object may be a weapon.

Russia has dismissed the comments as "unfounded, slanderous accusations based on suspicious" [sic].

The satellite in question was launched in October last year. "[The satellite's] behaviour on-orbit was inconsistent with anything seen before from on-orbit inspection or space situational awareness capabilities, including other Russian inspection satellite activities," Ms Poblete told the conference on disarmament in Switzerland.

"Russian intentions with respect to this satellite are unclear and are obviously a very troubling development," she added, citing recent comments made by the commander of Russia's Space Forces, who said adopting "new prototypes of weapons" was a key objective for the force. Ms Poblete said that the US had "serious concerns" that Russia was developing anti-satellite weapons.

[...] [Ms Stickings (Royal United Services Institute - RUSI) said] "The narrative coming from the US is, 'space was really peaceful, now look at what the Russians and Chinese are doing' - ignoring the fact that the US has developed its own capabilities."


Original Submission

Read more of this story at SoylentNews.

02:12

ODX and YouDeal Team Up to Deliver Free Internet Access to Emerging Markets TechWorm

On August 9, 2018, ODX Pte. Ltd (ODX), announced its partnership with YouDeal, the worlds largest peer-to-peer services marketplace. ODX, which is a subsidiary of Xurpas, the largest consumer technology company in the Philippines, aims to solve what is perhaps the most basic problem for consumers in emerging economies: internet access.

ODXs blockchain-based data marketplace, Open Data Exchange, is backed by heavy hitters in the blockchain and technology space, including Andromeda, BlockTower Capital, DNA Fund, Wavemaker Genesis, Hexa Labs, Pantera Capital and Strong Ventures. Through its data marketplace, ODX unites internet service providers and publishers from across the globe to offer consumers free internet access via sponsored data packages. The partnership between YouDeal and ODX brings YouDeals large network of internet users closer to receiving uninterrupted internet access through ODX.

Based out of China, YouDeal has more than 50 million users, seven million sellers and does $60 billion in trading volume. YouDeal currently connects users in China with more than 300 industries including fitness, yoga instructors, masseurs, hairstylists, information technology programmers, user interface designers and financial advisors. It now has its sights set on Southeast Asia, with a free internet strategy powered by ODX.

According to a press release Techworm received from PMBC Group, ODXs PR firm, Nix Nolledo, ODX Founder and CEO said, Data free access is a critical advantage in emerging markets. Your app becomes the default choice for most people most of the time. YouDeal understands that success in emerging markets requires dealing with a fundamental problem that most users are offline 20 days of the month. Mobile data is expensive in these markets, costing as much as six times what the average user can afford. As a result, consumers are offline over 80 percent of the time. Through this key partnership with ODX, YouDeal solves this issue by providing users free internet access to its services. Customers will be able to access the app 24/7, even when they have no mobile data plan or mobile airtime credits.

At the helm of the company is Nix Nolledo, a seasoned entrepreneur and tech executive who has played a significant role in the success of many companies, including Xurpas, which he started with only $3 and grew into the thriving billion-dollar company that it is today. Xurpas, is the largest publicly listed consumer tech company in the Philippines and employs more than 900 employees across Southeast Asia. With more than 17 years in operation, Xurpas has an established network of publishers and Telcos, which provides ODX with the perfect platform to achieve its lofty goals.

Last month, ODX raised more than $60 million in a private token sale and is well on its way to achieving its $100 million goal.

For more informatio...

02:05

Dem requests DOJ probe on law enforcement use of facial recognition technology The Hill: Technology Policy

A Democratic lawmaker is raising concerns about law enforcements use of facial recognition technologies, saying it could pose issues for minority Americans and potentially be in violation of civil rights protections.Rep. Emanuel Cleaver (D-Mo.)...

02:01

Breakfast at DEF CON The Greatest Illicit Meetup of All Hackaday

Every year we host Breakfast at DEF CON on the Sunday morning of the largest hacker conference in the United States. I think its a brilliant time to have a meetup almost nobody is out partying on Sunday morning, and coffee and donuts is a perfect way to get your system running again after too much excess from Saturday evening.

This year marks our fourth Breakfast and we thought this time it would be completely legit. Before weve just picked a random coffee shop and showed up unannounced. But this year we synced up with some of our friends running the Hardware Hacking Village and they were cool with us using the space. Where we ran afoul was trying to wheel in coffee and pastries for 100+ people. The casino was having none it.

...

01:41

Google offers rewards for techniques that bypass their abuse, fraud, and spam systems Help Net Security

Google is expanding its vulnerability reward program again: the company wants to be notified about techniques that allow third parties to successfully bypass their abuse, fraud, and spam systems. About the program expansion This expansion is intended to reward research that helps us mitigate potential abuse methods, Eric Brown and Marc Henson of Googles Trust and Safety team explained. A few examples of potentially valid reports for this program could include bypassing our account recovery More

The post Google offers rewards for techniques that bypass their abuse, fraud, and spam systems appeared first on Help Net Security.

01:36

Cyber Defense Magazine August 2018 has arrived. Enjoy it! Security Affairs

Cyber Defense Magazine August 2018 Edition has arrived.

Sponsored by: Bosch

We hope you enjoy this months editionpacked with 130+ pages of excellent content.  InfoSec Knowledge is Power.  We have 6 years of eMagazines online with timeless content.  Visit our online library by clicking here.   Please tell your friends to

01:31

ARM Aims To Deliver Core i5 Like Performance At Less Than 5 Watts Phoronix

ARM has made public an aggressive CPU forward-looking road-map and some performance expectations. ARM is hoping to deliver year-over-year performance improvements of more than 15% through 2020...

01:19

SAP Security Notes August 2018, watch out for SQL Injection Security Affairs

SAP released security notes for August 2018 that address dozens patches, the good news is that there arent critical vulnerabilities.

SAP issues 27 Security Notes, including 14 Patch Day Notes and 13 Support Package Notes. Seven notes are related to previously published patches.

On 14th of August 2018, SAP Security Patch Day saw the release of 12 Security Notes. Additionally, there were 2 updates to previously released security notes. reads the advisory published by SAP.

Principal type of vulnerabilities fixed by SAP security notes are SQL Injection and Information Disclosure flaws as reported in the following graph.

SAP security notes August 2018

According to the experts from ERPScan, in August Implementation Flaw and Missing Authorization Check are the largest groups in terms of the number of vulnerabilities

...

01:11

F5 simplifies network functions virtualization for service providers Help Net Security

F5 Networks introduced a network functions virtualization (NFV) offering for services that are deployed, scaled, managed, and decommissioned as service needs evolve. F5s new VNF Manager simplifies consumption of F5s portfolio of VNFs (based on BIG-IP capabilities) that are provisioned in service providers networking environments. With F5, organizations can take advantage of the lifecycle management of VNF services, unlocking scale and automation for newly virtualized networks without complexity. This approach is fit for mobile operators More

The post F5 simplifies network functions virtualization for service providers appeared first on Help Net Security.

01:04

Security vs. Utility: Talking about regulation TechWorm

Raising capital with ICOs (Initial Coin Offerings) has become very popular: in 2017 alone ,ICOs has raised a combined $3.7 billion. Projects using this model typically raise capital by issuing digital tokens on a blockchain and distributing them to investors for a financial contribution. Such crypto tokens represent a virtual store of value, which can be transferred via peer-to-peer networks and may serve different functions. Depending on their role, crypto tokens may be broadly subdivided into two major types: utility tokens and security tokens.

Utility tokens are used for granting access to a companys products or services or entitle their holders to be a part of an ecosystem where this token acts as a native currency. Utility tokens are not designed for investments and this leads to a lack of security regulations.

Security tokens derive their value from an external, tradable asset and share specific characteristics with regular financial instruments which are subject to security regulations. The commonly known  characteristics are the representation of ownership and entitlement to the residual cash flows generated by the digital enterprise. When the token is classified as a security, it may represent shares of company stock.

Utility Token Can Mean Scam All Too Often

A recent study conducted by Satis Group LLC, a premier ICO advisory company, states that over 80 percent of all ICOs are fraudulent. As mentioned, utility tokens are not subject to the same regulatory requirements as security tokens, which opens up a broad field of opportunities for fraudsters of all kinds. The absence of security can be shown as a sort of freedom during the ICOs marketing, but in fact, the token may easily turn out to be a scam. In most cases of fraud, tokens of such projects turn to dust. Investors are not protected from such situations at all. When a token is a utility token: all guarantees and agreements are in words, and if it turns out that a project has no intention of fulfilling development duties with the funds, theres no law or regulation to help the defrauded investors.

A security token, on the other hand, being subject to security regulations should satisfy legal requirements, thus theres much less of a chance a project with a token classified as a security would turn out to be a scam. Its also important to understand that a company cannot easily claim its tokens a security tokens. Security regulations are firm, and if one fails to abide by regulations, it can result in costly penalties and even threaten to derail the project.

Thats why the emergence of a regulatory framework for the crypto industry is a necessary step. Regulatory interference creates a harmonized legal landscape providing the blockchain community a higher sustainability and...

01:01

DARPA Goes Underground For Next Challenge Hackaday

We all love reading about creative problem-solving work done by competitors in past DARPA robotic challenges. Some of us even have ambition to join the fray and compete first-hand instead of just reading about them after the fact. If this describes you, step on up to the DARPA Subterranean Challenge.

Following up on past challenges to build autonomous vehicles and humanoid robots, DARPA now wants to focus collective brainpower solving problems encountered by robots working underground. There will be two competition tracks: the Systems Track is what weve come to expect, where teams build both the hardware and software of robots tackling the competition course. But there will also be a Virtual Track, opening up the challenge to those without resources to build big expensive physical robots. Competitors on the virtual track will run their competition course in the Gazebo robot simulation environment. This is similar to the NASA Space Robotics Challenge, where algorithms competed to run a virtual robot through tasks in a simulated Mars base. The virtual environment makes the competition accessible for people without machine shops or big budgets. The winner of NASA SRC was, in fact, a one-person team.

Back on the topic of the upcoming DARPA challenge: each track will involve three sub-domains. Each of these have civilian applications in exploration, infrastructure maintenance, and disaster relief as well as the obvious military applications.

  • Man-made tunnel systems
  • Urban underground
  • Natural cave networks

There will be a preliminary circuit competition for each, spaced roughly six months apart, to help teams get warmed up one environment at a time. But for the final event in Fall of 2021, the challenge course will integrate all three types.

More details will be released on Competitors Day, taking place September 27th 2018. Registration for the event just opened on August 15th. Best of luck to all the teams! And just like we did for past challenges, we will excitedly follow progress. (And have a good-natured laugh at fails.)

00:58

TSA's Transit Police use full-body scanners to search and watchlist commuters MassPrivateI


It has been a year, since I warned commuters that the TSA wanted to install full-body biometric scanners at train stations. 

And just like last year, the MSM interviewed one person that is fine with losing their rights. Last year, I warned commuters that full-body scanners come equipped with watchlist software.

Stay on constant lookout for known wolves and other watchlist individuals using proven facial recognition and human IQ. Integrated video camera provides positive ID for alarm resolution. Send notifications and alerts to mobile team or operations center.

Why has the MSM refused to talk about watchlisting commuters? 

If the TSA has its way, commuters across the country will be body scanned and watchlisted.

Yesterday, the Los Angles Times revealed that the Los Angeles County Metropolitan Transportation Authority Police will begin using Thruvision's full-body scanners.


"Later this year, the Metropolitan Transportation Authority will deploy several portable scanners that can be moved to any of the systems 93 subway and light-rail stations."

What does this mean for commuters?

It means that public transit is being run by the TSA.

According...

00:43

Russia Gives Lessons in Electronic Warfare SoylentNews

Soldiers stupid and disobedient enough to carry their own tracking devices into the field on operations are teaching their units harsh lessons when entering combat. The Association of the United States Army, the U.S. Army's professional association and lobbying group, has an article on how mobile phones are used against soldiers carrying them in the field. This includes, but is not limited to, psychological operations, artillery strikes, monitoring, or all three at once. Given the lax discipline about leaving the mobile phones behind, the attacks built on phone info have been increasingly successful both physically and mentally.

[Ed Note: The second link details how Russian backed separatists are using advanced EW and psyops tactics against the Ukrainian Armed Forces]


Original Submission

Read more of this story at SoylentNews.

00:42

Why Top-notch App isnt the only Key to Success in P2P Economy TechWorm

The buzzwords like Uber, Airbnb, Lyft or Ola are familiar to almost everybody. Thousands of people use mobile applications and web portals of these companies. One can fall under a deceptive impression that the only thing necessary to succeed in peer-to-peer (P2P) economy is quality software or even copying somebody elses proven app. IT specialists complain they often have to deal with clients desire to ride on the success of popular brands, e.g., creating a mobile app like Uber. Its a common mistake that investors should be aware of. Very few people realize, most of the P2P companies are first of all mature offline businesses that managed to create brilliant applications. A high-quality mobile app earns a lot of money for its owners but is not the root cause of commercial success. What exactly has brought companies like Airbnb or Ola to the top?

Marketplace

It is a backbone of any sharing economy business model. A marketplace attracts entrepreneurs because it assists with client search, leads processing, loyalty systems, legal issues and payment options. A marketplace is a complex e-commerce platform embedding the following modules:

  •        Omni-channel commerce
  •        Banking, payments, refunds
  •        Users agreements and legislation issues
  •        Executors portal
  •        Educational materials
  •        Editors, Communication, and Support portals

Technical features of web services and apps are important, but a software application development company and investors should also pay a lot of attention to market requirements and choose an appropriate business model.

Customers Portal and Applications

This ingredient of the P2P business ensures smooth user experience and helps communicate with customers. Create one of the best applications in a field and reinforce it with perfect services, impeccable support, and competitive prices. To have the maximum audience outreach, your sharing economy software should cover all the popular platforms (iOS, Android, OS X, Windows or Linux). Your companys well-being fully depends on the users of your app. P2P software providers are challenged to create a solution able to stand out in a competitive market.

Analytics

Sharing economy solutions are global scale by nature. They are able to reach the target audience. A large number of users generates a lot of statistics and analytical data. You have to take care of the following aspects:

  • System for analytical data generation and aggregation
  • Analytical tools for managing statistics
  • Report system

Your system should be ready to aggregate a bulk of analytical data. How to use these data is a strategic objective of your investors. You should remember about this challenge from the first days...

00:23

Mapping the future direction for quantum research Lifeboat News: The Blog

The way research in quantum technology will be taken forward has been laid out in a revised roadmap for the field.

Published today in the New Journal of Physics, leading European quantum researchers summarise the fields current status, and examine its challenges and goals.

In the roadmap:

00:22

Scientists discover chemical which can kill glioblastoma cells Lifeboat News: The Blog

Aggressive brain tumour cells taken from patients self-destructed after being exposed to a chemical in laboratory tests, researchers have shown.

The study could be the first step in tackling cancers like , which led to Dame Tessa Jowells death earlier this year.

The research, led by the University of Leeds, found that the synthetic , named KHS101, was able to cut the energy source of from glioblastoma, leading to the death of the .

00:05

[CVE-2018-11771] Apache Commons Compress 1.7 to 1.17 denial of service vulnerability Open Source Security

Posted by Stefan Bodewig on Aug 16

CVE-2018-11771: Apache Commons Compress 1.7 to 1.17 denial of service vulnerability

Severity: Low

Vendor:
The Apache Software Foundation

Versions Affected:
Apache Commons Compress 1.7 to 1.17

Description:
When reading a specially crafted ZIP archive, the read method of
ZipArchiveInputStream can fail to return the correct EOF indication
after the end of the stream has been reached. When combined with a
java.io.InputStreamReader this can lead...

00:02

Hologram Computers, MobiAq, Illuminair, holographic computer, virtual reality, Augmented Virtuality, holography, computer, hologram, virtual projection, developed technology, realty wide-screen, Gaming PCs, Gaming Laptops, Desktop Workstations, Gaming consoles, 4K Gaming systems, Whiteboard, 2d animation, 3D animation, Motion Graphics, Touch Wireless Controllers, self-contained, computer animation, optimum geometric configuration, integrated computers, interactive holographic display, holographic recordings, computing innovation, computer-generated images, Virtual Reality Glasses, Hybrid Reality, communications, Holographic platform, AR, VR, PC, lifelike experience, 3D cameras, cosmic computing, computer security, gaming displays, in-flight entertainment, computer code, Holographic ideal/paradigm, gaming mechanics, automotive, medical, space, spatial, holographic memory, Artificial Neural Networks, Robotics, holographic 3D, software company, mixed-realty, holographic data, hologram monitors, hologram keyboards, voice equipment, projector system, Holographic apps, HD photography, smartphones, tablets, TVs, laptops, digital displays, 360 Video, Virtual Realty Headsets, Mobile Platforms, holographic universe, ubiquitous computing paradigm, virtual images, Holoquad, Holographic Projector Pyramid, cloud computing, spaceships, teleportation, anti-gravity devices, emulation, advanced technology, light field displays, Mobile Hologram Technology, computer programs, untethered, Immersive Technology, Computer Chips, Elohim computer, custom software, mobile application development, computing library, human-computer interactions, Artificial Neural Networks, holographic memory, Spider-Robots, pop-up gaming displays, automate machinery, computer-generated simulation, 3D Pyramid, consumer electronics, personal computers, holographic images, real-world objects, hardware interconnection, missionary, virtual assistant, Computer Systems Structure, two-dimensional computer display, computerization, Projection Screen, Portable, 3D printer, Hologram goggles, 3D Holographic Projection Technology, Hologram Computer Table, hologram generator, multilevel computer, mixed reality, Bluetooth enabled, Virtual Reality Display, transparent screen display, quantum computer, computer animation, 3D plasma display, meta surface, Dark Energy, holographic interferograms, photorefractive, Holographic atomic memory, computer-generated hologram, real-time hologram, x-ray mirror mandrels, virtual wavefront recording plane, Artificial intelligence, AI, Human Resources, Advertising, Animation, Graphic Web Design, Photography, Robotics, computer science, human-robot interaction, Emergency Medical Hologram, wearable computing, bio-computing, battlefield simulations, Holographic Associative Memory, artificial neural network, Digital Avatar Lifeboat News: The Blog

Computing innovation, computer-generated images, Virtual Reality Glasses, Hybrid Reality, communications, Holographic platform, AR, VR, PC, lifelike experience, 3D cameras, cosmic computing, computer security, gaming displays, in-flight entertainment, computer code, Holographic ideal/paradigm, gaming mechanics, automotive, medical, space, spatial, holographic memory, Artificial Neural Networks, Robotics, holographic 3D, software company, mixed-realty, holographic data, hologram monitors, hologram keyboards, voice equipment, projector system, Holographic apps, HD photography, smartphones, tablets, TVs, laptops, digital displays, 360 Video, Virtual Realty Headsets, Mobile Platforms, holographic universe, ubiquitous computing paradigm, virtual images, Holoquad, Holographic Projector Pyramid, cloud computing, spaceships, teleportation, anti-gravity devices, emulation, advanced technology, light field displays, Mobile Hologram Technology, computer programs, untethered, Immersive Technology, Computer Chips, Elohim computer, custom software, mobile application development, computing library, human-computer interactions, Artificial Neural Networks, holographic memory, Spider-Robots, pop-up gaming displays, automate machinery, computer-generated simulation, 3D Pyramid, consumer electronics, personal computers, holographic images, real-world objects, hardware interconnection, missionary, virtual assistant, Computer Systems Structure, two-dimensional computer display, computerization, Projection Screen, Portable, 3D printer, Hologram goggles, 3D Holographic Projection Technology, Hologram Computer Table, hologram generator, multilevel computer, mixed reality, Bluetooth enabled, Virtual Reality Display, transparent screen display, quantum computer, computer animation, 3D plasma display, meta surface, Dark Energy, holographic interferograms, photorefractive, Holographic atomic memory, computer-generated hologram, real-time hologram, x-ray mirror mandrels, virtual wavefront recording plane, Artificial intelligence, AI, Human Resources, Advertising, Animation, Graphic Web Design, Photography, Robotics, computer science, human-robot interaction, Emergency Medical Hologram, wearable computing, bio-computing, battlefield simulations, Holographic Associative Memory, artificial neural network, Digital Avatar.

00:01

Jump Start Your Car With A Drill Battery Hackaday

Sometimes, you move to a new city, and things just arent going your way. Youre out of cash, out of energy, and thanks to your own foolishness, your cars battery is dead. You need to jump-start the car, but youre feeling remarkably antisocial, and you dont know anyone else in town you can call. What do you do?

Its not a problem, because youre a hacker and you have a cordless drill in the back seat of your car. The average drill of today tends to run on a nice 18 volt lithium battery pack. These packs are capable of delivering large amounts of current and can take a lot of abuse. This is where they come in handy.

Typically, when jump starting a car, another working vehicle is pulled into place, and the battery connected in parallel with the dead battery of the disabled vehicle. Ideally, the working vehicle is then started to enable its alternator to provide charge to the whole system to avoid draining its own battery. At this point, the disabled vehicle can be started and its alternator can begin to recharge its own battery. After disconnecting everything, youre good to go.

...

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Thursday, 16 August

23:56

James Bottomley on Linux, Containers, and the Leading Edge

Its no secret that Linux is basically the operating system of containers, and containers are the future of the cloud, says James Bottomley, Distinguished Engineer at IBM Research and Linux kernel developer. Bottomley, who can often be seen at open source events in his signature bow tie, is focused these days on security systems like the Trusted Platform Module and the fundamentals of container technology.

23:52

New stable kernels LWN.net

Greg Kroah-Hartman has released a new batch of stable kernels: 4.18.1, 4.17.15, 4.14.63, 4.9.120, and 4.4.148. These include the fixes for the L1 terminal fault vulnerability and a few other fixes here and there. Users should upgrade.

23:43

CyberSights RansomStopper 3.0 maximizes protection against ransomware attacks Help Net Security

CyberSight announced the availability of RansomStopper 3.0 for Business. RansomStopper 3.0 includes enhancements ranging from auto-start protection to improved visualization of an enterprises security posture. Customer and industry reaction to RansomStopper has been spectacular, said Tim McElwee, CEO and Founder of CyberSight. RansomStoppers ability to detect and stop ransomware is rated Excellent in independent testing and the product is now being used in over 50 countries by consumers, SMBs and enterprises. Version 3.0 takes RansomStopper More

The post CyberSights RansomStopper 3.0 maximizes protection against ransomware attacks appeared first on Help Net Security.

23:42

Human wastewater valuable to global agriculture, economics, study finds Lifeboat News: The Blog

It may seem off-putting to some, but human waste is full of nutrients that can be recycled into valuable products that could promote agricultural sustainability and better economic independence for some developing countries.

Cities produce and must manage huge quantities of . Researchers at the University of Illinois at Urbana-Champaign have developed a model to clarify what parts of the world may benefit most from re-circulation of human-waste-derived nitrogen, potassium and phosphorus from cities and back into farm fields. They report their findings in the journal Nature Sustainability.

We grow our in the field, apply nutrient-rich fertilizers, eat the crops, excrete all of the nitrogen, phosphorus and potassium and then those nutrients end up at the , said Jeremy Guest, a civil and environmental engineering professor and study co-author. It is a very linear, one-directional flow of resources. Engineering a more circular nutrient cycle would create opportunities that could benefit the environment, economy and agriculture.

23:42

A way to get green revolution crops to be productive without needing so much nitrogen Lifeboat News: The Blog

A team of researchers from the Chinese Academy of Sciences, the Academy of Agriculture and Forestry Sciences in China and the University of Oxford in the U.K. has found a way to grow green revolution crops using less nitrogen with no reduction in yield. In their paper published in the journal Nature, the group describes their research efforts and the results they found when planting newly developed plant varieties. Fanmiao Wang and Makoto Matsuoka with Nagoya University offer a News & Views piece on the work done by the team in the same journal issue.

The green revolution was characterized by big increases in crop production in developing countriesit came about due to the increased use of pesticides, fertilizers and changes in crop varieties used. One of the changes to the crops came about as and wheat plants were bred to grow less tall to prevent damage from wind and rain. While this resulted in improved yields, it also resulted in the use of more nitrogen-based fertilizers, which are environmentally harmful. In this new effort, the researchers wondered if it might be possible to re-engineer green-revolution crop varieties in such a way as to restrict height and therefore retain high productivity, while also using nitrogen more efficiently.

Prior research had shown that proteins in the DELLA family reduced plant growth. Crop breeding in the 1960s led to varieties of rice and wheat with genetic mutations that allowed the proteins to build up in the plants, thus stunting their growth. Unfortunately, DELLA proteins have also been found to be the cause of inefficient nitrogen use in the same as a result, farmers used more of it to increase yields. To overcome this problem, the researchers crossbred varieties of rice to learn more, and found that the transcription factor OsGRF4 was associated with nitrogen uptake. Using that information, they engineered some varieties of rice to express OsGRF4 at higher levels, which, when tested, showed higher uptake of nitrogen. The team then planted the varieties they had engineered and found that they required less nitrogen to produce the same yieldsand they were just as stunted. They therefore claim that it is possible to grow that require less

23:41

Hackers steal $13.5 million from Indian bank in global attack Graham Cluley

Hackers steal $13.5 million from Indian bank in global attack

Hackers planted malware on an automated teller machine (ATM) server belonging to an Indian bank as part of a criminal scheme which saw the theft of nearly 944 million rupees (US $13.5 million) in a co-ordinated attack across 28 countries last weekend.

Read more in my article on the Tripwire State of Security blog.

23:27

Security updates for Thursday LWN.net

Security updates have been issued by Debian (fuse), Fedora (cri-o, gdm, kernel-headers, postgresql, units, and wpa_supplicant), Mageia (iceaepe, kernel-linus, kernel-tmb, and libtomcrypt), openSUSE (aubio, libheimdal, nemo-extensions, and python-Django1), Red Hat (flash-plugin), SUSE (apache2, kernel, php7, qemu, samba, and ucode-intel), and Ubuntu (gnupg).

23:11

Australian State Government Bans TV News Channel from Train Stations SoylentNews

The state of Victoria, Australia has banned broadcasting of Sky News from the underground loop stations in Melbourne's train network.

The ban comes after Sky (owned by Rupert Murdoch's NewsCorp) broadcast an interview with far-right activist Blair Cottrell. Cottrell, the leader of the United Patriots Front, has convictions for arson, burglary and racial vilification, has advocated violence against women and has called for portraits of Adolf Hitler to be hung in school classrooms.

Victoria's transport minister, Jacinta Allen, has defended the decision against claims of censorship, stating that "Hatred and racism have no place on our screens or in our community." ... "If people want to watch Sky News in their own homes, they can do that to their heart's content," she said. "Any material that uses our public transport assets to promote itself needs to be appropriate."


Original Submission

Read more of this story at SoylentNews.

22:58

SevenTorrents Shuts Down After 10 Years; Moves Database To New Torrent Site TechWorm

SevenTorrents bids adieu after 10 years; transfers database to WatchSoMuch

SevenTorrents has decided to call it a day after having a long stint of 10 years in the torrent industry. The torrent index who announced its retirement has serviced more than 40 million unique users over the past 10 years, reports TorrentFreak.

For those unaware, SevenTorrents has been serving torrents for around 10 years. Last year, it serviced around six million unique visitors and has around 200,000 members.

Although SevenTorrents has decided to pull its curtains, it has transferred its user database to a brand-new torrent site, WatchSoMuch.

The SevenTorrents homepage displays the following message:

Dear SevenTorrents Lovers

We have been serving you for near 10 years and served over 40 Million visitors, with all troublems including copyright complaints, limitations, domain bans and ., we were able to keep this site up and running and make our visitors satisfied.

Today we have decided to retire. But this is not the end for you and we will not let you down, there is a good news for you. We have talked with the owners of our professional friend site WatchSoMuch which is doing same thing as we were doing but in a better way, it has a super fast search and modern and mobile friendly design.

We have transferred all the data and members to there, please visit and continue using your account in WatchSoMuch with same password and enjoy.

SevenTorrents will be up for few days but we no longer update this site.
We promise this event will look like a change of address and layout to you. there is no difference the data will be better and more complete, all data including movies, torrents, activities, comments have been transferred to WSM so you will feel like home.

Farewell
SevenTorrents Team

The transfer of SevenTorrents user database to WatchSoMuch (WSM) a site that only surfaced in June has raised privacy concerns for users as their data is being transferred to WatchSoMuch.

When TorrentFreak contacted SevenTorrents highlighting the privacy concerns raised by users, the latter said that the users shouldnt be worried.

[T]he announcement on Facebook you can see real people reactions, none of the comments in there nor the emails we received show any worries about their data, except people are sad, and asking us not to close this site, SevenTorrents told TorrentFreak.

...

22:57

A Look At Linux Gaming Performance Scaling On The Threadripper 2950X Phoronix

On Monday when the launch embargo expired on the Threadripper 2950X and Threadripper 2990WX I hadn't run any gaming benchmarks since, well, most games even on Windows can't scale out to 32 threads let alone 64 threads... Especially on Linux. It's far more practical getting these Threadripper 2 processors if you want to compile with 32 or 64 make jobs -- among many other common multi-threaded Linux workloads -- versus using this $899 or $1799 processor for a Linux gaming system. But if you are curious how Linux games scale with the Threadripper 2950X, here are some benchmark results when testing both AMD Radeon and NVIDIA GeForce graphics.

22:57

Americans Own Less Stuff, and Thats Reason to Be Nervous Lifeboat News: The Blog

What happens when a nation built on the concept of individual property ownership starts to give that up?

22:28

Ex-NSA hacker proves how easily macOS user warnings can be bypassed by malware HackRead

By Uzair Amir

Apple is generally considered reliable in making safe and secure software. It is widely believed that the company works really hard to make the defense mechanism of its OS and devices strong enough to evade malware infections and another malicious coding. However, days of blindly trusting any firm including Apple are long gone..or so it []

This is a post from HackRead.com Read the original post: Ex-NSA hacker proves how easily macOS user warnings can be bypassed by malware

22:25

Instagram hack locking users out of their accounts TechWorm

Instagram hack: Users become victims of a strange account locking hack

In a widespread Instagram hacking campaign, hundreds of users are reporting that their accounts have been compromised. Besides losing access to the Instagram account, the profile image, email address, phone number, and bios related to the accounts of the affected users have been changed too.

Instagram Users Reporting Strange Hacks

Instagram users have been reporting of the bizarre hack since the beginning of August. Users are reporting that they are getting logged out of their account, and if they try to log in again, it shows that their username no longer exist. The affected users also found hackers had altered their profile info and changed contact details.

Many of them saw their profile pictures typically set to a Disney or Pixar character with the new email addresses switching to a Russian .ru email address. Also, their bios and personal information have been deleted.

My account has been hacked! Username, email, and password have been changed. Now someone called Laitus Maria has all my pics, one Instagram user complained. While another disgruntled user tweeted:

Instagram responds to the widespread hack

The Facebook-owned app in a blog post said that people who have been locked out of their accounts can regain access here with a new, secure email address.

The company wrote, If you received an email from us notifying you of a change in your email address, and you did not initiate this change, please click the link marked revert this change in the email, and then change your password. We advise you pick a strong password.

...

22:22

USPTO Craziness: Changing Rules to Punish PTAB Petitioners and Reward Microsoft for Corruption at ISO Techrights

Mr. Iancu and his colleagues do not appear to understand (or care) that they are rewarding Microsoft for epic corruption at ISO and elsewhere

No-OOXML

Summary: The US patent office proposes charging/imposing on applicants that are not customers of Microsoft a penalty; theres also an overtly and blatantly malicious move whose purpose is to discourage petitions against wrongly-granted (by the USPTO) patents

THE previous post spoke about how the Federal Circuit rejects software patents, as does the Patent Trial and Appeal Board (PTAB). An inter partes review (IPR) is almost guaranteed to thwart any software patent if it is applied to one (not a cheap process, but a lot more affordable than a court battle, which can only be initiated by patent holders).

Iancu was a pick of the notoriously corrupt Trump, whose firm had previously worked for Trump. Coincidence?It is no secret that Director Iancu wrote articles in support of software patents and software patents are not valid anymore, based on what the SCOTUS has decided. This means that the person whom Trump put in charge of the patent office in inherently is disagreement with patent courts. An untenable situation? Iancu was a pick of the notoriously corrupt Trump, whose firm had previously worked for Trump. Coincidence?

Either way, everything we have seen so far confirms our worst fears that Iancu would work for the patent microcosm rather than for science and technology. The patent system was conceived to serve that latter group, not a bunch of lawyers, but things have changed since conception and nowadays the Office is adding yet more fees that make expensive lawyers a must to some. With prohibitive costs, too (maybe $200 per hour). Punishing poor companies, obviously.

Docket Navigator has been covering quite a few 35 U.S.C. 285 cases/motions lately, with some being successful, i.e...

21:45

2.6 billion records exposed in 2,300 disclosed breaches so far this year Help Net Security

Risk Based Security released its Mid-Year 2018 Data Breach QuickView report, showing there have been 2,308 publicly disclosed data compromise events through June 30th. After a surprising drop in the number of reported data breaches in first quarter, breach activity appears to be returning to a more normal pace. At the mid-year point, 2018 closely mirrors 2016s breach experience but still trails the high water mark set in 2017. 2018 has been a curious year. More

The post 2.6 billion records exposed in 2,300 disclosed breaches so far this year appeared first on Help Net Security.

21:45

Linux 4.19 Goes Ahead And Makes Lazy TLB Mode Lazier For Small Performance Benefit Phoronix

Last month I wrote about lazy TLB mode improvements on the way to the mainline kernel and this week the changes were indeed merged for the in-development Linux 4.19 kernel...

21:44

Re: OpenSSH Username Enumeration Open Source Security

Posted by Matthew Daley on Aug 16

I've written a POC for this issue, located at
https://bugfuzz.com/stuff/ssh-check-username.py . It requires the
Paramiko library (http://www.paramiko.org/) to be available. It does
some gross monkey patching of Paramiko to force it into sending an
invalid `SSH2_MSG_USERAUTH_REQUEST` and intercepting the potentially
resultant `SSH2_MSG_USERAUTH_FAILURE` but seems to work well enough. A
sample usage is as follows:

$ nc test.internal 22...

21:34

Researchers Unearth Remarkable Horse 'Shoes' SoylentNews

Alex Meyer continues to be in awe of the treasure trove that is Vindolanda.

For years, the former Roman auxiliary fort, located just south of Hadrian's Wall in northern England, has yielded a number of finds unique to the site and to the former empire. To date, excavations have yielded well-preserved artefacts such as ink tablets, shoes, combs, swords and textiles.

Meyer, a Roman historian and Classical Studies professor at Western, was recently part of a team that unearthed four early Roman hipposandals shoes worn by horses at Vindolanda.

"The most interesting thing about this is we found all four of the hipposandals. It's rare and remarkable to find one, but to find all four, deposited like this, is really cool. I've seen one other set of four in all my days," Meyer said.

[...] Vindolanda, a designated UNESCO World Heritage Site, which housed some of the most famous documents of the Roman world, has been a location of study for Classical Studies students since 2012, when Western's Field School at Vindolanda was developed by professors Meyer and Elizabeth Greene, a Roman archeologist. Over the years, the pair has acted as supervisors for excavations and volunteer programs at the fort. The school provides training in field excavation, archaeology and history of Roman Britain for students through excavations and the first-hand study of Roman artefacts unearthed at the site.

It is believed that Romans did not use actual horseshoes, which are nailed into the hoof of the horse, Meyer explained. The unearthed hipposandals are more like actual shoes, resembling "soup ladles," which would wrap around the sole of a horse's foot.

[...] "This shows that the use of hipposandals is not just isolated to rocky terrain in the mountains where horses' feet would have to be protected, but in Vindolanda, where there is little rock and lots of grass fields, there is still a use for hipposandals."


Original Submission

Read more of this story at SoylentNews.

21:28

L1TF / Foreshadow Mitigations Land In Linux 4.18 / 4.17 / 4.14 / 4.9 / 4.4 Kernel Update Phoronix

Linux stable maintainer Greg Kroah-Hartman has released new updates across the Linux 4.18, 4.17, 4.14, 4.9, and 4.4 kernel channels to address the recently exposed L1 Terminal Fault "L1TF" / Foreshadow Meltdown-like CPU vulnerability affecting Intel processors...

21:12

The Demise of US Software Patents Continues at the Federal Circuit Techrights

Courts decline and the judiciary rejects such patents, leading to a decline in such patent grants as well

A decline

Summary: Software patents are rotting away in the United States; it remains to be seen when the U.S. Patent and Trademark Office (USPTO) will truly/fully honour 35 U.S.C. 101 and stop granting such patents

THE situation in 2018 is probably worse for software patents than it has ever been (except before such patents were introduced, a few decades after software itself had emerged). The Federal Circuit continues to affirm inter partes reviews (IPRs) undertaken by the Patent Trial and Appeal Board (PTAB) at the USPTO in (re)assessing software patents, so why does the USPTO still grant any such patents? That merely harms confidence is US patents and collectively reduces their value.

That merely harms confidence is US patents and collectively reduces their value.As we often note here, the USPTO continues granting far too many abstract patents because of tricks like calling these apparatus (examples from yesterday) and buzzwords like AI. In spite of knowing courts would void these, examiners let them be. See this day-old survey of newly-granted patents; many of them sound very abstract and here's why they're still being granted. Theres more money in granting than in rejecting, but what would be the fate of the office if it kept granting patents only for them to be rendered invalid later?

it seems like CAFC is pretty consistent in such rulings and its therefore unsurprising that the patent microcosm attacks CAFC and its judges. These maximalists cannot think of any other strategy.In the United States patent courts not Office (PTO) software patents are pretty much dead, but its expensive to show this....

21:01

Welcome to the Internet of Swords Hackaday

As has been made abundantly clear by the advertising department of essentially every consumer electronics manufacturer on the planet: everything is improved by the addition of sensors and a smartphone companion app. Doesnt matter if its your thermostat or your toilet, you absolutely must know at all times that its operating at peak efficiency. But why stop at household gadgets? What better to induct into the Internet of Things than 600 year old samurai weaponry?

Introducing the eKatana by [Carlos Justiniano]: by adding a microcontroller and accelerometer to the handle of a practice sword, it provides data on the motion of the blade as its swung. When accuracy and precision counts in competitive Katana exhibitions, a sword that can give you real time feedback on your performance could be a valuable training aid.

The eKatana is powered by an Adafruit Feather 32u4 Bluefruit LE and LSM9DS0 accelerometer module along with a tiny 110 mAh LiPo battery. Bundled together, it makes for a small and unobtrusive package at the base of the swords handle. [Carlos] mentions a 3D printed enclosure of some type would be a logical future improvement, though a practice sword that has a hollow handle to hold the electronics is probably the most ideal solutio...

20:38

Smashing Security #091: Sextortion, Las Vegas hotels, and Alex Jones Graham Cluley

Just how did sextortionists get (some) of the digits in your phone number? Why are some hackers saying they wont be going to DEF CON in Las Vegas anymore? And should Alex Jones from InfoWars be banned from Twitter?

All this and much more is discussed in the latest edition of the award-winning Smashing Security podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.

20:11

How Blockchain and the Auto Industry Will Fit Together

At this point, most of the specific potential uses for blockchain in various industries are quite speculative and a number of years out, says Gordon Haff, technology evangelist at Red Hat. What we can do, though, is think about the type of uses that play to blockchain strengths.

20:04

Almost Two Months After the ILO Ruling Staff Representative Brumme is Finally Back on the Job at EPO Techrights

A photo of Ion Brumme

Summary: Ion Brumme (above) gets his position at the EPO back, owing to the Administrative Tribunal of the International Labour Organization (ILO-AT) ruling back in July; things, however, arent rosy for the Office as a whole

THE EPOs peculiar affairs with justice go quite some while back. Things culminated in early 2015 when the EPOs management refused to obey a Dutch courts ruling regarding SUEPO. Aside from that, the EPO had become notorious for its kangaroo courts a staged notion of justice (or mere theatre) as later confirmed by ILO-AT.

Even a petition regarding patent quality needed to be made anonymous and it did not receive sufficient press coverage (not as much as it deserved anyway).Well, belatedly (as was the case with Judge Corcoron) the EPO is complying with court rulings from ILO-AT. It is better late than never, the saying goes, but they had to eventually do it, even cursorily, otherwise it would count as eternal contempt of the courts.

IPPro Patents wrote about Ion Brumme, naming Aurlien Ptiaud, Michael Lund, Laurent Prunier and Elizabeth Hardon. If someone can pass to us the full message from Brumme, that would be appreciated. The article contains many fragments from it, but not the original in its entirety. To quote a couple of portions:

European Patent Office (EPO) president Antnio Campinos must give back the staff their voice, according to Ion Brumme, chairman of the Staff Union of the EPO (SUEPO) Munich section.

Brumme was speaking in a message circulated to SUEPO on the day (15 August) he returned to active duty at the EPO following his dismissal two and a half years ago.

In the message Brumme revealed he had returned to the office after the International Labour Organisation (ILO) exonerated him and his colleague Malika Weaver.

Brumme specifically addressed Campinos, asking him to stop the persecutions of union officials and staff representatives.

Some are still undergoing unnecessary disciplinary procedures and ILO complaints. You can put an end to this chapter. Give back the staff their voice, their pride and their dignity.

[...]

...

19:57

Trump Administration Expected to Propose Limiting Citizenship for Legal Immigrants SoylentNews

CBS News reports:

The Trump administration is expected to issue a proposal in coming weeks that would make it harder for legal immigrants to become citizens or get green cards if they have ever used a range of popular public welfare programs, including Obamacare, four sources with knowledge of the plan told NBC News.

The move, which would not need congressional approval, is part of White House senior adviser Stephen Miller's plan to limit the number of migrants who obtain legal status in the U.S. each year.

[...] Though its effects could be far-reaching, the proposal to limit citizenship to immigrants who have not used public assistance does not appear to need congressional approval. As the Clinton administration did in 1999, the Trump administration would be redefining the term "public charge," which first emerged in immigration law in the 1800s in order to shield the U.S. from burdening too many immigrants who could not contribute to society.


Original Submission

Read more of this story at SoylentNews.

19:45

Linux Kernel Diverts Question To Distros: Trust CPU Hardware Random Number Generators? Phoronix

In a controversial move, the Linux kernel will be pushing the question off to distribution vendors on whether to put trust in CPU hardware random number generators...

19:39

What is CI/CD?

Continuous integration (CI) and continuous delivery (CD) are extremely common terms used when talking about producing software. But what do they really mean? In this article, I'll explain the meaning and significance behind these and related terms, such as continuous testing and continuous deployment.

19:22

Some Of The Smaller Features Hitting The Linux 4.19 Kernel This Week Phoronix

Here is a look at some of the smaller features landing in the Linux 4.19 kernel this week in a variety of different subsystems...

19:15

Cloud computing remains top emerging business risk Help Net Security

Cloud computing ranks as the top risk concern for executives in risk, audit, finance and compliance, according to the latest survey by Gartner. In Gartners latest quarterly Emerging Risks Report, 110 senior executives in risk, audit, finance and compliance at large global organizations identified cloud computing as the top concern for the second consecutive quarter. Additional information security risks, such as cybersecurity disclosure and GDPR compliance, ranked among the top five concerns of the executives More

The post Cloud computing remains top emerging business risk appeared first on Help Net Security.

19:03

NASA 60th: Whats Out There Lifeboat News: The Blog

Click on photo to start video.

During our past 60 years of existence, weve advanced our understanding of NASA Solar System Exploration and beyond by continually asking Whats out there?. Learn more about our story of exploration, innovation and discovery:

Click on photo to start video.

#NASA60th

19:02

In race for better batteries, Japan hopes to extend its lead Lifeboat News: The Blog

TOKYO Imagine electric cars that can travel 700km to 800km on a single charge, twice as far as they do today. Imagine batteries that are smaller, safer and pack more punch than the lithium-ion cells that power our gadgets now.

Such is the promise of solid-state batteries. Capable of holding more electricity and recharging more quickly than their lithium-ion counterparts, they could do to lithium-ion power cells what transistors did to vacuum tubes: render them obsolete.

As their name implies, solid-state batteries use solid rather than liquid materials as an electrolyte. That is the stuff through which ions pass as they move between the poles of a battery as it is charged and discharged. Because they do not leak or give off flammable vapor, as lithium-ion batteries are prone to, solid-state batteries are safer. They are also more energy-dense and thus more compact.

18:55

eBook: Windows PowerShell Scripting Tutorial Help Net Security

This PowerShell tutorial opens with an introduction to PowerShell scripting basics. It guides you through various topics, starting with launching PowerShell and preparing to run PowerShell scripts. Learning these basics will help you easily perform virtually any administration task in your Windows IT environment. In this eBook youll find: PowerShell (PS) Scripting Basics Top 10 Active Directory Management Tasks with PS Top 10 File System Management Tasks with PS Automating PS Scripts How to More

The post eBook: Windows PowerShell Scripting Tutorial appeared first on Help Net Security.

18:48

TRON: Our BitTorrent Plan Might Take Two Decades TorrentFreak

Back in May, TF broke the news that Justin Sun, the entrepreneur behind the popular cryptocurrency TRON, was in the process of acquiring BitTorrent Inc.

Two months later, BitTorrent Inc. and the TRON Foundation confirmed the acquisition.

With this acquisition, BitTorrent will continue to provide high quality services for over 100M users around the world. We believe that joining the TRON network will further enhance BitTorrent and accelerate our mission of creating an Internet of options, not rules, BitTorrent Inc. said.

TRONs Justin Sun added that the acquisition of BitTorrent supports his foundations goal to decentralize the web but more concrete details beyond this vision have proven elusive. The entrepreneur has mentioned the possibility of rewarding BitTorrent seeders but that raises even more questions.

This week, in celebration of TRONs US and China teams meeting up for the first time, Sun dangled some additional information on why the acquisition took place and what TRONs plans are for the future.

Contrary to speculation, the main reason for the acquisition isnt BitTorrents more than 100M active users, and it isnt for an amazing commercial opportunity, Sun said.

Yes, these things are great perks, but the more important reason is that BitTorrent has always been committed to one value, which is Democratize the Internet. This is very much in line with TRONs Decentralize the Web. The fact that our values are in sync is the driving force behind this acquisition.

Following a short history lesson on Web 1.0 through to todays Web 3.0, Sun highlighted BitTorrent achievements in the decentralized arena, which enabled people to envision a totally decentralized Internet in the future. However, profit-focused companies like Google, Apple, Facebook, Amazon, and Netflix eventually stepped in with models that only served to further centralize the Internet.

The mistrust in centralization naturally results in a public reaction where people are expecting government intervention to monitor big tech companies. However, history itself has been telling us repeatedly that the involvement of a more centralized power will only worsen the problem, Sun said....

18:30

Trend Micro launches product to protect telecom networks serving business and home users Help Net Security

Trend Micro announced the launch of a product that enables telecom carriers as well as service and cloud providers to protect telecom networks. This solution is customized for network function virtualization architectures, which networks are being built upon. The telecom industry is undergoing a profound change as service providers scramble to support the proliferation of devices available on the market and future-proof networks for the coming 5G standard, said Eva Chen, CEO of Trend Micro. More

The post Trend Micro launches product to protect telecom networks serving business and home users appeared first on Help Net Security.

18:27

SSIC advances cyber risk analytics with new release Help Net Security

Secure Systems Innovation Corporation (SSIC) is announcing the upcoming release of X-Analytics 2.0, its patented cyber risk analytics model. The new release includes several additions to deliver cyber risk analytics to customers: Interactive data visualization: The new release now leverages Tableau, technology to create compelling, impactful data visualization stories, transforming cyber risk financial analysis into executive and board-level outputs. Cybersecurity ROI analysis: The new release now illustrates the results from pre-built what-if cyber risk simulations More

The post SSIC advances cyber risk analytics with new release appeared first on Help Net Security.

18:26

BAE Systems and Splunk secure U.S. government clouds through machine learning Help Net Security

BAE Systems announced a new collaboration with Splunk to integrate Splunk Enterprise into its government cloud solution. The federated secure cloud, developed by BAE Systems and Dell EMC, is a scalable, hybrid cloud solution designed from the ground up to meet both the mission needs and security requirements for any US Intelligence Community, Department of Defense (DoD), or federal/civilian government organization. The security tools and advanced machine learning algorithms included with Splunk Enterprise automate the More

The post BAE Systems and Splunk secure U.S. government clouds through machine learning appeared first on Help Net Security.

18:23

Alkemist: Harden vulnerable embedded systems and devices Help Net Security

RunSafe Security announced the availability of Alkemist, a proprietary self-service technology built to reduce vulnerabilities and deny malware the uniformity needed to execute. Previously known as Software Guardian, Alkemist uses deployable software binary runtime application self-protection (RASP) methods to reduce risk by precluding exploits from spreading across multiple devices and networks. Originally born out of a research project for the Advanced Research Projects Agency of the Department of Defense, Alkemist is the self-service cyberhardening tool More

The post Alkemist: Harden vulnerable embedded systems and devices appeared first on Help Net Security.

18:22

US targets a megawatt laser by 2023 and then deployment in drones and satellites for hypersonic and ICBM defense Lifeboat News: The Blog

The US Congress wants the Missile Defense Agency (MDA) to rapidly develop and demonstrate a boost-phase ICBM (and hypersonic weapon) intercept capability as soon as practicable.

Space-based laser weapons technology is one of the options.

18:20

Bridge Collapses in Genoa, Kills Over 20 People SoylentNews

https://www.npr.org/2018/08/14/638462800/suspension-bridge-on-busy-highway-partially-collapses-in-genoa:

A long section of the towering Ponte Morandi Bridge completely collapsed in Genoa, Italy, on Tuesday, sending cars and trucks on the A10 highway crashing down below. Dozens of people died in the bridge failure, officials say.

As news emerged from the chaotic scene, the death toll fluctuated several times Tuesday. Prime Minister Giuseppe Conte said there were 22 dead, according to public broadcaster Rai News. But Italy's ANSA news agency has reported at least 37 people died, citing the fire brigade.

Workers have found bodies and vehicles in the massive amount of wreckage left by the collapse and at least 11 people have been pulled from the rubble alive, Italian media report.

[...] The disaster struck shortly before noon, when one of the bridge's central pillars collapsed during a violent rainstorm. A witness told ANSA that lightning had struck the bridge before the collapse.

[...] The bridge was built in the late 1960s, at a length of more than 3,600 feet. It had recently been the subject of renovation and repair efforts. Italian roadway company Autostrade says the most recent work included consolidating the viaduct's base a project that included installing a bridge crane.

Besides the obvious news value of this event, I'd be curious of any civil engineers or structural engineers could comment on the engineering behind such things. What causes these types of crumblings to happen, and exactly how reliable is infrastructure around the world?


Original Submission

Read more of this story at SoylentNews.

18:18

SnapLogic accelerates SDLC with new DevOps and automation capabilities Help Net Security

SnapLogic announced DevOps and automation capabilities, including new integration with GitHub and support for Mesosphere to automate elements of continuous integration and continuous delivery (CI/CD). These new enhancements to the SnapLogic Enterprise Integration Cloud provide the companys customer base with self-service application and data integration to streamline and accelerate the software development lifecycle. SnapLogic also announced updates to its Iris AI technologies and a new patterns catalog to help users build integration pipelines. Todays enterprises More

The post SnapLogic accelerates SDLC with new DevOps and automation capabilities appeared first on Help Net Security.

18:01

Theo Jansen Invents A Faster, Simpler, Wind-Powered Strandbeest Hackaday

[Theo Jansen] has come up with an intriguing wind-powered strandbeest which races along the beach with surprising speed and grace. According to [Jansen], it doesnt have hinging joints like the classical strandbeests, so they dont get sand in their joints and you dont have to lubricate them. Its called UMINAMI, which appropriately means ocean wave in Japanese.

There are only videos of it in action to go on so far, but a lot can be gleaned from them. To make it easier to keep track of just a single leg, weve slowed things down and reddened one of them in the banner animation. Those legs seem to be providing a push but the forward motion is more likely supplied by the sails. The second video below shows it being pulled along by the type of strandbeest were all more used to seeing.

What follows is an analysis and best guess about how it works. Or you can just enjoy its graceful undulations in the videos below.

How is it all connected together? There are two sets of horizontal beams which span the length of the strandbeest around halfway down the height. These beams are fixed in length and seem to be for constraining the overall length. There are two sets of them, dividing the wave in the middle and possibly done that way to allow the two sections to tilt sideways independently of each other

...

17:49

Piping botnet: Researchers warns of possible cyberattacks against urban water services Security Affairs

Piping botnet Israeli researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation systems that water simultaneously.

Ben-Gurion University of the Negev (BGU) cyber security researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation systems that water simultaneously. A botnet is a large network of computers or devices controlled by a command and control server without the owners knowledge.

Ben Nassi, a researcher at Cyber@BGU, will be presenting Attacking Smart Irrigation Systems in Las Vegas at the prestigious Def Con 26 Conference in the IoT Village on August 11.

The researchers analyzed and found vulnerabilities in a number of commercial smart irrigation systems, which enable attackers to remotely turn watering systems on and off at will. The researchers tested three of the most widely sold smart irrigation systems: GreenIQ, BlueSpray, and RainMachine smart irrigation systems. Watch the video.

By simultaneously applying a distributed attack that exploits such vulnerabilities, a botnet of 1,355 smart irrigation systems can empty an urban water tower in an hour and a botnet of 23,866 smart irrigation systems can empty good water reservoir overnight, Nassi says. We have notified the companies to alert them of the security gaps so they can upgrade their smart systems irrigation systems firmware.

Water production and delivery systems are part of a nations critical infrastructure and generally, are secured to prevent attackers from infecting their systems. However, municipalities and local government entities have adopted new green technology using IoT smart irrigation systems to replace traditional sprinkler systems, and they dont have the same critical infrastructure security standards.

In the study, the researchers present a new attack against urban water services that doesnt require infecting its physical cyber systems. Instead, the attack can be applied using a botnet of smart irrigation regulation systems at urban water services that are much easier to attack.

...

17:00

Revolving Door: How Security Clearances Perpetuate Top-Level Corruption in the United States Terra Forming Terra

 



What has changed is that all these folks now have their communications recorded and actively tracked.  The prime reason that these clearances have not been revoked is because all these fine chaps are been actively investigated for serious crimes.   Just because it is obvious, does not mean that we have the whole story. 

Add in the continuing provocation of the so called Mueller investigation whose sole achievement to date has been to act as a stalking horse for Clinton wrong doing and you may have a clue as to what is really happening.

The whole world now understands the depth and even the detail of corrupt practice clearly undertaken by the past administration.  All while pretending to investigate Trump.  Meanwhile we have plus 45,000 sealed indictments out there and  a massive wave of high level resignations.  Those are two completely verifiable facts that ring in the sound of a very large door slamming shut.

Even Judge Jeanine finally got the joke.  No need to cancel clearances when they will soon be arrested for high crimes and treason.  In the meantime the silence has been golden and very welcome.

...

17:00

Get The Champagne Out" - The Longest Bull Market Of All Time Terra Forming Terra

 

 

 What was missing for most of this secular bull market was reinvestment in the USA. Most of those investment dollars were clearly going offshore not least because of Obama Administration policy initiatives and promotion of the regulatory State.  The corporations were doing fine, just elsewhere.

This also explains just how easy it was for Trump to succeed in Jaw boning the USA economy back into a robust health.  The Global economy has been expanding and will continue to do so because the whole global population is fully monetizing and accessing cell phone banking.   It is the USA which has been draggging its feet through stupid policy not unlike what has been done at times elsewhere.

Recent shakedowns on Tariffs are all about forcing open negotiations in regard to general trade.  Trump happens to be a free  trader  who understands that it takes two free traders to make it work.  The USA has been as guilty as anyone but so what.  Start a trade war so all bad behavior gets confronted..

Get The Champagne Out": In 14 Trading Days This Becomes The Longest Bull Market Of All Time

...

After 50 years, the patient victims of Leftist oppression finally begin to resist Terra Forming Terra

17:00

Qanon - Gmail drafts supported Global criminality Terra Forming Terra





As I posted a long time ago, the pedophilia conspiracy is the sole stable conspiracy.  For that reason it morphed into the NWO as well and all this has been sustained for generations plausibly tracking back to the seventeenth century when it was still possible to draw on older satanic lore.

What now becomes obvious is that the take down of the NWO is only a side benefit of taking down the global pedophile network. All the activity i have been reporting on is aimed first at the pedophiles.   This was a bit of a surprise at first but it is also inevitable.  Read these items just now coming in on the Q feed.

The big shock is that Google operated a clandestine network outside the USA to accommodate the Muslim brotherhood and likely drug traffickers and of course child trafficking. 

We also learn that a program is presently underway shutting down countries involved.  This is well underway although we are looking at the easy ones in which we have been engaged.  Not mentioned in this list is Pakistan and conditions there supplies feudal lords who have serfs to sell.

Q has quite suddenly brought it all up front and center.  This will be the primary cover for the coming mass arrests.  After all only a few were ever political players.  At the same time we now have had two years of visible local law enforcement action as well.  That arresting 50,000 pedophiles also guts the political class is almost unnoticed.  

No wonder ES resigned forthwith as has many others.
.

...

17:00

How Women Came to Dominate Neuroendocrinology - Issue 63: Horizons Nautilus


When Kathleen Morrison stepped onto the stage to present her research on the effects of stress on the brains of mothers and infants, she was nearly seven and a half months pregnant. The convergence was not lost on Morrison, a postdoctoral researcher at the University of Maryland School of Medicine, nor on her audience. If there ever was a group of scientists that would be both interested in her findings and unphased by her late-stage pregnancy, it was this one. Nearly 90 percent were women.

It is uncommon for any field of science to be dominated by women. In 2015, women received only 34.4 percent of all STEM degrees.1 Even though women now earn more than half of PhDs in biology-related disciplines, only 36 percent of assistant professors and 18 percent of full professors in biology-related fields are women.2 Yet, 70 percent of the speakers at this years meeting of the Organization for the Study of Sex Differences (OSSD), where Morrison spoke, were women. Women make up 67 percent of the regular members and 81 percent of trainee members of OSSD, which was founded by the Society for Womens Health Research. Similarly, 68 percent of the speakers at the annual meeting
Read More

The Online Magazine You Cant Read Online - Issue 63: Horizons Nautilus


The latest cover of The Disconnect, a new online magazine, features an animated digital fingerprint that is unique to you, the reader. It tells you what browser youre using, what time zone your clock is set to, and what kind of hardware your computer or device has.

Unlike most magazines and websites, though, this information is not tracked or stored. In fact, the magazines founder and editor, Chris Bolin, cant tell which stories youre reading or how long youve been on the site. Thats because, if youre reading his magazine, youre not on the internet.

When you browse to The Disconnects homepage, youre greeted with an unusual request. Please Disconnect from the Internet. This is an offline-only magazine of commentary, fiction and poetry. Bolin, who is a software engineer, uses a browser feature to check whether youre online, and will only show you an issue when youre not. No cheatingconnecting back online when youre in the middle of a story will hide it.

The magazine presents the reader with a set of paradoxes: It can only be reached online, but cant be read online. It shows you it can track you, but then doesnt.
Read More

Beyond Sexual Orientation - Issue 63: Horizons Nautilus


Lisa Diamonds seventh interview is the one that she remembers best. She had recruited subject 007 at Cornell University, where she was studying how women who express attraction to other women come to understand their sexual identity.  One early evening in 1995, in a conference room on the university campus, she settled down to ask the first question of her subject.

How did 007 currently identify herself on the spectrum of sexual identities? The woman answered that she didnt know. She told Diamond that she had been heterosexual all her life until just that last week, when she suddenly found herself falling in love with her best frienda woman. They had had sex a couple of times, something she described as very satisfying. Part of Diamonds work was to categorize her subjects based on how they self-identified, but 007 wasnt sureso Diamond put her into the unlabeled category.

By the time 007 left after the two hour interview, Diamond had tentatively concluded that the woman would come out as bisexual in her follow-up interview. But 007 never did. The interaction marked the beginning of Diamonds gradual realization that her assumptions about sexuality needed to change. In addition to the static
Read More

16:43

How IoT Devices Empower Companies at the Expense of Consumers SoylentNews

David Rosenthal has written a blog post on how end users may be affected by tort law. Specifically, he discusses two points in The Internet of Torts raised by Rebecca Crootof:

  • Introducing the Internet of Torts, in which she describes "how IoT devices empower companies at the expense of consumers and how extant law shields industry from liability."
  • Accountability for the Internet of Torts, in which she discusses "how new products liability law and fiduciary duties could be used to rectify this new power imbalance and ensure that IoT companies are held accountable for the harms they foreseeably cause."

Original Submission

Read more of this story at SoylentNews.

16:27

PhishPoint Phishing Attack A new technique to Bypass Microsoft Office 365 Protections Security Affairs

Security experts from the cloud security firm Avanan have discovered a new technique dubbed PhishPoint, that was used by hackers to bypass Microsoft Office 365 protections.

PhishPoint is a new SharePoint phishing attack that affected an estimated 10% of Office 365 users over the last 2 weeks.

The experts are warning of the new technique that was already used in attacks by scammers and crooks to bypass the Advanced Threat Protection (ATP) mechanism implemented by most popular email services, Microsoft Office 365.

Over the past two weeks, we detected (and blocked) a new phishing attack that affected about 10% of Avanans Office 365 customers. We estimate this percentage applies to Office 365 globally. PhishPoint marks an evolution in phishing attacks, where hackers go beyond just email and use SharePoint to harvest end-users credentials for Office 365. reads the analysis published by Avanan.

Essentially, hackers are using SharePoint files to host phishing links. By inserting the malicious link into a SharePoint file rather than the email itself, hackers bypass Office 365 built-in security. 

In a PhishPoint attack scenario, the victim receives an email containing a link to a SharePoint document. The content of the message is identical to a standard SharePoint invitation to collaborate.

phishpoint attack

Once the user clicked the hyperlink included in the fake invitation, the browser automatically opens a SharePoint file.

The SharePoint file content impersonates a standard access request to a OneDrive file, with an Access Document hyperlink that is actually a malicious URL that redirects the victim to a spoofed Office 365 login screen.

This landing page asks the victim to provide his login credentials.

Experts highlighted that Microsoft protection mechanisms scan the b...

15:06

SEC Reportedly Subpoenas Tesla Over Take-Private Tweet SoylentNews

Tesla Is Said to Be Subpoenaed by S.E.C. Over Elon Musk Tweet (archive)

Federal securities regulators have served Tesla with a subpoena, according to a person familiar with the investigation, increasing pressure on the electric car company as it deals with the fallout from several recent actions by its chief executive, Elon Musk.

The subpoena, from the Securities and Exchange Commission, comes days after regulators began inquiring about an Aug. 7 Twitter post by Mr. Musk, in which he said he was considering converting Tesla to a private company. In the post, he said that the financing for such a transaction, which would probably run into the tens of billions of dollars, had been "secured."

Tesla shares, a popular target for so-called short sellers who bet on certain stocks losing value, soared about 11 percent on the day Mr. Musk posted the message.

It has become clear since then that neither Mr. Musk nor Tesla had actually lined up the necessary financing aside from having preliminary conversations with some investors.

Musk tweeted[*] that he wanted to take Tesla private at $420 a share. Azealia Banks claimed[**] to have been in Musk's home and witnessed Elon Musk tweeting while using LSD and making frantic calls to shore up funding for a take-private attempt. Maybe Azealia Banks will be called to testify by the SEC?

[*] The actual tweets:

Read more of this story at SoylentNews.

15:00

Zener Diode Tutorial Hackaday

We always enjoy [w2aews] videos, and his latest on zener diodes is no exception. In it, he asserts that all Zener diodes are not created equal. Why? Youll have to watch the video below to find out.

Zener diodes are one of those strange items that have several uses but are not as popular as they once were. There was a time when the Zener was a reasonable way to regulate a voltage inexpensively and easily. Unfortunately the regulation characteristics were not very good, and the power lost was very high. But that was sometimes a reasonable trade, compared to putting a pass transistor and the associated discrete circuitry in place to make a linear regulator. With the advent of chips like the 7800-series regulators, you can have a high-quality regulator with one extra wire and still keep your costs under $1. Even if you want to do better and go with a switching power supply, thats easy now and not much more expensive.

So you dont see as many Zener power supplies as you used to. But there are still cases where they are useful. For example as part of a voltage reference circuit, since they can be reasonably accurate if the load current is constant. They are also useful for clipping voltages, circuit protection, and can even be part of a random number generator that will take advantage of their inherent noise during avalanche operation.

Whats avalanche operation? Watch the end of the video and find out. This isnt the first time weve talked about the lowly Zener. Weve also talked about Zeners and Schottky diodes, too.

13:49

NEW 'Off The Hook' ONLINE 2600 - 2600: The Hacker Quarterly

NEW 'Off The Hook' ONLINE

Posted 16 Aug, 2018 3:49:59 UTC

The new edition of Off The Hook from 15/08/2018 has been archived and is now available online.

13:29

Nvidia Announces Turing Architecture With Focus on Ray-Tracing and Lower-Precision Operations SoylentNews

NVIDIA Reveals Next-Gen Turing GPU Architecture: NVIDIA Doubles-Down on Ray Tracing, GDDR6, & More

The big change here is that NVIDIA is going to be including even more ray tracing hardware with Turing in order to offer faster and more efficient hardware ray tracing acceleration. New to the Turing architecture is what NVIDIA is calling an RT core, the underpinnings of which we aren't fully informed on at this time, but serve as dedicated ray tracing processors. These processor blocks accelerate both ray-triangle intersection checks and bounding volume hierarchy (BVH) manipulation, the latter being a very popular data structure for storing objects for ray tracing.

NVIDIA is stating that the fastest Turing parts can cast 10 Billion (Giga) rays per second, which compared to the unaccelerated Pascal is a 25x improvement in ray tracing performance.

The Turing architecture also carries over the tensor cores from Volta, and indeed these have even been enhanced over Volta. The tensor cores are an important aspect of multiple NVIDIA initiatives. Along with speeding up ray tracing itself, NVIDIA's other tool in their bag of tricks is to reduce the amount of rays required in a scene by using AI denoising to clean up an image, which is something the tensor cores excel at. Of course that's not the only feature tensor cores are for NVIDIA's entire AI/neural networking empire is all but built on them so while not a primary focus for the SIGGRAPH crowd, this also confirms that NVIDIA's most powerful neural networking hardware will be coming to a wider range of GPUs.

New to Turing is support for a wider range of precisions, and as such the potential for significant speedups in workloads that don't require high precisions. On top of Volta's FP16 precision mode, Turing's tensor cores also support INT8 and even INT4 precisions. These are 2x and 4x faster than FP16 respectively, and while NVIDIA's presentation doesn't dive too deep here, I would imagine they're doing something similar to the data packing they use for low-precision operations on the CUDA cores. And without going too deep ourselves here, while reducing the precision of a neural network has diminishing returns by INT4 we're down to a total of just 16(!) values there are certain models that really can get away with this very low level of precision. And as a result the lower precision modes, while not always useful, will undoubtedly make some users quite happy at the throughput, especially in inferencing tasks.

Also of note is the introduction of GDDR6 into some GPUs. The NVIDIA Quadro RTX 8000 will come with 24 GB of GDDR6 memory and a to...

12:03

Why US elections remain dangerously vulnerable to cyber-attacks Lifeboat News: The Blog

Officials have dragged their feet on updating machines and securing data and a climate of fear could undermine voter confidence.

12:02

Google tracks users who turn off location Lifeboat News: The Blog

A study from Associated Press suggests that users are still tracked even if they turn off location history.

12:00

Before Sending A Probe To The Sun, Make Sure It Can Take The Heat Hackaday

This past weekend, NASAs Parker Solar Probe took off for a journey to study our local star. While its mission is well covered by science literate media sources, the equally interesting behind-the-scenes information is a little harder to come by. For that, we have Science News who gave us a look at some of the work that went into testing the probe.

NASA has built and tested space probes before, but none of them were destined to get as close to the sun as Parker will, creating new challenges for testing the probe. The lead engineer for the heat shield, Elizabeth Congdon, was quoted in the article: Getting things hot on Earth is easier than you would think it is, getting things hot on Earth in vacuum is difficult. The team used everything from a concentrated solar facility to hacking IMAX movie projector lenses.

The extreme heat also posed indirect problems elsewhere on the probe. A rocket launch is not a gentle affair, any cargo has to tolerate a great deal of shock and vibration. A typical solution for keeping fasteners in place is to glue them down with an epoxy, but theyd melt where Parker is going so something else had to be done. Its not all high technology and exotic materials, though, as when the goal was to verify that the heat shield was strong enough to withstand up to 20G of acceleration expected during launch, the test team simulated extra weight by stacking paper on top of it.

All that testing should ensure Parker can perform its mission and tell...

11:52

Alexa and Cortana Integration Starts Rolling Out Today SoylentNews

Microsoft's Cortana and Amazon's Alexa digital assistants can now talk to each other. The collaboration between the two assistants was announced last year and was originally due to become available by the end of 2017.

Microsoft showed how the integration would work at its Build conference earlier this year, and what's rolling out today seems little changed from that demo. From a Cortana-native device (a Windows 10 PC, an Xbox, the Harman Kardon speaker), "Hey Cortana, open Alexa" will switch you to speaking to Alexa. From there, you have access to Alexa's full range of shopping (not that anyone seems to really care about that), music, weather, and so on.


Original Submission

Read more of this story at SoylentNews.

11:25

The Hill Interview: Twitter CEO Jack Dorsey explains what got Alex Jones suspended The Hill: Technology Policy

Twitter CEO Jack Dorsey isnt sure if the timeout given to Alex Jones will convince the right-wing conspiracy theorist to reconsider his social media behavior.But Dorsey, in an interview with The Hill the morning after his company handed down a...

11:18

[$] LWN.net Weekly Edition for August 16, 2018 LWN.net

The LWN.net Weekly Edition for August 16, 2018 is available.

10:22

I almost died from a leading American killer: Choking on food Lifeboat News: The Blog

I have a very important and scary story to share I wrote. Give it a read. Its published the Napa Valley Register (the main paper of a community where my wine business is newly located). The article is about one of the most common and unexpected ways people around the world die. I almost did.


I recently completed a European speaking tour discussing transhumanism, a social movement whose primary goal is to live as long as possible through science.

Ironically, Ill probably remember the month-long tour most for a specific 60 secondswhen I almost choked to death on thick, leathery bread in a German restaurant. This may be surprising, but the fourth-leading cause of unintentional death in America is asphyxiation from choking on food, according to the National Safety Council.

In fact, a few years ago, a high school friend of mine who was a talented athlete died when meat became lodged in his windpipe. In total, approximately 2,500 Americans perish every year from choking on food.

Most people never worry about the mechanics of how food travels from the mouth to the stomachmany of us have eaten tens of thousands of times without serious incident. But in todays modern society, with a range of new types of foods and textures, and the fact many of us are always in a rush (like I was constantly on my speaking tour), people should consider choking dangers far more. People should also know that they can choke on a wide variety of foods that accidentally get stuck in the trachea instead of going down the esophagus.

10:15

Bethesda Clashes With Sony on PS4 Cross-Play, Changes Review Policy SoylentNews

Bethesda Declares War on Sony Over Cross-Play Limitations

[The Elder Scrolls Legends] is a strategy card game that encompasses both single and multiplayer...It is both cross-platform play and cross-platform progress. It is our intention in order for the game to come out, it has to be those things on any system. We cannot have a game that works one way across everywhere else except for on this one thing. The way the game works right now on Apple, Google, Steam, and Bethesda.net, it doesn't matter where you buy your stuff, if you play it on another platform that stuff is there. It doesn't matter what platform you play on, you play against everyone else who is playing at that moment. There's no 'Oh, it's easier to control, or it has a better framerate on this system.' It's a strategy card game. It doesn't matter.

Separately, Why Bethesda changed its review policy:

Read more of this story at SoylentNews.

09:57

CORRECTION: FCC targets pirate radio station that broadcasts Alex Jones The Hill: Technology Policy

The Federal Communications Commission (FCC) has shut down a pirate radio station known for its broadcasts of conspiracy theorist Alex Jones.The Austin American-Statesman reported Wednesday that the station, Liberty Radio, was hit with...

09:40

GNOME Celebrates Its 21st Birthday By Releasing GNOME 3.29.91 Phoronix

Today marks 21 years since the GNOME desktop environment project was started by Miguel de Icaza and Federico Mena. Coincidentally, released today is GNOME 3.29.91 that is the GNOME 3.30 desktop's second beta release...

09:16

Hillicon Valley: Trump revokes Brennan's security clearance | Twitter cracks down on InfoWars | AT&T hit with crypto lawsuit | DHS hosts election security exercise The Hill: Technology Policy

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Morgan Chalfant (@mchalfant16) and Olivia Beavers (@olivia_beavers),...

09:16

UPS to Deploy Fuel Cell/Battery Hybrids as Zero-Emission Delivery Trucks IEEE Spectrum Recent Content full text

Hydrogen fuel cells extend the range of battery-powered trucks now heading for California roads

img
Photo: Roy Pea/University of Texas Road Ready: This converted UPS truck features a 32-kilowatt fuel-cell module from Hydrogenics.

Austin Mabrey steers the clanging United Parcel Service (UPS) van down a street in Austin, Texas. But hes not driving the boxy brown vehicle to deliver packages. Mabrey is road-testing its zero-emission systema hybrid of hydrogen fuel cells and lithium iron phosphate batteries.

Its peppier than I wouldve imagined, he says. Near my perch in the passenger seat, a high-pitched hum emanates from the electric motor that drives the hydraulic power-steering pump. As we approach a narrow turn, Mabrey engages the regenerative braking system, which recharges the batteries, and a whining noise erupts from the back.

Were circling the Center for Electromechanics at the University of Texas (UT), where engineers are almost finished testing the vans power train inside a cavernous research hangar. They began road trials in June after working for more than a year to design and model the concept, though the project first won federal funding in 2013. UPS plans to deploy the prototype in California later this year and, if all goes well, roll out more vehicles just like it.

Logistics companies and automakers worldwide are developing vans and trucks that dont emit any pollution. But its much more complicated to build a zero-emission cargo truck than it is to produce an emissionless passenger car. New fuel systems cant encroach on cargo space or add more weight to a trucks bulky frame. And trucks must be able to run their normal routes without making extra stops to recharge batteries or refill tanks.

The driver has to be able to accomplish their missionits a work truck, says Joe Ambrosio of Unique Electric Solutions, which is integrating the UPS vans electric components. The New York firm hired six interns from UT to work on the project, including Mabrey, who is now an engineer at the company.

From the sidewalk, the van looks like any other delivery vehicle. UPS provided a 2007 diesel van to UT researchers, who converted it into a fuel-cell/battery hybrid. The new system includes a high-power, 99-kilowatt-hour battery pack from Lithium Werks that sits between the chassis frame...

09:00

Every Shop Needs A Giant Wooden Utility Knife Hackaday

Generally speaking, we dont cover that many woodworking projects here at Hackaday. Whats the point? Its bad enough that wood reminds us of the outside world, but it hardly ever blinks, and forget about connecting it to Wi-Fi. This doesnt seem to bother you fine readers, so we have to assume most of you feel the same way. But while we might not always get large woodworking projects around these parts, were quite familiar with the obsession dedication required to work on a project for no other reason than to say you managed to pull it off.

On that note, we present the latest creation of [Paul Jackman], a supersized replica of a Stanley utility knife made entirely out of wood. All wooden except for the blade anyway, which is cut from 1/8 thick knife steel. Thats right, this gigantic utility knife is fully functional. Not that we would recommend opening too many boxes with it, as youre likely to open up an artery if this monster slips.

We cant imagine there are going to be many others duplicating this project, but regardless [Paul] has done a phenomenal job documenting every step of the build on his site. From cutting the rough shape out on his bandsaw to doing all painstaking detail work, everything is clearly photographed and described. After the break theres ev...

08:38

Chinese Electric Carmaker NIO Eyes $1.8 Billion IPO In US SoylentNews

Chinese electric carmaker NIO has filed for a $1.8 billion initial public offering in the United States as the burgeoning company seeks to compete with US rival Tesla. NIO is one of dozens of new automakers to crop up in China as policymakers in Beijing push an all-electric future for the world's largest auto market.

American, Japanese and European auto giants dominate sales of combustion engine vehicles in China, but homegrown firms unencumbered by the billions sunk into refining gasoline engines are in the driver's seat when it comes to electric cars.

While Tesla chief Elon Musk is in talks with Saudi Arabia's sovereign wealth fund and other investors to take his company private, NIO filed papers at the US Securities and Exchange Commission on Monday to go public.

But the upstart Chinese automaker faces a long road ahead for its proposed float of up to $1.8 billion on the New York Stock Exchange. The company had delivered only 481 of its first mass production electric SUV model the ES8 by the end of July, with reservations and deposits in place for an additional 17,000.


Original Submission

Read more of this story at SoylentNews.

08:10

Ixia delivers visibility into all traffic in virtual workloads in private cloud environments Help Net Security

Keysight Technologies announced Cloud Sensor vTap, a new feature of CloudLens from Ixia, a Keysight Business. Cloud Sensor vTap enables organizations to manage their security risk in private and hybrid cloud environments, such as Microsoft Azure Stack, with visibility into East-West traffic without requiring access. The increase in cloud adoption has heightened the need for securing data, applications, and workloads that reside in any cloud-based environment. In fact, in a recent Ixia survey, Lack of More

The post Ixia delivers visibility into all traffic in virtual workloads in private cloud environments appeared first on Help Net Security.

08:10

CSI launches open API platform to provide secure connections to data Help Net Security

Computer Services introduces CSIbridge, an open application programming interface (API) platform, to give banks the power to build custom technology integrations that maximize efficiency and enhance competitiveness. CSIbridge provides a platform that banks and third-party providers can use to access data for ancillary solutions. CSI customers can take advantage of the open API platform to customize and release new services through pre-built APIs into banking features. Customers continue to expect more and more from their More

The post CSI launches open API platform to provide secure connections to data appeared first on Help Net Security.

08:09

PTC launches cybersecurity collaboration initiative for more secure and resilient IoT deployments Help Net Security

Continuing its commitment to promoting shared responsibility for safe and secure IoT deployments, PTC has unveiled a Coordinated Vulnerability Disclosure (CVD) Program. The new program is designed to support the reporting and remediation of security vulnerabilities that could affect the environments in which PTC products operate, including industrial and safety-critical industries. The CVD Program is a component of PTCs Shared Responsibility Model, which defines a framework for cybersecurity collaboration with customers, partners, and others within More

The post PTC launches cybersecurity collaboration initiative for more secure and resilient IoT deployments appeared first on Help Net Security.

08:09

Lockpath partners with RapidRatings to increase third-party risk visibility Help Net Security

Lockpath announced a new partnership with RapidRatings. This partnership aims to further risk management technology by broadening its scope to provide third-party risk visibility that includes financial health analytics. The partnership will include a technology integration of RapidRatings Financial Health Rating within Lockpaths Keylight Platform, a governance, integrated risk management and compliance (GRC) solution. This integration will benefit joint customers, who will be able to garner a view of the risk posed to them by More

The post Lockpath partners with RapidRatings to increase third-party risk visibility appeared first on Help Net Security.

08:08

EZShield acquires IdentityForce Help Net Security

EZShield announced it has acquired IdentityForce. The acquisition expands EZShields identity protection ecosystem by nearly 50 percent, providing partners in every industry, businesses of all sizes, and consumers with secure capabilities and restoration services. The pervasiveness of cyber fraud incidents and data breaches is estimated to cost $6 trillion annually by 2021. IdentityForce is a trusted, top-ranked leader in identity theft protection and their business is comprised of a highly customer-centric team of experts who More

The post EZShield acquires IdentityForce appeared first on Help Net Security.

07:30

Broadband ADC with X-point switch - Un-paralleled Flexibility in Multi-channel RF applications IEEE Spectrum Recent Content full text

One flexible ADC for multiple complex RF applications

The AQ600 is a high speed, broadband analog to digital convertor comprised of four 12-bit, 1.5 Gsps cores linked to a flexible wideband cross point switch (CPS). The device offers an input signal bandwidth up to 8 GHz (extended bandwidth mode) enabling direct sampling in high order Nyquist zones.

The CPS allows the ADC cores to sample in either synchronous (in phase) or time interleaving modes. A high-performance clock and synchronization system manages fine timing both within the device and across multi-devices. Thus, designers gain a free-hand in operating the part as a 4-channel ADC at 1.5 Gsps, a 2-channel device sampling at 3 Gsps or combining all four channels to sample a single channel at 6 Gsps.

Output data is formatted for transmission using the ESIstream, low overhead, low latency, open source serial digital interface operating at up to 12 Gbps.

Key topics

  1. A quick architectural overview - Whats different about the AQ600?

  2. The benefits of an integrated high performance cross point switch

  3. Wideband operation enables high order Nyquist zone direct sampling

  4. Programmable device features key controls and trimming facilitated by the SPI interface

  5. Where will it be used and why?

PRESENTER:
 
 

Mark Holdaway, electronic engineer and technical content producer

Marks career has revolved around analog ICs. Much of that time working on high performance, signal path applications. Formative years were spent as an application engineer with National Semiconductor (now part of TI) in the UK followed by a transfer to Munich as marketing manager.

He enjoyed a career defining stint as marketing director with start-up Xignal, successfully helping define and launch the first, multi-channel, continuous time delta sigma (CTDS) ADC for portable medical ultrasound.

Throughout his career, Mark has been driven to write about technology and today dedicates time crafting multimedia technical content. At Teledyne e2v hes helping explain their innovative data convertors. Aspiring to clear communication and reduced cognitive loading, Mark takes George Bernard Shaws dictum to heart:

The single biggest problem with communication is the illusion that it has taken place.

Getting the audience beyond that illusion remains his priority.

Attendees of this IEEE Spectrum webinar have the opportunity to e...

07:13

SpaceX's Falcon Heavy Could Launch Japanese and European Payloads to Lunar Orbital Platform-Gateway SoylentNews

SpaceX's Falcon Heavy eyed by Europe/Japan

According to RussianSpaceWeb, SpaceX's Falcon Heavy rocket is under serious consideration for launches of major European and Japanese payloads associated with the Lunar Orbital Platform-Gateway (formerly the Deep Space Gateway).

[...] Regardless of the LOPG's existential merits, a lot of energy (and money) is currently being funneled into planning and initial hardware development for the lunar station's various modular segments. JAXA is currently analyzing ways to resupply LOPG and its crew complement with its HTV-X cargo spacecraft, currently targeting its first annual ISS resupply mission by the end of 2021. While JAXA will use its own domestic H-III rocket to launch HTV-X to the ISS, that rocket simply is not powerful enough to place a minimum of ~10,000 kg (22,000 lb) on a trans-lunar insertion (TLI) trajectory. As such, JAXA is examining SpaceX's Falcon Heavy as a prime (and affordable) option: by recovering both side boosters on SpaceX's drone ships and sacrificing the rocket's center core, a 2/3rds-reusable Falcon Heavy should be able to send as much as 20,000 kg to TLI (lunar orbit), according to comments made by CEO Elon Musk.

That impressive performance would also be needed for another LOPG payload, this time for ESA's 5-6 ton European System Providing Refueling Infrastructure and Telecommunications (ESPRIT) lunar station module. That component is unlikely to reach launch readiness before 2024, but ESA is already considering Falcon Heavy (over its own Ariane 6 rocket) in order to save some of the module's propellant. Weighing 6 metric tons at most, Falcon Heavy could most likely launch ESPRIT while still recovering all three of its booster stages.

Previously: NASA's Chief of Human Spaceflight Rules Out Use of Falcon Heavy for Lunar Station

Related: NASA and International Partners Planning Orbital Lunar Outpost
...

06:24

[$] The Data Transfer Project LWN.net

Social networks are typically walled gardens; users of a service can interact with other users and their content, but cannot see or interact with data stored in competing services. Beyond that, though, these walled gardens have generally made it difficult or impossible to decide to switch to a competitorall of the user's data is locked into a particular site. Over time, that has been changing to some extent, but a new project has the potential to make it straightforward to switch to a new service without losing everything. The Data Transfer Project (DTP) is a collaborative project between several internet heavyweights that wants to "create an open-source, service-to-service data portability platform".

06:22

Google releases archive of online political ads The Hill: Technology Policy

Google has released a library of political advertisements purchased on its platforms, revealing how much groups are spending on online campaign efforts and where theyre focusing.The archive is a new part of the company's regular...

06:15

How to update source tree at /usr/src using svn on FreeBSD nixCraft

I compiled custom FreeBSD kernel for my FreeBSD jail to use vnet. How do I update my FreeBSD /usr/src/ code tree? How can I update source tree at /usr/src on FreeBSD using svn command to patch and compile kernel again?

The post How to update source tree at /usr/src using svn on FreeBSD appeared first on nixCraft.

06:10

New Intel chip flaw Foreshadow attacks SGX technology to extract sensitive data HackRead

By Waqas

Security fraternity is still dealing with the adverse consequences and versatile range of threats caused by the Spectre and Meltdown vulnerabilities. But, to add to their misery, there is another possibly worst hardware flaw detected by security researchers in Intel chips. This flaw, dubbed as Foreshadow, can obtain information even from the most secured components []

This is a post from HackRead.com Read the original post: New Intel chip flaw Foreshadow attacks SGX technology to extract sensitive data

06:00

Dont Forget Your Mints When Using This Synthesizer Hackaday

While synthesizers in the music world are incredibly common, theyre not all keyboard-based instruments as you might be imagining. Especially if youre trying to get a specific feel or sound from a synthesizer in order to mimic a real instrument, there might be a better style synth that you can use. One of these types is the breath controller, a synthesizer specifically built to mimic the sound of wind instruments using the actual breath from a physical person. Available breath controllers can be pricey, though, so [Andrey] built his own.

To build the synthesizer, [Andrey] used a melodica hose and mouthpiece connected to a pressure sensor. He then built a condenser circuit on a custom Arduino shield and plugged it all into an Arduino Mega (although he notes that this is a bit of overkill). From there, the Arduino needed to be programmed to act as a MIDI device and to interact with the pressure sensor, and he was well on his way to a wind instrument synthesizer.

The beauty of synthesizers is not just in their ability to match the look and sound of existing instruments but to do things beyond the realm of traditional instruments as well, sometimes for a greatly reduced price point.

05:52

Intel Begins Teasing Their Discrete Graphics Card Phoronix

Don't expect the Intel discrete gamer graphics card to come until 2020, but with the SIGGRAPH graphics conference happening this week in Vancouver, they have begun teasing their first PCI Express graphics card...

05:33

New Law Bans U.S. Government from Buying Equipment from Chinese Telecom Giants ZTE and Huawei SoylentNews

President Trump yesterday signed a defense funding bill that included a sweeping ban on the US government using technology supplied by Chinese telecommunications giants ZTE and Huawei. The bill also includes a narrower ban on using surveillance gear provided by Chinese companies Hytera Communications, Hangzhou Hikvision Digital Technology, or Dahua Technology for national security applications.

The legislation directs federal agencies to stop using the Chinese-made hardware within two years. If that proves impractical, an agency can apply for a waiver to permit a longer phase-out period.

Previously: Verizon Cancels Plans to Sell Huawei Phone Due to U.S. Government Pressure
U.S. Intelligence Agency Heads Warn Against Using Huawei and ZTE Products
The U.S. Intelligence Community's Demonization of Huawei Remains Highly Hypocritical
Huawei CEO Still Committed to the U.S. Market
Rural Wireless Association Opposes U.S. Government Ban on Huawei and ZTE Equipment
ZTE Suspends Operations Due to U.S. Ban (UPDATED)


Original Submission

Read more of this story at SoylentNews.

05:31

The U.S. Needs a Cyber Force More Than a Space Force Lifeboat News: The Blog

Agree?


Trump shouldnt be ridiculed for looking to the heavens, but a more urgent threat looms.

05:24

Google One launches with cheaper cloud storage plans Lifeboat News: The Blog

For some reason, Google is rebranding Google Drive storage plans under the name Google One. Along with the rebranding, Google is also improving its pricing in ways that give customers more options and more storage at lower prices. It marks the services first price cut in four years.

Google One plans start at the same place as Google Drive plans $1.99 per month for 100GB of additional storage but the situation improves after that. Google is introducing a new $2.99-per-month tier, which includes 200GB of storage, and its upgrading the $9.99-per-month tier to include 2TB of storage instead of 1TB.

We signed up for a 2TB storage option to try out Google One. The process is simple, you just head into Google Drive and click on Storage, then Upgrade Storage, to bring up all the possible upgrades.

05:23

05:22

Phoronix Test Suite 8.2 M2 Released With Offline Improvements, L1TF/Foreshadow Reporting Phoronix

The second development snapshot of the upcoming Phoronix Test Suite 8.2-Rakkestad to benchmark to your heart's delight on Linux, macOS, Windows, Solaris, and BSD platforms from embedded/SBC systems to cloud and servers...

05:22

AI can peer pressure you, too Lifeboat News: The Blog

A new study finds children are particularly susceptible to the influence of AI.

05:19

Twitter restricts Infowars account The Hill: Technology Policy

Twitter has restricted the account of the right-wing conspiracy show Infowars just hours after taking action against its host, Alex Jones.The Infowars account will be restricted from tweeting, but will still be able to browse Twitter and send direct...

05:16

05:00

Widespread Instagram Hack Locking Users Out of Their Accounts The Hacker News

Instagram has been hit by a widespread hacking campaign that appears to stem from Russia and have affected hundreds of users over the past week, leaving them locked out of their accounts. A growing number of Instagram users are taking to social media, including Twitter and Reddit, to report a mysterious hack which involves locking them out of their account with their email addresses changed to

04:45

VKMS Coming In Linux 4.19 Is One Of The Best GSoC & Outreachy Projects Of The Year Phoronix

One of the student summer coding projects that ended up being a cross between Google Summer of Code (GSoC) and Outreachy was the VKMS driver to provide a virtual KMS implementation for headless systems and other interesting use-cases...

04:44

Yuneecs latest drone comes with 4K shooting, voice controls, and face detection Lifeboat News: The Blog

Yuneecs Mantis Q is a foldable drone that features 4K, voice controls, face detection, and 33 minutes of battery life. Its available for preorder now.

04:43

This alga may be seeding the worlds skies with clouds Lifeboat News: The Blog

After some of these microbes die, their calcium shells make their way into sea air.

04:43

This one particle could solve five mega-mysteries of physics Lifeboat News: The Blog

Forget the Higgs: theorists have uncovered a missing link that explains dark matter, what happened in the big bang and more. Now theyre racing to find it.

By Michael Brooks

911? Its an emergency. The most important particle in the universe is missing. Florian Goertz knows this isnt a case for the police, but he is still waiting impatiently for a response. This 911 isnt a phone number, but a building on the northern edge of the worlds biggest particle accelerator.

04:43

Researchers suggest phonons may have mass and perhaps negative gravity Lifeboat News: The Blog

A trio of physicists with Columbia University is making waves with a new theory about phononsthey suggest they might have negative mass, and because of that, have negative gravity. Angelo Esposito, Rafael Krichevsky and Alberto Nicolis have written a paper to support their theory, including the math, and have uploaded it to the xrXiv preprint server.

Most theories depict waves as more of a collective event than as physical things. They are seen as the movement of molecules bumping against each other like balls on a pool tablethe energy of one ball knocking the next, and so onany motion in one direction is offset by motion in the opposite direction. In such a model, sound has no mass, and thus cannot be impacted by . But there may be more to the story. In their paper, the researchers suggest that the current theory does not fully explain everything that has been observed.

In recent years, physicists have come up with a word to describe the behavior of at a very small scalethe phonon. It describes the way sound vibrations cause complicated interactions with molecules, which allows the sound to propagate. The term has been useful because it allows for applying principles to sound that have previously been applied to actual particles. But no one has suggested that they actually are particles, which means they should not have mass. In this new effort, the researchers suggest the phonon could have negative , and because of that, could also have negative gravity.

04:42

Cant get out of bed? NASA picked the perfect songs to wake up its Mars rover Lifeboat News: The Blog

NASA engineers have crafted a themed playlist to greet their sleeping Opportunity rover on Mars, which lost power in a Martian dust storm in June.

04:40

Networking vendors patch against new cryptographic attack Help Net Security

Vulnerable IPSec IKE implementations used in Cisco, Huawei, ZyXel and Clavister networking devices can allow attackers to retrieve session keys and decrypt connections, researchers have found. The attack Dennis Felsch, Martin Grothe and Jrg Schwenk from Ruhr-Universitt Bochum, and Adam Czubak and Marcin Szymanek of the University of Opole are scheduled to demonstrate the new attack this week at the USENIX Security Symposium in Baltimore. In the meantime, they published a paper about their discovery. More

The post Networking vendors patch against new cryptographic attack appeared first on Help Net Security.

04:30

Rover V2 Handles Stairs as Easily as the Outdoors Hackaday

Rover V2 is an open-source, 3D-printable robotic rover platform that has seen a lot of evolution and development from its creator, [tlalexander]. There are a number of interesting things about Rover V2s design, such as the way the wheel hubs themselves contain motors and custom planetary gearboxes. This system is compact and keeps weight down low to the ground, which helps keep a rover stable. The platform is all wheel drive, and moving parts like the suspension are kept high up, as far away from the ground as possible. Software is a custom Python stack running on a Raspberry Pi that provides basic control.

The Rover V2 is a full mechanical redesign of the previous version, which caught our attention with its intricate planetary gearing inside the wheel hubs. [tlalexander]s goal is to create a robust, reliable rover platform for development that, thanks to its design, can be mostly 3D printed and requires a minimum of specialized hardware.

The HackadayPrize2018 is Sponsored by:

04:22

India to launch its first manned space mission by 2022 Lifeboat News: The Blog

The countrys space agency plans to send a crew of three on a mission within 40 months.

04:12

Email Phishers Using New Way to Bypass Microsoft Office 365 Protections The Hacker News

Phishing works no matter how hard a company tries to protect its customers or employees. Security researchers have been warning of a new phishing attack that cybercriminals and email scammers are using in the wild to bypass the Advanced Threat Protection (ATP) mechanism implemented by widely used email services like Microsoft Office 365. Microsoft Office 365 is an all-in-solution for users

04:02

Weird circles in the sky may be signs of a universe before ours Lifeboat News: The Blog

By Chelsea Whyte

Swirling patterns in the sky may be signs of black holes that survived the destruction of a universe before the big bang.

What we claim were seeing is the final remnant after a black hole has evaporated away in the previous aeon, says Roger Penrose, a mathematical physicist at the University of Oxford.

03:50

Hundreds of Instagram accounts were hijacked in a coordinated attack Security Affairs

Hundreds of Instagram accounts were hijacked in what appears to be the result of a coordinated attack, all the accounts share common signs of compromise.

Alleged attackers have hijacked Instagram accounts and modified personal information making impossible to restore the accounts.

The number of Instagram accounts that was hacked has increased since the beginning of August, all the victims were logged out of their accounts, their personal and contact information were deleted, personal email address was changed.

The attackers changed victims email addresses with one associated to a Russian domain (.ru).

The media outlet Mashable first reported the spike in the account takeover.

Like half a dozen other hacking victims who spoke with Mashable, her profile photo had been changed, as had all the contact information linked to the account, which was now linked to an email with a .ru Russian domain. reported Mashable.

Megan and Kristas experiences are not isolated cases. They are two of hundreds of Instagram users who have reported similar attacks since the beginning of the month.

More than 5,000 tweets from 899 accounts were mentioning Instagram hacks in the last seven days, many users have been desperately tweeting at Instagrams Twitter account requesting support.

Numerous reports of hacks were reported on Reddit, and Mashable reported a Google Trends search that shows a spike in searches for Instagram hacked on Aug. 8, and again on Aug. 11.

Instagram accounts hacked

Instagram hacked accounts have had their profile photos changed with D...

03:44

A Small Team of Student AI Coders Beats Google's Machine-Learning Code SoylentNews

Submitted via IRC for SoyCow1984

Students from Fast.ai, a small organization that runs free machine-learning courses online, just created an AI algorithm that outperforms code from Google's researchers, according to an important benchmark.

Fast.ai's success is important because it sometimes seems as if only those with huge resources can do advanced AI research.

Fast.ai consists of part-time students keen to try their hand at machine learningand perhaps transition into a career in data science. It rents access to computers in Amazon's cloud.

But Fast.ai's team built an algorithm that beats Google's code, as measured using a benchmark called DAWNBench, from researchers at Stanford. This benchmark uses a common image classification task to track the speed of a deep-learning algorithm per dollar of compute power.

Google's researchers topped the previous rankings, in a category for training on several machines, using a custom-built collection its own chips designed specifically for machine learning. The Fast.ai team was able to produce something even faster, on roughly equivalent hardware.

"State-of-the-art results are not the exclusive domain of big companies," says Jeremy Howard, one of Fast.ai's founders and a prominent AI entrepreneur. Howard and his cofounder, Rachel Thomas, created Fast.ai to make AI more accessible and less exclusive.

Source: https://www.technologyreview.com/s/611858/small-team-of-ai-coders-beats-googles-code/


Original Submission

Read more of this story at SoylentNews.

03:33

Crypto Updates Sent In For Linux 4.19 Kernel, Speck Is Still In The Kernel Phoronix

The Linux kernel's crypto subsystem updates were sent out today with its new feature work for the Linux 4.19 kernel. One change we were curious to see was whether they were going to nuke the Speck cipher code, but they did not...

03:02

SpaceX seeks approval for Starlink internet tests on high-performance govt. planes Lifeboat News: The Blog

According to updated regulatory documents and recent Aviation Week interviews with the US Air Force Research Laboratory, it can be all but guaranteed that the USAF has begun working with SpaceX to test the feasibility of using the companys planned Starlink satellite internet constellation for military communications purposes.

In early August, SpaceX updated regulatory documents required by the Federal Communications Commission (FCC) for the company to be permitted to experimental test its two prototype Starlink internet satellites, named Tintin A and B. Launched roughly six months ago as a copassenger on one of SpaceXs own Falcon 9 rockets, the satellite duo has been quietly performing a broad range of tests on orbit, particularly focused on general satellite operations, orbital maneuvering with SpaceXs own custom-built electric propulsion, and most importantly the experimental satellites cutting-edge communications capabilities.

The orbit histories of @SpaceXs Tintin A/B Starlink prototype satellites, launched in February! Some thoroughly intriguing differences in behavior over the six months theyve spent on-orbit. Data and visualizations generated by the lovely http://CalSky.com. pic.twitter.com/a8CfQaZJep

03:01

Track Everything, Everywhere with an IoT Barcode Scanner Hackaday

Ive always considered barcodes to be one of those invisible innovations that profoundly changed the world. What we might recognize as modern barcodes were originally designed as a labor-saving device in the rail and retail industries, but were quickly adopted by factories for automation, hospitals to help prevent medication errors, and a wide variety of other industries to track the movements of goods.

Medication errors in hospitals are serious and scary: enter the humble barcode to save lives. Source: The State and Trends of Barcode, RFID, Biometric and Pharmacy Automation Technologies in US Hospitals

The technology is accessible, since all you really need is a printer to make barcodes. If youre already printing packaging for a product, it only costs you ink, or perhaps a small sticker. Barcodes are so ubiquitous that weve ceased noticing them; as an experiment I took a moment to count all of them on my (cluttered) desk I found 43 and probably didnt find them all.

Despite that, Ive only used them in exactly one project: a consultant and friend of mine asked me to build a reference database out of his fairly extensive library. I had a tablet with a camera in 2011, and used it to scan the ISBN barcodes to a list. That list was used to get the information needed to automatically enter the reference to a simple database, all I had to do was quickly verify that it was...

02:35

Europeans Take Upload Filter Protests to The Streets TorrentFreak

After years of careful planning and negotiating, the European Parliament was ready to vote on its new copyright directive last month.

With backing from large political factions and pretty much the entire entertainment industry, many assumed that proposal would pass.

They were wrong.

The Copyright Directive was sent back to the drawing board following protests from legal scholars, Internet gurus, activists, and many members of the public. Article 13, often referred to as the upload filter proposal, was at the center of this pushback.

The vote was a massive blow to those who put their hope on the EUs proposed copyright changes. Following the failure of SOPA and ACTA, this was another disappointment, which triggered several entertainment industry insiders to call foul play.

They claimed that the grassroots protests were driven by automated tools, which spammed Members of Parliament were with protest messages, noting that large tech companies such as Google were partly behind this.

This narrative is gaining attention from the mainstream media, and there are even calls for a criminal investigation into the matter.

Opponents of the upload filters clearly disagree. In part triggered by the criticism, but more importantly, to ensure that copyright reform proposals will change for the better, they plan to move the protests to the streets of Europe later this month.

Julia Reda, the Pirate Partys Member of European Parliament, is calling people to join these protests, to have their voices heard, and to show the critics that there are real people behind the opposition.

We havent won yet. After their initial shock at losing the vote in July, the proponents of upload filters and the link tax have come up with a convenient narrative to downplay the massive public opposition they faced, Reda writes.

Theyre claiming the protest was all fake, generated by bots and orchestrated by big internet companies. According to them, Europeans dont actually care about their freedom of expression. We dont actually care about EU lawmaking enough to make our voices heard. We will just stand idly by as our internet is restricted to serve corporate interests.

Thus far,...

02:29

OpenSSH Username Enumeration Open Source Security

Posted by Qualys Security Advisory on Aug 15

Hi all,

We sent the following email to openssh () openssh com and
distros () vs openwall org about an hour ago, and it was decided that we
should send it to oss-security () lists openwall com right away (as far as
we know, no CVE has been assigned to this issue yet):

========================================================================

While reviewing the latest OpenSSH commits, we stumbled across:...

02:27

Google Pixel 3XL design and specs revealed in a massive leak TechWorm

Leaked video of Google Pixel 3XL shows 6.7-Inch QHD+ Screen and a Triple-Camera Setup

Googles upcoming flagships, Pixel 3 and Pixel 3XL is expected to be released this October. However, a new unboxing video has revealed Pixel 3XL in its entirety. A Ukrainian blogger by the name Ivan Luchkov has posted a video of a white Pixel 3XL that uses the AnTuTu app. This reveals specifications, in-box content, and more regarding the forthcoming third-gen Pixel smartphone. The same blogger had earlier posted an unboxing video of Pixel 3XL confirming the addition of USB-C headphones.

Watch the leaked video Of Pixel 3XL specifications:

The video reveals that the Pixel 3XL will have a massive 6.7-inch screen. This is 0.7-inches bigger than the Pixel 2XL and 0.3-inches bigger than the newly launched Galaxy Note 9. The Pixel 3XL is the largest mass-market smartphone ever made. Other specs reveal that the phone will have a 29601440 display and 494ppi. It will come with 4GB of RAM and 64GB of non-expandable onboard storage. The device is also shown running Android 9.0 Pie out of the box and a Snapdragon 845 chipset.

The Pixel 3 XL will apparently boast three front-facing cameras, all of which are 8.1MP. It will also have a single 12.2 MP camera on the rear. The device is by a 3,430mAH battery, which is disappointingly smaller than the 3,520mAh battery included in Pixel 2 XL.

Images from the unboxing video also reveal that the Pixel 3 XL will come with a USB-C cable, USB adapter, 3.5mm adapter, and a pair of headphones that looks similar to Pixel Buds with a USB-C connector.

Since the Pixel 3 XL is still in the processing stage, there are chances that the hardware and features may vary when the Pixel 3 XL is finally launched.

Source: Android Police

The post Google Pixel 3XL design and specs revealed in a massive leak appeared first on TechWorm.

02:23

Links 15/8/2018: Akademy 2018 Wrapups and More Intel Defects Techrights

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • Get Fresh Wallpaper Everyday Using Variety in Ubuntu/Linux

      Variety is a cool utility available for Linux systems which makes your dull desktop look great, every day. This free wallpaper changer utility replaces your wallpaper in your desktop in an interval. You can set it to change wallpaper in every 5 minutes also!

    • Googles New Chromebook Might Come With A Snapdragon 845 And A Detachable 2K Display

      Its been sometime since we saw a Chromebook from Google. Although the Chromebook series didnt do well with consumers, Google didnt stop development on it.

      Multiple codes uploaded on Gerrit (web-based team code collaboration tool) on Chromium OS has given us a lot of information on the next Chromebook or the Pixelbook previously. The device is codenamed Cheza (As seen on the Code on 14th line).

  • Kernel Space

    • Big CIFS/SMB3 Improvements Head To Linux 4.19

      Linus Torvalds has merged a rather significant set of patches for improving the CIFS/SMB3 support in the mainline kernel.

      The SMB3/CIFS advanced network file-system support provides the VFS module supporting the SMB3 family of NAS protocols for dealing with Samba/Azure/etc. With Linux 4.19 a lot of new feature code has been merged.

    • New Sound Hardware Support & Other Improvements Playing In Linux 4.19

      SUSEs Takashi Iwai sent in the pull request this morning of the sound subsystem updates for the Linux 4.19 kernel and it includes a lot of new hardware support and other improvements for Linuxs audio capabilities.

    • ...

02:11

AT&T hit with $224M lawsuit over cryptocurrency loss The Hill: Technology Policy

Cryptocurrency investor Michael Terpin on Wednesday filed a $224 million lawsuit against AT&T, accusing the telecommunications company of gross negligence, fraud and other violations after millions in online currency were allegedly...

02:11

Xen Security Advisory 274 v3 (CVE-2018-14678) - Linux: Uninitialized state in x86 PV failsafe callback path Open Source Security

Posted by Xen . org security team on Aug 15

Xen Security Advisory CVE-2018-14678 / XSA-274

Linux: Uninitialized state in x86 PV failsafe callback path

UPDATES IN VERSION 3
====================

Fix spelling in CREDITS.

ISSUE DESCRIPTION
=================

Linux has a `failsafe` callback, invoked by Xen under certain
conditions. Normally in this failsafe callback, error_entry is paired
with error_exit; and error_entry uses %ebx...

02:11

OpenSSL (1.1.0g) Key Sniffed From Radio Signal SoylentNews

If you missed the OpenSSL update released in May, go back and get it: a Georgia Tech team recovered a 2048-bit RSA key from OpenSSL using smartphone processor radio emissions, in a single pass.

The good news is that their attack was on OpenSSL 1.1.0g, which was released last November, and the library has been updated since then. Dubbed One&Done, the attack was carried out by Georgia tech's Monjur Alam, Haider Adnan Khan, Moumita Dey, Nishith Sinha, Robert Callan, Alenka Zajic, and Milos Prvulovic.

The researchers only needed a simple and relatively low cost Ettus USRP B200 mini receiver (costing less than $1,000/900/800) to capture the revealing radio noise from a Samsung Galaxy phone, an Alcatel Ideal phone, and a A13-OLinuXino single-board computer.

In Georgia Tech's announcement, the group explained that its attack is the first to crack OpenSSL without exploiting cache timing or organisation.

[...] The good news is that not only was mitigation relatively simple, it improved OpenSSL's performance. Our mitigation relies on obtaining all the bits that belong to one window at once, rather than extracting the bits one at a time, the paper stated. For the attacker, this means that there are now billions of possibilities for the value to be extracted from the signal, while the number of signal samples available for this recovery is similar to what was originally used for making a binary (single-bit) decision.

This mitigation results in a slight improvement in execution time of the exponentiation, the paper continued.

Here's the link to the group's upcoming Usenix talk.


Original Submission

Read more of this story at SoylentNews.

02:00

Friday Hack Chat: LED Diffusion Hackaday

A decade ago, the first Arduino projects featuring addressable RGB LEDs came on the scene, and the world hasnt been the same since. Now we have full wall video displays with WS2812s and APA102s, wearable blinky, and entire suits of armor made of LEDs. The future is bright, and in RGB.

For this weeks Hack Chat, were going to be talking all about how to maintain the blinky without eye-searing brightness. Its the LED Diffusion Hack Chat, full of tips and tricks on how to get the glowey without it being imprinted on your retina.

Our guest for this weeks Hack Chat is the incredible Becky Stern. Becky is one of the most prolific makers around and has a long history of fabricating some really, really cool stuff. Shes published hundreds of tutorials on everything from microcontrollers to computerized knitting machines, and has been featured by dozens of media outlets including the BBC, CNN, The Late Show with Colbert, VICE, and Forbes. Right now, shes working at Autodesk with Instructables.

During this Hack Chat, were going to be talking all about diffusing LEDs, with topics including:

  • Taking some san...

01:50

Mesa 18.2-RC3 Released With Two Dozen Fixes Phoronix

Mesa 18.2 as the next quarterly feature release to the contained OpenGL/Vulkan drivers is about two weeks out if all goes well, but today for testing Mesa 18.2-RC3 is now available...

01:48

New Network 2030 Group Asks: What Comes After 5G? IEEE Spectrum Recent Content full text

The ITU focus group wants to make sure the backbone of every network can support future demand for data

5G report logo, link to report landing page

If you listen to the hype about 5G, with its promises of self-driving vehicles and immersive virtual reality, it doesnt take long to realize how much data the coming generation of wireless will require. But have engineers been so preoccupied with delivering low-latency networks to feed data-hungry applications that theyve forgotten about the rest of our vast, tangled telecommunications network? 

That concern has sparked some researchers to start thinking about where all that data will go after it travels from your phone to the nearest cell tower.

The International Telecommunication Union, an agency of the United Nations that coordinates telecom infrastructure between countries, recently launched a new focus group to, in part, address an emerging imbalance in our wireless communications. The group, Network 2030more accurately, the ITU-T Focus Group Technologies for Network 2030 (FG NET-2030)will explore ways to close the growing gap between the fixed and mobile components of future communications networks.

The fixed side and the mobile side are both parts of the unified system that sends information to all of our wireless devices. Even so, Richard Li, the chief scientist of future networks at Huawei and the chairman of the ITU Network 2030 group, sees enough of a distinction to consider them as two separate components. And that distinction is where he sees problems beginning to emerge.

Think of the mobile side as the antennas and radio waves that directly deliver data to our devices. This is the side that has gotten a lot of attention in recent years with the advent of 5G, along with beamforming, massive MIMO, and millimeter waves. The fixed side is everything elseincluding antennas to beam data wirelessly between two fixed points, and also the cables, fibers, and switches that handle the va...

01:43

Smart consumption management system for energy-efficient industrial companies Lifeboat News: The Blog

Energy use in industrial buildings continues to skyrocket, contributing to the negative impact on global warming and Earths natural resources. An EU initiative introduced a disruptive system thats able to reduce electricity consumption in the industrial sector.

Using energy efficiently helps industry save money, conserve resources and tackle climate change. ISO 50001 supports companies in all sectors to use energy more efficiently through the development of an system. It calls on the to integrate energy management into their overall efforts for improving quality and environmental management. Companies can perform several actions to successfully implement this new international standard, including creating policies for more efficient energy use, identifying significant areas of and targeting reductions.

01:43

Liquid battery could lead to flexible energy storage Lifeboat News: The Blog

A new type of energy storage system could revolutionise energy storage and drop the charging time of electric cars from hours to seconds.

In a new paper published today in the journal Nature Chemistry, chemists from the University of Glasgow discuss how they developed a system using a nano-molecule that can store electric power or giving a new type of hybrid storage system that can be used as a flow battery or for hydrogen storage.

Their hybrid-electric-hydrogen flow battery, based upon the design of a nanoscale battery molecule can store energy, releasing the power on demand as electric power or hydrogen gas that can be used a fuel. When a concentrated liquid containing the nano-molecules is made, the amount of energy it can store increases by almost 10 times. The energy can be released as either electricity or hydrogen gas meaning that the system could be used flexibly in situations that might need either a fuel or .

01:43

European aquaculture to benefit from a better quality of live feed Lifeboat News: The Blog

The aquaculture sector is growing, with fish farming being a key way to ensure Europe gets the quality food it needs without exploiting marine resources further. One key problem the industry faces is how to get the immature fish though their first few months one EU project may be about to smooth the way.

Aquaculture is a growing market within the EU, bringing employment and providing a sustainable source of fish at a time when our marine life is under pressure. The main bottle-neck for the production of marine fish is the juvenile phase, especially during the time in which live diets are used. Even the established species, sea bream and sea bass, have a very low survival rate with an average of 25 percent. For new species in aquaculture, such as amberjack and tuna, the mortality is even higher.

The natural first feed for most is crustacean nauplii, the offspring of many types of crustacean zooplankton. Fish larvae is evolutionary adapted to such a diet, and it is believed that this type of prey fulfils the fish larvas nutritional requirements.

01:43

State-of-the-art solar panel recycling plant Lifeboat News: The Blog

The German engineering company Geltz Umwelt-Technologie has successfully developed an advanced recycling plant for obsolete or ageing solar panels.

As sales of solar power increase, there is a looming problem that is quite often overlooked: disposing waste from outdated or destroyed . A surge in solar panel disposal is expected to take place in the early 2030s, given the design life of installed around the millennium.

To address this problem before this big disposal wave, the EU has funded the ELSi project. With strong competencies in plant manufacturing and wastewater treatment including , the Geltz Umwelt-Technologie firm has built a test and treatment facility at a large disposal firm to retrieve reusable materials from solar modules.

01:32

Foreshadow Attacks experts found 3 new Intel CPU side-channel flaws Security Affairs

Foreshadow Attacks Security researchers disclosed the details of three new speculative execution side-channel attacks that affect Intel processors.

The new flaws, dubbed Foreshadow and L1 Terminal Fault (L1TF), were discovered by two independent research teams.

An attacker could exploit the Foreshadow vulnerabilities attacks to gain access to the sensitive data stored in a computers memory or third-party clouds.

The flaws affect the Intels Core and Xeon processors, they were reported to Intel in January, shortly after the disclosure of Spectre and Meltdown attacks.

The three Foreshadow vulnerabilities are:

  • CVE-2018-3615 that affects the  Intels Software Guard Extensions (SGX);
  • CVE-2018-3620 that affects operating systems and System Management Mode (SMM); 
  • CVE-2018-3646 that affects virtualization software and Virtual Machine Monitors (VMM).

Today, Intel and our industry partners are sharing more details and mitigation information about a recently identified speculative execution side-channel method called L1 Terminal Fault (L1TF). This method affects select microprocessor products supporting Intel Software Guard Extensions (Intel SGX) and was first reported to us by researchers at KU Leuven University*, Technion Israel Institute of Technology*, University of Michigan*, University of Adelaide* and Data61.  reads the post published by Intel

Further research by our security team identified two related applications of L1TF with the potential to impact other microprocessors, operating systems and virtualization software..

Security researchers initially discovered the SGX vulnerability, meanwhile, Intel experts found other two other issues while analyzing the cause of Foreshadow.

All previously known attacks against Intel SGX rely on application-specific information leakage from either sidechannels [30, 39, 45, 51, 57, 58, 60] or software vulnerabilities [38, 59]. It was generally believed that well-written enclaves could prevent information leakage by adhering to good coding practices, such as never branching on secrets, prompting Intel to state that in general, these research papers do not demonstrate anything new or unexpected about the Intel SGX architecture. states the research paper.

[Foreshadow-NG] attacks can potentially be used...

01:31

Arcade Inspired Halloween Candy Dispenser Hackaday

The days are getting shorter and the nights are a little cooler, which can only mean one thing: its officially time to start devising the trials youll put the neighborhood children through this Halloween. For [Randall Hendricks], that means building a new candy dispensing machine to make sure the kids have to work for their sugary reward. After all, wheres the challenge in just walking up and taking some candy from a bowl? These kids need to build character.

[Randall] writes in to share his early work on this years candy contraption which hes based on a popular arcade game called Goal Line Rush. In this skill based game a disc with various prizes spins slowly inside the machine, and the player has a button that will extend an arm from the rear of the disc. The trick is getting the timing right to push the prize off the disc and into the chute. Replace the prizes with some empty calorie balls of high fructose corn syrup, and you get the idea.

Theres still plenty of time before All Hallows Eve, so the machine is understandably still a bit rough. He hasnt started the enclosure yet, and at this point is still finalizing the mechanics. But this early peek looks very promising, and in the video after the break you can see how the machine doles out the goodies.

The disc is rotated by a high torque...

01:23

Lets pray for clear skies Lifeboat News: The Blog

The International Space Station (ISS) will be visible to the naked eye in several areas in the country starting tonight!

According to the NASA website, the space station looks like an airplane or a very bright star moving across the sky and moves considerably faster than a typical airplane.

01:22

U.S. $23 trillion will be lost if temperatures rise four degrees by 2100 Lifeboat News: The Blog

Imagine something similar to the Great Depression of 1929 hitting the world, but this time it never ends.

Economic modelling suggests this is the reality facing us if we continue emitting greenhouse gases and allowing temperatures to rise unabated.

Economists have largely underestimated the global economic damages from climate change, partly as a result of averaging these effects across countries and regions, but also because the likely behaviour of producers and consumers in a climate change future isnt usually taken into consideration in climate modelling.

01:11

Multiple vulnerabilities in Jenkins Open Source Security

Posted by Daniel Beck on Aug 15

Jenkins is an open source automation server which enables developers around
the world to reliably build, test, and deploy their software. The following
releases contain fixes for security vulnerabilities:

* Jenkins weekly 2.138
* Jenkins LTS 2.121.3

Summaries of the vulnerabilities are below. More details, severity, and
attribution can be found here:
https://jenkins.io/security/advisory/2018-08-15/

We provide advance notification for security...

01:03

Indonesia earthquakehow scrap tyres could stop buildings collapsing Lifeboat News: The Blog

At the time of writing, 436 people have died following an earthquake in the Indonesian island of Lombok. A further 2,500 people have been hospitalised with serious injuries and over 270,000 people have been displaced.

Earthquakes are one of the deadliest natural disasters, accounting for just 7.5% of such events between 1994 and 2013 but causing 37% of deaths. And, as with all , it isnt the countries that suffer the most earthquakes that see the biggest losses. Instead, the number of people who die in an earthquake is related to how developed the country is.

In Lombok, as in Nepal in 2015, many deaths were caused by the widespread collapse of local rickety houses incapable of withstanding the numerous aftershocks. More generally, low quality buildings and inadequate town planning are the two main reasons why seismic events are more destructive in developing countries.

01:03

New water-splitting technology brings clean hydrogen fuel one step closer Lifeboat News: The Blog

In the quest for clean alternative energy sources, hydrogen is a favorite. It releases a lot of energy when burnedwith a bonus: The major byproduct of burning hydrogen is pure water.

The big obstacle has been getting pure in sufficient quantity to burn. So scientists are studying , or HERs, a type of water-splitting technology in which electrodes, covered with catalytic materials, are inserted into water and charged with electricity. The interaction of the electricity, the catalysts and the water produce hydrogen gasa clean fueland clean, breathable oxygen.

Alas, there is a problem: At present, electrodes must be coated with precious, expensive metals, most notably platinum.

01:02

How to conserve half the planet without going hungry Lifeboat News: The Blog

Every day there are roughly 386,000 new mouths to feed, and in that same 24 hours, scientists estimate between one and 100 species will go extinct. Thats it. Lost forever.

To deal with the biodiversity crisis we need to find a way to give nature more spacehabitat loss is a key factor driving these extinctions. But how would this affect our food supplies?

New research, published in Nature Sustainability, found it could mean we lose a lot of food but exactly how much really depends on how we choose to give nature that space. Doing it right could mean rethinking how we do agriculture and altogether.

01:02

An Interview With Didier Coeurnelle Lifeboat News: The Blog

An interview with Didier Coeurnelle from the Healthy Life Extension Society.


As you might remember, we have recently posted about the Longevity Film Competition, an initiative by HEALES, ILA, and the SENS Research Foundation that encourages supporters of healthy life extension to produce a short film to popularize the subject.

Didier Coeurnelle is a jurist and the co-chair of HEALES, the Healthy Life Extension Society promoting life extension in Europe, as well as a long-standing member of social and environmental movements.

We got in touch with Didier, who serves as co-director of the competition, to ask him about the initiative and to share his thoughts on advocacy in general.

01:01

Masergy announces interoperability of global UCaaS with Cisco IP endpoints Help Net Security

Masergy announced the expansion of its UCaaS offering to include collaboration endpoints from Ciscos 8800 and 6800 series. This news highlights Masergys continued commitment to accommodate a variety of IP phones that are certified with its feature-rich Global UCaaS and Cloud Contact Center solutions. Todays global workforce requires advanced collaboration platforms to drive increased productivity, said Dean Manzoori, vice president of product management UCaaS, Masergy. As enterprises rapidly incorporate cloud-based unified communications services, Masergy is More

The post Masergy announces interoperability of global UCaaS with Cisco IP endpoints appeared first on Help Net Security.

01:00

Chaos and confusion reign with existing firewall infrastructure Help Net Security

Many organizations are still struggling to master basic firewall hygiene, promising increased complexity and risk associated with network security policy management for those planning to adopt hybrid cloud models and next-gen architectures, according to Firemons 2018 State of the Firewall report. The majority of respondents believe the firewall is still an important part of their overall security architecture, with 94% saying firewalls are as critical as always or more critical than ever. The same percentage More

The post Chaos and confusion reign with existing firewall infrastructure appeared first on Help Net Security.

00:58

Entrust Datacard receives patent for innovative card personalization process Help Net Security

Entrust Datacard announced that the company was awarded U.S. Patent No. 10,049,320 (Card Printing Mechanism with Card Return Path) on Aug. 14, 2018. This newly patented technology facilitates duplex card printing without the need for a second card printing mechanism, which reduces the cost and footprint of card personalization systems. With nearly 50 years of innovation in identity security and quality assurance, and several patents currently pending directed towards drop-on-demand (DoD) applications, Entrust Datacard continues More

The post Entrust Datacard receives patent for innovative card personalization process appeared first on Help Net Security.

00:57

Demand for online content and services drive Pulse Secure application delivery business growth Help Net Security

Pulse Secure announced that its virtual Application Delivery Controller (virtual ADC) business unit has achieved growth and increased market share in the last year. The announcement marks the one-year anniversary since Pulses acquisition of the virtual ADC Business Unit from Brocade Communications. Factors driving the companys success are the demand for online content and web services, and infrastructure requirements including cloud and hybrid IT growth, DevOps, containerization/Docker and workload migration. Brad Casemore, research vice president More

The post Demand for online content and services drive Pulse Secure application delivery business growth appeared first on Help Net Security.

00:55

Security updates for Wednesday LWN.net

Security updates have been issued by CentOS (kernel), Debian (kernel, linux-4.9, postgresql-9.4, and ruby-zip), Fedora (cgit, firefox, knot-resolver, mingw-LibRaw, php-symfony, php-symfony3, php-symfony4, php-zendframework-zend-diactoros, php-zendframework-zend-feed, php-zendframework-zend-http, python2-django1.11, quazip, sox, and thunderbird-enigmail), openSUSE (python-Django and seamonkey), Oracle (kernel), Red Hat (kernel, kernel-rt, and redhat-virtualization-host), Scientific Linux (kernel), Slackware (openssl), SUSE (clamav, firefox, kernel, and samba), and Ubuntu (kernel, libxml2, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-hwe, linux-azure, linux-gcp, linux-lts-trusty, linux-lts-xenial, linux-aws, linux-raspi2, and samba).

00:52

Patch Tuesday, August 2018 Edition Krebs on Security

Adobe and Microsoft each released security updates for their software on Tuesday. Adobe plugged five security holes in its Flash Player browser plugin. Microsoft pushed 17 updates to fix at least 60 vulnerabilities in Windows and other software, including two zero-day flaws that attackers were already exploiting before Microsoft issued patches to fix them.

According to security firm Ivanti, the first of the two zero-day flaws (CVE-2018-8373) is a critical flaw in Internet Explorer that attackers could use to foist malware on IE users who browse to hacked or booby-trapped sites. The other zero-day is a bug (CVE-2018-8414) in the Windows 10 shell that could allow an attacker to run code of his choice.

Microsoft also patched more variants of the Meltdown/Spectre memory vulnerabilities, collectively dubbed Foreshadow by a team of researchers who discovered and reported the Intel-based flaws. For more information about how Foreshadow works, check out their academic paper (PDF), and/or the video below. Microsofts analysis is here.

One nifty little bug fixed in this patch batch is CVE-2018-8345. It addresses a problem in the way Windows handles shortcut files; ending in the .lnk extension, shortcut files are Windows components that link (hence the lnk extension) easy-to-recognize icons to specific executable programs, and are typically placed on the users Desktop or Start Menu.

That description of a shortcut file was taken verbatim from the first widely read report on what would later be dubbed the Stuxnet worm, which also employed an exploi...

00:46

August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days Help Net Security

In the August 2018 Patch Tuesday, Microsoft has plugged over 60 vulnerabilities, two of which are being actively exploited in the wild. In addition to those, the company has also released a critical update advisory that addresses vulnerabilities found and patched in Adobe Flash. Exploited zero-days The two patched zero-days are: CVE-2018-8414 A vulnerability in Windows Shell that can be triggered by a user opening a specially crafted file and could allow the attacker More

The post August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days appeared first on Help Net Security.

00:37

Early Japanese Eating Habits Gleaned From Hairs In Old Books SoylentNews

The diet and eating habits of earlier civilizations has been inferred from old manuscripts and artwork, but there is always a question as to how representative that is of what the common diet was at the time, in much the same way as whether in a millennia from now one could infer our modern-day diet from surviving ``foodie'' magazines. It is always a bonus when you can have access to direct tissue to analyze. In a recent paper in the Open Access journal Nature Scientific Reports, Atsushi Maruyama and colleagues in Japan acquired a number of book sets produced during the Edo period and they analyzed samples of human hair found in the books. By analyzing the abundances of various carbon and nitrogen isotopes they were able to make inferences about the early Japanese diet.

The covers of such books are made of recycled thick paper, which, for financial reasons, was believed to have been produced soon before book printing, using waste paper collected in the same cities where the books were printed. Because the hairs are embedded in the paper fibres, the hairs are thought to have been mixed accidentally during waste paper collection or blended intentionally for reinforcement during paper production. In either case, the hairs most likely belong to people living in the city and year of book printing, both of which are available from the records (colophon) on the book. Thus, the hairs found in each book, together with the records of time and place, constitute the ideal human tissue samples to reconstruct the eating habits at the time and place of the book printing, using isotope analysis.

They found that people depended upon rice, vegetables, and fish more exclusively than contemporary Japanese people. They also noticed that the levels of nitrogen increased over 200 years, indicating an increase in the contribution of marine fish as both food and fertilizer, which generally confirms what literature-based studies have found.

Atsushi Maruyama, Jun'ichiro Takemura, Hayato Sawada, Takaaki Kaneko, Yukihiro Kohmatsu & Atsushi Iriguchi, Hairs in old books isotopically reconstruct the eating habits of early modern Japan, Scientific Reports volume 8, Article number: 12152 (2018)


Original Submission

Read more of this story at SoylentNews.

00:30

Top 10 Free Movie Download Websites | Watch movies online legally 2018 TechWorm

List of top 10 free movie download websites that are absolutely legal to download HD movies or to watch them online

I am simply a lunatic movie lover, and I guess you too, for you are here! Well, we all love watching movies, dont we? Certainly, that appears to be one of the most amazing ways we can spend our leisure time. Whenever I find the weekend to be near, I get to look for ways to spend my off-time. However, when I switch on to download movies, I tend to dive into immense confusion since there are a plenty of websites, but only a few of them are legal. Keeping this in mind, today I decided to make things clear for you. This ultimately made me come up with a list of top 10 free movie download websites that are absolutely legal, without any doubt!

Crackle

Free Movie Download Websites | Crackle

Crackle is one of the best online movie streaming apps available today. It lets you watch your favorite movies online. This website supports vision in tablets, streaming players, gaming console, smart TVs, and mobiles as well. All you need is to create an account with Crackle. Simply put your device activation code. If you are not much in favor of downloading the movie, Crackle still allows you to watch it online without downloading!

Vimeo

...

00:22

DDoS attackers increasingly strike outside of normal business hours Help Net Security

DDoS attack volumes have increased by 50% to an average of 3.3 Gbps during May, June and July 2018, compared to 2.2 Gbps during the previous quarter, according to Link11. Attacks are also becoming increasingly complex, with 46% of incidents using two or more vectors. While attack volumes increased, researchers recorded a 36% decrease in the overall number of attacks. There was a total of 9,325 attacks during the quarter: an average of 102 attacks More

The post DDoS attackers increasingly strike outside of normal business hours appeared first on Help Net Security.

00:17

10 Reasons to Attend ONS Europe in September | Registration Deadline Approaching Register & Save $605

Heres a sneak peek at why you need to be at Open Networking Summit Europe in Amsterdam next month! But hurry spots are going quickly. Secure your spot and register by September 1 to save $605.

00:08

Haru: An Experimental Social Robot From Honda Research IEEE Spectrum Recent Content full text

The Honda Research Institute gives an in-depth look at the design of its newest social robot prototype

Social robots have had it tough recently. There are lots of reasons for this, but a big part of it is that its a challenge to develop a social robot thats able to spark long-term user interest without driving initial expectations impractically high. This isnt just the case for commercial robotssocial robots designed for long-term user interaction studies have the same sorts of issues. The Honda Research Institute is well aware of how tricky this is, and researchers there have been working on the design of a prototype social robot that achieves a balance between human expectation, surface appearance, physical affordance, and robot functionality. Its called Haru, and Honda Research has provided a fascinating and detailed look into how they came up with its design.

A paper on Haru was presented at the ACM/IEEE International Conference on Human Robot Interaction (HRI) earlier this year, and the introduction does a lovely job of presenting why its so important to carefully consider the physical design of social robots intended to interact with humans:

Various studies confirm that human expectations are shaped by the physical attributes of a robot. As a consequence, human expectations can set the bar high depending on the promise it holds as a function of its physical appearance and how this measures up with the robots actual affordances. For example, a six-foot-tall humanoid robot with a futuristic look would turn out be a disappointment if it only performed Q&A tasks and nothing more. This indifference does not impact on the smaller and basic-shaped smart devices, as the simple Q&A task completion of current smart devices is proportional to the simple image they project. The physical and aesthetic elements of a robot require considered design as they affect its prospect of acceptance and long-term adoption. It is essential to foresee in advance the implicit illusionary functionality brought upon by the design of the robots physical affordance, and to strike a balance between this and human expectation. Keeping human expectation low while stoking interest at the same time may prove to be a good strategy.

Its possible that this is not just a good strategy, but the best strategy (or in fact the only strategy). Were tempted to ascribe all kinds of things to robots that look even vaguely human, and thats been one of the issues that social robots have had in the pastenough human-ness that users think theyre more competent than they are. Commercial social robots are very much aware of this tendency, which is why they often go for a minimalist approac...

00:01

Stop Using Python 2: What You Need to Know About Python 3 Hackaday

Though Python 3 was released in 2008, many projects are still stuck on Python 2.

Well take you through some of the features that Python 2 programs are missing out on, not only from 3.0 but up to the current release (3.7).

Why Python 3 Happened

Before 2008, Python developers had a bit of a headache. The language that started in the 1989 Christmas holidays as the pet project of Guido van Rossum was now growing at a fast pace. Features had been piled on, and the project was now large enough that earlier design decisions were hindering implementation. Because of this, the process of adding new features was becoming an exercise in hacking around the existing code.

The solution was Python 3: the only release that deliberately broke backwards compatibility. At the time, the decision was controversial. Was it acceptable for a publicly used open source project to purposefully break on older code? Despite the backlash, the decision was taken, giving Guido and the developers a one off chance to clean out redundant code, fix common pitfalls and re-architect the language. The aim was that within Python 3 there would be only one obvious way of doing things. Its testament to the design choices made back then that were still on 3.x releases a decade later.

The __future__ is Now

The __future__ import is a slice of time-travelling wizardry which allows you to summon select features from future releases of Python. In fact, the current Python release, 3.7, contains __future__ imports from releases which havent yet been written!

Ok fine, so its not quite as grandiose as that, a __future__ import is just an explicit indicator of switching on new syntax which is packaged with the current release. We thought wed mention it because a few of the Python 3 features listed below can be __future__ imported and used in 2.6 and 2.7, which were released to coincide with 3.0 and 3.1 respectively. Having said this, upgrading is, of course, still advised as new features are frozen in past releases and will not benefit from the evolution and maintenance of current versions.

Onto what youre missing out on in Python 3

Print is a Function

Yes, we know that most people are aware of this, but its one of the most used statements by Pythonistas who are starting out. print moved from a...

Wednesday, 15 August

23:45

An Early Look At The L1 Terminal Fault "L1TF" Performance Impact On Virtual Machines Phoronix

Yesterday the latest speculative execution vulnerability was disclosed that was akin to Meltdown and is dubbed the L1 Terminal Fault, or "L1TF" for short. Here are some very early benchmarks of the performance impact of the L1TF mitigation on the Linux virtual machine performance when testing the various levels of mitigation as well as the unpatched system performance prior to this vulnerability coming to light.

23:35

5 Jobs Robots Will Never take from Humans TechWorm

Intro

Do robots really come to take over our jobs? The line has been drawn with latest AI breakthrough programmes, like AlphaZero, which is able to beat you in Chess, Go and Shogi, so human worries are never been as real, as they are today. Some still think, that we still have a long road to go, referencing new technologies, that are only implemented at the very beginning stages, like surgical robotics for instance. These people, however, forget, that they are already using automatic cashiers and train sales station assistants as a regular convenience, forgetting that not so long ago these tasks were performed by another human-being and was considered a fully obligated paid job. Is this true then, that every task robot performs is better what human abilities can achieve? With this question in mind, for all of you critics, believers, skeptics and dreamers, today we will talk about certain job skills in which humans can still give AI a good run for their money.

Creativity

This one is a no-brainer yes, machines can actually recognize your face on a photograph, but can they actually paint one? Computer programs are very effective at calculating a viable solution from a number of options, but when it comes to creating their own creative choice they fail miserably. Creating something from scratch is still something that robots are yet to replicate since even we as humans do not fully understand what makes our brain spark with a new idea. Experts are getting robots to make some works of art, recipes and even inspirational quotes, but the end results are, well, mixed, to say the least. All of this means, that any job that is heavily based on a creative process, like musicians, writers, entrepreneurs, etc. can stop breathing heavily they can safely bet for being untouched for a long while.
...

23:11

Sex extortion emails now quoting part of their victims phone number Graham Cluley

Some computer users are reporting that they have received a new type of extortion email in their inbox, which - in an attempt to scare them into giving in to demands for money - quotes part of their phone number.

But where are the blackmailers getting the phone number from?

23:02

Universal Method to Sort Complex Information Found SoylentNews

The nearest neighbor problem asks where a new point fits in to an existing data set. A few researchers set out to prove that there was no universal way to solve it. Instead, they found such a way.

If you were opening a coffee shop, there's a question you'd want answered: Where's the next closest cafe? This information would help you understand your competition.

This scenario is an example of a type of problem widely studied in computer science called "nearest neighbor" search. It asks, given a data set and a new data point, which point in your existing data is closest to your new point? It's a question that comes up in many everyday situations in areas such as genomics research, image searches and Spotify recommendations.

And unlike the coffee shop example, nearest neighbor questions are often very hard to answer. Over the past few decades, top minds in computer science have applied themselves to finding a better way to solve the problem. In particular, they've tried to address complications that arise because different data sets can use very different definitions of what it means for two points to be "close" to one another.

Now, a team of computer scientists has come up with a radically new way of solving nearest neighbor problems. In a pair of papers, five computer scientists have elaborated the first general-purpose method of solving nearest neighbor questions for complex data.


Original Submission

Read more of this story at SoylentNews.

22:33

Russian trolls had burst of activity for pro-Trump website: report The Hill: Technology Policy

Russian social media operatives stepped up activity last year to boost a website known for inaccurate content favorable toward President Trump, eight months after carrying out a disinformation campaign during the 2016 campaign.Bloomberg...

22:33

A Git Origin Story

A look at Linux kernel developers' various revision control solutions through the years, Linus Torvalds' decision to use BitKeeper and the controversy that followed, and how Git came to be created.

22:24

Exabeam raises $50 million in series D funding to disrupt SIEM market Help Net Security

Exabeam announced that it has closed $50 million in Series D funding. The round, backed entirely by existing investors, was led by Lightspeed Venture Partners and supported by Aspect Ventures, Cisco Investments, Icon Ventures, Norwest Venture Partners and cybersecurity investor Shlomo Kramer. The funds will be used to grow the companys cloud portfolio, as well as sales and channels to expedite global expansion. The complexities in securing modern digital businesses, along with the increase in More

The post Exabeam raises $50 million in series D funding to disrupt SIEM market appeared first on Help Net Security.

22:21

Splunk .conf18 to feature industry visionaries and product innovations Help Net Security

Splunk announced that industry visionaries including Steve Wozniak, will present at .conf18, the annual Splunk conference. The event will take place from October 1-4, 2018, at the Walt Disney World Swan and Dolphin Resort in Orlando, Florida. More than 9,000 people are expected to attend .conf18 to learn about the latest Splunk products and innovations spanning IT, security, developer, artificial intelligence and machine learning, mobile, and the Internet of Things (IoT) technology. Attendees will participate More

The post Splunk .conf18 to feature industry visionaries and product innovations appeared first on Help Net Security.

22:20

Orange acquires Basefarm Holding to support its cloud computing strategy Help Net Security

Orange announced that it has completed the acquisition of 100% of Basefarm through its enterprise subsidiary Orange Business Services following the approbation of the competition authorities. Basefarm is an European player in cloud-based infrastructure and services, as well as the management of critical applications and data analysis. The company, which recorded revenues of over 100 million euros in 2017, has enjoyed growth since its creation. Basefarm has an operational presence in several European countries, particularly More

The post Orange acquires Basefarm Holding to support its cloud computing strategy appeared first on Help Net Security.

22:19

Jarno Limnll appointed CEO of IoT infrastructure security firm Tosibox Help Net Security

IoT infrastructure security firm Tosibox Oy of Finland announces the appointment of cyber security expert Jarno Limnll as its new Chief Executive Officer. In his new role, Limnll is to lead the drive for Tosiboxs remote connection technology to become the standard for secure Internet of Things (IoT) infrastructures in network management. Clearly, Tosibox is delighted to welcome Jarno Limnll as its new CEO, says Markku Tapio, Chairman of the Board of Tosibox Oy. He More

The post Jarno Limnll appointed CEO of IoT infrastructure security firm Tosibox appeared first on Help Net Security.

22:17

Why Locking Down the Kernel Wont Stall Linux Improvements

The Linux Kernel Hardening Project is making significant strides in reducing vulnerabilities and increasing the effort required to exploit vulnerabilities that remain. Much of what has been implemented is obviously valuable, but sometimes the benefit is more subtle. In some cases, changes with clear merit face opposition because of performance issues. In other instances, the amount of code change required can be prohibitive. Sometimes the cost of additional security development overwhelms the value expected from it.

21:52

PUBG Mobile Lite APK Download | How To Install It TechWorm

How to download PUBG Mobile Lite APK and install it

PUBG Mobile lite Well, this game needs to introduction. You might have heard about this in the past few weeks. Every gaming channel on youtube or even your friends are talking about this. There are plenty of reasons why this game became so famous. It was first launched for desktops and PCs only but this year it was launched for smartphones too. This did a great welfare to all game lovers out there. They quickly downloaded it from the play store and even before you realize its popularity, it went viral like a hell. So in this article, we are providing you with the best way to download and install PUBG.

Download PUBG Mobile lite using Apk File

Yes, you can download PUBG using an APK file. There are two popular APK sites which have highest ranking regarding PUBG download.

  1. ApkPure
  2. ApkMirror

You can directly move to the download sections of PUBG just by clicking these website names Above.

Procedure on how to install PUBG Mobile lite: (Apkpure version)

  • Download the APKPure app
  • Search for PUBG Mobile app and download the APK file
  • Once downloaded, install the PUBG Mobile Lite APK on your smartphone
  • Before you can play the game, you need a VPN to connect to the Philippines server in order to enter a battle royale. (We used X-VPN and had to buy a premium subscription to unlock the Philippines location in order to play PUBG Mobile Lite. However, you can download any other VPN which can set your location in the Philippines).
  • Once youve set your location, you can connect to the local server and start a match.

Procedure on how to install: (Apkmirror version)

  • Simply follow the link above ApkMirror

Another way to download PUBG Is using Google Play store

In this method, you just need to download PUBG like you do for other games.

  • Open Play store
  • Select Games
  • Type PUBG
  • Download it

So these were some ways to get PUBG lite on your smartphone.

The post PUBG Mobile Lite APK Download | How To Install It appeared first on...

21:49

64-bit ARM Changes For Linux 4.19 Has "A Bunch Of Good Stuff" Phoronix

Will Deacon submitted the 64-bit ARM (ARM64/AArch64) changes on Tuesday for the Linux 4.19 kernel merge window...

21:45

New Office 365 phishing attack uses malicious links in SharePoint documents Help Net Security

Fake emails targeting Office 365 users via malicious links inserted into SharePoint documents are the latest trick phishers employ to bypass the platforms built-in security, Avanan researchers warn. The cloud security company says that the phishing attack was leveraged against some 10% of its Office 365 customers in the past two weeks and they believe the same percentage applies to Office 365 globally. About the PhishPoint attack The victim receives an email containing a link More

The post New Office 365 phishing attack uses malicious links in SharePoint documents appeared first on Help Net Security.

21:30

PSD2 SCA requirements will be implemented soon, are you ready? Help Net Security

As the second Payment Services Directive continues its rollout, regulations making it obligatory for organisations to implement strong customer authentication (SCA) in online payments will come into force on September 19th this year. Despite the proximity of this new requirement, regulators have still not made clear what the most effective way to implement SCA is, in a way that does not compromise on customer convenience. This points to a need for greater collaboration between key More

The post PSD2 SCA requirements will be implemented soon, are you ready? appeared first on Help Net Security.

21:28

How to install Fortnite for android ? | APK Download TechWorm

How you can download Fortnite APK and install it

Fortnite made disaster in the smartphone gaming industry when it was first launched on iOS. But now it even did more to Android users. As we all know that this game was exclusively launched for only Samsung devices before. But that exclusivity lasted no longer. After a few days, an Apk file was available in the market targeting non-Samsung devices too. Allowing other users to download and install fortnite on their devices. Now anyone can get an access to this game. You can also get access by simply downloading this game from the link provided just below this article.

So after the tremendous success of PUBG, many gamers have shifted towards this masterpiece. The reason is pretty simple, this game has a great potential. I personally played it and felt this game is better than PUBG in terms of performance and graphics. Well, you can try your taste by following the installation guide below:-

Few things to remember before Installing this game (Fortnite):

1. Avoid Playstore

If you are thinking to download this game from official google play store then you are just wasting your time. This game is only available on Fornites official website or on apk website (Link just below this article).

2. Check your device

Check your device first. If you have a compatible Samsung device then you dont need to do anything much. Just simply download Fortnite right away, either through the Samsung Game Launcher or Epics website. In order to check if your device is compatible or not visit Download Fornite for android.

3. Sign Up for the waiting list

4. Waiting for Invite

In this part, all you patience skills will be tested to its core. Some people are getting invites early and some are just waiting for the beautiful moment when they receive e-mail notification via Epic Games. Since the craze and hipe of this game have increased the waiting time may vary from days to even weeks. So Best of luck with that.

5. Download The game Directly | Fortnite APK Download

If you have no roo...

21:25

Systematic Analysis Reduces One Chicago Location's Parking Tickets by 50% SoylentNews

Utilizing FOIA and some clever software Mr. Chapman quickly identifies a troubled spot for parking in Chicago and gets results!

http://mchap.io/using-foia-data-and-unix-to-halve-major-source-of-parking-tickets.html

The story relates how the author used Freedom of Information Act requests to gather raw data on parking tickets issued in Chicago. What he received was a semicolon-delimited text file containing a great number of data entry errors. The author outlines the steps taken to clean and extract data on a likely problematic parking location. Armed with this data, he visited the location and discovered very confusing signage. He reported this to the city, who rectified the signage. This led to a 50 percent decrease in the number of tickets issued for that location.

I immediately asked myself three things

1. How much more effective has that corner become?
2. Who's grumbling about the loss of revenue?
3. What would happen if more of us did this very thing?


Original Submission

Read more of this story at SoylentNews.

21:00

A Remotely Controlled Kindle Page Turner Hackaday

One of the biggest advantages of e-readers such as the Kindle is the fact that it doesnt weigh as much as a traditional hardcover book, much less the thousands of books it can hold in digital form. Which is especially nice if you drop the thing on your face while reading in bed. But as light and easy to use as the Kindle is, you still need to hold it in your hands and interact with it like some kind of a babys toy.

Looking for a way to operate the Kindle without having to go through the exhaustive effort of raising their hand, [abm513] designed and built a clip-on device that makes using Amazons e-reader even easier. At the press of a button, the device knocks on the edge of the screen which advances the book to the next page. Going back a page will still require you to extend your meaty digit, but thats your own fault for standing in the way of progress.

The 3D printed case holds an Arduino and RF receiver, as well as a small servo to power the karate-chop action. Theres no battery inside, meaning the device needs to stay plugged in via a micro USB connection on the back of the case. But lets be honest: if youre the kind of person who has a remote-controlled Kindle, you probably arent leaving the house anytime soon.

To...

20:56

Machine Learning Could Help Identify Author of an Anonymous Code TechWorm

Machine Learning Algorithm That De-anonymizes Programmers From Source Code And Binaries

Researchers have found that machine learning can be used to help identify pieces of codes, binaries, and exploits written by anonymous programmers, according to Wired. In other words, machine learning can de-anonymize programmers from source-code or binary form.

The study was presented by Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadts former Ph.D. student and now an assistant professor at George Washington University, at the DefCon hacking experience.

How To De-Anonymize Code

According to the researchers, the code written in the programming language is not completely anonymous. The abstract syntax trees contain stylistic fingerprints that can be used to potentially identify programmers from code and binaries.

In order to study the binary experiment, the researchers examined code samples in machine learning algorithms and removed all the features such as choice of words used, how to organize codes and length of the code. They then narrowed the features to only include the ones that actually differentiate developers from each other.

Examples of a programmers work are fed into the AI where it studies the coding structure. This approach trains an algorithm to recognize a programmers coding structure based on examples of their work.

For the testing, Caliskan and the other researchers used code samples from Googles annual Code Jam competition. It was found that 83% of the time, the AI was successful in identifying the programmers from the sample size.

Where can it be used?

This approach could be used for identifying malware creators or investigating instances of hacks. It can also be used to find out if students studying programming stole codes from others, or whether a developer violated a non-compete clause in their employment contract.

Privacy Implications

However, this approach could have privacy implications, especially for those thousands of developers who contribute open-source code to the world and choose to remain anonymous for certain reasons.

Future Work

Greenstadt and Caliskan plan to study how other factors might affect a persons coding style. For instance, questions such as what happens when members of the same organization work together on a project, or whether people from different countries code in different ways. Also, whether the same attribution methods could be used across...

20:49

DRM Updates Sent In For Linux 4.19 With New VKMS Driver, Intel Icelake Work Phoronix

David Airlie has submitted the Direct Rendering Manager (DRM) updates for the Linux 4.19 kernel merge window with these various open-source graphics/display driver updates...

20:42

Surfing the internet with your mind seems to be a great step forward Lifeboat News: The Blog

The implications are mind-boggling, oh yes.


Check out what MIT media lab does using bone conduction technology.

#technology #future #internet #biotechnology #communication #immersiveleaks

20:28

Top Linux Developers' Recommended Programming Books

Without question, Linux was created by brilliant programmers who employed good computer science knowledge. Let the Linux programmers whose names you know share the books that got them started and the technology references they recommend for today's developers. How many of them have you read?

20:08

Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) Open Source Security

Posted by Marcus Meissner on Aug 15

Hi,

no.

SegmentSmack affects TCP segments,
FragmentSmack affects IP fragments (lower protocol level).

Ciao, Marcus

19:48

New Bugs Leave Millions of Phones Vulnerable to Hackers SoylentNews

Submitted via IRC for BoyceMagooglyMonkey

Research funded by the Department of Homeland Security has found a "slew" of vulnerabilities in mobile devices offered by the four major U.S. cell phone carriers, including loopholes that may allow a hacker to gain access to a user's data, emails, text messages without the owner's knowledge.

The flaws allow a user "to escalate privileges and take over the device," Vincent Sritapan, a program manager at the Department of Homeland Security's Science and Technology Directorate told Fifth Domain during the Black Hat conference in Las Vegas.

The vulnerabilities are built into devices before a customer purchases the phone. Researchers said it is not clear if hackers have exploited the loophole yet.

Department of Homeland Security officials declined to say which manufacturers have the underlying vulnerabilities.

Millions of users in the U.S. are likely at risk, a source familiar with the research said, although the total number is not clear.

Because of the size of the market, it is likely that government officials are also at risk. The vulnerabilities are not limited to the U.S.

Researchers are expected to announce more details about the flaws later in the week.

Source: https://www.fifthdomain.com/show-reporters/black-hat/2018/08/07/manufacturing-bugs-allow-millions-of-phones-to-be-taken-over-dhs-project-to-announce/


Original Submission

Read more of this story at SoylentNews.

19:38

The Linux Benchmarking Continues On The Threadripper 2950X & 2990WX Phoronix

While I haven't posted any new Threadripper 2950X/2990WX benchmarks since the embargo expired on Monday with the Threadripper 2 Linux review and some Windows 10 vs. Linux benchmarks, tests have continued under Linux -- as well as FreeBSD...

19:28

Former Microsoft Engineer Gets Prison for Role in Reveton Ransomware The Hacker News

A former Microsoft network engineer who was charged in April this year has now been sentenced to 18 months in prison after pleading guilty to money laundering in connection with the Reveton ransomware. Reveton malware is old ransomware, also known as scareware or police ransomware that instead of encrypting files locks the screen of victims computers and displays a message purporting to come

19:25

CodeWeavers Joins The Khronos Group Along With IKEA Phoronix

In addition to the many technical accomplishments of Khronos this week at SIGGRAPH 2018, they were also celebrating the milestone of crossing 140 members to this industry standards group...

19:20

Antiquated Patenting Trick: Adding Words Like Apparatus to Make Abstract Ideas Look/Sound Like They Pertain to or Contain a Device Techrights

Apparatus

Summary: 35 U.S.C. 101 (Section 101) still maintains that abstract ideas are not patent-eligible; so applicants and law firms go out of their way to make their ideas seem as though theyre physical

THE examiners at the USPTO have been instructed (as per Section 101/Alice and examination guidelines) not to grant abstract patents, which include software patents. This means that applicants and the law firms whom they pay to game the system will go out of their way to rephrase things, making life harder for examiners.

RichmondBizSenses patent listings, published only a few hours ago, include Method and apparatus for context based data analytics (analysis or analytics using algorithms).

We certainly hope that examiners are clever enough to spot these tricks; the underlying algorithms do not depend on a device and arent strictly tied to any; they can run on any general-purpose computer.Notice how they titled it; apparatus is just the same old trick (like device) for making abstract ideas seem physical. Lawyers tricks like these fool the examiners. Device, at least in the EPO, is the weasel word quite often used to make patents look less as such (or per se as they phrase it in India). We certainly hope that examiners are clever enough to spot these tricks; the underlying algorithms do not depend on a device and arent strictly tied to any; they can run on any general-purpose computer.

Watchtrolls latest attack on 35 U.S.C. 101 (this time Jeremy Doerre again, for the second time in a week) shows that patent quality is the real threat to these maximalists/extremists. They dislike justice, love litigation, and Section 101 is therefore a threat to them. Maybe they will just attack SC...

19:14

Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) Open Source Security

Posted by David T. on Aug 15

Is this the same as "SegmentSmack" that came out last week, CVE-2018-5390?
Or, what is the difference?

19:11

The Big Networking Update Sent In For Linux 4.19, Including 802.11ax Bits Phoronix

David Miller sent in the networking subsystem updates today for the Linux 4.19 kernel merge window...

18:51

CSNC-2018-016 - ownCloud iOS Application - Cross-Site Scripting Bugtraq

Posted by Advisories on Aug 15

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: ownCloud iOS Application (owncloud.iosapp) [1]
# Vendor: ownCloud Gmbh
# CSNC ID: CSNC-2018-016
# CVE ID: N/A
# Subject: Cross-Site Scripting in ownCloud iOS Application's WebViews
# Risk: Low
# Effect:...

18:48

CSNC-2018-023 - Atmosphere Framework - Reflected Cross-Site Scripting (XSS) Bugtraq

Posted by Advisories on Aug 15

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: Atmosphere [1]
# Vendor: Async-IO.org
# CSNC ID: CSNC-2018-023
# Subject: Reflected Cross-Site Scripting (XSS)
# Risk: High
# Effect: Remotely exploitable
# Author: Lukasz D. (advisories ()...

18:40

August 2018 Microsoft Patch Tuesday fixes two flaws exploited in attacks in the wild Security Affairs

Microsoft Patch Tuesday update for August 2018 addresses a total of 60 vulnerabilities, two of which are actively exploited in attacks in the wild.

After Adobe, also Microsoft released the Patch Tuesday update for August 2018 that addresses a total of 60 vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, Office, ChakraCore, .NET Framework, Exchange Server, Microsoft SQL Server and Visual Studio.

19 remote code execution vulnerabilities are rated as critical and two flaws are being exploited in the wild at the time of release.

Microsoft has also addressed 39 important vulnerabilities, one moderate and one low in severity.

Lets start with the vulnerabilities exploited in attacks in the wild:

CVE-2018-8373 IE Scripting Engine Memory Corruption Vulnerability

The vulnerability affects Internet Explorer 9, 10 and 11, it was first disclosed last month by Trend Micro and affected all supported versions of Windows.

The flaw could be exploited by remote attackers to take control of the vulnerable systems by tricking victims into viewing a specially crafted website through Internet Explorer. The attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine.

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. reads the security advisory published by Microsoft.

An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

CVE-2018-8414  Windows Shell Remote Code Execution Vulnerability

The flaw is actively exploited in attacks in the wild, it resides in the Windows Shell and tied with the improper validation of file paths. An attacker can execute arbitrary code on the vulnerable system by tricking victims into opening a specially crafted file received via an email or a web page.

An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on as an administrator, an attacker could take control o...

18:40

Top 10 Torrent Site iDope Goes Down With Domain Issues TorrentFreak

In the summer of 2016, shockwaves rippled through the BitTorrent scene when KickassTorrents (KAT), the worlds most popular torrent site at the time, was forcefully shut down.

The action coordinated by the US government saw alleged KAT founder Artem Vaulin taken into custody. Meanwhile, millions of former users scrambled to find alternatives elsewhere on the Internet.

Unsurprisingly, many dispersed to existing torrent giants such as The Pirate Bay and RARBG but it didnt take long for new blood to enter the ecosystem. Soon after KATs demise, a new indexer called iDope made its debut, largely as a tribute to the dismantled torrent behemoth.

This project was developed the next day after we knew KAT was taken down, its very very new, and we are a very small team, so you wont find anything about it on the Internet, especially when we never promoted it decently, one of the sites operators said back in 2016.

We only intended to make simple products that everyone can enjoy, we dont make bucks out of it, and thus we promise no annoying pop-up ads.

In the months and years that followed, iDope gained a significant following and in January 2018, the relatively new site broke into TorrentFreaks annual round-up of the worlds most-visited torrent sites. With similar traffic to the equally popular Zooqle, iDope bagged itself a joint tenth position in the list.

During the past week, however, problems have hit the site. Without any warning, iDope which has operated very smoothly from the iDope.se domain since its launch went offline.

The sites Twitter and Facebook accounts have been dormant for some time and the recent downtime didnt result in any updates. Unfortunately, that vacuum has left people to speculate on what has caused the outage, from technical issues to problems with the authorities.

TorrentFreak contacted the last known email address associated with the iDope team expecting that to be dead too. Overnight, however, we received a response, one that leaves hope for a smooth return for the popular torrent index.

There are some problems with our domain idope.se, We are communicating with the domain provider. We believe it can be restored within a few days, TF was told.

While iDope was down, other domains that appeared to be clones or perhaps mirrors of iDope remained up, albeit with indexes a few days out of date. In the first instance it was unclear whether those domains we...

18:31

Open Invention Network (OIN) Member Companies Need to Become Unanimous in Opposition to Software Patents Techrights

OIN still going with the flow of millionaires and billionaires who fund it, not Free/libre software developers

Opposition

Summary: Opposition to abstract software patents, which even the SCOTUS and the Federal Circuit nowadays reject, would be strategically smart for OIN; but instead it issues a statement in support of a GPL compliance initiative

THE USPTO is still granting software patents, never mind if courts continue and persist in rejecting these. OIN still generally supports software patents, albeit shyly. It doesnt talk about that too much. Just look at the member companies of OIN, especially founding members; some of these companies actively pursue their own software patents and IBM is blackmailing companies with these.

OIN still generally supports software patents, albeit shyly.Yesterday OIN issued this press release [1, 2] under the title Open Invention Network Member Companies Unanimous in Support of GPL Cooperation Commitment and whats odd about it is that they talk about software licences rather than patent licences. The GPL is dealing with copyright (mostly), albeit GPLv3 indirectly deals with patents too. So its interesting that OIN now talks about the GPL rather than patent policy. From the opening paragraph:

Open Invention Network (OIN), the largest patent non-aggression community in history, announced today that its eight funding members Google, IBM, Red Hat, SUSE, Sony, NEC, Philips, Toyota have committed to rejecting abusiv...

18:16

Hack Causes Pacemakers to Deliver Life-Threatening Shocks SoylentNews

Submitted via IRC for SoyCow1984

Life-saving pacemakers manufactured by Medtronic don't rely on encryption to safeguard firmware updates, a failing that makes it possible for hackers to remotely install malicious wares that threaten patients' lives, security researchers said Thursday.

At the Black Hat security conference in Las Vegas, researchers Billy Rios and Jonathan Butts said they first alerted medical device maker Medtronic to the hacking vulnerabilities in January 2017. So far, they said, the proof-of-concept attacks they developed still work. The duo on Thursday demonstrated one hack that compromised a CareLink 2090 programmer, a device doctors use to control pacemakers after they're implanted in patients.

Because updates for the programmer aren't delivered over an encrypted HTTPS connection and firmware isn't digitally signed, the researchers were able to force it to run malicious firmware that would be hard for most doctors to detect. From there, the researchers said, the compromised machine could cause implanted pacemakers to make life-threatening changes in therapies, such as increasing the number of shocks delivered to patients.

Source: https://arstechnica.com/information-technology/2018/08/lack-of-encryption-makes-hacks-on-life-saving-pacemakers-shockingly-easy/

Related: A Doctor Trying to Save Medical Devices from Hackers
Security Researcher Hacks Her Own Pacemaker
Updated: University of Michigan Says Flaws That MedSec Reported Aren't That Serious
Fatal Flaws in Ten Pacemakers Make for Denial of Life Attacks
After Lawsuits and Denial, Pacemaker Vendor Finally Admits its Product is Hackable
8,000 Vulnerabilities Found in Software to Manage Cardiac Devices
465,000 US Patients Told That Their Pacemaker Needs a Firmware Upgrade
Abbott Addresses Life-Threatening Flaw in a Half-Million Pacemakers


Original Submission

...

18:00

Replacement Audi Plastics Thanks To 3D Printing Hackaday

Old cars can be fun, and as long as you drive something that was once moderately popular, mechanical parts can be easy enough to come by. Things like filters, spark plugs, idle air solenoids theyre generally available for decades after a car is out of production as long as you know where to look. However, plastics can be much harder to come by. 20 to 30 years into a cars lifetime, and youll be hard pressed to find a radio surround or vent trim in as-new condition theyve all long ago succumbed to the sun and air like the cracked and discoloured piece in your own car. What is a hacker to do? Bust out the 3D printer, of course!

[Stephen Kraus] has developed a series of parts for his Audi, ready to print on the average home 3D printer. Theres the triple gauge mount which fits in the radio slot for that classic tuner look, to the printed wheel caps which are sure to come in handy after youve lost the originals. There are even useful parts for capping off the distributor if youre switching to a more modern ignition setup. [Stephen] also reports that his replacement shifter bushing printed in PLA has lasted over a year in normal use.

This is an excellent example of what 3D printers do best obscure, bespoke one-off parts with complex geometries are no trouble at all, and can be easily made at home. Weve seen this done to great effect before, too for example with this speedometer correction gear in an old truck.

17:52

President Battistelli Killed the EPO; Antnio Campinos Will Finish the Job Techrights

Reducing jobs, only months after outsourcing jobs at EU-IPO (sending these overseas to low-salaried staff, even in defiance of EU rules)

Closed

Summary: The EPO is shrinking, but this is being shrewdly disguised using terms like efficiency and a low-profile President who keeps himself in the dark

THE number of granted patents continues to decrease (a steady decline) at the USPTO, representing improvements (restrictions) imposed there by the courts. Well say a little more about that later.

These people dont care about scientists, whom they merely view/perceive as human resources (not to mention who has been put in charge of human resources).At the office in Munich, however, patent maximalism reigns supreme. The agenda has nothing to do with science and technology; the management lacks background in science and technology. The President is a former banker and his predecessor is a politician. These people dont care about scientists, whom they merely view/perceive as human resources (not to mention who has been put in charge of human resources). Its all about money. All. About. Money. Short-term gain. What doesnt count to them is the long-term survival of their company (its actually not a company but an institution with a monopoly, which should not strive for profits but instead serve public interests).

The official announcement is that target per examiner still increases, but the EPO shall have less examiners. Recruitment is halted and retirement shall not compensated.
      Mrpel
Anyway, Mrpel says that the EPO is closing shop. (thats her headline). It is not literally but metaphorically doing so; it was killed by Battistelli and his friend...

17:40

Foreshadow Attacks 3 New Intel CPU Side-Channel Flaws Discovered The Hacker News

2018 has been quite a tough year for Intel. While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks. Dubbed Foreshadow, alternatively called L1 Terminal Fault or L1TF, the new attacks include

17:20

Adobe August 2018 Patch Tuesday addresses 11 vulnerabilities in its products Security Affairs

Adobe released the August 2018 Patch Tuesday updates that address 11 vulnerabilities in Flash Player, the Creative Cloud Desktop Application, Experience Manager, and Acrobat and Reader.

Adobe August 2018 Patch Tuesday updates have addressed eleven vulnerabilities in eleven products, five of them in Flash Player.

Below vulnerability details:

Vulnerability Category Vulnerability Impact Severity CVE Number
Out-of-bounds read Information Disclosure Important CVE-2018-12824
Security bypass Security Mitigation Bypass Important CVE-2018-12825
Out-of-bounds read Information Disclosure Important CVE-2018-12826
Out-of-bounds read Information Disclosure Important CVE-2018-12827
Use of a component with a known vulnerability Privilege Escalation Important CVE-2018-12828

All the five security flaws fixed with the August 2018 Patch Tuesday updates have been rated as Important, the most serious one is a privilege escalation issue tracked as CVE-2018-12828 that can lead to arbitrary code execution.

Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address important vulnerabilities in Adobe Flash Player 30.0.0.134 and earlier versions.  Successful exploitation could lead to arbitrary code execution in the context of the current user. reads the security advisory published by Adobe.

Adobe fixed two critical arbitrary code execution flaws in Acrobat and Reader (CVE-2018-12808, CVE-2018-12799) for Windows and macOS.

Vulnerability Category Vulnerability Impact Severity CVE Number
Out-of-bounds write Arbitrary Code Execution Critical CVE-2018-12808
Untrusted pointer dereference Arbitrary Code Execution Critical CVE-2018-1...

17:04

Theo on the latest Intel issues OpenBSD Journal

Theo de Raadt (deraadt@) posted to the tech@ mailing list with some background on how the latest discovered Intel CPU issues relate to OpenBSD.

Date: Wed, 15 Aug 2018 00:31:16 -0600
From: Theo de Raadt [elided]
To: tech@openbsd.org
Subject: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646

These 3 issues all relate to a bug in Intel cpus

The cpu will speculatively honour invalid PTE against data in the
on-core L1 cache.  Memory disclosure occurs into the wrong context.

These 3 issues (CVE-2018-3615, CVE-2018-3620, CVE-2018-3646) together
are the currently public artifacts of this one bug.

Read more

17:00

Nuclear Fusion Updated project reviews Terra Forming Terra

  

I must admit that after discovering just how easy it is to produce a 3D spiral wave able to induce electron decay in Dark Matter, my interest in fusion waned.  As i have posted before, we have all the energy we want for the taking and anywhere inside our galaxy at least.

These research programs remain as excellent work in understanding our physical limits and much is been learned so bravo still.

This item gives us an update and general summary of the ongoing work which has isolated several separate protocols and is attempting to drive them home.  I continue to like LLP simply because containment is not the issue.  The issue is unsurprisingly materials science.  It is also capable of been very compact, but after saying just that i would like to spend the heavy coin to scale it all up ten fold.  I do think that this design will perform much better as scale climbs.

That is exactly why we already have huge gravity ships that you do not know about although just too many folks have seen them pass at night.  Note that all UFO's are gravity ships at least and EM ships second in order to maneuver...

 

 Nuclear Fusion Updated project reviews

17:00

Trumps Prime Directive: Save American Culture From Maoist Forces Terra Forming Terra



 

The one big problem faced by POTUS is that he has to fight several large wars. Common sense dictates that he must solve them essentially one at a time and completely at that.   Yet before all that it is also necessary to eliminate the DEEP STATE which is central to all these wars.  The DEEP STATE is waging a Maoist campaign against western culture itself and it has become obvious.

Intel from Q  has informed us regarding ongoing actions against the DEEP STATE. I now think that its demise is eminent.  I also think that the Midterms will be a smashing Trump victory.  Dem efforts have been tepid to date and leadership is AWOL.  This can give him real control of both house and congress and i also note a large number of GOP congressmen and senators are stepping out which can only mean Trump endorsed replacements.

Then expect a wall reform legislation including some form of single payer medicare in particular.  The cultural war will be suddenly reversed through the reform of education including the universities in particular.  Having avowed Maoists brainwashing the non STEM crowd has got to stop..






Trumps Prime Directive: Save the American Culture From the Maoist Forces Which Are Imposing Their Communist Will On America
 

Mao, despicable but effective. According to NYU Professor Rectanwald, Mao is the model that is being used to destroy our country.

...

17:00

Clinker built Viking ship DRAGON HARALD FAIRHAIR Terra Forming Terra

Dragon Harald Fairhair: The construction of a Viking DragonShip


I was unaware that the Norwegians had actually built one of these and had really got it right as well.  a lot of good questions got answered herel.   This one was crafted inside of two years.  Watch all the videos in this post.

It was also build as large as likely ever built as well.  Now i want to see this scaled back to a more practical size, not least because this size comes in at 70 tons.  60 foot length and a 15 foot beam should get us down to under twenty tons.  Assume ten pairs of oars for a crew of forty or so.

This was surely typical of the usual long ship of the vikings.

Better yet it is light enough that sledging it becomes plausible.  Thinner planks would make a big difference there.

There is an excellent prospect for building a fleet of these smaller craft for sailing in Salish Sea between Vancouver and Vancouver Island's Cowichan Valley which was the likely site of the original Vinland.  It is clearly no trick to...

'Gargoyle' Sighting - South of Boston, MA Terra Forming Terra













This time we got a good look without the face.  That the witness confirmed first impression of a gargoyle is important as he surely got it right.  This means not a bird and not a pterodactyl.  We have now had plenty of likely gargoyles and even some other actual IDs as well.

The Chupacabra is surely a gargoyle and there is plenty of game out there for a blood feed as well.  These creatures generally stay well clear of us and our animals though not always with a chicken coop and other small operations.  Larger operations really have way too much protection.

Again we have the Thunder Bird out there as well as the Chupacabra or Gargoyle and we also have a Pterodactyl also.  All these can sit down on a roof and will.
..




'Gargoyle' Sighting - South of Boston, MA

Friday, August 03, 2018

https://www.phantomsandmonsters.com/2018/08/gargoyle-sighting-south-of-boston-ma.html

The following account was posted at Reddit today, by the user named Decay_WithMe. I contacted the witness and received a bit more information:


I live 25 minutes south of Boston. About 6 months ago I saw this insane thing. It was about 3 AM, I had been up late as I normally am. I stepped outside to smoke a cigarette. It was dark as Hell except for the stars and moon. As I was smoking I heard this noise of something flying. I look up and see this winged creature land on my neighbor's roof and just sit there like a Gargoyle would. I thought I was seeing sh*t or seeing something wrong but then the creature jumped up and flew away and I could see its whole body. It was the size of a small human but massive wings. It reminded me of a Gargoyle. I don't know what the f**k I saw but it was crazy. Has anyone ever had an experience seeing something like this? Humanoid creature with wings?

After contacting the witness, I received the following message:


Hey there. I ca...

16:42

Home Depot Q2 2018 Results Shed Light on U.S. Economy SoylentNews

Home Depot's Sales Rebound Muted by Inflation in Fuel and Lumber

Home Depot Inc.'s sales rebounded last quarter as Americans took on more remodeling projects, but rising costs for lumber and transportation are weighing on profitability.

[...] Home Depot and its smaller rival Lowe's Cos. are often seen as proxies for the health of the housing sector because property owners spend more on their homes when they believe values are rising. But for several quarters there's been increasing concern that years of robust home-price gains are cooling. For its part, Home Depot has continually said that a shortage of available homes in many markets would actually underpin higher home-improvement spending.

[...] Even as the overall housing market looks to be cooling, several trends are driving demand for home-improvement products. A shortage of available listings has slowed property purchases, causing some owners to opt for sprucing up their homes instead. Additionally, more people are staying longer in their homes, which also supports the uptick.

The labor market also plays a role: A strong run of hiring, coupled with moderate wage growth, has boosted Americans' wherewithal to spend money on fixing up their homes. Spending on home improvement -- which accounts for about 38 percent of private residential construction outlays -- surged 13.8 percent in June from a year earlier to reach $221 billion, according to Commerce Department data. Going forward, the job market may continue to propel housing and remodeling demand. But potential hurdles include a pickup in mortgage rates, a shortage of skilled workers for building and remodeling projects, and rising costs for construction materials such as lumber, which is affected by tariffs.

Also at CNN and CNBC.


Original Submission

Read more of this story at SoylentNews.

16:05

FreeBSD Security Advisory FreeBSD-SA-18:11.hostapd Bugtraq

Posted by FreeBSD Security Advisories on Aug 14

=============================================================================
FreeBSD-SA-18:11.hostapd Security Advisory
The FreeBSD Project

Topic: Unauthenticated EAPOL-Key Decryption Vulnerability

Category: contrib
Module: wpa
Announced: 2018-08-14
Credits: Mathy Vanhoef of the imec-DistriNet research group of...

16:00

FreeBSD Security Advisory FreeBSD-SA-18:10.ip Bugtraq

Posted by FreeBSD Security Advisories on Aug 14

=============================================================================
FreeBSD-SA-18:10.ip Security Advisory
The FreeBSD Project

Topic: Resource exhaustion in IP fragment reassembly

Category: core
Module: inet
Announced: 2018-08-14
Credits: Juha-Matti Tilli <juha-matti.tilli () iki fi> from...

15:57

FreeBSD Security Advisory FreeBSD-SA-18:09.l1tf Bugtraq

Posted by FreeBSD Security Advisories on Aug 14

=============================================================================
FreeBSD-SA-18:09.l1tf Security Advisory
The FreeBSD Project

Topic: L1 Terminal Fault (L1TF) Kernel Information Disclosure

Category: core
Module: Kernel
Announced: 2018-08-14
Affects: All supported versions of FreeBSD.
Corrected:...

15:53

FreeBSD Security Advisory FreeBSD-SA-18:08.tcp Bugtraq

Posted by FreeBSD Security Advisories on Aug 14

=============================================================================
FreeBSD-SA-18:08.tcp Security Advisory
The FreeBSD Project

Topic: Resource exhaustion in TCP reassembly

Category: core
Module: inet
Announced: 2018-08-06
Credits: Juha-Matti Tilli <juha-matti.tilli () iki fi> from...

15:31

[slackware-security] openssl (SSA:2018-226-01) Bugtraq

Posted by Slackware Security Team on Aug 14

[slackware-security] openssl (SSA:2018-226-01)

New openssl packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/openssl-1.0.2p-i586-1_slack14.2.txz: Upgraded.
This update fixes two low severity security issues:
Client DoS due to large DH parameter.
Cache timing vulnerability in RSA Key Generation.
For more...

15:27

[SECURITY] [DSA 4272-1] linux security update Bugtraq

Posted by Salvatore Bonaccorso on Aug 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-4272-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
August 14, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2018-5391

CVE-2018-5391...

15:22

SpaceX preparing astronauts to return to space travel Lifeboat News: The Blog

We are not going to fly until we are ready to fly safely, said SpaceX Chief Operating Officer Gwynne Shotwell at the event Monday. We need to hit all the boxes and do everything we need to do to take astronauts from U.S. soil as often as NASA will let us.After SpaceX successfully completes Demo-2, NASA will certify the spacecraft and systems for regular crewed launches to the ISS, with astronauts Mike Hopkins and Victor Glover flying the first operational mission.

Even with all the safety precautions and testing, however, the astronauts remain aware that space flight is extremely hazardous.The only thing Im afraid of, said Glover, who is married and has four daughters, is not coming home to my family.

15:05

Tbx6 Revealed As Crucial To Heart And Skeleton Formation From Stem Cells SoylentNews

Many studies have attempted to identify a single transcription factor that can induce formation of the mesoderm, an early layer in embryonic development, without help from other cellular proteins. None have been successful, until now.

In a new study published in Cell Stem Cell, titled "Tbx6 Induces Nascent Mesoderm from Pluripotent Stem Cells and Temporally Controls Cardiac versus Somite Lineage Diversification," a research team, including experts from the University of Tsukuba, screened over 50 transcription factors and found that Tbx6 alone was able to stimulate mesoderm formation in laboratory-grown stem cells, and could cause those stem cells to become cardiovascular or musculoskeletal cells.

[...] In the study, temporary production of Tbx6 caused the formation of mesoderm that later produced cardiovascular cells, while continuous Tbx6 expression suppressed this cardiovascular-forming mesoderm and caused formation of mesoderm that later produced musculoskeletal cells.

"Our analyses revealed a connection between early Tbx6 expression and cardiovascular lineage differentiation, and we believe that our study and similar studies may change the current view of lineage specification during development," Dr. Ieda explains. "Importantly, this essential and unappreciated function of Tbx6 in mesoderm and cardiovascular specification is conserved from lower organisms to mammals, so this discovery may have wide-ranging applicability in regenerative medicine."

Tbx6 Induces Nascent Mesoderm from Pluripotent Stem Cells and Temporally Controls Cardiac versus Somite Lineage Diversification (DOI: 10.1016/j.stem.2018.07.001) (DX)


Original Submission

Read more of this story at SoylentNews.

15:00

Reinforce Happy Faces With Marshmallows And Computer Vision Hackaday

Bing Crosby famously sang Just let a smile be your umbrella. George Carlin, though, said, Let a smile be your umbrella, and youll end up with a face full of rain. [BebBrabyn] probably agrees more with the former and used a Raspberry Pi with Open CV to detect a smile, a feature some digital cameras have had for a long time. This project however doesnt take a snapshot. It launches a marshmallow using a motor-driven catapult. We wondered if he originally tried lemon drops until too many people failed to catch them properly.

This wouldnt be a bad project for a young person as seen in the video below although you might have to work a bit to duplicate it. The catapult was upcycled from a broken kids toy. You might have to run to the toy store or rig something up yourself. Perhaps you could 3D print it or replace it with a trebuchet or compressed air.

In our darker moods, we can think of other things we might want to do upon detecting a smile, but that would sort of spoil the spirit of this light-hearted project. We were a little disappointed, though, that theres no automatic loading of the catapult. Perhaps that will be in phase two.

Wed be more likely to use the launcher for dog treats, but this is a great example of how easy it is to bake Open CV into a Pi project. Its certainly not as violent as the motion tracking air soft gun. If you want to have a go at replacing the catapult with a pneumatic cannon, you might start here.

13:33

Opportunity Rover Hasnt Woken Up and Engineers Are Getting Nervous SoylentNews

Submitted via IRC for cmn32480

NASA's Opportunity rover has had an incredible career already, spending years upon years studying the Martian surface and proving to be an incredibly reliable and hardy piece of hardware. Unfortunately, a NASA dust storm that began kicking up in May may have abruptly ended its historic run.

In mid-June, the solar-powered Opportunity ran out of juice and was forced to go into its dormant standby mode. The dust storm which swallowed the entirety of Mars had blocked out the Sun, cutting the rover off of its only available source of power. NASA engineers had remained optimistic that the rover would wake back up when the skies began to clear, but things aren't looking good thus far.

[...] That's...not great news. NASA knew that the rover would be forced to sit dormant for a while because of the intensity of the storm, but that was several weeks ago. The dust has since began to settle, and enough light should be pushing its way down to the surface to begin recharging Opportunity's batteries once again.

Source: NASA's Opportunity rover still hasn't woken up from a Mars dust storm, and engineers are getting nervous


Original Submission

Read more of this story at SoylentNews.

10:38

NEW 'Off The Wall' ONLINE 2600 - 2600: The Hacker Quarterly

NEW 'Off The Wall' ONLINE

Posted 15 Aug, 2018 0:38:41 UTC

The new edition of Off The Wall from 14/08/2018 has been archived and is now available online.

02:17

Free and fast ways to turn your favorite YouTube videos into MP3 files TechWorm

Dont you just love the feeling of lying around and listening to music or watching your favorite singers videos on YouTube? It would be great if you could have their music with you all the time and listen to it without requiring an Internet connection. If you really like a song, you could turn it into a ringtone and thus, make your phone sound like your idol.

There are different programs which can help you convert videos from YouTube to MP3s

Those who want to turn their favorite videos into MP3 files need to start looking for an online converter. You will find a lot of these tools available for free download. Since there are a lot of options, its hard to know which is the right one. Another concern could be represented by the idea that you dont know much about hardware and you wont be able to set up the new program by yourself.

In this case, you dont have any reason to worry. Apart from the fact that YouTube converter installment is not brain surgery, we have compiled a list of the most popular programs dedicated to this process. Music fans from around the world are using them and their positive feedback determined us to mention these programs further in this article.

Legal matters

Before we start, we should mention an important detail. Downloading videos from YouTube is legal under certain terms and conditions. Firstly, its totally safe, secure and legal to download your own footages. In this case, you have to have created and uploaded the content to your personal account.

Secondly, nobody will sue you if you have a written permission for downloading their videos. On the other hand, if you want to get files from the public domain you dont need any permission, but make sure that is the case before proceeding.

YouTube to MP3 converters are not just simple apps

Like we mentioned before, you dont have to be a tech guru for using programs dedicated to turning YouTube videos into MP3 files. The following examples have been chosen from a long list and are safe, fast, easy to install and use and, above all, free.
1. VLC Media Player dedicated to Windows operating systems;
2. Audacity suitable for Windows, Linux and macOS;
3. GenYouTube the fastest way to convert YouTube videos to MP3 files;
4. YoutubeMP3.to its features are similar to GenYouTube, but users can customize the videos quality while converting them;
5. MediaHuman YouTube to MP3 Converter suitable to Windows, Mac and Ubuntu operating systems;
6. YouMp34 Android App it is dedicated to downloading videos from YouTube directly to an Android Phone or tablet;
7. Documents iPhone App suitable for iPhone users.
8. Chrome or Firefox Web Browser can be used by Windows systems

Although they...

01:32

Google tracks Android, iPhone users location even with location history turned off TechWorm

Google tracks your movements even when location services are disabled

Many of us turn off location services on our smartphones so that we can avoid being tracked. But what if you get to know that in spite of taking this precaution, Google tracks you everywhere.

According to an Associated Press report released Monday, Google services is storing users location data on Android devices and iPhones even if you have privacy settings explicitly set to not do it. These findings were confirmed by computer-science researchers at Princeton on APs request.

In fact, Googles own support page encourages user autonomy to decide what information to share. You can turn off Location History at any time. With Location History off, the places you go are no longer stored, reads the companys privacy page. However, even with Location History turned off, some Google apps automatically store time-stamped location data without permission, the AP found.

For instance, every time you use an app like Google Maps for navigating, the company asks permission to access your location information on its app. However, this isnt true, as AP found that Google tracks your location even when you have paused Location History on your mobile devices.

For example, Google stores a snapshot of where you are when you merely open its Maps app. Automatic daily weather updates on Android phones pinpoint roughly where you are, the AP explains.

And some searches that have nothing to do with location, like chocolate chip cookies, or kids science kits, pinpoint your precise latitude and longitudeaccurate to the square footand save it to your Google account.

In order to completely turn off location tracking, users must adjust settings in web and app activity, and not only location services. For those unaware, web and app activity is a setting that is enabled by default and stores a variety of information from Google apps and sites to your Google account. Despite turning off web and app activity and location services, it is still difficult to avoid the phone from recording users locations, according to the report.

Google Admits Tracking Users Location

Google issued the following statement in response to APs investigation:

There are a number of different ways that Google may use location to improve peoples experience, including Loca...

00:51

Social Mapper Finds Social Media Profiles Using Only A Photo TechWorm

Social Mapper This Free Tool Lets You Track People Across Social Media

Researchers at Trustwave, a company that provides ethical hacking services, have made it easier for penetration testers and red teamers to search for social media profiles. It has released an open source intelligence tool called Social Mapper that uses facial recognition to compare social media profiles across different sites based on a name and picture. This software tool is aimed at facilitating social engineering attacks.

Social Mapper automatically locates profiles on social media sites, such as Facebook, Instagram, LinkedIn, Google+, Vkontakte and microblogging websites like Weibo and Douban. Automated searching of profiles can be performed much faster and for many people simultaneously.

Performing intelligence gathering is a time-consuming process, it typically starts by attempting to find a persons online presence on a variety of social media sites. While this is an easy task for a few, it can become incredibly tedious when done at scale. Trustwave states in a blog post.

Introducing Social Mapper an open source intelligence tool that uses facial recognition to correlate social media profiles across a number of different sites on a large scale. Trustwave, which provides ethical hacking services, has successfully used the tool in a number of penetration tests and red teaming engagements on behalf of clients.

How does Social Mapper work?

Social Mapper doesnt require API access to social networks. On the basis of the requirement, the Social Mapper first prepares a list of targeted people for processing. It then uses names and photos as input to scan social media profiles online. The software tool then generates reports in the form of spreadsheets, which include profile information like photos, emails, etc. Based on provided names and photos, it takes approximately 60-70 seconds to scan one profile. It takes no less than 15 hours for searching details of 1,000 people.

Social Mapper takes an automated approach to searching popular social media sites for names and pictures of individuals to accurately detect and group a persons presence, outputting the results into a report that a human operator can quickly review.

How to install Social Mapper

Running the Tool

After installing So...

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog