IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Saturday, 27 January

07:17

Linux 3.17 To 4.15 Kernel Benchmarks On Intel Gulftown & Haswell Phoronix

Here is a look at how the Linux kernel performance has evolved since the release of Linux 3.17 in October 2014. With all the major kernel releases over the past 3+ years, here is how the performance compares using two very different Intel Gulftown and Haswell systems.

07:08

Old Bitcoin transactions can come back to haunt you Help Net Security

A group of researchers from Qatar University and Hamad Bin Khalifa University have demonstrated how years-old Bitcoin transactions can be used to retroactively deanonymize users of Tor hidden services. It seems that Bitcoin users past transactions and especially if they used the cryptocurrency for illegal deals on the dark web and didnt think to launder their payments may come back to haunt them. Researchers findings We crawled 1.5K hidden service pages and created More

07:02

Mueller interviewed at least one Facebook employee for Russia probe: report The Hill: Technology Policy

Special counsel Robert Mueller's team has interviewed at least one Facebook employee tasked with helping the Trump campaigns digital operations during the 2016 campaign, Wired reported on Friday.The report, which cited a source familiar with...

07:00

Build a Clock With Lixies, the Nixie-Tube Lookalike IEEE Spectrum Recent Content full text

Simulate a retro-tech look without the fuss Photo: Randi Klett

img Photo: Randi Klett

Stanley Kubricks 1968 science fiction film 2001: A Space Odyssey still stands up pretty well. But theres a telling anachronism in the scene where scientists visit a monolith thats been uncovered on the moon. On their lunar shuttles control panel, there are numerical indicator lights clearly made with cold-cathode displays, also known as Nixie tubes. This technology was in vogue during the mid-1950s but fell out of favor in the 1970s.

Nixie tubes still enjoy a following among enthusiasts of retro technology. Ive sometimes been tempted to build a Nixie-tube clock, but the difficulties and expense always put me off. Its hard even to purchase Nixie tubes at this pointespecially larger onesand they require high-voltage driver circuits, which are inherently dangerous. So I was delighted when I stumbled on something designed to mimic the appearance of Nixie tubes without the complicationssomething its designer calls a Lixie display.

Lixies contain WS2812B smart LEDs at one end, which can change colors on demand. The light from the LEDs is funneled into a stack of acrylic sheets. Such edge-lit displays use a phenomenon called total internal reflection, which keeps the light inside the acrylic except where it has been etched. (This form of display has become popular for exit signs, for example.) Each sheet is laser etched with one numeral, and typically only one sheet is illuminated at a time.

img img img Photos: Randi Klett

Not a Nixie: Construction of a clock requires a base for mounting four or six Lixie displays [top]. A different digit is etched in each of the 10 acrylic planes contained in one display [middle]. LEDs at the bottom of the display project light into one acrylic plane at a time, which then glows where it has been etched. Reflections in the other planes...

06:43

Registered at SSA.GOV? Good for You, But Keep Your Guard Up Krebs on Security

KrebsOnSecurity has long warned readers to plant your own flag at the my Social Security online portal of the U.S. Social Security Administration (SSA) even if you are not yet drawing benefits from the agency because identity thieves have been registering accounts in peoples names and siphoning retirement and/or disability funds. This is the story of a Midwest couple that took all the right precautions and still got hit by ID thieves who impersonated them to the SSA directly over the phone.

In mid-December 2017 this author heard from Ed Eckenstein, a longtime reader in Oklahoma whose wife Ruth had just received a snail mail letter from the SSA about successfully applying to withdraw benefits. The letter confirmed shed requested a one-time transfer of more than $11,000 from her SSA account. The couple said they were perplexed because both previously had taken my advice and registered accounts with MySocialSecurity, even though Ruth had not yet chosen to start receiving SSA benefits.

The fraudulent one-time payment that scammers tried to siphon from Ruth Eckensteins Social Security account.

Sure enough, when Ruth logged into her MySocialSecurity account online, there was a pending $11,665 withdrawal destined to be deposited into a Green Dot prepaid debit card account (funds deposited onto a Green Dot card can be spent like cash at any store that accepts credit or debit cards). The $11,655 amount was available for a one-time transfer because it was intended to retroactively cover monthly retirement payments back to her 65th birthday.

The letter the Eckensteins received from the SSA indicated that the benefits had been requested over the phone, meaning the crook(s) had called the SSA pretending to be Ruth and supplied them with enough information about her to enroll her to begin receiving benefits. Ed said he and his wife immediately called the SSA to notify them of fraudulent enrollment and pending withdrawal, and they were instructed to appear in person at an SSA office in Oklahoma City.

The SSA ultimately put a hold on the fraudulent $11,665 transfer, but Ed said it took more than four hours at the SSA office to sort it all out. Mr. Eckenstein said the agency also informed them that the thieves had signed his wife up for disability payments. In addition, her profile at the SSA had been changed to include...

06:36

Re: How to deal with reporters who don't want their bugs fixed? Open Source Security

Posted by Solar Designer on Jan 26

As an option, you may state that your project will agree to embargoes of
up to e.g. 14 days (as long as there's no leak, etc.), but at your sole
discretion might agree to longer embargoes (ditto).

As another option, you can state a longer maximum embargo for your
project - e.g., 30 days - although that seems excessive to me.

I understand that for complex or/and complicated issues it might take a
lot of time to come up with what looks like...

06:34

Cryptocurrencies Black Friday Japan-based digital exchange Coincheck hacked Security Affairs

It is a black Friday for cryptocurrencies, after the news of the hack of the Japan-based digital exchange Coincheck the value of major cryptocurrencies dropped.

It is a black Friday for cryptocurrencies, the news of the hack of the Japan-based digital exchange Coincheck had a significant impact on their value.

Coincheck was founded in 2012, it is one of the most important cryptocurrency exchange in Asia.

The Coincheck suspended the operations of deposits and withdrawals for all the virtual currencies except bitcoin, the exchange announced it was investigating an unauthorised access to the exchange.

According to the company, the hackers stole worth half a billion US dollars of NEM, the 10th biggest cryptocurrency by market capitalization.

The news of the incident has a significant impact on the NEM value that dropped more than 16 percent in 24 hours.

At 3 am (1800 GMT) today, 523 million NEMs were sent from the NEM address of Coincheck. Its worth 58 billion yen based on the calculation at the rate when detected, said Coincheck COO Yusuke Otsuka.

Were still examining how many of our customers are affected,

Coincheck hack NEM Value

NEM Charts  CoinMarketCap.com

The experts at the exchange are investigating the security breach to find out whether it was from Japan or another country.

Coincheck discovered the incident at 11.25 am and notified the suspension of trading for all cryptocurrencies apart from bitcoin via Twitter.

...

06:32

CVE-2017-12626 Denial of Service Vulnerabilities in Apache POI < 3.17 Open Source Security

Posted by Tim Allison on Jan 26

Title: CVE-2017-12626 Denial of Service Vulnerabilities in Apache POI < 3.17

Severity: Important

Vendor: The Apache Software Foundation


Description:   
    Apache POI versions prior to release 3.17 are vulnerable to Denial of Service Attacks:
    * Infinite Loops while parsing specially crafted WMF, EMF, MSG and macros
          (POI bugs 61338 [0] and 61294 [1])
    * Out...

06:31

Drink Lots Of Beer To Raise Your Monopole Hackaday

When we published a piece about an ADS-B antenna using a Coke can as a groundplane, Hackaday reader [2ftg] got in contact with us about something with a bit more stature.

The reporting in the 1950s piece is rather cheesy, but does give a reasonable description of it requiring welding rods as reinforcement. It also gives evidence of the antennas effectiveness, showing that it could work the world. Hardly surprising, given that a decent monopole is a decent monopole no matter how many pints of ale you have dispatched in its making.

The Coke can ADSB can be seen in all its glory here, and if all this amateur radio business sounds interesting, heres an introduction.

Beer cans picture: Visitor7 [CC BY-SA 3.0].

Facebook Acquires Biometric ID Startup SoylentNews

Facebook buys Boston software company that authenticates IDs

Facebook Inc is buying a software firm that specializes in authenticating government-issued identification cards, the two companies said on Tuesday, a step that may help the social media company learn more about the people who buy ads on its network.

[...] Boston-based Confirm Inc, which is privately held, said on its website that the acquisition was the culmination of three years of work to build technology to keep people safe online. [...] Confirm says that its software allows for proof of identity for online transactions, allowing users to detect potentially fraudulent activity.

Also at TechCrunch.


Original Submission

Read more of this story at SoylentNews.

06:18

Re: How to deal with reporters who don't want their bugs fixed? Open Source Security

Posted by Solar Designer on Jan 26

Oh, so-called "intellectual property". I'm not thinking in such terms.

What I meant is that projects expecting to receive vulnerability reports
are not to be obliged by some industry standard to impose any specific
rules on the reporters. This does mean that, among other things, those
projects do not have to insist on a maximum embargo time (even though I
advocate that they do), and as a side-effect this might assist someone...

06:16

CVE-2018-1294: Apache Commons Email vulnerability information disclosure Open Source Security

Posted by Jochen Wiedmann on Jan 26

CVE-2018-1294: Apache Commons Email vulnerability information
disclosure

Severity: Moderate

Vendor:
The Apache Software Foundation

Versions Affected:
All Versions of Commons-Email, from 1.0, to 1.4, inclusive. The

Description: If a user of Commons-Email (typically an application
programmer) passes unvalidated input as the so-called "Bounce
Address", and that input contains line-breaks, then the...

06:08

Someone Stole Almost Half a BILLION Dollars from Japanese Cryptocurrency Exchange The Hacker News

Coincheck, a Tokyo-based cryptocurrency exchange, has suffered what appears to be the biggest hack in the history of cryptocurrencies, losing $532 million in digital assets (nearly $420 million in NEM tokens and $112 in Ripples). In 2014, Mt Gox, one of the largest bitcoin exchange at that time, filed for bankruptcy after admitting it had lost $450 million worth of Bitcoins. Apparently, the

06:00

Superconducting Synapse Could Let Neuromorphic Chips Beat Brains Energy Efficiency IEEE Spectrum Recent Content full text

NIST physicists have made a nanostructured device that could bring learning to superefficient superconducting circuits Illustrations: NIST

Neural synapses are the connections between neurons, and changes in the strength of those connections are how neural networks learn. The NIST team has come up with a superconducting synapse made with nanometer-scale magnetic components that is so energy efficient, it appears to beat human synapses by a factor of 100 or more.

The NIST synapse has lower energy needs that the human synapse, and we dont know of any other artificial synapse that uses less energy, NIST physicist Mike Schneider said in a press release.

The heart of this new synapse is a device called a magnetic Josephson junction. An ordinary Josphson junction is basically a weak link between superconductors, explains Schneider. Up to a certain amperage, current will flow with no voltage needed through such a junction by tunneling across the weak spot, say a thin sliver of non-superconducting material. However, if you push more electrons through until you pass a critical current, the voltage will spike at an extremely high rate100 gigahertz or more.

In a magnetic Josephson junction, that weak link is magnetic. The higher the magnetic field, the lower the critical current needed to produce voltage spikes. In the device Schneider and his colleagues designed, the magnetic field is caused by 20,000 or so nanometer-scale clusters of manganese embedded in silicon. Each nanocluster has its own field, but those fields start out all pointing in random directionssumming to zero. The NIST team found that they could use a small external magnetic field combined with tiny picosecond pulses of current to cause more and more manganese clusters to line up their magnetic fields. The result is a gradually increasing magnetic field in the junction, lowering the devices critical current, and making it easier to induce voltage spikes.

The process is analogous to learning in a brain where neurons send spikes of voltage to synapses. Whether that spike is enough to cause the next neuron to fire a spike of voltage itself depends on how strong the connection at the synapse is. Learning happens when more voltage spikes strengthen the synaptic connection. In the NIST device, the critical current is like the synapse strength. Whether or not a magnetic Josephson junction reaches the critical current depends on how aligned the nanoclusters have become, which is control...

05:59

Facebook, Microsoft announce new privacy tools to comply with GDPR Help Net Security

In four months the EU General Data Protection Regulation (GDPR) comes into force, and companies are racing against time to comply with the new rules (and avoid being brutally fined if they fail). One of the things that the regulation mandates is that EU citizens must be able to get access to their personal data held by companies and information about how these personal data are being processed. Facebook users to get new privacy center More

05:56

Margaretta Colangelo, President of U1 Technologies, joins our Information Sciences Board. Lifeboat News

Margaretta Colangelo, President of U1 Technologies, joins our Information Sciences Board.

05:56

Re: How to deal with reporters who don't want their bugs fixed? Open Source Security

Posted by Mikhail Utin on Jan 26

I 100% agree with Solar's response. We should not limit our freedom to choose how we will handle our intellectual
property. That is how I read the original statements below.

Not to cause more discussion, but here is the example of how "universal ethics" work:

https://www.theregister.co.uk/2018/01/25/intel_spectre_disclosed_flaws_november/

Mikhail Utin, CISSP

________________________________
From: Solar Designer <solar ()...

05:43

Deserialization Vulnerability in VMware Xenon (CVE-2017-4947) Open Source Security

Posted by VMware Security Response Center on Jan 26

VMware Xenon contains a deserialization vulnerability (CVE-2017-4947) due to insufficient content-type filtering of
inbound requests. Successful exploitation of this issue may result in remote code execution.

Fixes/References
--------------
https://github.com/vmware/xenon/commit/092ea98105040e68c6bd0bdf89b86d149dfad1b1

We would like to thank Chris Todd of VMware for reporting this issue.

--------------
Edward Hawkins
Senior Program Manager,...

05:30

Here's How Graphene Makes Photodetectors 100,000 Times More Responsive Than Silicon IEEE Spectrum Recent Content full text

Scientists discover that protons can transport through graphene and light can help the movement Illustration: iStockphoto

Two years ago, we covered research out of the University of Manchester that demonstrated that graphene-based membranes could serve as a filter for cleaning up nuclear waste at nuclear power plants.

While its not clear that this particular application for the graphene membranes ever made much headway in nuclear waste cleanup, they did discover an interesting phenomenon about these graphene membranes in the ensuing two years: protons can transport through graphene.

Based on that knowledge, Andre Geims team at the University of Manchester began to investigate whether light could be used to enhance proton transport through graphene by the addition of other light sensitive materials, such as titanium dioxide (TiO2). Turns out that graphene did the job quite effectively on their own.

We were not expecting that graphene on its own without the addition these light sensitive ingredients would show any response, said Marcelo Lozada-Hidalgo of the University of Manchester and co-author of this research and the work from two years ago. We were very surprised by our results.

In research published in the journal Nature Nanotechnology , Lozada-Hidalgo and his colleagues fabricated devices made from monolayer graphene decorated with platinum (Pt) nanoparticles. Essentially, photons excite the electrons in graphene around the nanoparticles. As a result, the electrons become highly reactive to protons. This, in turn, induces the electrons to recombine with protons to form hydrogen molecules at the Pt nanoparticles.

In a way, this mechanism is not too dissimilar to electron-hole recombination in semiconductor photodetectors, exaplained Lozada-Hidalgo.

While the mechanism may not be too different than semiconductor photodetectors, these devices are based on proton transport as opposed with all current photodetectors today, which are based on electron transport.

Because our devices work with protons instead of electrons, they may lead to novel photodetector architectures; perhaps even with additional functionalities, said Lozada-Hidalgo.

One of the most striking features of this work, according to Lozada-Hidalgo, is that these d...

05:15

Playboy Brands Boing Boing a Clickbait Site With No Fair Use Defense TorrentFreak

Late 2017, Boing Boing co-editor Xena Jardin posted an article in which he linked to an archive containing every Playboy centerfold image to date.

Kind of amazing to see how our standards of hotness, and the art of commercial erotic photography, have changed over time, Jardin noted.

While Boing Boing had nothing to do with the compilation, uploading, or storing of the Imgur-based archive, Playboy took exception to the popular blog linking to the album.

Noting that Jardin had referred to the archive uploader as a wonderful person, the adult publication responded with a lawsuit (pdf), claiming that Boing Boing had commercially exploited its copyrighted images.

Last week, with assistance from the Electronic Frontier Foundation, Boing Boing parent company Happy Mutants filed a motion to dismiss in which it defended its right to comment on and link to copyrighted content without that constituting infringement.

This lawsuit is frankly mystifying. Playboys theory of liability seems to be that it is illegal to link to material posted by others on the web an act performed daily by hundreds of millions of users of Facebook and Twitter, and by journalists like the ones in Playboys crosshairs here, the company wrote.

EFF Senior Staff Attorney Daniel Nazer weighed in too, arguing that since Boing Boings reporting and commenting is protected by copyrights fair use doctrine, the deeply flawed lawsuit should be dismissed.

Now, just a week later, Playboy has fired back. Opposing Happy Mutants request for the Court to dismiss the case, the company cites the now-famous Perfect 10 v. Amazon/Google case from 2007, which tried to prevent Google from facilitating access to infringing images.

Playboy highlights the courts finding that Google could have been held contributorily liable if it had knowledge that Perfect 10 images were available using its search engine, could have taken simple measures to prevent further damage, but failed to do so.

Turning to Boing Boings conduct, Playboy says that the company knew it was linking to infringing content, could have taken steps to prevent that, but failed to do so. It then launches an attack on the site itself, offering disparaging comments concerning its activities and business model.

This is an important case. At issue is whether clickbait sites like Happy Mutants Boing Boing weblog a site designed to attract viewers and encourag...

05:00

The Coolest Electronic Toys Youll See At NAMM Hackaday

Winter NAMM is the worlds largest trade show for musical instrument makers. It is a gear heads paradise, filled to the brim with guitars, synths, amps, MIDI controllers, an impossibly loud section filled with drums, ukuleles, and all sorts of electronic noisemakers that generate bleeps and bloops. Think of it as CES, only with products people want to buy. Were reporting no one has yet stuffed Alexa into a guitar pedal, by the way.

As with all trade shows, the newest gear is out, and its full of tech that will make your head spin. NAMM is the expression of an entire industry, and with that comes technical innovation. What was the coolest, newest stuff at NAMM? And what can hackers learn from big industry? Theres some cool stuff here, and a surprising amount we can use.

Low Power Tubes

A few years back, Korg announced the NuTube, most likely the first new design of a vacuum tube in several decades. The NuTube 6P1 is a dual triode meant for preamp applications and can be seen as a very, very low power 12AX7. The technology behind the NuTube is the same as vacuum fluorescent displays, and even though you can use VFDs as tube amplifiers, this is a purpose-built tube designed for modern, low-power applications.

In the years since the NuTube...

05:00

Analog Equivalent Rights (12/21): Our parents bought things untracked, their footsteps in store werent recorded Falkvinge on Liberty

old-vintage-cash-register-machine-picture-id810348088

Privacy:In the last article, we focused on how people are tracked today when using credit cards instead of cash. But few pay attention to the fact that were tracked when using cash today, too.

Few people pay attention to the little sign on the revolving door on Schiphol Airport in Amsterdam, Netherlands. It says that wi-fi and bluetooth tracking of every single individual is taking place in the airport.

What sets Schiphol Airport apart isnt that they track individual peoples movements to the sub-footstep level in a commercial area. (Its for commercial purposes, not security purposes.) No, what sets Schiphol apart is that they bother to tell people about it. (The Netherlands tend to take privacy seriously, as does Germany, and for the same reason.)

Locator beacons are practically a standard in bigger commercial areas now. They ping your phone using wi-fi and bluetooth, and using signal strength triangulation, a grid of locator beacons is able to show how every single individual is moving in realtime at the sub-footstep level. This is used to optimize marketing in other words, find ways to trick peoples brains to spend resources they otherwise wouldnt have. Our own loss of privacy is being turned against us, as it always is.

Where do people stop for a while, what catches their attention, what doesnt catch their attention, whats a roadblock for more sales?

These are legitimate questions. However, taking away peoples privacy in order to answer those questions is not a legitimate method to answer them.

This kind of mass individual tracking has even been deployed at city levels, which happened in complete silence until the Privacy Oversight Board of a remote government sounded the alarms. The city of Vsters got the green light to continue tracking once some...

04:57

Samsung Disputes Reports That Claim Xiaomi is India's Top-Selling Smartphone Company SoylentNews

Xiaomi beats Samsung to top spot in India's smartphone market

Xiaomi couldn't have wished for better timing of two reports that claim it has toppled Samsung to become India's top-selling smartphone company.

The Chinese firm, which is reportedly on a roadshow ahead of an IPO that could value it as high as $100 billion, is said to have beaten Samsung's sales efforts in India, the world's second-largest smartphone market behind China, according to new data from Canalys and Counterpoint.

Data from both analyst houses gave Xiaomi a narrow lead over Samsung in the final quarter of 2017, with 27 percent and 25 percent, respectively, according to Canalys and 25 percent versus 23 percent, according to Counterpoint.

Counterpoint included year-long figures, which conclude that Samsung (24 percent) is ahead of Xiaomi (19 percent) over the longer timeframe. A glance at the previous year's figures shows that Xiaomi has closed what was once a significant gap with its rival.

Samsung Says Xiaomi Didn't Surpass Its Phone Sales In India

Samsung claims Xiaomi didn't take the title of the largest smartphone vendor in India, thus directly refuting the findings published by research firm Canalys on Wednesday. The Seoul-based original equipment manufacturer remains adamant that it's still the top handset company in the South Asian country "by a distance." Samsung backed its claims by citing an older report from GfK covering a three-month period ending November 30th which states the firm had a 40 percent volume share and 45 percent value share of the Indian smartphone market in terms of sales to consumers. The tech giant also explicitly proclaimed itself a leader in every handset segment in India, from entry-level devices to ultra-premium offerings like the Galaxy Note 8.


Original Submission

Read more of this story at SoylentNews.

04:43

NotPetya attack: Maersk reinstalled 45,000 PCs, 2,500 apps & 4,000 servers HackRead

By Waqas

On June 27th, 2017, a dangerous ransomware attack called Petya

This is a post from HackRead.com Read the original post: NotPetya attack: Maersk reinstalled 45,000 PCs, 2,500 apps & 4,000 servers

04:18

Re: How to deal with reporters who don't want their bugs fixed? Open Source Security

Posted by Solar Designer on Jan 26

I agree (specifically, I had suggested explicit maximum embargo times),
but such rules must not be one and only industry standard. Anyone or
any project may propose rules, and other projects are welcome to reuse
those rules, but they must not have to - they could as well use
different rules, or none. At best, a relatively non-controversial
and brief boilerplate could end up being reused by many projects.

No. Let's not use the word...

04:07

04:02

This Week in Open Source News: The Linux Foundation Launches Networking Fund

Title: 
This Week in Open Source News: The Linux Foundation Launches Networking Fund

03:48

Re: How to deal with reporters who don't want their bugs fixed? Open Source Security

Posted by Stiepan on Jan 26

With the risk of displeasing the supporters of a "common sense" approach to this topic, I think that clear rules might
be welcome: We as a profession should have a clear code of ethics just like physicians do, instead of relying on the
parties' social engineering skills to set the outcome of this kind of issue. End users would thank us and the
profession's image could evolve from pirate in a garage to a respectable one (by...

03:30

Home Brew Solar Cells for the Chemically Curious Hackaday

The idea of making your own semiconductors from scratch would be more attractive if it werent for the expensive equipment and noxious chemicals required for silicon fabrication. But simple semiconductors can be cooked up at home without anything fancy, and they can actually yield pretty good results.

Granted, [Simplifier] has been working on the method detailed in the video below for about a year, and a look at his post on copper oxide thin-film solar cells reveals a meticulous approach to optimize everything. He started with regular window glass, heated over a propane burner and sprayed with a tin oxide solution to make it conductive while remaining transparent. The N-type layer was sprayed on next in the form of zinc oxide doped with magnesium. Copper oxide, the P-type layer, was electroplated on next, followed by a quick dip in copper sulfide to act as another transparent conductor. A conductive compound of sodium silicate and graphite was layered on the back to form the electrical contacts. The cell worked pretty well 525 mV open circuit voltage and 6.5 mA short-circuit current. Not bad for home brewed.

If you want to replicate [Simplifier]s methods, youll find his ample documentation of his site. Of course, if you yearn for DIY silicon semiconductors, theres a fab for that, too.

03:24

California: Recruiters Must Share Pay Range Info Upon Request SoylentNews

Here in California, our government has passed a strange new law.

Although intended to force employers to stop offering different pay rates to men and women, the new law has the strange side effect of forcing recruiters to play fair - and recruiters aren't liking it. The law also forbids asking candidates for their prior compensation history. Again, recruiters and hiring managers aren't liking the new shift in the balance of power:

Assembly Bill No. 168
SECTION 1. Section 432.3 is added to the Labor Code, to read:

432.3. (a) An employer shall not rely on the salary history information of an applicant for employment as a factor in determining whether to offer employment to an applicant or what salary to offer an applicant.

(b) An employer shall not, orally or in writing, personally or through an agent, seek salary history information, including compensation and benefits, about an applicant for employment.

(c) An employer, upon reasonable request, shall provide the pay scale for a position to an applicant applying for employment.

(d) Section 433 does not apply to this section.

(e) This section shall not apply to salary history information disclosable to the public pursuant to federal or state law, including the California Public Records Act (Chapter 3.5 (commencing with Section 6250) of Division 7 of Title 1 of the Government Code) or the federal Freedom of Information Act (Section 552 of Title 5 of the United States Code).

(f) This section applies to all employers, including state and local government employers and the Legislature.

(g) Nothing in this section shall prohibit an applicant from voluntarily and without prompting disclosing salary history information to a prospective employer.

(h) If an applicant voluntarily and without prompting discloses salary history information to a prospective employer, nothing in this section shall prohibit that employer from considering or relying on that voluntarily disclosed salary history information in determining the salary for that applicant.

(i) Consistent with Section 1197.5, nothing in this section shall be construed to allow prior salary, by itself, to justify any disparity in compensation.

(emphasis added)

Read more of this story at SoylentNews.

03:23

European Electricity Industry Pledges to Deliver on Paris Agreement | UNFCCC Lifeboat News: The Blog

EURELETRIC, the association representing the interests of the electricity industry in Europe, has said the regions power companies intend to be both part of a competitive European economy and reliably powered by clean, carbon-neutral energy.

Read more

03:21

Digital Transformation: Interview with David Edgerton, Kings College London | Manuel Stagars Lifeboat News: The Blog

In conversations with visionaries, decision makers, technologists, leading scientists, entrepreneurs, artists, and others around the world, the film gives insight into the global digital future, its most pressing challenges, and biggest opportunities. Interviews from the project are available in long form. This conversation took place in June 2017 with David Edgerton, Hans Rausing Professor of the History of Science and Technology and Professor of Modern British History at Kings College London.

Read more

03:18

500 Companies to Commit to Science-Based Climate Targets | UNFCCC Lifeboat News: The Blog

In an effort to spur further climate action at this years Global Climate Action Summit in September and at the United Nations Climate Change Conference (COP24) in December, Summit co-chair and Mahindra Group Chairman, Anand Mahindra today challenged businesses around the world to join the growing number of companies committed to setting greenhouse gas reduction targets in line with climate science.

Read more

 

 

03:13

World Leading Multinationals Accelerating a Clean Economy RE100 Report | The Climate Group | CDP Lifeboat News: The Blog

A rapidly growing group of ambitious multinational businesses are actively reshaping the energy market through their global investment decisions and accelerating a zero emissions economy, a new report released today (Tuesday January 23) shows.

Read more

03:10

Uber drivers, freelancers and other independent contractors are getting a tax cut By Andrew Khouri | Los Angeles Times Lifeboat News: The Blog

Every Uber driver, as far as I can see, gets a benefit, said Edward Kleinbard, a USC professor and former chief of staff to Congress Joint Committee on Taxation.

Read more

03:03

Torrent Links Disappear From Torrentz2, For Adblock Users TorrentFreak

With millions of visits per day, Torrentz2 is without a doubt the most popular torrent meta-search engine on the Internet.

The site took this spot from the original Torrentz site, which surprisingly closed its doors during the summer of 2016.

Up until a month ago everything was running smoothly, but that changed when links to other torrent sites disappeared late December. Instead of a metasearch engine, Torrentz2 turned into a database of torrent metadata, and traffic started to drop off.

Torrentz2 remained without links for roughly three weeks, after which the site, just as surprisingly, returned to its former glory. However, that didnt last very long.

Starting yesterday, all links have mysteriously disappeared again, without any official explanation. However, this time it only affects users who run an ad-blocker.

Initially we assumed that the issues were affecting all users, but upon closer inspection this is not the case. This means that the current issue is in no way related to the earlier disappearance.

The issues are the result of the EasyList Adblock filter which appears to block all nofollow links on Torrentz2. Since most adblockers use this list, many people are affected.

The good news for affected users is that they can solve the issue by simply disable the adblocker on the site. Alternatively, they can also disable the EasyList filter in their ad-blocker settings.

Update: Shortly after publication we learned that the disappearing links are the result of EasyList and adblockers. We updated the article accordingly.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

03:02

The CSD Initiative Is Pushing For Apps To Abandon Title Bars In Favor Of Header Bars Phoronix

GNOME developer Tobias Bernard has announced "The CSD Initiative" in a push for more applications to support client-side decorations and as part of that to abandon boring title bars in favor of modern header bars...

03:00

Utilities Bury More Transmission Lines to Prevent Storm Damage IEEE Spectrum Recent Content full text

Facing hurricanes and public opposition to overhead lines, utilities are paying extra to go underground Photo: New River Electrical

/image/MzAwNzIxNQ.jpeg
Photo: New River Electrical Buried Power: A crew from New River Electrical buries 800 meters of transmission cables at a substation in Connecticut.      

In the past six months, transmission lines have beendestroyed by hurricanes in Puerto Rico, singed by wildfires in California, and bitterly opposed by residents in Utah and Pennsylvania who want to stop utilities from building more.

Such problems have grid operators literally thinking deeper. Increasingly, utilities in the United States and elsewhere are routing power underground. Puerto Ricos grid rebuild is a prime example: A proposal, crafted by an industry-government consortium late last year, calls for undergrounding transmission to harden a power system still recovering from Hurricanes Irma and Maria.

Much of the plans outlay for transmissionUS $4.3 billionwould create hardy overhead circuits interspersed with underground cables in areas where gusts could snap even the strongest lines and towers. A $601 million line item also provides for a buried high-voltage direct current (HVDC) cable around the territorys southeast corner, where most big storms strike first. This underground bypass would create a secure path from the islands most efficient power plants to the heavily populated area around San Juan.

By heading below ground, transmission grids are following a path laid by their lower-voltage cousinsdistribution grids. In some cities, power distribution occurs entirely out of sight. This is possible thanks to specialized cables, whose metal conductors are wrapped in cross-linked polyethylene, a heatstable insulator, as well as metal and polymer layers providing electrical shielding, impermeability to water, and puncture resistance.

Utilities have been slower to bury transmission because of the expense, according to power consultant Ken Hall, a former transmission and distribution director at the Edison Electric Institute, a Washington, D.C.based utility trade group. Transmission lines operate at higher power levels than distribution lines and generate more heat, which is harder to dissipate un...

02:42

Chinese volunteers spend 200 days on virtual moon base Lifeboat News: The Blog

Chinese students spent 200 continuous days in a lunar lab in Beijing, state media said Friday, as the country prepares for its long-term goal of putting people on the moon.

Four students crammed into a 160-square-metre (1,720-square-foot) cabin called Yuegong-1Lunar Palaceon the campus of Beihang University, testing the limits of humans ability to live in a self-contained space, the official Xinhua news agency said.

The volunteers lived in the sealed lab to simulate a long-term space mission with no input from the outside world.

02:42

Gen-next smart solar windows could produce electricity Lifeboat News: The Blog

Washington: Scientists have discovered a new material for next-generation smart windows that not only darken automatically when the Sun is too bright but also convert solar energy into electricity.

Researchers at the Lawrence Berkeley National Laboratory (Berkeley Lab) in the US found a form of perovskite that works well as a stable and photoactive semiconductor material that can reversibly switch between transparent and non-transparent state, without degrading its electronic properties.

The scientists made the discovery while investigating the phase transition of the material, an inorganic perovskite.

02:29

Ubuntu 18.04 LTS to use Xorg by default LinuxQuestions.org - Linux - News

After some speculation and a default to Wayland in 17.10, Ubuntu has announced Xorg will be the default for the next LTS.

Quote:

Bionic Beaver, the codename for the next Ubuntu LTS release, is due in April 2018 and will ship with both the traditional Xorg graphics stack as well as the newer Wayland based stack, but Xorg will be the default.

17.10, released in October 2017, ships with the Wayland based graphics server as the default and the Xorg based equivalent is available as an option from the login screen. When we started out on the GNOME Shell route for 17.10 (Artful Aardvark) we knew that we needed to have Wayland as the default option otherwise we wouldnt know if it would work well for our users in the LTS only 6 months later. The LTS is supported for five years meaning that we need to be certain that what goes out the door on release day will be maintainable and sustainable for the duration and will serve all our users and customers needs, which is no mean feat.

As we are roughly half way through the Bionic development cycle, the time was right for us to review that decision and make a call on whether or not Wayland is the right default display server for Bionic. We have decided that we will ship Xorg by default, and that Wayland will be an optional session available from the login screen.

Why opt for Xorg by default? There are three main reasons:

Screen sharing in software like WebRTC services, Google Hangouts, Skype, etc works well under Xorg.
Remote Desktop control for example RDP & VNC works well under Xorg.
Recoverability from Shell crashes is less dramatic under Xorg.
For LQ members using Wayland in 17.10, what was your general experience?

--jeremy

02:12

PipeWire Is Making Progress But Still Needs More Time To Mature Phoronix

PipeWire was announced last year as a new Red Hat projects with aspirations to be to video as PulseAudio is to audio on the Linux desktop. Other PipeWire goals include professional audio support equal to or better than JACK, full Wayland/Flatpak support, and more. Red Hat is making a lot of progress on PipeWire, but it's not yet ready to be the default on the Linux desktop...

02:05

ICE to gain access to database that tracks license plates The Hill: Technology Policy

The Immigration and Customs Enforcement (ICE) agency will soon have the ability to track license plates across the U.S., The Verge reported Friday.ICE has reached a deal with Vigilant Solutions, a top source for license plate data, to gain access to...

02:01

Mechanisms: Ode to the Zipper Hackaday

Look around yourself right now and chances are pretty good that youll quickly lay eyes on a zipper. Zippers are incredibly commonplace artifacts, a commodity item produced by the mile that we rarely give a second thought to until they break or get stuck. But zippers are a fairly modern convenience, and the story of their invention is one that shows even the best ideas can be delayed by overly complicated designs and lack of a practical method for manufacturing.

Try and Try Again

US Patent #504,307. One of the many iterations of Judsons design. Like the others, it didnt work.

Ideas for fasteners to replace buttons and laces have been kicking around since the mid-19th century. The first patent for a zipper-like fastener was issued to Elias Howe, inventor of the sewing machine. Though he was no slouch at engineering intricate mechanisms, Howe was never able to make his Automatic, Continuous Clothing Closure a workable product, and Howe shifted his inventive energies to other projects.

The world would wait another forty years for further development of a hookless fastener, when a Chicago-bor...

02:00

HiFormance 512MB OpenVZ for $7.50/yr and other specials for 2018! Low End Box


Kyle is back from HiFormance is back with some amazing deals for the start of 2018, and were pleased to be able to pass them along to you guys!

Heres a note from the company

My name is Kyle from HiFormance.com and we are fast growing SSD VPS company. We would like to offer the LEB community with exciting deals. We currently offer 6 mainstream locations with both KVM and OpenVZ virtualization (NEW).

Our focus is to offer the highest performance at the most affordable pricing. We have highly experienced and dedicated staff members that will go above and beyond support. We are about customer experience and satisfaction guarantee!
Their WHOIS is public, theyre currently working on registering as an LLC, the accept PayPal and Credit Card, and you can find their legal docs at the following links:
**Pre-pay 3-years to get double CPU, memory, SSD or IP address!**

Heres the offers: 


OpenVZ Offer #1:
1 x vCore
512MB Memory
5GB Pure SSD
2TB Bandwidth
1Gbps Port
1 x IPv4
OpenVZ/SolusVM
[ORDER] $7.50/yr (Pre-pay 3-years to get either Double Memory, IPs, CPU or SSD space)

OpenVZ Offer #2:</div

1 x vCore
1GB Memory
10GB Pure SSD
2TB Bandwidth
1Gbps Port
1 x IPv4
OpenVZ/SolusVM
[ORDER] $15.00/yr (Pre-pay 3-years to get either Double Memory, IPs, CPU or SSD space)

Additional Offers/Network Info:  

OpenVZ Offer #3
2 x vCore
2GB Memory
20GB Pure SSD
4TB Bandwidth
1Gbps Port
1 x IPv4
OpenVZ/SolusVM
[ORDER] $30.00/yr (Pre-pay 3-years to get either Double Memory, IPs, CPU or SSD space)

 

OpenVZ Offer #4
4 x vCore
4GB Memory
50GB Pure SSD
...

01:55

Keylogger found on thousands of WordPress-based sites, stealing every keypress as you type Graham Cluley

While the website's front-end is digging for cryptocurrencies, the back-end is secretly hosting a keylogger designed to steal unsuspecting users' login credentials.

Read more in my article on the Hot for Security blog.

01:54

Monero Crypto-Currency Mining Operation impacted 30 Million users Security Affairs

Security experts from PaloAlto Networks uncovered a large-scale crypto-currency mining operation that involved around 30 million systems worldwide.

Hackers also used the Adf.ly URL shortening service that remunerates users when someone clicks on the link.  When users clicked on these Adf.ly URLs, they were redirected and found themselves downloading the crypto-currency mining malware instead.

The miner used in this Monero cryptocurrency mining operation execute XMRig mining software via VBS files, and leverages XMRig proxy services to hide the ultimate mining pool destination.

Researchers also noticed that threat actors use the Nicehash marketplace to trade hashing processing power.

According to the experts from PaloAlto the date October 20, 2017, was a milestone in this operation. Before October 20, 2017, the attackers were using the Windows built-in BITSAdmin tool to download the XMRig mining tool from a remote location. Apart from a few exceptions, the final pay...

01:51

Intel Posts its Last Good Numbers Before Meltdown SoylentNews

Intel results beat estimates, warns of potential security flaw fallout

Intel Corp on Thursday gave a bullish forecast and blew past Wall Street profit and revenue expectations for the fourth quarter on the strength of data center sales, the business it sees as key to its transformation from a PC supplier.

[...] Intel Chief Executive Brian Krzanich said the company would start shipping chips later this year with silicon-based changes to protect against the so-called Spectre and Meltdown security threats.

Revenue from the companys higher-margin data center business rose about 20 percent to $5.58 billion, beating the average analyst estimate of $5.13 billion, according to Thomson Reuters I/B/E/S. Revenue from Intels PC group hit $9 billion for the quarter, a 2 percent decline from the year before, but ticked up 3 percent for the year to $34 billion.

Intel predicted $65 billion in revenue for 2018, well above expectations of a $63.7 billion forecast.

In an interview ahead of Intels earnings call with investors, Chief Financial Officer Bob Swan said the company sees no meaningful impact on corporate earnings as a result of the security vulnerabilities, reiterating an assessment the company made on Jan. 3.


Original Submission

Read more of this story at SoylentNews.

01:47

How Dutch intelligence spied on the Russian hackers attacking the DNC Graham Cluley

Media reports from The Netherlands claim that hackers embedded within the Dutch intelligence agency AIVD watched Russian hackers attack the United States... for years.

01:36

Subgraph: This Security-Focused Distro Is Malwares Worst Nightmare

Title: 
Subgraph: This Security-Focused Distro Is Malwares Worst Nightmare

01:09

Vulkan Continues To Show Its Gaming Strength On Low-End Hardware Phoronix

As we have shown in past benchmarks, while current generation Linux games with current Linux GPU drivers using the Vulkan API rather than OpenGL may not be significantly faster with higher-end hardware right now, the impact of this newer Khronos graphics API tends to be more profound on lower-end hardware, especially when it comes to lightening the load on the CPU. Following the recent Pentium vs. Ryzen 3 Linux gaming tests, I carried out some fresh benchmarks looking at OpenGL vs. Vulkan on the Ryzen 3 1200 quad-core CPU with NVIDIA and Radeon graphics.

00:22

New Silicon Probes Record Activity of Hundreds of Neurons Simultaneously Lifeboat News: The Blog

We helped develop Neuropixels probes to accelerate neuroscience research.

1cm long and 70 microns across, this technology is capable of recording signals from 384 brain cells at the same time. #InnovationWeek

00:18

2 Minutes to Midnight SoylentNews

The Bulletin of the Atomic Scientists (BAS) has set the Doomsday Clock to "two minutes to midnight" to reflect fears of a nuclear confrontation with North Korea, as well as the failure of world leaders to address climate change and other factors. The clock is now set as close to doomsday as it was in 1953:

The team of scientists singled out a series of nuclear tests by North Korea. They dramatically escalated tensions on the Korean peninsula and led to a war of words between North Korea and the US.

The BAS also referred to a new US nuclear strategy that was expected to call for more funding to expand the role of the country's nuclear arsenal. Rising tension between Russia and the West was also a contributing factor.

The "weakening of institutions" around the world in dealing with major global threats - including climate change - was another major concern, the scientists said. They also mentioned US President Donald Trump's "unpredictability", pointing to his often controversial tweets and statements.

We're back, baby!


Original Submission

Read more of this story at SoylentNews.

00:15

New infosec products of the week: January 26, 2018 Help Net Security

Empowering security teams with unlimited security data collection, indexing and search Exabeam Data Lake centralizes all relevant logs to reduce the work of collecting logs from multiple systems. It is built on open source, big data technology, providing unlimited security data collection, indexing, and search. It supports better analytics and enables compliance reporting. Data Lake now has a database collector which enables logs to be collected from remote Microsoft SQL Server and MySQL databases. Proxmox More

00:11

Jail for man who hacked 1000 student email accounts in search for sexually explicit images Graham Cluley

A poorly-secured password reset utility allowed a man to access more than 1,000 email accounts at a New York City-area university in a hunt for sexually explicit photographs and videos.

Read more in my article on the We Live Security blog.

00:02

System Startup Gets a Boost with New LinuxBoot Project

The Linux Foundation is pleased to welcome LinuxBoot to our family of open source projects and to support the growth of the project community. LinuxBoot looks to improve system boot performance and reliability by replacing some firmware functionality with a Linux kernel and runtime...

LinuxBoot addresses the often slow, often error-prone, obscured code that executes these steps with a Linux kernel. The result is a system that boots in a fraction of the time of a typical system, and with greater reliability.

00:00

Good privacy is good for business, so pay attention Help Net Security

Data privacy concerns are causing significant sales cycle delays for up to 65 percent of businesses worldwide, according to findings in the new Cisco 2018 Privacy Maturity Benchmark Study. The study shows that privacy maturity is connected to lower losses from cyberevents: 74 percent of privacy-immature organizations experienced losses of more than $500,000 last year caused by data breaches, compared with only 39 percent of privacy-mature organizations. Privacy maturity is a framework defined by the More

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Friday, 26 January

23:45

Cyber attacks surge, ransomware leading the way Help Net Security

The Online Trust Alliance (OTA) found that cyber incidents targeting businesses nearly doubled from 82,000 in 2016 to 159,700 in 2017. Since the majority of cyber incidents are never reported, OTA believes the actual number in 2017 could easily exceed 350,000. Surprising no one, 2017 marked another worst year ever in data breaches and cyber incidents around the world, said Jeff Wilbur, director of the OTA initiative at the Internet Society. This years big increase More

23:37

Ubuntu 18.04 LTS Will Default To The X.Org Stack, Not Wayland Phoronix

While Ubuntu 17.10 defaults to using the Wayland session on supported GPUs/drivers when using the default GNOME Shell based session, Canonical has decided for Ubuntu 18.04 "Bionic Beaver" LTS that it will use the X.Org Server by default...

23:30

Rise in cryptomining malware impacts organizations worldwide Help Net Security

Cybercriminals are increasingly turning to cryptominers to develop illegal revenue streams, while ransomware and malvertising adware continue to impact organizations worldwide, according to Check Point. During the period July to December 2017, one in five organizations were impacted by cryptomining malware, tools that enable cybercriminals to hijack the victims CPU or GPU power and existing resources to mine cryptocurrency, using as much as 65% of the end-users CPU power. Key malware trends in H2 2017 More

23:00

Slimline Proximity Fob Makes Life Easier Hackaday

Modern cars these days tend to come with proximity keys, which allow the driver to unlock and start the vehicle without having to remove the key from ones pocket. While this is a great usability upgrade, for some reason key fobs continue to be bulky plastic monstrosities that when stuffed into a pocket can easily ruin the lines of a well-chosen outfit. This wasnt good enough so [Patrick] decided to sort it out.

Starting with a Prius key, the first step was to disassemble the already broken key fob and separate out the PCB from the case and battery holder. With those removed, a coin cell was soldered to some wires connected to the PCB. As a substitute for the original case, a plastic card was cut up and the PCB inserted within, allowing the setup to fit neatly in a wallets card pocket. Lashings of tape bring the project home.

Unsurprisingly, it works, and works well. It raises the question why key fobs are so large and ungainly, taking up so much precious pocket space. Wed love to see even slimmer takes on this with 3D printed enclosures or even completely redesigned PCBs. Give it a go, and hit up the tip line. Else, check out how key fobs are routinely hacked to steal cars.

Auto-Tracking Sentry Gun Gives Deer a Super Soaking Hackaday

Things rarely go well when humans mix with wildlife. The problems are exacerbated in the suburbs, where bears dine on bird feeders and garbage cans, raccoons take up residence in attics, and coyotes make off with the family cat. And in the suburbs, nuisance wildlife can be an intractable problem because the options for dealing with it are so limited.

22:45

GitHub Rejects Drone-Maker DJI's DMCA Takedown After Encryption Keys Get Forked SoylentNews

Drone hackers/researchers can modify the firmware for DJI drones, thanks to rogue DJI developers and a fork of a public Github repo:

Github rejected a DMCA takedown request from Chinese drone-maker DJI after someone forked source code left in the open by a naughty DJI developer, The Register can reveal.

This included AES keys permitting decryption of flight control firmware, which could allow drone fliers with technical skills to remove geofencing from the flight control software: this software prevents DJI drones from flying in certain areas such as the approach paths for airports, or near government buildings deemed to be sensitive.

Though the released key is not for the latest firmware version, The Register has seen evidence (detailed below) that drone hackers are already incorporating it in modified firmware available for anyone to download and flash to their drones.

[...] In fact the people who posted the keys to DJI's kingdom, as well as source code for various projects, were DJI devs. The company said in a later statement that they were sacked.

The code was forked by drone researcher Kevin Finisterre, who submitted a successful rebuttal to the takedown request on the grounds that Github's terms and conditions explicitly permit forking of public repos.

[...] Drone hackers have already begun distributing modded firmware for DJI's popular Phantom drones, as we can see on where else? Github

Previously: Man Gets Threats-Not Bug Bounty-After Finding DJI Customer Data in Public View

Related: DJI introduced new software to stop its drones from flying in restricted airspace.
Skip the Complex Tracking Software, DJI Says, and Give Drones an "Invisible" License Plate
$500 DJI Spark Drone can Take Off and Land from Your Palm
DJI Will Ground Drones If They Don't Apply a Software Update


Original Submission

Read more of this story at SoylentNews.

22:38

Top 7 Apps for Students TechWorm

College and high school students often find it difficult to deal with the ever-expanding responsibilities and time. Students have to do lots of things, such as homework, assignments and essay writing. In this situation, custom writing can be a good solution for students to finish their assignments on time. To keep the track of their homework and assignments, you can get the advantage of different iOS and Android apps. These apps are specially designed for the assistance of students.

1) Office Lens (Free for Windows, Android and iOS)

It is an excellent app to take picture of your receipts, magazines, blackboards, whiteboards and documents. With the help of this app, you can take pictures from different angles and the app will clear shadows and glare too. You will get an opportunity to save your photographs as PowerPoint, word or PDFs files.

2) Alarm Clock Sleep Cycle (Free for Android and iOS)

Sufficient sleep is essential for every student, but a rested wakeup is not about the quantity of your sleep. It is all about your sleep cycle and you can set it with the help of this app. This app uses accelerometer and microphone of your phone to analyze sleeping patterns of its user and choose the best time to wake him/her up. The app will choose your lightest state of sleep before waking you up. If you need extra features, you can pay for its premium version.

3) Dragon Dictation App (free for iOS)

Typing can make your wrists tired and cause permanent damage in numerous cases. If you want to avoid this situation, you can get the advantage of this dictation app. By dictating your emails and homework to dragon app, you can save your time and wrists.

4) Student Homework Planner (Free for Windows, Android and iOS)

This planner allows you to stay organized without any trouble. With the help of this planner, you can track your homework and class schedule and get reminders for tests. With its premium version, you can some excessive features of this app.

5) Wonderlist (Free for Windows, Android and iOS)

It is just like a task and to-do list. You can track school projects, college projects or make your grocery list. Wunderlist can sync instantly between your devices, such as computers and tablets to keep you updated. Feel free to set reminders and due dates to avoid any trouble.

6)  Tasker (Android $2.99)

It is a paid app for Android to control your Android phone and set up automation for different tasks. You can...

22:36

How We Built an Intrusion Detection System on AWS using Open Source Tools

Its roughly a year now that we built an intrusion detection system on AWS cloud infrastructure that provides security intelligence across some selected instances using open source technologies.

22:36

Katsiaryna Archangorodskaja joins our Futurists Board. Katerina is President of HawkMatrix and Executive Advisor at Apphera. Lifeboat News

Katsiaryna Archangorodskaja joins our Futurists Board. Katerina is President of HawkMatrix and Executive Advisor at Apphera.

22:30

Glibc 2.27 Is Being Released Soon With Numerous Performance Optimizations Phoronix

Glibc 2.27 will be released as soon as next week as the latest half-year update to the GNU C Library...

22:21

TechWorm

Microsoft has long been working on creating a modular operating system for Windows that can run across different platforms and form-factors.

Last year, Microsoft announced that they are working on turning Windows into a more modular operating system, a vision that has been codenamed Windows Core OS. Windows Core OS which will eventually be the future basis for all forms of Windows 10 is designed to provide flexibility that creates a versatile and an excellent new Windows experience for multiple device-form factors.

Codenamed as Polaris, this OS will eliminate old legacy components that have been part of the operating system for decades and are slowing it down. Polaris aims to create a much lighter software platform with less equipment loading, and thus lower power consumption. This system would also have a noticeably faster effect.

Microsoft is already developing an extensible and adaptable shell, known as CShell, to serve as the basis for the user interface of Polaris, Andromeda and Windows Core OS. This interface found in Polaris is supposed to build the wall of Andromeda OS and Windows Core OS.

It is worth emphasizing that Polaris will not get the native support of the Win32 application, as it will be replaced with UWP applications. However, Microsoft is considering the possibility of providing Win32 software support, but only through remote virtualization, suggest Windows Centrals sources.

Existing Windows users will not be able to switch to Polaris, either through an update or through a clean installation. This means that you cannot switch from Polaris to Windows 10 Pro or vice versa. Polaris will only be available on the devices that come with it.

Also, it is important to note that the currently available Windows 10 OS is not meant to be succeeded or substituted by Polaris. It is just a separate offer for those users looking for portability and a lightweight operating system.

It is assumed that Polaris will be ready for release in 2019.

22:18

Communication is key when responding to a cybersecurity incident Graham Cluley

Communication is key when responding to a cybersecurity incident

Ensure that a thought-through communication strategy is a key part of your response plan to a cybersecurity incident.

Read more in my article on the Bitdefender Business Insights blog.

22:06

DevOps and Security: How to Overcome Cultural Challenges and Transform to True DevSecOps

Similar to the proliferation of mobile devices in the enterprise several years ago where organizations were feeling the pressure to have a mobile strategy but didnt know where to start, were seeing the same situation with development methodologies. To accelerate development velocity, teams are feeling the pressure to do DevOps, and when integrating security, to do DevSecOps. But much like during the initial mobile wave, many companies say theyre implementing these methodologies, and might even think they are, but in reality, theyre not. Yet.

21:58

GLAMOR Acceleration Should Now Work With 30-Bit Deep Color Support Phoronix

GLAMOR as a means of providing 2D acceleration over OpenGL in X.Org Server 1.20 will support for 30-bit RGB colors...

21:40

The Dutch intelligence service AIVD hacked Russian Cozy Bear systems for years Security Affairs

Spying on spies The hackers from the Dutch intelligence service AIVD compromised for years the network of the Russian APT Cozy Bear.

Its not a mystery, technology firms that intend to work with Russia need to allow the Government experts to scan their code for backdoors and vulnerabilities.

The problem is that this software is often used by the US Government, this means that Russian experts could found bugs or backdoors to exploit in cyber attacks against US Agencies.

Many tech giants already allowed their software review, including McAfee, SAP, Symantec, and HPE, the risk is that foreign Governments could exploit a bug or a backdoor to control them.

Anyway, other firms like Trend Micro has refused to allow the Russians to conduct a source code review of their products.

Of course, the companies defend their position clarifying that the code review s were done under controlled conditions and that not code was allowed to be copied.

News of the day is that the Dutch intelligence service AIVD hacked Russian state-sponsored hackers.

The news was reported by the newspaper de Volkskrant, AIVD in 2014 monitored the activity of the Russian APT Cozy Bear (aka APT29) and its efforts to hack into systems at the US Democratic Partys and US government servers.

Dutch intelligence service AIVD provided the FBI with crucial information about Russian interference with the American elections.

The AIVD cyber spies compromised security cameras surrounding the building used by the Cozy Bear crew, the Dutch agents were looking for known Russian spies accessing the structure.

Hackers from the Dutch intelligence service AIVD have provided the FBI with crucial information about Russian interference with the American elections, reports the Dutch daily newspaper Volkskrant.nl.

Thats how the AIVD becomes witness to the Russian hackers harassing and penetrating the leaders of the Democratic Party, transferring thousands of emails and documents. It wont be the last time they alert their American counterparts.

...

21:12

Satellite Broadcaster Sky to Ditch Satellite Dishes SoylentNews

The British-based broadcaster Sky (with operations in the EU and elsewhere) has decided it doesn't need to keep attaching satellite dishes to the walls of its customers' homes.

The BBC reports:

The pay TV company already offers some programming online on its Sky Go and Now TV* services and through Sky boxes.

Sky said offering the option was a "major development" that would let it enter new markets.

It hopes that making its hundreds of channels more widely available will increase both revenue and profits.

Italy will be its first market to get all Sky channels online, followed by Austria, with the UK expected to follow later this year or in 2019.

Sky is not proposing to stop broadcasting by satellite. The move will allow customers who cannot have a dish or do not want one to get Sky, a spokesperson said. A Sky box will still be required.

The company's move is a response to greater competition from the likes of streaming services such as Netflix and Amazon.

*Now TV is an internet-based, subscriptionless pay-TV service. Established 5 years ago, it's wholly owned by Sky.


Original Submission

Read more of this story at SoylentNews.

21:07

PDP Xbox One Controllers Should Now Work With The Linux 4.15 Kernel Phoronix

One of the last minute changes sneaking into the Linux 4.15 kernel is support for PDP Xbox One controllers...

21:02

Finding Vulnerable Open Source Packages

Finding Vulnerable Packages

Now that you understand what a known vulnerability is, lets start going through the four steps needed to address them: find, fix, prevent, and respond.

The first step in solving any problem is acknowledging you have one! And so, with vulnerable packages, your first act should be to look for vulnerable packages your application is consuming. This chapter discusses how to test your application, when and how you should run such a test, and the nuances in running the test and interpreting the results.

20:42

Artificial Intelligence Nears the Summit of Hype in Davos Lifeboat News: The Blog

Artificial intelligence approached the summit of hype at this years World Economic Forum.

AI was on the lips of seemingly every corporate chief and policy maker attending this years conference in Davos, Switzerland. On Wednesday, the term artificial intelligence appeared in more than 20 headlines and stories Bloomberg ran about the gathering.

British Prime Minister Theresa May announced a new government-funded center to advise on ethical use of AI and French President Emmanuel Macron launched a 10 billion euro innovation fund aimed at new technologies like AI.

20:42

Graphical User Interfaces (GUIs) Are Not Inventions, But Sites of the Patent Microcosm (e.g. IAM) Want Us to Believe Otherwise Techrights

China and South Korea among the latest under the microscope

How on Earth are such simple GUIs being patented as though they are inventions?

Summary: In China and elsewhere the patent maximalists now get patents on GUIs (cascading or otherwise); Section 101 is not exactly designed to deal with such an absurdity

THINGS have gotten ridiculous. Some patents which are being granted nowadays (especially in countries like China) are borderline parodies. At Sun, engineers used to joke about the sorts of patents they could get examiners at the USPTO to approve/grant; they even mocked examiners for granting what they had drafted as (almost) practical jokes. WIPO is happy though because the number of annual patent grants continues to climb. More money for WIPO!

Im not writing this site as a lobbyist or as a self-serving exercise. In fact, it doesnt affect my job in any way. Its almost orthogonal to it. I have been developing software since I was 14 and I created many GUIs in my lifetime (dozens of programs with GUIs, using half a dozen different toolkits); people dont invent GUIs but simply design or piece them together, changing placement of buttons or menu items over time at risk of confusing users who have habits (muscle memory). The developers dont actually claim this to be an invention and its barely even like a painting. The element of consistency for predictability is essential for users. Thats where so-called UX experts creep in.

Anyway, Chinas patents (in Mandarin) are of low quality, but these are difficult for Westerners to assess because very few of them comprehend Mandarin. IAM, being IAM, is making excuses for China. Yesterday it wrote this piece about SIPO and added: Patent application rates in China are slowing and examiners are getting tougher.

Or maybe theyve just run out of nonsense to file. Its far too late for examiners to get tough (after many rubbish patents were granted). We occasionally read about some of these patents, including for instance patents on GUIs (not a joke!) and earlier this week Managing IP posted another example of this. GUI design...

20:34

Steam UI Finally Has A Scaling Mode For HiDPI Monitors Phoronix

At the same time as adding HiDPI monitor support for Windows 10, Valve has added a "2X-scaling mode" for the Steam client to satisfy modern high resolution monitors...

20:00

A New Life for a Dead VIC-20 Hackaday

What was the first computer you bent to your programmatic will? If youre old enough, it was probably a Commodore. For [Jagged-path], it was a VIC-20. After finding a broken one on Kijiji, he recaptured that 80s feeling with VicPi, a revitalization project that marries modern computing power with vintage form factor.

The VicPi can be used as a standalone computer or a USB keyboard for an external computer. As youve probably guessed, theres a Raspberry Pi involved. There is also a Keyrah board, which is arguably the easiest way to convert Commodore (and Amiga) keystrokes to USB without breaking a sweat.

There are a lot of nice touches that really make this project. A toggle switch on the back selects between VicPi mode and keyboard mode, and the distinction is made with a two-color LED in place of the VIC-20s power LED. [Jagged-path] used panel mount cables to extend the HDMI, 3.5mm, and USB ports and ran them out to a custom metal panel thats treated with rubberized black paint. Another nice touch: the dedicated keyboard port is USB-B, so its easy to differentiate from the Pi inputs.

If you have a working VIC-20 but not the rare Votrax Type n Talk synthesizer peripheral, you can use an old Android phone to hear those Voodoo Castle responses.

19:42

How to Install Tripwire IDS (Intrusion Detection System) on Linux

Title: 
How to Install Tripwire IDS (Intrusion Detection System) on Linux

19:39

Earliest Human Remains Outside of Africa Discovered SoylentNews

Earliest Human Remains Outside Africa Were Just Discovered in Israel

For decades, scientists have speculated about when exactly the bipedal apes known as Homo sapiens left Africa and moved out to conquer the world. That moment, after all, was a crucial step on the way to todays human-dominated world. For many years, the consensus view among archaeologists placed the exodus at 60,000 years agosome 150,000 years after the hominins first appeared.

But now, researchers in Israel have found a remarkably preserved jawbone they believe belongs to a Homo sapiens that was much, much older. The find, which theyve dated to somewhere between 177,000 and 194,000 years, provides the most convincing proof yet that the old view of human migration needs some serious re-examination.

The new research, published today in Science [DOI: 10.1126/science.aap8369] [DX], builds on earlier evidence from other caves in the region that housed the bones of humans from 90,000 to 120,000 years ago. But this new discovery goes one step further: if verified, it would require reevaluating the whole history of human evolutionand possibly pushing it back by several hundred thousand years.

Also at Binghamton University, BBC, and The Guardian.


Original Submission

Read more of this story at SoylentNews.

19:34

How a Microsoft-Sponsored and IBM-Armed Patent Troll Is Used by Lobbyists of Software Patents Techrights

Finjan started suing a lot of companies after Microsoft had paid it in 2005

Microsoft and Finjan

Summary: In an effort to make 101 seem as though its tolerant towards software patents, patent law firms and front groups of trolls cherry-pick what they like in the largely-failed lawsuit against Blue Coat Systems

The relatively new euphemism, "public IP companies", is being promoted by patent trolls and their fronts (such as IAM). They keep looking for new identities. Finjan is one such troll a troll which has been financially backed by Microsoft for a very long time and last year received more ammunition (from IBM [1, 2]).

Unfortunately, as we noted last week, the patent microcosm uses this troll in order to badmouth 101 and promote software patents (we shall say more about that in the weekend). For example, a few days ago Dilworth IPs Shin Hee Lee and Anthony D. Sabatelli published this article in which they wholeheartedly embraced a truly disgusting troll. The patent microcosm, i.e. people who profit from agony and litigation, wants to thwart the (near) ban on software patents and it found itself a champion:

On January 4th, the U.S. Patent and Trademark Office updated their webpage on subject matter eligibility with two new supplementary documents providing further guidance under 35 U.S.C. 101. The two new documents are useful summaries and references for practitioners and others having an interest in the area.

[...]

On January 10, 2018, the court decided Finjan, Inc. Blue Coat Systems, Inc., where upon de novo review it affirmed a district court finding that the underlying software-based subject matter was indeed patent eligible.

What they choose not to mention are the many patents which 101 did, in fact, invalidate. They cherry-pick just the one thing that suits them....

19:33

Court Orders Hosting Provider to Stop Pirate Premier League Streams TorrentFreak

In many parts of the world football, or soccer as some would call it, is the number one spectator sport.

The English Premier League, widely regarded as one the top competitions, draws hundreds of millions of viewers per year. Many of these pay for access to the matches, but theres also a massive circuit of unauthorized streams.

The Football Association Premier League (FAPL) has been clamping down on these pirate sources for years. In the UK, for example, it obtained a unique High Court injunction last year, which requires local Internet providers to block streams as they go live.

In addition, the organization has also filed legal action against a hosting provider through which several live sports streaming sites are operating. The case in question was filed in the Netherlands where Ecatel LTD, a UK company, operated several servers.

According to the complaint, Ecatel hosted sites such as cast247.tv, streamlive.to and iguide.to, which allowed visitors to watch live Premier League streams without paying.

As the streaming platforms themselves were not responsive to takedown requests, the Premier League demanded action from their hosting provider. Specifically, they wanted the company to disconnect live streams on their end, by null-routing the servers of the offending customer.

This week the Court of The Hague issued its judgment, which is a clear win for the football association.

The Court ruled that, after the hosting company receives a takedown notice from FAPL or one of its agents, Ecatel must disconnect pirate Premier League streams within 30 minutes.

[The Court] recommends that, after 24 hours of service of this judgment, Ecatel cease and discontinue any service used by third parties to infringe the copyright to FAPL by promptly but no later than 30 minutes after receipt of a request to that end, the verdict reads.

The ban can be lifted after the game has ended, making it a temporary measure similar to the UK Internet provider blockades. If Ecatel fails to comply, it faces a penalty of 5,000 for each illegal stream, to a maximum of 1,500,000.

While the order is good news for the Premier League, it will be hard to enforce, since Ecatel LTD was dissolved last year. Another hosting company called Novogara was previously linked with Ecatel and is still active, but that is not mentioned in the court order.

This means that the order will mostly be valuable as a precedent. Especially since it goes against an earlier order from 2015, which...

19:05

Stealth CrossRAT malware targets Windows, MacOS, and Linux systems Security Affairs

The popular former NSA hacker Patrick Wardle published a detailed analysis of the CrossRAT malware used by Dark Caracal for surveillance.

Last week a joint report published by security firm Lookout and digital civil rights group the Electronic Frontier Foundation detailed the activity of a long-running hacking group linked to the Beirut Government and tracked as Dark Caracal. The hacking campaigns conducted by Dark Caracal leverage a custom Android malware included in fake versions of secure messaging apps like Signal and WhatsApp.

The malware implements classic RAT features, such as taking screenshots and running arbitrary commands on the infected systems.

At the time of its discovery, the malware was not detected by almost all the anti-virus software (only two out of 58).

crossrat malware

The Dark Caracal attack chain implemented relies primarily on social engineering, the hackers used messages sent to the victims via Facebook group and WhatsApp messages. At a high-level, the hackers have designed three different kinds of phishing messages to trick victims into visiting a compromised website, a typical watering hole attack.

CrossRAT is written in Java programming language, for this reason, researchers can easily decompile it.

The popular former NSA hacker Patrick Wardle published a detailed analysis of the CrossRAT malware.

Once executed on the victims system, CrossRAT will determine the operating system its running on to trigger the proper installation procedure.

On Linux systems, the RAT also a...

19:00

AWKWARD: New DNA Analysis Reveals Original Native Americans Were White Terra Forming Terra




It makes sense that any who actually came through by the northern route would share genetics across the whole sub arctic. That same mix surely filled the Northern woodlands  As can easily be demonstrated by comparing photos of a typical Tibetan crowd shot and similar shots of many native groups.

Then you add in a continuing influx across the Atlantic since at least 2500 BC that was never interrupted at all and all present claims are complete nonsense. only massive DNA meta statisitics will be able to sort it all out and the skills are still in infancy.

Additional movement also took place along the Pacific Rim from Japan at the least back though thousands of years which also support much earlier dates for movement across the Atlantic.. 
.


AWKWARD: New DNA Analysis Reveals Original Native Americans Were White 

Posted on January 15, 2018

...

19:00

President Trump Drops NUCLEAR BOMB on Vaccine Mandates Terra Forming Terra




 All very subtle but he has just empowered the whole Vaccine counter revolution which has been vigorously suppressed to this point.  And has also been noted we are looking at Big Pharma becoming little Pharma.

Again legislation will follow in time, after much more difficult battles are resolved.  However in the meantime this allows the debate itself to shift strongly in favor of a complete reconsideration of the whole body of science and law as well.

Fascist enforcement has ended and this is also a general direction in regards to many other sick government mandates.  In the meantime we still have large numbers of rebel medicals been killed in suspicious circumstances and no explanation.



President Trump Drops NUCLEAR BOMB on Vaccine Mandates


Wars are won by making political alliances. If our side EVER wants to win we need to understand that simple fact.

By Kent Heckenlively, JD 

Its not the differences with your allies which should worry you, but the DESTRUCTION your common enemy...

19:00

Don't Eat Before Reading This Terra Forming Terra









An old item but also timeless as well. After all, not much can change in a commercial kitchen.

It really helps if you are not too anal about what is done to your food though.  Many cooking processes serve to make the food safe and that especially applies to well done.
 
At the same time a one week cycle works well with modern refrigeration and a bit of care.  But the constant operation does suggests that vulnerabilities can develop and easily explains the odd disaster..
 
 
Don't Eat Before Reading This

A New York chef spills some trade secrets.


April 19, 1999 Issue




Mondays fish has been around since Friday, under God knows what conditions. Illustration by Adrian Gill



Good food, good eating, is all about blood and organs, cruelty and decay. Its about sodium-loaded pork fat, stinky triple-cream cheeses, the tender thymus glands and distended livers of young animals. Its about dangerrisking the dark, bacterial forces of beef, chicken, cheese, and shellfish. Your first two hundred and seven Wellfleet oysters may transport you to a state of rapture, but your two hundred and eighth may send you to bed with the sweats, chills, and vomits.


Gastronomy is the science of pain. Professional cooks belong to a secret so...

19:00

Bahomet Pt I Terra Forming Terra




This is a very long article and i have roughly broken it into several parts. It appears to provide serious insight into pagan theology in particular as respects the Greek Mythos. That such has plausibly survived in several modern guises is no surprise and needs to be better understood as those modern Memes are apparently coming to bite us.

Most of this material i am obliquely aware of as occasional references in other works.  We now discover what we have here, perhaps a whole meme.

My first caution is to understand that these writings represent a deep understanding of the sources employed and cannot be dismissed out of hand, even when you are sure they are all on the wrong track altogether.  They are also a window into a world not otherwise encountered.

 What is impressive is the solid sources behind all the original material itself.

.

Meet Mete: Twymans Introduction to Joseph von Hammer-Purgstalls Mysterium Baphometis Revelatum


18:42

The Corcoran Incident Demonstrates That the EPOs Boards of Appeal Are Threatened and Battistelli Violates Laws Techrights

As the Boards themselves are sometimes courageous enough to note

A shocked Battistelli

Summary: The ongoing refusal to obey the rulings of judges (regarding an illegal attack on other judges) shows the Battistelli regime for what it truly is (necessitating immediate removal of immunity)

LAWLESSNESS at the EPO has become so routine that its almost banal now. Its the new norm.

We have just uploaded a local copy of the document regarding immunity and issues associated with it (published earlier this week and mentioning the EPO extensively). It was covered yesterday in relation to Battistellis war against justice and against the EPC. This war carries on. It even intensifies further, albeit somewhat covertly (they just keep uttering sound bites like perception of independence while sending judges to exile).

We now have two separable but related issues: 1. the EPO breaks laws and; 2. it does not obey the courts, either (when found to have broken laws). Its not even obeying ILOAT and its sending Corcoran to exile. We wrote three articles about it so far [1, 2, 3] and some media belatedly takes note. The only new bit of information there is that Corcoran is being given only weeks notice. This cites a letter:

In a letter addressed to the heads of delegations of the administrative council, the EPOs Central Staff Committee said that the office had informed Corcoran he would be permanently transferred in February 2018 to a post of...

18:30

Trump Attends World Economic Forum cryptogon.com

Via: Reuters: Donald Trump flew into the sanctum of the global elite on Thursday to promote his tax cuts and deregulation policies to CEOs and bankers, many of whom are eager to invest in the United States despite reservations about his turbulent presidency. The first sitting U.S. president to visit the World Economic Forum in []

18:00

UK Prime Minister Theresa May Attacks Encrypted Messaging, Seeks Safe and Ethical AI SoylentNews

Prime Minister Theresa May has not abandoned her usual crusades:

On a break from Brexit, British Prime Minister Theresa May takes her crusade against technology giants to Davos.

"No-one wants to be known as 'the terrorists' platform' or the first choice app for pedophiles," May is expected to say according to excerpts released by her office ahead of her speech Thursday at the World Economic Forum in Davos. "Technology companies still need to go further in stepping up their responsibilities for dealing with harmful and illegal online activity."

Don't forget the slave traders.

Luckily, May has a solution... Big AI:

After two years of repeatedly bashing social media companies, May will say that successfully harnessing the capabilities of AI -- and responding to public concerns about AI's impact on future generations -- is "one of the greatest tests of leadership for our time."

May will unveil a new government-funded Center for Data Ethics and Innovation that will provide companies and policymakers guidance on the ethical use of artificial intelligence.

Also at BBC, TechCrunch, and The Inquirer.

Related: UK Prime Minister Repeats Calls to Limit Encryption, End Internet "Safe Spaces"
WhatsApp Refused to add a Backdoor for the UK Government


Original Submission

Read more of this story at SoylentNews.

17:58

The Collusion: IP Kats (Until Recently) Stephen Jones Meets Battistelli to Lobby for the Unitary Patent (UPC) Techrights

This Kat is no watchdog but a lapdog

CIPA meeting with Stephen Jones
Last nights photo op shows Stephen Jones almost holding hands with Battistelli

Summary: The sad state of affairs in the patent microcosm (or litigation lobby), as Team UPC not only tolerates human rights abuses but also contributes to them by showing support for Battistelli (an alliance of convenience)

WHEN Stephen Jones entered IP Kat (last summer) we immediately complained that it would further embolden censorship of EPO scandals and contribute to UPC lobbying (already rampant there, mostly due to Bristows and more recently also Eibhlin Vardy).

IP Kats pushing/advocacy/promotion of the UPC (usually by Bristows) was further bolstered when it began censoring comments critical of the UPC and refused to cover EPO scandals, even deleting entire threads of comments because they criticised abuses at the EPO. Bristows staff was limiting comments while pushing their lobbying agenda (and actually deleting unwanted comments). In their own blog, Bristows does not permit comments at all, so yesterdays post, for example, will remain unchallenged in spite of spin and inaccuracies.

The sad thing is that in a sense, the Kat has been participating in the EPOs attacks on the Boards of Appeal every time it promoted the unconstitutional and abusive UPC.

Where does the above photo come from? The EPOs Web site (time-stamped 8 hours ago). Its specifically aimed at promoting the UPC (warning: epo.org link) and even mentions it explicitly:

High-level representatives and experts of the EPO, led by President Benot Battistelli, met yesterday in Munich with a delegation of the Chartered Institute of Patent Attorneys (CIPA) headed by its President, Stephen Jones.

The meeting allowed the EPO and CIPA to confirm that Brexit will have no consequence on UK membership of the European Patent Organisation, nor on the effect of European patents in the UK. Accordingly, Europ...

16:35

President Trump's Alleged Hatred of Sharks is a Boon for Shark Conservation Charities SoylentNews

Donald Trump's 'hatred of sharks' benefits conservation charities

Donald Trump's alleged hatred of sharks has inspired people to financially support international shark charities.

The US president's dislike for the marine animal was revealed last week in an In Touch Weekly interview with adult film actress Stormy Daniels. He reportedly said that he would never give money to shark charities, adding: "I hope all sharks die."

Shark conservation groups have since noted an uptick in donations, one with the message: "Because Trump." Charities such as Atlantic White Shark Conservancy and the Sea Shepherd Conservation Society told MarketWatch they had an outpouring of donations.


Original Submission

Read more of this story at SoylentNews.

15:12

Six revelations from tech's answers on Russia's election meddling The Hill: Technology Policy

Facebook, Twitter and Google on Thursday outlined their efforts to keep state-sponsored groups from manipulating their platforms and interfering in the U.S. political process.The companies detailed their efforts in 100 pages of responses to...

15:02

Please, Keep your Blog Light SoylentNews

Now that web pages weigh in at tens of megabytes and make scores of external calls, those with bandwidth caps are in for a raw deal unless the trend turns. A pseudo-anonymous blogger makes the appeal to please keep your blog light, as in kilobytes per page rather than megabytes.

The light went on for him when moving to a mobile service plan with a 25MB per month limit. It turns out that 25MB is barely enough to load seven blog posts from the site Medium. There the pages can be 3.26MB each and 25 divded by 3.26 is only about 7.6. Pages of that size would have taken close to 10 minutes to load over an old dialup connection. Most other sites are just as bad or worse. He walks through some easy steps to guarantee a lean web site with low bandwidth requirements and fast load times.


Original Submission

Read more of this story at SoylentNews.

14:00

The Irony of the Pope Decrying Fake News - Facts So Romantic Nautilus


What fake news breeds, like religion, is unnecessary uncertainty (Am I going to Hell?), a pernicious kind of epistemological gaslighting.Illustration by DonkeyHotey / Flickr

Pope Francis may be the first pontiff in Roman Catholic history to embrace the voice of the modern pundit. In 2015, he wrote an encyclical on climate change, Laudato Si, which the New Yorker described as a blistering indictment of the human failure to care for Earth and a poignant description of the momentous choice now confronting every government, corporation, and person on the planet. So perhaps it was just a matter of time before the head of the Roman Catholic Church pivoted from God to another global problemfake news.

The scale and danger of global disinformation may not be as grand and existential as the prospect of a warming planet, but that didnt stop the pope from recently penning what the New York Times called a major document about the phenomenon of fake news. In it, he wrote, Untrue stories can spread so quickly that even authoritative denials fail to contain the damage.

The Catholic Church amassed much of its vast following and fortune, still held to this day, on the generation of
Read More

13:41

To Detect Life on Other Planets, Look for Methane, Carbon Dioxide, and an Absence of Carbon Monoxide SoylentNews

A new study suggests a biosignature that the James Webb Space Telescope could search for:

The new study looks at the history of life on Earth, the one inhabited planet we know, to find times where the planet's atmosphere contained a mixture of gases that are out of equilibrium and could exist only in the presence of living organisms anything from pond scum to giant redwoods. In fact, life's ability to make large amounts of oxygen has only occurred in the past one-eighth of Earth's history.

By taking a longer view, the researchers identified a new combination of gases that would provide evidence of life: methane plus carbon dioxide, minus carbon monoxide.

"We need to look for fairly abundant methane and carbon dioxide on a world that has liquid water at its surface, and find an absence of carbon monoxide," said co-author David Catling, a UW professor of Earth and space sciences. "Our study shows that this combination would be a compelling sign of life. What's exciting is that our suggestion is doable, and may lead to the historic discovery of an extraterrestrial biosphere in the not-too-distant future."

Also at Popular Mechanics.

Disequilibrium biosignatures over Earth history and implications for detecting exoplanet life (open, DOI: 10.1126/sciadv.aao5747) (DX)


Original Submission

Read more of this story at SoylentNews.

12:12

Microsoft Will Soon Let You See the Telemetry Data that Windows 10 Collects SoylentNews

In a forthcoming Windows 10 release, Microsoft will let you view the telemetry data that the OS collects via a new Windows 10 app called Windows Diagnostic Data Viewer.

Microsoft announced its commitment to "be fully transparent on the diagnostic data collected" from Windows devices today and the release of the application adds options to Windows 10 to view collected Telemetry data.

Microsoft says that it wants to increase trust and confidence, and give users increased control over the data.

[...] You need Windows 10 build 17083 or newer to access the new data viewer. You can access the tool with a tap on Windows-I to open the Settings application, and the selection of Privacy > Diagnostics & feedback in the window that opens.

[...] Diagnostic Data Viewer is a Windows application to review Telemetry (diagnostic) data that Microsoft collects on the device to send it to company servers for analysis.

Note: Microsoft notes that enabling the feature may require up to 1 Gigabyte of additional hard drive space for storage.

A click on the button launches the application's Microsoft Store page on first run. You need to install the application from there before it becomes available.

[...] You find options to export the data to CSV files and to open the Privacy Dashboard on the Internet and the Privacy Settings on the local device as well there.

Search functionality is available which you use to find specific event data. The app returns event data that matches the entered text. Type your name, email addresses, PC name, IP address or any other data that you can think of to run searches across all Telemetry data that Microsoft collected on the device.

While you may use the search for that, you may click on any event listed in the sidebar to access it directly. The data is quite extensive, especially if Telemetry data collecting is set to full and not to basic. I had hundreds of events listed on the Windows 10 Insider build PC after the update to the most recent version. It will take some time to go through the information.


Original Submission

Read more of this story at SoylentNews.

11:58

Radeon VCN Gets Mesa Patches For HEVC Main Video Encode Phoronix

For those planning to pick up a Raven Ridge laptop or the forthcoming desktop APUs, the Mesa driver now has patches for enabling H.265/HEVC video encode support for VCN 1.0 on Raven hardware...

11:26

Pentium G4600 vs. Ryzen 3 1200 On Ubuntu 17.10 Linux Benchmarks Phoronix

Earlier this week I posted some benchmarks looking at Intel Pentium vs. AMD Ryzen 3 performance for Linux gaming. Those tests on the Pentium and Ryzen systems were done with both NVIDIA and AMD Radeon graphics for seeing how the gaming performance compares in the spectrum of sub-$100 CPUs and cheap graphics cards. But for those that were just curious about the CPU performance, here are some benchmarks I also carried out with the Pentium G4600 Kabylake and AMD Ryzen 3 1200.

11:04

11:02

What is the next stage in human evolution? Lifeboat News: The Blog

Will the transhumanist path forward lead us to singularity of posthuman superintelligence a-la Ray Kurzweil?


I think that the definition of being human is about to change a lot in the next century, says Michelle Thaller, astronomer and Assistant Director for Science Communication at NASA National Aeronautics and Space Administration.

Human beings next evolutionary leap is going to take us beyond our biological existence. How do you feel about merging with an artificial intelligence?

11:00

HPR2475: Information Underground -- Sex, Drugs, and Rock-n-Roll Hacker Public Radio

Deepgeek, Klaatu, and Lostnbronx look back at the flappers and speakeasies of the 1920's and 30's, and attempt to draw a line from the newly independent women of that era, up through the Playboy Bunnies of the 1950's, all the way to today. Are things better or worse? Is what we &quot;know&quot; about history really important? And do the Info-Underground boys have any clue what they're even talking about?

10:59

Facebook tells Congress it can't prove or disprove Trump-Russia collusion The Hill: Technology Policy

Facebook informed Congress in newly released documents that it could not prove or disprove collusion between President Trump's campaign and Russians who may have used the online platform to try to sway opinions during the 2016 presidential...

10:46

Overnight Tech: Employee who sent false missile alert not cooperating with FCC | Trump nominates four to the FTC | Hatch unveils bill on high-skilled visas | New push for broadband infrastructure The Hill: Technology Policy

EMPLOYEE RESPONSIBLE FOR FALSE ALERT NOT COOPERATING WITH FCC: The employee responsible for sending a false mobile alert across Hawaii warning of an incoming ballistic missile is not cooperating with Federal Communications Commission (FCC)...

10:28

Trump Administration Plans to End Support for the ISS by 2025 SoylentNews

A draft budget proposal would end support for the International Space Station (ISS) by 2025. The U.S. was previously committed to operating at the ISS until 2024:

The Trump administration is preparing to end support for the International Space Station program by 2025, according to a draft budget proposal reviewed by The Verge. Without the ISS, American astronauts could be grounded on Earth for years with no destination in space until NASA develops new vehicles for its deep space travel plans.

The draft may change before an official budget request is released on February 12th. However, two people familiar with the matter have confirmed to The Verge that the directive will be in the final proposal. We reached out to NASA for comment, but did not receive a response by the time of publication.

Also at the Wall Street Journal.

Related: Five Key Findings From 15 Years of the International Space Station
Congress Ponders the Fate of the ISS after 2024
NASA Eyeing Mini Space Station in Lunar Orbit as Stepping Stone to Mars
NASA and Roscosmos Sign Joint Statement on the Development of a Lunar Space Station
Russia Assembles Engineering Group for Lunar Activities and the Deep Space Gateway
Can the International Space Station be Saved? Should It be Saved?


Original Submission

Read more of this story at SoylentNews.

10:22

GCC 7.3 released LWN.net

GCC 7.3 is out. This is mainly a bug-fix release, but it does also contain the "retpoline" support needed to build the kernel (and perhaps other code) with resistance to the Spectre variant-2 vulnerability.

10:19

Tricks for Installing a Laser Printer on Linux in CUPS Shallow Thoughts

(Wherein I rant about how bad CUPS has become.)

I had to set up two new printers recently. CUPS hasn't gotten any better since the last time I bought a printer, maybe five years ago; in fact, it's gotten quite a bit worse. I'm amazed at how difficult it was to add these fairly standard laser printers, both of which I'd researched beforehand to make sure they worked with Linux.

It took me about three hours for the first printer. The second one, a few weeks later, "only" took about 45 minutes ... at which point I realized I'd better write everything down so it'll be faster if I need to do it again, or if I get the silly notion that I might want to print from another computer, like my laptop.

I used the CUPS web interface; I didn't try any of the command-line tools.

Figure out the connection type

In the CUPS web interface, after you log in and click on Administration, whether you click on Find New Printers or Add Printer, you're faced with a bunch of identical options with no clue how to choose between them. For example, Find New Printers with a Dell E310dw connected shows:

Available Printers
  • [Add This Printer] Virtual Braille BRF Printer (CUPS-BRF)
  • [Add This Printer] Dell Printer E310dw (Dell Printer E310dw)
  • [Add This Printer] Dell Printer E310dw (Dell Printer E310dw)
  • [Add This Printer] Dell Printer E310dw (Dell Printer E310dw (driverless))

What is a normal human supposed to do with this? What's the difference between the three E210dw entries and which one am I supposed to choose? (Skipping ahead: None of them.) And why is it finding a virtual Braille BRF Printer?

The only way to find out the difference is to choose one, click on Next and look carefully at the URL. For the three E310dw options above, that gives:

  • dnssd://Dell%20Printer%20E310dw._ipp._tcp.local/?uuid=[long uuid here]
  • lpd://DELL316BAA/BINARY_P1
  • ipp://DELL316BAA.local:631/ipp/print

Again skipping ahead: none of those are actually right. Go ahead, try all three of them and see. You'll get error messages about empty PPD files. But while you're trying them, write down, for each one, the URL listed as Connection (something like the dnssd:, lpd: or ipp: URLs listed above); and note, in the driver list after you click on your manufacturer, how many entries there are for your printer model, and where they show up in the list. You'll need that information later.

Download some drivers

Muttering about the idiocy of all this -- why ship empty drivers that won't install? Why not just omit drivers if they're not available? Why use the exact same name for three different printer entries and four different driver entries? -- the next step is to download and install the manufacturer's drivers. If you're on anything but Redhat, you'll probably either need to download an RPM and unpack it, or else google for the hidden .deb fi...

09:42

Graphene based glucose-monitoring contact lens comfortable enough to wear Lifeboat News: The Blog

A team of researchers with the Ulsan National Institute of Science and Technology in the Republic of Korea has developed a glucose monitoring contact lens that its makers claim is comfortable enough to wear. In their paper published on the open access site Science Advances, the group describes their contact lens and suggests it could be ready for commercial use within five years.

Diabetes results in unmanageable , requiring those who have the disease to monitor and adjust them with insulin or medicine. Monitoring, unfortunately, requires pricking a finger to retrieve a blood sample for testing, which most people do not like. For that reason, scientists seek another way. A new method employs a . Prior research has shown glucose levels in tears follows that of glucose levels in the blood in many respects. To date, there are no commercially available contact products because, as the researchers note, they are made of hard materials that are uncomfortable in the eye. They claim to have overcome that problem by breaking apart the pieces of their sensing device and encapsulating each in a soft polymer and then connecting them together in a flexible mesh.

The polymer is the same type used in conventional contact lenses. The components of the device consist of a graphene-based sensor, a rectifier, LED display and a stretchable antenna. Power for the sensor is still externalit is held in the air a minimum of nine millimeters from the lens. The LED glows during normal conditions and turns off when high levels of are detected. The flexibility of the lens and sensor components also allows for removal of the device in the same way as normal contact lensesby grabbing and bending.

09:34

Linux Foundation Announces "LinuxBoot" To Replace Some Firmware With Linux Code Phoronix

Not to be confused with Coreboot or its former name of LinuxBIOS, the Linux Foundation today announced LinuxBoot as a new initiative for replacing system firmware with the Linux kernel/drivers...

09:25

Are the BSDs dying? Some security researchers think so (CSO) LWN.net

Here's a 34c3 conference report in CSO suggesting that the BSDs are losing developers. "von Sprundel says he easily found around 115 kernel bugs across the three BSDs, including 30 for FreeBSD, 25 for OpenBSD, and 60 for NetBSD. Many of these bugs he called 'low-hanging fruit.' He promptly reported all the bugs, but six months later, at the time of his talk, many remained unpatched. 'By and large, most security flaws in the Linux kernel don't have a long lifetime. They get found pretty fast,' von Sprundel says. 'On the BSD side, that isn't always true. I found a bunch of bugs that have been around a very long time.' Many of them have been present in code for a decade or more."

09:23

Links 25/1/2018: Qt 5.11 Feature Freeze Soon, GCC 7.3 Ready Techrights

GNOME bluefish

Contents

GNU/Linux

  • Server

    • Mirantis CEO Adrian Ionel Comes Back, Champions Open Source for Multi-Cloud

      Mirantis brought back its original CEO and Co-founder Adrian Ionel (pictured), to move the company beyond private cloud and help its customers adopt multi-cloud strategies. Alex Freeland, who is also a co-founder, will step down as CEO but remain a board member.

      Ionel served as CEO from the companys launch in 2011 until 2015, when he left to start up Dorsal, an open source software support firm. During his initial tenure at Mirantis he led the companys investment in OpenStack, growing its customer base to more than 200 enterprises.

  • Kernel Space

    • New Coreboot Frame-Buffer Driver For The Linux Kernel

      A new Coreboot frame-buffer driver has been published for the Linux kernel that allows reusing of the frame-buffer setup by Coreboot during the hardware initialization process.

      Re-using the frame-buffer setup by Coreboot when initializing the graphics hardware can make for a faster booting system due to uselessly duplicating the FB setup process otherwise and for some small Linux systems just needing a basic frame-buffer can mean that the Linux kernel build doesnt even need a full graphics driver.

    • Linux Kernels 4.14.15, 4.9.78, and 4.4.113 Bring x86 and PowerPC Security Fixes

      Renowned Linux kernel maintainer Greg Kroah-Hartman released new kernel updates for the Linux 4.14, 4.9 LTS, and 4.4 LTS series, which add more security fixes and updated drivers.

      Linux kernels 4.14.15, 4.9.78 LTS, and 4.4.113 LTS are now available, and they come with numerous improvements. While Linux kernel 4.14.15 is by far the biggest of them all, containing 104...

08:59

Security updates for Thursday LWN.net

Security updates have been issued by CentOS (firefox), Debian (firefox-esr, gcab, and poppler), Fedora (clamav and firefox), Mageia (bind, firefox, glibc, graphicsmagick, squid, systemd, and virtualbox), openSUSE (firefox, GraphicsMagick, libexif, and libvpx), Red Hat (389-ds-base, dhcp, kernel, kernel-alt, kernel-rt, and nautilus), Scientific Linux (389-ds-base, dhcp, kernel, and nautilus), Slackware (curl), SUSE (kernel and webkit2gtk3), and Ubuntu (firefox, libtasn1-6, and mysql-5.5).

08:58

Maersk chair revealed its company reinstalled 45,000 PCs and 4,000 Servers after NotPetya Attack Security Affairs

The shipping giant Maersk chair Jim Hagemann Snabe revealed its company reinstalled 45,000 PCs and 4,000 Servers after NotPetya the attack.

The shipping giant Maersk was one of the companies that suffered the NotPetya massive attack, in August 2017 the company announced that it would incur hundreds of millions in U.S. dollar losses due to the ransomware massive attack.

According to the second quarter earnings report, there were expecting losses between $200 million and $300 million due to significant business interruption because the company was forced to temporarily halt critical systems infected with the ransomware.

Maersk

Now the Mller-Maersk chair Jim Hagemann Snabe has shared further details on the attack suffered by the company during a speech at the World Economic Forum this week.

Snabe explained that the attack forced the IT staff to reinstall 4,000 new servers, 45,000 new PCs, and 2,500 applications, practically a complete infrastructure.

The IT staff worked hard for ten days to restore normal operations.

And that was done in a heroic effort over ten days, Snabe said.

Normally I come from the IT industry you would say that would take six months. I can only thank the employees and partners we had doing that.

Snabe defined the incident as a very significant wake-up call, a strong security posture for a company is essential for the development of its business.

Snabe pointed out that Maersk was the victim of the militarization of a cyberspace, the damages were caused by a cyber weapon used by a foreign government to hit Ukraine.

Maersk ship docks worldwide every...

08:55

Trump nominates four potential FTC commissioners The Hill: Technology Policy

President Trump has put forth four nominees to the Federal Trade Commission (FTC), which has been operating with only two of its five seats filled throughout his administration.The names are not entirely new. Last year, Trump announced his...

08:53

Congress pushes broadband access ahead of Trump infrastructure proposal The Hill: Technology Policy

Congress is making a push to get rural internet access projects funded through President Trumps promised $1.7 trillion infrastructure plan.Lawmakers representing rural areas have argued that many of their constituents are losing out on economic and...

08:50

The Race to 5G IEEE Spectrum Recent Content full text

The Latest 5G News and Analysis IEEE Spectrum

08:42

Top Journal Reveals Keys to Telomere Length and Human Disease Lifeboat News: The Blog

New extensive study shares recent discoveries and sheds light on the role of telomere length in human diseases and aging. Part 3 of 3.

08:34

Patricia Florissi, Antony Passemard, Jon Corbet to Keynote at ELC + OpenIoT Summit North America

Title: 
Patricia Florissi, Antony Passemard, Jon Corbet to Keynote at ELC + OpenIoT Summit North America

08:22

Scientists Reveal Keys to Our Telomere Length Lifeboat News: The Blog

Newly published research reports on the accuracy of telomere length as a biomarker of aging, and its role in maximum human lifespan.


New research reports on the accuracy of telomere length as a biomarker of aging, and its role in maximum human lifespan. Part 1 of 3.

08:11

You are not alone Netflix is down for many and slow for some HackRead

By Carolina

You are not alone, Netflix is down for many while for some

This is a post from HackRead.com Read the original post: You are not alone Netflix is down for many and slow for some

08:05

Pirate Bay Founders Domain Service Mocks NY Times Legal Threats TorrentFreak

Back in the day, The Pirate Bay was famous for its amusing responses to legal threats. Instead of complying with takedown notices, it sent witty responses to embarrass the senders.

Today the notorious torrent site gives copyright holders the silent treatment, but the good-old Pirate Bay spirit still lives on elsewhere.

Earlier today the anonymous domain registration service Njalla, which happens to be a venture of TPB co-founder Peter Sunde, posted a series of noteworthy responses it sent to The New York Times (NYT) legal department.

The newspaper warned the registration service about one of its customers, paywallnews.com, which offers the news services content without permission. Since this is a violation of The Times copyrights, according to the paper, Njalla should take action or face legal consequences.

NYT: Accordingly, we hereby demand that you immediately provide us with contact information including email addresses for both the actual owner of the paywallnew.com website, and for the hosting provider on which the paywallnew.com website is located.

If we have not heard from you within three (3) business days of receipt of this letter, we will have no choice but to pursue all available legal remedies.

Njalla is no stranger to threats of this kind but were somewhat offended by the harsh language, it seems. The company, therefore, decided to inform the NYT that there are more friendly ways to reach out.

Njalla: Thanks for that lovely e-mail. Its always good to communicate with people that in their first e-mail use words as we demand, pursue all available legal remedies and so forth. Id like to start out with some free (as in no cost) advice: please update your boiler threat letters to actually try what most people try first: being nice. Its not expensive (actually the opposite) and actually it works much better than your method (source: a few tens of thousands years of human development that would not have been as efficient with threats as it would have been with cooperation).

In addition, Njalla also included a request of its own. They kindly asked (no demand) the newspapers legal department for proof that they are who they say they are. You can never be too cautious, after all.

Njalla: Now, back to the questions you sent us. Were not sure...

08:00

FBI Whistleblower on Pierre Omidyar and His Campaign to Neuter Wikileaks SoylentNews

FBI Whistleblower on Pierre Omidyar and His Campaign to Neuter Wikileaks

FBI whistleblower Sibel Edmonds asserts Pierre Omidyar decided to create The Intercept to not only take ownership of the Snowden leaks but also to continue his blockade against WikiLeaks and create a "honey trap" for whistleblowers.

WikiLeaks, the transparency organization known for publishing leaked documents that threaten the powerful, finds itself under pressure like never before, as does its editor-in-chief, Julian Assange. Now, the fight to silence Wikileaks is not only being waged by powerful government figures but also by the media, including outlets and organizations that have styled themselves as working to protect whistleblowers.

As this three-part series seeks to show, these outlets and organizations are being stealthily guided by the hands of special interests, not the public interest they claim to serve. Part I focuses on the Freedom of the Press Foundation, The Intercept, and the oligarch who has strongly influenced both organizations in his long-standing fight to silence WikiLeaks.

Read more of this story at SoylentNews.

07:54

George Soros at Davos: Trump 'a danger to the world' The Hill: Technology Policy

Billionaire Democratic donor George Soros on Thursday took aim at President Trump and tech giants during an appearance at the World Economic Forum in Davos, Switzerland.I consider the Trump administration a danger to the world...

07:54

AI-Powered Drone Mimics Cars and Bikes to Navigate Through City Streets IEEE Spectrum Recent Content full text

Deep-learning algorithm uses car and bicycle dataset to fly a drone autonomously Photo: Robotics and Perception Group/University of Zurich

Two years ago, roboticists from Davide Scaramuzza's lab at the University of Zurich used a set of pictures taken by cameras mounted on a hikers head to train a deep neural network, which was then able to fly an inexpensive drone along forest paths without running into anything. This is cool, for two reasons: The first is that you can use this technique to make drones with minimal on-board sensing and computing fully autonomous, and the second is that you can do so without collecting dedicated drone-centric training datasets first. 

In a new paper appearing in IEEE Robotics and Automation Letters , Scaramuzza and one of his Ph.D. students, Antonio Loquercio, along with collaborators Ana I. Maqueda and Carlos R. del-Blanco from Universidad Politcnica de Madrid, in Spain, present some new work in which theyve trained a drone to autonomously fly through the streets of a city, and theyve done it with data collected by cars and bicycles.

A car and bicycle image datasets were used to train DroNet, a convolutional neural network that can fly a drone through the streets of a city

Most autonomous drones (and most autonomous robots in general) that don't navigate using a pre-existing map rely on some flavor of simultaneous localization and mapping, or (as the researchers put it), "map-localize-plan." Building a map, localizing yourself on that map, and then planning safe motion is certainly a reliable way to move around, but it requires big, complex, and of course very expensive, power-hungry sensors and computers. And if were going to make commercial drones work, thats just not feasible. 

Fortunately, its possible to replace all that hardware with a more data-driven approach. Given a large enough dataset showing the right way of doing things, you can train a neural network to respond to simple inputs (like images from a monocular camera) with behaviors that are, if not necessarily complex, at least what a human would probably do. Unfortunately, you can't easily collect training data in a real, busy environment like a city. Fortunately, there are already plenty of datasets available for these kinds of environments, thanks to the whole self-driving car thing thats been going on for a while. Unfortunately, these datasets arent ideal for training a drone not...

07:53

Reddit rolls out 2-factor authentication for users Help Net Security

The 234 million or so unique Reddit users are finally getting the option of setting up 2-factor authentication for their account(s). Why is that important? With over 540 million monthly visitors, social news aggregator Reddit is one of the top ten most popular websites in the world. You dont need to open an account to peruse its content, but if you want to participate in discussions on one of its countless subreddits, youll have to More

07:23

DXVK Begins Working For Even More D3D11-Over-Vulkan Games On Wine Phoronix

The progress is stunning made by a lone developer on the DXVK project for mapping the Direct3D 11 graphics API on top of Vulkan for allowing better performance/support for D3D11 games on Wine...

07:04

[ANNOUNCE] CVE advisory for Apache NiFi 1.0.0 - 1.3.0 Open Source Security

Posted by Andy LoPresto on Jan 25

The Apache NiFi PMC would like to announce the following CVE discovery in Apache NiFi 1.1.0 - 1.3.0. This issue was
resolved with the release of NiFi 1.4.0 on October 2, 2017. NiFi is an easy to use, powerful, and reliable system to
process and distribute data. It supports powerful and scalable directed graphs of data routing, transformation, and
system mediation logic. For more information, see https://nifi.apache.org/security.html....

07:00

3 More Documentaries for Engineers IEEE Spectrum Recent Content full text

California Typewriter, AlphaGo, and The Farthest Photo: Gravitas Ventures

Last August, IEEE Spectrum plucked three films from the video deluge that we felt were particularly suited for engineers. Now, weve waded back in to bring you three more apropos documentaries that have recently become available to stream or download.

  • California Typewriter

    Photo: Gravitas Ventures Tom Hanks explains his love of clacking keys in California Typewriter.

    We murdered it. There is no one more directly to blame for the demise of the typewriter than EEs. We built the computers and the displays that birthed word processing, and swept a century-old technology from homes and offices. (In one sense, though, we immortalized the typewriter even as we killed it, with QWERTY keyboards still flashing up on our smartphones when it comes time to actually write anything.) So its only fitting to honor the typewriter by watching this documentary. California Typewriter follows three threads: a collector on the hunt for a surviving example of the first commercially successful typewriter; an artist who dismantles typewriters and turns the pieces into sculpture; and a struggling typewriter repair shop in Berkeley, Calif. (Of particular interest to me was the enormous variety of designs found in 19th-century typewriters, reminiscent of the variety found during the mini- and microcomputer boom that lasted from 1965 to 1985.) You might come away thinking theres some life in these mechanical contraptions yet.

  • AlphaGo

    Photo: Reel as Dirt/Moxie Pictures

    AlphaGo tells the story of the Go contest where humanity went down.

    As extensively covered i...

What the Count of Monte Cristo Can Teach Us About Cybersecurity IEEE Spectrum Recent Content full text

In 1844, Alexandre Dumas described a telecom hack based on insider threats and social engineering Photo: Nadar/The Museum of Fine Arts, Houston; Book: Bantam Classic The French writer Alexandre Dumas described a technological hack that exploited personal foibles.

What can a 174-year-old French novel possibly have to say about cybersecurity? Quite a lot, it turns out. Alexandre Dumass The Count of Monte Cristo was published in 1844, and so he of course knew nothing about the Internet and probably little about electricity. But the writer had a keen understanding of human nature and how people interact with technology, and he saw how technological attacks could by engineered by exploiting personal foibles.

The communications technology at the heart of The Count of Monte Cristo is the telegraph, although not the familiar electric telegraph. That telegraph was still being developed when Dumas was writing his novel. In 1837, Charles Cooke and William Wheatstone demonstrated their electric telegraph system in London, and Samuel Morse patented the idea for his telegraph in the United States.

Etching of a Chappe optical telegraph circa 1793. Image: Photo12/UIG/Getty Images A 1793 etching of an optical telegraph tower, part of a national network used by the French revolutionary government.

The telegraph of The Count of Monte Cristo is the optical telegraph. Starting in the 1790s, the French built and operated this long-distance communications system, which eventually included two main lines, one running from the English Channel to the Mediterranean and the other from Spain to Belgium. Each line consisted of a string of towers, spaced roughly 10 kilometers apart. At the top of each tower was a semaphorea large rotatable crossbeam with a short movable arm at each end. When a message was being transmitted, each towers operator would adjust the semaphore to match the semaphore at the previous tower; the next towers operator would do the same, and so the message would travel down the line. [For a fuller account of how the optical telegraph operated, see Gerald J. Holzmann and Bjrn Pehrsons...

06:51

The Strong Case That Twitter Censorship Violates California's Civil Rights Laws SoylentNews

Submitted via IRC for TheMightyBuzzard

The social media giant may be guilty of violating of California law regarding discriminating against a political class, and being deceptive to their customer base. Twitter, by discriminating against people on the right, has exposed itself to a potential cascade of legal liabilityincluding a potential class action suit.

Despite being from dangerous.com, this is not an attempted troll. The author gives a quite interesting analysis of Twitter's potential legal issues in censoring political speech in California.

Source: https://www.dangerous.com/40574/arroz-strong-case-twitter-censorship-violates-californias-civil-rights-laws/


Original Submission

Read more of this story at SoylentNews.

06:26

A look into the cyber arsenal used by Lazarus APT hackers in recent attacks against financial institutions Security Affairs

Security experts at Trend Micro have analyzed malware and a tool used by the Lazarus APT group in the recent attacks against financial institutions.

Security experts at Trend Micro have analyzed the attacks conducted by the notorious Lazarus APT group against financial institutions.

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated.

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.  Security researchers discovered that North Korean Lazarus APT group was behind attacks on banks, including the Bangladesh cyber heist.

In the last campaigns against financial firms, the cyber spies launched watering hole attacks and leveraged a variant of the Lazarus-linked RATANKBA Trojan.

The malware known as RATANKBA is just one of the weapons in Lazarus arsenal. This malicious software, which could have been active since late 2016, was used in a recent campaign targeting financial institutions using watering hole attacks. The variant used during these attacks (TROJ_RATANKBA.A) delivered multiple payloads that include hacking tools and software targeting banking systems. reads the analysis published by Trend Micro.

The researchers identified and hacked in some servers used by the cyber spies for temporarily storing stolen data, the analysis of the backend reveale...

06:18

06:16

Alphabet enters enterprise cybersecurity market, launches Chronicle Help Net Security

Googles parent company Alphabet has announced its entry into the lucrative enterprise cybersecurity market through Chronicle, a company started in early 2016 as a project at X, Alphabets moonshot factory. Chronicle has now graduated to the status of an independent company within Alphabet, and is lead by Stephen Gillett, formerly an executive-in-residence at Google Ventures and Chief Operating Officer of Symantec. VirusTotal, a malware intelligence service acquired by Google in 2012, will be become a More

05:58

DNC beefs up cyber team with former Yahoo executive The Hill: Technology Policy

The Democratic National Committee (DNC) is bringing on new talent from the private sector to bolster its cyber defenses ahead of the 2018 midterm elections. DNC Chairman Tom Perez announced Thursday that the committee has hired Bob Lord, who...

05:44

Employee who sent false alert in Hawaii not cooperating with FCC probe, official says The Hill: Technology Policy

The employee responsible for sending a false mobile alert across Hawaii warning of an incoming ballistic missile is not cooperating with Federal Communications Commission (FCC) investigations looking into the matter, an FCC official said Thursday....

05:44

You are not alone Facebook and Instagram are down for many HackRead

By Carolina

You are not alone, Facebook and Instagram are down for

This is a post from HackRead.com Read the original post: You are not alone Facebook and Instagram are down for many

05:30

Understanding Crosstalk for Signal Integrity Applications IEEE Spectrum Recent Content full text

This white paper provides an introduction to crosstalk with a specific focus on signal integrity applications offering guidelines of what to watch out for when measuring crosstalk.

Although crosstalk has been around for a long time, theres a growing interest in crosstalk as data-rates continue to increase and ICs/PCBs continue to shrink. This white paper provides an introduction to crosstalk with a specific focus on signal integrity applications offering guidelines of what to watch out for when measuring crosstalk.


Using a simple simulation we will show why crosstalk is becoming so important in high-speed digital communication and why system level tools such as bit error rate testers and oscilloscopes are not ideal for pinpointing crosstalk issues and certainly not for troubleshooting.


We will also cover the two measurement methods; time domain and frequency domain, and look at why the dynamic range of an instrument is less of a worry for signal integrity applications, while understanding measurement uncertainty is critical for obtaining repeatable measurements.


Finally, we will look more closely at Vector Network Analyzers as tool for signal integrity measurements and calibration techniques for minimizing measurement uncertainties.

05:18

Photophoretic-Trap Volumetric Display (Star Wars-like "Hologram") Created SoylentNews

https://www.nature.com/articles/d41586-018-01125-y

The technique, described in Nature on 24 January, works more like a high-speed Etch a Sketch: it uses forces conveyed by a set of near-invisible laser beams to trap a single particle of a plant fibre called cellulose and heat it unevenly. That allows researchers to push and pull the cellulose around. A second set of lasers projects visible light red, green and blue onto the particle, illuminating it as it moves through space. Humans cannot discern images at rates faster than around 10 per second, so if the particle is moved fast enough, its trajectory appears as a solid line like a sparkler moving in the dark. And if the image changes quickly enough, it seems to move. The display can be overlaid on real objects and viewers can walk around it in real space.

The images created so far are tiny just millimetres across. And only simple line drawings can be created at the speeds needed to fashion moving images. The team managed to depict a moving spiral line drawing and the static outline of a butterfly. The technique needs substantial development but is a simple design with huge potential for improvement, says William Wilson, a researcher in nanotechnology at Harvard University in Cambridge, Massachusetts.

Also at Science Magazine and Phys.org (Associated Press).

A photophoretic-trap volumetric display (DOI: 10.1038/nature25176) (DX)

Free-space volumetric displays, or displays that create luminous image points in space, are the technology that most closely resembles the three-dimensional displays of popular fiction. Such displays are capable of producing images in 'thin air' that are visible from almost any direction and are not subject to clipping. Clipping restricts the utility of all three-dimensional displays that modulate light at a two-dimensional surface with an edge boundary; these include holographic displays, nanophotonic arrays, plasmonic displays, lenticular or lenslet displays and all technologies in which the light scattering surface and the image point are physically separate. Here we present a free-space volumetric display based on photophoretic optical trapping that produces full-colour graphics in free space with ten-micrometre image points using persistence of vision. This display works by first isolating a cellulose particle in a photophoretic trap created by spherical and astigmatic aberrations. The trap and particle are then scanned through a display volume while being illuminated with red, green and blue l...

05:13

PCI Council sets security requirements for mobile point of sale solutions Help Net Security

The PCI Security Standards Council has announced a new PCI Security Standard for software-based PIN entry on commercial off-the-shelf (COTS) devices such as smartphones and tablets. What are we talking about here? Stores that offer customers the possibility to purchase things with their payment card usually have a hardware terminal and PIN entry device. But this can be too pricey an option for small merchants in markets that require EMV chip-and-PIN acceptance. A cheaper option More

05:02

Chinese Scientists Just Cloned a MonkeyHere Are the Details Lifeboat News: The Blog

In 1996, Dolly the sheep became the first mammal to be cloned from a somatic cell. Twenty years later, scientists have succeeded in using the same technique on primatesas detailed in a study published today in the journal Cell, two long-tailed macaque monkeys were born at the Chinese Academy of Sciences Institute of Neuroscience in Shanghai.

04:56

Wyden blasts FBI chief over encryption remarks The Hill: Technology Policy

A Democratic senator is blasting the leader of the FBI over recent comments he made about encryption, calling them ill-informed.Sen. Ron Wyden (D-Ore.) wrote a letter to FBI Director Christopher Wray on Thursday criticizing him for advocating for...

04:42

We are happy to announce Dr. Michael West as a speaker for the 2018 Undoing Aging Conference Lifeboat News: The Blog

Dr. West keynoted at the very first SENS conference, back in 2003 in Cambridge, and its a true delight

04:32

Linux.Conf.Au 2018 Videos Now Available Phoronix

Taking place this week in Sydney, Australia is the 2018 Linux.Conf.Au conference. For those that can't make the event, there's a livestream, but if the time difference impacts you, the recordings are now beginning to trickle in via YouTube...

04:22

How To Launch A Space Startup Lifeboat News: The Blog

New technology, investment, and policy are helping to boost smaller companies like Rocket Lab into the stratosphere. Their founders share some advice.

04:05

New Purism Developer To Begin Work On Tackling Responsive GTK+ Apps Phoronix

GNOME developer Adrien Plazas has joined Purism as part of their effort of getting GTK+ applications on the Librem 5 smart-phone...

04:00

The Fastest Linux Distribution For Ryzen: A 10-Way Linux OS Comparison On Ryzen 7 & Threadripper Phoronix

While we frequently do Linux OS/distribution performance comparisons on the latest Intel desktop and server hardware, some requests came in recently about looking closer at the fastest Linux distribution(s) when running on AMD's Ryzen desktop processors. Here are benchmarks of ten popular Linux distributions tested out-of-the-box on Ryzen 7 1800X and Threadripper 1950X systems.

03:45

DIY Graphene Putty Makes Super-Sensitive Sensor SoylentNews

Submitted via IRC for TheMightyBuzzard

It is sort of an electronics rule 34 that if something occurs, someone needs to sense it. [Bblorgggg], for reasons that aren't immediately obvious, needs to sense ants moving over trees. No kidding. How are you going to do that? His answer was to use graphene.

Silly Putty, which is just silicone putty, gives the graphene an unusually large dynamic range. That is, it can detect large pressures (say, a finger pressing) and still detect a very faint pressure (like your heart beating through the finger). Apparently, the graphene lines up to become pretty conductive in the putty and then any deformation causes the resistance to go up. However, when the pressure subsides, the graphene lines back up.

Source: https://hackaday.com/2018/01/23/diy-graphene-putty-makes-super-sensitive-sensor/


Original Submission

Read more of this story at SoylentNews.

03:30

Indexing Chuck Not Required Hackaday

Becoming accomplished with a lathe is a powerful skillset, but its only half of the journey. Being clever comes later, and its the second part of the course. Patience is in there somewhere too, but lets focus on being clever. [TimNummy] wants a knobbed bolt with critical parameters, so he makes his own. After the break, there is a sixty-second summary of the linked video.

Making stock hardware is a beginners tasks, so custom hardware requires ingenuity or expensive machinery. Adding finger notches to a bolthead is arbitrary with an indexing chuck, but one isnt available. Instead, hex stock becomes a jig, and the flat sides are utilized to hold the workpiece at six intermittent angles. We cant argue with the results which look like a part that would cost a pretty penny.

Using material found in the workshop is what being clever is all about. Hex brass stock comes with tight tolerances on the sides and angles so why not take advantage of that?

[TimNummy] can be seen on HaD for his Jeep dome light hack and an over-engineered mailbox flag. Did you miss [Quinn Dunki]s piece on bootstrapping precision machine tools? Go check that out!

03:22

TIGIT as a Biomarker for T Cell Senescence and Exhaustion Lifeboat News: The Blog

In a new study, researchers propose that TIGIT is a marker of T cell senescence and exhaustion in the immune system. However, not only is TIGIT just a biomarker, it is also a potential therapeutic target; as the researcher team discovered, lowering levels of TIGIT resulted in the restoration of some lost function in T cell populations that were experiencing high levels of senescence and exhaustion.


In a new study, researchers propose that TIGIT is a marker of T cell senescence and exhaustion in the immune system[1]. However, not only is TIGIT just a biomarker, it is also a potential therapeutic target; as the researcher team discovered, lowering levels of TIGIT resulted in the restoration of some lost function in T cell populations that were experiencing high levels of senescence and exhaustion.

Aging is associated with immune dysfunction, especially T-cell defects, which result in increased susceptibility to various diseases. Previous studies showed that T cells from aged mice express multiple inhibitory receptors, providing evidence of the relationship between T-cell exhaustion and T-cell senescence. In this study, we showed that T-cell immunoglobulin and immunoreceptor tyrosine-based inhibitory motif (ITIM) domain (TIGIT), a novel co-inhibitory receptor, was upregulated in CD8 + T cells of elderly adults. Aged TIGIT + CD8 + T cells expressed high levels of other inhibitory receptors including PD-1 and exhibited features of exhaustion such as downregulation of the key costimulatory receptor CD28, representative intrinsic transcriptional regulation, low production of cytokines, and high susceptibility to apoptosis. Importantly, their functional defects associated with aging were reversed by TIGIT knockdown.

03:14

How To Deploy Django App on Heroku TechWorm

Hey geeks and really interesting people out there, today we are doing a little resume on how you can deploy django app on heroku.

Yeah, even if you dont know anything about it, here you can learn how to do it, so keep reading to become a deployer master.

Is kinda obvious, but first, you need to have a Heroku account, is you already have it skip this step, however if you dont, you can create a Heroku account in like one minute or even less, you can choose the plan that is more suitable for the functionalities you need to have, this platform counts with 4 plans: Free that will cost you $0, and then the ones you need to pay to have, that are hobby, standard, and performance. This time we are working on the free plan.

I need to highlight something really important here, at the moment you create your account,  you choose the primary development language, please be sure you select Python. After you finish all the steps you will receive a confirmation email.

Having your account next is installing the CLI for Heroku, this is the main tool you need to interact properly with Heroku, to do this you need first open the console, enter your user-name and password, of the account you already have or just create.

Then start creating a Heroku app, and next you need to connect to PostgreSQL, is kind of easy for those who already have experience on the field.

After you start creating your app, you can start configuring the Django apps for your Heroku system, you can try at first writing a really easy Django application, however, if you are a lot more experienced you can try to do one a little bit more complicated.

You need to have the requirements.txt file, this file contains a list of all you need for app packages, you need to create this file in the root folder. After you have this configured, you need to have the profile, this describes all the commands you will need to execute the app. And last in this step but not least; you need to have the runtime.txt, which is the file that specifies the Python version.

Then we need to separate the Django settings, this is necessary for the app you are creating is this start to grow. After you have it, you need to set up static files. First, you need to modify settings.py ? wsgi.py; that will assure you a correct display of files. After this step, it came the data configuration and the local launch.

If you complete all these steps correctly, you will just need to go and deploy Django to Heroku, run migrations and thats it! For those who want to take a look at the code here, you have all the...

03:13

Cybercriminals Selling Social Security Numbers of Infants on Dark Web HackRead

By Waqas

Dark Web has become a creepy place since it is

This is a post from HackRead.com Read the original post: Cybercriminals Selling Social Security Numbers of Infants on Dark Web

03:08

Systemd 237 Is Being Prepared For Release Phoronix

The first systemd update of 2018 should soon be here...

03:00

Regulators ask Congress for more power to police cryptocurrencies The Hill: Technology Policy

The United States two top trading regulators on Wednesday asked Congress for more direct jurisdiction over cryptocurrency trading.Securities and Exchange Commission (SEC) Chairman Jay Clayton and Commodity Futures Trading Commission (CFTC)...

03:00

New Antennas Will Take CubeSats to Mars and Beyond IEEE Spectrum Recent Content full text

By packing big antennas into tiny satellites, JPL engineers are making space science cheap Illustration: John MacNeill

img
Illustration: John MacNeill

One morning in November 2014, Kamal Oudrhiri, a colleague of mine at the Jet Propulsion Laboratory (JPL), in Pasadena, Calif., burst into my office with an intriguing proposition. A first-of-its-kind satellite was headed for Mars. The satellite would fly alongside NASAs InSight Mars Lander, relaying data in real time back to Earth during the landers critical entry, descent, and landing. We have to achieve 8 kilobits per second, and were limited in terms of power. Our only hope is a large antenna, Oudrhiri explained. Oh, and the satellite itself will be only about the size of a briefcase.

Nothing as diminutive as the Mars satellitewhich belongs to a class called CubeSatshad ever gone farther than low Earth orbit. The antenna would be stowed during launch, occupying only about 830 cubic centimeters. Shortly thereafter, it would unfurl to a size three times as large as the satellite itself. It would have to survive the 160-million-kilometer flight to the Red Planet, including the intense vibration of launch and the radiation and extreme temperatures of deep space. How hard could that be?

Fortunately, my colleagues and I love a challenge, and we welcomed the chance to push CubeSat technology to its limits. These tiny spacecraft have become the go-to vessel for researchers and startups doing Earth imaging and monitoring. Compared with traditional satellites, they are relatively inexpensive and small, weighing just a few kilograms, and they can be ready to launch in a matter of months, rather than the years it typically takes to prepare a standard spacecraft. Over time, the onboard sensors and processing that CubeSats can carry have been the beneficiaries of Moores Law advancements in electronics, growing more powerful and sophisticated, lighter in weight, and energy efficient.

img
Photo: JPL/NASA RainCube's Umbre...

Test Tube Hard Drives Compute with Chemicals IEEE Spectrum Recent Content full text

Storing data as small molecules and getting them to compute by reacting could speed some computations Photo: Barry Rosenthal/Getty Images

A group of scientists and engineers at Brown University is planning to use chemicals in a droplet of fluid to store huge amounts of data and, eventually, get them to do complex calculations instantly. Theyve just received US $4.1 million from the Defense Advanced Research Projects Agency to get started, and plan to borrow robots and automation from the pharmaceutical industry to speed their progress.

Were hoping that at the end of this well have a hard drive in a test tube, says Jacob Rosenstein, assistant professor of electrical engineering, who is co-leading the project with theoretical chemist Brenda Rubenstein.

Theres been a big push recently to store data as molecules of DNA, but the Brown chemical computing project will do things differently, potentially ending up with greater data density and quicker readouts.

If it seems like theyll need a lot of different chemicals to make this scheme do anything important, youre right. But that may not be a big problem at all. The Brown team will rely on a class of chemistry called Ugi reactions. These are combinations of four chemicals reacted together all at once to produce a small organic molecule. The pharmaceutical industry uses automated systems that react different combinations to produce millions of chemicals for testing as drugs.

So how do they tell which of those millions is actually in a drop of liquid? Rubenstein, Rosenstein, and their colleagues will use a technology called mass spectrometry. Its essentially the same technology used to find evidence of doping drugs in athletes urine. Basically, it charges the molecules in a sam...

02:42

What happens when AI tries too hard to improve reality, in one photo Lifeboat News: The Blog

Technically speaking, Google Photos Assistant did a pretty good job.

02:42

Scientists building worlds most-powerful SUPER LASERS that can RIP holes in space Lifeboat News: The Blog

A NEW laser is being built that is powerful enough to rip apart empty space.

02:26

Will Americans ever know the truth about FBI and DOJ abuses? MassPrivateI


FISA memo worse than Watergate

Multiple Felonies by Top Government Officials Exposed

DEEP STATE, In PANIC, Tries To Drop Fusion GPS Dossier


02:20

Kristen Fortney, CEO at BioAge Labs, joins our Life Extension Board. Lifeboat News

Kristen Fortney, CEO at BioAge Labs, joins our Life Extension Board.

02:15

Hundreds of new accounts tweeted support of releasing controversial memo: report The Hill: Technology Policy

The Twitter hashtag campaign #ReleaseTheMemo was partially driven by hundreds of Twitter accounts created just last week, according to CNN analysis.The media outlet found that more than 1,000 accounts that were created between the Thursday...

02:12

Simon Shelton, Teletubbies' Tinky Winky, Has Passed Away at Age 52 SoylentNews

Tributes have been paid to actor Simon Shelton, best known for playing purple Teletubby Tinky Winky, following his death at the age of 52.

[...] The original Teletubbies ran on the BBC from 1997 to 2001 and spawned a number one single, called Teletubbies say 'Eh-oh!', in December 1997.

Speaking in 2008, Shelton said he had little inkling Teletubbies would be the success it was when he was cast as Tinky Winky.

"I didn't know it would be as big as it was, but I did know as soon as I started working on it that it had something special," he said.

The original Teletubbies series was watched by around one billion children in more than 120 countries in 45 languages.

Shelton, a father of three, lived in Ampthill in Bedfordshire.

http://www.bbc.com/news/entertainment-arts-42788001


Original Submission

Read more of this story at SoylentNews.

02:01

Keep Accurate Time on Linux with NTP

Title: 
Keep Accurate Time on Linux with NTP

02:01

The Current State of the Black Market: You Cant Buy Vantablack Hackaday

Sometimes you need something to be utterly, totally, irredeemably black. Not just a little bit black, not just really really really dark blue, but as black as it is possible to get. It might be to trap light in a camera or a telescope, for artistic purposes, or even to make your warplane a more difficult target for enemy missiles. Either way, were here to help, not to judge. So what are your options?

Well, first of all, theres the much-lauded Vantablack. The name itself is a clue as to its origin  Vertically Aligned Nano Tube Arrays. It works by coating an object with a forest of carbon nanotubes in a complicated vacuum deposition process. When light hits the surface, some of it is absorbed by the nanotubes, and any that is reflected tends to be absorbed by neighbouring nanotubes rather than escaping the surface coating of the object.

Like a Void in the Universe

Two masks, one in bronze, the other coated in Vantablack. So much incoming light is absorbed that it becomes impossible to see the surface contours of the coated object.

Vantablack has the current crown for being the blackest black currently available, absorbing 99.965% of visible light. However, before you get too excited, it does have some drawbacks. In its original form, it has to...

02:01

Spritecoin ransomware masquerades as cryptocurrency wallet and also harvests victims data Security Affairs

Fortinet discovered a strain of ransomware dubbed Spritecoin ransomware that only allows victims Monero payments and pretends to be a cryptocurrency-related password store.

Researchers from Fortinet FortiGuard Labs has discovered a strain of ransomware that only allows victims Monero payments and pretends to be a cryptocurrency-related password store.

The ransomware poses itself as a spritecoin wallet, it asks users to create their desired password, but instead of downloading the block-chain it encrypts the victims data files.

The malware asks for a 0.3 Monero ransom ($105 USD at the time of writing) and drops on the target system a ransom note of Your files are encrypted.

SpriteCoin ransomware

The malware includes an embedded SQLite engine, a circumstance that leads experts to believe it also implements a credentials harvesting feature for Chrome and Firefox credential store. The malicious code appends the .encrypted file extension to encrypted files (i.e. resume.doc.encrypted).

While decrypting the files, the Spritecoin ransomware also deploys another piece of malware that is able to harvest certificates, parse images, and control the web camera.

In a cruel twist, if the victim decides to pay and obtain a decryption key they are then delivered a new malicious executable [80685e4eb850f8c5387d1682b618927105673fe3a2692b5c1ca9c66fb62b386b], detected as W32/Generic!tr. reads the report.

While have not yet fully analyzed this malicious payload, we can verify that it does have the capability to activate web cameras and parse certificates and keys that will likely leave the victim more compromised than before.

The experts speculate the ransomware is being spread via forum spam that targets users interested in cryptocurrency.

Ransomware is usually delivered via social engineering techniques, but can also be delivered without user interaction via exploits. These often arrive (but are not limited to) via email, exploit kits, malicious crafted Excel/Word/PDF macros, or JavaScript downloaders. states the...

01:53

Security flaw in Moto G5 Plus allows anyone to bypass lockscreen HackRead

By Waqas

A critical security flaw or bug in Motorola Moto G5 Plus

This is a post from HackRead.com Read the original post: Security flaw in Moto G5 Plus allows anyone to bypass lockscreen

01:48

San Jose mayor resigns from FCC advisory panel The Hill: Technology Policy

San Jose Mayor Sam Liccardo has reportedly quit a Federal Communications Commission (FCC) advisory committee that focuses on broadband deployment.Liccardo accused the Broadband Deployment Advisory Committee of providing policy...

01:45

How cybercriminals abuse the travel and hospitality industry Help Net Security

The travel and hospitality industry suffers billions of losses each year due to fraud. With the right combination of other underground services (compromised accounts, credit cards, etc.) it is possible to cover almost every aspect of the holidays, including food and restaurants, shopping, entertainment, guided tours and more way beyond flights and hotels, Vladimir Kropotov, Researcher at Trend Micro, told Help Net Security. Whats on offer? Kropotov and his colleagues have been rifling through More

01:39

Verdict in Copyright/Trademark Infringement Case: $710,001 Awarded to Grumpy Cat Limited SoylentNews

Grumpy Cat wins $710,000 payout in copyright lawsuit

A cat made famous online because of its permanent scowl has been awarded $710,000 (500,000) in a copyright case by a California federal court.

Grumpy Cat Limited sued the owners of US coffee company Grenade for exceeding an agreement over the cat's image. The company only had rights to use the cat to sell its "Grumppuccino" iced drink, but sold other Grumpy products.

The cat, real name Tardar Sauce, went viral in 2012 after photographs of her sour expression emerged online. Originally posted on the social website Reddit by the brother of the cat's owner, Tabatha Bundesen, the image of the cat quickly spread as a meme with funny text captions.

In 2013 Grenade Beverage, owned by father and son Nick and Paul Sandford, struck a $150,000 deal to market iced coffee beverages with the cat's scowl on its packaging.

[...] Grumpy Cat is thought to have earned millions in endorsement and advertising deals.

Also at Courthouse News.


Original Submission

Read more of this story at SoylentNews.

01:35

Great Gesture by Mohammed Siraj after 14 year kid hacked his account and got arrested Hacker News Bulletin | Find the Latest Hackers News

With the increase in cybercrimes nowadays, social media accounts are the ones which are the most vulnerable. The rate of them getting hacked is increasing day by day. One of the things we see now is not only professional hackers are into hacking social media accounts, but young students and teenagers are also now doing

The post Great Gesture by Mohammed Siraj after 14 year kid hacked his account and got arrested appeared first on Hacker News Bulletin | Find the Latest Hackers News.

01:31

Hatch bill would dramatically increase H-1B visas The Hill: Technology Policy

Sen. Orrin Hatch (R-Utah) plans to release legislation on Thursday that would expand high skilled immigration visas and allow the spouses and children of such visa holders to legally work in the U.S.According to the text of the bill obtained by...

01:26

Meeting du 3 fvrier 2018 HZV / Hackerzvoice / The Hackademy

Comme tous les premiers samedis du mois, c'est meeting HZV !

RDV  samedi 3 fvrier 2018 l'Electrolab 52, Rue Paul Lescop Nanterre  16H !

Nous vous rappelons que les meets sont ouverts tous !

Pas de talk programm pour le moment, si vous voulez en proposer un, crivez-nous sur meet [at] hackerzvoice [dot] net !

 

Piqre de rappel : le CFP de la #ndh16 est ouvert, vous avez jusqu'au 5 avril prochain pour faire vos propositions : https://submit.hackerzvoice.net/

01:24

Sam Gyimah Replaced Jo Johnson More Than a Fortnight Ago, But Team UPC Has Ignored It Until Now Techrights

Sam Gyimah

Summary: Another great example of Team UPC intentionally ignoring facts that dont suit the UPC agenda and more misinformation from Team UPC (which now suppresses comments expressing the wrong views)

IT IS not news. It was reported on early in the month. Team UPC could report it more than two weeks ago, but it did not. How convenient, as usual. It also reported absolutely nothing about the British government/Parliament totally removing the UPC from the agenda (after it had been put there).

Team UPC could report it more than two weeks ago, but it did not.Sam Gyimah, who is relatively young for a politician, replaces another young politician, whom we criticised for being inexperienced in his domain (still, Donald Trump even appoints officials who have only just graduated from college). This morning we wrote about Bristows mentioning it weeks late (while also distorting the facts or making stuff up) and this afternoon it was Michael Loney who belatedly covered it:

Sam Gyimah, member of UK parliament for East Surrey, has been confirmed as the UK IP minister

The above publisher is close to EPO management and has helped promote the UPC for years. Perhaps they realise that they cant go on ignoring the fact that Jo Johnson is history. His words, his infamous photo op with crooked Battistelli, all that lobbying et cetera? Perhaps all in vain. Is Gyimah already being showered with brown-nosing advice from Team UPC? Its not unthinkable. Bristows...

01:10

Beware! Undetectable CrossRAT malware targets Windows, MacOS, and Linux systems The Hacker News

Are you using Linux or Mac OS? If you think your system is not prone to viruses, then you should read this. Wide-range of cybercriminals are now using a new piece of 'undetectable' spying malware that targets Windows, macOS, Solaris and Linux systems. Just last week we published a detailed article on the report from EFF/Lookout that revealed a new advanced persistent threat (APT) group,

00:36

The EPO is Already in Violation of ILO Rulings on Judge Corcoran Techrights

Under normal circumstances, executives or presidents can be arrested for refusing to obey court orders

Benot Battistelli

Summary: The incredible situation at the EPO, where court orders from several countries (and international tribunals) are simply being disregarded, staff is being bullied, and corrupt officials get away with punishing people who speak about the corruption (while they themselves enjoy immunity)

THIS MORNING we mentioned ILOATs latest decisions (dozens of EPO ones). We dont wish to comment on any of them without prior consultation, primarily because without context theres room for misinterpretation. We did look at a few decisions.

The ILO actually arranged an exceptional delivery of several Corcoran decisions, perhaps realising it would be essential to guard Corcorans job (his contract/term would have expired before the normal delivery). Last month we read that Patrick Corcoran would likely be mentioned (again) in some of this latest batch, possibly along with staff representatives. The ILO actually arranged an exceptional delivery of several Corcoran decisions, perhaps realising it would be essential to guard Corcorans job (his contract/term would have expired before the normal delivery).

Over the past month Corcorans life (and career) was chaotic in spite of ILOs intervention. He may have worked in 3 places and offices (Haar, Munich, and The Hague) in just about a month. We dont know if he is already at The Hague or not. Harassing him (even outside the courtroom) and making it impossible for him to adapt makes dismissal for incompetence easier, or simply gives him the incentive to walk away and give up. It is absolutely despicable and we keep trying to bring this to the attention of ILO (and Guy Ryder personally).

Its Mr. Battistelli who ought to be sent to The Hague, preferably in handcuffs (they have the ICC there).We have already heard from multiple sources [1,...

00:30

Data breaches at an all time high: How are businesses protecting themselves? Help Net Security

Digitally transformative technologies are shaping the way organisations do business and moving them to a data-driven world, with 94% of organisations using sensitive data in cloud, big data, IoT, container, blockchain and/or mobile environments, according to the 2018 Thales Data Threat Report. Digital transformation is driving efficiency and scale as well as making possible new business models that drive growth and profitability. Enterprises are embracing this opportunity by leveraging all that digital technology offers, with More

00:08

libcurl has had authentication leak bug dated back to before September 1999 Security Affairs

According to a security advisory, libcurl is affected by a couple of issues, one of them might cause the leakage of authentication data to third parties.

libcurl is a free and easy-to-use client-side URL transfer library, it builds and works identically on numerous platforms.

According to a security advisory, libcurl is affected by a couple of issues, one of them might cause the leakage of authentication data to third parties.

The problem is related to the way it handles custom headers in HTTP requests.

When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. states the advisory.

Sending the same set of headers to subsequest hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using clients request. We are not aware of any exploit of this flaw.

Applications that pass on custom authorization headers could leak credentials or information that could be abused by attackers to impersonate the libcurl-using clients request.

This vulnerability tracked as CVE-2018-1000007 has been present since before curl 6.0, back to before September 1999. Affected versions are libcurl 7.1 to and including 7.57.0, later versions (7.58.0) are not affected, the patch was published on GitHub.

this solution creates a slight change in behavior. Users who actually want to pass on the header to other hosts now need to give curl that specific permission. You do this with [location-trusted](https://curl.haxx.se/docs/manpage.html#location-trusted) with the curl command line tool.

libcurl is also affected by an HTTP/2 trailer out-of-bounds read vulnerability tracked as CVE-2018-1000005.

The issue is related to the code that creates HTTP/1-like headers from the HTTP/2 trailer data that appends a string like `:` to the target buffer (it was recently changed to `: `...

00:06

Camels Disqualified from Saudi Beauty Pageant Due to Botox Injections SoylentNews

A Dozen Camels Disqualified From Saudi Beauty Pageant Over Botox Injections

Some pageant contestants hit a hump in the road this week. That is, a camel beauty contest in Saudi Arabia disqualified a dozen camels for receiving Botox injections to make them more attractive.

Saudi media reported that a veterinarian was caught performing plastic surgery on the camels a few days before the pageant, according to UAE's The National. In addition to the injections, the clinic was surgically reducing the size of the animals' ears to make them appear more delicate.

"They use Botox for the lips, the nose, the upper lips, the lower lips and even the jaw," Ali Al Mazrouei, a regular at such festivals and the son of a prominent Emirati breeder, told the newspaper. "It makes the head more inflated so when the camel comes it's like, 'Oh look at how big that head is. It has big lips, a big nose.' "

Real money is at stake: About $57 million is awarded to winners of the contests and camel races, The National reports, with more than $31.8 million in prizes for just the pageants.

Also at The New York Times, Reuters, and Newsweek.

Check out the world's tallest camel


Original Submission

Read more of this story at SoylentNews.

00:03

Firefox 59 Might Ship With Working Wayland Support Phoronix

Besides Firefox 59 being the release doing away with GTK2 support, this next Mozilla web-browser release might be the one to achieve working native Wayland support...

00:02

Grumpy Cat Wins $710,000 From Copyright Infringing Coffee Maker TorrentFreak

grumpcatThere are dozens of celebrity cats on the Internet, but Grumpy Cat probably tops them all.

The cats owners have made millions thanks to their pets unique facial expression, which turned her into an overnight Internet star.

Part of this revenue comes from successful merchandise lines, including the Grumpy Cat Grumppuccino iced coffee beverage, sold by the California company Grenade Beverage.

The company licensed the copyright and trademarks to sell the iced coffee but is otherwise not affiliated with the cat and its owners. Initially, this partnership went well, but after the coffee maker started to sell other Grumpy Cat products, things turned bad.

The cats owners, incorporated as Grumpy Cat LLC, took the matter to court with demands for the coffee maker to stop infringing associated copyrights and trademarks.

Without authorization, Defendants [] have extensively and repeatedly exploited the Grumpy Cat Copyrights and the Grumpy Cat Trademarks, the complaint read.

Pirate coffee..
grumpycoffee

After two years the case went before a jury this week where, Courthouse News reports, the cat itself also made an appearance.

The eight-person jury in Santa Ana, California sided with the cats owner and awarded the company $710,000 in copyright and trademark infringement damages, as well as a symbolic $1 for contract breach.

According to court documents, the majority of the damages have to be paid by Grumpy Beverage, but the companys owner Paul Sandford is also held personally liable for $60,000.

The verdict is good news for Grumpy Cat and its owner, and according to their attorney, they are happy with the outcome.

Grumpy Cat feels vindicated and feels the jury reached a just verdict, Grumpy Cats lawyer David Jonelis said, describing it as a complete victory.

A copy of the verdict form is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offe...

00:00

ICO protection: Key threats, attack tools and safeguards Help Net Security

Group-IB has analyzed the basic information security risks for the cryptoindustry and compiled a rating of key threats to an ICO (initial coin offering). On average, over 100 attacks are conducted on one ICO, and criminals are increasingly using modified Trojans that were previously used for thefts from banks, as well as targeted attacks with a view to compromise secret keys and secure control over accounts. Ranking threats While summing up a year of protecting More

Thursday, 25 January

23:30

Download: 2018 Cybersecurity Checklist Help Net Security

Todays attacks are spreading faster, evolving quicker, and evading even the most widely used security solutions. But that doesnt mean you cant fight back. Get practical recommendations for preventing and mitigating the latest attacks with this free checklist. Get actionable suggestions on how to: Prevent compromise in the first place by defending against the most popular attack vectors Mitigate post-exploitation activities like privilege escalation and lateral movement attempts Know when attackers attempt to launch malicious More

23:20

Triumph for Twitch over the viewbots Graham Cluley

Triumph for Twitch over the viewbots

A US court has ruled in the favour of videogame-streaming service Twitch against two bot-makers who sold a service to artificially inflate Twitch channels' number of viewers and fans.

23:06

8 Unusual IT Interview Questions and Approaches: CIOs Share

We asked IT and business leaders to share their tips for bringing out these and other key  qualities during interviews. Read on for their unique and interesting interview questions and strategies and what the responses help them discern about candidates. And if youre a job seeker: Learn and get ready for these strategies.

Jonathan Feldman, CIO, City of Asheville, N.C. 

"I am a hater of the weird question. I regret using weird questions in the past, because I want people to be comfortable. 

23:00

Twitter RNG is Powered By Memes Hackaday

Twitter is kind of a crazy place. World leaders doing verbal battle, hashtags that rise and fall along with the social climate, and a never ending barrage of cat pictures all make for a tumultuous stream of consciousness that runs 24/7. What exactly were supposed to do with this information is still up to debate, as Twitter has yet to turn it into a profitable service after over a decade of operation. Still, its a grand experiment that offers a rare glimpse into the human hive-mind for anyone brave enough to dive in.

One such explorer is a security researcher who goes by the handle [x0rz]. Hes recently unveiled an experimental new piece of software that grabs Tweets and uses them as a noise to mix in with the Linux urandom entropy pool. The end result is a relatively unpredictable and difficult to influence source of random data. While he cautions his software is merely a proof of concept and not meant for high security applications, its certainly an interesting approach to introducing humanity-derived chaos into the normally orderly world of your computers operating system.

Noise sampling before and after being merged with urandom

This hack is made possible by the fact that Twitter offers a sample f...

22:49

Storage-NG Now Active In openSUSE Tumbleweed Phoronix

SUSE's libstorage-ng back-end for YaST's new low-level storage library is now active within the rolling-release openSUSE Tumbleweed distribution...

22:37

Reddit rolls out 2FA to all its users Graham Cluley

Reddit rolls out 2FA to all its users

Reddit users can now secure their accounts with two-factor authentication (2FA).

Read more in my article on the Tripwire State of Security blog.

22:34

MoneroPay Malware Pretends to Be a Cryptocurrency Wallet HackRead

By David Balaban

A brand new ransomware malware that is called MoneroPay has been

This is a post from HackRead.com Read the original post: MoneroPay Malware Pretends to Be a Cryptocurrency Wallet

22:33

Decoding 5G New Radio IEEE Spectrum Recent Content full text

The Latest on 3GPP and ITU Standards

5G report logo, link to report landing page

By: Sarah Yost, mmWave Product Manager, National Instruments

Everywhere you look today, 5G is at the center of conversations about exciting new technology. Recent announcements from Mobile World Congress 2017 in late February indicate that 5G is already here. The truth is that 5G isnt here yet, but we are getting closer. The past year has been busy in all aspects of the communications community, from the work on the standardization process to updates from regulatory bodies to our understanding of the channel for new proposed millimeter wave (mmWave) frequencies to the new technology under development that will turn 5G into a commercial reality. Last year, I wrote a paper called mmWave: The Battle of the Bands to provide an overview of the technologies being proposed for mmWave frequencies. This year, Im building on that information by examining mmWave for communications and presenting an update to the question on everyones mind: What is 5G and when will it be here?

5G Frequencies: A Combination of mmWave and Sub-6 GHz

Though some things at this point on the 5G journey may not be clearly defined, one thing is certain: sub-6 GHz spectrum is still very important, and mmWave frequencies will be used to supplement sub-6 GHz technology. Figure 1 shows the wide range of requirements expected of 5G, from ultra-reliable, high-bandwidth communication for enhanced mobile broadband (eMBB) applications to the low-bandwidth, machine-to-machine (M2M) type communications we expect to see in Internet of Things applications. It is difficult, if not impossible, for one band of spectrum to meet all these needs, but combining two bands provides complementary coverage. Sub-6 GHz spectrum offers better propagation and backward compatibility for narrowband applications, while the contiguous bandwidth at mmWave frequencies enables the key eMBB applications that 5G promises.

Figure 1. Targeted 5G applications include enhanced mobile broadband and machine-to-machine communication.

Figure 1: Targeted 5G applications include enhanced mobile broadband and machine-to-machine communication.

The ITU has defined two phases o...

Proposal for an Upper Bound on Planetary Mass SoylentNews

A new definition of a planet could help to distinguish gas giants from brown dwarfs:

[Kevin] Schlaufman's definition is based on mass. In a paper published [DOI: 10.3847/1538-4357/aa961c] [DX] January 22, 2018, in the peer-reviewed Astrophysical Journal, Schlaufman has set the upper boundary of planet mass between four and 10 times the mass of the planet Jupiter.

Schlaufman found that objects of at least 10 Jupiter masses tend not to form around metal-rich solar-type dwarf stars:

Planets like Jupiter are formed from the bottom-up by first building-up a rocky core that is subsequently enshrouded in a massive gaseous envelope. It stands to reason that they would be found near stars heavy with elements that make rocks, as those elements provide the seed material for planet formation. Not so with brown dwarfs. Brown dwarfs and stars form from the top-down as clouds of gas collapse under their own weight.

Schlaufman's idea was to find the mass at which point objects stop caring about the composition of the star they orbit. He found that objects more massive than about 10 times the mass of Jupiter do not prefer stars with lots of elements that make rocks and therefore are unlikely to form like planets. For that reason, and while it's possible that new data could change things, he has proposed that objects in excess of 10 Jupiter mass should be considered brown dwarfs, not planets.

Abstract:

Celestial bodies with a mass of M 10 MJup have been found orbiting nearby stars. It is unknown whether these objects formed like gas-giant planets through core accretion or like stars through gravitational instability. I show that objects with M 4 MJup orbit metal-rich solar-type dwarf stars, a property associated with core accretion. Objects with M 10 MJup do not share this property. This transition is coincident with a minimum in the occurrence rate of such objects, suggesting that the maximum mass of a celestial body formed through core accretion like a planet is less than 10 MJup. Consequently, objects with M 10 MJup orbiting solar-type dwarf stars likely formed through gravitational instability and should not be thought of as planets. Theoretical models of giant planet formation in scaled minimum-mass solar nebula ShakuraSunyaev disks with standard parameters tuned to produce giant planets predict a maximum mass nearly an order of m...

22:32

What Does Every Engineer Need to Know about 5G? IEEE Spectrum Recent Content full text

Over the last several years, researchers have been hard at work exploring new concepts and technologies to answer the question What is 5G?.

5G report logo, link to report landing page

By Sarah Yost, SDR Solution Marketing, National Instruments

The 3GPP, 3rd Generation Partnership Project, is the standards body that publishes agreed upon specifications that define our wireless communications standards.  They have outlined a timeline for 5G, and the first phase of definition for 5G, called New Radio or NR, just passed in early December 2017 (timeline shown below).

Figure 1 The first specification of the New Radio technology for 5G was ratified in late 2017, with further updates through 2018.

Figure 1 The first specification of the New Radio technology for 5G was ratified in late 2017, with further updates through 2018.

Although NR Phase 1 will be different from the LTE protocol commonly used in todays mobile communications, there will be similarities as well.  The most stark differences between LTE and NR is the carrier bandwidth and operating frequency.  In addtition, NR adds new beamforming capabilities both in the analog and digital domains.  The table below illustrates a side by side comparison of key specifications for LTE and NR.

Table 1 Proposed millimeter-wave frequency bands for 5G. *For future study, not part of LTE Release 15

Table 1 Proposed millimeter-wave frequency bands for 5G. *For future study, not part of LTE Release 15

National Instruments Figure 2: ...

22:07

The Qt 5.11 Feature Freeze Is Imminent Phoronix

While it feels like Qt 5.10 was just released a short time ago, the scheduled feature freeze and branching for Qt 5.11 is imminent...

22:06

Hands-on Test of Windows Subsystem for Linux

If you don't want to do without the main advantages of Linux on the Windows platform, the Windows Subsystem for Linux offers another option. We delve the depths of the Linux underworld and explain how you can optimize the subsystem.

22:04

Ex-Montana House Majority Leader Gets 18 Years for Drug Trafficking cryptogon.com

Via: Great Falls Tribune: A former leader of the Montana House of Representatives who once supported funding for an anti-drug campaign was sentenced to 18 years in prison Thursday for his central role in a methamphetamine trafficking ring. Michael Lange, the Republican House majority leader during the 2007 Legislature, arranged deliveries of at least 20 []

21:58

New Coreboot Frame-Buffer Driver For The Linux Kernel Phoronix

A new Coreboot frame-buffer driver has been published for the Linux kernel that allows reusing of the frame-buffer setup by Coreboot during the hardware initialization process...

21:54

Biggest Washington DC Lobbyist Is Now Google cryptogon.com

Via: Register: For the first time, an internet company has become the largest lobbyist in Washington DC. With the release of fourth quarter lobbying figures a legal requirement it has been revealed that Google (well, Alphabet) spent no less than $18m in 2017 to lobby lawmakers in the US capital: a 17 per []

21:53

CVE-2017-15132: dovecot: auth client leaks memory if SASL authentication is aborted. Open Source Security

Posted by Aki Tuomi on Jan 25

Score: 5.3, AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected versions: 2.0 up to 2.2.33 and 2.3.0
Fixed versions: 2.2.34 (not released yet), 2.3.1 (not released yet)

We have identified a memory leak in Dovecot auth client used by login
processes. The leak has impact in high performance configuration where
same login processes are reused and can cause the process to crash due to memory exhaustion.

Patch to apply this issue can be found from...

21:47

Monkeys Cloned in World First cryptogon.com

Via: Independent: Two monkeys are the first ever primates to be cloned using the technique that created Dolly the sheep. The technique brings the prospect of cloned human beings even more closer. But scientists caution that there may be no good reason to create such clones, and that ethical and legal questions need to be []

21:34

Movit 1.6 Released For GPU-Based Video Filter Library Phoronix

Movit, the "Modern Video Toolkit", that aims to provide high-quality, high-performance GPU-based video filters is out with a new release...

21:22

Noumenas Robotic Habitats Questions The Evolution of Artificial Intelligence Lifeboat News: The Blog

for the 2017 tallinn architecture biennale, noumena has presented its installation based on the future of robots and its adaptability with the environment. deep learning has paved the way for machines to expand beyond narrow capabilities to soon achieving human-level performance on intellectual tasks. however, as artificial intelligence A.I. establishes its place within humans, society will need to develop a framework for both to thrive. a new form of artificial life will emerge, finding space at the peripheries of humanity in order to not compete for human-dominated resources. A.I. will attempt to improve its operating surroundings to not just survive but be self-sustaining, forming the basis of a civilization constrained at the intersection of nature and technology.


image tnu tunnel.

barcelonian based practice noumena has developed a framework to build this narrative based on the cross disciplinary intersection of computational design, mechanical and electronic design, rapid prototyping interaction and mapping. nowadays, computing tools as well as rapid prototyping machines allow to have a quick practical feedback on design solutions and to iterate experimenting different possibility at the same time giving the chance to choose and custom a functional part.

21:14

GCC 7.3 Released With Spectre V2 Mitigation Support Phoronix

GNU Compiler Collection 7.3 is now available as the latest GCC7 point release and the prominent changes being support for helping mitigate Spectre variant two using some new compiler switches...

21:00

First Monkey Clones Created SoylentNews

First monkey clones created in Chinese laboratory

Two monkeys have been cloned using the technique that produced Dolly the sheep. Identical long-tailed macaques Zhong Zhong and Hua Hua were born several weeks ago at a laboratory in China.

Scientists say populations of monkeys that are genetically identical will be useful for research into human diseases. But critics say the work raises ethical concerns by bringing the world closer to human cloning.

Qiang Sun of the Chinese Academy of Sciences Institute of Neuroscience said the cloned monkeys will be useful as a model for studying diseases with a genetic basis, including some cancers, metabolic and immune disorders. "There are a lot of questions about primate biology that can be studied by having this additional model," he said.

[...] Prof Robin Lovell-Badge of The Francis Crick Institute, London, said the [somatic cell nuclear transfer] technique used to clone Zhong Zhong and Hua Hua remains "a very inefficient and hazardous procedure". "The work in this paper is not a stepping-stone to establishing methods for obtaining live born human clones," he said.

China will get the job done while twiddle their thumbs in their ivory towers.

Cloning of Macaque Monkeys by Somatic Cell Nuclear Transfer (open, DOI: 10.1016/j.cell.2018.01.020) (DX)


Original Submission

Read more of this story at SoylentNews.

20:42

Behind the simulations imagining the nuclear apocalypse Lifeboat News: The Blog

Security experts say more of these hands-on demonstrations are needed to get an industry traditionally focused on physical protection to think more creatively about growing cyber threats. The extent to which their advice is heeded will determine how prepared nuclear facilities are for the next attack.

Unless we start to think more creatively, more inclusively, and have cross-functional thinking going into this, were going to stay with a very old-fashioned [security] model which I think is potentially vulnerable, said Roger Howsley, executive director of the World Institute for Nuclear Security (WINS).

The stakes are high for this multibillion-dollar sector: a cyberattack combined with a physical one could, in theory, lead to the release of radiation or the theft of fissile material. However remote the possibility, the nuclear industry doesnt have the luxury of banking on probabilities. And even a minor attack on a plants IT systems could further erode public confidence in nuclear power. It is this cruelly small room for error that motivates some in the industry to imagine what, until fairly recently, was unimaginable.

20:38

[slackware-security] curl (SSA:2018-024-01) Bugtraq

Posted by Slackware Security Team on Jan 25

[slackware-security] curl (SSA:2018-024-01)

New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/curl-7.58.0-i586-1_slack14.2.txz: Upgraded.
This update fixes security issues:
HTTP authentication leak in redirects
HTTP/2 trailer out-of-bounds read
For more information, see:...

20:36

Oculus Creates a New, Open Source Unit of Time to Measure Frame Rates

Of all the things we expected to come out of the rise of Oculus and the still-burgeoning era of consumer virtual reality, a new fundamental unit of time was not one of them. But that's just what Oculus and Facebook have rolled out this week in the form of the flick, a new definition that subdivides a single second into precisely 705,600,000 parts.

20:20

Re: Multiple vulnerabilities in Jenkins plugins Open Source Security

Posted by Daniel Beck on Jan 25

CVE-2018-1000008

CVE-2018-1000009

CVE-2018-1000010

CVE-2018-1000011

CVE-2018-1000012

CVE-2018-1000013

CVE-2018-1000014

CVE-2018-1000015

20:18

Re: Multiple vulnerabilities in Jenkins Open Source Security

Posted by Daniel Beck on Jan 25

CVE-2017-1000503

CVE-2017-1000504

20:13

Yikes! Three armed men tried to rob a Bitcoin Exchange in Canada The Hacker News

As many non-tech savvy people think that Bitcoin looks like a Gold coin as illustrated in many stock images, perhaps these robbers also planned to rob a cryptocurrency exchange thinking that way. All jokes apart, we saw one such attempt on Tuesday morning, when three men armed with handguns entered the offices of a Canadian Bitcoin exchange in Ottawa, and restrained four of its employees.

20:05

Smashing Security #062: Tinder spying, Amazon shoplifting, and petrol pump malware Graham Cluley

Your Tinder swipes can be spied upon, Amazon is opening high street stores that don't require any staff, and Russian fuel pumps are being infected with malware in an elaborate scheme to make large amounts of money.

With Carole on a top secret special assignment, it's left to security veteran Graham Cluley to discuss all this and much much more on the "Smashing Security" podcast with special guests David McClelland and Vanja vajcer.

20:02

Linux and Intel Slowly Hack Their Way to a Spectre Patch

Spectre and Meltdown are major design flaws in modern CPUs. While they're present in almost all recent processors, because Intel chips are so widely used, Intel is taking most of the heat for these bugs. Nowhere has the criticism been hotter than on the Linux Kernel Mailing List (LKML). That's because unlike Apple and Microsoft operating system developers and OEMS like Dell and HP, Linux programmers do their work in the open.

20:02

Panic Engulfs Elites As Feared Trump-Trap Prepares To Spring And CDC Warns Of Nuclear War Terra Forming Terra





As i have posted early in the Trump story it is unwise to assume this man is not smart. What is more, i am smart and have most of the pertinent data. When that occurs, the real test is to successfully second guess him. No such luck. We are really looking at a Machiavellian Genius at work.


Other folks who i do respect have reached that same conclusion as this article makes terribly plain.


Trump's intention is to win. Best though is when he can arrange to show up for the victory parade to gratefully thank all concerned without disclosing a thing. After all you do not want to frighten allies and little children.


We all know that Marijuana legalization is inevitable, but Trump will use it to claw back the authority of the Federal Government from his political enemies.


Panic Engulfs Elites As Feared Trump-Trap Prepares To Spring And CDC Warns Of Nuclear War

By: Sorcha Faal, and as reported to her Western Subscribers

January 6, 2018

http://www.whatdoesitmean.com/index2467.htm

An astonishing new Security Council (SC) report circulating in the Kremlin today claims with grudging admiration that ...

20:00

Asgard: The Open Source Air Data Computer Hackaday

We get a lot of awesome projects sent our way via the tip line. Well, mainly it seems like we get spam, but the emails that arent trying to sell us something are invariably awesome. Even so, its not often we get a tip that contains the magic phrase determine Mach number in its list of features. So to say we were interested in the Asgard Air Data Computer (ADC) is something of an understatement.

Now well admit right up front: we arent 100% sure who the target audience for the Asgard is, but it certainly looks impressive. Team member [Erik] wrote into tip line with information about this very impressive project, which is able to perform a number of measurements on incoming air, such as true speed, viscosity, and temperature. The team says it has applications ranging from HVAC to measuring the performance of bicycles. We dont know whos going so fast on their bike that they need to measure air speed, but of course the hacker community never ceases to amaze us.

Even if you dont have a jet fighter that could benefit from a high performance ADC such as Asgard, you have to be impressed by the incredible work the team has done not only designing and building it, but documenting it. From the impeccab...

19:53

EU Antitrust Regulators Fine Qualcomm $1.2 Billion Over Apple Deal The Hacker News

The antitrust fine has hit Qualcomm badly. The European Commission has levied a fine of 997 Million, approximately $1.2 Billion, against U.S. chipmaker Qualcomm Inc. for violating antitrust laws in a series of deals with Apple by "abusing its market dominance in LTE baseband chipsets." According to the European Union (EU), Qualcomm paid Apple billions of dollars to make the iPhone-maker

19:30

Rocket Lab's Electron Rocket Launched "Humanity Star", a Temporary Source of Light Pollution SoylentNews

Rocket Lab has put a highly reflective object into orbit around Earth:

US spaceflight startup Rocket Lab put three commercial satellites into orbit during its rocket launch this past weekend but it turns out there was another satellite that hitched a ride on the vehicle too. The company's Electron rocket also put into orbit a previously undisclosed satellite made by Rocket Lab's CEO Peter Beck, called the Humanity Star. And the probe will supposedly become the "brightest thing in the night sky," the company announced today.

Shaped a bit like a disco ball, the Humanity Star is a 3-foot-wide carbon fiber sphere, made up of 65 panels that reflect the Sun's light. The satellite is supposed to spin in space, too, so it's constantly bouncing sunlight. In fact, the probe is so bright that people can see it with the naked eye. The Humanity Star's orbit also takes it all over Earth, so the satellite will be visible from every location on the planet at different times. Rocket Lab has set up a website that gives real-time updates about the Humanity Star's location. People can find out when the satellite will be closest to them, and then go outside to look for it.

The goal of the project is to create "a shared experience for all of humanity," according to Rocket Lab. "No matter where you are in the world, or what is happening in your life, everyone will be able to see the Humanity Star in the night sky," Beck said in a statement. "Our hope is that everyone looking at the Humanity Star will look past it to the vast expanse of the Universe and think a little differently about their lives, actions, and what is important for humanity." That includes coming together to solve major problems like climate change and resource shortages, Beck says.

Some astronomers are not happy about the geodesic sphere:

The only good thing about the "Humanity Star" (aka the NZ pollutes the night sky project) is that it burns up in 9 months. 9 months is way too far away IMHO.

Ian Griffin (@iangriffin) January 24, 2018

Also at BBC.

Previously: Rocket Lab's Second "Electron" Rocket Launch Succeeds, Reaches Orbit


...

19:20

Google Chrome to get AR with downloadable 3D objects TechWorm

Google is working on bringing ARs magic to Chrome with downloadable 3D objects

Google recently unveiled its experimental efforts to integrate Augmented Reality (AR) features into the mobile and desktop web using its Chrome browser.

In the next few months, there will be hundreds of millions of Android and iOS devices that are able to provide augmented reality experiences meaning youll be able to look at the world through your phone, and place digital objects wherever you look, Googles Reza Ali and Josh Carpenter wrote in a blog post. To help bring this to as many users as possible, weve been exploring how to bring augmented reality to the web platform, so someday anyone with a browser can access this new technology.

In order to convey that the model is 3D and interactive and not just a static image, the model rotates to some extent in response to the user scrolling. The new prototype allows developers to create 3D models that can be downloaded on mobile devices. Using the devices cameras and built-in sensors, users will then be able to place those 3D models in real-life environments.

When Article is loaded on an AR-capable device and browser, an AR button appears in the bottom right. Tapping on it activates the device camera, and renders a reticle on the ground in front of the user, Ali and Carpenter said. When the user taps the screen, the model sprouts from the reticle, fixed to the ground and rendered at its physical size. The user can walk around the object and get a sense of scale and immediacy that images and video alone cannot convey.

If Article is loaded into a desktop browser with a 3D model, it triggers AR content that would allow the user to view a specific element from all angles. For instance, users will be able to view a 3D model and manipulate it by dragging to rotate and scrolling to zoom in or out. When placed on a web page, the model could be animated in a way similar to a GIF. On the other hand, on mobile devices, users will be able to touch and drag to rotate, or drag with two fingers to zoom in.

With augmented reality, the model comes alive. The unique power of AR is to blend digital content with the real world, said the developer duo, who added: So we can, for example, surf the web, find a model, place it in our room to see just how large it truly is, and physically walk around it.

Basically, Google through Article wants web developers and content managers to start experimenting by bringing AR elements to web browsers. Developers who are interested in trying it out now for themselves, can do so by visiting...

19:09

Movie Industry Hides Anti-Piracy Messages in Pirate Subtitles TorrentFreak

Anti-piracy campaigns come in all shapes and sizes, from oppressive and scary to the optimistically educational. It is rare for any to be labeled brilliant but a campaign just revealed in Belgium hits really close to the mark.

According to an announcement by the Belgian Entertainment Association (BEA), Belgian Federation of Cinemas, together with film producers and distributors, cinemas and directors, a brand new campaign has been targeting those who download content from illegal sources. It is particularly innovative and manages to hit pirates in a way they cant easily avoid.

Working on the premise that many locals download English language movies and then augment them with local language subtitles, a fiendish plot was hatched. Instead of a generic preaching video on YouTube or elsewhere, the movie companies decided to infect pirate subtitles with messages of their own.

Suddenly the story gets a surprising turn. With a playful wink it suddenly seems as if Samuel L. Jackson in The Hitmans Bodyguard directly appeals to the illegal viewer and says that you should not download, the group explains.

Samuel is watching..
>

I do not need any research to see that these are bad subtitles, Jackson informs the viewer.

In another scene with Ryan Reynolds, Jackson notes that illegal downloading can have a negative effect on a person.

Dont download..
Dont download..

And you wanted to become a policeman, until you started downloading, he says.

The movie groups say that they also planted edited subtitles in The Bridge, with police officers in the show noting theyre on the trail of illegal downloaders. The movies Logan Lucky and The Foreigner got similar treatment.

Its not clear on which sites these modified subtitles were distributed but according to the companies involved, theyve been downloaded 10,000 times already.

The viewer not only feels caught but immediately realizes that you do not necessarily get a real quality product through ill...

19:00

Ancient Alchemical Esoteric Art That Leaves Humanity Clues About The Nature of Consciousness Terra Forming Terra




All helpful, except i now have a way more rigorous understanding of the nature of consciousness based on the physical reality of what is called Dark Matter.

Without knowing anything about Dark Matter, the past was blind and tried to understand glimpses.  This has continued to the present day when millions of observers can also compare notes.

Once you understand what you are seeing the rest is much easier as it is all simple enough..

.
Ancient Alchemical Esoteric Art That Leaves Humanity Clues About The Nature of Consciousness

Ive long been fascinated by Egypt as a possible connection to ancient wisdom and have written about how I see its art as a portal to a connection to consciousness.

by Tom Bunzel, guest author

 http://humansarefree.com/2017/12/ancient-alchemical-esoteric-art-that.html?

Researchers like Graham Hancock have influenced by sense of these connections and point to the possibility of a source super civilization that may have had some of its knowledge recorded metaphorically or artistically in places li...

19:00

one year on: Is Finlands free money experiment Terra Forming Terra






This experiment is certainly tentative and may well fail to produce valid results.

My own approach is to supply a four hour shift sufficient to support a bed and basics. That delivers an army of available labor for things like tree grooming.  I bring that up because there is no end of supply and the benefit is very real in a couple of decades or longer.  However, there is plenty of additional community tasks that can also be manned such as simple timely food recycling.

The key though is that four hours opens he option of actually getting a full time job and slowly breaking away. It certainly eliminates homelessness and all that.
.


one year on: Is Finlands free money experiment working?

https://www.cnbc.com/2018/01/01/one-year-on-finland-universal-basic-income-experiment.html
Is universal basic income working? We went to Finland to find out 5:04 AM ET Mon, 1 Jan 2018 | 

Elizabeth Schulze | @eschulze9

 Published 5:04 AM ET Mon, 1 Jan 2018

A routine trip to check the mail took an unexpected turn for Mika Ruusunen in November 2016.

"I opened it and I didn't understand it at all, so I gave it to my wife and asked her what the heck is this," Ruusunen said.

It was the Finnish government informing Ruusunen that he would start receiving free money each month as part of a first-of-its-kind experiment.

Ruusunen was among 2,000 unemployed Finns randomly selected from across the country for a trial testing universal basic income. Each month for two years he would receive 560 euros (roughly $670) from the government, tax-free. He was free to spend the money however he liked.

"I'm not accustomed to that kind of bureaucratic freedom," Ruusunen said.

...

19:00

Who Attacked a Russian Military Base with a 'Swarm' Strike? Terra Forming Terra




It probably does not matter who did it as much as demonstrating a real vulnerability.  The future of air warfare will all be about drones and realistically, our aerospace research of manned fighters could even be a sham to cover up a crash program on drone warfare.  I understood this a long time ago, but we are now seeing it applied.

No need any longer to talk of theoretical possibilities.  All the pilots of tomorrow will spend their time in an office 9 to 5 and go home to sleep in their own beds.  With AI support it will become possible for one trained pilot to ride herd on a dozen airliners.  It will even make huge airships practical as well as the onboard crew can be eliminated or reduced to one technician.


The day of the hot fighter jock is going.


.

Who Attacked a Russian Military Base with a 'Swarm' Strike?

Dave Majumdar,

The National InterestJanuary 12, 2018

Dave Majumdar

Security, Middle East

https://www.yahoo.com/news/attacked-russian-military-apos-swarm-004500233.html

The next revolution in military affairs?

Who Attacked a Russian Military Base with a 'Swarm' Strike?

Russia is pointing fingers in all directions as it attempts to decipher who, exactly, attacked the Khmeimim air base and Tartus naval base in Syria by deploying a massed flight of what appear to have been home-made GPS-guided drones. The coordinated attack marks the first time that drones have been used en masseand may well mark a dangerous new moment in the history of technology and warfare.
...

18:52

A European Unitary Patent-Like System (e.g. UPC) is Not Compatible With Law; Expect it to Rot Away at the German Federal Constitutional Court Techrights

If the Rule of Law means anything, the UPC will never resurface again (in any form whatsoever)

5 marble columns

Summary: The community a.k.a. EU a.k.a. unitary patent system is collapsing and theres no sign that the matter will be settled any time soon

THE EPO wont see the UPC coming to fruition. Battistelli certainly wont. What we believe most likely to happen is, theyll rename it (yet again), change the vision somewhat, then reattempt. Time will tell

Its quite interesting to see just to what degree Techrights impacts UPC coverage. A few hours after we complained that Bristows had been deliberately ignoring this departure of Jo Johnson (weeks ago!) it finally decided to write a blog post about it and say: The UK IPO has confirmed that Sam Gyimah is now the Minister responsible for IP.

What we believe most likely to happen is, theyll rename it (yet again), change the vision somewhat, then reattempt.This has been confirmed for quite a while now. Bristows just chose to overlook all that because its very detrimental to and negative if not fatal for UPC progress/prospects. As one can expect, the blog post is amazing spin. Bristows can apparently read minds (never mind if it always got it wrong on UPC, for several consecutive years); it pretends to know everything about Gyimahs intentions; as if Gyimah will just do something Johnson spoke about back in 2016 (when everything was very different). Dont fall for it

So what is the real news? Well, lets research and see what Team UPC and domain experts are saying. Its about Germany the focal point at the moment.

I have read the entire complaint which circulates in the Internet, one person said. They brag about being able to read the constitutional complaint.

Bristows just chose to overlook all that because its very detrimental to and negative if not fatal for UPC progress/prospects.There is also a non-update update from JUVEs editor. This may be of any interest as well,...

18:31

New HNS botnet has already compromised more than 20,000 IoT devices Security Affairs

A new botnet called Hide N Seek (HNS botnet) appeared in the threat landscape, the malware is rapidly spreading infecting unsecured IoT devices, mainly IP cameras.

The HNS botnet was first spotted on January 10th by malware researchers from Bitdefender, then it disappeared for a few days, and it has risen over the weekend.

The number of infected systems grew up from 12 at the time of the discovery up to over 20,000 bots, at the time of writing.

HNS botnet

Bitdefender researchers have uncovered an emerging botnet that uses advanced communication techniques to exploit victims and build its infrastructure. The bot, dubbed HNS, was intercepted by our IoT honeypot system following a credentials dictionary attack on the Telnet service. states the analysis from Bitdefender.

The samples identified in our honeypots on Jan. 10 revolved around IP cameras manufactured by a Korean company. These devices seemed to play a major role in the botnet as, out of the 12 IP addresses hardcoded in the sample, 10 used to belong to Focus H&S devices. The new version, observed on Jan. 20, dropped the hardcoded IPs.

Recently security experts spotted other IoT botnets, most of them linked to the Mirai botnet, such as Satori, Okiru, and Masuta, but the HNS botnet has a different genesis and doesnt share the source code.

Researchers at Bitdefender found similarities between the HNS and the Hajime botnets, unlike Mirai, Hajime doesnt use C&C servers, instead, it implements a peer-to-peer network.

Hajime is more sophisticated than Mirai, it implements more mechanisms to hide its activity and running processes and its modular structure allows operators to add new capabilities o...

18:22

Ira Munn joins our Sustainability Board. Ira is developing 3D-printed electric vehicle kits using recycled PET plastic, Lifeboat News

Ira Munn joins our Sustainability Board. Ira is developing 3D-printed electric vehicle kits using recycled PET plastic,

18:22

5 Tips to DIY headlight restoration for your vintage car TechWorm

So you are having problems with the headlights of your vintage car as they may be very fogged, hazy or discolored. Well, before you decide on taking your vintage car to the shop and having the headlights replaced, check to see if you can do it yourself first.

Headlights, obviously are very important to any car as they are the eyes that illuminate the road during the night and assist the driver to stay in the right lane. Without a fully-functional headlight, one would definitely find it impossible to drive, especially during the night. That being said, the maintenance of headlights should definitely be a top priority for drivers.

Now going back to your problem, buying a new set isnt the only solution to a fogged, discolored and hazy headlight. With just a little bit of physical labor and patience, you can definitely restore your headlight to a new-looking and fully-functional one all by yourself. As for the equipment and other necessary items, you can easily find best headlight restoration kit at auto shops and big stores.

Here are 5 tips that will guide you through the process.

  1. Wash your Car

Before you start restoring your headlights, it would be a better idea to wash the whole car first as it will remove the dust and other dirt that has accumulated on the exterior of your car. You dont need to do it extensively though; a simple quick wash with soap and water will be enough to remove the dirt and dust.

  1. Pre-Restoration

Before you start dealing with the headlights, it would be ideal to move your car in to a shaded and cool area. Proper lighting is needed though in order for you to spot the tiny scratches and other minor details. Make sure that the car is dry before you start the restoration. Also, it is also recommended by experts to keep the headlights at room temperature.

 

The next step is to tape the area surrounding the headlights. Use a painters tape as it can be easily peeled off and they are also specially made to protect the paint. It is important that you avoid touching the outside part of the headlight while restoring it to avoid causing potential damage, especially on the paint.

  1. Restoration

To restore the headlight of your vintage car, make sure that the headlight is completely dry and drained of moisture.

To start, yo...

18:01

Justice Still Elusive at the EPO and ILOAT, But a Glimmer of Hope Remains Techrights

Published hours ago:

125th Session ILOAT

Summary: The EPO can offer justice neither to staff nor users; whether the International Labour Organization (ILO) and its Administrative Tribunal (ILOAT) can make up for this remains to be seen

PRESIDENT Battistelli will leave the EPO in 5 months, but the damage he has done is truly incredible. His actions not only damaged patents but also staff; its no wonder the EPO now suffers brain drain and is unable to recruit the type of people it used to. The EPO may never recover from this. Some insiders even wonder aloud if theres a future for the EPO at all.

You must improve the image of the EPO, I told the EPO in response to this tweet yesterday. Otherwise you turn off potential users

Over the past few months we have been attempting to show to ILO material about the EPO refusing to obey ILOAT rulings. Guy Ryder too was copied in.It is hardly surprising that, based on a JUVE survey, Battistelli has a 0% approval rate not only among EPO staff but also among EPO users (thats what they call stakeholders such as applicants). A lot of money is being invested in this (for small businesses it can be the lions share of their budget).

Over the past few months we have been attempting to show to ILO material about the EPO refusing to obey ILOAT rulings. Guy Ryder too was copied in.

Does ILO realise that its reputation too is on the line? For failing to properly remediate?

Our understanding is that some of these rulings were about EPO staff representatives.Yesterday was the 125th session of ILOAT and the decisions were not uploaded/published until late in the day. There is no video of this latest session, either (at least not yet, it would be listed here if/once its ready).

Our understanding is that some of these rulings were about EPO staff representatives. The appellants typically request anonymity and are thus reduced to initials. We kindly ask if anyone with contacts at the EPO can help explain to us what happened at ILO yesterday afternoon. We need to properly know the cases in order to comment on them (few decisions we took a glimpse at were dismissals of appeal) because sometimes a negative decision or deferral is actually a positive thing, as we saw 2 years...

17:55

Ursula K. Le Guin Dead at Age 88 SoylentNews

The New York Times reports that Renowned fantasy writer Ursula K. Le Guin has died at age 88. From the article:

Ursula K. Le Guin, the immensely popular author who brought literary depth and a tough-minded feminist sensibility to science fiction and fantasy with books like "The Left Hand of Darkness" and the Earthsea series, died on Monday at her home in Portland, Ore. She was 88.

Her son, Theo Downes-Le Guin, confirmed the death. He did not specify a cause but said she had been in poor health for several months.

I'm not a fantasy fan (except for Prachett and Tolkien), but she will be missed none the less. I'm sure quite a few Soylents are fans of hers. Any author's loss is a loss to us all.


Original Submission

Read more of this story at SoylentNews.

17:45

The Pirate Bay Is Down, But Tor Domain Is Working TechWorm

Worlds most popular torrent site, The Pirate Bay suffers downtime again

The worlds most popular torrent website, The Pirate Bay (TPB) has been hard to reach for users, as its main .org domain has been offline for almost a day now, reported TorrentFreak. It appears that TPB outage is likely caused due to technical issues and therefore, in all probability it may be restored soon. However, on the other hand, TPBs proxy sites and its Tor domain are working perfectly fine.

Users trying to access the torrent portal are currently greeted with a Cloudflare 522 error message, with the CDN provider referring to a bad gateway. While TPB has been facing similar server issues since the past few months, it usually returns to normalcy after several hours.

The Pirate Bay Is Down, But Tor Domain Is Working

TPB fans took to Twitter to report issues with the torrent site after it was affected by server issues.

One user tweeted: The Pirate Bay is down.

While another posted: The Pirate Bay is down so is my mood.

And one added: The Pirate Bay is down. Im stressed.

For those torrent fans looking to desperately access the notorious torrent site, can do so via its .onion address on the Tor network, which for instance, can be accessed using the popular Tor Browser. The sites Tor traffic is routed through a separate server and is working just fine.

Currently, TPB is not the only popular torrent site that is experiencing problems due to server issues. The popular ExtraTorrent copy ExtraTorrent.ag has also been suffering downtime for more than a week, with no official word from its operators and when it would be online.

The post The Pirate Bay Is Down, But Tor Domain Is Working appeared first on TechWorm.

17:00

Raspberry Pi Zero Drives Tiny RC Truck Hackaday

Were not sure which is more fun putting together a little RC truck with parts laying around on your workbench, or driving it around through a Linux terminal. Well take the easy road and say theyre both equally fun. [technodict] had some spare time on his hands and decided to build such a truck.

He started off with a great little chassis that can act as the base for many projects. Powering the four motors is a cheap little dual H bridge motor driver and a couple rechargeable batteries. But the neatest part of this build is that its controlled using a little bit of python and driven directly from a terminal, made possible by the Raspberry Pi Zero of course.

With Raspberry Pi Zero now having built in WiFi and Bluetooth we should see a lot more projects popping up with one at its heart. Be sure to visit [technodicts] blog for full source and details. And let us know how you could use that little chassis for your next mobile project!

16:22

SpaceX Conducts Successful Static Fire Test of Falcon Heavy SoylentNews

https://www.theverge.com/2018/1/24/16841580/spacex-falcon-heavy-rocket-static-fire-first-launch

Today, SpaceX simultaneously fired up all 27 engines on its new massive Falcon Heavy rocket a crucial final test for the vehicle before its first flight in the coming weeks. An hour after the test, SpaceX CEO Elon Musk confirmed that the test was good, and that the Falcon Heavy will launch in "a week or so." When SpaceX gives an official target day and time, it'll be the first time a definitive launch date has been given for the rocket's inaugural voyage, a flight that was initially promised to happen as early as 2013.

SpaceX has posted a 31-second video of the Falcon Heavy test firing to the SpaceX YouTube channel.


Original Submission

Read more of this story at SoylentNews.

15:16

Grid Up. Grid Down. cryptogon.com

The grid has been having intermittent issues since last nights thunderstorm, and the power was off for most of the afternoon today. Back to posting early AM NZ time tomorrow, assuming the power stays on.

15:11

[SECURITY] [DSA 4096-1] firefox-esr security update Bugtraq

Posted by Moritz Muehlenhoff on Jan 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-4096-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
January 25, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : firefox-esr
CVE ID : CVE-2018-5089 CVE-2018-5091...

15:10

[SECURITY] [DSA 4095-1] gcab security update Bugtraq

Posted by Salvatore Bonaccorso on Jan 24

-------------------------------------------------------------------------
Debian Security Advisory DSA-4095-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
January 24, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : gcab
CVE ID : CVE-2018-5345
Debian Bug : 887776...

15:01

WebKitGTK+ Security Advisory WSA-2018-0002 Bugtraq

Posted by Carlos Alberto Lopez Perez on Jan 24

------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2018-0002
------------------------------------------------------------------------

Date reported : January 24, 2018
Advisory ID : WSA-2018-0002
Advisory URL : https://webkitgtk.org/security/WSA-2018-0002.html
CVE identifiers : CVE-2018-4088, CVE-2018-4089, CVE-2018-4096,...

14:49

Firing Up 750 Raspberry Pis SoylentNews

Submitted via IRC for TheMightyBuzzard

Creating Raspberry Pi clusters is a popular hacker activity. Bitscope has been commercializing these clusters for a bit now and last year they created a cluster of 750 Pis for Los Alamos National Labs. You might wonder what an institution know for supercomputers wants with a cluster of Raspberry Pis. Turns out it is tough to justify taking a real high-speed cluster down just to test software. Now developers can run small test programs with a large number of CPU cores without requiring time on the big iron.

[...] The system is modular with each module holding 144 active nodes, 6 spares, and a single cluster manager. This all fits in a 6U rack enclosure. Bitscope points out that you could field 1,000 nodes in 42U and the power draw including network fabric and cooling would be about 6 kilowatts. That sounds like a lot, but for a 1,000 node device, that's pretty economical. The cost isn't bad, either, running about $150,000 for 1,000 nodes. Sure, that's a lot too but not compared to the alternatives.

Huh. That's actually not a bad idea for sounding so silly at face value.

Source: https://hackaday.com/2018/01/24/firing-up-750-raspberry-pis/


Original Submission

Read more of this story at SoylentNews.

14:00

An Indoor Garden? Thats Arduino-licious Hackaday

Gardening is a rewarding endeavour, and easily automated for the maker with a green thumb. With simplicity at its focus,  Hackaday.io user [MEGA DAS] has whipped up a automated planter to provide the things plants crave: water, air, and light.

[MEGA DAS] is using a TE215 moisture sensor to keep an eye on how thirsty the plant may be, a DHT11 temperature and humidity sensor to check the airflow around the plant, and a BH1750FVI light sensor for its obvious purpose. To deliver on these needs, a 12V DC water pump and a small reservoir will keep things right as rain, a pair of 12V DC fans mimic a gentle breeze, and a row of white LEDs supplement natural light when required.

The custom board is an Arduino Nano platform, with an ESP01 to enable WiFi capacity and a Bluetooth module to monitor the plants status while at home or away. Voltage regulators, MOSFETs, resistors, capacitors, fuses cant be too careful screw header connectors, and a few other assorted parts round out the circuit. The planter is made of laser cut pieces with plenty of space to mount the various components and hide away the rest. You can check out [MEGA DAS] tutorial video after the break!

[MEGA DAS] has made his Arduino code and phone app available to download for anyone else wanting to build their own. Once assembled, he can ensure his plant is well taken care of wherever he is with a few taps on his phone. Not too shabby for a seven day build.

For those preferring gardening outdoors, heres a hack to jump-start the germinating process of your seeds. Even if you call the concrete jungle your home, that doesnt mean you cant have your own robot farm and automated compost bin on hand too!

14:00

The Radical Humanism of the Soviet Planetarium - Issue 56: Perspective Nautilus


In the skies over Moscow, in the decades before the collapse of the socialist state, stood three symbols of the space program: the rocket, the cosmonaut, and the red star. The rocket is still atop the 1964 Monument to the Conquerors of Space, a 110-meter-high titanium sculpture beside Prospekt Mira with the Alley of Cosmonauts leading to its base. The cosmonaut Yuri Gagarin stands on a 30-meter-high column on Leninsky Prospekt, his arms pulled back in the style of a classic Marvel superhero, as though about to leap upward toward the stratosphere. These two monuments look at once back to the period of Soviet space exploration and forward to the time of planetary probes and space stations. The red star, symbol both of astronomy and of communism, preceded the epic period of space flights and once crowned the dome of the Moscow planetarium located on Sadovaya-Kudrinskaya street.

Moscow PlanetariumZeiss Archiv

This planetarium stands at the intersection of influences created by politics, engineering, style, theater, astronomy, space exploration, and religion, each of which affects the others. It was one of the last buildings to be put up in the style known as Constructivism, and thus looks both back to the original fervor
Read More

The Antelope Killing Fields - Issue 56: Perspective Nautilus


Dead animals were scattered across the steppe in front of us. Up to the horizon. Thousands of them. That was the moment we understood that we were observing a mass mortality of catastrophic dimensions.

We were in Kazakhstan that day in May of 2015 to study the saiga antelope, a remarkable herd animal that grazes in semideserts, steppe, and grasslands, and has evolved to run long distances at high speeds. Our team was a part of the Altyn Dala Conservation Initiative, which conducts annual observations of the endangered animals calving season. We had noticed a few animal carcasses, but the situation didnt seem exceptional. The areas saiga, after all, were known to have experienced mass die-offs in the past.

But every day, more and more animals died. And then, suddenly, in just two days, about 80 percent of the gathered herd fell dead, leaving everybody both puzzled and worried. Within another two days, the entire herd had perished.

View Video

We soon learned that other saiga herds elsewhere in the region were suffering the same fate. Some 200,000 animals would die in about one months time, representing about 88 percent of the Betpak-Dala saiga population
Read More

How Nostalgia Made America Great Again - Issue 56: Perspective Nautilus


Make America great again. Clearly the message resonated. In 2016, prior to the presidential election, the Public Religion Research Institute, a nonpartisan group, published its annual American Values Survey. It revealed 51 percent of the population felt the American way of life had changed for the worse since the 1950s. Further, 7 in 10 likely Donald Trump voters said American society has gotten worse since that romanticized decade.

Of course America today has its problems, but many indices of standards of living show the general population is better off now than it was 60 years ago. We live on average 10 years longer, the education rate is higher, as is homeownership. When it comes to crime, The Atlantic reported last year, By virtually any metric, Americans now live in one of the least violent times in the nations history.

So why do so many people see the past as better than today? For many of them, it may well have been. Middle- and working-class Americans seduced by appeals to earlier eras may have had higher-paying jobs with better benefits, greater financial security, and a more defined place in the community. Perhaps they were happier. For some, cultural changes
Read More

13:35

Eighth site in online tools network: onlineBINARYtools.com good coders code, great reuse

At Browserling we're building a network of online tools websites. Each site in the network focuses on one and only one tool category. Each tool does one and only one thing. The first seven websites in the network are Online CSV Tools, which is all about working with Comma Separated Values files, Online TSV Tools, which is all about working with Tab Separated Values files, Online JSON Tools, which is all about working with JSON data, Online XML Tools, which is all about working with XML documents, Online YAML Tools, which is all about working with YAML configs, Online STRING Tools, which is all about working with strings, Online RANDOM Tools, which is all about doing random things.

Today we're releasing the eighth site.

The eighth site in our network is Online Binary Tools. Online Binary Tools is a collection of simple, free and easy to use utilities for working with binary numbers, zeroes and ones. There are no ads, popups or other garbage. Just binary utilities that work in your browser. Load a binary number and instantly get result.

Here's a list of all binary tools:

13:32

NEW 'Off The Hook' ONLINE 2600 - 2600: The Hacker Quarterly

NEW 'Off The Hook' ONLINE

Posted 25 Jan, 2018 2:32:51 UTC

The new edition of Off The Hook from 24/01/2018 has been archived and is now available online.

13:22

Scientists Just Cloned Monkeys. Humans Could Be Next Lifeboat News: The Blog

Since the birth of Dolly the sheep in 1996, scientists across the globe have used the same technique to clone nearly two dozen other animal species, including cats, dogs, rats, and cattle. Primates, however, had proven resistant to the process until now.

In a new study published in Cell, a team of Chinese researchers led by Qiang Sun at the Chinese Academy of Sciences Institute of Neuroscience in Shanghai reveal that theyve found a way to tweak the Dolly cloning technique to make it work in primates. Their efforts have resulted in the birth of two cloned female macaques: Zhong Zhong and Hua Hua.

13:16

Driver Jams 65mph Tesla Model S Under Fire Truck; Walks Away From Crash SoylentNews

El Reg reports

[January 23] a Tesla Model S slammed into a stationary firetruck at around 65mph on Interstate 405 in Culver City, California. The car was driven under the fire engine, although the driver was able to walk away from the crash uninjured and refused an offer of medical treatment.

The motorist claimed the Model S was driving with Autopilot enabled when it crammed itself under the truck. Autopilot is Tesla's super-cruise-control system. It's not a fully autonomous driving system.

[...] The fire truck was parked in the carshare lane of the road with its lights flashing. None of the fire crew were hurt, although Powell noted that if his team had been in their usual position at the back of the truck then there "probably would not have been a very good outcome."

Tesla will no doubt be going over the car's computer logs to determine exactly what happened, something the California Highway Patrol will also be interested in. If this was a case of the driver sticking on Autopilot, and forgetting their responsibility to watch the road ahead it wouldn't be the first time.

In 2016, a driver was killed after both he and the Tesla systems missed a lorry pulling across the highway. A subsequent investigation by the US National Transportation Safety Board found the driver was speeding and had been warned by the car six times to keep his hands on the wheel.

Tesla has since beefed up the alerts the car will give a driver if it feels they aren't paying full attention to the road. The safety board did note in its report that the introduction of Tesla's Autosteer software had cut collisions by 40 per cent.

Previous: Tesla's Semiautonomous System Contributed to Fatal Crash


Original Submission

Read more of this story at SoylentNews.

13:09

Radeon R600 Gallium3D Driver Nearly At OpenGL 4.5, Remaining Bits Being Finished Phoronix

It didn't happen in time for the upcoming Mesa 18.0, but the R600 Gallium3D driver for supporting pre-GCN AMD Radeon graphics processors is now nearly at OpenGL 4.5 compliance! A needed OpenGL 4.4 extension is now scratched off the list completing the necessary extensions to effectively have GL 4.5, assuming it can pass the conformance test suite...

12:39

[$] LWN.net Weekly Edition for January 25, 2018 LWN.net

The LWN.net Weekly Edition for January 25, 2018 is available.

12:30

[$] Changes in Prometheus 2.0 LWN.net

2017 was a big year for the Prometheus project, as it published its 2.0 release in November. The new release ships numerous bug fixes, new features, and, notably, a new storage engine that brings major performance improvements. This comes at the cost of incompatible changes to the storage and configuration-file formats. An overview of Prometheus and its new release was presented to the Kubernetes community in a talk held during KubeCon + CloudNativeCon. This article covers what changed in this new release and what is brewing next in the Prometheus community; it is a companion to this article, which provided a general introduction to monitoring with Prometheus.

11:46

Self-driving delivery robot carries packages Lifeboat News: The Blog

Now you can have items delivered to you wherever you are.

11:45

11:44

11:43

Smart Windows Use Iron Nanoparticles to Harvest Heat Lifeboat News: The Blog

Many of the previously dumb devices in our homes are getting smarter with the advent of internet-connected lights, thermostats, and more. Surely the windows cant be smart, can they? A team of engineers from the German Friedrich-Schiller University Jena have created just that a smart window that can alter its opacity and harvest energy from the suns rays.

There have been a number of smart electrochromatic window designs over the years, but these are mostly aimed at changing tint or opacity only. The windows designed by Friedrich-Schiller University researchers are vastly more functional. The so-called Large-Area Fluidic Windows (LaWin) design uses a fluid suspension of iron particles. This fluid is contained within the window in a series of long vertical channels. These functional fluids allow the window to change opacity, but also absorb and distribute heat.

The iron-infused fluid remains diffused until you switch the window on the nanoparticles cloud up the channels and block light. When you flip the switch, magnets drag the nanoparticles out of the liquid to make the window fully transparent. When the magnet is switched off, the nanoparticles are resuspended to darken the panel. In general, the more nanoparticles you add, the darker the window becomes. You can even completely black it out with enough iron.

11:43

Stripe is Dropping Bitcoin Support SoylentNews

The payment service, Stripe, has ended its support for Bitcoin due to rising transaction fees and long confirmation times. Particularly the latter contribute to failed transfers. So Bitcoin is over as an experiment, and more are realizing that. However, the expectation is that some other cryptocurrency will become widely used, eventually.

Therefore, starting today, we are winding down support for Bitcoin payments. Over the next three months we will work with affected Stripe users to ensure a smooth transition before we stop processing Bitcoin transactions on April 23, 2018.

Despite this, we remain very optimistic about cryptocurrencies overall. There are a lot of efforts that we view as promising and that we can certainly imagine enabling support for in the future.

[ TMB Note: Yes, this will absolutely break our ability to accept BitCoin. Again. Which is fine this time as BitCoin transaction fees are now as high as the minimum price for a year's subscription. If you have a preferred alternative that we can accept without actually touching cryptocurrency, drop the info in a comment. ]


Original Submission

Read more of this story at SoylentNews.

11:10

Epiphany Tech Preview Delivers Flatpak'ed WebKitGTK+ Browser Daily Phoronix

Thanks to several efforts coming together, there's now an Epiphany Technology Preview project delivering you a bleeding-edge GNOME web-browser in a sane and easily deployable manner...

11:02

Overnight Tech: Watchdog to investigate fake net neutrality comments | AT&T calls for 'internet bill of rights' | Lawmakers want answers on computer chip cyber flaws The Hill: Technology Policy

AT&T CALLS FOR 'INTERNET BILL OF RIGHTS': AT&T is calling on Congress to pass a net neutrality law that would cover not only internet service providers but also platforms like Facebook and Google.The telecom giant took out full-page ads...

11:00

Giving Stranger Things For Christmas Hackaday

[rudolph] was at a loss on what to get his niece for Christmas. It turns out shes a huge fan of Stranger Things, so the answer was obvious: make her an alphabet wall she can control!

Downsizing the scale to fit inside a document frame, [rudolph] calls their gift rudLights, and a key parameter of this build was to make it able to display any phrases sent from their nieces Amazon Fire tablet instead of constantly displaying hard-coded phrases. To do so, it has a HC-05 Bluetooth module to forward the commands to the NeoPixel LEDs running on a 5V DC power supply.

[rudolph] enlisted the help of their son to draw up the alphabet display printed straight onto thematically decorative wallpaper and cut out holes in the light bulbs for the LEDs.  Next up was cut some fibre board as a firm backing to mount the electronics inside the frame and drill holes for the NeoPixels. It was a small odyssey to cut and solder all the wires to the LEDs, but once done, [rudolph] divided their rudLight alphabet into three rows and added capacitors to receive power directly.

[rudolph] has provided the code they used for this project just be sure to change the output pin or any other modifications as relevant to your build. Theyve even created an app to make controlling the rudLights easier. If Bluetooth isnt your thing then [rudolph] is working on building an Arduino Pro Mini version, but no word on when that will be done.

We love a good prop or inspired replica here at Hackaday, so this framed Alphabet Wall is in good company.

11:00

HPR2474: Open Source Gaming #3 The Atari Jaguar Hacker Public Radio

http://www.atariage.com/Jaguar/archives/HasbroRights.html Hasbro Releases Jaguar Publishing Rights FOR IMMEDIATE RELEASE: CONTACTS: Dana Henry Hasbro Interactive 978-921-3759 dhenry@hasbro.com Beverly, MA (May 14, 1999) - Leading entertainment software publisher, Hasbro Interactive announced today it has released all rights that it may have to the vintage Atari hardware platform, the Jaguar. Hasbro Interactive acquired rights to many Atari properties, including the legendary Centipede, Missile Command, and Pong games, in a March 1998 acquisition from JTS Corporation. This announcement will allow software developers to create and publish software for the Jaguar system without having to obtain a licensing agreement with Hasbro Interactive for such platform development. Hasbro Interactive cautioned, however, that the developers should not use the Atari trademark or logo in connection with their games or present the games as authorized or approved by Hasbro Interactive. "Hasbro Interactive is strictly focused on developing and publishing entertainment software for the PC and the next generation game consoles," said Richard Cleveland, Head of Marketing for Hasbro Interactive's Atari Business Unit. "We realize there is a passionate audience of diehard Atari fans who want to keep the Jaguar system alive, and we don't want to prevent them from doing that. We will not interfere with the efforts of software developers to create software for the Jaguar system." Hasbro Interactive, Inc. is a leading all-family interactive games publisher, formed in 1995 to bring to life on the computer the deep library of toy and board games of parent company, Hasbro, Inc. (ASE:HAS). Hasbro Interactive has expanded its charter to include original and licensed games for the PC, the Playstation(R) and Nintendo(R) 64 game consoles and for multi-player gaming over the internet. Headquartered in Beverly, Massachusetts, Hasbro Interactive has offices in the U.K., France, Germany, Japan and Canada. For more information, visit the Hasbro Interactive Web site at http://www.hasbro-interactive.com.

10:20

Can Staying Awake Beat Depression? SoylentNews

Submitted via IRC for Bytram

For two decades, Francesco Benedetti, who heads the psychiatry and clinical psychobiology unit at San Raffaele Hospital in Milan, has been investigating so-called wake therapy, in combination with bright light exposure and lithium, as a means of treating depression where drugs have often failed. As a result, psychiatrists in the USA, the UK and other European countries are starting to take notice, launching variations of it in their own clinics. These 'chronotherapies' seem to work by kick-starting a sluggish biological clock; in doing so, they're also shedding new light on the underlying pathology of depression, and on the function of sleep more generally.

"Sleep deprivation really has opposite effects in healthy people and those with depression," says Benedetti. If you're healthy and you don't sleep, you'll feel in a bad mood. But if you're depressed, it can prompt an immediate improvement in mood, and in cognitive abilities. But, Benedetti adds, there's a catch: once you go to sleep and catch up on those missed hours of sleep, you'll have a 95% chance of relapse.

So pulling more all-nighters makes me feel better?

Source: http://www.bbc.com/future/story/20180123-can-staying-awake-beat-depression


Original Submission

Read more of this story at SoylentNews.

10:13

UK to form unit to fight 'fake news,' misinformation campaigns The Hill: Technology Policy

The United Kingdom is establishing a new unit to curb the presence of hoax news stories online and stop social media influence campaigns from foreign adversaries, British Prime Minister Theresa Mays spokesperson said.We are living in an era...

10:03

The Best Countries Random Thoughts

A while back, I watched a film and drank a cocktail from each country on Earth, but it occurred to me just now that I had never done any visualisation of where on Earth the good movies and drinks are.

Since I had the data semi-readible available, I whipped up some charts.

Heres the film map (brighter red is better):

Heres the cocktail map (brighter blue is better):

...

09:56

Chronicle: A Meteor Aimed At Planet Threat Intel? Krebs on Security

Alphabet Inc., the parent company of Google, said today it is in the process of rolling out a new service designed to help companies more quickly make sense of and act on the mountains of threat data produced each day by cybersecurity tools.

Countless organizations rely on a hodgepodge of security software, hardware and services to find and detect cybersecurity intrusions before an incursion by malicious software or hackers has the chance to metastasize into a full-blown data breach.

The problem is that the sheer volume of data produced by these tools is staggering and increasing each day, meaning already-stretched IT staff often miss key signs of an intrusion until its too late.

Enter Chronicle, a nascent platform that graduated from the tech giants X division, which is a separate entity tasked with tackling hard-to-solve problems with an eye toward leveraging the companys core strengths: Massive data analytics and storage capabilities, machine learning and custom search capabilities.

We want to 10x the speed and impact of security teams work by making it much easier, faster and more cost-effective for them to capture and analyze security signals that have previously been too difficult and expensive to find, wrote Stephen Gillett, CEO of the new venture.

Few details have been released yet about how exactly Chronicle will work, although the company did say it would draw in part on data from VirusTotal, a free service acquired by Google in 2012 that allows users to scan suspicious files against dozens of commercial antivirus tools simultaneously.

Gillett said his division is already trialing the service with several Fortune 500 firms to test the preview release of Chronicle, but the company declined to name any of those participating.

ANALYSIS

Its not terribly clear from Gilletts post or another blog post from Alphabets X division by Astro Teller how exactly Chronicle will differentiate itself in such a crowded market for cybersecurity offerings. But its worth considering the impact that VirusTotal has had over the years.

Currently, VirusTotal handles approximately one million submissions each day. The results of each submission get shared back with the entire community of antivirus vendors who lend their tools to the service which allows each v...

09:22

Physicists are planning to build lasers so powerful they could rip apart empty space Lifeboat News: The Blog

Chinas Station of Extreme Light could be first laser to reach 100 petawatts.

09:22

Floating 3D printing brings sci-fi-style projections closer Lifeboat News: The Blog

Optical trap display projects graphics into the air, where they are visible from all angles.

09:11

Links 24/1/2018: New Tails and Firefox Releases Techrights

GNOME bluefish

Contents

GNU/Linux

  • Top Linux And Open Source Stories Of Year 2017

    The year 2017 has been an eventful year for open source community with highs and lows throughout the year. Open source and Linux continue to dominate with their presence from the mobile phones to supercomputers. Lets quickly go through some of the major events in the year 2017.

  • Desktop

    • Do desktop operating systems need desktop icons?

      Desktop icons arent just a Windows phenomenon. Im sure if I used Ubuntu or another Linux distribution more often, Id have a messy desktop in that operating system as well. But a recent move by developers of the GNOME desktop environment to remove desktop icons altogether has me wondering if Id really miss them if they were gone.

  • Kernel Space

08:51

Containers, the GPL, and copyleft: No reason for concern (opensource.com) LWN.net

Richard Fontana explores the intersection of containers and copyleft licensing on opensource.com. "One imperfect way of framing the question is whether GPL-licensed code, when combined in some sense with proprietary code, forms a single modified work such that the proprietary code could be interpreted as being subject to the terms of the GPL. While we havent yet seen much of that concern directed to Linux containers, we expect more questions to be raised as adoption of containers continues to grow. But its fairly straightforward to show that containers do not raise new or concerning GPL scope issues."

08:48

Chrome 64 Ships With Spectre/Meltdown Mitigation, CSS Additions Phoronix

If the release of Firefox 58 yesterday didn't excite you, Google has today rolled out to stable channel the Chrome 64.0 web-browser...

08:47

Cryptocurrency Backed by Gold in Development by Perth Mint SoylentNews

Australian Broadcast Corporation reports

Australia's biggest gold refiner, the Perth Mint, is developing its own cryptocurrency backed by physical precious metals.

The ambitious plan, which is subject to a confidentiality agreement, will make it easier for consumers to buy gold.

[...] For the Perth Mint, the need to bring investors back to precious metals after a boom in alternative investments such as cryptocurrencies posed an opportunity, according to chief executive Richard Hayes.

"I think as the world moves through times of increasing uncertainty, you're seeing people look for alternate offerings," he said.
But Mr Hayes said the volatility of some of the current cryptocurrencies meant they did not suit all investors.

And that is where a gold-backed offering may fit.

"With a crypto-gold or a crypto-precious metals offering, what you will see is that gold is actually backing it," Mr Hayes said.

"So it will have all the benefits of something that is on a distributed ledger that settles very, very quickly, that is easy to trade, but is actually backed by precious metals, so there is actually something behind it, something backing it."

What do you see here: some golden cryptocurrency dust sprinkled around or a decentralized ledger of precious metal transactions?


Original Submission

Read more of this story at SoylentNews.

08:00

Critical code execution flaw in Electron framework impacts popular Desktop apps such as Skype and Signal Security Affairs

A critical RCE vulnerability in the Electron framework impacts popular desktop applications, including Skype, Signal, Slack, GitHub Desktop, Twitch, and WordPress.com.

A remote code execution vulnerability tracked as CVE-2018-1000006 was fixed in the Electron framework, which is used by popular desktop applications, including Skype, Signal, Slack, GitHub Desktop, Twitch, and WordPress.com.

Electron is a node.js, V8, and Chromium open-source framework that allows developers to use web technologies such as JavaScript, HTML, and CSS to build desktop apps.

The framework is currently being developed by GitHub, the Electron dev team released the versions v1.8.2-beta.4, electron v1.7.11, and electron v1.6.16 to address the issue.

A remote code execution vulnerability has been discovered affecting Electron apps that use custom protocol handlers. This vulnerability has been assigned the CVE identifier CVE-2018-1000006. states the Electron team in a post.

Electron apps designed to run on Windows that register themselves as the default handler for a protocol, like myapp://, are vulnerable.

Such apps can be affected regardless of how the protocol is registered, e.g. using native code, the Windows registry, or Electrons app.setAsDefaultProtocolClient API.

Electron framework

Currently, more than 460 cross-platform desktop applications leverage the Electron framework, but the code execution flaw affects only that use custom protocol handlers, macOS and Linux are not vulnerable to the issue.

All three releases are available for download on GitHub.

The experts also provided a workaround to avoid the exploitation of the vulnerability.

If for some reason you are unable to upgrade your Electron version, you can append as the last argument when calling app.setAsDefaultProtocolClient, which prevents Chromium from parsing further options. The double dash signifies the end of command options, after which only positional parameters are accepted, Electron explains.

Electron developers are advised to update the...

08:00

This Tiny Motor is Built into a PCB Hackaday

Mounting a motor on a PCB is nothing new, right? But how about making the PCB itself part of the motor? Thats what [Carl Bugeja] has done with his brushless DC motor in a PCB project, and we think its pretty cool.

Details on [Carl]s Hackaday.io page are a bit sparse at this point, but weve been in contact with him and he filled us in a little. The PCB contains the stator of the BLDC and acts as a mechanical support for the rotors bearing. There are six spiral coils etched into the PCB, each with about 40 turns. The coils are distributed around the axis; connected in a wye configuration, they drive a 3D-printed rotor that has four magnets pressed into it. You can see a brief test in the video below; it seems to suffer from a little axial wobble due to the single bearing, but that could be handled with a hat board supporting an upper bearing.

We see a lot of potential in this design. [Carl] mentions that the lack of cores in the coil limit it to low-torque applications, but it seems feasible to bore out the center of the coils and press-fit a ferrite slug. Adding SMD Hall sensors to the board for feedback would be feasible, too in fact, an entire ESC and motor on one PCB could be possible as well. [Carl] has promised to keep the project page updated, and were looking forward to more on this one.

For a more traditional approach to printed motors, check out this giant 3D-printed BLDC.

07:43

Identical monkeys born through true cloning Lifeboat News: The Blog

The first monkeys have been cloned in a historic breakthrough could humans be next?

07:43

SpaceX fires up powerful new Falcon Heavy rocket Lifeboat News: The Blog

SpaceX test-fires 27 engines in its powerful new Falcon Heavy rocket in key milestone.

07:42

Better than holograms: A new 3D projection into thin air Lifeboat News: The Blog

One of the enduring sci-fi moments of the big screenR2-D2 beaming a 3D image of Princess Leia into thin air in Star Warsis closer to reality thanks to the smallest of screens: dust-like particles.

Scientists have figured out how to manipulate nearly unseen specks in the air and use them to create 3D images that are more realistic and clearer than holograms, according to a study in Wednesdays journal Nature. The studys lead author, Daniel Smalley, said the new technology is printing something in space, just erasing it very quickly.

In this case, scientists created a small butterfly appearing to dance above a finger and an image of a graduate student imitating Leia in the Star Wars scene.

07:39

Security updates for Wednesday LWN.net

Security updates have been issued by openSUSE (clamav-database and virtualbox), Oracle (firefox and kernel), Red Hat (firefox), Scientific Linux (firefox), and Ubuntu (gcab).

07:22

Tiny implant opens way to deliver drugs deep into the brain Lifeboat News: The Blog

WASHINGTON Scientists have created a hair-thin implant that can drip medications deep into the brain by remote control and with pinpoint precision.

Tested only in animals so far, if the device pans out it could mark a new approach to treating brain diseases potentially reducing side effects by targeting only the hard-to-reach circuits that need care.

You could deliver things right to where you want, no matter the disease, said Robert Langer, a professor at the Massachusetts Institute of Technology whose biomedical engineering team reported the research Wednesday.

07:15

AI Startup Using Robots and Lidar to Boost Productivity on Construction Sites IEEE Spectrum Recent Content full text

Doxel's lidar-equipped robots help track construction projects and catch mistakes as they happen Photo: Doxel Doxel's lidar-equipped robots help track construction projects and catch mistakes as they happen.

Doxel is a startup that came out of stealth this week with a US $4.5 million funding round. Their business is making construction cheaper, and their secret (as with so many startups now) is combining massive amounts of data with deep-learning techniques.

Using lidar-equipped robots, Doxel scans construction sites every day to monitor how things are progressing, tracking what gets installed and whether its the right thing at the right time in the right place. Youd think that construction sites would be doing this by themselves anyway, but it turns out that they really dont, and in a recent pilot study on a medical office building, Doxel says it managed to increase labor productivity on the project by a staggering 38 percent.

Using autonomous robots equipped with lidar, Doxel scans construction sites every day to track progress and check that things have been installed correctly

The concept behind Doxel is straightforward enough: Construction projects have plans and budgets and timelines. If you stick to the plan, the budget and timeline (the things you really care about) should be what you expect. But construction projects with plans and budgets and timelines all depend on a big pile of humans doing exactly what theyre supposed to do, and we all know how often that happens. With that in mind, it may or may not surprise you to learn that 98 percent of large construction projects are delivered (on average) 80 percent over budget and 20 months behind schedule. According to people who know more about these sorts of things than I do, productivity in the construction industry hasnt improved significantly in 80 years.

A big part of the problem is simply keeping track of what gets done. Currently, the industry does this by sending people around with clipboards and tape measures, because throwing more humans at a problem caused by humans is definitely the best idea, right? Doxels idea is to get rid of the humans entirely, and instead rely on data. And robots.

Doxel mostly focuses on whats going on inside a construction site, since thats where the majority of the complicated stuff happens. Once the construction site shuts down for the day (usually in the late afternoon), Doxel sends in a cute little autonomous robot with an excellent lidar on it to methodically s...

07:14

Motion and Context SoylentNews

I regularly read the Knowing and Doing blog of Eugene Wallingford who is Associate Professor and Head, Department of Computer Science at the University of Northern Iowa. In a sequence of blog posts, he artfully raises some concepts of film editing to a much wider application than just films.

We start with a blog post 95:1 that introduces a book he is currently reading:

This morning, I read the first few pages of In the Blink of an Eye, an essay on film editing by Walter Murch. He starts by talking about his work on Apocalypse Now, which took well over a year in large part because of the massive amount of film Coppola shot: 1,250,000 linear feet, enough for 230 hours of running time. The movie ended up being about two hours and twenty-five minutes, so Murch and his colleagues culled 95 minutes of footage for every minute that made it into the final product. A more typical project, Murch says, has a ratio of 20:1.

He continues this thread with a later entry The Cut:

Read more of this story at SoylentNews.

07:13

Logan Paul pledges $1 million to suicide prevention groups The Hill: Technology Policy

YouTube megastar Logan Paul has pledged $1 million for suicide prevention organizations in his first video since the backlash he received for posting a video online that included footage of a dead body.Paul came across the body while in...

07:07

XWayland Gets XDG-Output Support For Potential Fractional Scaling Phoronix

The long-in-development X.Org Server 1.20 has yet another XWayland addition: XDG-Output protocol support...

07:02

The male Y chromosome is slowly fading, and could disappear completely Lifeboat News: The Blog

The end of men? Experts reveal how the male sex chromosome could one day disappear completely.


Since the dawn of humanity, men have played a vital role in determining the sex of their offspring.

The Y chromosome, carried by roughly half of a mans sperm, dictates whether a child will be male or female.

If the Y chromosome is present, a child will develop into a boy, whereas a lack of this strand of DNA will result in a girl.

07:02

How to Fix FacebookBefore It Fixes Us Lifeboat News: The Blog

An early investor explains why the social media platforms business model is such a threatand what to do about it.

By Roger McNamee

07:00

The Dawn of Solar Windows IEEE Spectrum Recent Content full text

Future skyscrapers will harvest energy from the sun with photovoltaic windows Illustration: Eddie Guy

illustration Illustration: Eddie Guy

The view from the office of Ioannis Papakonstantinou at University College London affords a great perspective on a wasted opportunity. He points to the university hospital, a tall oblong block adorned with decorative green glass strips. They look modern but serve no purpose. They dont even let in light.

What are they doing with these green surfaces? he asks. Nothing. Would you ever put a conventional solar panel there? Never.

Papakonstantinou is one of many who have dreamed of turning glass panels into photovoltaic modules that can be integrated directly into buildings, both for decoration and to look through. His lab is among many groups and companies developing widely differing approaches to solar windows; some are already installing them in buildings.

The appeal is, well, clear. Such windows would unobtrusively generate power for the building while allowing its occupants to peer out onto the street, enjoy natural light, or watch clouds pass overhead.

By 2020, 8.3 billion square meters of flat glass will be installed annually in new buildings worldwide, according to the Freedonia Group. That area, covered in standard solar panels in the ideal orientation, could produce more than a terawatt at peak output, and over one year it could generate some 2,190 terawatt-hours. Thats 9 percent of what the worlds annual electricity consumption was in 2016. Substituting this source of energy for coal in 2017 would have saved about 1.6 percent of carbon emissions from fossil fuels, industry, and changes in forestry and land use.

photo of UbiQDs glass prototype Photo: UbiQD Catch Some Rays: UbiQDs glass prototype uses quantum dots, the light from which is shunted sideways toward solar cells in the frame.

And powerful regulatory forces are now dragging solar windows and their environmental benefits into reality. A European Union directive requires all new build...

06:59

Thune accepts award at Washington Auto Show, pushes driverless car bill The Hill: Technology Policy

Sen. John Thune (R-S.D.) on Wednesday accepted an award at the Washington Auto Show for his work on a bill to pave the way for autonomous vehicles.The CEO of the Alliance of Automobile Manufacturers, which advocates for the major auto companies,...

06:32

House Energy and Commerce demands answers on Spectre and Meltdown cyber flaws The Hill: Technology Policy

House Energy and Commerce Committee leaders are demanding answers from major technology companies affected by the Spectre and Meltdown cybersecurity flaws that leave computer chips vulnerable to hackers. In a letter, lawmakers pressed the CEOs...

06:30

Road Apology/Gratitude Emitter Car LED Sign Hackaday

Sometimes, when youre driving, a simple wave when someone lets you in can go unnoticed and sometimes you make a mistake and a simple wave just isnt enough. [Noapparentfunction] came up with a nice project to say Thanks and My Bad to his fellow drivers.

The display uses four Max 7219 LED matrix displays, so the total resolution is 32 by 8. [Noapparentfunction] came up with an inspired idea: using a glasses case to hold the LED matrices and Raspberry Pi. Its easy to get into if necessary, stays closed, and provides a nice finished look. Having little knowledge of electronics and no programming skills, [Noapparentfunction] had to rely on cutting and pasting Python code as well as connecting a mess of wires together, but the end result works, and thats what matters.

A network cable runs from the glasses case suction cupped to the rear window to another project box under the dashboard. There, the network cable is connected to two buttons and the power. No network information is passed, the cable is just a convenient collection of wires with which to send signals. Each of the buttons shows a different message on the display.

Depending on where you live, this might not be legal, and were sure many of our readers (as well as your author) could come up with some different messages to display. However, this is a cool idea and despite [Noapparentfunction]s admitted limitations, is a nice looking finished product. Also, its name is Road Apology Gratitude Emitter. Here are some other car mod articles: This one adds some lighting to the foot well and glove compa...

06:14

New Kodi Addon Tool Might Carry Interesting Copyright Liability Implications TorrentFreak

Kodi is the now ubiquitous media player taking the world by storm. In itself its a great piece of software but augmented with third-party software it can become a piracy powerhouse.

This software, known collectively as add-ons, enables Kodi to do things it was never designed for such as watching pirated movies, TV shows, and live sports. As a result, its the go-to media platform for millions around the globe, but for those distributing the add-ons, there can be risks attached.

As one of the most prominent Kodi-related sites around, TVAddons helped to distribute huge numbers of add-ons. The platform insists that if any add-on infringed copyright, it was only too willing to remove them under a DMCA-like regime. Last year, however, it became clear that copyright holders would prefer to sue TVAddons (1,2) than ask for takedowns.

With those lawsuits still ongoing, the site was left with a dilemma. Despite add-ons being developed and uploaded by third-parties, rightsholders are still trying to hold TVAddons responsible for what those add-ons can do. Its a precarious situation that has led to TVAddons not having its own repository/repo (a place where the addons are stored for users to download) since the site ran into trouble last summer.

Now, however, the site has just launched a new tool which not only provides some benefits for users looking for addons, but also attempts to shift some liability for potential infringement away from the service and onto a company with much broader shoulders.

TVAddons Github Browser was released yesterday and is available via the platforms Indigo tool. Its premise is simple.

Since many third-party Kodi add-ons are developed and first made available on Github, the worlds leading software development platform, why dont users install them directly from there instead?

The idea is that this might reduce liability for distributors like TVAddons but could also present benefits for users, as they can be assured that theyre getting add-ons directly from the source.

Github Browser welcome screen...

06:00

Smart Contact Lens Doubles as Blood Sugar Monitor IEEE Spectrum Recent Content full text

A new contact lens tests tears to tell wearers when glucose levels drop, so there'll be no more need for painful finger pricks Illustration: Jang-Ung Park/UNIST/Science Advances

Smart contact lenses with embedded electronics just got a lot more practical. Korean researchers have designed a stretchable contact lens that can monitor glucose without distorting the wearers vision, according to a report published today in Science Advances.

The device contains all the electronic components needed to wirelessly receive power, monitor glucose levels, and generate an LED display, while maintaining the soft, stretchable, and transparent qualities of a contact lens that people might actually be willing to wear. 

This gets close to a solution that you can imagine a patient using, says Gregory Herman, a chemical engineer at Oregon State University who is developing transparent sensors for contact lenses and was not involved in todays report. 

Many people with type 1 diabetes must monitor their glucose throughout the day with finger stick blood tests. A contact lens equipped with tear-collecting sensors would provide a noninvasive alternativea way to passively track a health condition without having to constantly think about it.  

Previous smart contact lens designs for glucose monitoring, such as the one patented by Verily, Alphabets life science arm, have fallen short. They tend to have electronic components fabricated on hard substrates that are inserted into a contact lens, says Jang-Ung Park, an associate professor at the school of materials science and engineering at Ulsan National Institute of Science and Technology (UNIST) in South Korea  who co-authored the report. The result is a contact lens that is brittle and can break down over time, and can also impede the users field of vision, Park says. 

In UNISTs prototype, segments of rigid electronic components, including circuits, antennas, LEDs, and sensors, are isolated into islands interconnected by stretchable conductors. Between the islands is a soft, elastic material. The pattern, which looks a bit like the spots on a giraffe, distributes mechanical strain. That protects the electronics from being deformed when the contact lens is handled by the user. 

...

05:41

EU Fines Qualcomm 997 Million Euros for Anti-Competitive Payments to Apple SoylentNews

Qualcomm Gets $1.2 Billion EU Fine for Apple Chip Payments

Qualcomm Inc. was fined 997 million euros ($1.2 billion) by the European Union for paying Apple Inc. to shun rival chips in its iPhones.

The largest maker of chips that help run smartphones "paid billions of U.S. dollars to a key customer, Apple, so that it would not buy from rivals," EU Competition Commissioner Margrethe Vestager said in an emailed statement on Wednesday. "This meant that no rival could effectively challenge Qualcomm in this market, no matter how good their products were."

Qualcomm struck a deal with Apple in 2011 that pledged significant payments if Apple only used Qualcomm chipsets for the iPhone and iPad devices. That agreement was renewed in 2013 until 2016. Qualcomm warned it would stop these payments if Apple sold another product with a rival chip. This effectively shut out competitors such as Intel Corp. from the market for LTE baseband chipsets used in the 4G mobile phone standard for five years, the EU said.

European Commission press release. Also at Reuters.

Previously: EU Investigates Qualcomm For Antitrust Activities
U.S. Federal Trade Commission Sues Qualcomm for Anti-Competitive Practices
Apple Could Switch From Qualcomm to Intel and MediaTek for Modems

Related: Apple vs. Qualcomm Escalates, Manufacturers Join in, Lawsuits Filed in California and Germany
Qualcomm Files New Lawsuit Against Apple, Alleging it Shared Confidential Information with Intel
Broadcom Offers $105 Billion for Qualcomm; Moves HQ Back to the USA


Original Submission

Read more of this story at SoylentNews.

05:36

Government watchdog agrees to probe fake net neutrality comments The Hill: Technology Policy

The Government Accountability Office (GAO) has agreed to take up an investigation into fake comments being filed to the Federal Communications Commission (FCC) regarding its plan to roll back net neutrality rules. The GAOs decision to probe the...

05:22

Rocket Lab unveils Humanity Star a shiny satellite you can see in space Lifeboat News: The Blog

In addition to launching three Earth-watching satellites, Rocket Lab has sent up a satellite you can watch from Earth: a bright and shiny object christened Humanity Star.

Rocket Lab says Humanity Star, a geodesic sphere made of carbon fiber with 65 reflective panels, could well rank as the brightest satellite in the night sky.

05:01

Quantum Weirdness in Your Browser Hackaday

Ill be brutally honest. When I set out to write this post, I was going to talk about IBMs Q Experience the website where you can run real code on some older IBM quantum computing hardware. I am going to get to that I promise but thats going to have to wait for another time. It turns out that quantum computing is mindbending and to make matters worse there are a lot of oversimplifications floating around that make it even harder to understand than it ought to be. Because the IBM system matches up with real hardware, it is has a lot more limitations than a simulator think of programming a microcontroller with on debugging versus using a software emulator. You can zoom into any level of detail with the emulator but with the bare micro you can toggle a line, use a scope, and hope things dont go too far wrong.

So before we get to the real quantum hardware, I am going to show you a simulator written by [Craig Gidney]. He wrote it and promptly got a job with Google, who took over the project. Sort of. Even if you dont like working in a browser, [Craigs] simulator is easy enough, you dont need an account, and a bookmark will save your work.

It isnt the only available simulator, but as [Craig] immodestly (but correctly) points out, his simulator is much better than IBMs. Starting with the simulator avoids tripping on the hardware limitations. For example, IBMs devices are not fully connected, like a CPU where only some registers can get to other registers. In addition, real devices have to deal with noise and the quantum states not lasting very long. If your algorithm is too slow, your program will collapse and invalidate your results. These arent issues on a simulator. You can find a list of other simulators, but Im focusing on Quirk.

What Quantum Computing Is

As I mentioned, there is a lot of misinformation about quantum computing (QC) floating around. I think part of it revolves around the word computing. If you are old enough to remember analog computers, QC is much more like that. You build circuits to create results. Theres also a lot of difficult math mostly linear algebra that Im going to try to avoid as much as possible. However, if you can dig into the math, it is worth your time to do so. However, just like you can design a resonant circuit without solving differential equations about inductors, I think you can do QC without some of the bigger math by just using results. Well see how well that holds up in practice.

...

05:00

Uber CEO calls for new benefits system for gig economy workers The Hill: Technology Policy

Ubers chief executive is calling for Washington state to develop a portable benefits system to give contract workers in the so-called gig economy access to health care and retirement planning accounts.Uber CEO Dara Khosrowshahi signed onto a...

04:59

Cuomo signs executive order protecting net neutrality in New York The Hill: Technology Policy

New York Gov. Andrew Cuomo (D) signed an executive order protecting net neutrality in New York on Wednesday, making it the second state to issue such a rule after the Federal Communications Commissions (FCC) decision to repeal the open...

04:55

WebKitGTK+ Security Advisory WSA-2018-0002 Open Source Security

Posted by Carlos Alberto Lopez Perez on Jan 24

------------------------------------------------------------------------
WebKitGTK+ Security Advisory WSA-2018-0002
------------------------------------------------------------------------

Date reported : January 24, 2018
Advisory ID : WSA-2018-0002
Advisory URL : https://webkitgtk.org/security/WSA-2018-0002.html
CVE identifiers : CVE-2018-4088, CVE-2018-4089, CVE-2018-4096,...

04:35

Purism Begins Work On Unified Themes For Convergent PureOS Devices Phoronix

Last week Purism shared a progress update on the Librem 5 smartphone project where they outlined their plans to continue pursuing the i.MX8M SoC and other plans. They've kept up their word of delivering weekly status updates and out today is their latest summary of work...

04:26

US Government Puts Tariffs on Imported Solar Cells, Solar Modules, and Washing Machines SoylentNews

Trump administration imposes tariffs on imported solar cells and modules at 30% and certain washing machines up to 50%:

This new determination sets tariffs on imported solar cells and modules at 30 percent with a gradual decrease of that tariff over the subsequent four years. In years two, three, and four, the tariff will be imposed at 25 percent, 20 percent, and 15 percent, respectively, of the value of the import. The first 2.5 gigawatts of imported solar cells imported are exempt from the tariff (but it seems that a similar provision was not made for solar modules). Though the executive branch has broad authority to impose whatever tariff it wants after the ITC finds that an industry has been harmed by imports, this tariff decision closely matches the middle-ground recommendation made by two of the four-person ITC's commissioners. Those commissioners recommended a 30-percent tariff on modules and a 30-percent tariff on imported solar cells in excess of 1GW, with declining rates after the first year.

Whirlpool shares rise after Trump tariff on washing machine imports

The new tax is expected to hit Trump's desk on Tuesday. The administration is imposing 20% tariffs on the first 1.2 million machines imported each year, and 50% on those after that. There will also be a 50% tariff on washing machine parts.

Naturally South Korea and China are upset and plan to argue their case at the WTO. From the articles I read this morning there should be a boost to US manufacturing but the gains may all be offset by the losses with people not wanting to pay more for solar. I think regardless of price people will do solar for solar's sake, but there is sure to be some impact on sales and installation jobs.

Guess I should have bought that 30% off washing machine at the Sears going out of business sale.


Original Submission

Read more of this story at SoylentNews.

04:01

Hacker Used Malware To Hike Prices for Gas Station Customers HackRead

By Waqas

Russian authorities have identified an extensively distributed malware campaign targeting

This is a post from HackRead.com Read the original post: Hacker Used Malware To Hike Prices for Gas Station Customers

04:00

VMium 1GB KVM VPS starting @ $1.99/mo and other plans! Low End Box

VMium

Igor from VMium has submitted their first offer ever with us! They are offering KVM based virtual services out of Italy and have hopes to expand globally as their business takes off. They seem to have some pretty nice pricing so we really hope you enjoy what they have to offer for you and we look forward to seeing your feedback!

Heres what they had to say:

VMium hosting project had been established in 2014. We have been operating mostly on the Eastern European market before 2017. In 2018, our goal is to expand offerings to the rest of the global hosting market. Our virtual servers run on enterprise grade hardware, protected by raid setups, powered by super fast SSD drives and blazing fast network with premium bandwidth, located in the heart of Europe.

***VMium has stated all plans below are 50% off for LIFE and come with FREE incoming bandwidth***

(KVM-1) Plan

  • 1GB RAM
  • 1 x CPU
  • 10 GB SSD
  • 1TB Outbound BW
  • 1Gbps Uplink
  • 1 x IPv4
  • IPv6 Available (upon request)
  • KVM / VMmanager
  • Coupon: LowEnd2018-ZgPAn
  • $1.99/mo [ORDER]

(KVM-2) Plan

  • 2GB RAM
  • 1 x CPU
  • 20 GB SSD
  • 2TB Outbound BW
  • 1Gbps Uplink
  • 1 x IPv4
  • IPv6 Available (upon request)
  • KVM / VMmanager
  • Coupon: LowEnd2018-ZgPAn
  • $3.99/mo [ORDER]

(KVM-3) Plan

  • 4GB RAM
  • 1 x CPU
  • 30 GB SSD
  • 4TB Outbound BW
  • 1Gbps Uplink
  • 1 x IPv4
  • IPv6 Available (upon request)
  • KVM / VMmanager
  • Coupon: LowEnd2018-ZgPAn
  • $6.99/mo [ORDER]

VMius is a registered company in the state of Delaware, USA (#4921432). For those interested, their WHOIS information is public. VMium supports payment through PayPal ($5 minimum), Webmoney (Z and R), Yandex.Money, Coin Payments, Mobile Payments, Bank Payment...

04:00

Michigans MiDAS Unemployment System: Algorithm Alchemy Created Lead, Not Gold IEEE Spectrum Recent Content full text

A case study into how to automate false accusations of fraud for more than 34,000 unemployed people Illustration: iStockphoto/IEEE Spectrum

Perhaps next month, those 34,000 plus individuals wrongfully accused of unemployment fraud in Michigan from October 2013 to September 2015 will finally hear that they will receive some well-deserved remuneration for the harsh treatment meted out by Michigan Integrated Data Automated System (MiDAS). Michigan legislators have promised to seek at least $20 million in compensation for those falsely accused.

This is miserly, given how many people experienced punishing personal trauma, hired lawyers to defend themselves, saw their credit and reputations ruined, filed for bankruptcy, had their houses foreclosed or were made homelessness. A sum closer to $100 million, as some are advocating, is probably warranted.

The fiasco is all too familiar: a government agency wants to replace a legacy IT system to gain cost and operational efficiencies, but alas, the effort goes horribly wrong because of gross risk mismanagement.

This time, it was the Michigan Unemployment Insurance Agency (UIA) which wanted to replace a 25-year-old mainframe system. The objectives of the new system were three-fold and reasonable. First, ensure that unemployment checks were only going to people who deserved them. Second, increase UIAs efficiency and responsiveness to unemployment claims. And third, through those efficiency gains, reduce UIAs operational costs by eliminating more than 400 workers, or about one-third of the agencys staff. After spending $47 million and two years on the effort, the UIA launched MiDAS, and soon proclaimed it a huge success [pdf], coming in under budget and on-time, and discovering previously missed fraudulent unemployment filings.

Finding Fake Fraud

Soon after MiDAS was put into operation, the number of persons suspected of unemployment fraud...

Friday Hack Chat: Becoming Cyborg Hackaday

What is it like to be a cyborg? What does it mean to have augmented hearing, improved vision, and coprocessors for your brain that enhance your memory? We could ask people with hearing aids, glasses, and a smartphone strapped to their wrist, but thats boring. Were looking to the future and the cool type of cyborgation, and thats what this weeks Hack Chat is all about.

Our guest for this weeks Hack Chat will be Lindy Wilkins, and theyre here to discuss what it takes to be a cyborg. Right now, theyre sporting a magnetic implant, an NFC implant and will soon have a North Sense, an exo-sensory device that tells your brain where North is.

Lindy is currently based in Toronto as a PhD student at the University of Toronto, and director at the Site 3 coLaboratory. They spend free time making robots, playing with lasers, and thinking about how body modification and where the intersection of bio-hacking and wearable technology will meet in the near future.

During this Hack Chat, were going to be talking about what it means to be a cyborg. Is it simply a matter of wearing contacts, gett...

03:48

Friday Free Software Directory IRC meetup: January 26th starting at 12:00 p.m. EST/17:00 UTC FSF blogs

Help improve the Free Software Directory by adding new entries and updating existing ones. Every Friday we meet on IRC in the #fsf channel on irc.freenode.org.

When a user comes to the Directory, they know that everything in it is free software, has only free dependencies, and runs on a free OS. With almost 16,000 entries, it is a massive repository of information about free software.

While the Directory has been and continues to be a great resource to the world for many years now, it has the potential to be a resource of even greater value. But it needs your help! And since it's a MediaWiki instance, it's easy for anyone to edit and contribute to the Directory.

You've heard that Austin, TX is weird, but have you heard that it's "in the know"? On January 25th, 1932, the local radio station was KUT-AM, but the next day, following a purchase by Hearst publications, it became KNOW, noted for their dedication to award-winning news coverage. This week, we will look at radio entries, as well as working on unapproved pages.

If you are eager to help, and you can't wait or are simply unable to make it onto IRC on Friday, our participation guide will provide you with all the information you need to get started on helping the Directory today! There are also weekly Directory Meeting pages that everyone is welcome to contribute to before, during, and after each meeting.

03:43

Development Release: Red Hat Enterprise Linux 7.5 Beta DistroWatch.com: News

Red Hat has announced a new beta release of the company's Red Hat Enterprise Linux 7.x series. The new development release, Red Hat Enterprise Linux 7.5 Beta, includes bug fixes and security enhancements across a wide range of hardware platforms. "Red Hat Enterprise Linux delivers controls for enhanced....

03:42

Google CEO Sundar Pichai compares AI to fire and electricity TechWorm

Google CEO Sundar Pichai thinks impact of AI on humanity is more profound than electricity or fire

While fire is regarded as one of the greatest invention of the Early Stone Age, followed by the discovery of electricity in the 1800s, Googles CEO Sundar Pichai considers AI (artificial intelligence) impact on humanity to be more profound than fire or electricity.

Speaking as part of a new show hosted by MSNBCs Ari Melber and Recodes Kara Swisher, Pichai, 45, said that AI is one of the most important things that humanity is working on. Its more profound that, I dont know, electricity or fire.

Fires pretty good, Swisher said.

However, Pichai drew equals to electricity and fire, and said that AI is basically both useful and dangerous at the same time.

But it kills people, too. They learn to harness fire for the benefits of humanity, but we have to overcome its downsides, too, Pichai said.

While admitting some concerns about AI taking over the world one day, Pichai also mentioned that he feels that AI technology will inevitably play a significant role in the advancement of humanity, such as curing cancer and providing climate change solutions.

My point is AI is really important, but we have to be concerned about it, Pichai said. Its fair to be worried about itI wouldnt say were just being optimistic about it we want to be thoughtful about it. AI holds the potential for some of the biggest advances were going to see.

Whenever I see the news of a young person dying of cancer, you realize AI is going to play a role in solving that in the future. So I think we owe it to make progress too.

However, Pichai did acknowledge the need for balance to be struck between AI technologys downsides and upsides.

The extracts are part of a new series on MSNBC called Revolution: Google and YouTube Changing the World where Pichai along with YouTube CEO Susan Wojcicki were interviewed. The show featuring the full interview with Pichai is scheduled to air on US news channel MSNBC on January 26.

The post Google CEO Sundar Pichai compares AI to fire and electricity appeared first on TechWorm.

03:26

EU fines Qualcomm $1.2 billion over Apple payments The Hill: Technology Policy

The European Union on Wednesday fined chipmaker Qualcomm $1.2 billion for paying Apple not to purchase components from its competitors.Margrethe Vestager, the EU's competition commissioner, said the arrangement gave Qualcomm dominance in...

03:24

Burger King makes pro-net neutrality video The Hill: Technology Policy

Burger King is blasting the Federal Communications Commission's (FCC) decision to scrap net neutrality rules in a new ad released Wednesday, using its signature sandwich to do it.The fast food chain posted a video illustrating what it...

03:07

Red Hat Enterprise Linux 7.5 Offers Wayland In Tech Preview Form Phoronix

With today's debut of the Red Hat Enterprise Linux 7.5 Beta they have made Wayland support available in tech preview form...

03:02

Embrace performance-enhancing drugs and technology in sport Lifeboat News: The Blog

As we hear more and more about the upcoming Winter #Olympics in a few weeks, lets remember the idea for a future Transhumanist Olympics: http://www.sfchronicle.com/opinion/openforum/article/Embrace211040.php #transhumanism


The 2016 Paralympics, which began this week in Rio de Janeiro, is bringing together 4,500 athletes to compete in 23 sports from wheelchair fencing to swimming to hand biking.

03:00

Robots Ready to Ski, Paint, and Clean at South Koreas 2018 Winter Olympics IEEE Spectrum Recent Content full text

South Koreas best roboticists have spent two years preparing robots for a wide range of roles at the 2018 Winter Olympics Photo: Ang Young-suk/Yonhap/AP

/image/MzAwNzMyMA.jpeg
Photo: Ang Young-suk/Yonhap/AP The Handoff: The robot DRC-Hubo+ receives the Olympic flame from UCLA professor Dennis Hong.

Spectators who getlost in Olympic Plaza in Pyeongchang next month can ask for directions from a nearby guide that speaks four languages. Thirsty patrons who visit Gangneung Media Village can order drinks for delivery. And they can do all of this without talking to another human.

South Korea is going big on robotics for the 2018 Winter Olympics, which begin on 9 February. Organizers will deploy about 80 robots at the games to showcase the nations leadership in advanced robotics research.

Eight companieswith US $1.5 million in sponsorship from the South Korean governmenthave been working on projects for the games since 2016. The roboticists who built all of these new robots are now preparing to unveil their technology on a world stage.

Its a stressful time for everyone involved. I have more anxiety than excitement, says Jun-ho Oh, the director of the Institute for Robotics at the Korea Advanced Institute of Science and Technology (KAIST), who led government officials in managing robotics for the games.

Most of these automated helpers will take on highly visible roles and interact with the public. Which means they must be able to, among other things, maneuver through crowded spaces and know when to hit the brakes. Any mistakes they make will be in the public eye.

This is an opportunity for them to showcase what theyre working on, says Raffaello DAndrea, a professor of dynamic systems and control at ETH Zurich. This technology is far enough along that you can actually deploy [robots] and have them do something interesting.

Oh has three rules for designing eye-catching, crowd-pleasing robots that are also safe and reliable. Call them Ohs Three Laws of Olympic Robotics. First, he says, the robot must not make trouble. His second rule is that it must do something new, even if that just means teaching an existing robot new tricks. Third, the robot must be useful.

One brand new robot that will appear at the games is a robotic ve...

This Home-Made PDA Is A Work Of Art Hackaday

There was a time, back in the 1990s, when a PDA, or Personal Digital Assistant, was the height of mobile computing sophistication. These little hand-held touch-screen devices had no Internet connection, but had preloaded software to manage such things as your calendar and your contacts. [Brtnst] was introduced to PDAs through a Palm IIIc and fell in love with the idea, but became disillusioned with the Palm for its closed nature and lack of available software a couple of decades later.

His solution might have been to follow the herd and use a smartphone, but he went instead for the unconventional and produced his own PDA. And after a few prototypes, hes come up with rather a well-executed take on the 90s object of desire. Taking an ARM microcontroller board and a commodity resistive touchscreen, hes clad them in a 3D-printed PDA case and produced his own software stack. Hes not prepared to release it just yet as hes ashamed of some of its internal messiness, but lets hope that changes with time.

What this project shows is how it is now so much easier to make near commercial quality one-off projects from scratch. Accessible 3D printing has become so commonplace as to be mundane in our community, but its worth remembering just how much of a game-changer it has been.

To see the device in action, take a look at the video below the break.

02:54

AT&T urges Congress to pass 'internet bill of rights' The Hill: Technology Policy

AT&T is calling on Congress to pass a net neutrality law that would cover not only internet service providers but also platforms like Facebook and Google.The telecom giant took out full-page ads in major newspapers like The New York Times and...

02:53

Are you a Tinder user? Watch out, someone could spy on you Security Affairs

Experts at security firm Checkmarx discovered two security vulnerabilities in the Tinder mobile apps that could be exploited to spy on users.

Security experts at Checkmarx discovered two security vulnerabilities in the Tinder Android and iOS dating applications that could be exploited by an attacker on the same wi-fi network as a target to spy on users and modify their content.

Attackers can view a target users Tinder profile, see the profile images they view and determine the actions they take.

The vulnerabilities, found in both the apps Android and iOS versions, allow an attacker using the same network as the user to monitor the users every move on the app. It is also possible for an attacker to take control over the profile pictures the user sees, swapping them for inappropriate content, rogue advertising or other type of malicious content (as demonstrated in the research). reads the analysis published by Checkmarx.

While no credential theft and no immediate financial impact are involved in this process, an attacker targeting a vulnerable user can blackmail the victim, threatening to expose highly private information from the users Tinder profile and actions in the app.

An attacker can conduct many other malicious activities, including intercepting traffic and launching DNS poisoning attacks.

The first issue is related to the fact that both the iOS and Android Tinder apps download profile pictures via insecure HTTP connections, this means that an attacker can access the traffic to determine which profiles are viewed by a Tinder user.

Tinder data leak

SOCIAL NETWORKS / TINDER

An attacker could also modify traffic for example to swap images.

Attackers can easily discover what device is viewing which profiles, continues the analysis. Furthermore, if the user stays online long enough, or if the app initializes while on the vulnerable network, the attacker can identify and explore the users profile. Profile images that the victim sees can be swapped, rogue advertising can be placed and malicious content can be injected,

Obviously, such kind of issue could...

02:53

Finland is the Mobile Data Capital of the World SoylentNews

The IEEE Spectrum has an article about why Finland is the mobile data capital of the world. Many factors converge. Perhaps the most relvant one is that mobile data plans cover unlimited use and the different operators compete on speed rather than data caps. Also, despite sparse population distribution, very close to 100% of the population has good access to high-speed mobile networks. If plans are followed through, 5G coverage should become commercially available in Finland by 2020.


Original Submission

Read more of this story at SoylentNews.

02:42

Cyberdynes Medical Exoskeleton Strides to FDA Approval Lifeboat News: The Blog

Cyberdyne, the Japanese robotics company with the slightly suspicious name, has just gotten approval from the U.S. Food and Drug Administration (FDA) to begin offering its HAL (Hybrid Assistive Limb) lower-body exoskeleton to users in the United States through licensed medical facilities. HAL is essentially a walking robot that you strap to your own legs; sensors attached to your leg muscles detect bioelectric signals sent from your brain to your muscles telling them to move, and then the exoskeleton powers up and assists, enhancing your strength and stability.


Users in the United States can now take advantage of this friendly exoskeleton to help them with physical rehabilitation.

02:41

iPhone Battery Explodes After Man Bites It To Test Its Authenticity TechWorm

Chinese man bites into replacement iPhone battery causing it to explode

You may want to think twice before biting things that can explode, as a Chinese man who happened to bite a smartphone battery to test its authenticity got a nasty shock when it exploded.

The ten-second video footage of the incident that happened on January 19 has been circulating online that shows a man looking to purchase a replacement battery for his iPhone in an electronics, reports Taiwan News. The video clip shows the store employee handing the man a battery, which he brings up to his face and then bites on it to check its authenticity. The moment he removes the battery from his mouth, it bursts into flames just inches away from his face.

Fortunately, no one was injured in this incident, reported several Taiwanese news outlets. The video was posted to Chinese video sharing site Miaopai.com on January 20 and has been viewed more than 4.5 million time since then.

We request our readers not to try this at home and treat your phones battery with extreme caution. If you are unsure about the authenticity of your phone battery and wish to check it, you could visit an Apple Authorized Retailer or an Apple Store for the same.

The post iPhone Battery Explodes After Man Bites It To Test Its Authenticity appeared first on TechWorm.

02:38

Expert: IoT Botnets the Work of a Vast Minority Krebs on Security

In December 2017, the U.S. Department of Justice announced indictments and guilty pleas by three men in the United States responsible for creating and using Mirai, a malware strain that enslaves poorly-secured Internet of Things or IoT devices like security cameras and digital video recorders for use in large-scale cyberattacks.

The FBI and the DOJ had help in their investigation from many security experts, but this post focuses on one expert whose research into the Dark Web and its various malefactors was especially useful in that case. Allison Nixon is director of security research at Flashpoint, a cyber intelligence firm based in New York City. Nixon spoke with KrebsOnSecurity at length about her perspectives on IoT security and the vital role of law enforcement in this fight.

Brian Krebs (BK): Where are we today with respect to IoT security? Are we better off than were a year ago, or is the problem only worse?

Allison Nixon (AN): In some aspects were better off. The arrests that happened over the last year in the DDoS space, I would call that a good start, but were not out of the woods yet and were nowhere near the end of anything.

BK: Why not?

AN: Ultimately, whats going with these IoT botnets is crime. People are talking about these cybersecurity problems problems with the devices, etc. but at the end of the day its crime and private citizens dont have the power to make these bad actors stop.

BK: Certainly security professionals like yourself and others can be diligent about tracking the worst actors and the crime machines theyre using, and in reporting those systems when its advantageous to do so?

AN: Thats a fair argument. I can send abuse complaints to servers being used maliciously. And people can write articles that name individuals. However, its still a limited kind of impact. Ive seen people get named in public and instead of stopping, what they do is improve their opsec [operational security measures] and keep doing the same thing but just sneakier. In the private sector, we can frustrate things, but we cant actually stop them in the permanent, sanctioned way that law enforcement can. We dont really have that kind of control.

BK: How are we not better off?

AN: I would say that as time progresses, the community that practices DDoS and malicious hacking and these pointless destructive attacks get more technically proficient when theyre executing attac...

02:01

Printed It: Rubber Band PCB Vise Hackaday

If youve ever worked on a small PCB, you know how much of a hassle it can be to hold on to the thing. Its almost as if they werent designed to be held in the grubby mitts of a human. As designs have become miniaturized over time, PCBs are often so fragile and festooned with components that tossing them into the alligator clips of the classic soldering third hand can damage them. The proper tool for this job is a dedicated PCB vise, which is like a normal bench vise except it doesnt crank down very hard and usually has plastic pads on the jaws to protect the board.

Only problem with a PCB vise is, like many cool tools and gadgets out there, not everybody owns one. Unless youre doing regular PCB fabrication, you might not take the plunge and buy one either. So whats a hacker on a budget to do when theyve got fiddly little PCBs that need attention?

Luckily for us, we live in a world where you can press a button and have a magical robot on your desktop build things for you. Online model repositories like Thingiverse and YouMagine are full of designs for printable PCB vises, all you have to do is pick one. After looking through a number of them I eventually decided on a model designed by [Delph27] on Thingiverse, which I think has a couple of compelling features and more than deserves the few meters of filament it will take to add to your bench.

Of course the best part of all of this is that you can customize and improve the designs you download, which is what Im about to do with this PCB vise!

Desirable Traits

...

01:45

Linux 4.0 To Linux 4.15 Kernel Benchmarks Phoronix

Our latest in benchmarking the Linux 4.15 kernel is seeing how the performance has changed since Linux 4.0 and all subsequent releases on the same system. Here are those tests driven by curiosity, especially in light of the performance changes as a result of KPTI page table isolation and Retpoline additions.

01:41

Red Hat Enterprise Linux 7.5 Reaches Public Beta Phoronix

Red Hat has made public today their first beta release of Red Hat Enterprise Linux 7.5 as the next installment to RHEL7...

01:32

Less than 10% of Gmail users enabled two-factor authentication Security Affairs

According to Google software engineer Grzegorz Milka, less than 10 percent of its users have enabled two-factor authentication (2FA) for their accounts.

The availability of billions of credentials in the criminal underground due to the numerous massive data breaches occurred in the last years makes it easy for crooks to take over users accounts.

We always suggest enabling two-factor authentication to improve the security of our accounts, unfortunately, the suggestion is often ignored.

Even if someone else gets your password, it wont be enough to sign in to your account, states Googles page on 2FA.

According to Google software engineer Grzegorz Milka, less than 10 percent of its users have enabled two-factor authentication (2FA) for their accounts.

Considering that Google has more than 2 billion monthly active devices, the number of exposed accounts is very huge.

Milka made the disconcerting revelation at the Usenixs Enigma 2018, two-factor authentication (2FA) implemented by Google allows its users to access the account by providing login credentials along with an authentication code sent to the user via SMS or voice call or generated through the Google mobile app.

Two-factor authentication

Source: The Register

This data demonstrates the lack of awareness of cyber threats and the way to mitigate them.

Many users believe that configure and use 2FA for their accounts can make their experience worse.

The Register asked Milka why Google didnt just make two-factor mandatory across all accounts and received...

01:20

Drones Take Off in Agriculture Industry SoylentNews

Could the newest farmhand be a drone?

Research in the College of Agriculture and Life Sciences is bringing drone technology to agriculture, one of the major industries with excellent potential for growth. Specifically, drone technology is being tested with sheep at Virginia Tech.

"We are looking at ways drones can be used on small farms," said Dan Swafford, project associate for Virginia Cooperative Extension. "Farms could use drones as a 'check-on' tool to ensure that sheep are where they are supposed to be."

Drones can help farmers gain quick access to see if an animal is in need or injured, to examine if a ewe has delivered a new lamb, or more generally to check the status of the farm.

Agriculture is one of the industries where drones will make a big impact in the coming years. A report from PricewaterhouseCoopers found that the potential market for agricultural drones is $32.4 billion because high-tech systems with the ability to monitor crops or livestock can reduce human errors and save time and money.

Do drones make more sense than static cameras with CCTV?


Original Submission

Read more of this story at SoylentNews.

01:18

Tinder flaw exposes user swipe, match and photos to strangers HackRead

By Waqas

Tinder is an online dating app that was launched in

This is a post from HackRead.com Read the original post: Tinder flaw exposes user swipe, match and photos to strangers

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog