IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Friday, 10 August


Photo gallery: Black Hat USA 2018, part 2 Help Net Security

Black Hat USA 2018 is underway at Las Vegas. Here are a few photos from the Business Hall. Featured companies: LogRhythm, Carbon Black, Swimlane, Qualys, Cofense, Vectra, Sonicwall, LookingGlass.

The post Photo gallery: Black Hat USA 2018, part 2 appeared first on Help Net Security.


Smart cities are exposed to old-school threats Help Net Security

Spurred by the false alarm that made Hawaii residents fear for their lives earlier this year, IBM X-Force Red and Threatcare researchers have decided to test several smart city devices and ultimately found 17 zero-day vulnerabilities, some of which could be exploited to create potentially deadly chaos. While we were prepared to dig deep to find vulnerabilities, our initial testing yielded some of the most common security issues, such as default passwords, authentication bypass and More

The post Smart cities are exposed to old-school threats appeared first on Help Net Security.


Which SD-WAN product should enterprises choose? Help Net Security

Adoption of Software Defined Wide Area Network (SD-WAN) has reached an inflection point and nearly every distributed business is deploying, evaluating, or planning to implement an SD-WAN as part of its IT vision. To help enterprises understand the merits of products in the market and identify the capabilities best suited to meet their use case requirements, NSS Labs announced the results of the industrys first Software Defined-Wide Area Network (SD-WAN) Group Test. The capabilities that More

The post Which SD-WAN product should enterprises choose? appeared first on Help Net Security.


A botnet of smart irrigation systems can deplete a citys water supply Help Net Security

Ben-Gurion University of the Negev (BGU) cyber security researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation systems that water simultaneously. The researchers analyzed and found vulnerabilities in a number of commercial smart irrigation systems, which enable attackers to remotely turn watering systems on and off at will. They tested three of the most widely sold smart irrigation systems: GreenIQ, BlueSpray, and RainMachine smart irrigation systems. More

The post A botnet of smart irrigation systems can deplete a citys water supply appeared first on Help Net Security.



Fewer Than 1 in 5 Residents Can Afford a Home in Bay Area

Via: Mercury News: The Bay Area continues to lead the state in shattered home-ownership dreams. Record home prices and rising interest rates have pushed statewide home affordability rates to a 10-year-low. In the Bay Area, fewer than 1 in 5 residents can afford to buy into one of the nations most expensive real estate markets, []


The Evolution of the Big Falcon Rocket Lifeboat News: The Blog

On September 29th, 2017, SpaceX CEO Elon Musk unveiled detailed plans of the Big Falcon Rocket at the 68th International Astronautical Congress in Adelaide, Australia. It was a follow-up speech to the prior years presentation when he first discussed the architecture of what was then called the Interplanetary Transport System. In his highly anticipated speech, Musk laid out the detailed plans for a two stage rocket to enable the colonization of Mars, a moon base, and hypersonic long-distance travel on Earth.

The design featured an enormous Booster that would be powered by 31 Raptor engines, planned to be the worlds most advanced and highest pressure chemical rocket engine. Following stage separation, the booster would return to Earth and land near or on the launch pad.

There were three variants of the rockets second stage planned: a Spaceship, Tanker and Cargo Lifter. The primary of which, the BFR Spaceship, was also the colonization vehicle and that could carry up to 100 passengers and a hundred tonnes of cargo. One possible use of the Spaceship was as the worlds first hypersonic passenger transport vehicle, which would enable travel between any two points on Earth in under an hour. Its primary envisioned mission, however, was to be a colonization vehicle for the Moon, Mars and beyond.


Heres what SpaceX must do to win the commercial crew race Lifeboat News: The Blog

Demo test, abort test, finish COPVs, test fuel loading, and so on. Its a long list.


Re: Linux kernel: CVE-2017-18344: arbitrary-read vulnerability in the timer subsystem Open Source Security

Posted by Andrey Konovalov on Aug 09

I've uploaded the exploit:

The exploit allows to read arbitrary virtual or physical (within the
physmap) memory, to dump virtual memory that belongs to a particular
process by its pid and to search the physical memory for a pattern
(only the start of each page though, but that's enough to locate at
least /etc/shadow). See the comment in the exploit source code...


Anthropocene vs Meghalayanwhy geologists are fighting over whether humans are a force of nature Lifeboat News: The Blog

The Earth discovered it was living in a new slice of time called the Meghalayan Age in July 2018. But the announcement by the International Union of Geological Sciences (IUGS) confused and angered scientists all around the world.

In the 21st century, it claimed, we are still officially living in the Holocene Epoch, the warm period that began 11,700 years ago after the last ice age. But not only that: within the Holocene, we are also living in this new age the Meghalayan and it began 4,250 years ago.

Over the past decade, more and more scientists have agreed that on Earth is so significant that we have entered a completely new geological phase, called the Anthropocene, including a group convened to agree a formal definition. The world of science was expecting an official announcement acknowledging this Anthropocene Epoch, not the unheard-of Meghalayan Age. It was so unexpected it turned up zero hits on Google when first reported. So whats going on?


Free Facial Recognition Tool Can Track People Across Social Media Sites The Hacker News

Security researchers at Trustwave have released a new open-source tool that uses facial recognition technology to locate targets across numerous social media networks on a large scale. Dubbed Social Mapper, the facial recognition tool automatically searches for targets across eight social media platforms, includingFacebook, Instagram, Twitter, LinkedIn, Google+, the Russian social networking


PostgreSQL Rolls Out New Releases To Address Two Security Issues Phoronix

The latest high profile open-source project bitten by some fresh CVE security vulnerabilities is the PostgreSQL database server...


Researchers Developed Artificial Intelligence-Powered Stealthy Malware The Hacker News

Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization. However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade even the best cyber-security defenses and infects a computer network or launch an attack only


Five new stable kernels

Greg Kroah-Hartman has released the 4.17.14, 4.14.62, 4.9.119, 4.4.147, and 3.18.118 stable kernels. There are important fixes in each and users should upgrade.


Get Practical Advice for Enterprise Open Source in Free Ebook from The Linux Foundation

When it comes to running and managing open source in the enterprise, experience-driven advice counts for a lot. It is very likely that your organization already runs open source, but many organizations make the mistake of reacting to the open source ecosystem instead of adopting a proactive strategy that is optimized for success. Thats where the free Enterprise Open Source ebook comes in.


The VU Meter and How It Got That Way Hackaday

Given its appearance in one form or another in all but the cheapest audio gear produced in the last 70 years or so, youd be forgiven for thinking that the ubiquitous VU meter is just one of those electronic add-ons thats more a result of marketing than engineering. After all, the seemingly arbitrary scale and the vague volume units label makes it seem like something a manufacturer would slap on a device just to make it look good. And while that no doubt happens, it turns out that the concept of a VU meter and its execution has some serious engineering behind that belies the really simple question it seeks to answer: How loud is this audio signal?

Miles of Cable

Unsurprisingly, the modern VU meter can trace its roots back to the twin formative technologies of the 20th century: telephone and radio. For the first time in history, the human voice was projecting further than the distance the loudest person could shout, and doing so by means of electrical signals. Finding a way to quantify that signal and turn it into a value that represented the perceived volume of the original sound was crucial to design a system that could faithfully transmit it.

Given the nature of their network, the early telephone pioneers efforts at sound level metering were based on line losses over a standard mile of cable. Meters calibrated to this standard made it easy for them to adjust their vacuum tube repeaters to compensate for the speech power loss over a known length of wire.

As radio became commercialized and more widespread, the correlation between sound levels and loop length began to make less sense. In the 1920s, radio and telephone engineers began to converge on a better solution. The transmission unit (TU) was used to measure the power ratio between two different sound sources. Its a logarithmic measure, and as such better reflects how the human ear perceives sounds. The TU measurement also had the advantage of being usable at any frequency since it doesnt factor in the inductance and capacitance of a miles-long loop of wire.

Many TU meters were marketed over the 1920s and 1930s to sound engineers, whose ranks swelled when the film industry introduced talkies. There was no real standardization, however, and it was becoming increasingly hard to compare sound levels between industries, and often between different pieces of sound equipment. In the late 1930s broadcasters, motion picture companies, and the telephone industry all got together to hammer out a standard that could be used for all audio signal measurement needs. They dubbed the new measurement Volume Units, and the VU meter was born.


Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Thursday, 09 August


Security updates for Thursday

Security updates have been issued by Arch Linux (kernel, linux-hardened, linux-lts, and linux-zen), Debian (kamailio and wpa), Fedora (kernel-headers, kernel-tools, moodle, and vim-syntastic), and openSUSE (clamav, enigmail, and java-11-openjdk).


The Poop of 100,000 Cows May be to Blame for a Deadly Romaine Lettuce E. Coli Outbreak SoylentNews

Arthur T Knackerbracket has found the following story:

Manure from a high-density cattle farm that holds upward of 100,000 cows may have been the source of a deadly Escherichia coli strain that found its way onto romaine lettuce and caused a massive outbreak earlier this year. That's according to a new hypothesis announced this week by the Food and Drug Administration.

The bacterium behind the outbreak was a particularly nasty strain of Shiga toxin-producing Escherichia coli O157:H7 that produces only Shiga toxin type 2 (Stx2), the more toxic of two types of toxins E. coli tends to carry. Stx2 causes cell death, triggers immune responses, and leads to the destruction of red blood cells, which can damage the kidneys.

Such Shiga-toxin producing E. coli are shed from the guts of animals (particularly cattle) and are spread by feces.

Traceback investigations by federal authorities linked the illnesses to romaine lettuce grown in the Yuma region of Arizona. Further work found that the outbreak stain was present in canal water running along farms. That pointed experts to the idea that tainted canal water was used for irrigation, literally showering crops with deadly germs.

In the new update, the FDA notes that a Concentrated Animal Feeding Operation (CAFO) is located nearby to a cluster of romaine lettuce farms. Such high-density farms are notorious for causing water quality issues. Thus, poopy runoff from the CAFO may have contaminated the canal water, which then made its way onto vegetables directly through irrigation or some other indirect route. The FDA noted that it has been pondering other hypotheses, but it didn't outline what those were.

-- submitted from IRC

Original Submission

Read more of this story at SoylentNews.


Why I Want To Put a Kindle in Space Lifeboat News: The Blog

If an earthbound technology might be revolutionary in space, what does it take to find out?


Theres a global divide in how organizations assess cyber risk Help Net Security

Nearly 48 percent of organizations globally have embraced strategic vulnerability assessment defined as mature or moderately mature programs that include targeted and tailored scanning and prioritizing computing resources based on business criticality as a foundational element of their cyber defense and a critical step toward reducing risk, a new Tenable report has revealed. Of those organizations, however, only five percent display the highest degree of maturity, with comprehensive asset coverage as a cornerstone More

The post Theres a global divide in how organizations assess cyber risk appeared first on Help Net Security.


MLB and NFL fans submit their faces and fingerprints to buy food, beer and tickets MassPrivateI

If you still value your privacy, I urge you to stay away from major league sporting events.

Yesterday, CLEAR biometrics announced that they have installed biometric fingerprint scanners at Seattles CenturyLink and Safeco Fields concession stands.

But the story does not end there.

The video also revealed that MLS's Sounders FC team is using biometrics to spy on fans.

None of this should come as a surprise to soccer fans. Earlier this week Russia revealed that they used SITA's facial recognition to spy on 1.2 million World Cup fans.

"Moscow Domodedovo Airport  and technology provider SITA today summed up the success of new automated gates which were introduced for passengers in time for the 2018 World Cup. In just over a month around the championship, more than 1.2 million passengers took advantage of the new technology to speed their way through the airport."

Last month, CLEAR announced that they have installed facial recognition scanners in at least twelve Major League Baseball stadiums.

In March of this year, I warned everyone that major league sports teams were using CLEAR's TSA PreCheck to spy on fans. And last year I warned people that the Lincoln Motor Company was installing "complimentary" TSA PreCheck scanners in all their new vehicles so fans can gain entry into stadiums.

But now things are about to get worse, much worse.

Smile when submitting your biometrics


Facebook launches AR games for Messenger app TechWorm

Facebook adds augmented reality (AR) games to its Messenger app

Facebook is known for copying Snapchats features for its social media platforms. And, the social media giant has done it yet again!!! Facebook in a blog post yesterday announced a new feature in Messenger app for its users that makes connecting with friends in video chat even more fun and competitive. Facebook has added augmented reality (AR) games in video chats of its Messenger app. This feature allows up to six people to play the AR games at a time via video chat.

For the moments when we cant be together IRL, Messenger video chat helps you connect in real-time with the people you care about most. Today were excited to make connecting with your friends in video chat even more fun and competitive! with multiplayer video chat AR games, Facebook said in the announcement on Wednesday.

Currently, there are two AR games, Dont Smile and Asteroid Attack that are available to play. These games test each players ability to steer a spaceship using their face.

With this feature starting to roll out today, you can challenge your friends around the world to two games: see who can hold a serious face the longest with Dont Smile, or see who can better navigate their spaceship with Asteroids Attack, the social media giant said.

Facebook also plans to roll out more games in the coming weeks and months. One of them is called Beach Bump, where players get to pass a beach ball back and forth, while another one is a matching cat game called Kitten Kraze.

Facebooks new feature is very much like one of Messengers chief competitor, Snapchats Snappables the lens-based games inside the Snapchat camera, that was launched in April this year. Snappables allows the user to use touch, motion, and facial expressions to compete for high scores or in literal head-to-head multiplayer match-ups. Some of the first Snappables previewed by Snapchat include an Asteroids-style space shooter, a weightlifting one you play by straining your forehead, a bubble gum popping contest, an egg-catching competition, a kiss-blowing game, and a dance party.

What do you think about Facebooks new AR games feature in Messenger app? Do let us know in the comment...


Cyber hygiene: Where do organizations fall behind on basics? Help Net Security

Tripwire released its State of Cyber Hygiene report, which examined how organisations are implementing security controls that the Center for Internet Security (CIS) refers to as cyber hygiene. The survey found that almost two-thirds of the organisations admit they do not use hardening benchmarks, like CIS or Defense Information Systems Agency (DISA) guidelines, to establish a secure baseline. These industry standards are one way to leverage the broader community, which is important with the resource More

The post Cyber hygiene: Where do organizations fall behind on basics? appeared first on Help Net Security.


Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Open Source Security

Posted by Solar Designer on Aug 09


A co-moderator had rejected Stiepan's message since it "does not provide
any additional content to oss-security readers". I'm also unhappy about
that, as well as about the focus on legal aspects in Stiepan's postings
in here in general. However, the message raises an on-topic question
(the request for more detail) and brings up an on-topic issue (the
semi-embargo potentially causing harm). I feel strongly about us...


Photo gallery: Black Hat USA 2018 Help Net Security

Black Hat USA 2018 is underway at Las Vegas. Here are a few photos from the Business Hall and the Arsenal. Featured companies: ZeroFOX, LogRhythm, Qualys, Rapid7, Irdeto, Whitesource, Bitdefender, Splunk.

The post Photo gallery: Black Hat USA 2018 appeared first on Help Net Security.


Direct3D 9 Support Proposed For DXVK Phoronix

DXVK has been doing great with its Direct3D 11 support mapped to Vulkan and running a variety of games at performant speeds under Wine while now patches have emerged that would add Direct3D 9 support too...


BIND DNS software includes a security feature that could be abused to cause DoS condition Security Affairs

The Internet Systems Consortium (ISC) announced the presence of a serious flaw in the BIND DNS software that can be exploited by remote attackers to cause a denial-of-service (DoS) condition.

The vulnerability tracked as CVE-2018-5740 was discovered by Tony Finch of the University of Cambridge. The flaw has been assigned a CVSS score of 7.5, the expert pointed out that the flaw only affects servers that have on a feature called deny-answer-aliases enabled. The good news is that this specific feature is disabled by default.

The deny-answer-aliases feature is was implemented to help recursive server operators protect users against DNS rebinding attacks. The DNS rebinding arracks allow any website to create a dns name that they are authorized to communicate with, and then make it resolve to localhost. A remote hacker to abuse the targeted users browser to directly connect with hosts on the local network and exploit flaws in these systems.

deny-answer-aliases is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers.  However, a defect in this feature makes it easy, when the feature is in use, to experience an INSIST assertion failure in name.c. states the security advisory published by the ISC.

Accidental or deliberate triggering of this defect will cause an INSIST assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients.  Only servers which have explicitly enabled the deny-answer-aliases feature are at risk and disabling the feature prevents exploitation.

BIND DNS software

The vulnerability affects BIND versions 9.7.0 through 9.8.8, 9.9.0 through 9.9.13, 9.10.0 through 9.10.8, 9.11.0 through 9.11.4, 9.12.0 through 9.12.2, and 9.13.0 through 9.13.2.

The ISC has issued a security patch that is implemented in versions 9.9.13-P1...


Microsoft Will Continue Skype 'Classic' Support After Negative Customer Feedback SoylentNews

The death of Skype 7 (or Skype classic) has been delayed, following "customer feedback", according to Microsoft.

The message that was left on the original post, as reported by Microsoft blog Thurrott, was simple: "Thanks for all your comments - we are listening." A Microsoft spokesperson told CNET they have nothing more to share beyond the blog post at this time.

[...] It appears, for now, that Skype classic will continue being supported -- at least until Microsoft can transplant much-loved features to its updated version.

Original Submission

Read more of this story at SoylentNews.


Linux Deep Learning Expands: Answer Is Still 42

The Linux Foundation Deep Learning Foundation (LF DLF) has announced five new members: Ciena, DiDi, Intel, Orange and Red Hat.

As an umbrella organization of The Linux Foundation itself, the LF DLF supports and sustains open source innovation in Artificial Intelligence (AI), Machine Learning (ML) and Deep Learning (DL).


IoT security: Lessons we can learn from the evolution of road safety Help Net Security

I was recently chatting with my father about his life as a young boy growing up in rural Ireland in the middle of the last century, and the conversation moved onto cars and how when he was young cars were a relatively new technology. In the world we know today, road safety is carefully enforced to the point where we take it for granted. But it wasnt always thus. People simply werent aware of the More

The post IoT security: Lessons we can learn from the evolution of road safety appeared first on Help Net Security.


More OpenGL Extensions For RadeonSI Are The Latest In A Flurry Of Interesting Activity Phoronix

Marek Olk has continued his busy work on the RadeonSI Gallium3D driver by implementing more extensions and adjusting various limits/constants to match the behavior of their proprietary driver...


26.5 million Comcast Xfinity customers had their partial home addresses and SSNs exposed by sloppy security Graham Cluley

Poor security measures have reportedly put the personal details of over 26.5 million Comcast Xfinity customers at risk, a researcher has revealed.

Read more in my article on the Tripwire State of Security blog.


DXVK Introducing Per-Game Configuration Files Phoronix

While DXVK is capable of running a great deal of Direct3D 11 games via Vulkan within Wine, a number of games have required various workarounds for either getting the game to properly work in the first place or to run efficiently. Those per-game settings are now being punted off into a per-game configuration system...


Re: Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Open Source Security

Posted by Stiepan on Aug 09


Could you please provide some more details on the issue? About the same period, our secure e-mail provider suffered an
unprecedented DDoS with some e-mail messages never reaching us.
Since this has business impact, we consider legal action against the opaque Linux-distros
vulnerability-disclosure-among-friends-for-fun-and-profit scheme, that we exposed at the ITU earlier this year. This is
digital divide in the works, with real impact for...


Reverse Engineering a DNA Sequencer Hackaday

Improvements in methodology have dramatically dropped the cost of DNA sequencing in the last decade. In 2007, it cost around $10 million dollars to sequence a single genome. Today, there are services which will do it for as little as $1,000. Thats not to bad if you just want to examine your own DNA, but prohibitively expensive if youre looking to experiment with DNA in the home lab. You can buy your own desktop sequencer and cut out the middleman, but they cost in the neighborhood of $50,000. A bit outside of the experimenters budget unless youre Tony Stark.

But thanks to the incredible work of [Alexander Sokolov], the intrepid hacker may one day be able to put a DNA sequencer in their lab for the cost of a decent oscilloscope. The breakthrough came as the result of those two classic hacker pastimes: reverse engineering and dumpster diving. He realized that the heavy lifting in a desktop genome sequencer was being done in a sensor matrix that the manufacturer considers disposable. After finding a source of trashed sensors to experiment with, he was able to figure out not only how to read them, but revitalize them so he could introduce...


EmuParadise Removes ROMs After Nintendo Sued Other ROM Sites SoylentNews

Retro game repository EmuParadise says it's finished distributing ROMs

Nintendo has had enough of pirates and the websites that enable them, like EmuParadise. After shutting down a handful of sites and a Game Boy Advance emulator on GitHub in July, the publisher has seemingly done the work to convince EmuParadise to shut down. This massive online library of downloadable old games started 18 years ago, and up until this moment it hosted nearly complete libraries of games for various consoles that you could download and play on emulators.

Playing ROMs, as these game files are often referred to as, on an emulator exists in a legal gray area, but distributing these copyrighted works for download on the internet is obviously and clearly illegal. But Nintendo and other publishers have mostly avoided investing resources in tracking down and enforcing its legal right in many of these cases over the last couple of decades. For Nintendo, however, something has changed, and it is cracking down. And EmuParadise has confirmed that it is going to do what it must to avoid facing legal action.

"We will continue to be passionate retro gamers and will keep doing cool stuff around retro games, but you won't be able to get your games from here for now," reads an EmuParadise blog post. "Where we go with this is up to us and up to you."

Read-only memory (ROM) image.

Also at Kotaku and TechCrunch.

Previously: Nintendo Sues ROM Sites

Original Submission

Read more of this story at SoylentNews.


Tribune backs out of $3.9B Sinclair merger The Hill: Technology Policy

Tribune Media has backed out of its proposed $3.9 billion merger with Sinclair Broadcast Group and said it will be filing a lawsuit against the broadcasting giant for allegedly breaching their merger agreement.In an announcement early Thursday...


OpenSUSE Kubic Shifts Focus Following Self-Reflection Phoronix

OpenSUSE's Kubic project that has been home to their container-related technologies as well as the atomicly-updated openSUSE "MicroOS" will be making some changes...


Some Problematic Laptops On Linux Will Soon Stop Making Loud Noises When You Reboot Phoronix

Shortly after writing about the Sound Blaster Recon3D finally getting Linux support yesterday, a Phoronix reader pointed out another frustrating Linux sound problem with a resolution on its way to the mainline Linux kernel...


WPA3: How and Why the Wi-Fi Standard Matters

Wi-Fi Protected Access II, or WPA2, is the standard behind wireless security networking. It protects users everywhere, from coffee shops to college campuses to corporate headquarters. WPA2 may be the most widespread security standard in the world that ordinary people encounter.


Spider Web Gene Inserted Into Silkworms SoylentNews

Researchers insert a spider web gene into the silkworm

Spider silk is a bit of a dream material, stronger than steel by some measures yet incredibly light and flexible. Obtaining spider silk, however, is a bit of a nightmare, as most spider species are both extremely territorial and prone to cannibalism. While we have managed to identify the genes that are needed to produce silk, inserting those into other species hasn't worked out especially well, since silk formation depends on fairly precise mixtures of several proteins, as well as how the spider extrudes the fiber.

A Chinese group is now reporting some progress in overcoming at least some of these challenges. Their trick was to insert the genes into a domesticated species that already makes something like spider silkspecifically, the species that gave us the term silk. The new bit of genetic engineering has resulted in a silkworm that produces a hybrid silkworm/spider material that's not as tough but is a bit stretchier than native spider silk.

[...] They designed proteins that would cut the silkworm's chromosomes on either side of a gene that encodes a major silk protein. RNA encoding those proteins was injected into silkworm eggs, along with a DNA template that would allow the egg to repair the chromosome by inserting a spider silk gene instead. This put the spider gene under the control of the factors the silkworm normally uses to create silk proteins, which worked much better, as about 35 percent of the resulting silk was composed of the spider protein.

[...] The silk itself was also slightly different, shrinking in diameter by about 16 percent. Its ability to withstand stress without breaking was down by a similar percentage. But there were some good features; the spider-silkworm hybrid silk could be stretched to about 1.5 times the length that normal silk could without breaking.

Mass spider silk production through targeted gene replacement in Bombyx mori (open, DOI: 10.1073/pnas.1806805115) (DX)

Original Submission

Read more of this story at SoylentNews.


The Beginning of a Wave: A.I. Tiptoes Into the Workplace Lifeboat News: The Blog

Artificial intelligence software is making its presence felt in subtle ways, in an unglamorous place: the back office.


VK9 - Direct3D 9 Over Vulkan - Completes 27th Milestone Phoronix

It's not nearly as far along as DXVK that is allowing D3D11-over-Vulkan and already running great numbers of games in a performant manner under Wine, but the VK9 project for implementing Direct3D 9 over Vulkan has now hit its twenty-seventh milestone...


Perception Point launches anti-malware solution for shared drives Help Net Security

Perception Point announced the launch of an Advanced Shared Drive Security solution for OneDrive, SharePoint, Dropbox, Google Drive and Box. Cloud-based shared drive applications are essential productivity tools in todays enterprise environment. Despite widespread adoption, the majority of these platforms lack the security measures that have been instrumental in securing email, endpoints and networks, creating security blind spots that pose a cybersecurity risk. According to market research, 81% of IT decision makers consider shared drive More

The post Perception Point launches anti-malware solution for shared drives appeared first on Help Net Security.


Ziften adds AV to the Zenith endpoint protection platform to stop attacks Help Net Security

Ziften announced its Zenith endpoint protection platform now includes AV protecting all enterprise endpoints from known and unknown targeted attacks. Ziften helps enterprises simplify endpoint protection plus visibility. Zenith is the cyber security platform that provides one agent for all endpoints laptops, desktops, servers, and cloud preventing multi-vector attacks with advanced AV, detection and response, plus visibility and hardening. Attackers have created a criminal industry by attacking vulnerable enterprise endpoints. And traditional AV More

The post Ziften adds AV to the Zenith endpoint protection platform to stop attacks appeared first on Help Net Security.


Bugcrowd University to provide hands-on training for security researchers Help Net Security

Bugcrowd announced the launch of Bugcrowd University to educate and empower the crowd with the latest skills and methodologies. The first advanced program of its kind, Bugcrowd University provides researcher education and training to improve the state of application security training, community engagement and content delivery. Bugcrowd University is free and open to all security researchers not just those on the Bugcrowd Platform. In the last few years, organizations around the world have witnessed More

The post Bugcrowd University to provide hands-on training for security researchers appeared first on Help Net Security.


Capsule8 secures $15M in Series B round Help Net Security

Capsule8 announced it has secured its $15M Series B round of funding. The round, led by ClearSky Security, also features participation from Bessemer Venture Partners, Rain Capital and strategic investors. The round brings total funding to $23.5M and will be used to scale Capsule8s engineering organization and fuel sales efforts of the Capsule8 platform. We are incredibly impressed with the momentum of Capsule8 and the market traction they have already made since their product launch More

The post Capsule8 secures $15M in Series B round appeared first on Help Net Security.


NASA picks 13 companies to envision the future of orbital human spaceflight Lifeboat News: The Blog

Thirteen companies, including Boeing and Amazon billionaire Jeff Bezos Blue Origin space venture, will be doing studies for NASA on the future of commercial human spaceflight in low Earth orbit.

All of the studies are due in December, and are supposed to cost no more than $1 million each. NASA still has to negotiate the contract amounts with the study groups, but it expects the total cost of the effort to come in at around $11 million.


Results of 3D-Printed Cylinder Head Testing Fail to Surprise Hackaday

Its the suburbanistas weekend nightmare: youre almost done with the weekly chores, taking the last few passes with the lawn mower, when you hear a pop and bang. The cylinder head on your mower just blew, and youre out of commission. Or are you? Youve got a 3D printer couldnt it save the day?

If this bench test of plastic cylinder heads is any indication, its possible just as long as youve only got 40 seconds of mowing left to do. [Project Farm] has been running all sorts of tests on different materials as field-expedient cylinder heads for small gasoline engines, using everything from JB Weld epoxy to a slab of walnut. For this test, two chunky heads were printed, one from ABS, of the thermochromic variety apparently, the other in PLA. The test went pretty much as expected for something made of thermoplastic exposed to burning gasoline at high pressure, although ABS was the clear winner with two 40-second runs. The PLA only lasted half as long before the spark plug threads melted and the plug blew out. A gasket printed from flexible filament was also tested, with predictably awful results.

As bad as all this was, it still shows that 3D-printed parts are surprisingly tough. Each part was able to perform decently under a compression test, showing that they can stand up to pressure as long as theres no heat. If nothing else, it was a learning experience. And as an aside, the cylinder heads were printed by [Terry] from the RedNeckCanadians YouTube channel. That video is worth a watch, if just for a few tips on making a 3D-printed copy of an object.


Researchers find vulnerabilities in WhatsApp that allow to spread Fake News via group chats Security Affairs

WhatsApp has been found vulnerable to multiple security flaws that could allow malicious users to spread fake news through group chats.

WhatsApp, the most popular messaging application in the world, has been found vulnerable to multiple security flaws that could allow malicious users to intercept and modify the content of messages sent in both private as well as group conversations.

Researchers at security firm Check Point have discovered several vulnerabilities in the popular instant messaging app Whatsapp, the flaws take advantage of a bug in the security protocols to modify the messages.

An attacker could exploit the flaws to intercept and manipulate messages sent by those in a group or private conversation as well as create and spread misinformation.

The issues affect the way WhatsApp mobile application communicates with the WhatsApp Web and decrypts the messages using the protobuf2 protocol.

The flaws allow hackers to abuse the quote feature in a WhatsApp group conversation to change the identity of the sender, or alter the content of members reply to a group chat, or send private messages to one of the group members disguised as a group message.

Experts pointed out the that flaws could not be exploited to access the content of end-to-end encrypted messages and in order to exploit them, the attackers must be already part of group conversations.

Check Point researchers have discovered a vulnerability in WhatsApp that allows a threat actor to intercept and manipulate messages sent by those in a group or private conversation. reads the blog post published by the experts.

The vulnerability so far allows for three possible attacks:

  1. Changing a reply from someone to put words into their mouth that they did not say.
  2. Quoting a message in a reply to a group conversation to make it appear as if it came from a person who is not even part of the group.
  3. Sending a message to a member of a group that pretends to be a group message but is in fact only sent to this member. However, the members response will be sent to the entire group.

The experts demonstrated the exploitation of the flaws by changing a WhatsApp chat entry sent by one member of a group.

Below a video PoC of the attack that shows how to modify WhatsApp Chats and implements the three different attacks.

The research team from CheckPoint researchers (Dikla Barda, Roman Zaikin, and Oded Vanunu) developed a custom extension for...


Beijing-Tianjin Train Reaches 350 km/h (217 mph) SoylentNews

Xinhua reports:

China on Wednesday increased the maximum speed of bullet trains on the Beijing-Tianjin high-speed railway to 350 km per hour (kph), reducing the inter-city travel time by five minutes.

The route now runs a Fuxing (Rejuvenation), the newest bullet train model developed in China.

The increase will shorten travel time between Beijing South Railway Station and Tianjin Railway Station from 35 minutes to 30 minutes with no price difference in fares.

Original Submission

Read more of this story at SoylentNews.


Knot Resolver 2.4.1 security release Open Source Security

Posted by Petr paek on Aug 09


this is copy of e-mail for distros@ mailing list.

I apologize for delay between release and this post.
Petr paek @ CZ.NIC

-------- Forwarded Message --------
Subject: [vs] Knot Resolver 2.4.1 security release + CVE request
Date: Wed, 1 Aug 2018 16:47:14 +0200
From: Petr paek <petr.spacek () nic cz>
Organization: CZ.NIC
To: distros...


Online Censorship in Full Swing as Vaccine Recall Scandal Erupts in China Terra Forming Terra


The only thing good in this public scandal is that it has become public.   The scam itself proved safe enough but that is no consolation when the next round can kill thousands.

The whole vaccination protocol has turned into a cash grab free for all regardless of the effectiveness or lack thereof.  We really have to be highly suspicious in the current environment.

Add in the questionable science that launched it all and our lack of curiosity, the whole approach needs to be rigorously investigated using modern approaches and a lack of bias.


Online Censorship in Full Swing as Vaccine Recall Scandal Erupts in China

By Frank Fang, Epoch Times

July 23, 2018 10:22 pm Last Updated: July 26, 2018 1:54 am

A Chinese man holds his son as a nurse administers an injection at a hospital in Hefei, Anhui Province on April 7, 2010. (STR/AFP/Getty Images)

Chinas censorship regime is in full swing after another domestic vaccine scandal caused an uproarparticularly as details have emerged of an apparent coverup by the Chinese pharmaceutical company involved and an egregious oversight by the Chinese authorities.

On July 19, Changsheng Bio-Technology, a biotech company based in Changchun City, the capital of northeastern Chinas Jilin Province, announced on its website that its fully owned subsidiary, Changchun Changsheng Bio-technology, had been fined by the Jilin Food and Drug Administration for manufacturing and selling substandard doses of DTap vaccinea combination vaccine for young children to develop immunity against diphtheria, pertussis, and tetanus, according to a July 21 report by the state-run National Business Daily.

After a randomized testing, it was revealed that over 253,330 doses of the DTap vaccine manufactured by Changchun Changsheng were substandard. However, the administrations findings came a little too late, as most of the faulty dosesabout 252,600had already been sold and shipped to the Shandong Province disease control and prevention center in eastern China.

The Jilin FDA confiscated the remaining 186 doses of the substandard DTap vaccine still in Changchun Changshengs possession...


Rediscovering A Lost Method Of Preserving Strawberries with john townsend. Terra Forming Terra

 The chopped strawberries are preserved with sugar and chopped raisin.. The sugar draws out the moisture to produce a thick syrup along with shrunken strawberries and softened raisins.  This is a really neat product that deserves revival.

It can be served as a sweet chutney and also used as an ingredient in baking.  Also think that this product may well be superior to frozen berries which are best served by grinding up or cooking anyway.

My experience with frozen raspberries and frozen strawberries has always been that they were a poor compromise and took effort to improve.  This product, even stripped of the raisins and surplus syrup could be quite nice. 

Again an aging process takes place here in which the water is drawn out.  This could even be successfully dried as well.



China's 'livestock revolution' demands 'new transition' Terra Forming Terra


This is interesting as it puts Chins in the forefront of countries that must optimize sustainability in animal husbandry.  All this remains recently engineered solutions that are av long way from been optimized at all.  The whole waste problem is proof of that.

Do recall that all traditional forms of agriculture generally are sustainable even if they are also problematic in the long term.  After all inefficient goat management likely created the Sahara Desert and desertified the entire Middle East during the Bronze Age.  Reversing all that will open up lands for several billion farmers.

China does have difficulties, however the lands are generally well watered and corrective measures will easily wash through the systems...

 China's 'livestock revolution' demands 'new transition'

Public Release: 19-Jul-2018

The phenomenal growth in livestock farming in China, making it the world's largest producer in...


A Bronze-Age Sword Found In Denmark Is Still Sharp 3,000 Years Later Terra Forming Terra

This sword is literally from the time of the Iliad and the Trojan War.  Its mere existence proves a robust Bronze Age heroic culture.  Recall that work by the writer DaVinci  showed that the whole Trojan narrative is properly located in the Baltic right down to identifying all the listed towns in the proper order.
It all happened one generation before the climate collapse of 1159 BC drove all out of the Baltic population overland to Greece and by sea as the Sea Peoples to then grab Greece and the Levant.
Otherwise the sword is wonderful.  It represents great smithing skill and the fact it is intact is extraordinary.  Love to see if the copper in from Lake Superior..

A Bronze-Age Sword Found In Denmark Is Still Sharp 3,000 Years Later

By Kara Goldfarb

Published July 16, 2018

This ancient sword found on an island in Denmark is incredibly well-preserved despite being over 3,000 years old.

Sren Kiehn/Museum VestsjllandMuseum inspector Arne Hedegaard Andersen holds the discovery.

Two locals from Zealand, the largest island of Denmark, decided to take an evening stroll through a field in the small western town of Svebolle. The choice to take their metal detector along with them was a fortuitous one, as it would help them uncover a major find.

After the machine alerted Ernst Christiansen and Lis Therkelsen to something below ground, the two amateur archaeologists started digging.

Some 30 centimeters down, they hit what looked like the end of a sword. Christiansen and Therkelsen contacted Museum Vestsjlland a group of 11 local museums that cover the archaeological excavation and conservation of regions in the area who revealed that the discovery was a 3,000-year-old sword from the Nordic Bronze age. It was also a testament to the craftsmanship of the people in Scandinavia...


Academy Awards Adds "Popular Film" Category, Shortens TV Broadcast by Cutting Out Some Awards SoylentNews

Academy Adds Popular Film Oscar Category in Desperate Ratings Move

At the Academy of Motion Picture Arts and Sciences Board of Governors meeting on Tuesday night, the 54 governors voted to add a new category to the Oscars. Per tradition, some 7,000 Academy voters, experts in their field, voted in by their colleagues, will weigh in on the best films of the year in 24 categories covering the crafts of moviemaking, from cinematography to sound, as well as the four acting categories, directing, writing, animation, foreign language, documentary, and fiction shorts and features.

But this year there will be one more: Best Popular Film. The Academy is bowing to pressure from ABC, which is anxious about historic low ratings for its telecast. The next Oscars will air on February 24, 2019 and, in 2020, will move up from February 23 to February 9, the earliest date ever, in a bid to jump ahead of multiple rival awards showswhich will, in turn, move ahead of the Oscars. (In the early days of its history, the Oscars were held in May, moved to April and March, then February.)

The Board also finally succumbed to building pressure to keep the show to three hours and not present live some of the less sexy craft categories, following the lead of other awards shows like the Tonys. (Sexy categories like Sound Mixing and Editing will be presented live during commercial breaks, then edited into the show.) This also serves to undermine the integrity of these annual global awards, which may be losing relevance as a mainstream shared event, but are still revered by cinephiles around the world.

Also at Vanity Fair, Vulture, Slate, Variety, and Collider.

See also: Oscars Slammed by Film Journalists for Creating 'Best Popular Film' Category, Especially in the Year of 'Black Panther'

Original Submission



CVE-2018-5740: A flaw in the "deny-answer-aliases" feature can cause an INSIST assertion failure in named Open Source Security

Posted by Michael McNally on Aug 08

Earlier today ISC disclosed CVE-2018-5740, involving a potential
denial-of-service vector in an uncommonly-used feature of BIND.

Our official security advisory document is posted in the ISC Knowledge Base
at this URL: but for your convenience
the text is provided below.

Patched versions of BIND are available from

Michael McNally
ISC Security Officer


A rarely-used...


NEW 'Off The Hook' ONLINE 2600 - 2600: The Hacker Quarterly

NEW 'Off The Hook' ONLINE

Posted 09 Aug, 2018 5:07:54 UTC

The new edition of Off The Hook from 08/08/2018 has been archived and is now available online.


Mechanical Issues For A Pi CNC Hackaday

The Raspberry Pi platform has become popular in the maker community for various CNC projects. The single board computers are readily suited to acting as a server for a small CNC setup or 3D printer, though its fair to say that for heavy work they probably arent quite up to the task of driving the steppers in a serious rig directly. [Danny] set out to try to build a CNC plotter of his own, using a Pi Zero, and learned a few things along the way.

The plotter uses 3D printed parts combined with brushed DC motors which are geared down. Potentiometers are added to allow the Pi to keep track of the location of the pen. This enables the position to be corrected through feedback.

While the plotter does move and accept commands, it does have some issues. There is significant play in the gear train which [Danny] suspects of causing the poor output results. If youve got any ideas as to how this could be improved or overcome, throw them down in the comments!

Weve seen another take on CNC control with the Raspberry Pi, too. Video after the break.


[SECURITY] [DSA 4267-1] kamailio security update Bugtraq

Posted by Salvatore Bonaccorso on Aug 08

Debian Security Advisory DSA-4267-1 security () debian org Salvatore Bonaccorso
August 08, 2018

Package : kamailio
CVE ID : CVE-2018-14767



Security vs. Utility: Talking about regulation TechWorm

Raising capital with ICOs (Initial Coin Offerings) has become very popular: in 2017 alone, ICOs has raised a combined $3.7 billion. Projects using this model typically raise capital by issuing digital tokens on a blockchain and distributing them to investors for a financial contribution. Such crypto tokens represent a virtual store of value, which can be transferred via peer-to-peer networks and may serve different functions. Depending on their role, crypto tokens may be broadly subdivided into two major types: utility tokens and security tokens.

Utility tokens are used for granting access to a companys products or services or entitle their holders to be a part of an ecosystem where this token acts as a native currency. Utility tokens are not designed for investments and this leads to a lack of security regulations.

Security tokens derive their value from an external, tradable asset and share specific characteristics with regular financial instruments which are subject to security regulations. The commonly known characteristics are the representation of ownership and entitlement to the residual cash flows generated by the digital enterprise. When the token is classified as a security, it may represent shares of company stock.

Utility Token Can Mean Scam All Too Often

A recent study conducted by Satis Group LLC, a premier ICO advisory company, states that over 80 percent of all ICOs are fraudulent. As mentioned, utility tokens are not subject to the same regulatory requirements as security tokens, which opens up a broad field of opportunities for fraudsters of all kinds. The absence of security can be shown as a sort of freedom during the ICOs marketing, but in fact, the token may easily turn out to be a scam. In most cases of fraud, tokens of such projects turn to dust. Investors are not protected from such situations at all. When a token is a utility token: all guarantees and agreements are in words, and if it turns out that a project has no intention of fulfilling development duties with the funds, theres no law or regulation to help the defrauded investors.

A security token, on the other hand, being subject to security regulations should satisfy legal requirements, thus theres much less of a chance a project with a token classified as a security would turn out to be a scam. Its also important to understand that a company cannot easily claim its tokens a security token. Security regulations are firm, an...


FDA Approves Impossible Burger "Heme" Ingredient; Still Wants to Regulate "Cultured Meat" SoylentNews

The Food and Drug Administration (FDA) has approved soy leghemoglobin as generally recognized as safe (GRAS) for human consumption:

Last August, documents obtained through a Freedom of Information Act request revealed that the FDA hadn't stomached the company's previous GRAS application. The agency concluded that soy leghemoglobina protein found in the roots of soybean plants that Impossible Foods harvests from genetically engineered yeast and uses to simulate the taste and bloodiness of meathad not been adequately tested for safety.

In the application, Impossible Foods argued that the iron-containing protein is equivalent to hemoglobin, an oxygen-carrying protein in red blood cells and commonly consumed in meat. Thus, the protein was safe, the company concluded. It went as far as conducting studies in rats to back up the claim. But the FDA noted that soy leghemoglobin had never been used as an additive before, and the organization wanted data showing that the protein was safe and not an allergen specifically for humans.

[...] At the time, the decision was a searing blow to Impossible Foods, which up until then had fired up the appetites of investors and top chefs alike and savored glowing publicity. Since the company's founding in 2011, big names such as Bill Gates and Google Ventures served up more than $250 million in startup funds, and the impossible patty sizzled on the menus of such high-end restaurants as Momofuku Nishi in New York and Jardinire in San Francisco. The soy leghemoglobin was a big part of that hype, with the company touting it as its "secret sauce."

But the FDA's gut check didn't knock Impossible Foods off the market; it just left a bad taste. In fact, the company wasn't even required to submit its GRAS application to begin with due to the controversial way in which the FDA oversees food additives and GRAS designations. Under the 1938 Food, Drug and Cosmetic Act and the 1958 Food Additives Amendment, the FDA allows food companies and their hired consultants to internally test and determine a GRAS designation of a potential new additive all on their own. They can start using it without getting approval from the FDA or even notifying the agency. The FDA only steps in after the fact if problems arise.

Impossible Foods' FAQ says "the heme molecule in plant-based heme is atom-for-atom identical to the heme molecule found in meat". Heme is a component of soy leghemoglobin consisting of an iron atom bound in a porphyrin ring.



Nintendo ROM Fallout: EmuParadise Terminates All Game Downloads TorrentFreak

Retro gaming is a pastime and passion for countless thousands of nostalgia freaks all over the world but for gaming giant Nintendo, its a huge problem apparently.

Last month, the Japanese company flexed its muscles by filing a complaint at a federal court in Arizona, targeting and for copyright and trademark infringement.

The sites, believed to be operated by Jacob Mathias and his company Mathias Designs LLC, offered access to a wide variety of ROMs, including those relating to many Nintendo games.

The LoveROMs and LoveRETRO websites are among the most open and notorious online hubs for pirated video games, Nintendo wrote in its complaint.

Through the LoveROMs and LoveRETRO websites, Defendants reproduce, distribute, publicly perform and display a staggering number of unauthorized copies of Nintendos video games, all without Nintendos permission.

Both sites are currently down and displaying messages indicating they probably wont be back. This development was met with disappointment from the emulator community but now theres the inevitable problem of fallout and yet more bad news for retro fans.

In an announcement Wednesday, EmuParadise, one of the webs longest standing emulator and ROM download portals, revealed that it will no longer be offering game ROMs for download. The news came in a heartfelt announcement by its founder MasJ, who explained that hed pumped nearly two decades of his life into the project.

Many of you are aware that the situation with regards to emulation sites has been changing recently. What you probably dont know is that we at EmuParadise have been dealing with similar issues for all 18 years of our existence, he wrote.

From receiving threatening letters in the early days to our hosts suddenly shutting down our servers due to complaints, weve seen it all. Weve always complied with takedown requests but as you can see, that is no guarantee of anything.

MasJ says that having grown up in India, he never got to play any retro games. However, his love for the genre meant that he wanted others to join in, something which led to the creation of EmuParadise and the building of a like-minded team around the platform.

While the legal eagles out there might argue that ROM sites are illegal, this clinical view mostly fails to factor in the allure of retro games many of them abandoned, many long forgotten and the passion they generate among the faithful. MasJ...


Stranger Places - Issue 63: Horizons Nautilus

It began like any normal pregame in the woods.

Naked, alone, hungover, a sweaty sleeping bag in the back of a dusty pickup truck, miles from civilization. Predawn in a narrow Utah river bottom, canyon country, early July. A Thermos of lukewarm coffee. Last nights empties scattered below the exhaust. I lie awake beneath ancient cottonwoods and the hulking black shadows of canyon walls, listening for bird song while running through the mornings survey variables in my head. Immediately identifiable onesravens, magpies, hawks, black bears, skunks, quicksandand harder to predict ones. Whether the temperatures will reach 104 degrees Fahrenheit before 11 a.m. Whether the down-canyon winds will exceed Category 4 (11-16 mph) on the Beaufort scale. How many cubic feet per second the river jumped overnight and how many decibels the increased current noise will affect acoustic detection probabilities. Im thinking contingencies. What to do if conditions become unsuitable. Where to go if I cant cross the river. How to get out alive, without cell service, if something goes wrong.

By 5:15 a.m., Im rereading the protocol by headlamp. A Natural History Summary and Survey Protocol for the Western Distinct Population Segment of the Yellow-billed Cuckoo. Im going over lookalikes and
Read More

Predators, Prey, and Vodka - Issue 63: Horizons Nautilus

Wrangel Island carries a certain profoundness, a divine story of a different sort. Life here is postapocalyptic, a kind of rebound. It portends the future.

My sponsor is Alexander Gruzdev, a big bear of a man with a nice smile, a throaty Russian accent, a Ph.D. in biology, and the ability to knock back a lot of vodka. Alexander is also the director of the Wrangel Island Reserve. He goes by Sasha, and is not the best communicator. On the occasions when Sasha tries to speak Englishwhich I appreciatemuch of his meaning is lost and so I dont know what to expect on Wrangel.

One thing I do know is that, as part of the forgotten Russia east of the Urals, it will be primitive. Ill be the Americanski in a beefy culture where tanks and testosterone rule. Its a place where songs blare I will drink your blood, and where a large poster of a topless woman is shamelessly displayed on the office wall of Wrangel Reserves deputy chief. Russians whove never visited the States hold Americans in little regard, assuming that theyre unable to hold their liquor, hike up a mountain, or skin out a deer.

The divine postapocalyptic:
Read More

When Climate Change Starts Wars - Issue 63: Horizons Nautilus

The Kyrgyz soldier stepped quietly out of the dark green bushes and swung his Kalashnikov rifle in the direction of our car. Another emerged and did the same. Their checkpoint was a skinny log dragged across a broken asphalt road heading toward an ethnic Uzbek village and the disputed waters of the Kasan-sai, a reservoir that irrigates the agricultural heartland of the ancient Fergana Valley. With a sleepy shake of his head, the special forces sergeant waved his rifle and made us turn our beat-up Mitsubishi around. There wont be any fighting here, the sergeant said.

At least not today. The quiet of the hot September afternoon was unbroken as we turned around and slowly ground off through the heat. Driving back the way we came through the parched foothills on the edge of the western Tian Shan range, a spur of the Himalayas, we did not pass any other cars.


But it has not always been this quiet. Throughout the spring and summer in 2016, tensions flared after ethnic Uzbek villagers and police blocked access to the reservoir and its water, which lies inside Kyrgyzstan. Uzbekistan drove armored personnel carriers into Kyrgyzstan, and both sides have captured and detained
Read More

Element TV Factory in South Carolina Shuts Down; Tariffs Cited as Reason SoylentNews

Trump's China Tariffs Claim Another Victim: A South Carolina TV Manufacturing Plant:

The tariffs imposed by President Trump have claimed more jobs, this time at a consumer-electronics manufacturing plant in South Carolina.

Element Electronics blamed tariffs on Chinese imports for its decision to shut down its manufacturing facilities in Winnsboro, SC, a town located about 30 miles north of the state's capital. The plant, which makes Element TVs, will maintain a skeleton crew of eight workers, as it hopes the shutdown will be temporary."

The news is especially hard for Winnsboro and its surrounding communities because of recent job losses in the area, including the shuttering of a Walmart store, the closing of a textile mill, and the cancellation of plans to construct two nuclear reactors.

Element notified the state's Department of Employment about its plans, according to Columbia-based The State newspaper, which first reported on the plant's closing. In its notification, Element stated, "The layoff and closure is a result of the new tariffs that were recently and unexpectedly imposed on many goods imported from China, including the key television components used in our assembly operations in Winnsboro."

Original Submission

Read more of this story at SoylentNews.


Star Wars Math Lifeboat News: The Blog

This may be the nerdiest thing Ive ever seen and I love it.


Worlds largest radio telescope Lifeboat News: The Blog

Over a million satellites working together to unlock the mysteries of the universe.


Upcoming Perseid Meteor Shower Will Decorate Sky Lifeboat News: The Blog

Watch this preview of the Perseid Meteror shower thatll blaze through the sky this weekend.


Facebook Wants to Teach Machine Learning Hackaday

When you think of technical education about machine learning, Facebook might not be the company that pops into your head. However, the company uses machine learning, and theyve rolled out a six-part video series that they say shares best real-world practices and provides practical tips about how to apply machine-learning capabilities to real-world problems.

The videos correspond to what they say are the six aspects of machine learning development:

  1. Problem definition
  2. Data
  3. Evaluation
  4. Features
  5. Model
  6. Experimentation

None of the videos are longer than 10 minutes, so youll invest less than an hour. The videos focus less on a specific product and more on the architecture and implementation strategies. Thats valuable, but this probably isnt your only machine learning tutorial.

Quite a bit of these videos cover things we think are pretty obvious engineering axioms applied to machine learning. For example, a recurring theme is that you need to have a way to evaluate the system and do testing to see that things you change are actually making things better. Still, there are some things that are specific to machine learning.

Facebook has been in the news a lot lately, mostly not in a good way.  However, their research arm quietly turns out things ranging from Torch a scientific computing framework with machine learning, to speech recognition and synthesis.

It seems like a lot of companies want to teach you about machine learning, including Google. You can even run TensorFlow in your browser.


ZS Mythos (3a/3): Twelve Foundation Stones Lifeboat News: The Blog Social Futurism & the Zero State.

This article is part of a series about the Mythos (worldview-narrative) underlying the Zero State (ZS). Part 1 is about our highest concept, ideal, and level of organization, which we call The Array. Part 2 explains the Sections & Sessions our core activity revolves around, and Part 3 (below) covers the Twelve Foundation Stones that form the basis of our story.

A previous article I wrote for Tnet mentioned the need for entertainment that gives people a strong sense of meaning and purpose in their lives, and introduced an idea known as the twelve Foundation Stones of the ZS-ARG Mythos . The Foundation Stones are the seeds of our unifying narrative. Each is the fragmentary initial story of one of the twelve ZS Houses, outlined very briefly below and spelled out in full in the forthcoming Black Book.

Before reading this article it is important to understand that it refers to the Zero State (ZS) Alternate Reality Game (ARG), and thus deals in metafiction. It is not a simple non-fiction article (obviously!) and will only make sense if you already know ZS, or follow some of the links above! This article draws with thanks upon text from the ZS wiki, some of which has been contributed by members of the various ZS Houses.


August Hailstorm Shallow Thoughts

We're still not getting the regular thunderstorms one would normally expect in the New Mexico monsoon season, but at least we're getting a little relief from the drought.

Last Saturday we had a fairly impressive afternoon squall. It only lasted about ten minutes but it dumped over an inch of rain and hail in that time. ("Over an inch" means our irritating new weather station stopped recording at exactly 1.0 even though we got some more rain after that, making us suspect that it has some kind of built-in "that can't be right!" filter. It reads in hundredths of an inch and it's hard to believe that we didn't even get another .01 after that.)

{Pile of hailstones on our deck} It was typical New Mexico hail -- lentil-sized, not like the baseballs we heard about in Colorado Springs a few days later that killed some zoo animals. I hear this area does occasionally get big hailstones, but it's fortunately rare.

There was enough hail on the ground to make for wintry snow scenes, and we found an enormous pile of hailstones on our back deck that persisted through the next day (that deck is always shady). Of course, the hail out in the yard disappeared in under half an hour once the New Mexico sun came out.

{Pile of hailstones on our deck} But before that, as soon as the squall ended, we went out to walk the property and take a look the "snow" and in particular at "La Cienega" or "the swamp", our fanciful name for an area down at the bottom of the hill where water collects and there's a little willow grove. There was indeed water there -- covered with a layer of floating hail -- but on the way down we also had a new "creek" with several tributaries, areas where the torrent carved out little streambeds.

It's fun to have our own creek ... even if it's only for part of a day.

More photos: August hailstorm.


Georgia Defends Voting System Despite 243-Percent Turnout in One Precinct SoylentNews

With worn-out clichs about the dead voting, Chicago used to be the poster child for voter fraud. But if any state is a poster child for terrible election practices, it is surely Georgia. Bold claims demand bold evidence, and unfortunately there's plenty; on Monday, McClatchy reported a string of irregularities from the state's primary election in May, including one precinct with a 243-percent turnout.

McClatchy's data comes from a federal lawsuit filed against the state. In addition to the problem in Habersham County's Mud Creek precinct, where it appeared that 276 registered voters managed to cast 670 ballots, the piece describes numerous other issues with both voter registration and electronic voting machines. (In fact it was later corrected to show 3,704 registered voters in the precinct.)

Multiple sworn statements from voters describe how they turned up at their polling stations only to be turned away or directed to other precincts. Even more statements allege incorrect ballots, frozen voting machines, and other issues.

Original Submission

Read more of this story at SoylentNews.


Mesa 18.2-RC2 Released With 17 Fixes So Far Phoronix

One week after branching Mesa 18.2 and issuing the first release candidate, the second weekly RC is now available for testing...


[$] Weekly Edition for August 9, 2018

The Weekly Edition for August 9, 2018 is available.


That XKCD on voting machine software is wrong Errata Security

The latest XKCD comic on voting machine software is wrong, profoundly so. It's the sort of thing that appeals to our prejudices, but mistakes the details.

Accidents vs. attack

The biggest flaw is that the comic confuses accidents vs. intentional attack. Airplanes and elevators are designed to avoid accidental failures. If that's the measure, then voting machine software is fine and perfectly trustworthy. Such machines are no more likely to accidentally record a wrong vote than the paper voting systems they replaced -- indeed less likely. The reason we have electronic voting machines in the first place was due to the "hanging chad" problem in the Bush v. Gore election of the year 2000. After that election, a wave of new, software-based, voting machines replaced the older inaccurate paper machines.

The question is whether software voting machines can be attacked. Well, if that's the measure, then airplanes aren't safe at all. Security against human attack consists of the entire infrastructure outside the plane, such as TSA forcing us to take off our shoes, to trade restrictions to prevent the proliferation of Stinger missiles.

Confusing the two, accidents vs. attack, is used here because it makes the reader feel superior. We get to mock and feel superior to those stupid software engineers for not living up to what's essentially a fictional standard of reliability.

To repeat: software is better than the mechanical machines they replaced, which is why there are so many software-based machines in the United States. The issue isn't normal accuracy, but their robustness against a different standard, against attack -- a standard which airplanes and elevators suck at.

The problems are as much hardware as software

Last year at the DEF CON hacking conference they had an "Election Hacking Village" where they hacked a number of electronic voting machines. Most of those "hacks" were against the hardware, such as soldering on a JTAG device or accessing USB ports. Other errors have been voting machines being sold on eBay whose data wasn't wiped, allowing voter records to be recovered.

What we want to see is hardware designed more like an iPhone, where the FBI can't decrypt a phone even when they really really want to. This requires special chips, such as secure enclaves, signed boot loaders, and so on. Only once we ge...


HPR2614: My 1948 Truetone D1835 Tube Radio Hacker Public Radio

The 1948 Truetone D1835 Tube Radio I recently bought a vintage tube powered radio at an estate sale and in this episode I talk about it and let you hear it. Click the image to view my Flickr pictures. Watch A video showing the radio in action!

China Tests Hypersonic Aircraft "Starry Sky-2" SoylentNews

China claims to have successfully tested its first hypersonic aircraft

China claims to have successfully tested its first hypersonic aircraft, a big step forward in aerospace technology that could intensify pressure on the US military. The China Academy of Aerospace Aerodynamics (CAAA), based in Beijing and part of the state-owned China Aerospace Science and Technology Corporation, conducted the first test of the "Starry Sky-2" aircraft last Friday.

Hypersonic vehicles are not simply high-speed -- they travel at least at five times the speed of sound. That's fast enough to travel across the US in around 30 minutes. According to a CAAA statement released Monday, the Starry Sky-2 reached a top speed of Mach 6 -- six times the speed of sound, or 4,563 miles (7,344 kilometers) per hour.

The test was a "complete success," claimed CAAA, which posted photos of the test launch on social media platform WeChat. "The Starry Sky-2 flight test project was strongly innovative and technically difficult, confronting a number of cutting-edge international technical challenges." The CAAA did not indicate what the new aircraft or technology would be used for, other than to say they hoped to continue contributing to China's aerospace industry.

Also at Quartz and NextBigFuture.

Related: General: U.S. Has No Defense Against "Hypersonic Weapons"

Original Submission

Read more of this story at SoylentNews.


Smashing Security #090: Fortnite for Android, and the FCCs DDoS BS Graham Cluley

Fortnite players are told theyll have to disable a security setting on Android, the FCC finally admits that it wasnt hit by a DDoS attack, and Verizons VPN smallprint raises privacy concerns.

All this and much much more is discussed in the latest edition of the award-winning Smashing Security podcast hosted by computer security veterans Graham Cluley and Carole Theriault, joined this week by David Bisson.


Electric Bike From The Ground Up Hackaday

Electric vehicles are getting more traction these days, but this trend is rolling towards us in more ways than just passenger vehicles. More and more bikes are being electrified too, since the cost of batteries has come down and people realize that they can get around town easily without having to pay the exorbitant price to own, fuel, and maintain a car. Of course there are turnkey ebikes, but those dont interest us much around here. This ebike from [Andy] is a master class in how to build your own ebike.

Due to some health issues, [Andy] needed a little bit of assistance from an electric motor on his bike, but found out that the one he wanted wouldnt fit his current bike quite right. He bought a frame from eBay with the right dimensions and assembled the bike from scratch. Not only that, but when it was time to put the battery together he sourced individual 18650 cells and built a custom battery for the bike. His build goes into great detail on how to do all of these things, so even if you need a lithium battery for another project this build might be worth a read.

If youve never been on an electric bike before, theyre a lot of fun to ride. Theyre also extremely economical, and a good project too if youre looking for an excuse to go buy a kit and get to work. You can get creative with the drivetrain too if youd like to do something out of the box, such as this bike that was powered by AA batteries and a supercapacitor.


It Looks Like A Steam 64-Bit Client Could Finally Be Near Phoronix

It looks like Valve could be prepping to finally ship a 64-bit Steam client, possibly coinciding with their long talked about Steam UI/UX overhaul...



Tech firms seek partnerships to increase workforce diversity The Hill: Technology Policy

Technology companies are forming partnerships with historically black colleges and universities (HBCU) in an effort to improve the diversity of their workforces.Rep. Alma Adams (D-N.C.), the chairwoman of the HBCU congressional caucus, casts the...


Supermicro Breathes in, Shimmies One PB of Intel Flash Into a Single Rack SoylentNews

Supermicro has crammed 1PB of Intel flash rulers into the slimmest possible 1U rack storage server.

The two-socket server can hold up to 32 Intel EDSFF, NVMe-connected flash drives giving a rack density of 1PB/U, the highest we have ever come across.

EDSFF stands for Chipzilla's Enterprise and Datacenter Storage Form Factor, which measures 325.35mm long, 9.5mm wide and 38.6mm high.

These front-mounted SSD DC P4500 Series drives are hot-swappable and each has a 32TB capacity, using 64-layer TLC (3bits/cell) 3D NAND. An Intel tech brief (PDF) provides the details.

We're told the drives are thermally optimised to require less airflow than a 2.5-inch U.2 SSD.

The performance numbers are heroic. Supermicro president and CEO Charles Liang said the product provides "13 million IOPS and 52GB/sec throughput in 1U" and claimed it outperforms any previous system available.

[...] Supermicro announced a 288TB 1U storage server in January using 8TB Samsung ruler SSDs. A 256TB version using previous 8TB Intel ruler SSDs was introduced in May. That has been well and truly exceeded with these 32TB drives.

Looking at this Samsung and Intel ruler data suggested to us a 64-layer Samsung flash ruler could exceed 32TB in capacity. And, we hasten to add, 96-layer flash is being developed, along with 4bits/cell QLC technology. That means we can realistically have an expectation of 64TB EDSFF drives in the 2019/2020 timeframe, meaning a 2PB/1U Supermicro product could emerge.

Original Submission

Read more of this story at SoylentNews.


Re: Unauthenticated EAPOL-Key decryption in wpa_supplicant Open Source Security

Posted by Jouni Malinen on Aug 08

On Wed, Aug 8, 2018 at 6:33 PM, Jens Timmerman <jens.timmerman () gmail com>

Correct. These are completely independent issues.

- Jouni


Egyptian students design car that runs on air Lifeboat News: The Blog

CAIRO (Reuters) A group of Egyptian students has designed a vehicle they say will battle rising energy prices and promote clean energy by running on nothing but air.


Twitter CEO to Hannity: We do not 'shadowban' conservatives The Hill: Technology Policy

Twitter CEO Jack Dorsey told Sean Hannity on Wednesday that his platform does not "shadowban" conservatives.We do not shadowban according to political ideology or viewpoint or content, period, Dorsey said during a rare interview on Hannitys...


Intertrust and Jscrambler launch joint solution to protect mobile and JavaScript applications Help Net Security

Intertrust Technologies and Jscrambler announced a jointly-sourced product suite App Shield 360 that provides a set of application shielding solutions for both native and JavaScript applications that includes: Jscrambler to provide leading JavaScript web and mobile hybrid application protection against tampering and data theft through JavaScript obfuscation, code traps and software self-defensive technology, Intertrust whiteCryption Code Protection to provide code obfuscation and tamper resistance for native code, Intertrust whiteCryption Secure Key Box to provide white More

The post Intertrust and Jscrambler launch joint solution to protect mobile and JavaScript applications appeared first on Help Net Security.


The potential impact of electric vehicles on global energy systems Lifeboat News: The Blog

Electric vehicles are unlikely to create a power-demand crisis but could reshape the load curve. Heres how to bend that curve to your advantage.

Could electric vehicles (EVs) soon face a different kind of gridlock? With the electrification of mobility accelerating, energy producers and distributors need to understand the potential impact of EVs on electricity demand (Exhibit 1). The good news: McKinsey analysis suggests the projected growth in e-mobility will not drive substantial increases in total electrical-grid power demand in the near to midterm, thus limiting the need for new electricity-generation capacity during that period.


Patent Maximalists Not Reformers Are the Biggest Threat to the Viability of the Patent System and Innovation Techrights

Rants about PTAB, Alice and so on merely make things worse. Limits exist for a reason and these limits need to be honoured.

Low maximum speed

Summary: Those who strive to infinitely expand patent scope are rendering the patent system obsolete and completely losing sight of the very purpose of the patent system, whose sanity US courts and lawmakers gradually restore (one ruling and one bill at a time)

THE USPTO will have granted fewer patents than before by years end. Recent numbers (a subset of the total) reaffirm rumours weve heard about that. Thats not bad news. To patent law firms that may be bad, but for society at large this may simply mean that patent quality is improving, unlike at the EPO, as we've just noted.

Not every patent represents an invention; some are more like a rendition.Not everything needs to be patented. Not every patent represents an invention; some are more like a rendition. Like music. It is not hard to understand that design patents are rubbish and the Supreme Court (SCOTUS) ought to reassess their necessity, or the lack thereof. We continue to be amazed at the sorts of design patents that we find out there; heres a new example from Apple. Why are these not being covered solely by trademarks and copyrights, which already cover software as well (the latter does)? I suppose hardware patents (like these new ones) are OK and Ive no real issue with those assuming prior art search was properly done and the innovative steps are sufficiently large.

Watchtroll has created...


Snapchat source Code leaked after an iOS update exposed it Security Affairs


Should we add bugs to software to put off attackers? Help Net Security

A group of New York University researchers are testing a new approach to software security: adding more bugs to it instead of removing them. The idea is to drown attackers in a sea of enticing-looking but ultimately non-exploitable bugs and waste skilled attackers time. This approach is aimed at disrupting the triage and exploit development stages of the attackers workflow by introducing many chaff bugs (the name is a nod to the strips of foil More

The post Should we add bugs to software to put off attackers? appeared first on Help Net Security.


SpaceX Organizes Secretive Mars Landing Conference at University of Colorado Boulder SoylentNews

SpaceX organizes inaugural conference to plan landings on Mars

No one can deny that SpaceX founder Elon Musk has thought a lot about how to transport humans safely to Mars with his Big Falcon Rocket. But when it comes to Musk's highly ambitious plans to settle Mars in the coming decades, some critics say Musk hasn't paid enough attention to what people will do once they get there.

However, SpaceX may be getting more serious about preparing for human landings on Mars, both in terms of how to keep people alive as well as to provide them with something meaningful to do. According to private invitations seen by Ars, the company will host a "Mars Workshop" on Tuesday and Wednesday this week at the University of Colorado Boulder. Although the company would not comment directly, a SpaceX official confirmed the event and said the company regularly meets with a variety of experts concerning its missions to Mars.

This appears to be the first meeting of such magnitude, however, with nearly 60 key scientists and engineers from industry, academia, and government attending the workshop, including a handful of leaders from NASA's Mars exploration program. The invitation for the inaugural Mars meeting encourages participants to contribute to "active discussions regarding what will be needed to make such missions happen." Attendees are being asked to not publicize the workshop or their attendance.

The meeting is expected to include an overview of the spaceflight capabilities that SpaceX is developing with the Big Falcon rocket and spaceship, which Musk has previously outlined at length during international aerospace meetings in 2016 and 2017. Discussion topics will focus on how best to support hundreds of humans living on Mars, such as accessing natural resources there that will lead to a sustainable outpost.

Related: SpaceX to Begin BFR Production at the Port of Los Angeles
City Council Approves SpaceX's BFR Facility at the Port of Los Angeles
This Week in Space Pessimism: SLS, Mars, and Lunar Gateway

Original Submission

Read more of this story at SoylentNews.


SEC probes Tesla over Musk's tweet on taking company private: report The Hill: Technology Policy

The Securities and Exchange Commission (SEC) has inquired with Tesla about CEO Elon Musks tweets regarding his plans to take the company private, The Wall Street Journal reported Wednesday.Trading on the companys stock was halted Tuesday...


Printed Part Gets Classic Truck Rolling Hackaday

When working on classic vehicles, and especially when modifying them outside of their stock configurations, things can get expensive. Its a basic principle in economics: the rarer something is the more money somebody can charge you for it. But if youve got the skills and the necessary equipment, you can occasionally save yourself money by custom-fabricating some parts yourself.

After changing the gear ratio in his 1971 Ford F100, [smpstech] needed to adjust his speedometer to compensate. Unfortunately, a commercial speedometer reducer and the new cables to get it hooked up to his dash would have run into the hundreds of dollars, so he decided to try designing and 3D printing his own gearbox. The resulting development process and final product are a perfect example of how even a cheap desktop 3D printer, in the hands of a capable operator, can do a lot more than print out little toy boats.

The gearbox contains a large ring gear driven by a smaller, offset, spur gear. This compact inline package drops the speed of the input shaft by 25.5%, which [smpstech]  mentions is actually a bit slower than necessary, but it does give him some wiggle room if he decides to change his tire size.

Even if youre not looking for a spe...


GNOME Software 3.30 Will Automatically Update Flatpaks By Default Phoronix

The GNOME Software center for installing and updating of programs will begin automatically installing updates with the upcoming GNOME 3.30 release albeit limited to sandboxed Flatpak programs...


WeMove.EU Tackles Low Patent Quality at the European Patent Office (EPO) Techrights

Far too broad a scope for patenting

No patents on beer
Now at 175,179 out of 200,000 signatures

Summary: The breadth of European Patents, which now cover even nature itself, worries public interest groups; Team UPC, however, wants patent scope to expand further and Antnio Campinos has expressed his intention to further increase the number of grants

THE EPO is demonstrably out of control. Patent scope has gone crazy and firms like law giants (lawsuits industry) have the most to gain from it. The same goes for large monopolies/oligopolies like Big Alcohol/Breweries. We previously mentioned Carlsberg's patents on barley and the subject has just reemerged because WeMove.EU initiated a petition on the matter:

WeMove.EU group has launched a petition at European Patent Office (EPO) to deny patent grants for regular bred plants and technology used in the process of beer making.

WeMove.EU claimed that the EPO has granted patents to both Heineken and Carlsberg for regularly bred barley, which it argues is knowledge thats been around for thousands of years.

It added: With the patent these transnational corporations own the barley from the seed to the pint of beer. Not only is it outrageous these greedy corporations want to own a tradition that has been around for thousands of years, but in granting the patent, the EPO is in breach of EU law. Not only, for every patent they approve, they get paid.

The group claim that it will claim barley back and take this chance to urge Member States to stop the EPO from breaching EU law.

WeMove.EU say that brewing companies would profit three times over from patenting regur;ar barley, selling the seeds to farmers, then buying them back to turn them into beer for consumers, in what the group refer to as control from the field to the pub.

As longtime readers are aware, weve always focused on the absurdity which is patents on abstract ideas and on life (which predates the patent system)....


Linux TCP implementation vulnerable to Denial of Service (CVE 2018-5390) Open Source Security

Posted by Matthew Garrett on Aug 08

CVE 2018-5390 is a remotely exploitable denial of service against Linux
systems. It was patched in the public kernel tree on the 2018-07-23 and
publicly disclosed on 2018-08-06. A public tweet linking to the commit was
made on 2018-07-23, so awareness of the issue may have been high before
official disclosure. All Linux distributions should now have released
patches for the affected releases.


Uncertain human consequences in asteroid risk analysis and the global catastrophe threshold Lifeboat News: The Blog

By pure coincidence, the article by Seth Baum was published just 5 days after a small asteroid exploded over early warning Tule station in Greenland.

This paper studies the risk of collision between asteroids and Earth. It focuses on uncertainty in the human consequences of asteroid collisions, with emphasis on the possibility of global catastrophe to human civilization. A detailed survey of the asteroid risk literature shows that while human consequences are recognized as a major point of uncertainty, the studies focus mainly on physical and environmental dimensions of the risk. Some potential human consequences are omitted entirely, such as the possibility of asteroid explosions inadvertently causing nuclear war. Other human consequences are modeled with varying degrees of detail. Direct medical effects are relatively well-characterized, while human consequences of global environmental effects are more uncertain. The latter are evaluated mainly in terms of a global catastrophe threshold, but such a threshold is deeply uncertain and may not even exist. To handle threshold uncertainty in asteroid policy, this paper adapts the concept of policy boundaries from literature on anthropogenic global environmental change (i.e., planetary boundaries). The paper proposes policy boundaries of 100 m asteroid diameter for global environmental effects and 1 m for inadvertent nuclear war. Other policy implications include a more aggressive asteroid risk mitigation policy and measures to avoid inadvertent nuclear war. The paper argues that for rare events like large asteroid collisions, the absence of robust data means that a wide range of possible human consequences should be considered. This implies humility for risk analysis and erring on the side of caution in policy.


My Little Pony animator jailed for possessing 60k child abuse images HackRead

By Carolina

He is now diagnosed with a condition called Pedophilic Disorder. An Ottawa-based animator has received 28 months in prison for possessing child pornography content. The 55-year old Tom Wysom is an artist by profession, who is known for his contribution in various animated TV shows for children including My Little Pony. At the time of his []

This is a post from Read the original post: My Little Pony animator jailed for possessing 60k child abuse images


Italy Senate Overturns Mandatory Vaccination Law SoylentNews

An amendment from Italy's anti-establishment government that removes mandatory vaccination for schoolchildren is sending shock waves through the country's scientific and medical community.

It suspends for a year a law that requires parents to provide proof of 10 routine vaccinations when enrolling their children in nurseries or preschools. The amendment was approved by Italy's upper house of parliament on Friday by 148 to 110 votes and still has to pass the lower house.

The law had originally been introduced by the Democratic Party in July 2017 amid an ongoing outbreak of measles that saw 5,004 cases reported in 2017 -- the second-highest figure in Europe after Romania -- according to the European Centre for Disease Prevention and Control (ECDC). Italy accounted for 34% of all measles cases reported by countries in the European Economic Area, the center said.

Italy's Five Star movement and its coalition partner, the far-right League, both voiced their opposition to compulsory vaccinations, claiming they discourage school inclusion.

English Language Source:

Original Submission

Read more of this story at SoylentNews.


Its Time to Tie the U.S. Electric Grid Together, Says NREL Study IEEE Spectrum Recent Content full text

Fortifying connections between three disparate grids could make renewable energy more widely available

The U.S. electrical grid is really made up of three largely separate grids with puny transmission connections at the seams. These seams cross sparsely populated rangeland in the middle of the country.

The Eastern Interconnection serves much of the United States east of the Great Plains. The Western Interconnection covers residents from the Great Plains to the Rockies and up and down the West Coast. And most of Texas has a grid of its own. Policymakers there shun ties with the other two grids in order to keep federal electric power regulation out of the Lone Star State.

Almost like safety pins holding together an elaborate wedding dress, no more than 1,300 megawatts of transmission capacity at a total of seven locations stitch all of this together.

The seams have long interested electric transmission and generation planners. Nearly 100 years ago, a Chicago newspaper trumpeted the value of a truly interconnected grid. Other studies have reached similar conclusions, and the most recent effort is no different.

A new seam study finds considerable economic value in fortifying connections between grids.

Led by researchers at the U.S. Energy Departments National Renewable Energy Laboratory, a new seam study finds considerable economic and engineering value in fortifying these connections to better distribute power resources around the country.

The study results [PDF] were presented in July at the TransGrid-X Symposium at Iowa State University in Ames, Iowa.

The timing is right for this latest study to consider how to bridge the seams more robustly, says Aaron Bloom, who led the NREL research effort.

For one thing, equipment at the connection points is 30 to 40 years old, and nearing the end of its useful life. High-voltage direct current (HVDC) technology is readily available and increasingly affordable, and could replace the old equipment to make long-distance electric power transfers between the eastern and western United States possible.

The rapid growth of wind...


Smart Keyboard Could Be Self-Powered, Self-Secured, Self-Cleaning Lifeboat News: The Blog

Scientists have come up with a prototype keyboard that can recognize different typing styles, provide its own power, and possibly even keep itself clean.


Teslas production problems extend to its solar roof business, too Lifeboat News: The Blog

The production problems Tesla has faced with its Model 3 have been well documented. Now, sources say the company is facing similar issues with its solar roof tile initiative. According to Reuters, former and current employees have revealed that assembly line problems, plus CEO Elon Musks exacting aesthetic demands, has delayed production, causing tension with partner Panasonic, and rattling officials that are keen to see a return on significant state investment.

The Solar Roof, produced at Teslas factory in Buffalo, New York, is designed to look like and function as a regular roof while also generating energy. According to sources, technical challenges have delayed production, as has Musks design plans. Speaking to Reuters, one source said that Aesthetic look is the key point that Elon is not always satisfied with. Thats the big issue.

Neither Tesla nor Reuters sources have revealed current production figures for the roof tiles, but the delays are such that Panasonic which the initiative depends on for solar components has been forced to find other buyers for the parts it had built to sell to Tesla. According to a former Panasonic employee, the company has been shipping large volumes of its photovoltaic cells as samples to other prospective buyers, due to low demand from Tesla. Panasonic declined to comment on the issue, stating only that it believes Tesla will use Panasonic cells when it mass-markets the Solar roof.



Regenerative Braking Charges Your Phone Hackaday

Way back when, if you wanted lights on your bike, youd head off to the local bicycle store and purchase yourself a bottle dynamo. This would consist of a magneto that was attached to a bracket on the back of the bike and would rotate by rubbing against the rear tire, generating power for the lights. These fell out of favor over the years as batteries got better and cheaper and people grew tired of the increased drag and maintenance required. Despite this, the idea of generating power onboard a bicycle has never really gone away, and [Javier] has decided to have a crack with his imPulse project.

The formerly popular bottle dynamo had one advantage over contemporary models located in bicycle hubs they were geared down to allow the generating device to make multiple turns for each revolution of the bicycle wheel. This is useful to allow the generating device to operate in its ideal range of rotational speed. Going for a more modern take, however, [Javier] has decided to leverage a stepper motor as his generating device of choice. Further taking advantage of modern technology, the imPulse system is designed to fit on to the caliper mounts of modern bicycles with disc brakes, allowing easy fitment while also leaving room for a geared-down drive.

[Javier] hasnt just stopped at power generation, however there are also plans for lighting systems and power distribution to enable the generated power to be used for a variety of purposes. It even has turn signals  though thats not the first time weve seen them on a bike! Video after the break.

The HackadayPrize2018 is Sponsored by:


Links 8/8/2018: KDE Neon for Testing, New LibreOffice Release, Dart 2.0 Techrights

GNOME bluefish



  • Desktop

    • What The Future Holds? You Are More A Part of it Than You Know.

      But when it came down to it, the core of the class settled on Cinnamon as their DE of choice. Possibly because it was the closest thing to Windows for them? Maybe. Or as one student noted, it gives me what I want without having to go looking for it. And it doesnt hurt that its easy on the eyes. My Cinnamon desktop with the joy-blue controls theme.

      Now, I do have some quibbles with Cinnamon. Im all about customization. I tried the latest Kubuntu, as I like the theming options KDE gives me; but so much has changed within that structure, I just cant get it to the level of aesthetics I achieved with KDE4. My problems with Cinnamon are silly to some. I like to be able to change the icons in my system tray. Unfortunately, those seem to be fixed. And yeah, theres Mate. Mate allows those changes but try as I may, and again this is just me; but when Ive done all that I can do with my Mate Desktop, it still looks like 2003.

    • Installing Windows apps on Linux is about to get easier with Winepak

      If youve ever wanted to make the switch to Linux, but the idea of leaving behind Windows apps always seemed to be a stumbling block, you might know about Wine. Wine is a compatibility layer capable of running Windows applications on Linux and other POSIX-compliant operating systems. However, to many users, Wine itself has been a bit of a hurdle, as it isnt always considered the most user-friendly tool. That is about to change.

      How? Have you ever heard of Flatpak? If not, Flatpak provides a sandbox environment in which users can run applications in isolation from the rest of the system. These applications are containerized, so you dont have to worry about dependencies. You install the container and it runs. Simple as that.

    • ...


The Connection Of Point Brain Computer Interface The Cerebral Cortex Lifeboat News: The Blog

The whole thing starts with cerebral cortex. It is divided into four major parts, or sometime people call it lobes.

1. Frontal

2. Parietal


Sound Blaster Recon3D Finally Seeing Better Linux Support Phoronix

Creative Labs launched the Recon3D sound card the better part of a decade ago and finally patches have emerged providing for better Linux driver support...


P2P Piracy Is Alive and Growing, Research Suggests TorrentFreak

In recent years Hollywood and other entertainment sources have focused their enforcement efforts on pirate streaming sites and services.

According to several reports, streaming sites get more traffic than their P2P counterparts, with the latter being almost exclusively BitTorrent related.

While the rise of online streaming sites cant be denied, a new research report from anti-piracy outfit Irdeto shows that P2P remains very relevant. In fact, its still the dominant piracy tool in many countries.

Irdeto researched site traffic data provided by an unnamed web analytics partner. The sample covers web traffic to 962 piracy sites in 19 countries where P2P was most used. This makes it possible to see how P2P site visits compare to those of pirate streaming sites.

The data reveal that there are massive differences in the relative use of P2P versus streaming sites between countries.

In Russia, for example, only 2% of the visits go to streaming sites, while the rest of the traffic goes to P2P portals. P2P also outperforms streaming in other countries such as Australia, the Netherlands, and India.

This pattern is reversed in Germany, where 88% of all visits go to pirate streaming sites. Similarly, streaming is also the dominant web piracy tool in the United States, France, Spain and other countries.

Additional research in eight countries shows that piracy traffic has grown during the course of 2017. This growth also applies to P2P sites, in all but one country, Germany.

Looking at the sample as a whole, Iredeto notes that 70% of all pirate traffic goes to P2P sites, which appears to run counter to the popular narrative that streaming is more dominant today.

While many expect P2P piracy to be taken over by streaming and direct downloads, its clear that this has not happened yet. P2P piracy is still a big threat to the industry, in which the overall piracy problem is growing, Peter Cossack, Irdetos VP of Cybersecurity Services says.

While the increase in bandwidth and social media has facilitated growth in content redistribution piracy, particularly around live sporting events, it is clear that other forms of piracy are not going away any time soon.

Irdetos non-weighed data

While the data provide an interesting look at the regional differences it should be interpreted with caution. First, the sample only includes desktop visits. This might be a problem since streaming sites are arguably more popular on mobile platforms.

Also, the 19 countries were selected because they h...


HiFormance OpenVZ & KVM deals from just $11.99/year! Low End Box

Kyle is back from HiFormance with more amazing deals for us, this time. We have enjoyed the positive feedback from our readers in regards to HiFormance and we look forward to listing them more as the offers come along!

Heres a note from the company

Its been a great year so far for us at HiFormance and we appreciate the LowEndBox community for all your support and feedback! We have expanded our service & support across the nation and continue to do so each day! We want to give our customers a unique experience with the highest level of performance and customer service. Signing up with HiFormance means becoming apart of a network of specialists and hosting enthusiasts that ultimately give you the best presence on the web.

Heres the offer: 

OpenVZ 4GB
** 3 Year Prepay: Double 1 Resource FREE **
** 1 Year Prepay: Double 1 Resource FREE **
** 3 Year Prepay: Double ALL Resources FREE **

OpenVZ 4GB
  • 2 vCores
  • 4GB RAM
  • 20GB Pure SSD
  • 4TB Bandwidth
  • 1Gbps Uplink
  • DDoS Protection
  • 1 x IPv4 (IPv6 upon request)
  • OpenVZ (SolusVM)
  • Linux Only
  • $11.99/yr
  • [ORDER]
  • 2 CPU Cores (Dedicated)
  • 4GB RAM
  • 150GB HDD
  • 2TB Bandwidth
  • 1Gbps Uplink
  • DDoS Protection
  • 1 x IPv4 (IPv6 upon request)
  • KVM
  • $10/mo
  • [ORDER]
Their WHOIS is public, theyre a registered LLC in the state of Wyoming (2017-000777425), they accept PayPal, Credit Cards, Alipay and WeChat and you can find their legal docs at the following links:

Network Info: 

Los Angeles (QuadraNet) Looking Glass
Los Angeles (CN2) 204.44...


[$] Reconsidering Speck

The Speck cipher is geared toward good performance in software, which makes it attractive for smaller, often embedded, systems with underpowered CPUs that lack hardware crypto acceleration. But it also comes from the US National Security Agency (NSA), which worries lots of people outside the USand, in truth, a fair number of US citizens as well. The NSA has earned a reputation for promulgating various types of cryptographic algorithms with dubious properties. While the technical arguments against Speck, which is a fairly simple and straightforward algorithm with little room for backdoors, have not been all that compelling, the political arguments are potentto the point where it is being dropped by the main proponent for including it in the kernel.


Nearly 15% of US security budgets go to remediating active compromises Help Net Security

Malwarebytes and Osterman Research have polled 900 senior IT decision-makers and IT security professionals in Australia, Germany, the US, UK, and Singapore about the impact of enterprise security incidents on their bottom line, and also looked at all sides of IT security costs from budget and remediation, to hiring, recruiting and retention. Top report findings include: Cybercrime incidents are escalating, security budgets are exploding and security remediation costs are skyrocketing US-based businesses experienced a higher More

The post Nearly 15% of US security budgets go to remediating active compromises appeared first on Help Net Security.


Lennart Maschmeyer on the Effect of Cyber Conflict on Civil Society News The Citizen Lab

In a recent article for the Council on Foreign Relations, the Citizen Labs Lennart Maschmeyer discusses how repressive regimes are becoming increasingly effective at targeting opposition groups using digital espionage, both at home and abroad. Specifically, civil society organizations (CSOs) are extremely vulnerable to such attacks, as evidenced by a recent Citizen Lab report showcasing a malware campaign levelled against members of the Tibetan diaspora.

Maschmeyer also outlines six obstacles facing CSOs in mitigating digital attacks. Among these challenges include a lack of standardized data, cross-border targeting, and a misplaced focus on the technical aspects instead of the social engineering mechanisms of these attacks. Additionally, he outlines that each community faces specific and tailored threats that make broad approaches to security training challenging.

Tibetan diaspora organizations targeted by Chinese threat groups may face significantly different types of threats than Syrian opposition members targeted by both the regime and other non-state groups.

Read the full article here

The post Lennart Maschmeyer on the Effect of Cyber Conflict on Civil Society appeared first on The Citizen Lab.


Bitcoin Whale's Bad Trade Leaves Counterparties Holding the Bag SoylentNews

Arthur T Knackerbracket has found the following story:

A massive wrong-way bet on Bitcoin left an unidentified futures trader unable to cover losses, burning counterparties and threatening to dent confidence in one of the world's largest cryptocurrency venues.

The long position in Bitcoin futures listed on OKEx, a Hong Kong-based exchange, had a notional value of about $416 million, according to an OKEx statement on Friday and data compiled by Bloomberg. OKEx moved to liquidate the position on Tuesday, but the exchange was unable to cover the trader's shortfall as Bitcoin's price slumped. Because OKEx has a "socialized clawback" policy for such instances, it will force futures traders with unrealized gains this week to give up about 18 percent of their profits.

While clawbacks are not unprecedented at OKEx, the size of this week's debacle has attracted lots of attention in crypto circles. The episode underscores the risks of trading on lightly regulated virtual currency venues, which often allow high levels of leverage and lack the protections investors have come to expect from traditional stock and bond markets. Crypto platforms have been dogged by everything from outages to hacks to market manipulation over the past few years, a period when spectacular swings in Bitcoin and its ilk attracted hordes of new traders from all over the world.

[...] Bitcoin, the biggest cryptocurrency by market value, dropped 2.2 percent to $7,383.44 at 4:56 p.m. Hong Kong time on Friday, extending its decline this week to 10 percent. It has slumped 48 percent this year.

-- submitted from IRC

Original Submission

Read more of this story at SoylentNews.


Qualys and IBM X-Force Red help orgs identify, fix most critical vulnerabilities Help Net Security

Qualys announced that IBM X-Force Red will leverage the Qualys Cloud Platform as part of its X-Force Red Vulnerability Management Services (VMS). As part of an expanded relationship, X-Force Red will deploy the Qualys Cloud Agent and Qualys Cloud Apps into client environments across the globe, providing a programmatic vulnerability management approach that leverages the breadth of Qualys continuous visibility and depth of the X-Force Red teams services to identify, prioritize and remediate clients most More

The post Qualys and IBM X-Force Red help orgs identify, fix most critical vulnerabilities appeared first on Help Net Security.


Ask Hackaday: Is There a Common Mechanical Parts Library? Hackaday

Like many stories, this one started on the roof. This particular roof is located in Michigan and keeps the rain and snow off of the i3Detroit hackerspace. Being an old industrial building, things up on the roof can start getting creaky, and when an almighty screech started coming from one of the rooftop vents as it swiveled in the wind, Nate, one of the groups coordinators, knew it was time to do something about it.

Previous attempts to silence the banshee with the usual libations had failed, so Nate climbed up to effect a proper repair with real bearings. He dug into the unit, measured for the bearing, and came down to order the correct items. Thats when it struck him: How many should I order? After all, bearings are useful devices, not just to repair a wonky vent but especially handy in a hackerspace, where they can be put to all sorts of uses. Would extra bearings be put to good use, or would they just sit on a shelf gathering dust?

Thats when Nate dropped us a line and asked a question that raises some interesting possibilities, and one which we couldnt answer offhand: Is there a readily accessible online library of common mechanical parts?

Not All The Parts

It turns out that Nate has something else far more interesting in mind, and its based more on his experiences with electronics parts ordering. Hes thinking about something along the lines of Octoparts Common Parts Library, Macrofabs House Parts, or Seeed Studios Open Parts Library. These repositories allow designers to see what components are currently being used for various applications. The aim is to ease the design process by limiting choices to just a few widely available parts. Start there, and if your needs arent met with some of them, branch out, spending extra time on only the parts that actually call for...


Anki's Vector Is a Little AI-Powered Robot Now on Kickstarter for $200 IEEE Spectrum Recent Content full text

Is this the personal home robot we've been waiting for? No, but Vector will make you smile

San Francisco-based robotics company Anki is launching today a new robot called Vector. It drives on little tank treads, has an expressive LCD face, and is constantly moving around, making beeps and bloops. Vector resembles Ankis previous robot, Cozmo, but is packed with more technologyand character.

Anki says Vector is designed as a robot companion and helper for people at home. But dont expect much: The robot has a tiny voice and can barely push a coffee mug around. Its little arms can lift only a special plastic block. What Vector is good at, Anki says, is engaging with people.

The robot can certainly get your attention. At one point during my interview with Ankis chief strategy officer Patrick De Neale, Vector interrupted us to demand a fist bump. De Neale promptly complied.

Vector is available starting today on Kickstarter at a discounted price of US $200 (it will hit stores on 12 October with a $250 price tag). Kickstarter backers will also get early access to the software development kit (SDK), which will be available to all users only later this year.

Vector is powered by a 1.2 GHz quad-core Qualcomm Snapdragon, has a wide-angle HD camera, single-point laser for mapping and navigation, four-mic array, and capacitive touch sensors. And while its speech capabilities rely on the cloud, other functions, like detecting if there are people nearby, use a convolutional neural network running on its on-board processor.

Vector is Ankis fourth product. First came the robotic racing cars Drive and Overdrive. Two years ago, the company unveiled Cozmo, which became a best-selling toy on Amazon. But Anki says Vector is not a toy. The company is apparently targeting a group of tech-minded grown-ups who have always dreamed of having R2-D2 in their living rooms (ahem, we know some of them).

Anki vector with charger and cube Image: Anki...


Psychological Techniques Used to Keep Kids Online

Parental controls. Use them. Via: AP: Childrens advocates want the American Psychological Association to condemn the tech industrys practice of using persuasive psychological techniques to keep kids glued to their screens. The advocates, citing research that links excessive use of social media and video games with depression and academic troubles, say its unethical for psychologists []


More Laptop Quirks Queued For Linux 4.19 Phoronix

The x86 platform drivers area of the Linux kernel is ready for the 4.19 kernel cycle to get underway next week...


New laser based on unusual physics phenomenon could improve telecommunications, computing Lifeboat News: The Blog

Researchers at the University of California San Diego have demonstrated the worlds first laser based on an unconventional wave physics phenomenon called bound states in the continuum. The technology could revolutionize the development of surface lasers, making them more compact and energy-efficient for communications and computing applications. The new BIC lasers could also be developed as high-power lasers for industrial and defense applications.

Lasers are ubiquitous in the present day world, from simple everyday laser pointers to complex laser interferometers used to detect gravitational waves. Our current research will impact many areas of laser applications, said Ashok Kodigala, an electrical engineering Ph.D. student at UC San Diego and first author of the study.

Because they are unconventional, BIC lasers offer unique and unprecedented properties that havent yet been realized with existing laser technologies, said Boubacar Kant, electrical engineering professor at the UC San Diego Jacobs School of Engineering who led the research.


GitHub started warning users when adopting compromised credentials Security Affairs

In order to improve the security of its users, the popular software code hosting service GitHub is now alerting account holders whenever it detects that a password has been exposed by data breaches on other services.

Last week the popular software code hosting service GitHub has introduced a new feature to protect its users, it will alert them whenever it detects that a password has been compromised in a third-party data breach.

GitHub has teamed with the service, managed by the cybersecurity expert Troy Hunt, to provide implement a feature that allows users to check whether their credentials have been involved in known data breaches.

Common password advice is to use a long and unique password for each website you have an account with. Its challenging to remember a strong and unique password for each website without either using a password manager or using a trivially discovered theme. As a result, password reuse is extremely prevalent. Regardless of the strength of a password, a single breach can nullify its security when used elsewhere. reads the advisory published by GitHub.

GitHub has developed service that leverages the 517 million record dataset provided by Huntto validate whether a users password has been found in any publicly available sets of breach data.

GitHub account check

The feature will alert users that are using compromised credentials and ask them to change them du...


OpenEMR vulnerabilities put patients info, medical records at risk Help Net Security

A slew of vulnerabilities in OpenEMR allowed attackers to access random patients health records, view data from a target database, escalate their privileges on the server, execute system commands, and more. What is OpenEMR? OpenEMR is a free and open source electronic health records and medical practice management solution. Its one of the most popular electronic medical records management solutions in use today and its estimated that, worldwide, some 15,000 healthcare organizations of varying sizes More

The post OpenEMR vulnerabilities put patients info, medical records at risk appeared first on Help Net Security.


Sunday: Breakfast at DEF CON Hackaday

Nurse your hangover by having Breakfast at DEF CON this Sunday. Youre invited to this yearly ritual with Hackaday and Tindie. Were celebrating the beginning of the end with coffee and pastries beginning at 10:30 am in the Hardware Hacking Village.

Head over to the Breakfast at DEF CON event page and hit the follow event button to keep on any new info about the event.

Extra internet points go to those who bring some hardware to show off and especially for anyone who is making this the end of their Saturday rather than the beginning of Sunday. We had tons of great hacks show up last year and want to outdo ourselves this time around.

Come hang out with too many Hackaday and Tindie folks to list here. Also dont forget to check out the SMD Challenge throughout the weekend.


Let's Encrypt is Now Officially Trusted by All Major Root Programs SoylentNews

Submitted via IRC for SoyCow1984

Let's Encrypt announced yesterday that they are now directly trusted by all major root certificate programs including those from Microsoft, Google, Apple, Mozilla, Oracle, and Blackberry. With this announcement, Let's Encrypt is now directly trusted by all major browsers and operating systems.


[...] At the end of July 2018, Let's Encrypt received direct trust from Microsoft products, which resulted in it being trusted by all major root programs. The CA's certificates are cross-signed by IdenTrust, and have been widely trusted since the beginning.

"Browsers and operating systems have not, by default, directly trusted Let's Encrypt certificates, but they trust IdenTrust, and IdenTrust trusts us, so we are trusted indirectly. IdenTrust is a critical partner in our effort to secure the Web, as they have allowed us to provide widely trusted certificates from day one," noted Josh Aas, Executive Director of ISRG.

[...] While some of these [older operating systems, browsers, and devices] are expected to be updated to trust the CA, others won't, and it might take at least five more years until most of them cycle out of the Web ecosystem. Until that happens, Let's Encrypt will continue to use a cross signature [from IdenTrust].

Original Submission #1 Original Submission #2

Read more of this story at SoylentNews.


15-year-old boy from Bengaluru being treated for PUBG addiction TechWorm

With WHO classifying gaming disorder as a mental health condition, has video gaming addiction become a bigger problem than before?

Gaming is more popular today than ever before and it is especially popular among teens and youngsters who are hooked to it most of the time. In fact, the World Health Organization (WHO) now recognizes gaming disorder as a mental health condition in the International Classification of Diseases and has placed it in the same category as substance abuse and gambling addiction.

However, this has not stopped teens and youngsters from spending more and more time playing video games. It has even proven to be problematic, such as in this case, where a 15-year-old from Bengaluru, India is receiving treatment for his addiction to online game PlayerUnknowns Battlegrounds (PUBG).

For those unaware, the popular game PlayerUnknowns Battlegrounds or PUBG created in December last year has been downloaded over 50 million times. It was the third most popular game in June, even seven months after its introduction. It is available on PC, Android and iOS. PUBG is based on the epic 2000 movie Battle Royale. It starts with 100 players parachuting from a plane onto a large island, where they then search for weapons and gear up for a brutal fight to the death as surviving players edge closer to the center of the island. The players can choose different Mods to fight the enemy and turn out victorious. The game is extra hard and the winner of PUBG is the last man standing.

Apparently, the 15-year-old boy studying Class 10 was so immersed in playing PUBG, that he would stay up until 2-3 am playing the game, and often missed school because of waking up late, reports Hindustan Times. His worried parents then took him to SHUT (Service for Healthy Use of Technology) Clinic, located at the National Institute of Mental Health and Neurosciences (NIMHANS), which helps people deal with technology-based addictions.

During his counseling session, the boy showed all symptoms of gaming disorder, such as putting gaming over other activities and continuing with it despite the negative consequences it could bring. While he had over 1,000 online friends, he had only about four or five friends outside of his digital world. However, the worst part was that the boy was unwilling to recognize that he had a problem.

Recent times have seen more and more youngsters getting addicted to video games with those who overplay video games usually have to confront a high chance of getting either mental or physical diseases or even both if not addressed in time. Also, game addicts are often found seen isolating themselves from others in order to play video games or missing out on family events, outings with friends, or other events.

According to a report published by...


Re: Unauthenticated EAPOL-Key decryption in wpa_supplicant Open Source Security

Posted by Jens Timmerman on Aug 08

I have to ask since this was only published 4 days ago and also describes
an attack on the EAPOL frames
Is this in any way related to atom's new attack on WPA/WPA2 using PMKID,

As far as I can see these are 2 different attacks?

Jens Timmerman


[$] Scheduler utilization clamping

Once upon a time, the only way to control how the kernel's CPU scheduler treated any given process was to adjust that process's priority. Priorities are no longer enough to fully control CPU scheduling, though, especially when power-management concerns are taken into account. The utilization clamping patch set from Patrick Bellasi is the latest in a series of attempts to allow user space to tell the scheduler more about any specific process's needs.


WhatsApp Flaw Lets Users Modify Group Chats to Spread Fake News The Hacker News

WhatsApp, the most popular messaging application in the world, has been found vulnerable to multiple security vulnerabilities that could allow malicious users to intercept and modify the content of messages sent in both private as well as group conversations. Discovered by security researchers at Israeli security firm Check Point, the flaws take advantage of a loophole in WhatsApp's security


[CVE-2018-12584] Heap overflow vulnerability in reSIProcate through 1.10.2 Bugtraq

Posted by Joachim De Zutter on Aug 08

CVE ID: CVE-2018-12584


Bug report with test code sent to main reSIProcate developers: 2018-06-15
Patch created by Scott Godin: 2018-06-18
CVE ID assigned: 2018-06-19
Patch committed to reSIProcate repository: 2018-06-21
Advisory first published on website: 2018-06-22
Advisory sent to Bugtraq mailing list: 2018-08-08


A heap overflow can be triggered in the reSIProcate SIP stack when TLS is


Programmable Badge uses E-Ink and ESP8266 Hackaday

Youve probably noticed that the hacker world is somewhat enamored with overly complex electronic event badges. Somewhere along the line, we went from using a piece of laminated paper on a lanyard to custom designed gadgets that pack in enough hardware that they could have passed for PDAs not that long ago. But what if there was a way to combine this love for weighing down ones neck with silicon jewelry and the old school Hello my name is stickers?

[Squaro Engineering] might have the solution with Badgy, their multi-function e-ink namewell, badge. Compatible with the Arduino SDK, it can serve as anything from a weather display to a remote for your smart home. Oh, and we suppose in an absolute emergency it could be used to avoid having to awkwardly introduce yourself to strangers.

Powered by an ESP-12F, Badgy features a 2.9 296128 E-Ink display and a five-way tactical switch for user input. The default firmware includes support for WiFiManager and OTA updates to make uploading your own binaries as easy as possible, and a number of example Sketches are provided to show you the ropes. Powered by a LIR245...


Security updates for Wednesday

Security updates have been issued by Debian (slurm-llnl), Fedora (libmspack), openSUSE (cups, kernel, kernel-firmware, libcgroup, and ovmf), Oracle (kernel), and SUSE (cups, enigmail, libcdio, and pidgin).


House Dems call for new FCC probe into Sinclair The Hill: Technology Policy

House Democrats are urging the Federal Communications Commission (FCC) to investigate reports that the Sinclair Broadcast Group has conspired with other broadcasters to raise local advertising costs.In a letter to FCC Chairman Ajit Pai sent Tuesday...


Samumed in $438 Million Deal to Develop Anti-agingTherapies Lifeboat News: The Blog

Today, we were pleased to hear that Samumed, a San Diego-based biotech company working on regenerative medicine, has just raised $438 million towards developing anti-aging therapies.

SAN DIEGO August 6, 2018 Samumed, LLC, announced today that it has closed its A-6 Round of equity issuance with $438 million, bringing its total equity raised to date to more than $650 million. The pre-money valuation for the round was $12 billion.

We appreciate the strong support from our investors, said Osman Kibar, Ph.D., Chief Executive Officer of Samumed, and we are now in a fortunate position to both move our later stage programs to commercialization, as well as expand on our earlier stage science and clinical portfolio.


Unauthenticated EAPOL-Key decryption in wpa_supplicant Open Source Security

Posted by Jouni Malinen on Aug 08

Published: August 8, 2018
- CVE-2018-14526


A vulnerability was found in how wpa_supplicant processes EAPOL-Key
frames. It is possible for an attacker to modify the frame in a way that
makes wpa_supplicant decrypt the Key Data field without requiring a
valid MIC value in the frame, i.e., without the frame being
authenticated. This has a potential issue in...


Fujifilm SQ6 - Instant Regret? Techmoan

Over the years I've reviewed instant cameras that use both Zink and Instax technologies.

After taking into account the significant premium of using the Fujifilm system I've never felt less than short changed. Everyone else appears to be having a lot more 'fun' with their Instax cameras and it's been a sales success for Fuji. In an attempt to see what I was missing out on, I decided to give it one more try and bought the latest SQ6 square format camera.

Was this a wise decision...



Guy Martin: Open Source Strategy at Autodesk

Companies today cant get away with not using open source, says Guy Martin, Director, Open@Autodesk, who recently sat down with us for a deep dive into Autodesks engagement with and contributions to the open source community.


NASA Reveals the Impressive Winning Designs of its 3D Printed Mars Habitat Contest SoylentNews

Submitted via IRC for takyon

Although a recent NASA-supported study found Mars cannot be made inhabitable with our current technology, this hasn't stopped the space agency from continuing its plans to one day colonize the red planet. One such initiative launched in 2015 is the 3D-Printed Habitat Challenge. The $2.5 million competition, now in its third phase, seeks to find the most adequate housing for future Martian residents. The challenge also hopes to uncover advanced construction technologies that may be used in sustainable housing solutions for Earth as well.

Now, NASA and its competition partner Bradley University of Peoria, Illinois, have selected the five winning teams out of 18 submissions from around the world. The winners will share the $100,000 prize and will have to create 3D-printed one-third-scale versions of their designs to confirm their models' feasibility.

[...] "We are thrilled to see the success of this diverse group of teams that have approached this competition in their own unique styles," said in a statement Monsi Roman, program manager for NASA's Centennial Challenges. "They are not just designing structures, they are designing habitats that will allow our space explorers to live and work on other planets. We are excited to see their designs come to life as the competition moves forward."


Original Submission

Read more of this story at SoylentNews.


CVE-2018-11769: Apache CouchDB Remote Code Execution (affects versions 1.x and 2.1.2) Open Source Security

Posted by Joan Touzet on Aug 08

Date: 08.08.2018
Affected: Apache CouchDB 1.x and 2.1.2
Severity: Low
Vendor: The Apache Software Foundation


CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of
administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to
escalate their privileges to that of the operating...


Chip Lights Up Optical Neural Network Demo Lifeboat News: The Blog

Researchers at the National Institute of Standards and Technology (NIST) have made a silicon chip that distributes optical signals precisely across a miniature brain-like grid, showcasing a potential new design for neural networks.

The human brain has billions of neurons (nerve cells), each with thousands of connections to other neurons. Many computing research projects aim to emulate the brain by creating circuits of artificial neural networks. But conventional electronics, including the electrical wiring of semiconductor circuits, often impedes the extremely complex routing required for useful neural networks.

The NIST team proposes to use light instead of electricity as a signaling medium. Neural networks already have demonstrated remarkable power in solving complex problems, including rapid pattern recognition and data analysis. The use of light would eliminate interference due to electrical charge, and the signals would travel faster and farther.


Memories Of A Mis-Spent Youth: Learnabout Simple Electronics Hackaday

Heaven, for tech-inclined late-1970s British kids.Heaven, for tech-inclined late-1970s British kids.

Early last spring, we featured a book review, as part of our occasional Books You Should Read series. Usually these are seminal tomes, those really useful books that stay with you for life and become well-thumbed, but in this case it was a childrens book. Making a Transistor Radio, by [George Dobbs, G3RJV], was a part of the long-running series of Ladybird books that educated, entertained, and enthralled mid-20th-century British kids, and its subject was the construction of a 3-transistor regenerative AM receiver. If you talk to a British electronic engineer of A Certain Age there is a good chance that this was the volume that first introduced them to their art, and they may even still have their prized radio somewhere.

Making a Transistor Radio was a success story, but whats not so well-known is that there was a companion volume published a few years later in 1979....

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Wednesday, 08 August


CA20180802-01: Security Notice for CA API Developer Portal Bugtraq

Posted by Kotas, Kevin J on Aug 08

CA20180802-01: Security Notice for CA API Developer Portal

Issued: August 2, 2018
Last Updated: August 2, 2018

CA Technologies Support is alerting customers to a potential risk
with CA API Developer Portal. A medium risk vulnerability exists that
can allow a remote attacker to conduct reflected cross-site scripting
attacks. CA published solutions to address the vulnerability.

The vulnerability, CVE-2018-6590, occurs due to insufficient...


[CVE-2018-14429] man-cgi < 1.16 Local File Include Bugtraq

Posted by eL_Bart0 on Aug 08

man-cgi before 1.16 allows Local File Inclusion via absolute path traversal. If an Attacker provides a Filename as a
Parameter (e.g. the Script will read and return the local file. This
is happening because of the way the Script calls the "man" command. Tests have shown that "man /some/random/file"
(depending on it's configuration) will first try to locate a manual...


WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0006 Bugtraq

Posted by Michael Catanzaro on Aug 08

WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0006

Date reported : August 07, 2018
Advisory ID : WSA-2018-0006
WebKitGTK+ Advisory URL :
WPE WebKit Advisory URL :...


Snapchats source code leaked out, and was published on GitHub Graham Cluley

Snapchat's source code leaked out, and was published on GitHub

Snap, the parent company of SnapChat, has revealed that an update earlier this year to the social media app accidentally exposed some of its source code.

Read more in my article on the Hot for Security blog.


Insurance Institute Spots Problems in Driver Assistance Systems IEEE Spectrum Recent Content full text

Even the best systems on the market sometimes require the driver to jump in to correct errors

Electronic safety systems in todays vehicles dont always measure up to claims made for them, says a report published Tuesday by the Insurance Institute for Highway Safety (IIHS), a non-profit supported by auto insurers

"We zeroed in on situations our staff have identified as areas of concern during test drives with Level 2 systems, then used that feedback to develop road and track scenarios to compare vehicles," IIHS senior engineer Jessica Jermakian said, according to the report.

Level 2 autonomy employs advanced driver assistance systems (ADAS), which as the phrase implies are meant to help the driver, not replace them. A Level 2 car has the two functions of lane keeping and adaptive cruise control, a feature that maintains a safe distance from the car in front.

The Insurance Institute isnt yet at the point of ranking Level 2 systems for safety, although it does say that all of the five cars its just tested have excellent emergency braking systems. That function is the sole criterion for Level 1 autonomy.

The tested cars were the 2017 BMW 5-series with Driving Assistant Plus; the 2017 Mercedes-Benz E-Class with Drive Pilot; the 2016 Model S and the 2018 Tesla Model 3 with Autopilot (using different software versions); and the 2018 Volvo S90 with Pilot Assist.

When starting at a speed of 50 kilometers per hour (31 mph) and with the adaptive cruise control turned off, the two Teslas were not able to brake in time to completely avoid hitting an obstacle. The other cars were able to stop well short of the obstacle. With the adaptive cruise control turned on, all the cars stopped in time.

When set to follow a lead vehicle that first slowed and then stopped, all five cars were able to keep their distance and to stop in time. When the lead vehicle moved out of the way to reveal a stopped vehicle in the lane, all five cars were able to avoid hitting it.

So far, so good. But these tests were conducted on the track; in traffic things werent always so smooth. Engineers found that all of the cars except the Tesla 3 would sometimes be baffled by a stopped car. And even the Tesla 3 had a problem: excessively cautious braking.

In 180 miles, the car unexpectedly slowed down 12 times, seven of which coincided with tree sh...


New VMSA-2018-0019 - Horizon 6, 7, and Horizon Client for Windows updates address an out-of-bounds read vulnerability Bugtraq

Posted by VMware Security Response Center on Aug 08

VMware Security Advisory

Advisory ID: VMSA-2018-0019
Severity: Important
Synopsis: Horizon 6, 7, and Horizon Client for Windows updates
address an out-of-bounds read vulnerability
Issue date: 2018-08-07
Updated on: 2018-08-07 (Initial Advisory)
CVE number: CVE-2018-6970

1. Summary

Horizon 6, 7, and Horizon Client for Windows updates address an...


Where should companies focus as they begin their machine learning journey? Help Net Security

As machine learning has become more widely adopted across industries, OReilly set out to learn more about how companies approach this work. By surveying more than 11,000 data specialists across North America, Europe, and Asia, the company has identified some of the key learnings that derive from deploying machine learning in production, and where other companies should focus as they begin their journey of machine learning adoption. Notable findings from the survey include: Job titles More

The post Where should companies focus as they begin their machine learning journey? appeared first on Help Net Security.


AMD Radeon Pro 18.Q3 Linux Driver Released Phoronix

AMD has released their Radeon Pro 18.Q3 enterprise driver update, including for supported Linux distributions, as their QA-tested professional-grade driver update for the quarter...


Why Hawaii Got Electricity Before Most of the Rest of the World IEEE Spectrum Recent Content full text

In 1881, Thomas Edison convinced King Kalakaua that electric streetlamps were superior to gas

photo of chandelier Photo: The Friends of Iolani Palace

In 1881, King David Kalakaua of Hawaii went on a world tour, the first of its kind for a sitting monarch. He circumnavigated the globe, stopping in Asia, India, Egypt, Europe, and the United States. Among other things, he sought to encourage immigration from the Asia-Pacific region, as Hawaiis dwindling population had created a labor shortage on its sugar plantations. But the king also wanted to introduce the culture of Hawaii to the world, and he was curious about modern science and technology.

When he arrived in Paris in August 1881, the International Exposition of Electricity was just getting under way. The exposition showcased the latest advancements in electrical technology, such as dynamos, batteries, and lighting. The first International Electrical Congress also convened during the exposition, with participants presenting papers, discussing research, and deciding on definitions for the ampere, the volt, the ohm, and other electrical units.

King Kalakaua visited the exposition and was eager to learn more. George Jones [PDF], cofounder of The New York Times, met the king in Vienna and promised an introduction to Thomas Edison. That meeting took place on 25 September 1881 in Edisons New York City office. According to The Sun (New York), the king and the inventor discussed not only the technicalities of electric lights but also the business of selling power.

As described in The Sun, Hawaiis attorney general, William N. Armstrong, told Edison that the kingdom had a volcano that burns a thousand million tons of coal a day. He jokingly added: You could put your boilers on top of the volcano and get power enough to supply the country. Apparently, Edison didnt get the joke and asked if that was where Hawaii mined its coal. Armstrong replied that in fact Hawaii imported its coal from Australia, but the volcano was their great hope. Some people have since speculated that Armstrongs remark indicated an early interest in geothermal power, but it was more likely a failed attempt at humor.

In any event, Kalakaua explained to Edison that he was keen to upgrade the kerosene lamps that lit the streets o...


From the Annals of Overkill: The Electric Mailbox IEEE Spectrum Recent Content full text

In 1885, Ephraim E. Weaver jumped a little too hard onto the electrification bandwagon

img Photo: National Postal Museum/Smithsonian Institution

During the 1870s and 80s, inventors filed more than a dozen patent applications in the United States for electrical improvements to letter boxes. But why did mailboxes and letter slots, surely among the simplest mechanical devices, have to be electrified? It was primarily a matter of convenience, for people who wanted to know exactly when the mail had arrived and didnt want to waste time checking.

Free home delivery of the mail had begun in the United States in 1863, but mailboxes were not yet standard. Instead, a postman would knock on the door (perhaps with a handheld wooden knocker), wait for someone to answer, and then hand over the mail. If no one was home, the carrier returned later or the next day. Although this created great trust in the system, it wasnt very efficient. In 1909, postal officials calculated that on a typical day, carriers made 360 stops and spent an average of 15 seconds per delivery, or an hour and a half a day, simply waiting.

Photo: National Postal Museum/Smithsonian Institution Photo: National Postal Museum/Smithsonian Institution Photos: National Postal Museum/Smithsonian Institution A Smarter Mailbox: Ephraim E. Weavers electric mailbox [front and interior shown here] came with a key that the delivery person could use to ring a bell, signaling that a package had arrived.

Beginning in the 1880s, the U.S. Post Office Department began encouraging people to install a mailbox or letter slot, although they didnt become a requirement until 1923. (For a nice concise history of the U.S. Postal Service, see The United States Postal Service: An American History 17752006 [PDF].)

And so, many of the early patents for electrical indicators for letter boxes tried to replace or augment the postmans knock. Inventor Henry R. David thought that large office and apartment buildings in cities had a particular problem. His 1875 U.S. patent [PDF] detailed a system of circuits that would inform people in far-flung corners of the building that mail was waiting for them at the main entrance.

Many of the electric...


Hacker leaks Snapchats source code on Github HackRead

By Waqas

Pakistani Hacker Posted Authentic Snapchat Source Code on GitHub  Snapchats source code is stolencan there be a bigger news than that? Perhaps there is! Not only that the source code has been stolen but also posted on Microsoft-owned GitHub of all the platforms. Reportedly, the hacker hails from a small village in Pakistan and uses the []

This is a post from Read the original post: Hacker leaks Snapchats source code on Github


Toshiba RC100 NVMe SSD Ubuntu Linux Benchmarks Phoronix

Back in June Toshiba introduced the RC100 NVMe solid-state drive as a new low-end offering. The RC100 is now a bit blindsided by Intel's just-launched 660p SSD that delivers incredible storage capacities per dollar, and I'll have some Intel 660p Linux benchmarks in a few days, but for those curious about the RC100 here are some Ubuntu Linux benchmark results for this low-cost NVMe SSD.


Retrofitting a Motorola MDT-9100T "Mobile Data Terminal" with a BeagleBone Black SoylentNews

Trammell Hudson has written a blog post about his project to retro fit a Motorola MDT-9100T "Mobile Data Terminal" from eBay with a BeagleBone Black running a modern operating system. He figues their retro-future design was too neat to pass up and that the stylish housing combined with an aperture-less amber CRT looks like something slipped from the Fallout or BladeRunner universe into our own. So he and some others at NYC Resistor bought a few and are repurposing them. A lot of soldering and cable smithing is involved.

Original Submission

Read more of this story at SoylentNews.


Only 8% of orgs have effective DevSecOps practices Help Net Security

92 percent of organizations struggle to implement security into the entire DevOps process despite most saying they want to do so a staggering capability gap exposed in the new, global data report commissioned by Checkmarx. The study spotlights the biggest barriers to securing software today depending on where organizations sit on the DevOps maturity curve. Report findings are based on online survey input from 183 respondents worldwide, the majority of whom hold software development, More

The post Only 8% of orgs have effective DevSecOps practices appeared first on Help Net Security.


Ichor Therapeutics Announces The Formation of Lifeboat News: The Blog

Ichor Therapeutics, a life science company in Lafayette, New York, is one of the big players in the world of rejuvenation biotechnologies. Since its founding in 2013, it has been growing and expanding its portfolio of companies working on therapies against the diseases of aging; on August 1, 2018, Ichor announced the formation of its strategic fund,

What is

This new fund and accelerator program is meant to provide young life science startups with seed funding up to $100,000, technical training, mentorship, and full access to Ichors large research laboratory.


The security issues 3D printing should solve before going mainstream Help Net Security

Its always fun when you can mix your personal hobbies and interests with your profession, and often the passion you carry for the things you love can lead to valuable and productive insights for your vocation as well. Lets hope that theory proves true as this 20-year information security professional, and recent 3D printing enthusiast, considers the potential cybersecurity risks with additive manufacturing. If I threw you for a second there with my fancy words, More

The post The security issues 3D printing should solve before going mainstream appeared first on Help Net Security.


KDE Had A Very Successful Google Summer of Code 2018 Phoronix

Google Summer of Code 2018 is quickly reaching an end. We'll be featuring some of the interesting and successful work accomplished this summer by these students engaging in hundreds of different open-source projects. One of the open-source projects slotted with a lot of participants this year was KDE...


Twitter CEO says theyre taking no action against InfoWars and Alex Jones Graham Cluley

Its the same content that Facebook, YouTube, Spotify, and Apple banned. But Twitter isnt doing anything.


Twitch Plays Battling Robots? Hackaday

Audience interaction reached an all-time high in 2014 with Twitch Plays Pokemon, an online gaming stream where viewers were able to collaboratively command an emulated Game Boy playing Pokemon Red. Since then, the concept has taken off. Today, we see this extended to robots in the real world, with [theotherlonestar]s Twitch Chat Controlled Robots.

The build is one that takes advantage of modern off-the-shelf components an ESP8266 provides the brains, while a Pololu Zumo provides a ready to go robot chassis to save time on the mechanical aspects of the build. An L298N dual motor controller then handles motive power.

The real ingenuity though, is teaching the robots to respond to commands from Twitch chat. The chat is available in a readily parsable IRC format, which makes programming around it easy. [theotherlonestar] created a command set that enables the robots to be driven remotely by stream viewers, and then outfitted the bots with hammers with which to fight, as well as a fedora to tip, if one is so inclined.

Its a cool build, and one which shows further promise as Twitch continues to reduce stream & chat latency. We look forward to seeing future battles, but the first one already excites.

Interested in where it all began? Check out our Twitch Plays Pokemon coverage from way back when. Video after the break.


Twistlock adds automated cloud native forensics to its cybersecurity platform Help Net Security

Twistlock announced the release of Twistlock 2.5, the 14th release of its platform. Twistlock 2.5 provides enterprises with real time incident response and forensics capabilities designed to complement the defense in depth offered by Twistlocks full lifecycle, full stack approach to application security. Twistlock 2.5 introduces cloud native forensics capabilities to the Twistlock Platform. This feature provides automated forensic data collection and correlation across cloud native environments of any size with no additional resource overhead. More

The post Twistlock adds automated cloud native forensics to its cybersecurity platform appeared first on Help Net Security.


History's Fastest Jettisoned Gas From Stellar Outburst Discovered SoylentNews

Submitted via IRC for takyon

The eruption of neighboring superstar Eta Carinae over 170 years ago is fascinating researchers and setting records for the fastest jettisoned gas from a stellar outburst.

Approximately 170 years ago, a stellar eruption sped away from our massive (and incredibly unstable) neighboring superstar Eta Carinae. Now, a team from the University of Arizona in conjunction with NASA has determined this event holds the record for the fastest jettisoned gas ever measured from a star -- without the star self-destructing.

The energy from the blast would be equivalent to that of a traditional supernova explosion, events that often leave behind only the corpse of a star. However, this double star system stayed relatively intact.

For the last seven years, University of Arizona's Nathan Smith and the Space Telescope Science Institute's Armin Rest determined how powerful the blast was by looking at echoes of light surrounding Eta Carinae.


Original Submission

Read more of this story at SoylentNews.


BlackBerry launches new ransomware recovery feature Help Net Security

BlackBerry announced its BlackBerry Workspaces content collaboration platform, featuring a new ransomware recovery capability that allows organizations to recover from cyberattacks. Despite the precautions an organization can take, ransomware attacks will still happen. Ransomware attacks were the most common type of malware in 2017, and its projected that, by the end of 2019, a business will be hit by a ransomware attack every 14 seconds with the resulting damage costs predicted to reach $11.5B annually. More

The post BlackBerry launches new ransomware recovery feature appeared first on Help Net Security.


Google announces Android Pie SDK that is more Kotlin-friendly TechWorm

Googles Android Pie SDK is now more Kotlin-friendly

At Googles I/O 2017 Developers Conference last year, the search giant had announced Kotlin would be an officially supported language in Android and it will join the list of existing programming languages used for Android app development, such as Java and C++. It is also predicted that Kotlin will be surpassing Java as the primary programming language used for Android apps by December 2018.

Moving further in this direction, Google who recently announced Androids new operating system, Android 9.0 Pie has also released an SDK that is more Kotlin-friendly.

For those unaware, developed by JetBrains for JVM (Java Virtual Machine), Android, JS browser and native applications, Kotlin can be compiled to Java source code and can be used alongside Java to build apps. Like Java, Kotlin as a language is object-oriented and statically typed and fully interoperable with Java code. It is designed to solve the similar problem that Java does. It also adds a lot of nice-to-have features that Java itself doesnt currently support, a much cleaner syntax, improved code readability, ideas from functional programming, and other improvements over Java. Also, Kotlins interoperability with Java makes it possible to call Kotlin code from Java or Java code from Kotlin.

Google in its new blog post announced that the newly released Android SDK contains nullability annotations for some of the most frequently used APIs, which will preserve the null-safety guarantee when your Kotlin code is calling into any annotated APIs in the SDK.

Normally, nullability contract violations in Kotlin result in compilation errors. But to ensure the newly annotated APIs are compatible with your existing code, we are using an internal mechanism provided by the Kotlin compiler team to mark the APIs as recently annotated. Recently annotated APIs will result only in warnings instead of errors from the Kotlin compiler. You will need to use Kotlin 1.2.60 or later.

Our plan is to have newly added nullability annotations produce warnings only, and increase the severity level to errors starting in the following years Android SDK. The goal is to provide you with sufficient time to update your code, Google added.

If want to know how you can use the Kotlin-friendly SDK, simply follow the steps below.

1. Go to Tools > SDK Manager in Android Studio.



IBM Security now opens network of four secure testing facilities globally Help Net Security

IBM Security announced X-Force Red Labs, a network of four secure facilities dedicated to testing the security of devices and systems including consumer and industrial IoT technologies, automotive equipment, and Automated Teller Machines (ATMs). IBM X-Force Red also has launched a dedicated ATM Testing practice in response to increased demand for securing financial transaction systems. The new Labs will be operated by X-Force Red, an autonomous team of hackers within IBM Security. The X-Force Red More

The post IBM Security now opens network of four secure testing facilities globally appeared first on Help Net Security.


AMDGPU LRU Bulk Move Patches Yielding OpenCL & Vulkan Performance Boosts Phoronix

AMD's Huang Rui and Christian Konig are working on LRU bulk move functionality that can yield performance improvements for Vulkan and OpenCL workloads...


Snapchat Hack Hacker Leaked Snapchat Source Code On GitHub The Hacker News

The source code of the popular social media app Snapchat was recently surfaced online after a hacker leaked and posted it on the Microsoft-owned code repository GitHub. A GitHub account under the name Khaled Alshehri with the handle i5xx, who claimed to be from Pakistan, created a GitHub repository called Source-Snapchat with a description "Source Code for SnapChat," publishing the code of


CrowdStrike expands its endpoint protection platform with new features Help Net Security

CrowdStrike announced new features and capabilities expanding the scope of the CrowdStrike Falcon platform as the endpoint protection solution available to customers. CrowdStrike released a new device control module to enable visibility and control into removable media activity, a functionality for organizations looking to replace their legacy antivirus with endpoint protection. Additionally, CrowdStrike has announced a new feature to secure Docker container environments and the adoption of MITREs Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) More

The post CrowdStrike expands its endpoint protection platform with new features appeared first on Help Net Security.


How to Be a Stronger DevOps Leader: 9 Tips

IT leaders and DevOps experts tell us that key considerations around talent, measurement, vision, and IT culture are the real secrets to taking DevOps to the next level. Here we share nine of their best tips for IT leaders. Dig in, and then share yours in the comments below.


First Round of Keynotes Announced for Open Source Summit and ELC + OpenIoT Summit Europe

Announcing the first round of keynote speakers for Open Source Summit and Embedded Linux Conference + OpenIoT Summit Europe!

Keynotes include:


Optiv Security enables organizations to evaluate their digital footprints Help Net Security

Optiv Security announced EnemyPerspectives@Optiv, an integrated suite of services that allows an organization to evaluate its digital footprint from the perspective of a potential threat actor, from that actors intent, and then take prioritized steps to remediate weaknesses. EnemyPerspectives@Optiv is the example of how Optiv helps clients build sustainable, risk-centric foundations for implementing proactive and measurable security programs. Todays organizations continue to accelerate the adoption of digital business models and environments to remain competitive. While More

The post Optiv Security enables organizations to evaluate their digital footprints appeared first on Help Net Security.


KDE Neon Powered By Ubuntu 18.04 LTS Now Available For Testing Phoronix

Fans of KDE Neon relying upon this OS/package-set for experiencing the latest and greatest KDE innovations can now enjoy it paired with an Ubuntu 18.04 "Bionic Beaver" base...


LibreOffice 6.1 Shipping Today As A Big Update For This Open-Source Office Suite Phoronix

LibreOffice 6.1 will officially be hitting the web in a short time as the latest major feature release to this newest cross-platform, open-source office suite...


Finding Fake Amazon Reviews SoylentNews

Admittedly this is more of a Sla... I mean Soyvertisement. However, I just heard about it this weekend, and it sounds both interesting and useful. I thought others might find it interesting as well

Long story short: ReviewMeta is a website which can be used to try to detect fake reviews on Amazon.

In my defense, it is somewhat technologically interesting. The system supposedly uses various heuristics and algorithms in order to accomplish this, such as searching for suspicious submission patterns, text entered, and timing windows to try to find fakes.

The "news" source I heard it from was a radio/podcast at:

Original Submission

Read more of this story at SoylentNews.


Can the US stop the scientific brain drain to China? Lifeboat News: The Blog

The United States is still the preeminent location for scientific research, but this is not a given, and we should not take it for granted. The new policies being implemented by China, and especially their ambition to attract outside talent, could quickly drain the lifeblood of our scientific institutions. Without a determined effort to attract, support, and retain leading researchers, we cannot expect to drive the breakthroughs, technologies, and medicines of the future. Massachusetts has admirably made a strong commitment to biotechnology through the Life Sciences Initiative. But will this be enough to sustain the scientific ecosystem of the entire country?

The United States is in danger of losing its primacy in scientific research.


Astronaut Announcement Lifeboat News: The Blog

Dont Miss This! Were introducing you to the first astronauts who will launch from U.S. soil since the final Shuttle mission in 2011. Join us live starting at 11 a.m. EDT on Friday, Aug. 3 to meet the Commercial Crew astronauts who will fly on The Boeing Company and SpaceX capsules to #LaunchAmerica to the International Space Station.


Journal Club July 2018 CRISPR may cause unwanted mutations Lifeboat News: The Blog

The July edition of the Journal Club has us taking a look at a recent paper that casts doubt and concern over the use of CRISPR Cas9 for gene editing.

If you like watching these streams and/or would like to participate in future streams, please consider supporting us by becoming a Lifespan Hero:

The paper we are discussing can be found here:


Marek Tackles EXT_gpu_shader4 Support In Gallium3D For Old Games/Apps Phoronix

While the EXT_gpu_shader4 extension was written for the OpenGL 2.0 days a decade ago when the GeForce 8 series was NVIDIA's flagship products, AMD's Marek Olk is now adding support for this extension to the Gallium3D drivers...


Vodafone Blocks Libgen Following Elsevier, Springer & Macmillan Injunction TorrentFreak

While mainstream sharing of movies, TV shows, video games, software and eBooks grabs the most headlines, theres an area of unlawful content consumption that is in some ways more controversial.

Most top academic articles are published in journals that can only be accessed legally through expensive paywalls. This means that those who wish to be enriched by that knowledge must pay for the privilege. That doesnt sit well with those who believe that free access to information is a positive for the planet.

One of the sites that has continuously challenged the notion that knowledge should be available at a price is the Library Genesis project. More commonly known as Libgen, the site has torn up the rule book by hosting pirated copies of scientific publications and other books, offering them to the public for free.

For many, Libgen is offering a great service to people hungry for knowledge but for the major publishers that have a huge financial reliance on access fees, its a pirate site that needs to be stopped, just like any other. Publishers, notably Elsevier, have had the platform in their crosshairs for some time.

This week, Germany-based publication Tarnkappe discovered that local access to Libgen appears to have been limited. Users of Vodafone told the publication that attempts to access the site via and the newer domains were proving fruitless.

Those who try to access the site via its regular domains are met with the following message (translated into English).

After contacting the ISP, Tarnkappe was informed that Vodafone is indeed blocking subscriber access to Libgen. The service provider says it is complying with instructions handed down by a local court.

Due to a temporary injunction issued by various scientific publishers, Elsevier, Springer and Macmillan, which was issued by the Munich Regional Court on 18 July 2018, Vodafone has been requested to immediately implement a network ban, Vodafone spokesperson Heike Koring explained.

The preliminary injunction deals with the copyright claims of scientific publishers that have been infringed by third parties. The block was implemented by Vodafone.

At this stage, its unclear whether the ISP blockade is limited to Vodafone or whether other ISPs will be required to block Libgen in due course. Copyright holders believe that blockades are more effective when theyre applied across man...


Snapchat Source Code Leaked, Posted Publicly On GitHub TechWorm

Snapchat Source Code Leaked Online, Posted On GitHub

In response to a DMCA (Digital Millennium Copyright Act) takedown notice, Microsoft-owned repository GitHub took down a leaked source code of the popular social messaging app SnapChat, after it was posted publicly on the worlds largest platform for developers.

The notice sent by Snap Inc., the parent company of Snapchat, targets the unauthorized publication and distribution of Snapchats source code.

I am [redacted] at Snap inc., owner of the leaked source code, the notice sent last week reads.

[I]t was leaked and a user has put it in this Github repo. [T]here is no URL to point to [detailing the original content] because Snap Inc. doesnt publish it publicly.

According to Motherboard, an iOS update had exposed some of Snapchats source code earlier this year, which was archived on GitHub before Snap Inc. asked the site to remove the data.

An iOS update in May exposed a small amount of our source code and we were able to identify the mistake and rectify it immediately, a Snap Inc. representative told CNET. We discovered that some of this code had been posted online and it has been subsequently removed. This did not compromise our application and had no impact on our community.

The code was uploaded by a user who claims to be from Pakistan and had created a GitHub repository called Source-Snapchat. Investigation of this users account revealed that he is from Tando Bago in the Badin District of Sindh province in Pakistan who identifies himself as i5xx on the development website. The users profile also links to a website which shares the same name as the user (

Nothing more is known about the uploader of the code at present. According to GitHub, the source code will not be restored on the website unless a counter-claim is made by the owner of the source code. Currently,...


Fedora Might Start Dropping Packages With Consistently Bad Security Records Phoronix

Fedora's Engineering and Steering Committee is mulling over the idea of dropping software packages from the distribution that have notoriously bad security track records...


ngrep A Network Packet Analyzer for Linux

ngrep A Network Packet Analyzer for Linux


WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0006 Open Source Security

Posted by Michael Catanzaro on Aug 08

WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0006

Date reported : August 07, 2018
Advisory ID : WSA-2018-0006
WebKitGTK+ Advisory URL :
WPE WebKit Advisory URL :...


Thumbs Up for This Custom Atari 5200 Controller Hackaday

It may be nearly 40 years old, but the Atari 5200 still inspires legions of fans to relive the 8-bit glory days of their youth. There was much to love about the game console, but the joystick-and-keypad controllers were not among its many charms. The joystick didnt auto-center, the buttons were mushy, and the ergonomics were nonexistent.

Retro-aficionados need not suffer in silence, though, thanks to this replacement controller for the Atari 5200. [Scott Baker] didnt want to settle for one of the commercial replacements or, horrors, an adapter for the old PC-style joystick, so he rolled his own. Working from the original Atari schematics, [Scott] devised a plan for using a readily available thumbstick controller as the basis for his build. The essential problem was how to adapt the 10k pots on the new joystick to work in an environment expecting 500k pots, which he solved using an analog to digital and back to analog approach. The ADCs on an ATtiny85 convert each joystick pots voltage to a digital value between 0 and 255, which is sent to a 100K digital potentiometer. A little fiddling with RC constants brings it back in line with what the console expects. The thumbstick and buttons live on a custom PCB kudos to [Scott] for designing an ambidextrous board. The video below shows the design and the finished product in action.

[Scott] is on a bit of a 5200 kick these days; he just finished up a Raspberry Pi multi-cartridge for the venerable console. His controller should make retro-gameplay on the console a little easier on the hands.



It Just Got a Lot Harder to Pretend that Predatory Publishing Doesn't Matter SoylentNews

The first solid indication of how widespread this problem really is came with last year's Federal Trade Commission (FTC) action against one of the largest and most profitable of the alleged predators, the prolific journal publisher and conference organizer OMICS, which publishes 785 titles generating over $50M in annual revenues. The FTC alleges that OMICS makes false promises of peer review in return for article processing charges (APCs), assesses those charges without disclosing them up front (then refuses to let authors withdraw their papers from submission), and lies about both the membership of its editorial boards and the names of presenters at the many conferences it sponsors - all classic examples of predatory publishing practices.

Now comes a small flood of even more alarming reports [...]


Original Submission

Read more of this story at SoylentNews.


Rogue Planet Travels Universe Without A Parent Star Lifeboat News: The Blog

This rogue planet travels the universe without a star.


Ramnit is back and contributes in creating a massive proxy botnet, tracked as Black botnet Security Affairs

Security researchers at Checkpoint security have spotted a massive proxy botnet, tracked as Black botnet, created by Ramnit operators.

Security researchers at Checkpoint security have spotted a massive proxy botnet, tracked as Black botnet, that could be the sign of a wider ongoing operation involving the Ramnit operators.

Ramnit is one of the most popular banking malware families in existence today, it was first spotted in 2010 as a worm, in 2011, its authors improved it starting from the leaked Zeus source code turning the malware into a banking Trojan. In 2014 it reached the pinnacle of success, becoming the fourth largest botnet in the world.

In 2015, Europol partnering with several private technology firms announced the takedown of the Ramnit C2 infrastructure.

A few months later Ramnit was back, the researchers at IBM security discovered a new variant of the popular Ramnit Trojan.

Recently the experts observed that the Black botnet campaign has infected up 100,000 systems in two months, and this is just the tip of the iceberg because according to researchers a second-stage malware called Ngioweb is already spreading.

There is the concrete risk that Ramnit operators are using the two malware to build a large, multi-purpose proxy botnet that could be used for many fraudulent activities (i.e. DDoS attacks, ransomware-based campaigns, cryptocurrency mining campaigns).

Recently we discovered the Ramnit C&C server ( which is not related to the previously most prevalent botnet demetra. According to domain names which are resolved to the IP address of this C&C server, it pretends to control even old bots, first seen back in 2015. We named this botnet Black due to the RC4 key value, black, that is used for traffic encryption in this botnet. reads the analysis published by Checkpoint security.

This C&C server has actually been active since 6th March 2018 but didnt attract attention because of the low capacity of the black botnet at that time. However, in May-July 2018 we detected a new Ramnit campaign with around 100,000 computers infected....


Aviatrix software-defined cloud routing solution adds security measures for AWS VPCs Help Net Security

Aviatrix announced a new security capability for its AVX SD cloud routing solution. The AVX virtual private cloud (VPC) egress security feature makes it easy to both discover and control internet traffic leaving Amazon Web Services (AWS) VPCs, allowing organizations to secure egress traffic against internal threats and external attacks. The AVX VPC egress security capability also enables organizations to comply with internal practices and industry regulations such as Payment Card Industry (PCI) standards, which More

The post Aviatrix software-defined cloud routing solution adds security measures for AWS VPCs appeared first on Help Net Security.


Ayla Networks announces new IoT platform offerings Help Net Security

Ayla Networks announced new capabilities to its IoT platform that will simplify the ability to gain business value from IoT. This new Ayla IoT platform release overcomes restrictions on choosing wireless modules to connect to the Ayla IoT cloud and streamlines the creation of enterprise applications that use IoT device data. A new Ayla portable software agent cuts the time needed to get to market with IoT initiatives, by allowing manufacturers to select any cellular More

The post Ayla Networks announces new IoT platform offerings appeared first on Help Net Security.


A10 adds real-time security analytics for data centers with Harmony Apps Help Net Security

A10 Networks announced an upgrade to its multi-cloud analytics and management platform, the A10 Harmony Controller. The upgrade expands A10s security and connected intelligence capabilities via new modular Harmony Apps that support key A10 security solutions, Thunder SSLi (SSL Insight), Thunder CFW (Convergent Firewall), and the Thunder CGN (Carrier-Grade Networking). With many organizations undergoing digital transformation, it is becoming critical to have available and secure application infrastructure to support business operations. A10s release of the More

The post A10 adds real-time security analytics for data centers with Harmony Apps appeared first on Help Net Security.


1 Gram Of This Material Is Worth $6.25 TRILLION Dollars Lifeboat News: The Blog

The most EXPENSIVE Material in the world, priced at more than 6 TRILLION per gram is?


Motorola Solutions FirstNet Ready LTE device enables secure real-time data sharing Help Net Security

Motorola Solutions continues to support the rollout of FirstNet with the FirstNet Ready LEX L11 handheld device. The companys public safety LTE device is designed for use on FirstNet or similar global public safety networks. FirstNet is being built by AT&T in public-private partnership with the First Responder Network Authority (FirstNet Authority). Motorola Solutions is a member of the AT&T team selected by the FirstNet Authority to deliver FirstNet. Motorola Solutions is working with AT&T More

The post Motorola Solutions FirstNet Ready LTE device enables secure real-time data sharing appeared first on Help Net Security.


Analysts confirm half a billion Zigbee chipsets sold, igniting IoT innovation Help Net Security

The Zigbee Alliance announced that findings from market research firm ON World project a favorable market for connected devices leveraging Zigbee Alliance technologies over the next five years. ON World whose experts provide global business intelligence on the IoT confirmed that half a billion Zigbee chipsets have been sold to date. Their analysts predict that 802.15.4 mesh chipset sales will skyrocket to 4.5 billion by 2023 with the majority of those being based More

The post Analysts confirm half a billion Zigbee chipsets sold, igniting IoT innovation appeared first on Help Net Security.


Was That My Friend? Terra Forming Terra

 We already understand that intelligent creatures can appear and disappear themselves in front of you by altering your perception.  It would be just as easy to encourage you to see what you also expect to see and then lead you into a trap as almost happened here.  Robert would have died and then been carried deep into the woods and his friend would be totally confused as well as been accused of murder.
This looks like a possible Giant sloth trick or even a Big foot who also has this ability at least.  We had the ability ourselves but this was shut off for the Fall from Eden.
These types of events do connect to known disappearances in the wild.  There was also a moment of vulnerability there that a stalker could take advantage of.
Was That My Friend?

Wednesday, July 18, 2018

My personal experience happened when I took a friend to a nearby lake for a hike. He had never been to the lake, so we hiked to a viewing tower at one end of the lake. We took some pictures and enjoyed the view for awhile. I said, 'Okay, we should head back now' and we came down off the viewing tower. I told my friend to go ahead and I would catch up...I needed to relieve myself. David took off and I turned around and did my thing. When I turned around I saw my friend walk off the trail about 100 feet ahead of me, and walk towards the edge of the lake. He had this mischievous grin on his face. I kept my eye on him as I walked towards where he stepped off the trail; I had the thought he was trying to hide on me. So when I got to where he stepped off the trail, I ran ahead with the intention of hiding on him. I ran a minute maybe two and as I rounded a turn in the trail my friend was standing there calmly waiting for me. I was shocked. There is no way he could have got here as I just left him in my dust. I was looking back at him when I ran off and knew he was behind me. Only one trail, so no way for him to get to where I found him. What was this? Can anyone offer an explanation?


Red Toothy Humanoid Appears in the Night Terra Forming Terra

There could be millions of these about and we would never know.  The observation was crystal clear and the reaction normal.  Sleep is no explanation and the physical disturbance confirms the reality of the event.  It could be Earth derived reptilian from the description, but the lack of eyes is says otherwise.

Such a crwature poorly seen would readily explain many other occurances.

So why was it present and there we have the known program of sampling underway by several alien species.  It is not surprising and its failure to initially hide is similar to many others which ended in stealthing.

The depth of non human activity on Earth has proven huge but also well hidden.

Red Toothy Humanoid Appears in the Night 
Friday, July 20, 2018

"This is my story. This is in full detail and as much info I can give. I hope you enjoy and I hope there are answers. It was election night 2016, (this is not a sh*tty political joke, this is a legit story) and I was laying in bed, and about to sleep. I was praying as I usually do every night (before I lost faith) and I was laying on my side, facing the wall. I finished praying and I begun to slowly sing under my breath to myself as I occasionally did while going to sleep. While I was singing, I got a feeling like I was being watched, and I heard something from behind me. I turned over to see what it was.

When I turned over, I saw something that I just couldn't believe, and I sat up quickly in order to stay aware. I saw in the middle of my room, squatting by my doorway, a humanoid figure. It had red leathery skin, It was apparently male as it was shirtless and had no breasts, it had no eyes where it should've had eyes. It had these raised ridges of skin vertically up and down it's upper face where it's eyes should be. It had no ears, instead it had holes like snake ears in the side of it's head, and they had these curves like normal ears, but instead it was inverted inside of the head and not out of the head. It had these large hands with black nails like a dog would have, it had huge feet with 4 toes on each, again with large black nails. It also had no genitals, and instead a scar where the male genitalia should've been, like i...


Menacing Bigfoot in Kentucky Terra Forming Terra

I do not think that this was truly menacing but it was confrontational as the truck had come back up the road after it.  Like the big Apes, the big foot will confront, make noise and trow things to discourage you.  It will not actually attack.
Much of that could be from well learned respect.  Observe that it understood what a hand gun was.
The Big foot has always had the advantage of us in its ability to observe us and our behavior.  Thus they normally avoid contact as that is safest.  Assume also that stories of contact has been passed down among them..

Menacing Bigfoot in Kentucky 

Monday, July 23, 2018

I received a telephone call from the witness 'JB' On Saturday July 21, 2018 at 2:37 AM ET:

The witness 'JB' and his 13-year-old son were returning home from fishing at Bennett's Paylake in Bullitt County, Kentucky (24 hour fishing permitted). It was approximately 10:30 PM ET on Friday night July 20th. They were driving in their pickup, and had just turned onto Highway 44.

Then the witness' son yelled out that something large and on 2 legs was running along side of the truck on the passenger side. It was keeping pace with the truck and was about 30 foot off the road in a field. When they reached the nearest driveway, JB slammed on the brakes and turned the truck around, attempting to drive back and see what whatever it was his son had described.

As they started to head back on the highway, a large hairy bi-pedal creature stepped out of a wooded gully along the road (near Applegate Run) and stood in front of the truck. It was illuminated by the headlights...approximately 10 foot away from the witnesses.
They immediately noticed an awful sickening stench in the air (described as smellin...


Incident Above Earth Terra Forming Terra

 What is bizarre here is that an extraction was done and the individual was taken from an hotel room with witnesses and placed back in his own home.  As with thousands of abduction reports, medical procedures were undertaken
We also establish that the craft was in Earth orbit.  I do not think he was expected to become conscious through all this either.  Plenty of abductees exhibit the physical markings but few memories at all.  That is the real variable.
The folk involved are apparently reptilian as we know them from other reports and could well be Earth derived as well.  However no other sighting of likely Earth evolved Reptilians show gills.  Yet an old Sumerian report tells of just this.  So it is not even new.
There is substantial data gathering underway and several alien species appear involved.  The stories told are otherwise not particularly creditable.
Incident Above Earth 
Wednesday, July 25, 2018

I recently received the following account:

I don't know where to begin and, honestly, I'm hesitant to even bring it up. But I believe there should be a record of my experience. I don't want any notoriety. Nothing like that. I don't want to ever speak about it again, because it scares me so much. This is the truth as best as I can recollect.

My experience occurred in the first week of June 2018 near Naples, FL. I went to sleep around 11 PM in a room with a friend, who was sleeping in a bed next to mine. We were sharing a hotel room. I go to sleep. Nothing unusual.

Then suddenly I woke in what seemed like a hospital room. The first thing I noticed was I was laying on what appeared to be a hospital bed. I immediately assumed I'm in a hospital. As I realize there is no way I could be in a...


SentinelOne announces partnership with Avid Secure to bring visibility to cloud security Help Net Security

SentinelOne has partnered with Avid Secure to provide security teams with visibility into their cloud workloadsincluding their hosts and networks. By combining SentinelOne with Avid Secure, security professionals are able to determine whether or not resources are protected and prioritize their protection needs. Agility is a key use case for public cloud adoption. SentinelOne and Avid Secures combined solution provides real-time cloud workload protection status at your fingertips. This is critical for migrating several petabytes More

The post SentinelOne announces partnership with Avid Secure to bring visibility to cloud security appeared first on Help Net Security.


ShiftLeft demonstrates application protection in the first test of its kind Help Net Security

ShiftLeft announced the public real-world benchmark of its application security solution. The test measured ShiftLefts ability to protect an application against exploit attempts made by some of white-hat hackers. performed the penetration testing to provide ethical hacking expertise and an objective third-party perspective. Lab-based testing provides standardized results, but it cannot emulate the unpredictability of human-driven real-world hacking scenarios. In a lab, common tools may be used to probe the application for potential weaknesses. More

The post ShiftLeft demonstrates application protection in the first test of its kind appeared first on Help Net Security.


Spirent extends CyberFlood with Data Breach Assessment for testing of networks and devices Help Net Security

Spirent Communications announced the availability of the solution using data breach emulation technology to provide holistic and hyper-realistic security testing of networks and devices for awareness of data breach and intruder activity. This new solution, CyberFlood Data Breach Assessment, is a component of Spirents CyberFlood product line, extending it into production environments for continuous testing of live networks and devices. As an holistic automated solution within the live network, CyberFlood Data Breach Assessment provides active More

The post Spirent extends CyberFlood with Data Breach Assessment for testing of networks and devices appeared first on Help Net Security.


Personal Bankruptcy Increases Among USA Seniors SoylentNews

Personal bankruptcy among seniors has been growing over the last 25+ years, according to a recent study reported by the NY Times and syndicated nationally, for example at:

The signs of potential trouble vanishing pensions, soaring medical expenses, inadequate savings have been building for years. Now, new research sheds light on the scope of the problem: The rate of people 65 and older filing for bankruptcy is three times what it was in 1991, the study found, and the same group accounts for a far greater share of all filers.

Driving the surge, the study suggests, is a three-decade shift of financial risk from government and employers to individuals, who are bearing an ever-greater responsibility for their own financial well-being as the social safety net shrinks.

The transfer has come in the form of, among other things, longer waits for full Social Security benefits, the replacement of employer-provided pensions with 401(k) savings plans and more out-of-pocket spending on health care. Declining incomes, whether in retirement or leading up to it, compound the challenge.

Read more of this story at SoylentNews.


Robot Spiders Could Help Doctors With Surgery Lifeboat News: The Blog

These soft robot spiders could change how doctors perform surgery.


WWII destroyed optical observatory, Ermita, Manila, Philippines, July 8, 1945 Lifeboat News: The Blog

The astronomical observatory was founded by the Jesuits during the Spanish occupation and later transferred to the Philippine Commonwealth Weather Department. This was adjacent to the University of the Philippines campus of today south of Luneta Park. The observatory had a 19-inch refracting telescope, by far the largest in the Orient. The staff of the observatory includes five Jesuit fathers and twenty-five well-trained native assistants. The construction of a 19-inch refracting telescope and dome was in 1897.

US signal corps photo, US national archives.


Automatic Sunglasses, The Electromechanical Way Hackaday

These days, photochromic lenses are old-hat. Sure, its useful to have a pair of glasses that automatically tints due to UV light, but what if you want something a little more complex and flashy? Enter [Ashraf Minhaj]s SunGlass-Bot.

The build is simple, beginning with an Arduino Pro Mini for reasons of size. Connected to the analog input is a light-dependent resistor for sensing the ambient light level. This reading is then used to decide whether or not to move the servo which controls the position of the lenses. In low light, the lenses are flipped up to allow clear vision; in brighter light, the lenses flip down to protect the eyes. Power is supplied by a homebrew powerbank that it appears [Ashraf] built from an old phone battery and a small boost converter board. All the files to recreate the project are available on Github, too.

Its a fun build that [Ashraf] shows off in style. While this may not be as effortless as a set of Transition lenses or as quick as a welding mask filter, it has a certain mechanical charm that wouldnt be out-of-place in a certain sci-fi aesthetic.

Hungry for more? Check out these self-blending sunglasses we featured a while back. Video after the break.


Farming Impact of Australia's Worst Drought in Recent Memory SoylentNews

Reuters reports:

Record-low rainfall in some regions and successive seasons of above-average temperatures have blighted vast tracts of Australia's grazing and crop land.

[...] as grain silos in the south are emptied, desperate owners are being forced to slaughter animals, even if it means it will take years for herds to recover.

[...] The ground in drought-hit regions has dried out to such a depth that it is even killing large trees.

[...] The current dry period is not as extensive as the Millennium drought of 1997-2005, which devastated nearly 50 percent of the country's agricultural land and was associated with two El Nio systems, which bring hot, dry weather to Australia.

Original Submission

Read more of this story at SoylentNews.


Hacking WiFi Password in a few steps using a new attack on WPA/WPA2 Security Affairs

A security researcher has devised a new WiFi hacking technique that could be exploited to easily crack WiFi passwords of most modern routers.

The security researcher Jens Atom Steube, lead developer of the popular password-cracking tool Hashcat, has devised a new WiFi hacking technique that could be exploited to easily crack WiFi passwords of most modern routers.

The new WiFi hacking technique allows to crack WPA/WPA2 wireless network protocols with Pairwise Master Key Identifier (PMKID)-based roaming features enabled.

The expert was analyzing the recently launched WPA3 security standard when accidentally the new technique.

This attack was discovered accidentally while looking for new ways to attack the new WPA3 security standard. WPA3 will be much harder to attack because of its modern key establishment protocol called Simultaneous Authentication of Equals (SAE). Steube wrote in a post.

The main difference from existing attacks is that in this attack, capture of a full EAPOL 4-way handshake is not required. The new attack is performed on the RSN IE (Robust Security Network Information Element) of a single EAPOL frame.

Older attack techniques required capturing a full 4-way handshake of Extensible Authentication Protocol over LAN (EAPOL), that is a network port authentication protocol. The new attack technique, differently from the previous ones, targets the Robust Secure Network Information Element (RSN IE).

The RSN protocol was designed for establishing secure communications over an 802.11 wireless network and it is part of the 802.11i (WPA) standard. Every time it attempts to establish a secure communication channel, the RSN broadcasts an RSN IE message within the network.

The Robust Security Network protocol has the PMKID (Pairwise Master Key Identifier), that is the key needed to establish a connection between a client and an access point.

An attacker can obtain...


This App can monitor all your social media activities TechWorm

Many users are looking for an App or software out of parental controls, management needs and, of course, the issue of trusts between two partners. This kind of monitoring software can actually meet the needs of track the smartphones, but whatever you use it for, just keep it in mind, you must get approved before monitoring others devices due to the morality and privacy issues.

The software such as FoneMonitor that allows for monitoring any smartphone. Usually the users utilize it to monitor the targeted devices on their own smartphone or computer. There is no question about the legitimacy of this software, for example, with employees consent, it can be used to watch your staffs during the working period in terms of checking the text messages, Apps activity, keylogger on the targeted smartphones, to be sure if the workers are on duty or leaking out the confidential information.

This App can monitor all your social media activities-fonemonitor
FoneMonitor is compatible with both Android and iOS system, it allows for tracking the targeted devices on your smartphone as well as on the computers with Windows or Mac OS system, supporting all the popular web browsers, which include, Firefox Mozilla, Google Chrome, and Internet Explorer.
Installation (Easy steps to use FoneMonitor)
There are four simple steps you need to take in order to use FoneMonitor effectively:
Step #1: download the FoneMonitor App on the Android devices from the designated page. On iPhone, it just requires to sync with iCloud, and you can start to use.
Step #2: Create your FoneMonitor account
Step #3: Verify the targeted smartphone
Step #4: Monitor the activities on the targeted phone.
For Android devices, you need to install the App on the targeted device, the App can be set to be invisible on the phone.



What the Caesars (@DefCon) WiFi situation looks like Errata Security

So I took a survey of WiFi at Caesar's Palace and thought I'd write up some results.

When we go to DEF CON in Vegas, hundreds of us bring our WiFi tools to look at the world. Actually, no special hardware is necessary, as modern laptops/phones have WiFi built-in, while the operating system (Windows, macOS, Linux) enables monitor mode. Software is widely available and free. We still love our specialized WiFi dongles and directional antennas, but they arent really needed anymore.

Its also legal, as long as you are just grabbing header information and broadcasts. Which is about all thats useful anymore as encryption has become the norm -- we can pretty much only see what we are allowed to see. The days of grabbing somebodys session-cookie and hijacking their web email are long gone (though the was a fun period). There are still a few targets around if you want to WiFi hack, but most are gone.

So naturally I wanted to do a survey of what Caesars Palace has for WiFi during the DEF CON hacker conference located there.

Here is a list of access-points (on channel 1 only) sorted by popularity, the number of stations using them. These have mind-blowing high numbers in the ~3000 range for CAESARS. I think something is wrong with the data.

I click on the first one to drill down, and I find a source of the problem. Im seeing only Data Out packets from these devices, not Data In.

These are almost entirely ARP packets from devices, associated with other access-points, not actually associated with this access-point. The hotel has bridged (via Ethernet) all the access-points together. We can see this in the raw ARP packets, such as the one shown below:



Island Living Can Shrink Humans SoylentNews

Submitted via IRC for takyon

Living on an island can have strange effects. On Cyprus, hippos dwindled to the size of sea lions. On Flores in Indonesia, extinct elephants weighed no more than a large hog, but rats grew as big as cats. All are examples of the so-called island effect, which holds that when food and predators are scarce, big animals shrink and little ones grow. But no one was sure whether the same rule explains the most famous example of dwarfing on Flores, the odd extinct hominin called the hobbit, which lived 60,000 to 100,000 years ago and stood about a meter tall.

Now, genetic evidence from modern pygmies on Floreswho are unrelated to the hobbitconfirms that humans, too, are subject to so-called island dwarfing. An international team reports this week in Science that Flores pygmies differ from their closest relatives on New Guinea and in East Asia in carrying more gene variants that promote short stature. The genetic differences testify to recent evolutionthe island rule at work. And they imply that the same force gave the hobbit its short stature, the authors say.


Original Submission

Read more of this story at SoylentNews.


Lanwar - 45,120 breached accounts Have I Been Pwned latest breaches

In July 2018, staff of the Lanwar gaming site discovered a data breach they believe dates back to sometime over the previous several months. The data contained 45k names, email addresses, usernames and plain text passwords. A Lanwar staff member self-submitted the breach to HIBP and has also contacted the relevant authorities about the incident after identifying a phishing attempt to extort Bitcoin from a user.


Failed Tool Turned Exploded Wall Art Hackaday

Few things hit a hacker or maker harder than when a beloved tool goes to that Big Toolbox In The Sky. It can be hard to trash something thats been with you through countless repairs and teardowns, made all the worse by the fact most employers dont recognize Tool Bereavement as a valid reason to request time off. Maybe next time one of your trusty pieces of gear gives up the ghost, you can follow the example set by [usuallyplesent] and turn it into a piece of art to hang up on the shop wall.

The shop had gotten years of daily service out of this air powered angle die grinder (not bad for a $14 Harbor Freight tool), and he thought they should immortalize it in their waiting room by turning it into an interesting piece of art. After all, its not everyday that some folks see the insides of the sort of tools the more mechanically inclined of us may take for granted.

After taking the grinder apart and cleaning everything up, [usuallyplesent] decided to simplify things a bit by tossing out the assorted tiny components like seals and washers. By just focusing on the larger core components, the exploded view is cleaner and reminds us of a light saber cutaway.



Facebook Wants Your Banking Data SoylentNews

Facebook wants banks to "share detail financial information about their customers, including card transactions and checking account balances". Summary article here, original paywalled WSJ article here, alternative link may avoid paywall.

Facebook says that "it wouldn't use bank data for ad-targeting purposes", and that they "don't have special relationships, partnerships, or contract with banks or credit-card companies to use their customers, purchase data for ads." You can just hear the missing word yet. In fact, later on the article specifically says "As part of the proposed deals, Facebook asked banks for information about where its users are shopping with their debit and credit cards".

Of course, the great mass of people will have no problem allowing Facebook into their financial lives...

Original Submission

Read more of this story at SoylentNews.


Diving Into That Lake on Mars Lifeboat News: The Blog

Whos up for a swim?

Our world was rocked by last weeks announcement of good radar evidence for a liquid water lake under the Red Planets south pole. Senior Editor Emily Lakdawalla introduces us to the story that is then taken up by two of host Mat Kaplans favorite Martians. The Goddard Space Flight Centers James Garvin headed NASAs Mars exploration program, while NASA Ames astrobiologist Chris McKay co-founded the Mars Underground more than 35 years ago. Look up! Mars is still close by, and the Perseid meteor shower is around the corner. Bruce Betts gives us the Whats Up lowdown.


The History of Artificial Intelligence Lifeboat News: The Blog

This video was made possible by Brilliant. Be one of the first 200 people to sign up with this link and get 20% off your premium subscription with!

Artificial intelligence has been a topic of growing prominence in the media and mainstream culture since 2015, as well as in the investment world, with start-ups that even mention the word in their business model, gaining massive amounts of funding.

While to many, the hype around AI may appear sudden, the concepts of modern artificial intelligence have been around for over a century and extending further, the concept of artificial intelligence and artificial beings have been in the minds of humans for thousands of years.

To better understand and appreciate this technology and those who brought it to us as well as to gain insight into where it will take us: sit back, relax and join me in an exploration on the history of artificial intelligence.

Thank you to the patron(s) who supported this video

Wyldn pearson collin R terrell kiyoshi matsutsuyu


NEW 'Off The Wall' ONLINE 2600 - 2600: The Hacker Quarterly

NEW 'Off The Wall' ONLINE

Posted 08 Aug, 2018 0:41:29 UTC

The new edition of Off The Wall from 07/08/2018 has been archived and is now available online.


Twitter CEO on decision not to ban Alex Jones: 'He hasn't violated our rules' The Hill: Technology Policy

Twitter CEO Jack Dorsey on Tuesday explained the sites decision not to suspend conspiracy theorist Alex Jones, breaking with several other top tech companies.In recent days, Jones and his website, Infowars, have been banned or otherwise...


Chrome 70 Dev Release With Shape Detection API Phoronix

While Chrome 69 was released last week, today Google has shipped their latest "dev" release of Chrome 70 for interested testers...


HPR2613: Quick Awk Tip Hacker Public Radio

This is obvious, but it tripped me up a few times after listening to the excellent Awk series by Dave and B-yeezi, so I though I'd share it here to save others the trouble. When moving from simple awk commands to proper awk scripts, you put a shebang line at the top of your script. It's pretty common to many of us, because we do it for Python and Bash all the time. But if you just put: #!/usr/bin/awk Then your awk script won't work the way you expect. You must provide the -f flag: #!/usr/bin/awk -f Now you can pipe things to your awk script as expected.


Samsung Announces Production of 1-4 TB Consumer 3D QLC NAND SSDs SoylentNews

Samsung is about to make 4TB SSDs and mobile storage cheaper

A couple of years ago, Samsung launched its first 4TB solid state drives, which might as well not have existed given their $1,499 asking price. Today, the company announces the commencement of mass production of a more though it's too early to know exactly how much more affordable variant with its 4TB QLC SSDs. The knock on QLC NAND storage has traditionally been that it sacrifices speed for an increased density, however Samsung promises the same 540MBps read and 520MBps write speeds for its new SSDs as it offers on its existing SATA SSD drives.

Describing this new family of storage drives, which will also include 1TB and 2TB variants, as consumer class, Samsung will obviously aim to price them at a level where quibbles about performance will be overwhelmed by the sheer advantage of having terabytes of space. Any concerns about the reliability of these drives should also be allayed by the three-year warranty promised by Samsung. The launch of the first drives built around these new storage chips is slated for later this year.

What's the endurance of QLC NAND again?

Also at Engadget.

Related: Toshiba's 3D QLC NAND Could Reach 1000 P/E Cycles
Samsung Announces a 128 TB SSD With QLC NAND
Micron Launches First QLC NAND SSD
Western Digital Samples 96-Layer 3D QLC NAND with 1.33 Tb Per Die

Original Submission

Read more of this story at SoylentNews.


Anonymous hackers vow to expose Q-Anon HackRead

By Waqas

Q-Anon gained popularity from the Far-Rights favorite website 4chan. The online hacktivist group Anonymous has been missing from the limelight for a while but now, the group is back and vows to carry out a doxxing operation against Q-Anon and expose the real identity of whoever is behind it. Doxing is an activity in which the []

This is a post from Read the original post: Anonymous hackers vow to expose Q-Anon


VCF West: Homebrew Lisp Machines And Injection Molded PDPs Hackaday

Someone walks into the Vintage Computer Festival and asks, whats new?. Its a hilarious joke, but there is some truth to it. At this years Vintage Computer Festival West, the exhibit hall wasnt just filled to the brim with ancient computers from the Before Time. There was new hardware. There was hardware that would give your Apple IIgs even more memory. There was new hardware that perfectly emulated 40-year-old functionality. Theres always something new at the Vintage Computer Festival.

Some of the more interesting projects are just coming off the assembly line. If you want a modern-day Lisp machine, that one wont be assembled until next week, although there was a working prototype at VCF. If you want the greatest recreation of the most beautiful hardware, VCF has your back. Check out these amazing builds below.

Mini Lisp Machines

During the second AI renaissance in the 1980s, researchers had a powerful language at their disposal. Lisp was the language of AI in the 80s, and there were even purpose-built machines built to run Lisp fast. You havent lived until youve had a Symbolics Lisp machine under your desk. Of course, AI died once som...


NVIDIA Vulkan Beta Update Brings Hang Fixes, Device Diagnostic Checkpoints Phoronix

NVIDIA has just published their latest Vulkan beta driver release for Windows and Linux...


How Quantum Computers Could Kill the Arrow of Time SoylentNews

A new technique for quantum computing could bust open our whole model of how time moves in the universe.

A new paper, published July 18 in the journal Physical Review X [ ], opens the door to the possibility that the arrow pf time is an artifact of classical-style computation something that's only appeared to us to be the case because of our limited tools.

A team of researchers found that in certain circumstances causal asymmetry disappears inside quantum computers.

In this paper, the researchers looked at physical systems that had a goldilocks' level of disorder and randomness not too little, and not too much.

They tried to figure out those systems' pasts and futures using theoretical quantum computers (no physical computers involved). Not only did these models of quantum computers use less memory than the classical computer models, she said, they were able to run in either direction through time without using up extra memory. In other words, the quantum models had no causal asymmetry

"While classically, it might be impossible for the process to go in one of the directions [through time]," said Jayne Thompson, of the National University of Singapore, "our results show that 'quantum mechanically,' the process can go in either direction using very little memory."

And if that's true inside a quantum computer, that's true in the universe, she said.

Quantum physics is the study of the strange probabilistic behaviors of very small particles all the very small particles in the universe. And if quantum physics is true for all the pieces that make up the universe, it's true for the universe itself, even if some of its weirder effects aren't always obvious to us. So if a quantum computer can operate without causal asymmetry, then so can the universe.

Thompson added that the research doesn't prove that there isn't any causal asymmetry anywhere in the universe. She and her colleagues showed there is no asymmetry in a handful of systems. But it's possible, she said, that there are some very bare-bones quantum models where some causal asymmetry emerges.

Original Submission

Read more of this story at SoylentNews.


Infowars app surges in popularity on Apple, Google Play stores The Hill: Technology Policy

The Infowars app is rising in the Apple store's rankings after a number of other major digital platforms cracked down on its content.The app has surged in popularity in recent days from the 47th to the 4th most popular Apple store news app in the...


Engineers teach a drone to herd birds away from airports autonomously Lifeboat News: The Blog

Engineers at Caltech have developed a new control algorithm that enables a single drone to herd an entire flock of birds away from the airspace of an airport. The algorithm is presented in a study in IEEE Transactions on Robotics.

The project was inspired by the 2009 Miracle on the Hudson, when US Airways Flight 1549 struck a flock of geese shortly after takeoff and pilots Chesley Sullenberger and Jeffrey Skiles were forced to land in the Hudson River off Manhattan.

The passengers on Flight 1549 were only saved because the pilots were so skilled, says Soon-Jo Chung, an associate professor of aerospace and Bren Scholar in the Division of Engineering and Applied Science as well as a JPL research scientist, and the principal investigator on the drone herding project. It made me think that next time might not have such a happy ending. So I started looking into ways to protect from birds by leveraging my research areas in autonomy and robotics.


Jupiters moons create invisible killer waves that could destroy spacecraft Lifeboat News: The Blog

Here on Earth, electromagnetic waves around the planet are typically pretty calm. When the Sun fires a burst of charged particles at the Earth we are treated to an aurora (often called Northern Lights), but rarely are they a cause for concern. If you were to head to Jupiter, however, things would change dramatically.

In a new study published in Nature Communications, researchers describe the incredible electromagnetic field structure around two of Jupiters moons: Europa and Ganymede. The invisible magnetic fields around these bodies is being powered by Jupiters own magnetic field, and the result is an ultra-powerful particle accelerator of sorts, which might be capable of seriously damaging or even destroying a spacecraft.

Chorus waves are low-frequency electromagnetic waves that occur naturally around planets, including Earth. Near our planet theyre mostly harmless, but they do have the capability to produce extremely fast-moving killer particles that could cause damage to manmade technology if we happened to be in the wrong place at the wrong time.


SpaceX Falcon 9 Lifts Off In Florida, Places Indonesian Satellite In Orbit Lifeboat News: The Blog

The launch marks the first reuse of an improved Falcon 9 Block 5, which includes several upgrades designed to allow SpaceX to quickly refurbish and re-launch the rocket.


Two slits and one hell of a quantum conundrum Lifeboat News: The Blog

Philip Ball lauds a study of a famous experiment and the insights it offers into a thoroughly maddening theory.


Physicists find surprising distortions in high-temperature superconductors Lifeboat News: The Blog

Theres a literal disturbance in the force that alters what physicists have long thought of as a characteristic of superconductivity, according to Rice University scientists.

Rice physicists Pengcheng Dai and Andriy Nevidomskyy and their colleagues used simulations and neutron scattering experiments that show the atomic structure of materials to reveal tiny distortions of the crystal lattice in a so-called iron pnictide compound of sodium, iron, nickel and arsenic.

These local distortions were observed among the otherwise symmetrical atomic order in the material at ultracold temperatures near the point of optimal . They indicate researchers may have some wiggle room as they work to increase the temperature at which iron pnictides become superconductors.


Research reveals molecular details of sperm-egg fusion Lifeboat News: The Blog

The fusion of a sperm cell with an egg cell is the very first step in the process that leads to new individuals in sexually reproducing species. Fundamental as this process may be, scientists are only now beginning to understand the complexities of how it works.

In a paper published in PLOS Biology, researchers have described the detailed of proteins that enable sperm-egg fusion in two different species: a flowering plant and a protozoan. The researchers hope that revealing the process in these species and their relatives might bring scientists a step closer to understanding it across sexual species, including humans and other vertebrates.

Its surprising to me that we still dont know how a human sperm fuses with a human egg, said Mark Johnson, an associate professor of biology at Brown University and a study co-author. One of the things we hope this paper will do is establish a structural signature for the proteins that make gamete fusion work in these species so that we might be able to look for it in species where those protein mechanisms are still unknown.


Chinese Scientists Used CRISPR to Make a New Species With One Giant Chromosome Lifeboat News: The Blog

For the last 20 million years, the species of yeast used to brew beer has had 16 chromosomes. Now scientists have created a new species with just one.


Apple jabs other companies in defending customer data policies to lawmakers The Hill: Technology Policy

Apple in a letter to lawmakers on Tuesday defended its data collection practices and took a pointed jab at "other companies" that may be less committed to protecting the privacy of their customers."We believe privacy is a...


Wrongfully Accused Pirate Wants $62,818 Compensation TorrentFreak

For more than a decade, file-sharers around the world have been pressured to pay significant settlement fees, or face worse in court.

The practice is particularly common in the United States. While there is only a small group of independent companies involved, thousands of people are taken to court each year.

These efforts, often characterized as copyright trolling, share a familiar pattern. After the film companies acquire a subpoena to get the personal details of an alleged pirate, they contact this person with a settlement request.

These cases are not intended to go to trial, however. Instead, the copyright holders often drop their complaint when the accused person fights back.

This was the case when Darren Brinkley was sued in a Utah federal court last year. In a complaint filed by Criminal Productions, he and 31 others were accused of illegally sharing a copy of the movie Criminal.

Brinkley denied these claims and rejected the settlement offer but the film company still didnt back off.

Plaintiff persisted, forcing Defendant to retain counsel and incur significant attorneys fees and costs. Yet Plaintiff had no intention of litigating its claims, Brinkleys lawyers write.

Rather, these filings are shameless efforts to extort inflated settlements from infringers and non-infringers alike.

The above is quoted from a recent motion for attorney fees, because things changed significantly when Brinkley lawyered up. While Criminal Productions initially refused to let the case go, recently it voluntarily dismissed the case.

According to Brinkleys lawyers, the film company dropped the case like a hot potato when it discovered that the defendant was attempting to look into its business.

As expected, when Plaintiff realized a Motion to Compel discovery was in draft, Criminal sought voluntary dismissal of both its affirmative claims and Brinkleys counterclaims, which this Court granted, with prejudice, on July 6, 2018.

The dismissal came after nearly a year and all this time Criminal Productions failed to produce any evidence. The defense argues that, while the filmmakers had no intention to litigate the baseless suit, their client was forced to run up significant costs.

The same also happened in other cases, where so-called copyright trolls quickly bailed out when defense attorneys sought discovery. Brinkleys attorneys see this as a typical example of cut and run litigation, and argue that Criminal Productions must pay their clients legal bill.

These tactics should at minimum require that Defendant Brinkley be made whole for Plaintiffs filing of...


Mattis: Pentagon, White House in 'complete agreement' on Space Force The Hill: Technology Policy

Defense Secretary James Mattis said Tuesday that he absolutely supports the creation of a new space branch for the military, but declined to say whether it would be the separate Space Force President Trump has pressed for....


Most IT decision makers believe AI is the silver bullet to cybersecurity challenges Help Net Security

New research from ESET reveals that three in four IT decision makers (75%) believe that AI and ML are the silver bullet to solving their cybersecurity challenges. In the past year, the amount of content published in marketing materials, media and social media on the role of AI in cybersecurity has grown enormously. ESET surveyed 900 IT decision makers across the US, UK and Germany on their opinions and attitudes to AI and ML in More

The post Most IT decision makers believe AI is the silver bullet to cybersecurity challenges appeared first on Help Net Security.


Researchers at Duo Security Unearth Large Sophisticated Twitter Crypto Botnet SoylentNews

Submitted via IRC for SoyCow1984

A team of researchers at Duo Security has unearthed a sophisticated botnet operating on Twitter; and being used to spread a cryptocurrency scam.

The botnet was discovered during the course of a wider research project to create and publish a methodology for identifying Twitter account automat...

The team used Twitter's API and some standard data enrichment techniques to create a large data set of 88 million public Twitter accounts, comprising more than half a billion tweets. (Although they say they focused on the last 200 tweets per account for the study.)


Original Submission

Read more of this story at SoylentNews.


Remote Controlled Electric Snowblower Sports FPV For Safety Hackaday

As summer scorches the northern hemisphere, heres something to cool your thoughts: winter is only four months away. And with it will come the general misery and the proclamations that Itll never be warm again, not to mention the white stuff and the shoveling. Or perhaps not, if youre lucky enough to have a semi-autonomous electric snowblower in the garage.

Well never get lucky enough to have such wonders gifted on us as [Dane] did, but we applaud him for picking up the torch where someone else obviously left off. And who knows; perhaps the previous maker took inspiration from this remote-controlled snowblower build?


How Torrents Can Benefit Businesses IEEE Spectrum Recent Content full text

Torrenting is a highly efficient way to transfer files through the Internet

Torrenting. Youve heard about it, talked about it, and probably even enjoyed something that came from it without you knowing. But, youve probably misunderstood it.

The BestVPN rawpixel on Unsplash

What is Torrenting?

Simply put, Torrenting is a highly efficient way to transfer files through the Internet. This is usually done through a client like BitTorrent.

To torrent, you first download a torrent file from a torrent site. These files come straight from other users (seeders) who are willingly sharing their file to other peers. Once you download the torrent file, you feed it to a client. The client tells you what file youve downloaded and where it can be found.

A person looking to download a certain file can directly download it from another person (peer). The more peers that are seeding (sharing the file), the quicker a file can be downloaded and the less burden it will be to the seeders. Its because of this method of file sharing that makes torrenting such a great way to share files to millions of users across the Internet in so little time.

Herein lies the problem with torrenting. Because people are downloading files directly from other users and not from a single source (official website for the media being downloaded), it makes pirating those files really easy and quick.

This is why, as you may have already heard, torrenting is looked upon with disdain especially by businesses losing profits from potential sales of pirated files.

But, torrenting isnt all bad. In fact, it has actually helped A LOT of businesses already- even bigger ones like Facebook!

How torrents can benefit businesses

1. You can give your customers JUST what they want

On-demand access has always been a big hit with consumers but the broadcasting industry always seemed to miss this point. Theyd only show reruns of popular shows 10 years later.

In 2005, David Poltrack, Executive Vice President at CBS, has said:

"In our research with consumers, content-on-demand is the killer app. They like the idea of paying only for what they watch. Currently, the television industry seems to...


Florida Man Arrested in SIM Swap Conspiracy Krebs on Security

Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims.

On July 18, 2018, Pasco County authorities arrested Ricky Joseph Handschumacher, an employee of the city of Port Richey, Fla, charging him with grand theft and money laundering. Investigators allege Handschumacher was part of a group of at least nine individuals scattered across multiple states who for the past two years have drained bank accounts via an increasingly common scheme involving mobile phone SIM swaps.

A SIM card is the tiny, removable chip in a mobile device that allows it to connect to the providers network. Customers can legitimately request a SIM swap when their existing SIM card has been damaged, or when they are switching to a different phone that requires a SIM card of another size.

But SIM swaps are frequently abused by scam artists who trick mobile providers into tying a targets service to a new SIM card and mobile phone that the attackers control. Unauthorized SIM swaps often are perpetrated by fraudsters who have already stolen or phished a targets password, as many banks and online services rely on text messages to send users a one-time code that needs to be entered in addition to a password for online authentication.

In some cases, fraudulent SIM swaps succeed thanks to lax authentication procedures at mobile phone stores. In other instances, mobile store employees work directly with cyber criminals to help conduct unauthorized SIM swaps, as appears to be the case with the crime gang that allegedly included Handschumacher.


According to court documents, investigators first learned of the groups activities in February 2018, when a Michigan woman called police after she overheard her son talking on the phone and pretending to be an AT&T employee. Officers responding to the report searched the residence and found multiple cell phones and SIM cards, as well as files on the kids computer that included an extensive list of names and phone numbers of people from around the world.

The following month, Michigan authorities found the same individual accessing personal consumer data via public Wi-Fi at a local library, and seized 45 SIM cards, a laptop and a Trezor w...


Facebook asked to ease data rules for journalists, researchers The Hill: Technology Policy

Advocates for the First Amendment are asking Facebook to ease restrictions on journalists and scholars gathering user data for research.In a letter Monday, the Knight First Amendment Institute at Columbia University asked Facebook CEO Mark...


How to Hack WiFi Password Easily Using New Attack On WPA/WPA2 The Hacker News

Looking for how to hack WiFi password OR WiFi hacking software? Well, a security researcher has revealed a new WiFi hacking technique that makes it easier for hackers to crack WiFi passwords of most modern routers. Discovered by the lead developer of the popular password-cracking tool Hashcat, Jens 'Atom' Steube, the new WiFi hack works explicitly against WPA/WPA2 wireless network protocols


Hashcat developer discovers simpler way to crack WPA2 wireless passwords Help Net Security

While looking for ways to attack the new WPA3 security standard, Hashcat developer Jens Atom Steube found a simpler way to capture and crack access credentials protecting WPA and WPA2 wireless networks. The attack The attacker needs to capture a single EAPOL frame after requesting it from the access point, extract the PMKID from it by dumping the recieved frame to a file, convert the captured data to a hash format accepted by Hashcat, and More

The post Hashcat developer discovers simpler way to crack WPA2 wireless passwords appeared first on Help Net Security.


Mir's EGMDE Desktop Is Now Available From The Snap Store Phoronix

While Mir has long been focused on its Snap support, now available via the Snap Store is offering EGMDE...


ISPs Listed Speeds Drop Up to 41% After UK Requires Accurate Advertising SoylentNews

Submitted via IRC for SoyCow1984

Only one of top 12 ISPs raised listed speed after new truth-in-advertising rule.


Most broadband providers in the UK "have been forced to cut the headline speeds they advertise when selling deals" because of new UK rules requiring accurate speed claims, according to a consumer advocacy group.

"Eleven major suppliers have had to cut the advertised speed of some of their deals, with the cheapest deals dropping by 41 percent," the group wrote last week.

The analysis was conducted by Which?, a brand name used by the Consumers' Association, a UK-based charity that does product research and advocacy on behalf of consumers.

"BT, EE, John Lewis Broadband, Plusnet, Sky, Zen Internet, Post Office, SSE, TalkTalk, and Utility Warehouse previously advertised their standard (ADSL) broadband deals as 'up to 17Mbps,'" the group noted in its announcement on Saturday. "The new advertised speed is now more than a third lower at 10Mbps or 11Mbps."

"TalkTalk has completely dropped advertising speed claims from most of its deals," the consumer group also said. "Vodafone has also changed the name of some of its deals: Fibre 38 and Fibre 76 are now Superfast 1 and Superfast 2."

The new rules were implemented in May by the Committees of Advertising Practice, the UK ad industry's self-regulatory body. Which? said it had been "campaigning for an advertising change since 2013."

Previously, ISPs were allowed to advertise broadband speeds of "up to" a certain amount, even if only one in 10 customers could ever get those speeds, Which? wrote. "But the new advertising rules mean that at least half of customers must now be able to get an advertised average speed, even during peak times (8-10pm)," the group said.

The entry-level speed tiers were apparently the least accurate before the rule change. While advertised speeds dropped the most on entry-level tiers, there were drops in higher-speed tiers as well.

Original Submission



Video Quick Bit: Power Harvesting Hacks Hackaday

Majenta Strongheart is back again, this time taking a look at some of the coolest power harvesting projects in this years Hackaday Prize.

The entire idea of the Power Harvesting Challenge is to get usable power from something, be it solar energy, a rushing waterfall, or fueling steam turbines with hamsters. [Cole B] decided that instead of capturing energy from one of these power sources, hed do it all. He created Power Generation Modules, or Lego bricks for harvesting power. Theres a hand crank module, a water turbine module, and enough modules to do something with all that captured power like a light module and a USB charger module.

But maybe you dont want to generate power the normal way. Maybe you think spinning magnets is too mainstream, or something. If thats the case, then [Josh] has the project for you. Its the P Cell, a battery fueled by urine. Yes, its just a simple copper zinc wet cell using urea as an electrolyte, but remember: in the early 1800s, human urine was a major source of nitrates used in the manufacture of gunpowder. Why not get some electricity from something that is just sent down the tubes?

Right now were in the middle of the Human Computer Interface Challenge. Show us that you have what it takes to get a computer to talk to a human, get a human to talk to a computer, or even recreate one of those weird 3D CAD mice from the early 90s. Were looking for any interesting ways to bridge that valley between people and their devices. Twenty Human Computer Interface Challenge submissions will be selected to move onto the finals and win $1000 in the process! The five top entries of the 2018 Hackaday Prize will split $100,000!

The HackadayPrize2018 is Sponsored by:


Farmers are drawing groundwater from the giant Ogallala Aquifer faster than nature replaces it Lifeboat News: The Blog

This is not sustainable!

Every summer the U.S. Central Plains go dry, leading farmers to tap into groundwater to irrigate sorghum, soy, cotton, wheat and corn and maintain large herds of cattle and hogs. As the heat rises, anxious irrigators gather to discuss whether and how they should adopt more stringent conservation measures.

They know that if they do not conserve, the Ogallala Aquifer, the source of their prosperity, will go dry. The Ogallala, also known as the High Plains Aquifer, is one of the largest underground freshwater sources in the world. It underlies an estimated 174,000 square miles of the Central Plains and holds as much water as Lake Huron. It irrigates portions of eight states, from Wyoming, South Dakota and Nebraska in the north to Colorado, Kansas, Oklahoma, New Mexico and Texas in the south.

But the current drought plaguing the region is unusually strong and persistent, driving farmers to rely more on the aquifer and sharpening the debate over its future. A current assessment by the U.S. Drought Monitor, published by the University of Nebraska-Lincoln, the United States Department of Agriculture and the National Oceanic and Atmospheric Administration, shows large swaths of the southern plains experiencing drought ranging from severe to exceptional.


Let slow-growth forests recover before logging once more Lifeboat News: The Blog

Loggers need to control their appetite for slow-growing trees to spare the Amazon rainforest from deforestation.

A new study by Ph.D. student J. Aaron Hogan points to changes in tree composition in a long-term study site in French Guiana to sound the alarm.

Were approaching a threshold where were forced to make some difficult decisions, Hogan said. Do we feed into demand for these tropical hardwoods? Or do we stick to our guns and say you cant log any more until this stand is regenerated.


How many people make a good city? Its not the size that matters, but how you use it Lifeboat News: The Blog

Australias population clock is, according to the Australian Bureau of Statistics, steadily ticking away at an overall total population increase of one person every 1 minute and 23 seconds. Its set to tick over to 25 million around 11pm tonight.

Many are debating what the ideal population is for a country like Australia. But because most of this growth is concentrated in our big cities, perhaps we should be thinking less about that and more about the ideal of a . Historically, there have been many theories on what this would be.


Innovations in Emacs Touch Interfacing Random Thoughts

Ive long attempted to hack some touch interfaces for laptops in non-keyboard configurations.

The sad thing is that there arent really any good solutions in GNU/Linux. If you want to be able to respond to more complex events like two finger drag, you have to hack GTK and use Touchgg, and then it turns out that doesnt really work on Wayland, and then most of the events disappeared from the X driver, and then

In short, the situation is still a mess. And then my lug-around-the-apt-while-washing-TV-laptop died (ish), so I had to get a new one (a Lenovo X1 Yoga (2nd gen (which I had to buy from Australia, because nobody would sell it with the specs I wanted (i.e., LTE modem if I wanted to also take it travelling (the 3rd gen has an LTE modem thats not supported by Linux))))):

And now, with Ubuntu 18.04, everything is even worse, and Im not able to get any multi finger events at all! All the touch events are just translated into mouse events! Aaaargh!

After despairing for an eternity (OK, half a day), I remembered another touch inter...


[$] Diverse technical topics from OSCON 2018

The O'Reilly Open Source Conference (OSCON) returned to Portland, Oregon in July for its 20th meeting. Previously, we covered some retrospectives and community-management talks that were a big part of the conference. Of course, OSCON is also a technology conference, and there were lots of talks on various open-source software platforms and tools.

Subscribers can read on for the second part of an OSCON report by guest author Josh Berkus.


Italian banking giant stops advertising on Facebook The Hill: Technology Policy

A multibillion-dollar Italian banking conglomerate has stopped advertising with Facebook until the social media company improves its ethical standards."Facebook is not acting in an ethical way," Unicredit CEO Jean Pierre Mustier said during a...


Elon Musk says he's considering taking Tesla private The Hill: Technology Policy

Tesla shares were halted Tuesday afternoon after CEO Elon Musk tweeted that hes thinking about taking the company private.Am considering taking Tesla private at $420. Funding secured, Musk said in the tweet."Shareholders could...


Dem senator defends social media platforms deleting content: 'Not the same as government censorship' The Hill: Technology Policy

Sen. Chris Murphy (D-Conn.) defended statements he made Monday advocating for social media companies to shut down some users.Murphy contended that private companies choosing to keep their platforms from spreading hate and lies is not the same...


President Trump Changed His Story on Son's Meeting with Russian Lawyer SoylentNews

5News reports:

President Donald Trump appears to have changed his story about a 2016 meeting at Trump Tower that is pivotal to the special counsel's investigation, tweeting that his son met with a Kremlin-connected lawyer to collect information about his political opponent.

[...] That is a far different explanation than Trump gave 13 months ago, when a statement dictated by the president but released under the name of Donald Trump Jr., read: "We primarily discussed a program about the adoption of Russian children that was active and popular with American families years ago."

also at Vox, MSN and Mic

Original Submission

Read more of this story at SoylentNews.


Links 7/8/2018: TCP Vulnerability in Linux, Speck Crypto Code Candidate for Removal Techrights

GNOME bluefish



  • Audiocasts/Shows

    • Episode 34 | This Week in Linux

      On this episode of This Week in Linux: Linus Torvalds gave his opinion on Wireguard, Lubuntu Takes a New Direction, LineageOS launches their annual Summer Survey, and Hiris Experience with Selling on Linux. Then well check out some distro news from Slackware, OpenWRT, Ubuntu LTS, and RebeccaBlackOS. Later in the show, well look at the new NetSpectre vulnerability varient, Forbes 5 Reasons to Switch to Linux, a really interesting blog post from the KDE Team about Plasmas Engineering and finally well check out some Linux Gaming news. All that and much more!

  • Kernel Space


X.Org Server 1.20.1 Released With Many Bug Fixes Phoronix

As the first point release to X.Org Server 1.20 that debuted in May, xorg-server 1.20.1 is available today with dozens of fixes...


Recorded Programming Thanks to Bing Crosby Hackaday

If you look up Bing Crosby in Wikipedia, the first thing youll notice is his real name was Harry. The second thing youll read, though, is that he is considered the first multimedia star. In 1948, half of the recorded music played on the air was by Bing Crosby. He also was a major motion picture star and a top-selling recording artist. However, while you might remember Bing for his songs like White Christmas, or for his orange juice commercials, or for accusations of poor treatment from his children, you probably dont associate him with the use of magnetic tape.

In a way, Bing might have been akin to the Steve Jobs of the day. He didnt power the technology for tape recording. But he did see the value of it, invested in it, and brought it to the market. Turns out Bing was quite the businessman. Want to know why he did all those Minute Maid commercials? He was a large shareholder in the company and was the west coast distributor for their products. He also owned part of the Pittsburgh Pirate baseball team and other businesses.

So how did Bing become instrumental in introducing magnetic tape recording? Because he was tired of doing live shows. You see, in 1936, Crosby became the host of a radio variety show, The...


Android 9.0 Pie is here: How to get it and whats new TechWorm

Its official: Android P is Android 9 Pie and it is rolling out on Google Pixel devices

The latest release of Android is here! And it comes with a heaping helping of artificial intelligence baked in to make your phone smarter, simpler and more tailored to you. Today were officially introducing Android 9 Pie, Sameer Samat, VP of product management, Android & Google Play wrote in the official blog that announced availability of the Android 9 P .

Besides the Pixel phones, the Android 9 Pie will also be soon available on phones that were part of the Android P beta program. Google said Devices that participated in the Beta program from Sony Mobile, Xiaomi, HMD Global, Oppo, Vivo, OnePlus, and Essential, as well as all qualifying Android One devices, will receive this update by the end of this fall! We are also working with many other partners to launch or upgrade devices to Android 9 this year.

However, Essential phone has already started receiving Android Pie.Were proud to bring Android 9 Pie to Essential Phone the same day its released! Check your phone now for the update, Essential tweeted out from its official twitter account.

Coming to Android 9 Pie, the new OS harnesses the power of artificial intelligence to give you more from your phone. Now its smarter, faster and adapts as you use it, says Google.

Features like Adaptive Battery and Adaptive Brightness uses machine learning to prioritize system resources for the apps, which means these will give your phone greater longevity and your phones screen will also adjust better to surrounding conditions. Further, new features like App Actions predicts what youre about to do, so that you get to your next task more quickly.

Also, Google has replaced the traditional three-button navigation bar with a new gesture-based system in Android 9 Pie. It is a new gesture-based system thats similar to what Apple uses on the iPhone X. You can simply switch between apps and get to what you need more naturally by using gestures.

Another feature Slices brings relevant parts of your favorite apps to the surface. For instance, you can see real-time pricing and driver ETAs from services like Uber or Lyft when you are searching for a ride. However, Slices will not be available until the Fall for non-beta users.



"SegmentSmack" Linux Network Bug Could Lead To Remote Denial of Service Phoronix

The latest high profile Linux kernel vulnerability has been dubbed "SegmentSmack" and could result in a remote denial of service attack...


Wells Fargo Quietly Reveals Calculation Error That Affected Customers Mortgage Loans IEEE Spectrum Recent Content full text

The error may have pushed hundreds of vulnerable families into home foreclosure, though the bank says there's not a clear cause and effect relationship

Wells Fargo disclosed in its latest corporate quarterly report (PDF) to the U.S. Security and Exchange Commission that it erroneously denied mortgage loan modifications or did not offer loan modifications to approximately 625 customers who were indeed eligible for them under various government-backed loan programs. Furthermore, some 400 of those affected customers eventually lost their homes to foreclosure.

Wells Fargo blamed the loan denials, which occurred between 13 April 2010 and 20 October 2015, on a calculation error in its mortgage loan modification software tool. A programming mistake in the tool overstated the amount of the attorneys fees that were included for the purposes of determining whether a customer qualified for a mortgage loan modification, the bank stated. Apparently the fees pushed the customers outside the loan qualification limits.

Although Wells Fargo said that its customers never were charged the attorneys fees, the damage was already done. The bank said in its quarterly statement it has set aside $8 million to remediate customers whose modification decisions may have been affected by the calculation error. The amount works out to US $12,800 per customer, which seems like a pretty paltry figure given the life-altering consequences of the error. Nevertheless, the bank says it believes that the amount is appropriate given the circumstances.

Wells Fargo has tried to downplay the error, both in why it took so long to find, as well as in its effects on customers. So far, the bank has not commented on when it first realized that there was a problem, why it took so long to find the error in the first place, or why it tried to bury the information in its quarterly report to the SEC rather than publishing a press release.

Second, ever since the error became widely publicized last week, Wells Fargo has been trying to downplay its impact on the customers affected by it. While it has apologized for the error, the bank also has claimed that there is not a clear, direct cause and effect relationship between the improper loan modification denials and the eventual foreclosures, strongly implying that most of those customers who had home foreclosures would have experienced them even if they weren...


Update MikroTik routers 170,000 devices hit by cryptocurrency malware HackRead

By Waqas

Currently, the malware is targeting unpatched MikroTik routers in Brazil but researchers believe its about time it will spread worldwide. Unpatched routers manufactured by MikroTik have become potential targets of cryptojacking malware campaigns in Brazil. According to the analysis of Trustwaves security researcher Simon Kenin, an unprecedented increment in web-based cryptojacking/cryptomining attacks in Brazil has []

This is a post from Read the original post: Update MikroTik routers 170,000 devices hit by cryptocurrency malware


Explore New Worlds With JPLs Open Source Rover IEEE Spectrum Recent Content full text

NASAs Jet Propulsion Lab has adapted a Mars rover design into something that you can build in your garage

NASA Jet Propulsion Laboratorys Mars rovers have a special place in my heart. I loved seeing pictures of Sojourner nuzzling up to rocks, and I still wonder whether it managed to drive around the Pathfinder lander after contact was lost. Spirit going silent was heartbreaking, and Opportunity continues to inspire so far beyond its expected lifetime, even as a dust storm threatens to starve it to death. And I particularly remember thinking how insane it was that Curiosity was going to drop onto the surface from a hovering robotic sky crane (!), and then being entirely overwhelmed to watch it happen flawlessly from the media room at JPL

Im not the only person who thinks that JPLs rovers are incredible, and other rover fans have been pestering the roboticists at JPL for a cute little rover that can be built at home. JPL has been working on this for a little bit, and theyve just announced the end product of their Open Source Rover project, and its space robots for everyone!

JPL Open Source Rover Photo: NASA JPL

The Open Source Rover (OSR) was designed at JPL by a very small team: just two student interns and a JPL project lead, plus a bunch of help from experienced JPL robotics engineers. The goal was to make something accessible and affordable, since a previous education outreach rover that JPL had come up with (called ROV-E) was super popular but also cost over US $30,000. The goal with OSR was to decrease the cost an order of magnitude, while keeping it useful and compelling and easy to build, all in just 10 weeks.

They were successful, of course, coming up with a design that could be built completely from commercial off-the-shelf parts by anyone with $2.5k to spare. OSRs drive system is modeled after the Curiosity rover, with six independently steerable wheels mounted on an obstacle-conquering rocker-bogie suspension. The face-mounted laser drill has been replaced with a programmable screen, in a necessary but rather disappointing compromise towards safety, and while theres no built-in autonomy, JPL is doing its best to encourage community collaboration...


The Square-Inch Project Rides Again! Hackaday

Want to play a game? Your challenge is to do something incredible with a printed circuit board that measures no more than one inch by one inch. Its The Return of the One Square Inch Project and its going to be amazing!

We cant believe that its been three years! The original One Square Inch Project was a contest dreamt up by user [alpha_ninja] back in 2015, and we thought it was such a great idea that we ponied up some prizes. The entries were, frankly, the best weve ever seen. So were doing it again!

Last time around, the size constraint focused the minds and brought out the creativity in some of the best and brightest of What functionality or simply amusement can you pack into a square PCB thats just a tad over 25 mm on a side? Wed like to see.

Well be featuring entries throughout the contest. We think geek cred is the best reward but if you want something more to sweeten the pot here you go:

  • Grand Prize:

    • $500 Cash!
  • Four Top Entries Win Tindie Gift Certificates:

    • Best Project $100
    • Best Artistic PCB Design $100
    • Best Project Documentation $100
    • Best Social Media Picture or Video $100
  • Five Runner-Up Entries:

    • $100 OSH Park gift cards


Stop Supreme Court nominee Kavanaugh to protect free software! FSF blogs

United States Supreme Court judges serve from the time they are appointed until they choose to retire -- it's a lifetime appointment. One judge recently stepped down, and Brett Kavanaugh was nominated to fill the empty seat. He comes with a firm stance against net neutrality.

Last year he wrote:

Supreme Court precedent establishes that Internet service providers have a First Amendment right to exercise editorial discretion over whether and how to carry Internet content.

Here, Kavanaugh argues that controlling the way you use the Internet is a First Amendment right that ISPs -- companies, not people -- hold. The First Amendment, which guarantees Americans the right to free speech, freedom of the press, and freedom to congregate, is one of the most dearly-held amendments of the United States Constitution. With this statement, he says that net neutrality protections -- policies that prevent companies from "editorializing" what you see on the Web -- is a violation of the Constitution. He believes net neutrality is unconstitutional. We know he's wrong.

We need you to contact your congressional representatives, asking them to vote against Kavanaugh's bid for the Supreme Court of the United States.

Why does net neutrality matter to free software?

There are so many reasons why we think net neutrality is important -- and why it's necessary for free software. We'll briefly mention that:

  • Free software is built collaboratively by using Web tools and Internet connections around the world.

  • Free software is most easily discoverable thanks to pages like the Free Software Directory.

  • Need to update your system or software quickly? You need an Internet connection to make that happen.

  • Organizations like the FSF use the Web to educate and share free software ideology and tools.

  • The FSF itself is run by a small team spread across the globe. Every day we use tools like IRC to communicate and work for user freedom together, with one another, and with you.

  • We promote decentralized free software replacements for centralized software services, and losing net neutrality means that centralized services will have a huge built-in advantage.

Without a free Web and Internet, what we can do online will be limited by what ISPs like Comcast and Verizon want. They will have the legal right to control which Web sites we can access and how fast that access will be -- and they will take advantage of their new ability to extort even greater fees from Web sites and consumers alike.

Call, microblog, or write

Call your senators!

Don't know who to call?

  • C...


Plan to Replicate 50 High-Impact Cancer Papers Shrinks to Just 18 SoylentNews

An ambitious project that set out nearly 5 years ago to replicate experiments from 50 high-impact cancer biology papers, but gradually shrank that number, now expects to complete just 18 studies.

"I wish we could have done more," says biologist Tim Errington, who runs the project from the Center for Open Science in Charlottesville, Virginia. But, he adds, "There is an element of not truly understanding how challenging it is until you do a project like this."

[...] Costs rose and delays ensued as organizers realized they needed more information and materials from the original authors; a decision to have the proposed replications peer reviewed also added time. Organizers whittled the list of papers to 37 in late 2015, then to 29 by January 2017. In the past few months, they decided to discontinue 38% or 11 of the ongoing replications, Errington says. (Elizabeth Iorns, president of Science Exchange, says total costs for the 18 completed studies averaged about $60,000, including two high-priced "outliers.")

One reason for cutting off some replications was that it was taking too long to troubleshoot or optimize experiments to get meaningful results, Errington says. For example, deciding what density of cells to plate for an experiment required testing a range of cell densities. Although "these things happen in a lab naturally," Errington says, this work could have proceeded faster if methodological details had been included in the original papers. The project also spent a lot of time obtaining or remaking reagents such as cell lines and plasmids (DNA that is inserted into cells) that weren't available from the original labs.

[...] The project has already published replication results for 10 of the 18 studies in the journal eLife. The bottom line is mixed: Five were mostly repeatable, three were inconclusive, and two studies were negative, but the original findings have been confirmed by other labs. In fact, many of the initial 50 papers have been confirmed by other groups, as some of the Reproducibility Project: Cancer Biology's critics have pointed out.

Interesting that it seems to be much easier for labs to do "secret protocol replications" than the "open protocol replications" aimed for by this project.



Dart 2.0 Released As A "Reboot" To The Programming Language Phoronix

Google developers spearheading the Dart programming language that is intended for general purpose programming, including web applications and can be trans-piled to JavaScript, have issued their second major stable release...


Security updates for Tuesday

Security updates have been issued by Debian (kernel), Fedora (ceph, exiv2, myrepos, and seamonkey), openSUSE (libofx and znc), Oracle (kernel), Red Hat (qemu-kvm-rhev), SUSE (clamav, kernel, and rubygem-sprockets-2_12), and Ubuntu (gnupg, lftp, libxcursor, linux-hwe, linux-azure, linux-gcp, linux-raspi2, and lxc).


The Gut microbiome and Aging Lifeboat News: The Blog

Today, we wanted to draw your attention to a review of aging and the role that the gut microbiome plays in it.

There is an increasing amount of evidence for the contribution of microbial burden in the chronic, age-related background of inflammation known as inflammaging. There are a number of proposed sources of inflammaging, including senescent cells, immunosenescence, cell debris, and microbial burden.

We have delved into the topic of the gut microbiome in the past and its possible role as the origin point of inflammaging in a previous article, but we wanted to highlight this publication for people interested in reading further about this rapidly evolving area of aging research [1].


Even the PlayStation 2 Cant Escape Java Hackaday

Love it or hate it, you cant deny that Java has a pretty impressive track record in terms of supported platforms. Available on everything from flip phones to DVD players, not to mention computers, Oracle once famously claimed that Java runs on three billion devices. An estimate that, in truth, is probably on the low side at this point. Especially when [Michael Kohn] keeps figuring out how to run it on increasingly esoteric devices.

[Michael] writes in to tell us that hes added support for the PlayStation 2 console to Java Grinder, his software for taking Java code and turning it into a native binary for a variety of unexpected platforms. His previous conquests have included the TRS-80 and Atari 2600, so by comparison the PS2 is an almost tame addition to the list.

Lets be honest, you probably dont have any desire to run a Java program on Sonys nearly two decade old game system. But thats OK. The documentation [Michael] has written up is fascinating anyway, covering specifics of the PS2s rather unique hardware and quirks he ran into when developing on an emulator and deploying on real hardware. Even if youll never put the findings to practical use, its absolutely worth a read.

In the video after the break you can see the demo [Michael] came up with booting on a real PS2 to prove the software works. To really put his mark on it, he mentions he wrote and performed the demos songs and even drew some of the artwork on paper and scanned it into his computer.

Weve previously covered his work getting...


Steal This Show S04E03: Printing A New Reality, with Cory Doctorow TorrentFreak

Corys most recent book, Walkaway, is a story of refusing a life of surveillance and control under a high-tech oligarchy and the struggle to live in a post-scarcity gift economy where even death has been defeated.

Over this one hour plus interview we discuss:

Whether file-sharing & P2P communities have lost the battle to streaming services like Netflix and Spotify, and why the copyfight is still important
How the European Copyright Directive eats at the fabric of the Web, making it even harder to compete with content giants
Why breaking up companies like Google and Facebook might be the only way to restore an internet and a society we can all live with.

Steal This Show aims to release bi-weekly episodes featuring insiders discussing crypto, privacy, copyright and file-sharing developments. It complements our regular reporting by adding more room for opinion, commentary, and analysis.

Host: Jamie King

Guest: Cory Doctorow

If you enjoy this episode, consider becoming a patron and getting involved with the show. Check out Steal This Shows Patreon campaign: support us and get all kinds of fantastic benefits!

Produced by Jamie King
Edited & Mixed by Lucas Marston
Original Music by David Triana
Web Production by Eric Barch

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.


Algorithms Help Power Grids Survive GPS Spoofs IEEE Spectrum Recent Content full text

The approach can keep a grid in service even if one-third of its nodes are compromised

Power grids increasingly rely on GPS to stay in sync, which makes them potentially vulnerable to attacks that broadcast false GPS signals. Now researchers have developed algorithms they say could help defend against such assaults, even if a third of a power grid's GPS signals were disrupted.

In order to deal with potentially damaging fluctuations, a power grid operator needs to know what the voltages and currents are at specific points in time, and at widely dispersed points along the grid. For instance, summer temperatures can influence how many of a city's residents turn their air conditioners on or off, generating disturbances that propagate along the power grid and across the continent. Other power stations can attempt to counteract these changes by generating more or less power.

To make the high-precision, high-resolution measurements they need in order to control power grids, electric companies employ phasor measurement units (PMUs), devices aligned with the atomic clocks used in GPS. As power grids rely less on centralized power plants and more on rooftop solar power and other distributed sources of energy, PMUs are growing increasingly more important.

However, PMUs are vulnerable to GPS spoofing attacks, wherein a hacker would place transmitters near a station to broadcast counterfeit GPS signals, which would be picked up by the PMUs. Fooling the PMUs of one or more power stations could lead to disruptions that could cascade throughout an entire power grid.

Spoofing GPS is very easy, with off-the-shelf hardware and software that you can download from the Internet, says study coauthor Joo Hespanha, a control engineer at the University of California, Santa Barbara. This means that compromising the measurement of a single PMU is very easy, even without having physical contact with the unit.

It is virtually impossible to prevent a hacker from getting close enough to a node in a power grid to carry out a GPS spoofing attack. Instead, scientists investigated ways to help power grids deduce what PMU data might be real and what might be spoofed.

The researchers developed algorithms that...


Free Resources for Open Source Certification and Training

July was a hot month for certification on In case you missed it, we covered the open source certification process in a series of articles examining why certification is important, general tips for success, specific advice for exam prep, and answers to some commonly asked questions. Learn more and check out this year's LiFT scholarship opportunities as well.


The Genetics (and Ethics) of Making Humans Fit for Mars Lifeboat News: The Blog

We could make people less stinky, more resistant to radiation, even less dependent on food and oxygen. But would the new creature be human?


Lathe Headstock Alignment: Cutting A Test Bar Hackaday

Lets say youve recently bought a lathe and set it up in your shop. Maybe youve even gone and leveled it like a boss. Youre ready to make chips, right? Well, not so fast. As real machinists will tell you, you can use all the levels and lasers and whatever that you want, but the proof is in the cut. Precision leveling gets your machine in the ballpark (machinists have very small ballparks) but the final step to getting a machine to truly perform well is to cut a test bar. This is a surefire way to eliminate any last traces of twist in the bed.

There are two types of test bars. One is for checking headstock-to-ways alignment, which is what were doing here. Theres another type used for checking tailstock alignment, but thats a subject for another day.

We start by chucking some stock. You want something of a substantial diameter, because were going to have a lot of unsupported stick-out, something you would normally never do. The stock needs to be as rigid as possible on its own. The more stick-out you have, the more precise your measurement of bed twist will be, but the test becomes impossible if stick-out is too much for the stock to remain rigid while cutting. Its a tricky balance. For this demo on my small bench-top machine, Im using 1- diameter stock, 5 long. For a large floor-standing machine, 2 diameter stock around 10 long is a good place to start.


Tuesday, 07 August


Hydrus VR Camera for 8K 360-Degree Underwater Videography SoylentNews

Hydrus VR Records Cinema-Quality 8K Virtual Reality Videos Underwater

If you love oceanic videography or just want to experience deep sea diving without getting wet, you're going to love Hydrus VR, a submersible 8K virtual reality video system designed for professional filmmakers. The unit uses a total of 10 cameras eight in a horizontal circle plus two vertical to capture 8K, 4K, or stereoscopic 4K imagery, notably with impressive low light capabilities.

Developed by Marine Imaging Technology (MI Tech), the system looks like a large metal can ringed by lens bumps. Weighing 75 pounds with neutral salt water buoyancy, it's depth rated for 300 meter submersion, so it can be connected to a metal control arm or underwater robots, depending on the filmmaker's needs.

Inside the can are Sony ultra-high sensitivity UMC-S3CA cameras equipped with SLR Magic lenses, plus enough storage capacity and battery life to record continuously for two hours. A subsea control module enables the recording time to be expanded to eight hours. Users can remotely monitor nine of the cameras in real time during shooting.

Sony's camera sensors enable the system to capture video at a minimum illumination level of 0.004 lux (ISO 409,600), which is especially important when recording in places without their own lighting sources a challenge that increases video noise and grain. While the sensors have a normal ISO range of 100102,400, the four times lower "expandable" ISO gives filmmakers the option to accept additional noise where necessary to capture an underwater scene with particularly poor illumination.

James Cameron ponders reshooting Avatar 2 entirely underwater.

Film speed.

Also at Engadget.

Original Submission

Read more of this story at SoylentNews.


TSMC Chip Maker confirms its facilities were infected with WannaCry ransomware Security Affairs

TSMC shared further details on the attack and confirmed that its systems were infected with a variant of the infamous WannaCry ransomware.

Early in August, a malware has infected systems at several Taiwan Semiconductor Manufacturing Co. (TSMC) factories, the plants where Apple produces its devices.

TSMC is the worlds biggest contract manufacturer of chips for tech giants, including Apple and Qualcomm Inc.

Now the company shared further details on the attack and confirmed that its systems were infected with a variant of the infamous WannaCry ransomware that hit 200,000 computers across 150 countries in a matter of hours in May 2017.

WannaCry took advantage of a tool named Eternal Blue, originally created by the NSA, which exploited a vulnerability present inside the earlier versions of Microsoft Windows. This tool was soon stolen by a hacking group named Shadow Brokers which leaked it to the world in April 2017.

The infection caused one of the most severe disruptions suffered by TSMC as it ramps up chipmaking for Apple Inc.s next iPhones.

The company contained the problem, but some of the affected plants shut down an entire day of production.

It has been estimated that the overall impact on the revenue of TSMC would be approx $256 million.

Chief Financial Officer Lora Ho confirmed that the infection would have some impact on TSMCs 2018 profit, but declining to elaborate on further details.

TSMC Apple infection

According to the manufacturer, it wasnt a targeted attack, instead, the systems were infected when a supplier installed tainted software without a virus scan to TSMCs network.



[$] Using AI on patents

Software patents account for more than half of all utility patents granted in the US over the past few years. Clearly, many companies see these patents as a way to fortune and growth, even while software patents are hated by many people working in the free and open-source movements. The field of patenting has now joined the onward march of artificial intelligence. This was the topic of a talk at OSCON 2018 by Van Lindberg, an intellectual-property lawyer, board member and general counsel for the Python Software Foundation, and author of the book Intellectual Property and Open Source. The disruption presented by deep learning ranges from modest enhancements that have already been exploitedmaking searches for prior art easierto harbingers of automatic patent generation in the future.


Millennials Try to Explain the First Amendment

Via: Campus Reform: A recent survey found that many Americans are unable to name a single one of the freedoms guaranteed by the First Amendment. Would Ivy League students do any better?


Happy to announce our support for Kelsey Moodys Grapeseed Lifeboat News: The Blog

Bio an accelerator program for young companies that develop therapeutic interventions for age-related diseases.



Exeter University boffins have discovered elixir of life Lifeboat News: The Blog

For centuries humans have sought the elixir of life a mythical potion that supposedly would grant the drinker eternal life.

Now Exeter scientists believe they may have found the secret to a longer, healthier life.

New compounds developed and tested at the University of Exeter have brought the dream a step closer and paved the way for anti-degeneration drugs that could not only extend life, but also extend health and may help treat age-related diseases like cancer, dementia and diabetes.


Compounds AP39, AP123, RT01 may reverse ageing in human cell: Study Lifeboat News: The Blog

The compounds AP39, AP123 and RT01 have been designed to selectively deliver minute quantities of the gas hydrogen sulphide to the mitochondria in cells and help the old or damaged cells to generate the energy needed for survival and to reduce senescence.

In the samples used, the number of senescent cells older cells that have deteriorated and stopped dividing was reduced by up to 50 per cent.

The team also identified two splicing factors a component of cells that play a key role in when and how endothelial cells become senescent.


Open Source Summit Features 11 Co-Located Events, Kubernetes Training, Security Summit, LF Deep Learning Workshops & More

What makes attending Open Source Summit so valuable?

The people who attend, and the sharing of information that transpires when 2,000 open source leaders from around the globe gather to work together to transform technology.


Facebook Open Sources Library to Enhance Latest Transport Layer Security Protocol

For several years, the Internet Engineering Task Force (IETF) has been working to improve the Transport Layer Security (TLS) protocol, which is designed to help developers protect data as it moves around the internet. Facebook created an API library called Fizz to enhance the latest version, TLS 1.3, on Facebooks networks. Today, it announced its open sourcing Fizz and 


7 Python Libraries for More Maintainable Code

A great way to protect the future maintainability of a project is to use external libraries to check your code health for you. These are a few of our favorite libraries for linting code(checking for PEP 8 and other style errors), enforcing a consistent style, and ensuring acceptable test coverage as a project reaches maturity.


Getting to Know Grommet, an Open Source UI Dev Tool

While Grommet has been around since 2016, it is not among the best-known open source development tools. The library of reusable UI components helps developers create web applications. This overview explains what Grommet can do, the problems it addresses, and what makes it appealing.

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog