IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Friday, 23 February

02:20

Intel releases Spectre 2 microcode updates for Kaby Lake, Coffee Lake, Skylake Help Net Security

Intel has released to OEMs a new set of Spectre firmware updates. They include microcode for Kaby Lake, Coffee Lake, and Skylake processors. This represents our 6th, 7th, and 8th Generation Intel Core product lines as well as our latest Intel Core X-series processor family. It also includes our recently announced Intel Xeon Scalable and Intel Xeon D processors for data center systems, Navin Shenoy, general manager of the Data Center Group at Intel Corporation, More

01:37

What if defenders could see the future? Many clues are out there Help Net Security

Malware sophistication is increasing as adversaries begin to weaponize cloud services and evade detection through encryption, used as a tool to conceal command-and-control activity. To reduce adversaries time to operate, security professionals said they will increasingly leverage and spend more on tools that use AI and machine learning, reported in the 11th Cisco 2018 Annual Cybersecurity Report (ACR). While encryption is meant to enhance security, the expanded volume of encrypted web traffic (50 percent as More

01:00

How organizations are confronting escalating third-party cyber risk Help Net Security

Based on in-depth interviews with security executives from 30 participating organizations across multiple industries, RiskRecon revealed how companies are managing the security risks of their complex digital supply chains and sensitive business partnerships. Researchers identified vendor-neutral capability sets comprising common, emerging, and pioneering practices that firms have implemented to manage third-party security risk. Enterprise risk officers are waking up to the reality that their information risk increasingly resides in the systems of their third-parties, beyond More

00:00

BEC scammers actively targeting Fortune 500 companies Help Net Security

Nigerian scammers are targeting Fortune 500 companies, and have already stolen millions of dollars from some of them, IBM Security researchers have found. Their strategy is well known: they take over or impersonate a trusted users email account to target companies that conduct international wire transfers, and trick accounts payable personnel into wiring money into bank accounts under their control. These so-called business email compromise (BEC) scams dont require much technical knowledge, malware or special More

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Thursday, 22 February

23:46

Dutch Continue to Curb Illegal Downloading But What About Streaming? TorrentFreak

After many years of downloading content with impunity, 2014 brought a culture shock to the Dutch.

Citizens were previously allowed to obtain content for their own use due to a levy on blank media that compensated rightsholders. However, the European Court of Justice found that system to be illegal and the government quickly moved to ban downloading from unauthorized sources.

In the four years that have passed since the ban, the downloading landscape has undergone change. Thats according to a study published by the Consumer Insights panel at Telecompaper which found that while 41% of respondents downloaded movies, TV shows, music and games from unauthorized sources in 2013, the figure had plunged to 27% at the end of 2016. There was a further drop to 24% by the end of 2017.

Of the people who continue to download illegally, men are overrepresented, the study found. While 27% of men obtained media for free during the last year to October 2017, only 21% of women did likewise.

While as many as 150 million people still use P2P technologies such as BitTorrent worldwide, there is a general decline in usage and this is reflected in the report.

In 2013, 18% of Dutch respondents used torrent-like systems to download, a figure that had fallen to 8% in 2016 and 6% last year. Again, male participants were overrepresented, outnumbering women by two to one. However, people appear to be visiting P2P networks less.

The study showed that people who reported using P2P to download content, have done so on average 37 times a year [to October 2017]. In January of 2017 it was significantly higher, 61 times, the study notes. P2P usage in November 2015 was rated at 98 instances per year.

Perhaps surprisingly, one of the oldest methods of downloading content has maintained its userbase in more recent years. Usenet, otherwise known as the newsgroups, accounted for 9% of downloaders in 2013 but after falling to around 6% of downloaders in 2016, that figure remained unchanged in 2017. Almost five times more men used newsgroups than women.

At the same time as showing a steady trend in terms of users, instances of newsgroup downloading are reportedly up in the latest count. In November 2015, people used the system an average of 98 times per year but in January 2017 that had fallen to 66 times. The latest figures find an average use of 68 times per year.

Drilling down into more obscure systems, 2% of respondents told Telecompa...

23:25

ARM Introduces "iSIM", Integrated Directly Onto Chips SoylentNews

ARM wants mobile or IoT devices to include a tiny integrated SIM card:

Every millimeter of space matters when you're trying to build increasingly complex electronics into increasingly tiny packages, and the relatively spacious SIM card has long been an area of frustration for hardware manufacturers. Now, the chip design company ARM may have an answer: an integrated component called an iSIM that's built into the same chip as the processor.

ARM says the iSIM will take up a "fraction of a millimeter squared," whereas the current SIM standard Nano SIMs are about 12.3 x 8.8mm in size, not including the hardware usually needed to house them. Not only will that save space, but ARM says it'll more importantly save on costs, too: instead of paying "tens of cents" per card, manufacturers will be paying single-digital cents.

Also at CNET, Tom's Hardware, and Wccftech.

Related: Infineon Demos a 1.65 mm^2 eSIM Chip


Original Submission

Read more of this story at SoylentNews.

23:00

OBD-Sniffing A Caddy PHEV Hackaday

The Cadillac ELR is a plug-in hybrid car with a bit of class, it has the beating heart of a Chevy Volt in a nice coup body with some up-market styling and a nice interior. Since it wasnt on the market for long and some consumers are still wary of cars with electric motors, it also represents something of a sweet spot: according to [Andrew Rossignol] you can pick them up for less outlay than you might imagine. He bought one, and being an inquisitive soul decided to probe its secrets through its OBD-II ports.

OBD-II sniffing is nothing especially new, but his write-up provides an interesting run-down of the methodology used to identify the different proprietary pieces of data that it makes available. His Python script attempted to parse the stream as though it were multi-byte words of different lengths, plotting its results as graphs, It was then a straightforward process of identifying the graphs by eye that contained useful data and rejecting those that were obviously garbage. He was able to pick out the figures in which he was interested, and write an interface for his little Sony VAIO UX to display them on the move.

Weve covered OBD hacks too numerous to mention over the years, but perhaps youd like to read our history of the standard.

22:53

Qt Has A Super Busy Year Ahead With A Lot Of Features Planned For 2018 Phoronix

Tuukka Turunen of The Qt Company has shared some of the company's plans for the Qt toolkit in 2018. There is a lot ahead for this open-source, cross-platform toolkit in 2018 with another long-term support release later this year, new Qt Python bindings, a safety-critical renderer and more...

22:49

As Expected, Bristows and Others Already Lying About UPC Status in Germany, But Doing This Anonymously (to Dodge Accountability for Lies) Techrights

Expect more of that in weeks/months to come

Bristows EPO

Summary: In their characteristic fashion, firms that created the UPC for their self-enrichment purposes, along with publishers/writers who deem it their role to promote the UPC and set up lobbying events for the UPC, look for ways to downplay if not intentionally distort what happened in Germany yesterday

THIS was predictable. Judging by how much lying we have seen so far coming from Team UPC and EPO management it would be shocking if they didnt lie about it. So okay, bring it on. Lets compare fiction to reality before the next wave of spin gets crafted.

As we noted yesterday morning, this whole gamble on UPC may be costing a lot of jobs. UPC would not only threaten many productive jobs (e.g. cost of fighting trolls in courts or paying them protection money, draining SME budgets); it actually threatens the jobs of examiners. This too was predictable and even though the UPC will never materialise (its very unlikely), it does a lot of damage to examiners. Regardless. What a blunder. Another casualty is patent quality, as we shall explain in a moment (judges are wrongly assumed to be substitutes for examiners).

Be ready for lots of spin from Bristows and other Team UPC members, I wrote last night. They hate reality and they hate facts.

It didnt take long for the spin to come. Minutes maybe!

Kluwer Patent blogger (i.e. Bristows) is already spinning this latest news from Germany; its possible that this account gets shuffled among UPC proponents, but based on the style, context and wording one can make a pretty safe guess. Its almost certainly Bristows. The firm does not want to be held accountable for lying, having written very briefly about this development in its private blog shortly after the news came out (we mentioned their short blog post on Wednesday night).

Here they are...

22:42

IBM Research Photo Lifeboat News: The Blog

How do IBM scientists keep qubits colder than outer space?

IBM quantum physicists Dr. Stefan Filipp and Dr. Andreas Fuhrer (pictured) will be discussing quantum computing live from the IBM Zurich Research Lab, and will demonstrate how they keep qubits so cold, explain why, and take your questions.

Join us on Friday, Feb. 23 at 16:00 Paris time / 10:00 am EST.

21:55

Intel Cannonlake Graphics Should Be In Good Shape With Linux 4.17 Phoronix

Intel's next-generation Cannonlake processors with "Gen 10" graphics will be considered good to go with the next kernel cycle, Linux 4.17. The alpha/preliminary hardware support flag is being removed for these CPUs expected later this year...

21:53

Are Bots a Danger for Political Election Campaigns? SoylentNews

Normally, autonomous computer programmes known as bots trawl the internet, for example, to help search engines. However, there are also programmes known as social bots which interfere in social media, automatically generating replies or sharing content. They are currently suspected of spreading political propaganda. Scientists at Friedrich-Alexander-Universitt Erlangen-Nrnberg (FAU) have investigated the extent to which such autonomous programmes were used on the platform Twitter during the general elections in Japan in 2014. By using methods taken from corpus linguistics, they were able to draw up a case study on the activity patterns of social bots. At the same time, the FAU researchers gained an insight into how computer programmes like these were used, and recognised that nationalistic tendencies had an important role to play in the election, especially in social media. The results of the investigation have been published in the journal Big Data.

Read more of this story at SoylentNews.

21:41

Further Attacks on EPO Staff and the Appeal Boards; Former EPO Boards of Appeal Member Speaks About EPO Scandals Techrights

Its easy for her to speak out about these scandals now that shes retired (just like Siegfried Bro)

EPO circus
Image credit: Sheikh it Sheikh it

Summary: In the process of devaluing EPO workers and perhaps preparing them for a large round of layoffs information is also revealed about further repressions against the independence of the Boards of Appeal

THE EPO is rumoured to be heading towards layoffs (700-1000 in number, i.e. 10-15% of staff), as we noted yesterday morning and CA/3/18 seems to be stripped apart by Battistelli, as we noted last night. New Art. 53(1)(f) must be suppressed in the proposal CA/3/18, another source told us overnight. That was decided in the Board 28 meeting on Wednesday. So, the status of permanent staff is maintained. But the other foreseen changes probably stay in CA/3/18 (still to be confirmed).

We certainly hope that the German Constitutional Court is paying attention to this.We are hearing these things (about layoffs and permanent staff status) from multiple independent sources, so its likely to be true. As time goes by rumours become concrete and eventually the press too reports these as facts (albeit belatedly, sometimes as much as a month late).

Heres another new comment related to this (not many people will have noticed it):

Another curious detail is that in order to designate his deputy the President of the Boards of Appeal needs to have the approval of the President of the Office (CA/D 4/17).

https://www.epo.org/modules/epoweb/acdocument/epoweb2/257/en/CA-D_4-17_en.pdf

The background to this arrangement can be found in CA/53/17.

https://www.epo.org/modules/epoweb/acdocument/epoweb2/258/en/CA-53-17_en.pdf

We certainly hope that the German Constitutional Court is paying attention to this. Our next post will be about the German Constitutional Court.

...

21:35

A vinyl record you play backwards Techmoan

A quick look at an unusual record that was recorded inside-out because it sounds better that way.
   

Purchased from here

(This is not an affiliated link and I paid for my record).

21:14

UBPorts' Ubuntu Touch Ported To The Moto G 2014 Phoronix

If you happen to have laying around a Moto G Gen 2 (Moto G 2014) device, it can have a second-life now running UBPorts' Ubuntu Touch software stack...

21:02

These People Believe Death Is Only Temporary Lifeboat News: The Blog

Waiting on research advances is the rationale behind cryopreservation, and more broadly, a worldview known as transhumanism. A person killed by cancer or heart disease could reasonably be revived in a future when such ailments no longer exist. They believe in the advance of technology, says Giuseppe Nucci, an Italian photographer who visited with transhumanists and toured the facilities of Russia-based cryonics company KrioRus. They hope that someone will wake them up.

This hope, that the future will vanquish the ills of the present, is as old as the first civilisations that realized that with each passing year life got a little better. The Russian philosopher Nikolai Fedorovich Fedorov helped create an early 20th-century movement known as cosmism that was rooted in the idea that, given enough time, humans could defeat evil and death. If the human life span was too short, then the simple solution was to extend it, even after death, and suspend its decomposition until the world caught up.


Employees of a liquid nitrogen and dry ice factory on the outskirts of Moscow are shrouded in fog while refilling their liquid nitrogen tanks. Founded by former KrioRus employees, the company now supplies them. PHOTOGRAPH BY GIUSEPPE NUCCI

20:26

Scientists Just Made Sheep-Human Hybrids. Heres What You Need to Know Lifeboat News: The Blog

Researchers have achieved a new kind of chimeric first, producing sheep-human hybrid embryos that could one day represent the future of organ donation by using body parts grown inside unnatural, engineered animals.

With that end goal in mind, scientists have created the first interspecies sheep-human chimera, introducing human stem cells into sheep embryos, resulting in a hybrid creature thats more than 99 percent sheep but also a tiny, little bit like you and me.

Admittedly, the human portion of the embryos created in the experiment before they were destroyed after 28 days is exceedingly small, but the fact it exists at all is what generates considerable controversy in this field of research.

20:26

We Just Measured The Worlds Heaviest Atom, And Its Even Weirder Than Expected Lifeboat News: The Blog

Oganesson (Og) is the heaviest chemical element in the periodic table, but its properties have proved difficult to measure since it was first synthesised in 2002.

Now an advanced computer simulation has filled in some of the gaps, and it turns out the element is even weirder than many expected.

At the atomic level, oganesson behaves remarkably differently to lighter elements in several key ways and that could provide some fundamental insights into the basics of how these superheavy elements work.

20:26

In the future we wont edit genomeswell just print out new ones Lifeboat News: The Blog

Why redesigning the humble yeast could kick off the next industrial revolution.

20:25

NASAs List Of The 18 Best Air-Filtering Houseplants Lifeboat News: The Blog

These house plants would make a lovely addition to your home and would filter the toxins out of your air.

20:25

Upcoming telescopes should be able to detect mountains and other landscapes on exoplanets! Lifeboat News: The Blog

The study of exoplanets has advanced by leaps and bounds in the past few decades. Between ground-based observatories and spacecraft like the Kepler mission, a total of 3,726 exoplanets have been confirmed in 2,792 systems, with 622 systems having more than one planet (as of Jan. 1st, 2018). And in the coming years, scientists expect that many more discoveries will be possible thanks to the deployment of next-generation missions.

These include NASAs James Webb Space Telescope (JWST) and several next-generation ground based observatories. With their advanced instruments, these and other observatories are not only expected to find many more exoplanets, but to reveal new and fascinating things about them. For instance, a recent study from Columbia University indicated that it will be possible, using the Transit Method, to study surface elevations on exoplanets.

20:25

Masters of Our DNA: Designer Bodies Are Not Science Fiction Lifeboat News: The Blog

Entrepreneur Juan Enriquez describes a future in which we will be able to hack evolution and even alter our memories thanks to DNA manipulation.

20:23

Science this week Lifeboat News: The Blog

Catch up on the top stories in #science this week. References to all studies are here: surg.ws/2oeEoCj

Video by The Surg.

20:21

U.S. Docs Show Daimler May Have Done A "Dieselgate" SoylentNews

Arthur T Knackerbracket has found the following story:

American investigators are looking into Mercedes maker Daimler's use of engine management software that is alleged to help its vehicles pass emissions tests, according to reports.

German tabloid Bild am Sonntag splashed yesterday (behind paywall) that US investigators had found "several software functions that helped Daimler cars pass emissions tests".

The report included several references to documents from US investigators, though none of the English-language translations state which agency these investigators or documents are from.

Another feature outlined in the documents allegedly detected whether the car was on a stationary test rig based on a comparison of speed and acceleration data.

A Daimler spokesman told Reuters the company was cooperating under a confidentiality agreement with the US Department of Justice: "The authorities know the documents and no complaint has been filed."


Original Submission

Read more of this story at SoylentNews.

20:09

Let's Teach Communism Terra Forming Terra





This is actually hilarious.  Underlying all this is a profound failure of a foundational theory of economics and the general management of State Sponsored monopolies.  The State in fact does a terrible job of managing such monopolies even when they do not directly own them.  It inevitably throws up a fence of regulation managed by lifers with zero stake in success or failure along with a revolving door of overseers from the regulated industry.  How might this ever work out?


The first step to a resolution needs to be the outright elimination of poverty implimenting the rule of twelve in order to produce local fiat banking and a natural demand for general government debt.  This also deepens demand in all sectors as well.


I would then apply a scaled insurance charge against all enterprises against failure.  The charge would increase as the size climbs.  The idea that large is safe is utter nonsense and particularly in banking.  Real risk can still be funded through investment banking as has been done forever.  The debt product is sold on to smaller banks who need the product.  The fact is that many failures are financial failures, rather than operational failure and a fund can easily step in to resolve the problem by buying out the capital at an insured amount.

This has been done on an ad hoc basis with governments but rarely satisfactorily.


Let's Teach Communism


01/15/2018 

Frank Chodorov

[A selection from One Is a Crowd by Frank Chodorov]:

https://mises.org/wire/lets-teach-communism

This is a defense of our universities. As they open their doors for another year of business they teach under a widespread suspicion of teaching communism. The suspicion is unsupported by fact; it is pure witchcraft. There is reason...

20:00

At 71,572 KM, You Wont Beat This LoRa Record Hackaday

A distance record for LoRa transmission has been set that you probably wont be able to beat. Pack up your gear and go home, nothing more to achieve here. At a superficial reading having a figure of 71,572 km (44,473 miles) seems an impossible figure for one of the little LoRa radio modules many of us have hooked up to our microcontrollers, but the story isnt quite what youd expect and contains within it some extremely interesting use of technology.

So the folks at Outernet have sent data over LoRa for that incredible distance, but they did so not through the little ISM band modules were used to but over a suitably powerful Ku-band uplink to a geostationary satellite. They are also not using the LoRaWAN protocols of the earthbound systems, but simply the LoRa modulation scheme. So its not directly comparable to terrestrial records such as the 702 km we reported on last year, and they are the first to admit that.

Where their achievement becomes especially interesting though is in their choice of receiver. We are all used to Ku-band receivers, you may even have one on your house somewhere for satellite TV. It will probably involve a parabolic dish with a narrow beam width and an LNB whose horn antenna is placed at its focus. It would have required some skill and effort to set up, because it has to be pointed very carefully at the satellites position in the sky. Outernets mission of delivering an information service with the lowest possible barrier to entry precludes the extra expense of shipping a dish and providing trained staff to align it, so they take a very different approach. Their receiver uses either an LNB horn or a small patch antenna pointing at the satellite, with none of the dishes or phased arrays you might be used to in a Ku-band installation.

You might wonder how such a receiver could possibly work with such a meagre antenna, but the secret lies in LoRas relatively tiny bandwidth as well as the resistance to co-channel interference that is a built-in feature of the LoRa modulation scheme. Even though the receiver will be illuminated by multiple satellites at once it is able to retrieve the signal and achieve a 30 kb/s data rate that they hope with technical refinements to increase to 100 kb/s. This rate will be enough over which to push an SD video stream to name just one of the several examples of the type of content they hope to deliver.

Its likely that the average Hackaday reader will not be hiring satellite uplink time upon which to place their LoRa traffic. But this story does provide a demonstration of LoRas impressive capabilities, and will make us look upon our humble LNBs with new eyes.

...

19:42

The Next Generation of Radio Astronomy Lifeboat News: The Blog

Last year, Irish astronomy took a leap forward with the construction of the LOFAR radio telescope in Birr, Co. Offaly. Sean Mooney, who was involved in the telescopes construction, reports on its significance for the future of astronomy.

Last year, Birr was thrust to the forefront of astronomy. What may seem a quaint and unassuming town, Birr, Co. Offaly, is steeped in astronomical history and it has regained its scientific prominence with the construction of a new telescope.

In 1842, William Parsons, 3rd Earl of Rosse, began construction of a telescope on his estate, Birr Castle demesne, which would colloquially come to be known as The Leviathan. Not only was it the largest telescope in the world, it held this title for a staggering 72 years. This fact can be appreciated most in the current era of rapid technological improvements where the best of anything in the world holds the title for weeks rather than years before a better model comes along.

19:00

Oldest Temple Terra Forming Terra





It is remarkable that Gobekli Tepi turns out to be a temple and that all those cave drawings are also representations of Shamanic visions.  This is good though.
 
We understand that the altered state experience was important then and is now becoming useful and better understood as well today.
 
My own investigations has revealed to me that a sensitive who is an informant of mine was led to an encounter with the Green Man in broad daylight and in addition during a meditative state also encountered the King of the Dandelions.
 
In a more natural world it makes sense that we would also encounter the equivalent spirit of the Lion, the Deer, etc for each identifiable species.  Thus we suddenly have the validity of the Lion King uniquely separate from been a specific representation of Jesus as per CS Lewis.  The whole topuic of symbolic values slides out the window.
 
Our shamans did encounter lion kings, deer princes and their like during their meditations. These were easily superior to their living aspects and instructive of our own relationship with the divine.

What i am sharing with you is a new Spiritual Cosmology nicely linked physically to my Cloud cosmology. The primary spiritual form or the supreme representation is what we identify as the human form.  All life evolves toward that form.  

So we have the king of the Dandelions empowering millions of dandelions with aspects of its own GREAT SPIRIT.  Thus the LION KING is the GREAT SPIRIT of the lions and may well have a large number of aspects or perhaps all of the lions though i expect a finite number instead.  In our human case i am informed that we start out with 32 aspects during each incarnation.  Thus an eight lifetime cycle will normally last a century each and involve the life experiences of 8 X 32 aspects or 256 lives over an epoch in history that can often...

19:00

Coldest and Most Snow Ever Terra Forming Terra





Let us make this incredibly simple for everyone.  The sun has become cooler.  As in significantly cooler.  That means that we are really cooling off to a lower base temperature and this could be sustained for a couple of decades.  When it warms again it will also take time to rebuild all that lost heat as well.

We had a warming cycle that ran from 1960 through 2000. We then had a peak heat retention that slowly declined while the sun shifted gears.  now we have lost all that heat and the sun is nowe cooler.  Thus we have cold winters ahead for some time.  My best guess based on past patterns is that we will catch a decade or so before it shifts back up.

The good news is that we have not frozen the Rhine yet.  Next year?

.


Coldest and Most Snow Ever

Published on February 6, 2018


http://drsircus.com/spiritual-psychology/coldest-and-most-snow-ever/?u


Heavy snowfall and widespread ice have led to another day of travel disruption, amid warnings that Britain is set to be gripped by freezing weather all month. Boston tied a 100-year-old record when it marked seven consecutive days of temperatures that did not top 20 degrees Fahrenheit (-6.7 degrees Celsius). Up and down the coast, people working outdoors struggled with the frigid conditions swearing under their breaths about the idea of manmade global warming.


In Russian it is snow Armageddon. Over the weekend Moscow was drowned in snow, setting records, experiencing its heaviest snowfall in a day since records began. Moscows meteorological service said Moscow had seen more than half its average monthly snowfall in the space of 24 hours, beating the previous record set in 1957.


Dramatic global cooling this winter has created 4X more ice than average in the Great Lakes. Almost 4X the amount of ice as on this date la...

19:00

Thought Loops Terra Forming Terra


Image: BRAINWASHED: The goal of the media is to poison the minds of the masses with toxic hatred and engineered thought loops

18:49

Bill Gates to Guest Star on 'the Big Bang Theory' SoylentNews

The tech-loving characters on "The Big Bang Theory" are about to find themselves severely star-struck. The comedy series has booked Microsoft founder Bill Gates to guest star as himself in an upcoming episode, CBS and Warner Bros. tell CNN.

In the episode, Penny (Kaley Cuoco) will find herself hosting Gates at work, and her friends go to great lengths in their effort to meet the billionaire innovator. The episode is set to air in late March.

https://edition.cnn.com/2018/02/20/entertainment/bill-gates-big-bang-theory/index.html

https://www.theverge.com/2018/2/21/17035236/bill-gates-the-big-bang-theory-appearance


Original Submission

Read more of this story at SoylentNews.

18:45

Google white hackers disclosed critical vulnerabilities in uTorrent clients Security Affairs

White hackers at Google Project Zero have discovered two critical remote code execution vulnerabilities in versions of BitTorrents web-based uTorrent Web client and uTorrent Classic desktop client.

With dozens of millions of active users a day, uTorrent is one of the most popular torrent client, the vulnerabilities could be easily exploited by the researchers to deliver a malware on the target computer or view the past downloads.

Project Zero hacker Tavis Ormandy published a detailed analysis of the issues because the vulnerabilities were not fixed in a 90-day period according to the disclosure policy.

utorrent security

The flaws are tied to various JSON-RPC issues, or issues related to the way the web-based apps handle JavaScript Object Notations (JSON) as they relate to the companys remote procedure call (RPC) servers.

By default, utorrent create an HTTP RPC server on port 10000 (uTorrent classic) or 19575 (uTorrent web). There are numerous problems with these RPC servers that can be exploited by any website using XMLHTTPRequest(). To be clear, visiting *any* website is enough to compromise these applications.0 reads the technical analysis.

Both desktop and web-based uTorrent clients use a web interface to display website content, the presence of JSON-RPC issues make possible the attack decribed by Ormandy,

The expert discovered that the issue can allow an attacker to trigger a flaw in the clients by hiding commands inside web pages that interact with uTorrents RPC servers.

An attacker can exploit the vulnerability to change the torrent download folder and download a file to any writable location, including the Windows Startup folder and download an executable file, that will be executed on every startup. The  attacker could exploit the same flaw to gain access to users download activity information.

The researchers explained that a remote exploitation of the flaw requires a DNS rebinding attack that allows a JavaScript code hosted on a website to create a bridge to the local network bypassing the same-origin policy (SOP).

This requires some simple DNS rebinding to attack remotely, but once you have the (authentication) secret you can ju...

18:42

Know the Signs Programs Lifeboat News: The Blog

Research-based programs and practices to help protect children from gun violence in your homes, schools and communities.

People who are at-risk of hurting themselves or others often show signs and signals before an act of violence takes place. When you dont know what to look for, it can be easy to miss signs, or dismiss them as unimportant, sometimes with tragic consequences.

Its important to know that one warning sign on its own does not mean a person is planning an act of violence. But when many connected or cumulative signs are observed over a period of time, it could mean that the person is heading down a pathway towards violence or self-harm. By knowing the signs, you have the power to intervene and get help for that person. Your actions can save lives.


Sandy Hook Promise trains students and adults to know the signs of gun violence so that no other parent experiences the senseless, horrific loss of their child. Join us.

18:14

[CORE-2017-0006] Trend Micro Email Encryption Gateway Multiple Vulnerabilities Bugtraq

Posted by Core Security Advisories Team on Feb 21

Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Trend Micro Email Encryption Gateway Multiple Vulnerabilities

1. *Advisory Information*

Title: Trend Micro Email Encryption Gateway Multiple Vulnerabilities
Advisory ID: CORE-2017-0006
Advisory URL:
http://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities
Date published: 2018-02-21
Date of last update: 2018-02-21
Vendors contacted:...

18:11

DefenseCode Security Advisory: PureVPN Windows Privilege Escalation Vulnerability Bugtraq

Posted by Defense Code on Feb 21

DefenseCode Security Advisory
PureVPN Windows Privilege Escalation Vulnerability

Advisory ID: DC-2018-02-001
Advisory Title: PureVPN Windows Privilege Escalation Vulnerability
Advisory URL: http://www.defensecode.com/advisories.php
Software: PureVPN
Version: 5.19.4.0 and below (Windows Build Version: 6)
Vendor Status: Vendor contacted, vulnerability fixed
Release Date: 21/02/2018
Risk: MEDIUM

1. General Overview...

17:17

Booze News SoylentNews

One one hand, drinking alcohol may make you live longer.

Drinking could help you live longerthat's the good news for happy-hour enthusiasts from a study presented last week at the annual meeting of the American Association for the Advancement of Science. According to the study, people who live to 90 or older often drink moderately.

On the other, you might not remember who you are any more.

Heavy drinkers are putting themselves at risk of dementia, according to the largest study of its kind ever conducted.


Original Submission

Read more of this story at SoylentNews.

17:00

Relive Radio Shacks Glory Days by Getting Goofy Hackaday

The Golden Age of Radio Shack was probably sometime in the mid-1970s, a time when you could just pop into the local store and pay 49 cents for the resistors you needed to complete a project. Radio Shack was the place to go for everything from hi-fi systems to CB radios, and for many of us, being inside one was very much a kid in a candy store scenario.

Thats not to say that Radio Shack was perfect, but one thing it did very well was the education and grooming of the next generation of electronics hobbyists, primarily through their Science Fair brand. Some of us will recall the P-Box kits from that line, complete projects with all the parts and instructions in a plastic box with a perfboard top. These kits were endlessly entertaining and educational, and now [NetZener] has recreated the classic neon Goofy Light P-Box project.

As it was back in the day, the Goofy Light is almost entirely useless except for learning about DC-DC converters, multivibrators, RC timing circuits, and the weird world of negative resistance. But by using the original Science Fair instructions, compiling a BOM that can be filled from Mouser or Digikey, and making up a reasonable facsimile of the original P-Box chassis, [NetZener] has done a service to anyone looking for a little dose of nostalgia.

It would be interesting if someone brought back the P-Box experience as a commercial venture, offering a range of kits with circuits like the originals. If that happens, maybe some of the offerings will be based on that other classic from Radio Shacks heyday.

16:25

NEW 'Off The Hook' ONLINE 2600 - 2600: The Hacker Quarterly

NEW 'Off The Hook' ONLINE

Posted 22 Feb, 2018 5:25:27 UTC

The new edition of Off The Hook from 21/02/2018 has been archived and is now available online.

16:09

Mesa 17.3 Remains Quite Buggy, Developer Calls For Better Handling In The Future Phoronix

If you are making use of the Mesa 17.3 releases, have you found them to be buggier than normal for this open-source 3D graphics driver stack? There remains a higher than average amount of bugs still outstanding that have plagued Mesa 17.3, even with being up to 17.3.5...

15:45

Apple in Talks to Buy Cobalt Directly From Mining Companies SoylentNews

Apple is looking to ensure that it has the steady supply of cobalt it needs to produce iPhones and other electronics:

Apple Inc. is in talks to buy long-term supplies of cobalt directly from miners for the first time, according to people familiar with the matter, seeking to ensure it will have enough of the key battery ingredient amid industry fears of a shortage driven by the electric vehicle boom.

The iPhone maker is one of the world's largest end users of cobalt for the batteries in its gadgets, but until now it has left the business of buying the metal to the companies that make its batteries.

The talks show that the tech giant is keen to ensure that cobalt supplies for its iPhone and iPad batteries are sufficient, with the rapid growth in battery demand for electric vehicles threatening to create a shortage of the raw material. About a quarter of global cobalt production is used in smartphones.

Also at Ars Technica and TechCrunch.


Original Submission

Read more of this story at SoylentNews.

15:26

Australian Pirate Site Blocks Actually Block Pirate Sites TorrentFreak

Australian copyright holders and lawmakers have been struggling to find an adequate response to online piracy for several years.

Progress has been slow, but with pirate site blockades now in effect, there appears to be some movement.

New research published by INCOPRO this week shows that traffic to blocked pirate sites has decreased 53.4% since the first measures were implemented a year ago. In total, usage of the top 250 pirate sites dropped a significant 25.4% in Australia.

In summary, the research confirms that direct traffic to blocked sites has decreased dramatically. Or put differently, the site blocking efforts actually block pirate sites, which by itself should hardly come as a surprise.

In fact, one might wonder how effective the blockades really are when nearly half of all direct traffic to the blocked sites in Australia remains intact and dozens of the countrys ISPs are involved.

On top, its also worth mentioning that the research doesnt take VPN usage into account. Australian interest in VPNs surged after the blockades were announced, so many people are likely to be circumvented the blockades using foreign VPNs.

While VPNs were not factored in, the current research did look at proxy site traffic and concludes that this only substitutes a small portion of the traffic that went to pirate sites before the blockades.

While its undoubtedly true that direct traffic to blocked sites has dropped, the research also includes some odd results. For example, it attributes a recent drop in Isohunt.to traffic to the blocking measures, when in reality the site actually shut down.

ISOHunt usage has been on a downward trend since December 2016, and is now at its lowest on record having reduced by 96.4% since blocking began, the report reads, drawing on data from Alexa.

But perhaps were nitpicking.

Creative Content Australia (CCA) is happy with these results and states that the fight against piracy has claimed a significant victory. However, the anti-piracy group also stressed that more can be done.

The reduction in piracy is exciting news but that 53% could be 90%, CCA Chairman Graham Burke says, using the opportunity to take another stab at Google.

The government has shut the front door, but Google is leading people to the back door, showing no respect for Australian law or c...

15:02

Scientists Will Transport Antimatter in a Truck Lifeboat News: The Blog

The antimatter of science fiction vastly differs from the real-life antimatter of particle physics. The former powers spaceships or bombs, while the latter is just another particle that physicists study, one that happens to be the mirror image with the opposite charge of the more familiar particles.

Normally, scientists produce antimatter in the lab, where it stays put in an experimental apparatus for further study. But now, researchers are planning on transporting it for the first time from one lab to another in a truck for research. Elizabeth Gibney reports for Nature:

In a project that began last month, researchers will transport antimatter by truck and then use it to study the strange behaviour of rare radioactive nuclei. The work aims to provide a better understanding of fundamental processes inside atomic nuclei and to help astrophysicists to learn about the interiors of neutron stars, which contain the densest form of matter in the Universe.

14:43

For this robot, the secret to crawling is artificial snakeskin Lifeboat News: The Blog

The world is getting flooded with tiny (creepy) robots that can crawl all over the place, including your clothes. The latest one, created by scientists at Harvard University, uses artificial scaly skins to move forward kind of like a snake.

The soft robot is just a silicone rubber tube. But whats special about it is its skin a thin, stretchable plastic sheet thats been cut with a laser. The cuts, in the shape of triangles or circles, resemble the scales on the skin of snakes. When air is pumped into the tube, the robot expands and contracts, allowing the scales to pop up, anchor against the surface, and pull the robot forward. In a study published today in Science Robotics, scientists showed that the artificial snakeskins work against rough surfaces like asphalt and concrete. In the future, these robots could be scaled down and used to deliver drugs inside arteries, or in disaster situations where bots need to crawl inside narrow spaces.

14:13

ShmooCon 2018 Videos Online SoylentNews

ShmooCon, an American hacker convention, has its 2018 presentations online over at the Internet Archive, or on Youtube maybe. Each year original material on subjects related to computer security and cyberculture is presented. ShmooCon 2018 ran from January 19th through the 21st in Washington, D.C. with about 2,200 attendees.

ShmooCon website.


Original Submission

Read more of this story at SoylentNews.

14:12

[$] LWN.net Weekly Edition for February 22, 2018 LWN.net

The LWN.net Weekly Edition for February 22, 2018 is available.

14:02

Doctors In China Lead Race To Treat Cancer Lifeboat News: The Blog

CRISPR In China: Cancer Treatment With Gene Editing Underway : Shots Health News More than a third of patients with cancer of the esophagus responded to experimental treatment in China with the gene-editing technique CRISPR. Several CRISPR studies are underway there.

14:00

Retrocomputing for the Forgotten Hackaday

The world runs on marketing hype. Remember the public relations swirl around the Segway? Before it rolled out we were led to believe it was going to be remembered as fire, the wheel, and Segway. Didnt really happen. Microsoft and IBM had done something similar with OS/2, which you may not even remember as the once heir-apparent to MS-DOS. OS/2 was to be the operating system that would cure all the problems with MS-DOS just as IBMs new Microchannel Architecture would cure all the problems surrounding the ISA bus (primarily that they couldnt stop people from cloning it). What happened? OS/2 died a slow agonizing death after the Microsoft/IBM divorce. But for whatever reason [Ryan C. Gordon] decided to write a Linux emulation layer for OS/2 call 2ine (twine).

We like retrocomputing projects even if they arent very practical, and this one qualifies. The best analog for 2ine is it is Wine for OS/2, which probably has something to do with the choice of name. You might be ready to click away since you probably dont have any OS/2 programs you want to run, but wait! The good news is that the post has a lot of technical detail about how Linux and OS/2 programs load and execute. For that reason alone, the post is well worth a read.

[Ryan] had been working on Unreal Tournament 2004 and saw a product called [Pixomatic]. Under Linux, Pixomatic actually loads a Windows DLL to do some work. This led him to dig into how the loaders worked and of course this is not unlike how Wine can load Windows binaries and provide them Windows API services that really do things in the Linux way. This led to a lot of interesting projects he mentions in passing, including one to load a shared library from memory instead of a file.

So recently in a fit of boredom, hes started loading OS/2 programs and has had some success. This took some research on the OS/2 executable format and a lot of exploration of OS/2 strange memory model, exacerbated by the shift from 16-bit OS/2 to 32-bit OS/2. The big pay off is how he found how Wine and dosemu can cobble up the 32-bit Linux environment to run 16-bit code.

Theres more, but just go read the post. The detail is impressive and although it isnt running anything practical yet, it does work and the technical detective work behind it makes for a great read.

As for period reproductions, wed much rather do hardware and simulate a Z80 or just about anything else. Still, OS/2 is part of the PCs history, and the lessons you can glean from this transcend the actually usefulness  or lack thereof of running OS/2 binaries.

14:00

When You Listen to Music, Youre Never Alone - Issue 57: Communities Nautilus


On a late spring evening in 2015, at South Street Seaport, a square on the southern tip of Manhattan, hundreds of people slipped on headphones and slipped into their own worlds. It was a clear night, perfect for a stroll, but attendees werent interested in local shops and restaurants. They were too busy dancing silently to the music, tuning inor tuning outto a silent disco.

The silent disco is a concert that passersby can barely hear, and that attendees can customize with a flip of the switch. At this event, a wireless signal allowed dancers to choose their favorite of three playlists. Each pair of headphones covered the ears and gave off a robotic glow. This is what weve been reduced to: dancing with ourselves, one dancer told a reporter from The New York Times.

To some observers, the silent disco represents a peculiar form of shared isolationa way to turn up the volume of modern alienation, to look social but remain solitary. Headphones have been creeping into musical activities that once were social, the writer and jazz musician Eric Felten lamented in the Wall Street Journal.

DANCING BY YOURSELF: Critics who lament that silent discos symbolize individualism and the
Read More

Why New York City Needs Its Own Cryptocurrency - Issue 57: Communities Nautilus


Money used to be local. The first non-precious metal coins emerged as a natural consequence of trade, and were seldom accepted as currency outside the city-state on the Grecian coast that minted them. Then nation-states emerged and central banking was invented as an institution. Fiat currencies were deigned into circulation and the connection between money and place was mostly lost. Today, a dollar printed in West Point is the same dollar wherever it is found, whether its Dubuque or Dubai. It derives its value from the law of the United States and that law has no physical home. The United States of America, like all other countries, is a polygon on a map, a theoretical construct, a policy document.

As the dust settles on the haboob that cryptocurrencies have become over the last year or so and we try to find things of lasting value from the wreckage, we should keep in mind this missing piece of the puzzle: All resilient things start local. To find inherent value and stability digital currencies need to ground themselves somewhere. They need to go local. A theoretical construct is no longer enough. Digital currencies need something more tangible than just value by decree.
Read More

The City at the Center of the Cosmos - Issue 57: Communities Nautilus


Some 48 kilometers north of Mexico City, in the Basin of Mexico, towers the Pyramid of the Sun at Teotihuacn. This massive 71-meter high structure makes you feel like a speck of dust in the presence of the gods. And that is exactly what the builders intended. Those who dwelt at Teotihuacn lived at the heart of a vast sacred landscape. The city itself covered more than 21 square kilometers, and it dominated the basin and the surrounding highlands. By 100 A.D., at least 80,000 people lived there. And between 200 and 750 A.D., Teotihuacns population swelled to more than 150,000. At the time, it was as big as all but the largest cities of China and the Middle East.

Archaeologists have worked there for nearly a century. Theyve learned that Teotihuacn was a vast symbolic landscape of artificial mountains, foothills, caves, and open spaces that replicated the spiritual world. Over a period of more than eight centuries, the Teotihuacnos built 600 pyramids, 500 workshop areas, a huge marketplace, 2,000 apartment complexes, and several squares or plazas.

Cosmology as geography: A view from the Pyramid of the Moon toward the Pyramid of the Sun.DEA / ARCHIVIO J. LANGE / Contributor /
Read More

13:48

Former Google employee suing over alleged wrongful firing The Hill: Technology Policy

A former Google employee is now suing the company, claiming he was wrongfully terminated for his criticism of an anti-diversity memo sent to staff members last year, Wired Magazine reports. Tim Chevalier, a transgender former...

13:42

Is It Time for a Transhumanist Olympics? Lifeboat News: The Blog

While the Winter Olympics are going on, heres.

A story of mine on the dream of a future Transhumanist Olympics: https://www.huffingtonpost.com/zoltan-istvan/is-it-time-for-77194.html #transhumanism


Oracle Team USA made a historic comeback to beat Emirates Team New Zealand in the Americans Cup in San Francisco last month. I have closely followed the sport of sail racing for over 30 years, and what astonishes me is how much faster and better the boats are today than they were three decades ago. Sailing speeds and performances have doubled in some cases.

The same cannot be said about most other major sports. Even Michael Phelps, considered by many the greatest living athlete, is only a few seconds faster than swimming world records set 30 years ago. Most sports have not allowed scientific improvements or technology upgrades to their athletes and the equipment they use. I find that disappointing.

What is on the rise in athletics, however, are multi-million dollar campaigns and testing measures designed to ensure athletes dont cheat by using performance enhancing drugs and technologies. Some athletes even complain about undergoing TSA-like testing procedures right before their events. Does anyone else see a problem with that? Does anyone else see something anti-progressive about the state of our competitive sporting industry today?

As an advanced society full of technological wonders, perhaps its time we consider upgrading our idea of sports and rethinking what constitutes an exemplary athlete. Perhaps its time for something more modern and exciting, such as the transhuman athlete.

12:57

Ex-CIA Director: U.S. Meddles in Foreign Elections for a Very Good Cause cryptogon.com

Via: The Hill: Following a federal indictment of Russians accused of meddling in the U.S election, a former CIA director on Friday said the U.S. probably meddles in other countries elections, as well. The Russian embassy flagged his comments. When asked whether the U.S. interferes in other countries elections, James Woolsey said, Well, only for []

12:47

[CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5 Open Source Security

Posted by Justin Bull on Feb 21

Hey everyone,

A security bulletin for you.

Software:
---------
Doorkeeper (https://github.com/doorkeeper-gem/doorkeeper)

Description:
------------
Doorkeeper is an OAuth 2 provider for Rails written in Ruby.

Affected Versions:
------------------
2.1.0 - 4.2.5

Fixed Versions:
---------------
4.2.6 or later

Problem:
--------
Stored XSS on the OAuth Client's name will cause users being prompted
for consent via the "implicit"...

12:41

Amateur Astronomer Tests New Camera, Catches Birth of a Supernova SoylentNews

Submitted via IRC for FatPhil

An amateur astronomer has captured the birth of a supernova while trying out his new camera. Scientists believe this could be the first time anyone has photographed the initial flashing of a supernovaa phase which can last just minutes.

Researchers think the serendipitous snaps offer unique insights into the evolution of supernova, which are usually only pictured after this brief "shock breakout" phase. A new analysis of the surge of light is published in Nature this week.

[...] The discovery was monumental not just for Buso but astronomy as a whole. Researchers Melina Bersten and Gastn Folatelli, part of the team investigating the supernova in the Nature paper, told Newsweek these chance photos could be the first of their kind.

"We actually think this is the first time an observer recorded the appearance of a supernova literally on camera. Some supernova have been discovered hours after explosion. But, Victor Buso caught the exact minutes when the supernova was being born," Bersten said. Not only that, she added, but he had captured the evolution of this elusive phase.

Source: http://www.newsweek.com/supernova-birth-photograph-amateur-815041


Original Submission

Read more of this story at SoylentNews.

12:30

Wine-Staging Has Been Revived, Working Towards New Release Phoronix

Wine-Staging has been a flavor of Wine popular with Linux gamers for often carrying bleeding-edge patches and other experimental work prior to being mainlined. But over two months ago, Wine-Staging went silent without any further updates. A few days ago the original maintainers announced they parted ways with the work due to lack of time and would not be issuing any new releases. Now there are new developers taking over...

11:44

OpenBSD Gets Mitigated For Meltdown CPU Vulnerability Phoronix

A few days back FreeBSD 11 stable was mitigated for Meltdown (and Spectre vulnerabilities), which came more than one month after these nasty CPU vulnerabilities were disclosed while DragonFlyBSD was quickly mitigated and the first of the BSDs to do so. While OpenBSD is known for its security features and focus, only today did it land its initial Meltdown mitigation...

11:38

Smashing Security #066: Passwords, pirates, and postcards Graham Cluley

Smashing Security #066: Passwords, pirates, and postcards

Flight simulators packed with password-grabbing malware, Facebook fighting Russian trolls, and how vulnerability researchers fear being sued.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Dave Bittner from The CyberWire podcast.

11:31

End of the UPC Lobby and Withdrawal of UPCA May Seem Imminent Techrights

Retired Judge Siegfried Bro has long spoken out against the Unified Patent Court (UPC); and for good reasons

Siegfried Bro
Image courtesy: campact.de

Summary: The Unitary Patent fantasy (of mass litigation firms) is coming to an end; in fact, the German government and courts (Bundesverfassungsgericht to be specific) now deem the complaint to be admissible and thus likely legitimate in spite of many attempts to shoot it down

The European Patent Office (EPO) barely says anything about the UPC. It used to. A lot. But it rarely mentions it anymore. The closest thing to a mention was todays tweet that said: Read more about the impact of #patent protection on trade & FDI in innovative industries in this study

Its like a template tweet that they cyclically shuffle/revolve in order for the propaganda to broaden its reach. Propaganda? Yes, propaganda. What they dont say is that they funded it. In the process, the EPO entered controversial territories; it really corrupted academia (we explained this before). This is a serious matter. The EPO not only corrupts the media but also academia; and guess whos paying for all this

The EPO not only corrupts the media but also academia; and guess whos paying for all thisEPO staff is said to be prepared for chopping while the management corrupts the press and universities. Its not cheap. It also pays something like 5 million euros for events that last just one afternoon (that alone is a years salary of about 50 examiners). As the EPO implicitly acknowledges (by mention of two Twitter accounts), it paid money to LSE (UK) and the University of Colorado Boulder (US) for UPC propaganda. Sadly for them, however, the Unitary Patent is dead regardless. How dead? Check out what...

11:08

Japanese Man Granted Paternity Rights to 13 Children Born to Surrogate Mothers SoylentNews

Mitsutoki Shigeta: 'Baby factory' dad wins paternity rights

A Bangkok court has awarded paternity rights to a Japanese man over 13 babies he fathered through Thai surrogate mothers. The ruling allows Mitsutoki Shigeta, 28, to pursue custody of the children.

The son of a wealthy entrepreneur, he caused controversy in 2014 when he was revealed to have fathered at least 16 babies via surrogates in Thailand. His so-called "baby factory" case and others led to Thailand banning commercial surrogacy for foreigners.

Mr Shigeta, who was not present at the trial, was awarded "sole parent" rights after the Thai surrogates forfeited their rights, according to the court, which did not name him.

"For the happiness and opportunities which the 13 children will receive from their biological father, who does not have a history of bad behaviour, the court rules that all 13 born from surrogacy to be legal children of the plaintiff," Bangkok's Central Juvenile Court said in a statement.

Also at Newsweek and ABC.

Related: Medical Ethics of Multiples, Surrogacy, and Abortion


Original Submission

Read more of this story at SoylentNews.

11:00

Linux Adds CH341 GPIO Hackaday

There was a time when USB to serial hardware meant one company: FTDI. But today there are quite a few to choose from and one of the most common ones is the WCH CH341. Theres been support for these chips in Linux for a while, but only for use as a communication port. The device actually has RS232, I2C, SPI, and 8 general purpose I/O (GPIO) pins. [ZooBaB] took an out-of-tree driver that exposes the GPIO, and got it working with some frightening-looking CH341 boards.

He had to make a slight mod to the driver to get six GPIOs in /sys/class/gpio. Once there though, it is easy to manipulate the pins using a shell script or anything that can write to the virtual files corresponding to the GPIO pins.

For example, he did a speed test that was this simple:

#!/bin/bash
x=100000
while ((x--)); do
 i=$((i+1))
 echo 0 > /sys/class/gpio/gpio1/value
 echo 1 > /sys/class/gpio/gpio1/value
done

He got about 2.2 kHz out of the output pin, and although he didnt say the exact hardware configuration it gives you some idea about the possible speed.

There are some other examples, and a look at several inexpensive boards that expose the I/O pins. Theres also some discussion of some mods of those boards.

The ability to share and hack drivers is one of the things that makes Linux so great for hackers. Your Linux system probably has all the tools you need and, if not, they are a package manager command away. Even if you arent comfortable building a whole driver, patching one like [ZooBab] did is very doable.

Of course, there are faster ways to drive I/O. We looked at the details of the CH340 and CH341 way back in 2014.

11:00

HPR2494: linux.conf.au 2018: Nicolas Steenhout Hacker Public Radio

Clinton interviews Nicolas Steenhout about his accessibility workshop, covering the different areas that automated and manual testing can cover. We also talk about the conference in general, and on the different ways that conference get feedback about their speakers.

10:52

Overnight Tech: SEC updates guidance on data breaches | Twitter cracks down on automated tweets | Feds hit former bitcoin exchange with fraud charges The Hill: Technology Policy

SEC UPDATES GUIDANCE ON DISCLOSING DATA BREACHES: Wall Street's top regulator on Wednesday released updated guidance on how public companies should go about disclosing cybersecurity breaches and "risks" to the public.The Securities and Exchange...

10:48

[$] New tricks for XFS LWN.net

The XFS filesystem has been in the kernel for fifteen years and was used in production on IRIX systems for five years before that. But it might just be time to teach that "old dog" of a filesystem some new tricks, Dave Chinner said, at the beginning of his linux.conf.au 2018 presentation. There are a number of features that XFS lacks when compared to more modern filesystems, such as snapshots and subvolumes; but he has been thinkingand writing codeon a path to get them into XFS.

10:26

EPOs Board 28 Spikes Article 53 in CA/3/18, Apparently After Battistelli Withdrew It Techrights

The draft reform proposal CA/3/18 will, if it is allowed to enter into force, put an end to permanent employment at the EPO. EPO insiders

Most of the world's workers have insecure jobs, ILO report reveals
Reference: Most of the worlds workers have insecure jobs, ILO report reveals

Summary: The latest plot twist, as odd as that may seem, is that the attack on the rights of thousands of workers (many of whom are rumoured to be on their way out) is curtailed somewhat, at least for the time being

The European Patent Offices (EPO) demise is worrying. Its inevitable, but its still worrying (layoffs are probably coming very soon, based on insiders). CA/3/18 was covered here yesterday, based on the words of insiders.

World Intellectual Property Review has just written about this: [via SUEPO]

The European Patent Offices (EPO) supervisory body, the Administrative Council (AC), will deliberate an employment proposal put forward by EPO president Benot Battistelli to recruit staff on renewable contracts of five years in March.

Battistelli and Elodie Bergot, principal director of human resources, added the motion to discuss permanent employment at the EPO during a budget and finance committee meeting in October last year.

At the time, a spokesperson for the EPO said that the office is in a unique situation with 97% of its staff hired on a permanent basis.

A first discussion of the proposal, which is called the Modernisation of the employment framework of the EPO, took place during the ACs meeting in December.

The proposal has since been amended.

The latest on this suggests further amendments. An EPO insider...

10:24

Snap responds to petition calling for it to scrap its redesign The Hill: Technology Policy

Snap, the parent company of Snapchat, responded on Tuesday to a petition calling for it to reverse its app redesign.The messaging app did not say it would revert to its prior design, but did say that it will roll out a new update in the coming...

10:08

House to consider bill next week to combat online sex trafficking The Hill: Technology Policy

The House is expected to consider legislation when it returns from holiday recess next week that would ensure classified advertising websites such as Backpage.com can no longer enable sex trafficking.The bipartisan bill would allow the...

09:40

Trisha Navidzadeh, Principal of Space Marketing Group, joins our Space Settlement Board. Lifeboat News

Trisha Navidzadeh, Principal of Space Marketing Group, joins our Space Settlement Board.

09:38

[$] An overview of Project Atomic LWN.net

Terms like "cloud-native" and "web scale" are often used and understood as pointless buzzwords. Under the layers of marketing, though, cloud systems do work best with a new and different way of thinking about system administration. Much of the tool set used for cloud operations is free software, and Linux is the platform of choice for almost all cloud applications. While just about any distribution can be made to work, there are several projects working to create a ground-up system specifically for cloud hosts. One of the best known of these is Project Atomic from Red Hat and the Fedora Project.

09:35

Intel Coffee Lake OpenGL Performance On Windows 10 vs. Linux Phoronix

For those curious about the state of Intel's open-source Mesa OpenGL driver relative to the company's closed-source Windows OpenGL driver, here are some fresh benchmark results when making use of an Intel Core i7 8700K "Coffee Lake" processor with UHD Graphics 630 and testing from Windows 10 Pro x64 against Ubuntu 16.04.3 LTS, Ubuntu with the Linux 4.16 Git kernel and Mesa 18.1-dev, and then Intel's own Clear Linux distribution.

09:35

The U.S. Intelligence Community's Demonization of Huawei Remains Highly Hypocritical SoylentNews

Submitted via IRC for Runaway1956

The U.S. Intel Community's Demonization of Huawei Remains Highly Hypocritical

We've noted for some time how Chinese hardware vendor Huawei has been consistently accused of spying on American citizens without any substantive, public evidence. You might recall that these accusations flared up several years ago, resulting in numerous investigations that culminated in no hard evidence whatsoever to support the allegations. We're not talking about superficial inquiries, we're talking about eighteen months, in-depth reviews by people with every interest in exposing them. One anonymous insider put it this way in the wake of the last bout of hysteria surrounding the company:

We knew certain parts of government really wanted" evidence of active spying, said one of the people, who requested anonymity. "We would have found it if it were there.

[...] This week, hysteria concerning Huawei again reached a fevered pitch, as U.S. intelligence chiefs, testifying before Congress over Russian hacking and disinformation concerns, again proclaimed that Huawei was spying on American citizens and their products most assuredly should not be used:

At the hearing, FBI Director Chris Wray testified, "We're deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don't share our values to gain positions of power inside our telecommunications networks." Purchasing Huawei or ZTE products, Wray added, "provides the capacity to maliciously modify or steal information. And it provides the capacity to conduct undetected espionage.

Which values would those be, exactly? Would it be the values, as leaked Edward Snowden docs revealed, that resulted in the NSA hacking into Huawei, stealing source code, then attempting to plant its own backdoors into Huawei products? Or perhaps it's the values inherent in working closely with companies like AT&T to hoover up every shred of data that touches the AT&T network and share it with the intelligence community? Perhaps it's the values inherent in trying to...

09:30

Links 21/2/2018: Apper 1.0, New Fedora ISOs Techrights

GNOME bluefish

Contents

GNU/Linux

09:26

White nationalist sues Twitter over suspended account The Hill: Technology Policy

A white nationalist group and its founder said Wednesday that they were suing Twitter for banning their accounts, arguing the company did so because it disagreed with their viewpoints.Jared Taylor, who leads the American Renaissance...

09:10

WhatsApp co-founder donates $50M to new Signal nonprofit wing The Hill: Technology Policy

Brian Acton, a co-founder of the Facebook-owned messaging service WhatsApp, is donating $50 million to a new nonprofit supporting the encrypted messaging app Signal.Acton will also serve as the executive chairman of the newly formed Signal...

08:46

Intel releases Spectre patches for Skylake, Kaby Lake, Coffee Lake Security Affairs

Intel released a stable microcode update to address the Spectre vulnerability for its Skylake, Kaby Lake, and Coffee Lake processors in all their various variants.

Intel has released microcode to address the CVE-2017-5715 Spectre vulnerability for many of its chips, lets this time the security updates will not cause further problems.

The Spectre attack allows user-mode applications to extract information from other processes running on the same system. It can also be exploited to extract information from its own process via code, for example, a malicious JavaScript can be used to extract login cookies for other sites from the browsers memory.

The Spectre attack breaks the isolation between different applications, allowing to leak information from the kernel to user programs, as well as from virtualization hypervisors to guest systems.

Problems such as frequent reboots were related to the fix for the CVE-2017-5715 Spectre flaw (Spectre Variant 2) and affected almost any platform, including systems running on Broadwell Haswell CPUs, as well as Ivy Bridge-, Sandy Bridge-, Skylake-, and Kaby Lake-based platforms.

Spectre patches

A couple of weeks ago Intel released new microcode for its Skylake processors, now it has announced security updates for Kaby Lake, Coffee Lake and other CPUs.

The microcode is now available for all 6th, 7th, and 8th generation Core processors and also X-series Intel Core products, as well as Xeon Scalable and Xeon D chips.

Intel released the Spectre firmware security updates for the following products:

Anniedale/Moorefield, Apollo Lake, Avoton/Rangeley, Broxton, Ch...

08:43

A Computer Glitch Let a Trader Claim $20 Trillion in Free Bitcoin Lifeboat News: The Blog

Computing error lets people grab Bitcoin tokens for $0 on Japans Zaif exchange.

08:43

Dev Report: IBM & Unity Partner to Offer AI Tool That Could Make Augmented Reality Apps Smarter Lifeboat News: The Blog

This month, the power of artificial intelligence will be coming to more augmented reality developers as a leader in the game and 3D software development space and a major force behind the current school of cloud-based AI have officially announced a new partnership.

In a post on Unitys website on Tuesday, the company revealed a partnership with computing giant IBM to launch the IBM Watson Unity SDK. This programming interface will open up new cloud-based AI services for developers to use in their applications. And, with AR and AI having become increasingly intertwined technologies, this is only good news for AR developers.

08:42

He Took a Picture of a Supernova While Setting Up His New Camera Lifeboat News: The Blog

Astronomers rarely see the beginnings of these explosions, but an Argentine amateurs lucky picture helped them study the start of a massive stars violent death.

08:42

Step Inside the World of Transhumanism, Where Death Is Only Temporary Lifeboat News: The Blog

Fascinating!


Transhumanists believe in a future of human immortality. A community in Russia is working to make it happen.

08:30

Feds charge former bitcoin exchange with fraud The Hill: Technology Policy

Federal authorities on Wednesday brought fraud charges against BitFunder, a defunct cryptocurrency stock exchange, and arrested the company's founder for obstruction of justice.The Securities and Exchange Commission (SEC) charged the company with...

08:23

TVAddons Suffers Big Setback as Court Completely Overturns Earlier Ruling TorrentFreak

On June 2, 2017 a group of Canadian telecoms giants including Bell Canada, Bell ExpressVu, Bell Media, Videotron, Groupe TVA, Rogers Communications and Rogers Media, filed a complaint in Federal Court against Montreal resident, Adam Lackman.

Better known as the man behind Kodi addon repository TVAddons, Lackman was painted as a serial infringer in the complaint. The telecoms companies said that, without gaining permission from rightsholders, Lackman communicated copyrighted TV shows including Game of Thrones, Prison Break, The Big Bang Theory, Americas Got Talent, Keeping Up With The Kardashians and dozens more, by developing, hosting, distributing and promoting infringing Kodi add-ons.

To limit the harm allegedly caused by TVAddons, the complaint demanded interim, interlocutory, and permanent injunctions restraining Lackman from developing, promoting or distributing any of the allegedly infringing add-ons or software. On top, the plaintiffs requested punitive and exemplary damages, plus costs.

On June 9, 2017 the Federal Court handed down a time-limited interim injunction against Lackman ex parte, without Lackman being able to mount a defense. Bailiffs took control of TVAddons domains but the most controversial move was the granting of an Anton Piller order, a civil search warrant which granted the plaintiffs no-notice permission to enter Lackmans premises to secure evidence before it could be tampered with.

The order was executed June 12, 2017, with Lackmans home subjected to a lengthy search during which the Canadian was reportedly refused his right to remain silent. Non-cooperation with an Anton Piller order can amount to a contempt of court, he was told.

With the situation seemingly spinning out of Lackmans control, unexpected support came from the Honourable B. Richard Bell during a subsequent June 29, 2017 Federal Court hearing to consider the execution of the Anton Piller order.

The Judge said that Lackman had been subjected to a search without any of the protections normally afforded to litigants in such circumstances and took exception to the fact that the plaintiffs had ordered Lackman to spill the beans on other individuals in the Kodi addon community. He described this as a hunt for further evidence, not the task of preserving evidence it shouldve been.

Justice Bell concluded by ruling that while the prima facie case against Lackman may have appeared strong before the judge who heard the matter ex parte, the subsequent adversarial hearing undermined it, to the point that it no longer met the threshold.

As a result of these failings, Judg...

08:00

Vintage Sewing Machine to Computerized Embroidery Machine Hackaday

It is February of 2018. Do you remember what you were doing in December of 2012? If youre [juppiter], you were starting your CNC Embroidery Machine which would not be completed for more than half of a decade. Results speak for themselves, but this may be the last time we see a first-generation Raspberry Pi without calling it retro.

The heart of the build is a vintage Borletti sewing machine, and if you like machinery porn, youre going to enjoy the video after the break. The brains of the machine are an Arduino UNO filled with GRBL goodness and the Pi which is running CherryPy. For muscles, there are three Postep25 stepper drivers and corresponding NEMA 17 stepper motors.

The first two axes are for an X-Y table responsible for moving the fabric through the machine. The third axis is the flywheel. The rigidity of the fabric frame comes from its brass construction which may have been soldered at the kitchen table and supervised by a big orange cat. A rigid frame is the first ingredient in reliable results, but belt tension cant be understated. His belt tensioning trick may not be new to you, but it was new to some of us. Italian translation may be necessary.

The skills brought together for this build were vast. There was structural soldering, part machining...

08:00

Austin, Denver, and Detroit are Good Places to Be a Software Engineer Looking for a Job IEEE Spectrum Recent Content full text

Los Angeles, Dallas/Fort Worth, and Philadelphia engineersit might be time to relocate, LinkedIn study suggests Photo: iStock

A study by LinkedIn aimed at recruiters offers a few insights for software engineers.

For onethere are a few unexpected places in which software engineers are a particularly hot commodity, that is, where a lot of jobs are chasing a relatively small community of engineers. These areas, which LinkedIn calls saturated markets, include Austin, Denver, and Detroit. Software engineers in those markets just might be in a good position to negotiate a higher salaryor ask for a raise.

The study also spotted a few cities that are perhaps not where a software engineer looking to advance her career might want to put down roots. LinkedIn calls Los Angeles, Dallas, and Philadelphia hidden gems for tech recruitersplaces where demand for software engineers is low, but supply is high. Engineers in these buyers markets might be open to relocating, the data suggested.

Map showing Median Total Compensation Image: LinkedIn

And, the study indicated, many software engineers are open to relocatingwith most roads leading to the Bay Area, but a few leading away.

top paths for software engineers that changed regions Image: LinkedIn

The LinkedIn report showed that engineers are moving to the Bay Area from New York, Los Angles, Seattle, Boston, San Diego, Chicago, and Pittsburghand moving away from the Bay Area to Seattle, New York, and Los Angeles (those routes are apparently heavily trafficked in both directions).

LinkedIn also looked at demand and supply for six software engineering subspecialties. The machine learning and data science category came out on top, with demand far outpacing supplybut you already knew that. Other hot categories identified are mobile development and front-end development, followed by infrastructure and cloud development, test and quality assurance, and embedded a...

07:46

Unconventional Superconductor May Be Used To Create Quantum Computers Of The Future SoylentNews

With their insensitivity to decoherence what are known as Majorana particles could become stable building blocks of a quantum computer. The problem is that they only occur under very special circumstances. Now researchers at Chalmers University of Technology have succeeded in manufacturing a component that is able to host the sought-after particles.

After an intensive period of analyses the research team led by Professor Floriana Lombardi, Chalmers University of Technology, was able to establish that they had probably succeeded in creating a topological superconductor.

[...] Majorana fermions are highly original particles, quite unlike those that make up the materials around us. In highly simplified terms, they can be seen as half electron. In a quantum computer the idea is to encode information in a pair of Majorana fermions which are separated in the material, which should, in principle, make the calculations immune to decoherence.

In solid state materials they only appear to occur in what are known as topological superconductors - a new type of superconductor that is so new and special that it is hardly ever found in practice. But a research team at Chalmers University of Technology is now among the first in the world to submit results indicating that they have actually succeeded in manufacturing a topological superconductor.

"Our experimental results are consistent with topological superconductivity," says Floriana Lombardi, Professor at the Quantum Device Physics Laboratory at Chalmers.

To create their unconventional superconductor they started with what is called a topological insulator made of bismuth telluride, Be2Te3. A topological insulator is mainly just an insulator - in other words it does not conduct current - but it conducts current in a very special way on the surface. The researchers have placed a layer of a conventional superconductor on top, in this case aluminium, which conducts current entirely without resistance at really low temperatures. "The superconducting pair of electrons then leak into the topological insulator which also becomes superconducting," explains Thilo Bauch, Associate Professor in Quantum Device Physics.

However, the initial measurements all indicated that they only had standard superconductivity induced in the Bi2Te3 topological insulator. But when they cooled the component down again later, to routinely repeat some measurements, the situation suddenly changed - the characteristics of the superconducting pairs of electrons varied in different directions.

"And that isn't compatible at all with conventional superconductivity. Suddenly unexpected and exciting things occurred," says Lombardi.

...

07:33

SEC updates guidance on disclosing cyber breaches The Hill: Technology Policy

Wall Streets top regulator on Wednesday released updated guidance on how public companies should go about disclosing cybersecurity breaches and "risks" to the public. The Securities and Exchange Commissions (SEC) new guidance&...

07:25

Russia-linked Sofacy APT group shift focus from NATO members to towards the Middle East and Central Asia Security Affairs

Experts from Kaspersky highlighted a shift focus in the Sofacy APT groups interest, from NATO member countries and Ukraine to towards the Middle East and Central Asia.

The Russia-linked APT28 group (aka Pawn StormFancy BearSofacySednitTsar Team and Strontium.) made the headlines again, this time security experts from Kaspersky highlighted a shift focus in their interest, from NATO member countries and Ukraine to towards the Middle East and Central Asia.

Sofacy, one of the most active APT we monitor, continues to spearphish their way into targets, reportedly widely phishes for credentials, and infrequently participates in server side activity (including host compromise with BeEF deployment, for example). KSN visibility and detections suggests a shift from their early 2017 high volume NATO spearphish targeting towards the middle east and Central Asia, and finally moving their focus further east into late 2017. states Kaspersky.

The experts analyzed the infections of the Sofacy backdoor tracked as SPLM, CHOPSTICK and X-Agent, the APT group had been increasingly targeting former Soviet countries in Central Asia. The hackers mostly targeted telecoms companies and defense-related organization, primary target were entities in Turkey, Kazakhstan, Armenia, Kyrgyzstan, Jordan and Uzbekistan.

The researchers observed several attacks leveraging the SPLM and the Zebrocy tool between the second and fourth quarters of 2017 against organizations in Asia. The list of targeted countries included China, Mongolia, South Korea and Malaysia.

...

07:22

Astronomers Just Found Some of The Most Massive Black Holes Discovered in Our Universe Lifeboat News: The Blog

A study on dozens of galaxies within several billion light years of our own has revealed black holes that far exceed our expectations on just how big these monsters can grow.

The discovery not only helps us better understand the evolution of our Universes building blocks, it leaves us with a new intriguing question just how do black holes like these get to be so incredibly massive?

By now, the collapsed cores of massive stars known as black holes need no introduction. Weve heard about their cosmic crashes rippling space-time, watched them belch, and expect to capture the closest look yet at their nature very soon.

07:22

Youll want to keep an eye on these 10 breakthrough technologies this year Lifeboat News: The Blog

Dueling neural networks. Artificial embryos. AI in the cloud. Welcome to our annual list of the 10 technology advances we think will shape the way we work and live now and for years to come.

07:18

Meltdown fix committed by guenther@ OpenBSD Journal

Meltdown mitigation is coming to OpenBSD. Philip Guenther (guenther@) has just committed a diff that implements a new mitigation technique to OpenBSD: Separation of page tables for kernel and userland. This fixes the Meltdown problems that affect most CPUs from Intel. Both Philip and Mike Larkin (mlarkin@) spent a lot of time implementing this solution, talking to various people from other projects on best approaches.

In the commit message, Philip briefly describes the implementation:

Read more

07:12

To prevent data breaches, AWS offers S3 bucket permissions check to all users Help Net Security

Amazon Web Services (AWS) has announced that all customers can now freely check whether their S3 buckets are leaking stored data. Previously available only to Business and Enterprise support customers, [the S3 bucket permissions check] identifies S3 buckets that are publicly accessible due to ACLs or policies that allow read/write access for any user, the cloud computing giant noted. The check is available through AWS Trusted Advisor, an online tool that helps users inspect their More

07:10

Twitter cracks down on automated tweets The Hill: Technology Policy

Twitter is cracking down on its users ability to coordinate posting across multiple social media platforms, a move that the company hopes will tamp down on the spread of spam and misinformation.These changes are an important step in ensuring we...

07:04

Life-saving Pacemakers, Defibrillators Can Be Hacked and Turned Off HackRead

By Waqas

Pacemakers and implantable cardioverter defibrillators (ICDs) are lifesaving devices but malicious

This is a post from HackRead.com Read the original post: Life-saving Pacemakers, Defibrillators Can Be Hacked and Turned Off

07:02

DNA data storage system is on the rise find out how to store yours Lifeboat News: The Blog

Scientists from the University of Washington and Microsoft are improving their system for preserving digital data in strands of synthetic DNA and theyre giving you the chance to participate.

The UW-Microsoft team laid out the method in a research paper published this week in Nature Biotechnology.

For the experiment described in the paper, text files as well audio, images and a high-definition music video featuring the band OK Go were first digitally encoded, and then converted into chemical coding that is, adenine, thymine, cytosine and guanine, which make up the ATCG alphabet for DNA base pairs.

07:00

Engineering in the Twilight of Moores Law IEEE Spectrum Recent Content full text

Its all about finding and riding the big waves Illustration: Harry Campbell

illustration Illustration: Harry Campbell

Ive been hearing about the impending end of Moores Law for so many years that Ive become skeptical of all the claims of doom. Like the Little Engine That Could, Moores Law keeps chugging along. Nonetheless, it has definitely reached the huffing and puffing stage.

I was considering upgrading my desktop with a new CPU and motherboard, but new, comparably priced CPUs have about the same clock speed as my 4-year-old model. The newer ones do have more transistors and better architectures, so technical benchmarks show about a 50 percent improvement. Nonetheless, when it comes to everyday applications, the newer models might not exhibit noticeably better performance. Im disappointed because I feel compelled to have the latest stuff at all times.

While transistors are continuing to shrink, its at a slower pace. The technology road map calls for 5-nanometer fabrication by about 2020, but since we cant run those transistors fastermostly because of heat dissipation problemswe will need to find effective ways of using more transistors in lieu of increasing clock speed. And because of increasing fabrication costs, these designs will have to be produced at high volume.

No one knows what electronics will be like in the future. Its hard to think beyond Moores Law. Since the time of the vacuum tube, there has been a century of exponential improvement. When I was a child, I thought that all future designs would simply be different arrangements of tubes, resistors, and capacitors. How little I knew! Im sure that todays budding engineers will feel the same way in the future.

Maybe they will be tinkering with carbon nanotubes, but whatever it is, the huffing and puffing will go on. The little engine will still be climbing the hill.

Meanwhile, I see electronics design as riding a series of waves. For maximum professional opportunity, we just need to find where the big waves are, go there, and enjoy the ride. Right now the biggest waves are to be found in the world of cellphone electronics. As cellphone technology matures and plateaus, we have an enormous reserve in all the meticulously designed, high-volume co...

06:48

Publishing platform Medium suspends far-right figures The Hill: Technology Policy

The online publishing platform Medium has suspended the accounts of prominent far-right figures Mike Cernovich, Jack Posobiec and Laura Loomer.Medium spokesperson Sandee Roston told The Hill that the company does not comment on individual accounts...

06:37

Walking, waiting part of Uber's new service The Hill: Technology Policy

Uber announced Wednesday its latest service will require users to take a short walk at the beginning and end of their rides to secure a faster, cheaper carpool with other riders. Express Pool, the ride-sharing company's new service, is a...

06:30

MIT Extracts Power from Temperature Fluctuations Hackaday

As a civilization, we are proficient with the boil water, make steam method of turning various heat sources into power we feed our infrastructure. Away from that, we can use solar panels. But what if direct sunlight is not available either? A team at MIT demonstrated how to extract power from daily temperature swings.

Running on temperature difference between day and night is arguably a very indirect form of solar energy. It could work in shaded areas where solar panels would not. But lacking a time machine, or an equally improbable portal to the other side of the planet, how did they bring thermal gradient between day and night together?

This team called their invention a thermal resonator: an assembly of materials tuned to work over a specific range of time and temperature. When successful, the device output temperature is out-of-phase with its input: cold in one section while the other is hot, and vice versa. Energy can then be harvested from the temperature differential via conventional thermoelectrics.

Power output of the initial prototype is modest. Given a 10 degree Celsius daily swing in temperature, it could produce 1.3 milliwatt at maximum potential of 350 millivolt. While the Hackaday coin-cell challenge participants and other pioneers of low-power electronics could probably do something interesting, the rest of us will have to wait for thermal resonator designs to evolve and improve on its way out of the lab.

[via Engadget]

06:25

AI being used for malicious purposes, warn experts Lifeboat News: The Blog

From healthcare to warfare, machine-based thinking is revolutionising the way we live, exposing us to the benefits and the risks. Twenty-six world experts in emerging technologies say cybercrime will grow and drones will be misused in the next decade.

06:21

DDR4 Memory Scaling Performance On AMD Raven Ridge / Ryzen 5 2400G Phoronix

While we all know that APUs crave as fast as system memory as possible, with DDR4 memory kits these days easily costing more than the Ryzen 3 2200G and even the Ryzen 5 2400G, here are some reference results when testing the Ryzen 5 2400G under Linux with memory speeds from DDR4-2133MHz to DDR4-3600MHz...

06:20

"The Malicious Use of Artificial Intelligence" Report Warns That AI is Ripe for Exploitation SoylentNews

A report written by academics from institutions including the Future of Humanity Institute, University of Oxford Centre for the Study of Existential Risk, University of Cambridge Center for a New American Security, Electronic Frontier Foundation, and OpenAI warns that AI systems could be misused:

AI ripe for exploitation, experts warn

Drones turned into missiles, fake videos manipulating public opinion and automated hacking are just three of the threats from artificial intelligence in the wrong hands, experts have said.

The Malicious Use of Artificial Intelligence report warns that AI is ripe for exploitation by rogue states, criminals and terrorists. Those designing AI systems need to do more to mitigate possible misuses of their technology, the authors said. And governments must consider new laws.

The report calls for:

  • Policy-makers and technical researchers to work together to understand and prepare for the malicious use of AI
  • A realisation that, while AI has many positive applications, it is a dual-use technology and AI researchers and engineers should be mindful of and proactive about the potential for its misuse
  • Best practices that can and should be learned from disciplines with a longer history of handling dual use risks, such as computer security
  • An active expansion of the range of stakeholders engaging with, preventing and mitigating the risks of malicious use of AI

Original Submission

Read more of this story at SoylentNews.

06:00

Artificial Snakeskin Helps Robots Get Their Slither On IEEE Spectrum Recent Content full text

Harvard researchers are developing robots with deformable scaly skin that can move like snakes Photo: Ahmad Rafsanjani/Bertoldi Group/Harvard University

Snakes have got to be some of the most creatively mobile animals ever evolved. They can move fast. They can move stealthily. Theyre good climbers. Theyre good swimmers. They can squeeze into very small holes. Some of them can even fly, a little bit. And all of this despite looking like a lizard thats missing 100 percent of the limbs that its supposed to have.

Roboticists have been working on snake robots for a long time, primarily with a focus on versatile mobility in constrained spaces. With that in mind, weve seen a variety of limbless robots that can mimic snake gaits fairly well. But its not just the lack of limbs that makes snakes so specialits also their scales. In a new article in Science Robotics this week, researchers from Harvard show how mimicking snake scales with kirigami-inspired deformable materials enabled them to make a limbless soft robot that can crawl by simply inflating and deflating itself over and over.

A snakes scales are all pointed the same direction, providing a substantial amount of favorable friction that makes it easier for the snake to move forwards than it is to move backwards. This makes moving backwards occasionally inconvenient, but it also means that the snake is able to achieve forward motion by generating a wave along its belly that first pulls its scales forwards, and then pushes them backwards. If snakes scales had a symmetrical amount of friction, it would just move forward a little bit and backwards a little bit over and over. But since the scales are effectively slippery when they move one way and sticky when they move the other, the snake is able to move forward as long as it can get some grip on the surface. This is also how bristlebots work, incidentally. 

The Harvard researchers from Katia Bertoldis group leveraged these anisotropic frictional properties of snake scales to turn the repetitive pulsing motion of an inflatable soft robot into forward motion, in much the same way that snakes can crawl forward on their bellies without using their trademark side-to-side slithering motion. In order to make scaly skin, the researchers manufactured a variety of different stretchable plastic sheets, each laser engraved with a unique pattern of flat scales. The pattern was structured such that when the robot inflated...

05:36

[$] Licenses and contracts LWN.net

Some days it seems that wherever two or more free-software enthusiasts gather together, there also shall be licensing discussions. One such, which can get quite heated, is the question of whether a given free-software license is a license, or whether it is really a contract. This distinction is important, because most legal systems treat the two differently. I know from personal experience that that discussion can go on, unresolved, for long periods, but it had not previously occurred to me to wonder whether this might be due to the answer being different in different jurisdictions. Fortunately, it has occurred to some lawyers to wonder just that, and three of them came together at FOSDEM 2018 to present their conclusions.

Subscribers can read on for a report on the talk by guest author Tom Yates.

05:34

AMD_gcn_shader Support Is Being Prepped For RADV Vulkan Phoronix

The Mesa-based open-source "RADV" Radeon Vulkan driver has new patches pending for AMD_gcn_shader support...

05:28

AnyVision's facial recognition cameras are being installed in 'smart cities' everywhere MassPrivateI


Everywhere you turn politicians and corporations are trying to convince the public we need to convert our cities into 'smart cities'.

Last week AnyVision and Nvidia announced that they are working together to put facial recognition cameras in cities across the globe.

"Nvidia has partnered with AI developer AnyVision to create facial recognition technology for 'smart cities' around the world. The two companies will work to install automatic facial recognition into CCTV (closed-circuit television) surveillance cameras". 

AnyVision is an Israel-based company that profits from spying on everyone.

Five months ago, I warned everyone that Nvidia also wants to turn police vehicles into 360 degree facial recognition platforms.

Facial recognition cameras are being used to spy on everyone.

Facial recognition cameras identify marathon runners in real-time

AnyVision claims their facial recognition technology can detect, track and recognize any person of interest with more than 99% accuracy. Their video also claims they can identify marathon runners in real-time.

Soon nowhere will be safe from law enforcement's prying eyes.

"AnyVision utilizes Nvidia hardware to achieve high-speed, real-time face recognition from surveillance video streams. Our system is highly optimized for GPU acceleration allowing us to deliver real-time analysis of streaming data whilst achieving u...

05:13

Coldroot Mac Malware Silently Performs System-Wide Keylogging HackRead

By Waqas

Another day, another malware This time it targets macOS

This is a post from HackRead.com Read the original post: Coldroot Mac Malware Silently Performs System-Wide Keylogging

05:01

Retrotechtacular: The Best Jeep Commercial Ever Hackaday

How often do we find ourselves thankful for advertising? When it comes to Hackadays Retrotechtacular column its actually quite often since it snapshots a moment in culture and technology. Todays offering is a shining example, where we get a great look into vehicular utility of the day that is rarely seen in our modern lives.

In this ad, the case is made for Jeep as farm implement, acting as plow, mower, even post hole digger. As a firefighting implement the announcer boasts that One man with a Jeep can do the work of 100 men with shovels by cutting fire breaks into the soil. Its sold as the workhorse of cemeteries, ranches, county service crews, and anything else their marketing gurus could write into copy. We think the metrics are dubious but certainly the inexpensive build, versatile nature, and need for power equipment across the countryside brought these Jeeps into widespread rural and industrial service in myriad roles.

...

05:00

Poor communication between CEOs and technical officers leads to misalignment Help Net Security

A misalignment between CEOs and technical officers is weakening enterprise cybersecurity postures, according to Centrify. CEOs are incorrectly focused on malware, creating misalignment within the C-suite, which results in undue risk exposure and prevents organizations from effectively stopping breaches. Technical officers (CIOs, CTOs and CISOs) on the front lines of cybersecurity point to identity breaches including privileged user identity attacks and default, stolen or weak passwords as the biggest threat, not malware. As More

05:00

For Tech History Buffs, The Most Interesting Thing About Stephen Colbert's Monologues Is The Wall Behind Him IEEE Spectrum Recent Content full text

A behemoth from the heroic age of power engineering stirs to life in the New York City subways Substation 13 Celia Gorman

On Broadway, a few blocks north of Times Square in New York City, visitors flock to the Ed Sullivan Theater. The theater is currently home to televisions The Late Show with Stephen Colbert , and nearly every week night, Colbert takes to the famous stage to tape a new comedy monologue in front of a live audience. But right around the corner from the illuminated marquee of the Ed Sullivan Theatre, another building draws a steady, if small, crowd of devotees. This building is Substation 13, and its been a vital cog in the running of New Yorks MTA subway system since 1904.

The star attraction of Substation 13 is an enormous rotary convertor weighing 45 tons with a spinning amature 3 meters in diameter, dubbed Rotary #1. Trains in the NYC subway drive their electric motors by tapping a third rail that is energized with 600 volts of direct current. But electricity generated by the power company is transmitted over the grid as alternating current, so the subway must convert this AC power to DC, and do so at wattage levels powerful enough to speed trains full of people beneath the streets. Today, this job is done in Substation 13, and other MTA substations, by nondescript grey cabinets full of solid-state rectifiers. But for decades, it was the job of converters like Rotary #1.

These converters essentially pair an AC motor with a DC generator on the same shaft. AC power at 25 hertz is fed into the enormous windings, the convertor spins at 250 revolutions per minute, and up to 1,500 kilowatts of DC power emerges from the other side. The converter and its connection to the third rail of the subway are controlled using a set of panels, each over 2 meters tall, that are studded with the kind of dials and knife switches that most people associate with the laboratories of old-school mad scientists. Convertors would be spun up and connected to subway lines as required to handle shifting power needs over the course of the day.

Rotary #1 was in operation until 1999, when the local power company stopped supplying 25-hertz AC power. The engineer who took the convertor off-line for the last time was Robert Lobenstein. Lobenstein later was a protagonist in the restoration of Rotary #1, and he now gives tours of Substation 13 (tickets can be obtained via the...

04:55

Flight-Sim Devs Say Hidden Password-Dump Tool Was Used To Fight Pirates SoylentNews

The usually staid world of professional-grade flight simulations was rocked by controversy over the weekend, with fans accusing mod developer FlightSimLabs (FSLabs) of distributing "malware" with an add-on package for Lockheed Martin's popular Prepar3d simulation. The developer insists the hidden package was intended as an anti-piracy tool but has removed what it now acknowledges was a "heavy-handed" response to the threat of people stealing its add-on.

The controversy started Sunday when Reddit user crankyrecursion noticed that FSLabs' Airbus A320-X add-on package was setting off his antivirus scanner. FSLabs had already recommended users turn off their antivirus protection when installing the add-on, so this wasn't an isolated issue.

The reason for the warning, as crankyrecursion found, was that the installer seemed to be extracting a "test.exe" file that matched a "Chrome Password Dump" tool that can be found online. As the name implies, that tool appears to extract passwords saved in the Chrome Web browsernot something you'd expect to find in a flight-sim add-on. The fact that the installer necessarily needs to run with enhanced permissions increased the security threat from the "Password Dump."

[...] In a later update, Kalamaras acknowledges that some users were uncomfortable with "this particular method which might be considered to be a bit heavy-handed on our part." The company promptly released a new installer without the test.exe code included.

FlightSimLabs, a studio that specialises in custom add-ons for other company's flight sims, has been found to be secretly installing a program onto user's computers designed to check whether they're playing a pirated copy of their software.

The codebasically a Chrome password dumping tool was discovered by Reddit user crankyrecursion on February 18, and as TorrentFreak report was designed to trigger "a process through which the company stole usernames and passwords from users' web browsers."

Rather tha...

04:42

Apple speaking with miners directly to buy cobalt: report The Hill: Technology Policy

Apple is reportedly in talks to purchase a long-term supply of cobalt, a metal that serves as a key component in the production of its iPhones and iPads, amid fears of a potential shortage.Bloomberg reports that it could be the first time that...

04:33

04:24

Development On The Chai Mali T700 Open-Source GPU Driver To Resume Phoronix

Last year we covered the work on the project "Chai" as an open-source, reverse-engineered driver for Mali T700 series. After a hiatus, the lead developer is back working on the project...

04:23

[$] Open-source trusted computing for IoT LWN.net

At this year's FOSDEM in Brussels, Jan Tobias Mhlberg gave a talk on the latest work on Sancus, a project that was originally presented at the USENIX Security Symposium in 2013. The project is a fully open-source hardware platform to support "trusted computing" and other security functionality. It is designed to be used for internet of things (IoT) devices, automotive applications, critical infrastructure, and other embedded devices where trusted code is expected to be run.

04:15

Friday Hack Chat: Trusting The Autorouter Hackaday

Ah, the autorouter. Inside every PCB design tool, theres a function called the autorouter. This function, when used correctly, is able to automagically lay traces between pads, producing a perfect board in under a minute. The trouble is, no one uses it. We have been told not to trust the autorouters and we hear a lot of other dire warnings about it. The autorouter never works. The autorouter will put traces everywhere. The autorouter doesnt consider floorplanning, and sometimes youre going to get traces that go right through the edge of your board. Is avoiding the autorouter sound advice?

For this weeks Hack Chat, were talking about trusting the autorouter. The autorouter is just a tool, and like any tool, it will do exactly what you tell it. The problem, therefore, is being smart enough to use the autorouter.

Our guest for this weeks Hack Chat...

04:08

Afraid of AI? We should be Help Net Security

Not (yet!) of a sentient digital entity that could turn rogue and cause the end of mankind, but the exploitation of artificial intelligence and machine learning for nefarious goals. What sorts of AI-powered attacks can we expect to see soon if adequate defenses are not developed? According to a group of 26 experts from various universities, civil society organizations, and think-tanks, the threat landscape can undergo dramatic changes in the next five to ten years. More

04:00

First Intercontinental 5G Trial Begins at Winter Olympics IEEE Spectrum Recent Content full text

The 5G Champion project shows off a 5G link between South Korea and Finland Photo: Emilio Calvanese Strinati/5G Champion Users aboard 5G Champion's demo bus watch an ice hockey game streaming at 5 Gbps from a nearby 5G basestation.

5G report logo, link to report landing page

Olympics fans arriving at South Koreas Gangneung Station on their way to the coastal ice arenas this week are getting a sneak peek at 5G Champion, a pioneering mobile-broadband project two years in the making. This joint EU-Korea ventureled by Frances CEA-Leti and South Koreas Electronics and Telecommunications Research Institutestands out as a quiet contender in what the Games official telecommunications sponsor, KT Corp., has dubbed the first 5G Olympics.

Much ado has been made of KTs own widely-publicized demos, and in pizazz, they did not disappoint. After deploying its 5G trial network at the opening ceremony on Feb. 9 to synchronize in real time 1,200 flickering LED candles forming a giant dove, KT continues to dazzle spectators with display tablets and virtual-reality glasses live-streaming its vision for a 5G future: immersive footage from ski courses and bobsleigh cockpits; 360-degree close-ups of speed skaters and ice dancers; VR trips to hockey games and snowboarding runs.

Performers on the stage form the shape of a dove Photo: Richard Heathcote/Getty Images Performers on the stage form the shape of a dove at the opening ceremony of the Pyeongchang Winter Olympics in South Korea on Feb. 9, 2018.

Like these trial services and others popping up around the globe, 5G Champion (of which KT is one of 21 industry partne...

03:30

Wire bank transfer malware phishing scam hits SWIFT banking system HackRead

By Waqas

Hackers are becoming persistent in phishing scams against banking and

This is a post from HackRead.com Read the original post: Wire bank transfer malware phishing scam hits SWIFT banking system

03:30

3D Printed Skateboard Mount for Bikes Hackaday

[Matt Obal] had a problem. The local skatepark was too far to skateboard, but close enough to bike. Carrying a skateboard on a bicycle is a rather awkward (and unsafe) maneuver. [Matts] answer to the problem is Truck Stop, a bicycle mounted skateboard carrier he developed and is manufacturing himself.

[Matts] work on Truck Stop began about a year ago, with his purchase of a 3D printer. He designed a seat back mounted device that secures the skateboard by wedging between the truck and the board itself. The design is printed in PLA and is hollow. Truck Stops strength comes from being filled with resin and fiberglass cloth.

If youve worked with resin, you probably know that some formulas get hot while they harden. This caused a few melted prints until [Matt] figured out that a dunk in cold water at the right time would allow the resin to complete its hardening process while keeping the heat below the melting temperature of PLA. Hes since switched to a different resin formula that generates less heat.

[Matt] is selling the Truck Stop at his website, and spent quite a bit of time working on a silicon mold so he could cast as many mounts as he wanted. The problem was fiberglass poking through the final cast part. In the end, he decided to stick with the resin filled PLA of his prototypes.

03:23

Solar Roofing Needed to Achieve $0.05/KWh for Residential Solar Power SoylentNews

Residential solar is cheap, but can it get cheaper? Paths to $0.05 per kWh

The price of solar panels has fallen far and fast. But the Energy Department (DOE) wants to bring those costs down even further, especially for residential homes. After all, studies have shown that if every inch of useable rooftop in the US had solar panels on it, the panels could provide about 40 percent of the nation's power demand. Right now, the DOE's goal is residential solar that costs 5 per kilowatt-hour by 2030.

In a new report from the National Renewable Energy Laboratory (NREL), researchers mapped out some possible pathways to that goal. Notably, the biggest barriers to cost reduction appear to be the stubborn "soft costs" of solar installation. Those soft costs include supply chain costs, labor costs, and sales and marketing costs that aren't related to the physical production of solar cells at a factory.

NREL wrote: "Because the 2030 target likely will not be achieved under business-as-usual trends, we examine two key market segments that demonstrate significant opportunities for cost savings and market growth: installing PV at the time of roof replacement and installing PV as part of the new home construction process."

Read more of this story at SoylentNews.

03:12

Man pleads guilty to threatening congressman over net neutrality The Hill: Technology Policy

A New York man pleaded guilty Tuesday to threatening to kill Rep. John Katko (R-N.Y.) if he didnt support net neutrality.Federal prosecutors announced that 28-year-old Patrick Angelo, of Syracuse, N.Y., pleaded guilty to a charge of interstate...

03:12

SkyTorrents Dumps Massive Torrent Database and Shuts Down TorrentFreak

About a year ago we first heard about SkyTorrents, an ambitious new torrent site which guaranteed a private and ad-free experience for its users.

Initially, we were skeptical. However, the site quickly grew a steady userbase through sites such as Reddit and after a few months, it was still sticking to its promise.

We will NEVER place any ads, SkyTorrents operator informed us last year.

The site will remain ad-free or it will shut down. When our funds dry up, we will go for donations. We can also handover to someone with similar intent, interests, and the goal of a private and ad-free world.

In the months that followed, these words turned out to be almost prophetic. It didnt take long before SkyTorrents had several million pageviews per day. This would be music to the ears of many site owners but for SkyTorrents it was a problem.

With the increase in traffic, the server bills also soared. This meant that the ad-free search engine had to cough up roughly $1,500 per month, which is quite an expensive hobby. The site tried to cover at least part of the costs with donations but that didnt help much either.

This led to the rather ironic situation where users of the site encouraged the operator to serve ads.

Everyone is saying they would rather have ads then have the site close down, one user wrote on Reddit last summer. I applaud you. But there is a reason why every other site has ads. Its necessary to get revenue when your customers dont pay.

The sites operator was not easily swayed though, not least because ads also compromise peoples privacy. Eventually funds dried up and now, after the passing of several more months, he has now decided to throw in the towel.

It was a great experience to serve and satisfy people around the world, the sites operator says.

The site is not simply going dark though. While the end has been announced, the sites operator is giving people the option to download and copy the sites database of more than 15 million torrents.

Backup

Thats 444 gigabytes of .torrent files for all the archivists out there. Alternatively, the site also...

03:09

Conservatives say they've lost thousands of followers on Twitter The Hill: Technology Policy

Conservative Twitter users are speaking out about a loss in followers after Twitter reportedly suspended thousands of accounts.Twitter has yet to announce the purge, but there is speculation that the action was part of...

03:02

Poll: Majority unlikely to use self-driving cars The Hill: Technology Policy

A majority of Americans are not likely to use self-driving vehicles, according to a new survey. A Gallup poll released Wednesday found that 54 percent of Americans said they are unlikely to utilize self-driving cars, while a...

03:00

Aadhaar, Indias Biometric ID System, Gets Its Day in Court IEEE Spectrum Recent Content full text

With a billion people registered, Indias Supreme Court weighs in on how these 12-digit IDs can be used Photo: Noah Seelam/AFP/Getty Images

/image/MzAyMDYwNQ.jpeg
Photo: Noah Seelam/AFP/Getty Images ID, Please: A citizen presents an identification card with his Aadhaar number, which is linked to 10 fingerprints, two iris scans, and a photograph.    

In January, justices of the Supreme Court of India gathered to discuss the countrys national identification system, called Aadhaar. Since 2010, authorities have enrolled 1.19 billion residents, or about 93 percent of Indias population, in the system, which ties fingerprints, iris scans, and photos of Indian citizens to a unique 12-digit number.

Almost a decade later, India is still grappling with the technical, legal, and social challenges of launching the worlds most ambitious government identification program. Aadhaars reach and ubiquity has made it a tempting vehicle for centralizing activity, including welfare payments and mobile number registrations. But it has also raised major privacy and security issues.

The Indian governments original argument for Aadhaar was to replace paper ration cards for food entitlements [see Indias Big Bet on Identity, IEEE Spectrum, March 2012]. The old system excluded citizens who could not obtain a card from corrupt local officials, and members of families whose heads of household did not share benefits with them. Individuals, rather than households, now have Aadhaar numbers, and obtaining one is free at any enrollment office in the country.

In the years since the program began, banks, mobile operators, and the government itself have started to require Aadhaar authentication to access services, even though Indias Supreme Court has found that the government cannot force citizens to use Aadhaar to obtain entitlements.

The case now before the countrys highest court, which was ongoing at press time, combines almost three dozen petitions arguing that Aadhaar violates a constitutional right to privacy and interferes with access to entitlements. While some of the petitions challenge the entire Aadhaar Act, others focus on a government requirement to use Aadhaar to verify a...

02:43

Security updates for Wednesday LWN.net

Security updates have been issued by Arch Linux (libmspack), Debian (zziplib), Fedora (ca-certificates, firefox, freetype, golang, krb5, libreoffice, monit, patch, plasma-workspace, ruby, sox, tomcat, and zziplib), openSUSE (dovecot22, glibc, GraphicsMagick, libXcursor, mbedtls, p7zip, SDL_image, SDL2_image, sox, and transfig), Red Hat (chromium-browser), and Ubuntu (cups, libvirt, and qemu).

02:33

Nouveau's NIR Support Inches Closer To TGSI Quality Phoronix

Longtime Nouveau contributor Karol Herbst joined Red Hat at the end of last year where his current task is on NIR intermediate representation support for Nouveau as part of bringing SPIR-V compute support to this open-source NVIDIA Linux driver...

02:29

Friday Free Software Directory IRC meetup: February 23rd at 12:00 p.m. EST/17:00 UTC FSF blogs

Participate in supporting the Directory by adding new entries and updating existing ones. We will be on IRC in the #fsf channel on irc.freenode.org.

While the Directory has been and continues to be a great resource to the world for over a decade now, it has the potential to be a resource of even greater value. But it needs your help!

We are back with another classic week of adding new entries to the Directory.

If you are eager to help, and you can't wait or are simply unable to make it onto IRC on Friday, our participation guide will provide you with all the information you need to get started on helping the Directory today! There are also weekly Directory Meeting pages that everyone is welcome to contribute to before, during, and after each meeting.

02:25

Trying Out Google's Machine Learning Ads Phoronix

Google's "Auto Ads" now make use of machine learning for the placement and selection of ads on the site...

02:01

The King of Machine Tools Hackaday

The lathe is known as the King of Machine Tools for a reason. There are very few things that you cant make with one. In fact, people love to utter the old saw that the lathe is the only machine tool that can make itself. While catchy, I think thats a bit disingenuous. Its more accurate to say that there are parts in all machine tools that (arguably) only a lathe can make. In that sense, the lathe is the most fundamental machine tool. Before you harbor dreams of self-replication, however, know that most of an early lathe would be made by hand scraping the required flat surfaces. So no, a lathe cant make itself really, but a lathe and a skilled craftsperson with a hand-scraper sure can. In fact, if youve read the The Metal Lathe by David J. Gingery, you know that a lathe is instrumental in building itself while youre still working on it.

Were taking trip through the machining world with this series of articles. In the previous article we went over the history of machine tools. Lets cut to the modern chase now and help some interested folks get into the world of hobby machining, shall we? As we saw last time, the first machine tools were lathes, and thats also where you should start.

Precision Inception

With that bit of pedantry out of the way, lets talk about why lathes are fundamental. Remember how I said that machine tools cleverly create parts that have greater precision than they themselves do? The lathe is the primary example of that.

...

01:58

Clear Linux Is The Latest Distribution Figuring Out What To Do With Python 2 Phoronix

While Python 3 has been around now for a decade, most Linux distributions are still working towards moving away from Python 2 and that includes Intel's Clear Linux distribution...

01:50

Bigelow Aerospace Forms New Company to Manage Space Stations, Announces Gigantic Inflatable Module SoylentNews

Bigelow Aerospace has created a spinoff company that will manage its orbital space stations, and has announced plans for an inflatable module that would be even larger than the B330:

Bigelow Aerospace the Las Vegas-based company manufacturing space habitats is starting a spinoff venture aimed at managing any modules that the company deploys into space. Called Bigelow Space Operations (BSO), the new company will be responsible for selling Bigelow's habitats to customers, such as NASA, foreign countries, and other private companies. But first, BSO will try to figure out what kind of business exists exactly in lower Earth orbit, the area of space where the ISS currently resides.

Bigelow makes habitats designed to expand. The densely packed modules launch on a rocket and then inflate once in space, providing more overall volume for astronauts to roam around. The company already has one of its prototype habitats in orbit right now: the Bigelow Expandable Activity Module, or BEAM, which has been attached to the International Space Station since 2016. The BEAM has proven that Bigelow's expandable habitat technology not only works, but also holds up well against the space environment.

Now, Bigelow is focusing on its next space station design: the B330. The habitat is so named since it will have 330 cubic meters (or nearly 12,000 cubic feet) of interior volume when expanded in space. That's about one-third the volume provided by the ISS. Bigelow hopes to launch two B330s as early as 2021, on top of the United Launch Alliance's Atlas V rockets, and the company even has plans to put a B330 around the Moon. After that, Bigelow has bigger plans to create a single station with 2.4 times the entire pressurized volume of the ISS, the company announced today. Such a huge station will need to be constructed in an entirely new manufacturing facility that Bigelow plans to build though the company hasn't decided on a location yet.

Bigelow's BEAM is currently attached to the ISS and has a volume of about 16 cubic meters, which has been described as that of "a large closet with padded white walls". The B330 will have 330 cubic meters of pressurized volume. The newly proposed module is called the...

01:46

Whitepaper: What is GDPR and what does your organisation need to do to comply? Help Net Security

On May 25, the General Data Protection Regulation will bring sweeping changes to data security in the European Union. If your organisation collects personal data or behavioural information from anyone in an EU country, its subject to GDPR requirements. Wherever your team stands on its path to readiness, this whitepaper will help you better understand GDPR and your companys compliance obligations. Download the document for insights as you prepare, including the steps to put a More

01:31

New Quantum Crypto Scheme Looks Ahead to "Quantum Internet" IEEE Spectrum Recent Content full text

A new quantum key distribution method uses a quantum state with the potential to encode more than one bit per photon Image: iStock Photo

Chinese researchers have put forward a new quantum cryptography standard that could, if confirmed, substantially increase the speed of encrypted messages. The proposed new standard has been simulated on computers although not yet tested in the lab.

Quantum cryptography, the next-generation of secret messages whose secrecy is guaranteed by the laws of quantum mechanics, has been in the news recently. Last fall a group from the Chinese Academy of Sciences transmitted quantum cryptographically encoded communications (via satellite) to a ground station in Vienna, Austria.

The communications included quantum-encoded images and a 75-minute quantum-cryptographically secured videoconference, consisting of more than 2 gigabytes of data. IEEE Spectrum reported on the event at the time. And now, as of last month, the entire project has been detailed in the journal Physical Review Letters.

Media coverage of the event stressed its significance in moving toward a so-called quantum Internet. Yet the quantum internet would still be a distant dream when quantum cryptography can only mediate one or, at most, a few quantum-secured communications channels. To scale up to anything worthy of the name quantum Internet, quantum cryptography would need to generate not only thousands of cryptographic keys per second. Rather, a scalable quantum crypto system should aspire to key-generation rates closer to billions per second or greaterin the gigahertz (GHz) range and up, not kilohertz (kHz).

Theoretically we can get gigahertz levels of quantum key distribution, says Pei Zhang, professor of applied physics at Xian Jiaotong University in Xian, China.

Zhang and five other researchers from his university and Tsinghua University in Beijing have built a quantum crypto protocol on a different and potentially more capacious standard than what last falls video teleconference used. (To be fair, other GHz-speed quantum crypto protocols have recently been proposed as well.)

The teleconference, mediated by a dedicated quantum communications satellite China launched in August 2016, was secured by a kilohertz-speed quantum encoder that gener...

01:30

Protecting Code Integrity with PGP Part 2: Generating Your Master Key

Title: 
Protecting Code Integrity with PGP Part 2: Generating Your Master Key

01:11

SEC Consult SA-20180221-0 :: Hijacking of arbitrary miSafes Mi-Cam video baby monitors Bugtraq

Posted by SEC Consult Vulnerability Lab on Feb 21

We have published an accompanying blog post to this technical advisory with
further information:

https://www.sec-consult.com/en/blog/2018/02/internet-of-babies-when-baby-monitors-fail-to-be-smart/index.html

SEC Consult Vulnerability Lab Security Advisory < 20180221-0 >
=======================================================================
title: Hijacking of arbitrary video baby monitors
product: miSafes Mi-Cam...

01:11

AMD Launches EPYC Embedded 3000 & Ryzen Embedded V1000 Series Phoronix

AMD is taking their Zen microarchitecture to the embedded space now with the announcement of the AMD Launches EPYC Embedded 3000 and Ryzen Embedded V1000 series...

00:56

Control Flow Integrity, a fun and innovative Javascript Evasion Technique Security Affairs

Javascript evasion technique Security Expert Marco Ramilli detailed a fun and innovative way to evade reverse-engineering techniques based on Javascript technology.

Understanding the real code behind a Malware is a great opportunity for Malware analysts, it would increase the chances to understand what the sample really does. Unfortunately it is not always possible figuring out the real code, sometimes the Malware analyst needs to use tools like disassemblers or debuggers in order to guess the real Malware actions. However when the Sample is implemented by interpreted code such as (but not limited to): Java, Javascript, VBS and .NET there are several ways to get a closed look to the code.
Unfortunately attackers know what the analysis techniques are and often they implement evasive actions in order to reduce the analyst understanding or to make the overall analysis harder and harder. An evasive technique could be implemented to detect if the code runs over a VM or it could be implemented in order to run the code only on given environments or it could be implemented to avoid debugging connectors or again to evade reverse-engineering operations such as de-obfuscations techniques. Today post is about that, Id like to focus my readers attention on a fun and innovative way to evade reverse-engineering techniques based on Javascript technology.
Javascript is getting day-by-day more important in term of attack vector, it is often used as a dropper stage and its implementation is widely influenced by many flavours and coding styles but as a bottom line, almost every Javascript Malware is obfuscated. The following image shows an example of obfuscated javascript payload (taken from one analysis of mine).

 

Example: Obfuscated Javascript

 

As a first step the Malware analyst would try to de-obfuscate such a code by getting into it. Starting from simple cut and paste to more powerful substitution scripts the analyst would try to rename functions and variables in order to split complexity and to make clear what code sections do. But in Javascript there is a nice way to get the callee function name which could be used...

00:17

OpenStreetMap May be in Serious Trouble SoylentNews

Serge Wroclawski, a long-time contributor to OpenStreetMap, has posted a criticism of the management choices he believes are preventing the OpenStreetMap Foundation from fulfilling its mission (much like the Wikimedia Foundation):

I feel the OpenStreetMap project is currently unable to fulfill that mission due to poor technical decisions, poor political decisions, and a general malaise in the project. I'm going to outline in this article what I think OpenStreetMap has gotten wrong. It's entirely possible that OSM will reform and address the impediments to its success- and I hope it does. We need a Free as in Freedom geographic dataset.


Original Submission

Read more of this story at SoylentNews.

00:00

A Look Into the Kubernetes Master Components

This blog post looks at the most important control plane components of a single Kubernetes master node etcd, the API server, the scheduler and the controller manager and explains how they work together. Although other components, such as DNS and the dashboard, come into play in a production environment, the focus here is on these specific four.

AT&T Puts Smart City IoT 'Edge' Computing On Direct Dial

Technology platforms in the post-millennial era are heavily characterized by their use of automation and optimization techniques. As we increasingly analyze our software in order to quantify and qualify what applications and data workloads work well in situation A, we can start to automate an element of other software deployments with managed optimized controls in situation B.

00:00

Even with cloud providers implementing defenses, glaring weaknesses remain Help Net Security

A new report from RedLock offers a look at the threats and vulnerabilities that continue to mount in public cloud computing environments. Account compromises keep rising Poor user and API access hygiene, combined with ineffective visibility and user activity monitoring, are causing organizations to be more vulnerable to breaches. For example, 73% of organizations allow the root user account to be used to perform activities behavior that goes against security best practices. Furthermore, 16% More

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Wednesday, 21 February

23:50

Andra Keay, Managing Director of Silicon Valley Robotics, joins our Robotics/AI Board. Lifeboat News

Andra Keay, Managing Director of Silicon Valley Robotics, joins our Robotics/AI Board.

23:22

F. Marek Modzelewski, General Manager at Treeline Interactive, joins our Business Board. Lifeboat News

F. Marek Modzelewski, General Manager at Treeline Interactive, joins our Business Board.

23:00

10 Breakthrough Technologies for 2018

Dueling neural networks. Artificial embryos. AI in the cloud. Welcome to our annual list of the ten technology advances we think will shape the way we work and live now and for years to come.

23:00

Learning The 555 From The Inside Hackaday

One way to understand how the 555 timer works and how to use it is by learning what the pins mean and what to connect to them. A far more enjoyable, and arguably a more useful way to learn is by looking at whats going on inside during each of its modes of operation. [Dejan Nedelkovski] has put together just such a video where he walks through how the 555 timer IC works from the inside.

We especially like how he immediately removes the fear factor by first showing a schematic with all the individual components but then grouping them into what they make up: two comparators, a voltage divider, a flip-flop, a discharge transistor, and an output stage. Having lifted the internals to a higher level, he then walks through examples, with external components attached, for each of the three operating modes: bistable, monostable and astable. If youre already familiar with the 555 then youll enjoy the trip down memory lane. If youre not familiar with it, then you soon will be. Check out his video below.

This isnt the only time weve toyed with the guts of this wonderful chip. A few years ago we were all delighted with this mega-sized discrete 555 kit and a little more recently, this teardown of the actual chip.

22:44

Leaning Tower of NASA SoylentNews

NASA's nearly billion-dollar mobile launcher tower for the Space Launch System (SLS) is leaning, and may be discarded after a single use:

[The "mobile launcher" component] supports the testing and servicing of the massive SLS rocket, as well as moving it to the launch pad and providing a platform from which it will launch.

According to a new report in NASASpaceflight.com, the expensive tower is "leaning" and "bending." For now, NASA says, the lean is not sufficient enough to require corrective action, but it is developing contingency plans in case the lean angle becomes steeper.

These defects raise concerns about the longevity of the launch tower and increase the likelihood that NASA will seek additional funding to build a second one. In fact, it is entirely possible that the launch tower may serve only for the maiden flight of the SLS rocket in 2020 and then be cast aside. This would represent a significant waste of resources by the space agency.

[...] [From] the tower's inception in 2009, NASA will have spent $912 million on the mobile launcher it may use for just a single launch of the SLS rocket. Moreover, the agency will have required eight years to modify a launch tower it built in two years.

The second mobile launcher, intended for larger versions of the SLS, will cost about $300 million (if not more).

Related: Maiden Flight of the Space Launch System Delayed to 2019
Trump Space Adviser: Mars "Too Ambitious" and SLS is a Strategic National Asset
NASA Opens Door to Possibly Lowering SLS Cost Using Blue Origin's Engines
After the Falcon Heavy Launch, Time to Defund the Space Launch System?


Original Submission

Read more of this story at SoylentNews.

22:29

Sharutils 4.15.2 Heap-Buffer-Overflow Bugtraq

Posted by nafiez on Feb 21

Unshar scans the input files (typically email messages) looking for the start of a shell archive. If no files are
given, then standard input is
processed instead. Shipped along with Sharutils.

Bug was found with AFL. Password: abc123

=================================================================
==11164==ERROR: AddressSanitizer: heap-buffer-overflow on address
0xb5901100 at pc 0x0804c695 bp 0xbfe86f28 sp 0xbfe86f18
READ of size 1 at...

22:24

Sharutils 4.15.2 Heap-Buffer-Overflow Bugtraq

Posted by nafiez on Feb 21

Unshar scans the input files (typically email messages) looking for the
start of a shell archive. If no files are given, then standard input is
processed instead. Shipped along with Sharutils.

Bug was found with AFL.

=================================================================
==11164==ERROR: AddressSanitizer: heap-buffer-overflow on address
0xb5901100 at pc 0x0804c695 bp 0xbfe86f28 sp 0xbfe86f18
READ of size 1 at 0xb5901100 thread T0...

22:12

Oliver Isaacs joins our New Money Systems Board. Oliver is Marketing Advisor for Cryptocurrency, Blockchain, and ICOs. Lifeboat News

Oliver Isaacs joins our New Money Systems Board. Oliver is Marketing Advisor for Cryptocurrency, Blockchain, and ICOs.

22:02

Will We Ever Be Able to Upload a Mind to a New Body? Lifeboat News: The Blog

The Netflix series takes place hundreds of years in the future, but references versions of technology that have been in development for years, like brain mapping, human and AI neural links, and mind uploading to computers. Millions of dollars has been bumped into technological ideas that promise, one day, our brains will be turned digital. That said, there are those who believe the human mind is too complex, and our consciousness too nuanced, to be recreated in a digital product. And none of that even goes into what would happen if someones digitized mind was placed into real human flesh.

Will we ever be able to upload our minds into other bodies? Furthermore, should we? And honestly, if we ever achieved such a feat, could we even call ourselves human anymore? On this weeks Giz Asks, we reached out to experts in neuroscience, philosophy and futurism.

22:00

Choosing a Tool to Track and Mitigate Open Source Security Vulnerabilities

To successfully deal with open source security, you need your developers (and DevOps teams) to operate the solution. Given the fast pace of modern development, boosted in part by the use of open source itself, an outnumbered security team will never be able to keep you secure. Therefore, the SCA solution you choose must be designed for developers to be successful with.

22:00

Intel GLSL On-Disk Shader Cache Enabled By Default Phoronix

For Mesa 18.0 is the initial Intel shader cache support for archiving compiled GLSL shaders on-disk to speed up the load times of subsequent game loads and other benefits. For the Mesa 18.0 release the functionality isn't enabled by default but it will be for Mesa 18.1...

21:51

Rumour: European Patent Office to Lay Off a Significant Proportion of Its Workforce Techrights

While Team Battistelli gives itself major bonuses

Unlock
Just dont mention anything about luxury cars of top-level management or bars built secretly at the 10th floor (among other ludicrous spendings on media influence, Eurovision-type festivals, plenty of personal bodyguards and so on)

Summary: While the Administrative Council of the EPO praises Battistelli for his financial accomplishments (as laughable as it may seem) a lot of families stuck in a foreign country may soon see their breadwinner unemployed, according to rumours

THE EPO is in trouble/peril; insiders started to insinuate that something wrong and very major was brewing at the Office yesterday. Weve waited long enough and we now hear it from multiple sources. So here it goes.

According to rumours heard at the EPOs canteen, one source told us, the EPO seems to be planning dismissals of 700 to 1000 employees.

If they have as much money as they claim, why would the Office shrink this much?This does not surprise us. We wrote about layoffs just earlier this week and many imminent changes seem to be hinting at that. Battistelli is just planting the seeds of catastrophe, which no doubt already causes super-hard-working examiners to panic.

Now that we hear these things we cant help but recall some recent comments. One such comment said that the only bells to which the Administrative Council of the EPO usually reacts to are the cash register bells operated by Mr. Battistelli.

What cash register?

If they have as much money as they claim, why would the Office shrink this much? This is unprecedented; the Office grew over time rather than shrink.

Here is another interesting new comment:

If the Freie Whler stand up and file a pretty sensible and non-ideological resolution like this one, then I would not be surprised if it will actually be passed by...

21:38

MIPS Gets Spectre Variant Two Mitigation In LLVM Phoronix

Besides x86_64, we have seen Spectre mitigation work happen recently for ARM, POWER, and IBM s390, but no prominent MIPS activity to report until now...

21:32

Samsung unveils massive 30.72TB SSD, largest capacity SSD ever TechWorm

Samsung unveils worlds largest 30.72TB capacity SSD for enterprise storage systems

Samsung Electronics, the world leader in advanced memory technology, unveiled its largest 30.72 terabyte (TB) solid state drive (SSD) for use in in next-generation enterprise storage systems.

The 30.72TB SSD, dubbed the PM1643, is double the capacity of Samsungs current 15.36TB SSD that it unveiled in March 2016. Not intended for consumer use, the new SSD is designed to meet the growing storage needs in a host of market segments, including the government, health and education markets, and others.

With our launch of the 30.72TB SSD, we are once again shattering the enterprise storage capacity barrier, and in the process, opening up new horizons for ultra-high capacity storage systems worldwide, said Jaesoo Han, Executive Vice President, Memory Sales & Marketing Team at Samsung Electronics. Samsung will continue to move aggressively in meeting the shifting demand toward SSDs over 10TB and at the same time, accelerating adoption of our trail-blazing storage solutions in a new age of enterprise systems.

Samsung claims the product is the industrys largest solid state drive (SSD). To make the breakthrough possible, Samsung used its V-NAND technology and 64-layer 3-bit 512-gigabit (Gb) chips. It combined 16 stacked layers of 512GB V-NAND chips into 1TB into super-dense 1TB packages, of which 32 were then combined into each 2.5-inch SSD form factor. This allows around 5,700 (5GB, Full HD) movie files and countless files to be stored on a single drive.

The new PM1643 SSD is based on a 12Gbps Serial Attached SCSI (SAS) interface. The PM1643 sports random read and write speeds of up to 400,000 IOPS and 50,000 IOPS, and delivers sequential read and write speeds of up to 2,100MB/s and 1,700 MB/s, respectively. These are basically four times the random-read performance and three times the sequential-read performance of a typical 2.5-inch SATA SSD, Samsung said.

Samsung said it achieved the new capacity and performance improvements through several technology progressions in the design of its controller, DRAM packaging and associated software. These advancements include a highly efficient controller architecture that integrates nine controllers from the previous high-capacity SSD lineup into a single package, enabling a greater amount of space within the SSD to be used for storage. The PM1643 drive also applies Through Silicon Via (TSV) technology to interconnect 8Gb DDR4 chips, creating 10 4GB TSV DRAM packages, totaling 40GB of DRAM. This marks the first time that TSV-applied DRAM has been used in an SSD, Samsung added.

The new SSD comes with a five-year warranty, rated for one full...

21:22

Cryptocurrencies Could Drop To Near-Zero Any Time, Warns Ethereum Founder Vitalik Buterin TechWorm

Cryptocurrency not a sound long-term investment, cautions Ethereum Founder Vitalik Buterin

More and more people are looking to invest in cryptocurrency, as it is currently seen as one of the best investment opportunity in the market. For instance, Bitcoin the virtual currency also called as cryptocurrency started off at the price of $1,000 in January 2017 and has now crossed the $11,000 mark as of yesterday.

While investing in Bitcoin or any other cryptocurrency does sound promising, however, these markets are highly unpredictable because of its volatile nature.

In a tweet over last weekend, Vitalik Buterin, the founder of blockchain network Ethereum and its associated cryptocurrency (ether), warned investors that cryptocurrency could fall violently at any time, as cryptocurrencies are still a new and hyper-volatile asset class. He also warned people to think twice before throwing their entire life savings into virtual coins.

Bitcoin, Ethereum, Ripple, Litecoin and other cryptocurrencies could drop to near-zero at any time, Buterin said on Twitter. Dont put in more money than you can afford to lose, he added. If youre trying to figure out where to store your life savings, traditional assets are still your safest bet.

This is not the first time Buterin has warned cryptocurrency investors about its dangers. Back in December 2017, he warned investors about bubbles and volatility in the high-flying digital currency market. He also criticized some crypto players for displaying their newfound wealth, and said that they should instead be thinking about how to use the technology for achieving something meaningful for society.

The last 12 months has witnessed the value of Bitcoin rising from $1,000 to nearly $20,000, before falling below $6,000 in early 2018 and then again crossing the $11,000 mark yesterday. Similarly, one ether coin that was around $13 a year ago is now worth $950. However, the last couple of months has also seen a fluctuation in the value of ether coin, which has hit high of $1,400 as well a low of $580.

 

The post Cryptocurrencies Could Drop To Near-Zero Any Time...

21:11

Godot Working On Ramping Up Their VR Support Phoronix

With the recent release of Godot 3.0 there is an OpenVR module, but that's just the beginning of this open-source 3D game engine in supporting virtual reality...

21:11

Samsung Announces a 30.72 TB 2.5" SSD SoylentNews

Samsung has announced a 30.72 TB SSD. It uses 64-layer 512 Gb TLC NAND dies, with 16 of each stacked to make a 1 TB package. It has 40 GB of DDR4 DRAM cache, also using layered packages:

The PM1643 drive also applies Through Silicon Via (TSV) technology to interconnect 8Gb DDR4 chips, creating 10 4GB TSV DRAM packages, totaling 40GB of DRAM. This marks the first time that TSV-applied DRAM has been used in an SSD.

Complementing the SSD's hardware ingenuity is enhanced software that supports metadata protection as well as data retention and recovery from sudden power failures, and an error correction code (ECC) algorithm to ensure high reliability and minimal storage maintenance. Furthermore, the SSD provides a robust endurance level of one full drive write per day (DWPD), which translates into writing 30.72TB of data every day over the five-year warranty period without failure. The PM1643 also offers a mean time between failures (MTBF) of two million hours.

Samsung started manufacturing initial quantities of the 30.72TB SSDs in January and plans to expand the lineup later this year with 15.36TB, 7.68TB, 3.84TB, 1.92TB, 960GB and 800GB versions to further drive the growth of all-flash-arrays and accelerate the transition from hard disk drives (HDDs) to SSDs in the enterprise market.

Also at Ars Technica and The Verge.

Related: SK Hynix Plans 72-Layer 512 Gb NAND for Late 2017
SK Hynix Developing 96 and 128-Layer TLC 3D NAND
Western Digital Announces 96-Layer 3D NAND, Including Both TLC and QLC
Toshiba Develops 512 GB and 1 TB Flash Chips Using TSV
Expect 20-30% Cheaper NAND in Late 2018


Original Submission

Read more of this story at SoylentNews.

21:00

Choosing Project Names: 4 Key Considerations

Names set expectations. Your project's name should showcase its functionality in the ecosystem and explain to users what your story is. In the crowded open source software world, it's important not to get entangled with other projects out there. Taking a little extra time now, before sending out that big announcement, will pay off later.

Here are four factors to keep in mind when choosing a name for your project.

20:00

An Especially Tiny And Perfectly Formed FM Bug Hackaday

It used to be something of an electronic rite of passage, the construction of an FM bug. Many of us will have taken a single RF transistor and a tiny coil of stiff wire, and with the help of a few passive components made an oscillator somewhere in the FM broadcast band. Connect up a microphone and you were a broadcaster, a prankster, and probably set upon a course towards a life in electronics. Back in the day such a bug might have been made from components robbed from a piece of scrap consumer gear such as a TV or VCR, and perhaps constructed spider-web style on a bit of tinplate. It wouldnt have been stable and it certainly wouldnt have been legal in many countries but the sense of achievement was huge.

As you might expect with a few decades of technological advancement, the science of FM bugs has moved with the times. Though you can still buy the single transistor bugs as kits there is a whole range of fancy chips designed for MP3 players that provide stable miniature transmitters with useful features such as stereo encoders. Thats not to say there isnt scope for an updated simple bug too though, and here [James] delivers the goods with his tiny FM transmitter.

Gone is the transistor, and in its place is a MAX2606 voltage-controlled oscillator. The on-chip varicap and buffer provided by this device alleviate some of the stability issues suffered by the transistor circuits, and to improve performance further hes added an AP2210 low-dropout regulator to catch any power-related drift. If it were ours wed put in some kind of output network to use both sides of the differential output, but his single-ended solution at least offers simplicity. The whole is put on a board so tiny as to be dwarfed by a CR2032 cell, and we can see that a bug that size could provide hours of fun.

This may be a small and simple project, but it has found its way here for being an extremely well-executed one. Its by no means the first FM bug weve shown you here, just a few are this one using scavenged SMD cellphone parts, or this more traditional circuit built on a piece of stripboard.

19:38

Great Storms of Jupiter and Neptune Are Disappearing SoylentNews

The most famous atmospheric features of both Jupiter and Neptune may be gone soon:

When we think of storms on the other planets in our Solar System, we automatically think of Jupiter. Jupiter's Great Red Spot is a fixture in our Solar System, and has lasted 200 years or more. But the storms on Neptune are different: they're transient.

[...] "It looks like we're capturing the demise of this dark vortex, and it's different from what well-known studies led us to expect," said Michael H. Wong of the University of California at Berkeley, referring to work by Ray LeBeau (now at St. Louis University) and Tim Dowling's team at the University of Louisville. "Their dynamical simulations said that anticyclones under Neptune's wind shear would probably drift toward the equator. We thought that once the vortex got too close to the equator, it would break up and perhaps create a spectacular outburst of cloud activity."

Rather than going out in some kind of notable burst of activity, this storm is just fading away. And it's also not drifting toward the equator as expected, but is making its way toward the south pole. Again, the inevitable comparison is with Jupiter's Great Red Spot (GRS). The GRS is held in place by the prominent storm bands in Jupiter's atmosphere. And those bands move in alternating directions, constraining the movement of the GRS. Neptune doesn't have those bands, so it's thought that storms on Neptune would tend to drift to the equator, rather than toward the south pole.

Neptune's Great Dark Spot may not have the support of atmospheric storm bands, but Jupiter's Great Red Spot is also on the decline:

A ferocious storm has battered Jupiter for at least 188 years. From Earth, it is observed as red swirling clouds racing counter-clockwise in what is known as the planet's "Great Red Spot." But after shrinking for centuries, it may now be on the brink of disappearing for good.

"In truth, the GRS [Great Red Spot] has been shrinking for a long time," lead Juno mission team member and planetary scientist at NASA's Jet Propulsion Laboratory Glenn Orton told Business Insider in an email. "The GRS will in a decade or two become the GRC (Great Red Circle). Maybe sometime after that the GRM"the Great Red Memory.


Original Submission

...

19:07

Pirate Site Admin Sentenced to Two Years Prison & 83.6 Million Damages TorrentFreak

Way back in 2011, Streamiz was reported to be the second most popular pirate streaming site in France with around 250,000 visitors per day. The site didnt host its own content but linked to movies elsewhere.

This prominent status soon attracted the attention of various entertainment companies including the National Federation of Film Distributors (FNDF) which filed a complaint against the site back in 2009.

Investigators eventually traced the presumed operator of the site to a location in the Hauts-de-Seine region of France. In October 2011 he was arrested leaving his Montrouge home in the southern Parisian suburbs. His backpack reportedly contained socks stuffed with almost 30,000 euros in cash.

The man was ordered to appear before the investigating judge but did not attend. He also failed to appear during his sentencing this Monday, which may or may not have been a good thing, depending on ones perspective.

In his absence, the now 41-year-old was found guilty of copyright infringement offenses and handed one of the toughest sentences ever in a case of its type.

According to an AFP report, when the authorities can catch up with him the man must not only serve two years in prison but also pay a staggering 83.6 million euros in damages to Disney, 20th Century Fox, Warner Bros and SACEM, the Society of Authors, Composers and Music Publishers.

Streamiz is now closed but at its peak offered around 40,000 movies to millions of users per month. In total, the site stood accused of around 500,000,000 infringements, earning its operator an estimated 150,000 euros in advertising revenue over a two year period.

This is a clear case of commercial counterfeiting based on a very structured system, David El Sayegh, Secretary General of SACEM, told AFP. His sentence sends a very clear message: there will be no impunity for pirates, he added.

With an arrest warrant still outstanding, the former Streamiz admin is now on the run with very few options available to him. Certainly, the 83.6 million euro fine wont ever be paid but the prison sentence is something he might need to get behind him.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

...

19:00

Thunderbird Spotted in Alaska? Terra Forming Terra




I am more impressed by just how rarely this creature is seen.  This publicity sprang just one other sighting covering at least a generation.  In fact all our sightings are low and easily identifiable.   My own sighting of a putative Marsh Hawk back in the day could more properly be described as a juvenile Thunder Bird.  The wing span was easily several feet as it glided and flapped low over our stubble field.  It was much bigger than a bald eagle which at the time i had never seen.

What i saw was way too big to be any known bird from the manuals.   The wingspan was easily that of a frigate bird but much wider and quite raptor like.  I saw this in Mid Western Ontario which is far distant from the sea but close by the Great Lakes.  Gulls were commonly seen there.

As i have posted in the past, these raptors easily hole up inside a full skirted evergreen providing an excellent view while fully camouflaged.  All real hunting would be at night.  We now have ample sightings to confirm the existence of this bird.  This one is typical.  Further away and size will be confused.

.

Thunderbird Spotted in Alaska?

February 06, 2018

https://www.coasttocoastam.com/article/thunderbird-spotted-in-alaska/

The Alaskan city of Juneau is buzzing after a resident reported what can best be described as a 'thunderbird' soaring through the sky.

The weirdness began when the witness, named Tabitha, posted about her sighting to a Juneau community Facebook group.

According to her, as she was driving down the road a "huge black bird" appeared overhead and sported a wingspan which she estimated to be "at least 20 feet."

Despite living in the area her entire life, Tabitha insisted that his bird was unlike anything she had ever seen before and marveled that it was "almost the size of a small airplane."

Unfor...

19:00

Hydrogen for Surgery & ICU Terra Forming Terra


 
Now that we understand this it needs to be fully implemented.  This will facilitate resuscitation on a much larger scale than now seen.
 
We can get a heart attack victim to an ER in much less than an hour.  Saving him and avoiding serious damage has been spotty.  This can change that outcome significantly even to the point in perhaps most cases to full recovery.
 
Note that hypothermia and hydrogen combined jumped their numbers to 80%.  What this means is that we can properly flip the survival stats.  Saving a heart attack victim inevitably involves a person still in full productive mode as well so this could well mean preservging his or her productivity as well.
.
 
Hydrogen for Surgery & ICU

Published on January 29, 2018

http://drsircus.com/general/hydrogen-surgery-icu/

Medical gas is critical to the function of hospitals and many other healthcare facilities. Medical gas systems in hospitals are, in a word, lifesaving. Piped in oxygen, nitrous oxide, nitrogen, carbon dioxide, and medical air to hospital areas such as patient rooms, recovery areas, operating rooms, and ICU departments is critical to the survival of patients and now hydrogen needs to be added to the list.

It is imperative that hospitals get on the program with hydrogen because it is a perfect and safe substance to put out the fires of oxidative stress. Evidence of massive oxidative stress is well established in adult critical illnesses characterized by tissue ischemiareperfusion injury and by an intense systemic inflammatory response such as during sepsis and acute respiratory distress syndrome. Oxidative stress exacerbates organ injury and thus overall clinical outcome.[1] Oxygen-derived free radicals play an important role in the development of disease in critically ill patients.

Critically ill patients suffer from oxidative stress caused by reactive oxygen species (ROS) a...

19:00

Let Us Eradicate Poverty, Not Demolish Wealth Terra Forming Terra



 
 
If you are reading this, you are surely part of the choir.  The only reason that the economic fools have any political leverage whatsoever is that it is inevitable that our population will have three tiers.
 
The first tier are those doing just fine.  Whatever it took, they planned for and received a full middle class life.  Perhaps a handful got rich and famous but the rest have theirs as well.
 
The second tier are really doing well enough but still have a ways to go and are engaged in doing just that.  None of this is truly inherited, although that can certainly help.  Something had to be done to maintain status.  After all the fastest way to lose a great fortune is to hand it over to a natural loser and those are born into every family.
 
What i am saying loudly is that the majority of our civilization is able to do fine on average over an entire lifespan.
 
Then we address the lower third.  I make this expansive because this is where economic reform will revolutionize our whole civilization.  Helping this sector to become efficient and thriving will super charge the top two tiers.  In fact the only proper task of all governance needs to be the strengthening this lower third.  And it is not particularly done by cash transfers, but by providing ample locally managed credit along with empowering the natural community itself.  Do this along with applying the rule of twelve for local governance and we estabilsh a dynamic thriving base for the whole economy that grows without significant external inputs..
 
 .
 
Let Us Eradicate Poverty, Not Demolish Wealth

Daniel Lacalle

https://mises.org/wire/let-us-eradicate-poverty-not-demolish-wealth

By the time you finish reading this article, some 600 people from all over the world will have escaped poverty.

In 1990, 35% of the world population lived in extreme poverty. Today, that figure h...

19:00

Non Civilian Courts for Treason Terra Forming Terra

 

From sources that i am not too sure of we hear that Hilary is facing 27 indictments for treason alone.  

At the same time the 13,000 plus sealed indictments has also morphed into a 13,000 cell building program in GITMO.  What is absolutely true is that some information is been allowed out to trusted distribution nodes so that supporters of the Admin will not be in complete shock.  All the information  that we have has at least been vouched for.

The big story though is that those 13,000 sealed indictments are facing non civilian courts because they were all involved wittingly or not in an assault of the Republic.  I do want to add that the large numbers may well include a large number of low level political operatives who manipulated the vote count. Certainly the Mueller investigation has targeted the validity of that count.

Today we hear that Russia will forthwith send first time pedophiles to prison for life.  Obvious when we understand that no cure is known and the threat simply does not go away.  Thousands of low level pedophiles have been arrested during the past year.  This must feed into a hierarchy numbering at least one to two thousand folks, often embedded in government and justice.  I may still be too low but this fits the apparent scale now revealed. 

The fact remains that thousands will likely face military tribunals for their actions. The lucky ones will be seconded to a civilian trial.  The seriously unlucky will be quickly put in front of firing squads and shot and we will have limited appeals or none at all.  The administration has essentially taken the position that we are opposing a hostile foreign attack.  This has a lot of truth but may be also smaller than presently thought.

I personally would not give two cents for Hilary's chances.  Yet in her special case her crimes need to be fully aired until her fate will be a relief.
...

18:56

The Car of the Future Will Sell Your Data cryptogon.com

No. Via: Bloomberg: Picture this: Youre driving home from work, contemplating what to make for dinner, and as you idle at a red light near your neighborhood pizzeria, an ad offering $5 off a pepperoni pie pops up on your dashboard screen. Are you annoyed that your cars trying to sell you something, or pleasantly []

18:05

CDC Warns of Salmonella Infections Linked to Kratom SoylentNews

At this time, the CDC recommends that people not consume kratom in any form because it could be contaminated with salmonella:

An outbreak of 28 salmonella infections in 20 states has been linked to kratom products, the US Centers for Disease Control and Prevention said in a statement Tuesday. Though no deaths have been reported, 11 people have been hospitalized.

[...] California had the highest number of salmonella cases (three). North Carolina, Ohio, Oklahoma, Oregon, Pennsylvania and Utah each reported two cases while Alabama, Arizona, Colorado, Florida, Kansas, Kentucky, Louisiana, Massachusetts, Michigan, North Dakota, New York, South Carolina and Tennessee each reported a single case, the CDC found.

Kratom should not be consumed in any form, the CDC said, because the source of salmonella contamination has not been identified.

Also at The Verge, STAT News, and CBS.

Previously: DEA Welcomes Kratom to the Schedule I List Beginning September 30
The Calm Before the Kratom Ban
FDA Blocks More Imports of Kratom, Warns Against Use as a Treatment for Opioid Withdrawal
FDA Labels Kratom an Opioid

Related: Opioid Commission Drops the Ball, Demonizes Cannabis


Original Submission

Read more of this story at SoylentNews.

17:34

North Korean APT Group tracked as APT37 broadens its horizons Security Affairs

Researchers at FireEye speculate that the APT group tracked as APT37 (aka Reaper, Group123, ScarCruft) operated on behalf of the North Korean government.

Here we are to speak about a nation-state actor dubbed APT37 (aka Reaper, Group123, ScarCruft) that is believed to be operating on behalf of the North Korean government.

APT37 has been active since at least 2012, it made the headlines in early February when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users.

Cyber attacks conducted by the APT37 group mainly targeted government, defense, military, and media organizations in South Korea.

FireEye linked the APT37 group to the North Korean government based on the following clues:

  • the use of a North Korean IP;
  • malware compilation timestamps consistent with a developer operating in the North Korea time
    zone (UTC +8:30) and follows what is believed to be a typical North Korean workday;
  • objectives that align with Pyongyangs interests(i.e. organizations and individuals involved in Korean
    Peninsula reunification efforts);

Researchers from FireEye revealed that the nation-state actor also targeted entities in Japan, Vietnam, and even the Middle East in 2017. The hackers targeted organizations in the chemicals, manufacturing, electronics, aerospace, healthcare, and automotive sectors.

APT37 has likely been active since at least 2012 and focuses on targeting the public and private sectors primarily in South Korea. In 2017, APT37 expanded its targeting beyond the Korean peninsula to include Japan, Vietnam and the Middle East, and to a wider range of industry verticals, including chemicals, electronics, manufacturing, aerospace, automotive and healthcare entities reads the report published by FireEye.

...

17:00

DIY Peristaltic Pump Keeps the Booze Flowing Hackaday

A few months ago we showed you a bar bot built by [GreatScott] that uses peristaltic pumps to food-safely move the various spirits and mixers around behind the curtain. The bar bot uses three of them, and at $30 each for pumps with decent flow rate, they added a lot to the parts bill. These pumps are pretty much the ideal choice for a bar bot, so what do you do? [GreatScott] decided to see if it was worth it to make them instead.

Peristaltic pumps are simple devices that pump liquids without touching them. A motor turns a set of rollers that push a flexible tube against a wall. As the motor turns, the rollers move liquid through the tube by squeezing it flat from the outside in turns. Typically, the more you pay for an off-the-shelf peristaltic, the higher the flow rate.

[GreatScott] figured it was cheaper to buy the motor and the control circuitry. He chose a NEMA-17 for their reputation and ubiquity and a DRV8825 controller to go with it. The pump is driven by an Arduino Nano and a pot controls the RPM. After trying to design the mechanical assembly from scratch, he found [Ralf]s pump model on Thingiverse and modified it to fit a NEMA-17.

The verdict? DIY all the way, assuming you can print the parts. [GreatScott] was trying to beat the purchased pumps flow rate of 100mL/minute and ended up with 200mL/minute from his DIY pump. Squeeze past the break for the build video and demonstration.

Is there a bar bot build on your list? No? Is it because youre more of a single-malt scotch guy? Build a peristaltic pachyderm to pour your potion.

16:55

Multiple Persistent Cross-Site Scripting Vulnerabilities in Quarx CMS Bugtraq

Posted by preethiknambiar on Feb 20

1. Introduction

Vendor : Yab
Affected Product : Quarx through 2.4.3
Fixed in : Quarx 2.4.5 and 2.4.6
Vendor Website : https://quarxcms.com/
Vulnerability Type : Persistent XSS
Remote Exploitable : Yes
CVE External Identifier : CVE-2018-7274

2. Technical Description

There are multiple Persistent XSS vulnerabilities in Quarx Content Management System. These vulnerabilities exists
due...

16:32

Microsoft Document Details Windows 10 on ARM Limitations SoylentNews

Microsoft accidentally reveals Windows 10 on ARM limitations

Microsoft launched ARM-powered Windows 10 PCs with "all-day" battery life back in December. While HP, Asus, and Lenovo's devices aren't on sale just yet, we're still waiting to hear more about the limitations of Windows 10 running on these new PCs. Microsoft published a full list of limitations last week, spotted first by Thurrott, that details what to expect from Windows 10 on ARM. This list must have been published by accident, as the software giant removed it over the weekend so only cached copies of the information are available.

Also at Engadget and ZDNet.

Related: Big Changes Planned by Microsoft - Windows 10 on ARM, Laptops to Behave More Like Phones
First ARM Snapdragon-Based Windows 10 S Systems Announced
Microsoft Pulls Back on Windows 10 S


Original Submission

Read more of this story at SoylentNews.

16:01

Xorgproto 2018.3 Brings RandR Leasing + Non-Desktop Monitors Phoronix

Xorgproto debuted earlier this month as a centralized package of all X.Org protocol headers that used to be versioned and developed independently. Given the slower development now of the xorg-server and lots of the protocols being intertwined, they are now all bundled together. Tuesday marked the 2018.3 release with the new additions for Keith Packard's SteamVR Linux infrastructure work...

14:54

Sports Drink of Choice for German Olympians: Nonalcoholic Beer SoylentNews

German Olympians Drink a Lot of (Nonalcoholic) Beer, and Win a Lot of Gold Medals

When Simon Schempp, a biathlete on the German Olympic team, was training for the Pyeongchang Games, he often capped a hard day on the trail with a bottle of nonalcoholic beer. He enjoys the taste of beer like most Germans, who drink more of it per capita than the people of almost any other nation. But he drank the nonalcoholic variety for more than just the flavor. "It's a really good drink directly after training or after competition," said Schempp, who won a silver medal in the 15-kilometer mass start event on Sunday.

Schempp's sober assessment is popular in Germany. While most people see nonalcoholic beer as a responsible replacement for regular beer, Germans often drink it in place of sports drinks after exercise. Beer or Gatorade? No contest.

Johannes Scherr, the doctor for the German Olympic ski team, said nearly all of his athletes drink nonalcoholic beer during training. And the brewery Krombacher has supplied 3,500 liters (about 1,000 gallons) of nonalcoholic beer to the athletes' village so German athletes can enjoy it during competitions at the Pyeongchang Games, where Germany is tied for the most gold medals.

[...] Scherr conducted a double-blind study [open, DOI: 10.1249/MSS.0b013e3182250dda] [DX] [alt], financed by a brewing company, in which he gave runners in the 2009 Munich Marathon nonalcoholic beer every day for three weeks before and two weeks after the race. These runners suffered significantly less inflammation and fewer upper respiratory infections after the race than runners who had been given a placebo.


Original Submission

Read more of this story at SoylentNews.

14:00

Dungeons and Dragons TV Tabletop! Hackaday

With little more than pen, paper, dice, and imagination, a group of friends can transport themselves to another plane for shenanigans involving dungeons and/or dragons. An avid fan of D&D and a budding woodworker, Imgurian [CapnJackHarkness] decided to build gaming table with an inlaid TV for their inaugural project.

The tabletop is a 4x4 sheet of plywood, reinforced from underneath and cut out to accommodate a support box for the TV. Each leg ended up being four pieces of 1x4 wood, laminated together with a channel cut into one for the tables power cable. An outer ledge has dice trays if theyre even needed in todays world ready for all those nat 20s, cupholders because nobody likes crying over spilled drinks, and electrical outlets to keep devices charged. Foam squares cover the tabletop which can be easily removed and washed if needed but more on that in a second. [CapnJackHarkness] painted the table as the wood rebuffed many attempts at staining, but theyre happy with how it turned out.

[CapnJackHarkness] based their build on a table made by Gaminggeek, adapting it t...

14:00

What Does David Attenborough Really Think of Darwin? - Facts So Romantic Nautilus


A casual viewer of nature documentariesor anyone who hasnt heard of or seen the film Attenborough wrote called, Charles Darwin and the Tree of Lifemight surmise that the man was hired to narrate the scripts merely because hes got a great voice.Photograph courtesy Johann Edwin Heupel / Flickr

The name David Attenborough has, to me, always been an enchanting but disembodied voice narrating the hidden struggles and splendors of the natural world. In the last few months Ive seen several of his documentaries (out of the 23 I could count on Netflix) from start to finishLife, Africa, and Planet Earth. Theyre mesmerizing, and some segments can be heart-racing, some distressing, and some morally confusing, as you feel your sympathies tugged in opposite directions (quite often, the offspring of one creature is taken as food to feed the offspring of another). Attenborough doesnt take sidesthe cruelty of necessity in nature is a spectacle he dramatizes neutrally.

What Attenborough doesnt do in his nature documentaries is discuss Darwin and his theory of natural selection. Sure, every so often hell utter the word evolveitd be cumbersome not to, especially when its, say, birds with specialized, elongated beaks that hes describing. But, watching these shows, youll
Read More

13:22

A Hacker Has Wiped a Spyware Company's Servers Again SoylentNews

Last year, a vigilante hacker broke into the servers of a company that sells spyware to everyday consumers and wiped their servers, deleting photos captured from monitored devices. A year later, the hacker has done it again.

Thursday, the hacker said he started wiping some cloud servers that belong to Retina-X Studios, a Florida-based company that sells spyware products targeted at parents and employers, but that are also used by people to spy on their partners without their consent.

[...] "None of this should be online at all," the hacker told Motherboard, claiming that he had deleted a total of 1 terabyte of data.

"Aside from the technical flaws, I really find this category of software disturbing. In the US, it's mainly targeted to parents," the hacker said, explaining his motivations for going after Retina-X. "Edward Snowden has said that privacy is what gives you the ability to share with the world who you are on your own terms, and to protect for yourself the parts of you that you're still experimenting with. I don't want to live in a world where younger generations grow up without that right."

[...] Retina-X was not the only spyware company hacked last year. Other hackers also breached FlexiSpy, an infamous provider of spyware that has actively marketed its apps to jealous lovers. At the time, the hackers promised that their two victimsFlexiSpy and Retina-Xwere only the first in line, and that they would target more companies that sell similar products.


Original Submission

Read more of this story at SoylentNews.

12:47

NEW 'Off The Wall' ONLINE 2600 - 2600: The Hacker Quarterly

NEW 'Off The Wall' ONLINE

Posted 21 Feb, 2018 1:47:15 UTC

The new edition of Off The Wall from 20/02/2018 has been archived and is now available online.

12:45

NEW 'Off The Wall' ONLINE 2600 - 2600: The Hacker Quarterly

NEW '[node:field_name]' ONLINE

Posted 21 Feb, 2018 1:45:15 UTC

The new edition of [node:field_name] from 20/02/2018 has been archived and is now available online.

12:15

South Korean Cryptocurrency Regulator Found Dead at Home cryptogon.com

Via: Wall Street Journal: A South Korean official who guided Seouls regulatory clampdown on cryptocurrencies was found dead on Sunday, according to a government spokesman. Jung Ki-joon, 52, was head of economic policy at the Office for Government Policy Coordination. He helped coordinate efforts to create new legislation aimed at suppressing cryptocurrency speculation and illicit []

12:03

Hovmller: Moving a large and old codebase to Python3 LWN.net

Anders Hovmller has posted an account of migrating a large application to Python 3. There were multiple steps on the journey and plenty of lessons learned. "Our philosophy was always to go py2 -> py2/py3 -> py3 because we just could not realistically do a big bang in production, an intuition that was proven right in surprising ways. This meant that 2to3 was a non starter which I think is probably common. We tried a while to use 2to3 to detect Python 3 compatibility issues but quickly found that untenable too. Basically it suggests changes that will break your code in Python 2. No good. The conclusion was to use six, which is a library to make it easy to build a codebase that is valid in both in Python 2 and 3."

11:50

KDE Receives $200,000 Donation From The Pineapple Fund SoylentNews

KDE e.V. is announcing today it has received a donation of 200,000 USD from the Pineapple Fund.

With this donation, the Pineapple Fund recognizes that KDE as a community creates software which benefits the general public, advances the use of Free Software on all kinds of platforms, and protects users' privacy by putting first-class and easy to use tools in the hands of the people at zero cost. KDE joins a long list of prestigious charities, organizations and communities that the Pineapple Fund has so generously donated to.

"KDE is immensely grateful for this donation. We would like to express our deeply felt appreciation towards the Pineapple Fund for their generosity" said Lydia Pintscher, President of KDE e.V.. "We will use the funds to further our cause to make Free Software accessible to everyone and on all platforms. The money will help us realize our vision of creating a world in which everyone has control over their digital life and enjoys freedom and privacy".


Original Submission

Read more of this story at SoylentNews.

11:33

Hackers Compromise Tesla Cloud Server to Mine Cryptocurrency HackRead

By Waqas

It is 2018 and the easiest way to make quick

This is a post from HackRead.com Read the original post: Hackers Compromise Tesla Cloud Server to Mine Cryptocurrency

11:30

11:26

Meta: Subscription Wonkiness SoylentNews

Over the past week we've had at least three occurrences of this particular bug crop up. It's currently already fixed but I thought I'd fill you lot in just in case it got you too and you haven't noticed yet.

On the subscription page there are two radio buttons if you're logged in. One is to subscribe for yourself and one is to give a gift subscription. For some reason they were both set unchecked. If you didn't check one your subscription would to go NCommander's non-admin account, mcasadevall. It beats the complete hell out of me why this would be the default but it is.

If you've purchased a subscription recently please check that you got credit for it. If you didn't please let us know either here or via email.

~TMB

Read more of this story at SoylentNews.

11:00

Cross-Brand Adapter Makes for Blended Battery Family Hackaday

Even though hes a faithful DeWalt cordless tool guy, [Richard Day] admits to a wandering eye in the tool aisle, looking at the Ryobi offerings with impure thoughts. Could he stay true to his brand and stick with his huge stock of yellow tools and batteries, or would he succumb to temptation and add another set of batteries and chargers so he could have access to a few specialty lime green tools?

Luckily, we live in the future, so theres a third way building a cross-brand battery adapter that lets him power Ryobi tools with his DeWalt batteries. [Richard]s solution is a pure hack, as in physically hacking battery packs and forcing them to work and play well together. Mechanically, this was pretty easy a dead Ryobi pack from the recycling bin at Home Depot was stripped down for its case, which was glued to a Dewalt 20-v to 18-v battery adapter. The tricky part came from dealing with the battery control electronics. Luckily, the donor DeWalt line has that circuitry in the adapter, while Ryobi puts it in the battery. That meant simply transplanting the PCB from the adapter to the Ryobi battery shell would be enough. The video below shows the process and the results Ryobi tools happily clicking away on DeWalt batteries.

While [Richard] took a somewhat brute-force approach here, we imagine 3D-printed parts might make for a more elegant solution and offer other brand permutations. After all, printing an adapter should be easier than whipping up a cordless battery pack de novo.

10:53

Overnight Tech: Judge blocks AT&T request for DOJ communications | Facebook VP apologizes for tweets about Mueller probe | Tech wants Treasury to fight EU tax proposal The Hill: Technology Policy

JUDGE BLOCKS AT&T REQUEST FOR WHITE HOUSE-DOJ COMMUNICATIONS: A federal judge overseeing the Justice Department's lawsuit against the AT&TTime Warner merger rejected AT&T's request for records of communications between the agency...

10:18

FinFETs Shimmy to 5G's Frequencies SoylentNews

Engineers at Purdue University and GlobalFoundries have gotten today's most advanced transistors to vibrate at frequencies that could make 5G phones and other gadgets smaller and more energy efficient. The feat could also improve CPU clocks, make wearable radars, and one day form the basis of a new kind of computing. They presented their results today at the IEEE International Solid-States Circuits Conference, in San Francisco.

https://spectrum.ieee.org/tech-talk/semiconductors/devices/finfets-shimmy-to-5gs-frequencies


Original Submission

Read more of this story at SoylentNews.

10:02

FCC to officially rescind net neutrality rules on Thursday The Hill: Technology Policy

The Federal Communications Commission is slated to publish on Thursday its order scrapping net neutrality rules, a source with knowledge of the matter told The Hill on Tuesday.The official publication of the measure, which was first reported by...

09:29

LibrePlanet 2018 is on the way: check out the talks and register! FSF blogs

On March 24th and 25th, 2018, the free software community will come together at the Massachusetts Institute of Technology (MIT) to learn, exchange ideas, catch up with friends, and plan the future of the movement. Will you join us?

It's the tenth anniversary of LibrePlanet, and now is a good time to register to attend. As always, Free Software Foundation (FSF) members and students attend gratis.

Hundreds of people from across the globe will converge on Cambridge, Massachusetts to explore this year's theme, "Freedom Embedded." We'll look at embedded systems in everything from our cars to our bodies, discuss how these systems affect our entire society, and talk about how to change the narrative, making free software the norm, instead of walled gardens, Digital Restrictions Management (DRM), and proprietary code.

In addition to the keynote speakers we announced last month, LibrePlanet 2018 will feature a panoply of presentations. Our lineup includes Jeremiah Foster, who will examine free software and vehicles; a panel of speakers including Karen Sandler, Mad Ball, Rachel Kalmar, and Dana Lewis, who will discuss freedom and devices used for health, medicine, and wellness; and Bob Call, who will talk about libreCMC, a distro for embedded devices.

LibrePlanet 2018 offers lots of opportunities for fun, too: in addition to the annual FSF open house the evening of Friday, March 23rd, and the LibrePlanet party on Saturday night, there will be a special piano concert featuring freely licensed arrangements. And the conference looks at gaming and art, too: Noah Swartz will walk us through the roguelikes game genre, and Bassam Kurdali will teach a workshop in free software photogrammetry! The full program will be published soon. In the meantime, check out the list of confirmed speakers.

LibrePlanet brings together software developers, activists, policy experts, and computer users to share accomplishments, learn new skills, and address challenges to software freedom. Newcomers are always welcome, and LibrePlanet 2018 will feature programming for all experience levels, including students.

LibrePlanet 2018 is produced by the Free Software Foundation in partnership with the Student Information Processing Board (SIPB) at MIT.

Pre-order a LibrePlanet 2018 T-shirt by February 28th

You can also pre-order a LibrePlanet 2018 commemorative T-shirt in the GNU Press shop. Order your shirt by February 28th, 7am EST/13:00 UTC to guarantee availabilit...

09:00

A Linux Kernel Driver Is Being Worked On For Valve's Steam Controller Phoronix

Right now to make most use of the Steam Controller on Linux you need to be using the Steam client while there have been independent user-space programs like SC-Controller to enable Steam Controller functionality without the Steam client running. A new and independent effort is a Linux kernel driver for the Steam Controller...

08:46

Tallest Timber Tower Tipped for Tokyo SoylentNews

TreeHugger reports:

Sumitomo Forestry, an industry giant in Japan, [is] pivoting to plyscrapers and proposing a 70-story, 350 meter (1148') tower for the Marunouchi district in Tokyo. It's called W350, the plan being that it will be finished in 2041, the 350th anniversary of the founding of the company.

[...] Using a hybrid 9:1 ratio of wood to steel, Sumitomo Forestry aims to replace concrete, which is one of the world's largest carbon footprint contributors. The skyscraper would be a 70-floor mixed-use building that would include a hotel, office space, commercial space, and residences. Wrap-around balconies at different intervals would be planted with lush wildlife. And greenery would extend throughout the entire complex, creating a vertical forest where humans and wildlife can flourish.

[...] It is a brace tube structure, "a structural system that forms a cylindrical shell (brace tube) with columns / beams and braces. By placing braces diagonally in a set of shafts assembled with columns and beams, it prevents the building from deforming against lateral forces such as earthquakes and wind."

The images are beautiful.

Previously: Super Wood Could Replace Steel
The Case for Wooden Skyscrapers
Can You Build A Safe, Sustainable Skyscraper Out Of Wood?


Original Submission

Read more of this story at SoylentNews.

08:45

Coldroot RAT cross-platform malware targets MacOS without being detected Security Affairs

The former NSA hacker and malware researcher Patrick Wardle is back, this time he spotted a new remote access Trojan dubbed Coldroot RAT.

The Coldroot RAT is a cross-platform that is targeting MacOS systems and the bad news is that AV software is not able to detect it. The malware acts as a keylogger on MacOS systems prior to the OS High Sierra allowing it to capture user passwords and credentials.

Wardle published a detailed analysis of the RAT that is currently available for sale on the underground markets since Jan. 1, 2017, while some versions of the Coldroot RAT code have also been available on GitHub for nearly two years.

The expert explained that the RAT masquerades as an Apple audio driver com.apple.audio.driver2.app that when clicked on displays an authentication prompt requesting the victim to provide its MacOS credentials.

an unflagged file named com.apple.audio.driver2.app caught my eye. It was recently submitted for a scan, in early January.  wrote Wardle

Though currently no AV-engine on VirusTotal flags this application as malicious, the fact it contained a reference to (TCC.db) warranted a closer look. 

Once obtained the credentials the RAT modifies the privacy TCC.db database. The researchers analyzed a sample that once installed attempts to provide the malware with accessibility rights (so that it may perform system-wide keylogging) by creating the

/private/var/db/.AccessibilityAPIEnabled

file and then modifies the privacy database TCC.db that keep track of the applications installed on the machine and the related level of accessibility rights.

Think, (ab)using AppleScript, sending simulated mouse events via core graphics, or directly interacting with the file system. An example of the latter was DropBox, which directly modified macOSs privacy database (TCC.db) which contains the list of applications that are afforded accessibility rights. Wardle wrote.

With such rights, applications can then interact with system UIs, other applications, and even intercept key events (i.e. keylogging). By directly modifying the database, one could avoid the obnoxious system alert that is normally presented to the user:  

...

08:22

Using a laser to wirelessly charge a smartphone safely across a room Lifeboat News: The Blog

Although mobile devices such as tablets and smartphones let us communicate, work and access information wirelessly, their batteries must still be charged by plugging them in to an outlet. But engineers at the University of Washington have for the first time developed a method to safely charge a smartphone wirelessly using a laser.

As the team reports in a paper published online in December in the Proceedings of the Association for Computing Machinery on Interactive, Mobile, Wearable & Ubiquitous Technologies, a narrow, invisible beam from a laser emitter can deliver charge to a sitting across a room and can potentially charge a smartphone as quickly as a standard USB cable. To accomplish this, the team mounted a thin power cell to the back of a smartphone, which charges the smartphone using power from the laser. In addition, the team custom-designed safety features including a metal, flat-plate heatsink on the smartphone to dissipate from the laser, as well as a reflector-based mechanism to shut off the laser if a person tries to move in the charging beams path.

Safety was our focus in designing this system, said co-author Shyam Gollakota, an associate professor in the UWs Paul G. Allen School of Computer Science & Engineering. We have designed, constructed and tested this laser-based charging system with a rapid-response safety mechanism, which ensures that the laser emitter will terminate the charging beam before a person comes into the path of the laser.

08:21

The Patent Trolls Lobby, Bristows and IAM Among Others, Downplays Darts-IP/IP2Innovate Report About Rising If Not Soaring Troll Activity in Europe Techrights

Because theyre not interested in facts; they actively promote the UPC and patent trolls, which theyre even paid to promote

IP2Innovate

Summary: Exactly like last year, as soon as IP2Innovate opens its mouth Bristows and IAM go into attack dog mode and promote the UPC, deny the existence or seriousness of patent trolls, and promote their nefarious, trolls-funded agenda

Dj vu today. We saw that last year in spring. Lobbyists of patent trolls come out of the woodwork and relentlessly attack those who dare point out that todays EPO gives rise to patent trolls and UPC would further exacerbate this problem. But lets structure what happened yesterday and today chronologically, having researched this the entire day. Well leave this for readers to decide on, e.g. who is right and who is wrong.

It has long been known that low-quality patents granted by the USPTO were partly responsible for a trolls epidemic in the United States. Almost nobody would deny this, not even patent extremists; they just use different words for patent trolls. The same thing is happening in China right now because patent scope is broadened and examination weakened. Its an avalanche of low-quality patents.

The same thing is happening in China right now because patent scope is broadened and examination weakened. Its an avalanche of low-quality patents.This brings us to the EPO. We last wrote about decline of patent quality just earlier today, based on a two-page report/bulletin from EPO insiders. Anyone still in denial about the decline of European Patents (EPs) quality is either deluded or called Benot Battistelli (he probably lies to himself about it, maybe he actually believes his own lies).

Weve long warned (long before we covered EPO scandals) about low-quality EPs ushering in patent trolls, more so if the UPC ever becomes a reality. We werent alone. Others were saying the exact same thing. Its so evident that in order to deny this one has to be both greedy and financially-motivated (Bristows comes to mind).

Patent trolls are already soaring in Germany. This was measured last year. Patent trolls representatives make a load of money out of it and they want to make it worse with unitary effect (more defendants, higher damages and so on). The UPC is a disaster in the making,...

08:05

Tesla cloud account hacked to mine cryptocurrency The Hill: Technology Policy

An unidentified outside hacker infiltrated Tesla's Amazon cloud account and used its systems to quietly mine for cryptocurrencies, a cybersecurity firm announced Tuesday.The hack also potentially exposed the electric car company's...

08:00

Easy, Modular Alphanumeric Displays are Full of Flappy Goodness Hackaday

There are plenty of ways to make large alphanumeric displays that are readable at great distances. LED signboards come to mind, as do big flat-screen LCD displays. But such displays feel a little soulless, and nothing captures the atmosphere of a busy train station like an arrivals and departures board composed of hundreds of split-flap displays.

In a bid to make these noisy but intriguing displays practical for the home-gamer, [Scott Bezek] has spent the last couple of years on a simple, modular split-flap display unit, and from the look of the video below, its pretty close to ready. The build log details the design process, which started with OpenSCAD and took advantage of the parametric nature of the scripting language to support any number of characters, within reason. Costs are kept low with laser-cut MDF frames and running gear, and cheap steppers provide the motion. Character cards are just PVC ID badges with vinyl letters, and a simple opto-sensor prevents missed steps and incorrect characters. The modules can be chained together into multi-character displays, and the sound is satisfyingly flappy.

[Scott] has put a lot of thought into these displays, and even if its not the simplest split-flap display weve seen, its really worth checking out.

[via r/DIY]

07:55

Ubuntu Server 18.04 LTS Will Default To The New Installer Phoronix

Last year Canonical announced work on a new text-based server installer for Ubuntu. It's come a long way over the past year and will be the default server installer with 18.04 LTS...

07:50

Tips for an Information Security Analyst/Pentester career - Ep. 57: Forensic challenge (pt. 1) The S@vvy_Geek Tips Tech Blog

I was watching this John Strand's video on live memory analysis some days ago.

I love his tutorials because they're really inspirational but, in this case, John came out with a series of labs intended for his forensic students at SANS.

I thought to myself, "Yes, I got this, I can do it". You know, I graduated in Cyber Security & Forensics, so I thought I should've been able to follow through.

Here's my tutorial about it.


In this first part I'll analyze a clean Window configuration, for us to have a baseline, and in the second part I'll perform the same steps against a system compromised with a Meterpreter shell.


Simulation

I create a backdoor by running netcat on TCP port 2222 (in the upcoming second part of this tutorial, I'll create an actual Meterpreter backdoor).

If we run netstat -nao and we include an interval parameter of 5 in the command, we can see a list of active network connections that will be redisplayed every 5 seconds.

You'll notice a connection to TCP port 2222 in LISTENING state, which means the port is open.


Intelligence on running processes

To have information on running processes, we can run three different commands, which return a different amount of intelligence about the system.

a) Task Manager (taskmgr.exe): That's a well-known command. Not everyone knows, though, Task Manager can display information on the processes from all users and not only from the user currently logged on.

07:44

Even With AMDGPU DC, HDMI/DP Audio Isn't Working Out For All Radeon Linux Users Phoronix

While the newly-released Raven Ridge APUs could make for nice HTPC systems given the number of compatible mini-ITX/micro-ATX motherboards and these 65 Watt APUs offering Zen CPU cores with Vega graphics, besides the current problematic Raven Ridge graphics support, there are still some broader AMDGPU DC audio problems for newer graphics cards...

07:30

Mitsubishi Electric Develops Hybrid 16-beam Spatial-Multiplexing Technology for 5G Base Stations IEEE Spectrum Recent Content full text

The company successfully tested a parallel transmission of 16 data streams to a single device achieving 25.5 Gbps downlink speed--an industry first Photo: Mitsubishi Electric

5G report logo, link to report landing page

With mobile traffic in the coming 5G era expected to be a thousand times greater than what were generating today, mobile wireless infrastructure companies will need to provide greater transmission capacity, lower latency, and vastly more connectivity. To help achieve these goals, researchers at Mitsubishi Electric are testing a hybrid super-high-frequency massive multiple-input multiple-output (MIMO) system using hundreds of antenna elements with multibeam multiplexing to achieve efficient spectrum usage.

On 14 February, the company announced the development of a 16-beam spatial-multiplexing technology operating at 28 gigahertz for 5G small mobile base stations. Whats more, Mitsubishi claimed, is that it had demonstrated what it believes is the first 5G system to transmit 25.5 gigabits per second to one user device using the 500 megahertz bandwidth.

Details of the system will be announced at the IEICE Technical Committee on Radio Commutation System conference on 28 February.

The prototype base station used in the test consists of eight analog front-end-processing low-power units that together formed 16 beams, plus a MIMO digital processing algorithm that reduced interference between the beams.

The system attained a gain of 4096 antenna elements, yet its computational complexity is just that of 16 antenna elements, explains Atsushi Okamura, general manager of the Communication Technology Department, a unit in Mitsubishi Electric's Information Technology R&D Center in Kamakura, just south of Tokyo.

While all-digital massive MIMO produces high transmission performance, Okamura notes that it requires a digital signal processor, a digital-to-analog converter, and analog circuitry for each antenna. This would result in extremely high implementation and computation costs, not to mention a prohibitive increase in size.

"So we have implemented a hybrid beamforming system using active phased-array antenna and digital MIMO signal processing," he explains. This dramatically reduces number of components, yet yields almost the same performance, he adds.

Thats because each antenna element constitutes a sub-array and employs an analog variable-phase-shifter for controlling beam direction. Fo...

07:14

VPNs in General at Risk From Overblocking by ISPs SoylentNews

An increasing number of Internet Service Providers (ISPs) around the world have been blocking more and more access based on accusations of copyright infringement. Those demanding the blocking assert that high standards are followed when making the decision. However, those studying the situation are finding otherwise. Given the scope creep demonstrated by these activities there is legitimate concern for the future availability of Virtual Private Networks (VPN) on those providers.

TorrentFreak covers analysis from University of Ottawa law professor Michael Geist on the topic via his personal blog:

A group of prominent Canadian ISPs and movie industry companies are determined to bring pirate site blocking efforts to North America. This plan has triggered a fair amount of opposition, including cautioning analyses from law professor Michael Geist, who warns of potential overblocking and fears that VPN services could become the next target.

Michael Geist's personal blog jumps right in with a discussion of likely expansions to the scope of blocking and other sources of blocking over-reach.

The Bell coalition website blocking proposal downplays concerns about over-blocking that often accompanies site blocking regimes by arguing that it will be limited to "websites and services that are blatantly, overwhelmingly, or structurally engaged in piracy." Having discussed piracy issues in Canada and how the absence of a court order makes the proposal an outlier with virtually every country that has permitted site blocking, the case against the website blocking plan now turns to the inevitability of over-blocking that comes from expanding the block list or from the technical realities of mandating site blocking across hundreds of ISPs for millions of subscribers. This post focuses on the likely expansion of the scope of piracy for the purposes of blocking and the forthcoming posts will discuss other sources of blocking over-reach.

Once a technology or practice is in place, it is usually extended and abused beyond its original purpose. Even in the short history of the World Wide Web as well as the Internet, scope creep has shown itself to be a real problem.

Sources :
Canadian Pirate Site Blocks Could Spread to VPNs, Professor Warns
The Case Against the Bell Coalition's Website Blocking Plan, Part 5: The Inevitable Expansion of the Block List Standard for "Piracy" Sites


...

07:01

BitTorrent Client uTorrent Suffers Security Vulnerability (Updated) TorrentFreak

With dozens of millions of active users a day, uTorrent has long been the most used torrent client.

The software has been around for well over a decade and its still used to shift petabytes of data day after day. While there havent been many feature updates recently, parent company BitTorrent Inc. was alerted to a serious security vulnerability recently.

The security flaw in question was reported by Google vulnerability researcher Tavis Ormandy, who first reached out to BitTorrent in November last year. Googles Project Zero allows developers a 90-day window to address security flaws but with this deadline creeping up, BitTorrent had remained quiet.

Late last month Ormandy again reached out to BitTorrent Incs Bram Cohen, fearing that the company might not fix the vulnerability in time.

I dont think bittorrent are going to make a 90 day disclosure deadline, do you have any direct contacts who could help? Im not convinced they understand the severity or urgency, Ormandy wrote on Twitter.

Nudge

While Googles security researcher might have expected a more swift response, the issue wasnt ignored.

While no specific details about the vulnerability have yet to be released (update below), it is likely to be a remote execution flaw. Ormandy previously exposed a similar vulnerability in Transmission, which he said was the first of a few remote code execution flaws in various popular torrent clients.

BitTorrent Inc. told us that they have shared their patch with Ormandy, who according to the company confirmed that this fixes the security issues (update below).

uTorrent Beta release notes

We have also sent the build to Tavis and he has confirmed that it addresses all the security issues he reported, Rees told us. Si...

07:00

IBM Index: A Community Event for Open Source Developers

Title: 
IBM Index: A Community Event for Open Source Developers

07:00

The Legal Hazards of Virtual Reality and Augmented Reality Apps IEEE Spectrum Recent Content full text

Liability and intellectual property issues are just two areas developers need to know about Photo: Joan Cros Garcia/Corbis/Getty Images

img Photo: Joan Cros Garcia/Corbis/Getty Images

As virtual- and augmented-reality technologies mature, legal questions are emerging that could trip up VR and AR developers. One of the first lawyers to explore these questions is Robyn Chatwood, of the international law firm Dentons. VR and AR are areas where the law is just not keeping up with [technology] developments, she says. IEEE Spectrum contributing editor Tam Harbert talked with Chatwood about the legal challenges.

Tam Harbert: What critical legal issues do engineers need to know about?

Robyn Chatwood: IP rights are the most important. In VR, IP rights come in two categories: real-world-IP rights in the virtual world and virtual-IP rights in the real world. To give you an example of the first category, McDonalds has trademarks on its brand in the real world. But what if someone depicts a McDonalds burger or restaurant in a virtual world? Does trademark registration stretch to cover everything in a virtual world?

The second category is virtual-IP rights in the real world. For example, I design an app that geotags a building, and when I view the building through my smartphone, the app augments that view with information about the building, such as height, number of tenants, etc. Who owns the rights when you overlay information virtually onto a real physical object? At the moment, there are no effective laws on who owns such rights. Owners of landmark buildings might want to own those rights, but today they cant control who presents information about their buildings in an augmented-reality application.

The other thing is an issue thats normally sorted out by contract, but I still consider it a gray area. Users can design and build things virtually. Say someone comes up with a really incredible and exciting design for a building or a city. Who owns the rights to that design? That is normally spelled out in the terms and conditions users are required to sign, but it becomes more important with VR content. Engineers should think through what people might do with this technology and make sure that their companies sort out who owns what in the terms and conditions.

T.H.: What about dangers to users?

R.C.: This technology can be used to help people in...

06:46

06:30

Turn Your Lathe into a Shaper Hackaday

Ingenuity is the name of the game with manual machine tools. You often have to get creative to use the tools you have to create the part you want. Thats exactly what happened when [John] needed to cut internal splines and keyways using his lathe.

Lathes are usually used to turn metal, but internal keyways and splines are operations often performed with a broach. An older tool called a shaper would be perfect here, but shapers are relatively rare these days or are they? There are many examples of shaper attachments for lathes. These are human-powered devices that scrape a bit of metal off each pass. The lathe itself is used to keep the workpiece in place and move the tool in a repeatable way.

Rather than create a shaper jig from scratch, [John] decided to use his compound slide as the shaper slide itself. He removed the compound slide lead screw, which allowed the compound to slide freely. He then fabricated a double hinged bar and bolted this to the compound slide. Moving the bar causes the slide to move. Just add a cutting tool, and youre ready to cut a keyway. Add an indexing plate, and youre ready to cut a spline. You can see the tool in action after the break.

If you want to learn more about lathes and what goes into them, you can learn how to build one from scratch.

 

26476864378_360p

06:23

Judge rejects AT&T inquiry into possible Trump influence in merger case The Hill: Technology Policy

A federal judge overseeing the Justice Department's lawsuit against the AT&TTime Warner merger rejected AT&T's request for records of communications between the agency and the White House.AT&T had been preparing to argue in the upcoming...

06:10

Steal This Show S03E13: The Tao of The DAO TorrentFreak

stslogo180If you enjoy this episode, consider becoming a patron and getting involved with the show. Check out Steal This Shows Patreon campaign: support us and get all kinds of fantastic benefits!

In this episode, we meet Chris Beams, founder of the decentralized cryptocurrency exchange Bisq. We discuss the concept of DAOs (Decentralised Autonomous Organisations) and whether The Pirate Bay was an early example; how the start of Bitcoin parallels the start of the Internet itself; and why the meretricious Bitcoin Cash fork of Bitcoin is based on a misunderstanding of Open Source development.

Finally, we get into Bisq itself, discussing the potential political importance of decentralized crypto exchanges in the context of any future attempts by the financial establishment to control cryptocurrency.

Steal This Show aims to release bi-weekly episodes featuring insiders discussing copyright and file-sharing news. It complements our regular reporting by adding more room for opinion, commentary, and analysis.

The guests for our news discussions will vary, and well aim to introduce voices from different backgrounds and persuasions. In addition to news, STS will also produce features interviewing some of the great innovators and minds.

Host: Jamie King

Guest: Chris Beams

Produced by Jamie King
Edited & Mixed by Riley Byrne
Original Music by David Triana
Web Production by Siraje Amarniss

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

06:03

Uber CEO: Air taxis could become a reality within decade The Hill: Technology Policy

Uber CEO Dara Khosrowshahi said Tuesday that he sees his company taking to the skies within the next five to 10 years. Khosrowshahi said at an investor forum in Tokyo that he expects flying vehicles to become an affordable means...

06:00

The advent of GDPR could fuel extortion attempts by criminals Help Net Security

The number of exploit kit attacks is, slowly but surely, going down, and malware peddlers are turning towards more reliable tactics such as spam, phishing, and targeting specific, individual vulnerabilities. Thats the good news. The bad news is that everything else is on the rise: BEC scams, ransomware, stealthy crypto-mining, the number of enterprise records compromised in data breaches. 2017 threat landscape Trend Micro has released its annual security roundup the past year, and it More

05:48

Links 20/2/2018: Mesa 17.3.5, Qt 5.11 Alpha, Absolute 15.0 Beta 4, Sailfish OS 2.1.4 E.A., SuiteCRM 7.10 Techrights

GNOME bluefish

Contents

GNU/Linux

  • Now Just Five Men Own Almost as Much Wealth as Half the Worlds Population

    Why Do We Let Unqualified Rich People Tell Us How To Live? Especially Bill Gates!

    In 1975, at the age of 20, Bill Gates founded Microsoft with high school buddy Paul Allen. At the time Gary Kildalls CP/M operating system was the industry standard. Even Gates company used it. But Kildall was an innovator, not a businessman, and when IBM came calling for an OS for the new IBM PC, his delays drove the big mainframe company to Gates. Even though the newly established Microsoft company couldnt fill IBMs needs, Gates and Allen saw an opportunity, and so they hurriedly bought the rights to another local companys OS which was based on Kildalls CP/M system. Kildall wanted to sue, but intellectual property [sic] law for software had not yet been established. Kildall was a maker who got taken.

    So Bill Gates took from others to become the richest man in the world. And now, because of his great wealth and the meritocracy myth, MANY PEOPLE LOOK TO HIM FOR SOLUTIONS IN VITAL AREAS OF HUMAN NEED, such as education and global food production.

  • Hackers Turn the Nintendo Switch into a Linux Tablet with KDE Plasma Desktop
  • Nintendo Switch has been hacked to run full-fat Linux

    The fail0verflow nerds got Linux running on the Switch by using code execution, though they didnt say how they got around Nintendos own operating system and boot process to load up Linux.

  • Hackers have turned the Nintendo Switch into a functional Linux tablet
  • ...

05:42

U.S. Abandons Extradition Case Against Lauri Love SoylentNews

Lauri Love case: US abandons extradition case

Efforts to extradite alleged computer hacker Lauri Love have been abandoned by US authorities.

[...] Mr Love said he may help UK investigators to bring charges to get the case "over and done with".

American authorities confirmed they will not fight a High Court decision to block Mr Love's extradition to the US, on the grounds it would be "oppressive". A Crown Prosecution Service spokesman confirmed Mr Love will not be extradited.

Also at Bloomberg and The Hill.

Previously: Lauri Love to be Extradited to the U.S.
Lauri Love's Appeal Will be Heard in the UK on November 28th and 29th
Cracking Suspect Lauri Love Wins Appeal Against Extradition to US


Original Submission

Read more of this story at SoylentNews.

05:08

Hack In The Box announces keynote speakers for 2018 Amsterdam event Help Net Security

Hack In The Box Security Conference (HITBSecConf) is returning to Amsterdam in April this year with more than 70 speakers who will take to stage. This years marks the 9th annual HITBSecConf in Europe, and will run from April 9th to 13th at the NH Grand Krasnapolsky. Keynotes Michel van Eeten, Professor of Cybersecurity at Delft University of Technology will deliver the welcome address on 12 April Following this, the first keynote address will be More

05:00

Vera Rubin: Shedding Light on Dark Matter Hackaday

Vera sat hunched in the alcove at Kitt Peak observatory, poring over punch cards. The data was the same as it had been at Lowell, at Palomar, and every other telescope shed peered through in her feverish race to collect the orbital velocities of stars in Andromeda. Although the data was perfectly clear, the problem it posed was puzzling. If the stars at the edges of spiral galaxy were moving as fast as the ones in the center, but the pull of gravity was weaker, how did they keep from flying off? The only possible answer was that Andromeda contained some kind of unseen matter and this invisible stuff was keeping the galaxy together.

Though the idea seemed radical, it wasnt an entirely new one. In 1933, Swiss astronomer Fritz Zwicky made an amazing discovery that was bound to bring him fame and fortune. While trying to calculate the total mass of the galaxies that make up the Coma Cluster, he found that the mass calculation based on galaxy speed was about ten times higher than the one based on total light output. With this data as proof, he proposed that much of the universe is made of something undetectable, but undeniably real. He dubbed it Dunkle Materie: Dark Matter.

But Zwicky was an insufferable jerk who regularly bad-mouthed his colleagues and other astronomers in general. As a result, his wild theory was poorly received and subsequently shelved until the 1970s, when astronomer Vera Rubin made the same discovery using a high-powered spectrograph. Her findings seemed to provide solid evidence of the controversial theory Zwicky had offered forty years earlier.

...

05:00

Imec Boosts Bluetooth Battery Life IEEE Spectrum Recent Content full text

Low-voltage circuit extends battery life by 50 percent Photo Imec

A Bluetooth transceiver design that dramatically boosts battery life could enable richer sensor networks and extend the lifetime of implanted medical devices. At the International Solid-State Circuits Conference in San Francisco this week, engineers from European research organization imec and Renesas Electronics Corporation (a semiconductor company in Tokyo) showed off the record-low-voltage communications chip.

Over the past eight years, engineers have brought down Bluetooth power consumption by a factor of ten, says Christian Bachmann, program manager for ultralow power wireless systems at imec Holst Centre in Eindhoven, Netherlands. The imec transceiver, which meets the Bluetooth 5 standard, uses 0.8 volts, down from a full volt. That reduction is enough to extend battery life by 50 percent. This achieves another power of five reduction and will enable new applications, Bachmann says.

Bachmann is excited about the potential for ultralow-power communications not only to extend battery life in conventional applications, but also to open up new ones. For wireless sensor networks, communications are the power bottleneck, says Bachmann. Power-hungry transceivers can rule out the use of low-voltage printed batteries and energy harvesters. More efficient transceivers could open up new possibilities for wearable electronics and distributed sensor networks.

04:58

There's Experimental Work On A Vulkan Renderer For KDE's KWin Phoronix

There is an experimental branch of KDE's KWin window manager / compositor with support for Vulkan compositing...

04:43

Big tech lobbying groups push Treasury to speak out on EU tax proposal The Hill: Technology Policy

Top technology trade associations are pushing the Trump administration to fight back against an expected European Union tax proposal.Lobbying groups for major firms like Google, Amazon and Apple say the firms are worried by the...

04:42

This Is the Most Distant Confirmed Supernova Ever Observed Lifeboat News: The Blog

Supernovae are already some of the brightest explosions in the universebut theres more mysterious type, called superluminous supernovae, that can shine a hundred times brighter than the usual ones. And on August 22, 2016, astronomers spotted one whose light traveled over 10 billion years to reach us.

The discovery of the event, called DES16C2nm, was exciting enough on its own since it would normally have been invisible to telescopes if not for the fact that the universe is expanding, thus stretching the light from the explosion into wavelengths we can see from Earth. More generally, these flashes can tell the story of our universe, like what kinds of stuff lives between stars in distant galaxies, and other quirks of the cosmos.

The more distant supernovae we see, the more information we get on those stars. one of the studys authors, Charlotte Angus from the University of Southampton in the United Kingdom, told Gizmodo.

04:33

Hackers Exploite Tegra Chipset Flaw to Run Linux OS on Nintendo Switch HackRead

By Waqas

The exploit is unpatched putting Nintendo Switch devices at risk.

This is a post from HackRead.com Read the original post: Hackers Exploite Tegra Chipset Flaw to Run Linux OS on Nintendo Switch

04:10

Aerojet Rocketdyne Seeks More U.S. Air Force Funding for AR1 Rocket Engine SoylentNews

Aerojet Rocketdyne wants the U.S. Air Force to contribute more funding for the development of its AR1 rocket engine. But that may be a hard sell when the mostly privately funded BE-4 from Blue Origin is close to being ready to fly:

In recent years, Aerojet has sought funding from the US Air Force to design and build the AR1, which has approximately 20 percent more thrust than a space shuttle main engine. The Air Force, in turn, has pledged as much as $536 million in development costs provided that Aerojet puts its own skin in the gameabout one-third of research and development expenses.

According to a new report in Space News, Aerojet is now saying that even this modest investment is too much, and the company is seeking to reduce its share of the development costs from one-third to one-sixth. "As we look to the next phase of this contract, we are working with the Air Force on a smart and equitable cost-share," Aerojet spokesman Steve Warren told the publication. "We are committed to delivering an engine in 2019."

According to the report, the Air Force is not inclined to renegotiate the agreement. The Air Force's hesitation to increase its investment is probably because the military may not really need the AR1 rocket engine any more due to the emergence of Blue Origin, the rocket company founded by Amazon founder Jeff Bezos.

Related: Blue Origin Will Build its Rocket Engine in Alabama
NASA Opens Door to Possibly Lowering SLS Cost Using Blue Origin's Engines
After the Falcon Heavy Launch, Time to Defund the Space Launch System?


Original Submission

Read more of this story at SoylentNews.

04:04

US, UK regulators join forces on regulating financial technology firms The Hill: Technology Policy

Two top U.S. and British trading watchdogs have agreed to join forces on efforts to help financial technology companies navigate regulations.The U.S. Commodity Futures Trading Commission (CFTC) and the United Kingdom's Financial Conduct...

03:54

Oversight Dems urge Equifax to extend protections for breach victims The Hill: Technology Policy

A group of House Democrats is urging Equifax to extend protections for those affected by its massive data breach last year, arguing that the credit bureaus offering is inadequate.Every Democrat on the House Oversight and Government Reform Committee...

03:31

Expected changes in IT/OT convergence and industrial security Help Net Security

Ten years ago, I was brought into the industrial security arena by a top company executive in who was convinced that we needed traditional endpoint protection on smart meters. I had spent fifteen years before that in enterprise security, so it took a while to shape my focus around the nature of the problem of IT/OT convergence and industrial security. I have had the pleasure of being on both sides of the fence from More

03:30

ESP-01 Bridges the Gap Between IR and WiFi Hackaday

[Emilio Ficara] dropped us a line recently about his efforts to drag his television and receiver kicking and screaming into the modern era. His TV is old enough that it needs an external tuner, which means it requires two separate remotes to properly channel surf. He wanted to simplify the situation, and figured that while he was at it he might as well make the whole thing controllable over WiFi.

To begin the project, [Emilio] had to capture the IR signals from the two remotes he wanted to emulate. He put together a quick little IR receiver out of parts he had in the junk bin which would connect up to his computers microphone port. He then used an open source IR protocol analyzer to capture the codes and decode them into hex values.

As a proof of concept he came up with a little device that combines an ESP-01 with an ATmega88. The ESP-01 runs a minimal web server that receives hex codes as URL query strings. These hex codes are then interpreted by the ATmega88 and sent out over the IR LED. [Emilio] notes that driving the IR LED directly off of the ATmega pin results in fairly low range of around one meter, but thats good enough for his purposes. If you want to drive the IR LED with more power, youll need to add a transistor to do the switching.

...

03:10

Security updates for Tuesday LWN.net

Security updates have been issued by Debian (libav), Gentoo (chromium, firefox, libreoffice, mysql, and ruby), SUSE (kernel), and Ubuntu (bind9).

02:51

Flight Sim Lab installed Chrome passwords stealer in piracy check tool HackRead

By Waqas

Flight Simulator Lab is caught secretly installing a software which

This is a post from HackRead.com Read the original post: Flight Sim Lab installed Chrome passwords stealer in piracy check tool

02:44

Google's Project Zero Discloses Microsoft Edge Vulnerability SoylentNews

Google's Project Zero has disclosed a vulnerability in the Microsoft Edge web browser that bypasses the browser's Arbitrary Code Guard (ACG). Project Zero disclosed the bug 14 days after the end of the usual 90-day period, but it apparently wasn't enough time for Microsoft to patch it:

Google's Project Zero initiative tasks its security researchers with finding flaws in various software products developed by the company itself as well as other firms. Back in 2016, it revealed a serious vulnerability present in Windows 10, and reported a "crazy bad vulnerability" in Windows in 2017. Now, the firm has disclosed another security flaw in Microsoft Edge, after the Redmond giant failed to fix it in the allotted time.

[...] According to the Microsoft Security Response Center (MSRC), the problem turned out to be more complex than initially believed, due to which it was given an additional 14-day grace period by Google. Although the company missed this deadline in its February Patch Tuesday too - which forced Google to make the flaw public - Microsoft is confident that it will resolve the issue by March 13, aligning the shipment of the fix with the Patch Tuesday in March.

Also at The Verge and BetaNews.


Original Submission

Read more of this story at SoylentNews.

02:01

Deconstructing A Simple Op-Amp Hackaday

Maybe you are familiar with the op-amp as an extremely versatile component, and you know how to quickly construct a huge variety of circuits with one. Maybe you even have a favorite op-amp or two for different applications, covering many possible niches. Standard circuits such as an inverting amplifier are your bread and butter, and the formula gain=-Rf/Ri is tattooed on your forearm.

But you can know how to use op-amps without really knowing how they work. Have you ever peered under the hood of an op-amp to find out whats going on in there? Would you like to? Lets take a simple device and examine it, piece by piece.

The First IC Op-amp

The Fairchild A702 was the first integrated circuit op-amp, a then-revolutionary component designed by Bob Widlar and first brought to market in 1964. Though it was long-ago deleted from semiconductor catalogues it has the advantage of an extremely simple internal circuit, one that can be easily explained in an article such as this one.

The A702's internal circuit, as shown on its data sheet.The A702s internal circuit, as shown on its dat...

02:00

How to Get Started Using WSL in Windows 10

Title: 
How to Get Started Using WSL in Windows 10

02:00

ArchHosting 2GB KVM + SSD + DDoS Protection starting @ $5.99/mo! Low End Box

Hey everyone, Liam from ArchHosting is back after just a little over a year since their last offer and they have some nice speedy services to offer with DDoS protection included as well!

Heres a note from Liam:

Arch Hosting excels in offering premium web hosting and virtual servers at lightning fast speeds with insanely high reliability while still offering competitive and affordable prices. Weve been in business since 2015, and have previously been featured on LEB a year ago in February, 2017. Since then, weve been featured on websites such as Android Authority and TheNextWeb. These offers are special because theyre powered by a solid infrastructure, and our support team is focused on providing an impeccable user experience. Dont take our word for it check out some of our many positive reviews. Were offering some high RAM KVM VPS today, with a limited opening stock.

Theyre a registered company under the name Arch Industries our of Los Angeles, California (#2017107486) and their WHOIS is public. You can find their ToS and Legal Docs here. 

They currently accept PayPal, Credit/Debit Cards and Bitcoin (along with other crypto).

Anyways, heres the offer:

LEB Exclusive x1
  • 2GB RAM
  • 1 x vCore
  • 10GB Storage Space (SSD)
  • 1TB Bandwidth
  • 1Gbps
  • 1 x IPv4
  • KVM (Virtualizor)
  • $5.99/mo
  • [Order Now]
LEB Exclusive x2
  • 4GB RAM
  • 2 x vCores
  • 15GB Storage Space (SSD)
  • 1TB Bandwidth
  • 1Gbps
  • 1 x IPv4
  • KVM (Virtualizor)
  • $10.99/mo***
  • [Order Now]

More information after the break!

***(You may have noticed the 4GB plan goes $0.99 over our $10/mo limit on self-managed virtual machines. We are temporarily allowing this for any provider as long as it is within reason while we aim to find the best price point for our readers!)***

Network Info: 

Datacenter/TestIP Info
Datacenter Name Location: QuadraNet Los Angeles, USA
Test IPv4: 216.45.55.35
Test IPv6: 2607:fcd0:106:5c00::9a10:7ed7...

02:00

DNA Data Storage Gets Random Access IEEE Spectrum Recent Content full text

Researchers have devised a system to recover targeted files from 200 megabytes of data encoded in DNA Illustration: iStockphoto

DNA data storage just got bigger and better. Scientists have reported the first random-access storage system from which they can recover individual data files, error free, from over 200 megabytes of digital information encoded into DNA.

Random access is key for a practical DNA-based memory, but until now, researchers have been able to achieve it with only up to 0.15 megabytes of data.

Since submitting their research, published in Nature Biotechnology , the team from Microsoft Research and the University of Washington has already improved on what they reported. Their storage system now offers random access across 400 megabytes of data encoded in DNA with no bit errors, says Microsoft Researchs Karin Strauss, who led the new work with Luis Ceze from the University of Washington.

Microsoft and other tech companies are seriously considering the possibility of archiving data in DNA. Current data storage technologies are not keeping up with the breakneck pace at which we generate digital content, Strauss says. Synthetic DNA is an attractive storage medium because it can, in theory, store 10 million times as much data as magnetic tape in the same volume, and it survives for thousands of years. Technology Review reports that Microsoft Research aims to have an operational DNA-based storage system working inside a data center toward the end of this decade.

DNA data storage involves translating the binary 0s and 1s of digital data into sequences of the four bases A, C, G, and T that make up DNA. The encoded sequences are synthesized and stored in vials. A DNA sequencing machine then decodes the data by recovering the sequences from DNA molecules. But it has been hard to access specific data files. Most research efforts until now have sequenced and decoded the entire bulk of the information stored in a vial. It is not economical to sequence all the data you have stored every time you want to read a portion of it, Strauss says. 

To make a random access system, Strauss, Ceze, and their colleagues devised clever coding algorithms and turned to the polymerase chain reaction, a well-known lab technique used to make thousands of copies of DNA strands, called amplifying DNA.

The researchers worked with 35 files ranging in size from 29 kilobytes to over 44 MB,...

01:50

New Wine-Vulkan Patches Are Under Review Phoronix

Roderick Colenbrander's Wine-Vulkan work for Vulkan infrastructure support under Wine has been updated and is ready for review, making these initial bits a candidate for soon being incorporated into mainline Wine...

01:00

Study Identifies Decline in Lung Function Associated With Use of Cleaning Sprays SoylentNews

Impact of Cleaning Products on Women's Lungs as Damaging as 20-a-Day Cigarette Habit: Study

Regular use of cleaning sprays can have as much of an impact on health as smoking a pack of cigarettes a day, according to a new study. Scientists at Norway's University of Bergen tracked 6,000 people, with an average age of 34 at the time of enrolement in the study, who used the products over a period of two decades, according to the research published in the American Thoracic Society's American Journal of Respiratory and Critical Care Medicine [open, DOI: 10.1164/rccm.201706-1311OC] [DX].

They found that lung function decline in women regularly using the products, such as cleaners, was equivalent over the period to those with a 20 cigarettes a day smoking habit. [...] The experts attribute the decline in lung function to the damage that cleaning agents cause to the mucous membranes lining the airways, resulting over time in persistent changes.

The results follow a study by French scientists in September 2017 that found nurses who used disinfectants to clean surfaces at least once a week had a 24 percent to 32 percent increased risk of developing lung disease.


Original Submission

Read more of this story at SoylentNews.

00:54

Facebook exec apologizes for claim that Russian goal wasnt to sway election: report The Hill: Technology Policy

Facebooks vice president of ads apologized for his claim that the goal of Russian ads on the social media platform was not to sway the 2016 presidential election.I wanted to apologize for having tweeted my own view about Russian interference...

00:51

Facebook SMS spam risks spoiling adoption of 2FA Graham Cluley

Facebook lock thumb

It's hard enough getting people to turn on 2FA without sites using it to send non-security notifications.

00:45

Hyundais Hydrogen-Powered, Self-Driving SUV Runs on Level 4 Autonomy Lifeboat News: The Blog

Hyundai recently showcased that their latest autonomous SUV, Nexo, can deliver Level 4 autonomy. Its electric motor runs on hydrogen fuel.

00:44

Add-on clip turns smartphone into fully operational microscope Lifeboat News: The Blog

Australian researchers from the ARC Centre of Excellence for Nanoscale BioPhotonics (CNBP) have developed a 3D printable clip-on that can turn any smartphone into a fully functional microscope.

Reported in the research journal Scientific Reports, the smartphone microscope is powerful enough to visualise specimens as small as 1/200th of a millimetre, including microscopic organisms, animal and plant cells, blood cells, cell nuclei and more.

The clip-on technology is unique in that it requires no external power or light source to work yet offers high-powered microscopic performance in a robust and mobile handheld package.

00:44

Japan has just invented Robo-bees that can legitimately pollinate the earth Lifeboat News: The Blog

In an example of life imitating art, scientists have come up with a technology straight out of an episode of Black Mirror: Bee-like pollinating drones.

A team at the National Institute of Advanced Industrial Science and Technology (AIST) in Japan engineered the devices using a combination of horsehair, $USD 100 drones and a sticky ion gel.

Its pretty simple really first, the drones fly into flowers much like a bee would. Inside the flower, pollen gets stuck to the drone due to the combination of the ion gel and horsehair. That same pollen is then shaken off into the next flower, and so on. Its just your run of the mill birds and the robots bees.

00:44

Researchers Have Created a New Camera Capable of Seeing Through the Human Body Lifeboat News: The Blog

For many years doctors have been able to get a look inside a persons body using X-ray scans, or placing a tiny camera inside the body. But those tools provide a limited view and can only reveal so much. A recently developed camera, however, may give doctors the ability to see everything happening in the human body, no matter where it is.

The camera was developed by researchers from the University of Edinburgh, and its meant to work while paired with an endoscope a long, slender piece of equipment that usually has a camera, sensors, and lights at its tip.

Light emitted by the endoscope typically scatters when it comes into contact with structures within the body, such as body tissue, but the new camera is able to pick up on it thanks to the photon detectors inside of it. The camera is able to detect light sources behind as much as 20 centimeters (7.9 inches) of bodily tissue.

00:44

DeepMinds latest AI transfers its learning to new tasks Lifeboat News: The Blog

By using insights from one job to help it do another, a successful new artificial intelligence hints at a more versatile future for machine learning.

Backstory: Most algorithms can be trained in only one domain, and cant use whats been learned for one task to perform another, new one. A big hope for AI is to have systems take insights from one setting and apply them elsewherewhats called transfer learning.

Whats new: DeepMind built a new AI system called IMPALA that simultaneously performs multiple tasksin this case, playing 57 Atari gamesand attempts to share learning between them. It showed signs of transferring what was learned from one game to another.

00:43

Entangled universe: Could wormholes hold the cosmos together? Lifeboat News: The Blog

Weird connections through space-time might make reality real, giving us a promising new route to a theory of everything.

00:43

Thats odd: Quantum entanglement mangles space and time Lifeboat News: The Blog

Spooky action at a distance the dislocated effect of the quantum world is real without a doubt. So the problem must lie in our perception of space and time.

00:42

DNA designer bodies are no longer the stuff of science fiction Lifeboat News: The Blog

Entrepreneur Juan Enriquez has outlined a future where we will be able to survive in extreme environments and even hack our memory thanks to DNA manipulation.

00:32

Russian bots turn to gun control after Florida high school shooting: report The Hill: Technology Policy

Twitter accounts with suspected ties to Russian actors have sent a series of posts and hashtags on the gun violence debate sweeping across the U.S. following the deadly shooting at a high school in Parkland, Fla., last week, according to The...

00:28

Benchmarking Amazon EC2 Instances vs. Various Intel/AMD CPUs Phoronix

Given the recent performance changes following the Spectre/Meltdown CPU vulnerability mitigation and having just wrapped up some fresh CPU bare metal benchmarks as part of that testing as well as the recent AMD Raven Ridge launch, I've carried out a fresh round this week of benchmarks on various Amazon EC2 on-demand instance types compared to a number of bare metal Intel and AMD processors in looking at how the compute performance compares.

00:00

Apple fixes 'killer text bomb' vulnerability with new update for iOS, macOS, watchOS, and tvOS Graham Cluley

Apple released updates on Monday that will protect owners of iPhones, iPads, iMacs, MacBooks, iMac Pros, Apple Watches, and (phew!) Apple TVs from having toerags crash their devices.

Tuesday, 20 February

23:41

Re: CVE-2017-17712 net/ipv4/raw.c: raw_sendmsg() race condition Open Source Security

Posted by Mohamed Ghannam on Feb 20

Hi,

It looks great!, awesome work

Cheers,
Mohamed

2018-02-20 9:45 GMT+00:00 Alexander Popov <alex.popov () linux com>:

23:38

Ubuntu Wants PCs' Vital Stats Like Location And Makes Users "Opt Out" SoylentNews

The Register spotted Ubuntu behaving badly again with respect to users' privacy. In their article "Ubuntu wants to slurp PCs' vital statistics even location with new desktop installs: Data harvest notice will be checked by default", they note that in addition to installing popcon and apport by default, Canonical seeks much deeper data mining (without using the word "telemetry"):

[...] "We want to be able to focus our engineering efforts on the things that matter most to our users, and in order to do that we need to get some more data about sort of setups our users have and which software they are running on it," explained Will Cooke, the director of Ubuntu Desktop at Canonical.

[...] Data Canonical seeks "would include" the following: Ubuntu Flavour, Ubuntu Version, Network connectivity or not, CPU family, RAM, Disk(s) size, Screen(s) resolution, GPU vendor and model, OEM Manufacturer, Location (based on the location selection made by the user at install). No IP information would be gathered, Installation duration (time taken), Auto login enabled or not, Disk layout selected, Third party software selected or not, Download updates during install or not, [and] LivePatch enabled or not.

The system plans to leverage the power of the default setting by making the choice opt-out, not opt-in as popcon has been in the past: Cooke explained to the ubuntu-devel audience that "Any user can simply opt out by unchecking the box, which triggers one simple POST stating, 'diagnostics=false'. There will be a corresponding checkbox in the Privacy panel of GNOME Settings to toggle the state of this."

El Reg also noted Ubuntu's plan to address user privacy concerns:

"The Ubuntu privacy policy would be updated to reflect this change."

This seems less egregious than Ubuntu's past invasions of privacy, but much more invasive and Windows 10-like.


Original Submission

Read more of this story at SoylentNews.

23:18

Multiple Persistent XSS vulnerabilities in Radiant Content Management System Bugtraq

Posted by suparna . kachru on Feb 20

*1. Introduction*

Vendor : Radiant
Affected Product : Radiant CMS 1.1.4
Fixed in : NA
Vendor Website : http://radiantcms.org/
Vulnerability Type : Persistent XSS
Remote Exploitable : Yes
CVE External Identifier : CVE-2018-7261

*2. Overview*

Technical Description:

There are multiple Persistent XSS vulnerabilities in Radiant Content Management System. These vulnerabilities exists
due to...

23:00

The Strange Physics of Curling Hackaday

It turns out that curling involves some complex physics. [Destin] of Smarter Every Day has jumped in to find out why scientists on opposite sides of the Atlantic disagree about why curling stones curl.

If youve been watching the Olympics, youve probably seen some curling, the Scottish sport of competitively pushing stones on ice. As the name implies, curling stones dont go straight. The thrower pushes them with a bit of rotation, and the stones curve in the direction they are rotating. This is exactly the opposite of what one would expect try it yourself with an inverted drinking glass on a smooth table.  The glass will curl opposite the direction of rotation. Clockwise spin will result in a curl to the left, counterclockwise in a curl to the right.

The cup makes sense when you think about the asymmetrical friction involved. The cup is slowing down, which means more pressure on the leading edge. The rotating leading edge pushes harder against the table and causes the cup to curl opposite the direction of rotation.

The problem is that curling stones dont do this. Scientists at Uppsala University in Sweden believe it is due to the scratch theory the leading edge of the stone scratches the ice as it passes, which imparts a force on the trailing edge of the stone.

Dr. Mark Shegelski from Canadas University of Northern British Columbia disagrees. H...

22:58

How to use Chomper Internet blocker for Linux to increase productivity nixCraft

Chomper is a free and open source Python cli for Linux desktop. It lets you block access to distracting websites for specified periods of time. The program is intended to help you with issues being productive on a desktop due to Internet distractions. One can set a period to block websites. Until that timer expires, you will be unable to access sites.

The post How to use Chomper Internet blocker for Linux to increase productivity appeared first on nixCraft.

22:53

Vega Gets Its Last Fix For Dawn of War III On Linux With Vulkan Phoronix

Samuel Pitoiset of Valve has worked through the last of the Dawn of War 3 issues for Radeon Vega GPUs with the RADV Vulkan driver...

22:51

Money Laundering Via Author Impersonation on Amazon? Krebs on Security

Patrick Reames had no idea why Amazon.com sent him a 1099 form saying hed made almost $24,000 selling books via Createspace, the companys on-demand publishing arm. That is, until he searched the site for his name and discovered someone has been using it to peddle a $555 book thats full of nothing but gibberish.

The phony $555 book sold more than 60 times on Amazon using Patrick Reames name and Social Security number.

Reames is a credited author on Amazon by way of several commodity industry books, although none of them made anywhere near the amount Amazon is reporting to the Internal Revenue Service. Nor does he have a personal account with Createspace.

But that didnt stop someone from publishing a novel under his name. That word is in quotations because the publication appears to be little more than computer-generated text, almost like the gibberish one might find in a spam email.

Based on what I could see from the sneak peak function, the book was nothing more than a computer generated story with no structure, chapters or paragraphs only lines of text with a carriage return after each sentence, Reames said in an interview with KrebsOnSecurity.

The impersonator priced the book at $555 and it was posted to multiple Amazon sites in different countries. The book which as been removed from most Amazon country pages as of a few days ago is titled Lower Days Ahead, and was published on Oct 7, 2017.

Reames said he suspects someone has been buying the book using stolen credit and/or debit cards, and pocketing the 60 percent that Amazon gives to authors. At $555 a pop, it would only take approximately 70 sales over three months to rack up the earnings that Amazon said he made.

This book is very unlikely to ever sell on its own, much less sell enough copies in 12 weeks to generate that level of revenue, Reames said. As such, I assume it was used for money laundering, in addition to tax fraud/evasion by using my Social Security number. Amazon refuses to issue a corrected 1099 or provide me with any information I can use to determine where or how they were remitting the royalties.

Reames said the books he has sold on Amazon under his name were done through his publisher, not directly via a persona...

22:06

Mr. Rogers' Neighborhood 50th Anniversary SoylentNews

The first episode of "Mister Rogers' Neighborhood" was broadcast on PBS on February 19, 1968. Fifty years later, the program is still being shown on public television stations, to the delight of both children and adults. Though he passed away in 2003, Fred Rogers' philosophy continues to influence children's television today.

http://wvxu.org/post/mr-rogers-neighborhood-50th-anniversary

http://www.indiewire.com/2018/02/mister-rogers-50th-anniversary-highlight-video-michael-keaton-watch-1201929367/

https://www.usatoday.com/story/life/tv/2018/02/15/5-ways-celebrate-mister-rogers-neighborhood-its-50th-anniversary/333208002/


Original Submission

Read more of this story at SoylentNews.

22:05

GitHub Predicts Hottest 2018 Open Source Trends

According to the GitHubs announcement of its findings, the company looked at three different types of activity. It identified the top 100 projects that had at least 2,000 contributors in 2016 and experienced the largest increase in contributors in 2017. It also identified the top 100 projects that received the largest increase in visits to the projects repo in 2017. It also identified the top 100 projects that received the most new stars in 2017.

21:52

Replacing Patent Sharks/Trolls and the Patent Mafia With Icons Like Thomas Edison Techrights

Dolphins and innovation not quite what the optimistic vision of patent systems led to

Dolphin

Summary: The popular perceptions of patents and the sobering reality of what patents (more so nowadays) mean to actual inventors who arent associated with global behemoths such as IBM or Siemens

WHEN I was a lot younger I was told that patents were supposed to make life better. When I won some competitions which the media covered it oddly enough chose to frame that as our youth is getting us lots of patents (I still have that newspaper headline preserved). But we hadnt applied for any patents. We had no interest in patents. I was in charge of finances for that particular project, which flew us to Denmark to represent the country. That was a long time ago, almost exactly 20 years ago. Back then I (aged 15-16) knew next to nothing about patents, except by name. I had only done programming for a year or two. I could do electronics (relatively simple circuitry, which our next project revolved around a gadget to be attached to doors).

Back then I (aged 15-16) knew next to nothing about patents, except by name.Anyway, this post isnt about my school days; the point is, a lot of people know next to nothing about patents. My mother still knows next to nothing about them (she thinks theyre synonymous with things that do clever things), so Ive quit trying to explain that to her. It would probably be interesting to give people a 10-question survey in order to understand just what proportion of the population really understands what patents are and how they work.

Yesterday (February 19th) this press release said that Siemens had joined an LTE patent pool. Good for Siemens. They can afford it. They have the money and the patents. But what about those who arent a multi-billion, multi-national, multi-faceted corporation like Siemens? What about that legendary (or mythical) lone wolf, small guy, independent inventor? That sort of inventor just looks at these pools as a rich peoples club, intended for the most part to guard them from competition. Its like a cartel, to put it quite bluntly

Well never forget how Siemens lobbied for software patents in Europe (something which the EPO practices now). We wrote a lot of articles about that at the time...

21:49

Vulkan 1.0.69 Released With Fixes & New AMD Buffer Marker Extension Phoronix

While waiting to see what Khronos could have in store for GDC 2018 next month around Vulkan, today marks the Vulkan 1.0.69 point release availability...

21:47

Copyright Trolls Target Up to 22,000 Norwegians for Movie Piracy TorrentFreak

Last January it was revealed that after things had become tricky in the US, the copyright trolls behind the action movie London Has Fallen were testing out the Norwegian market.

Reports emerged of letters being sent out to local Internet users by Danish law firm Njord Law, each demanding a cash payment of 2,700 NOK (around US$345). Failure to comply, the company claimed, could result in a court case and damages of around $12,000.

The move caused outrage locally, with consumer advice groups advising people not to pay and even major anti-piracy groups distancing themselves from the action. However, in May 2017 it appeared that progress had been made in stopping the advance of the trolls when another Njord Law case running since 2015 hit the rocks.

The law firm previously sent a request to the Oslo District Court on behalf of entertainment company Scanbox asking ISP Telenor to hand over subscribers details. In May 2016, Scanbox won its case and Telenor was ordered to hand over the information.

On appeal, however, the tables were turned when it was decided that evidence supplied by the law firm failed to show that sharing carried out by subscribers was substantial.

Undeterred, Njord Law took the case all the way to the Supreme Court. The company lost when a panel of judges found that the evidence presented against Telenors customers wasnt good enough to prove infringement beyond a certain threshold. But Njord Law still wasnt done.

More than six months on, the ruling from the Supreme Court only seems to have provided the company with a template. If the law firm could show that the scale of sharing exceeds the threshold set by Norways highest court, then disclosure could be obtained. That appears to be the case now.

In a ruling handed down by the Oslo District Court in January, its revealed that Njord Law and its partners handed over evidence which shows 23,375 IP addresses engaged in varying amounts of infringing behavior over an extended period. The ISP they have targeted is being kept secret by the court but is believed to be Telenor.

Using information supplied by German anti-piracy outfit MaverickEye (which is involved in numerous copyright troll cases globally), Njord Law set out to show that the conduct of the alleged pirates had been exceptional for a variety of reasons, categorizing them variously (but non-exclusively) as follows:

IP addresses involved in BitTorrent swarm sizes greater than 10,000 peers/pirates
IP addresses that have shared at least two of the plaintiffs&...

21:28

Qt 5.11 Alpha Released With Many Toolkit Additions Phoronix

Hitting right on time even when the branching was running one week late is the first alpha release for the upcoming Qt 5.11 tool-kit update...

21:20

Rookies Guide to Ethereum and Blockchain

Title: 
Rookies Guide to Ethereum and Blockchain

21:10

RadeonSI Now Offers NIR Shader Cache Support Phoronix

Earlier this month Valve Linux GPU driver developer Timothy Arceri landed NIR shader caching support within the Gallium3D Mesa state tracker as an alternative to the existing TGSI IR caching support. Arceri has now worked through implementing this NIR cache support for the RadeonSI driver...

21:01

Re: CVE-2017-17712 net/ipv4/raw.c: raw_sendmsg() race condition Open Source Security

Posted by Alexander Popov on Feb 20

Hello Mohamed,

Thanks a lot for your report, PoC and patch fixing the issue. Really great!

The exploitation of this kind of vulnerabilities should be blocked by STACKLEAK.

STACKLEAK is a Linux kernel hardening feature initially developed by
Grsecurity/PaX. I'm doing my best to introduce it to the mainline kernel:
http://www.openwall.com/lists/kernel-hardening/2018/02/16/2

I've tested your PoC against the kernel with STACKLEAK. The...

21:01

Jolla Pushes Out Sailfish OS 2.1.4 Into Early Access Phoronix

For those still interested in Jolla's Linux-based but locked down Sailfish mobile operating system, the Sailfish OS 2.1.4 release is now available to early access users...

21:00

AT&T Sharpens Edge With New Open Source Effort, Test Lab Launch

AT&T is continuing its aggressive edge computing push, today announcing that its first test zone for edge applications is up and running at its AT&T Foundry in Palo Alto, Calif., and that it is creating a new open source project focused on automated, distributed cloud infrastructure for carrier and enterprise networks.

20:36

Understanding SELinux Labels for Container Runtimes

"I've just started to deal with some software that is containerized via Docker, and which is ordinarily only ever run on Ubuntu. Naturally this means nobody ever put any thought into how it will interact with SELinux.

"I know that containers get a pair of randomly chosen MCS [Multi-Category Security] labels by default, and that the files they create obviously end up with those same categories. However, when it's time to rebuild or upgrade the container, the files are now inaccessible because the new container has a different pair of categories.

20:30

What is LLVM? The Power Behind Swift, Rust, Clang, and More

LLVM makes it easier to not only create new languages, but to enhance the development of existing ones. It provides tools for automating many of the most thankless parts of the task of language creation: creating a compiler, porting the outputted code to multiple platforms and architectures, and writing code to handle common language metaphors like exceptions. Its liberal licensing means it can be freely reused as a software component or deployed as a service.

20:00

Linux: To Recurse or Not

Linux and recursion are on very good speaking terms. In fact, a number of Linux commands recurse without ever being asked, while others have to be coaxed with just the right option.

When is recursion most helpful and how can you use it to make your tasks easier? Lets run through some useful examples and see.

18:47

RubyGems 2.7.6 addresses several flaws and implements some improvements Security Affairs

The RubyGems 2.7.6 update released last week for RubyGems includes several security improvements and addresses several types of vulnerabilities.

The new RubyGems 2.7.6 release addresses several vulnerabilities in Ruby Gems and implements several security improvements.

The updates prevent path traversal when writing to a symlinked basedir outside of the root and during gem installation.

RubyGems 2.7.6

The updates also address a cross-site scripting (XSS) vulnerability in the homepage attribute when displayed via gem server and an Unsafe Object Deserialization issue in gem owner.

The new RubyGems release raises a security error when there are duplicate files in a package and enforce URL validation on spec homepage attribute.

To update to the latest RubyGems you can run:

gem update --system

Pierluigi Paganini

(Security Affairs  RubyGems, security)

The post...

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog