IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Thursday, 16 August


Networking vendors patch against new cryptographic attack Help Net Security

Vulnerable IPSec IKE implementations used in Cisco, Huawei, ZyXel and Clavister networking devices can allow attackers to retrieve session keys and decrypt connections, researchers have found. The attack Dennis Felsch, Martin Grothe and Jrg Schwenk from Ruhr-Universitt Bochum, and Adam Czubak and Marcin Szymanek of the University of Opole are scheduled to demonstrate the new attack this week at the USENIX Security Symposium in Baltimore. In the meantime, they published a paper about their discovery. More

The post Networking vendors patch against new cryptographic attack appeared first on Help Net Security.


Masergy announces interoperability of global UCaaS with Cisco IP endpoints Help Net Security

Masergy announced the expansion of its UCaaS offering to include collaboration endpoints from Ciscos 8800 and 6800 series. This news highlights Masergys continued commitment to accommodate a variety of IP phones that are certified with its feature-rich Global UCaaS and Cloud Contact Center solutions. Todays global workforce requires advanced collaboration platforms to drive increased productivity, said Dean Manzoori, vice president of product management UCaaS, Masergy. As enterprises rapidly incorporate cloud-based unified communications services, Masergy is More

The post Masergy announces interoperability of global UCaaS with Cisco IP endpoints appeared first on Help Net Security.


Chaos and confusion reign with existing firewall infrastructure Help Net Security

Many organizations are still struggling to master basic firewall hygiene, promising increased complexity and risk associated with network security policy management for those planning to adopt hybrid cloud models and next-gen architectures, according to Firemons 2018 State of the Firewall report. The majority of respondents believe the firewall is still an important part of their overall security architecture, with 94% saying firewalls are as critical as always or more critical than ever. The same percentage More

The post Chaos and confusion reign with existing firewall infrastructure appeared first on Help Net Security.


Entrust Datacard receives patent for innovative card personalization process Help Net Security

Entrust Datacard announced that the company was awarded U.S. Patent No. 10,049,320 (Card Printing Mechanism with Card Return Path) on Aug. 14, 2018. This newly patented technology facilitates duplex card printing without the need for a second card printing mechanism, which reduces the cost and footprint of card personalization systems. With nearly 50 years of innovation in identity security and quality assurance, and several patents currently pending directed towards drop-on-demand (DoD) applications, Entrust Datacard continues More

The post Entrust Datacard receives patent for innovative card personalization process appeared first on Help Net Security.


Demand for online content and services drive Pulse Secure application delivery business growth Help Net Security

Pulse Secure announced that its virtual Application Delivery Controller (virtual ADC) business unit has achieved growth and increased market share in the last year. The announcement marks the one-year anniversary since Pulses acquisition of the virtual ADC Business Unit from Brocade Communications. Factors driving the companys success are the demand for online content and web services, and infrastructure requirements including cloud and hybrid IT growth, DevOps, containerization/Docker and workload migration. Brad Casemore, research vice president More

The post Demand for online content and services drive Pulse Secure application delivery business growth appeared first on Help Net Security.


August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days Help Net Security

In the August 2018 Patch Tuesday, Microsoft has plugged over 60 vulnerabilities, two of which are being actively exploited in the wild. In addition to those, the company has also released a critical update advisory that addresses vulnerabilities found and patched in Adobe Flash. Exploited zero-days The two patched zero-days are: CVE-2018-8414 A vulnerability in Windows Shell that can be triggered by a user opening a specially crafted file and could allow the attacker More

The post August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days appeared first on Help Net Security.


DDoS attackers increasingly strike outside of normal business hours Help Net Security

DDoS attack volumes have increased by 50% to an average of 3.3 Gbps during May, June and July 2018, compared to 2.2 Gbps during the previous quarter, according to Link11. Attacks are also becoming increasingly complex, with 46% of incidents using two or more vectors. While attack volumes increased, researchers recorded a 36% decrease in the overall number of attacks. There was a total of 9,325 attacks during the quarter: an average of 102 attacks More

The post DDoS attackers increasingly strike outside of normal business hours appeared first on Help Net Security.


Haru: An Experimental Social Robot from Honda Research IEEE Spectrum Recent Content full text

The Honda Research Institute gives an in-depth look at the design of their newest social robot prototype

Social robots have had it tough recently. There are lots of reasons for this, but a big part of it is that its a challenge to develop a social robot thats able to spark long-term user interest without driving initial expectations impractically high. This isnt just the case for commercial robotssocial robots designed for long-term user interaction studies have the same sorts of issues. The Honda Research Institute is well aware of how tricky this is, and researchers there have been working on the design of a prototype social robot that achieves a balance between human expectation, surface appearance, physical affordance, and robot functionality. Its called Haru, and Honda Research has provided a fascinating and detailed look into how they came up with its design.

A paper on Haru was presented at the ACM/IEEE International Conference on Human Robot Interaction (HRI) earlier this year, and the introduction does a lovely job of presenting why its so important to carefully consider the physical design of social robots intended to interact with humans:

Various studies confirm that human expectations are shaped by the physical attributes of a robot. As a consequence, human expectations can set the bar high depending on the promise it holds as a function of its physical appearance and how this measures up with the robots actual affordances. For example, a six-foot-tall humanoid robot with a futuristic look would turn out be a disappointment if it only performed Q&A tasks and nothing more. This indifference does not impact on the smaller and basic-shaped smart devices, as the simple Q&A task completion of current smart devices is proportional to the simple image they project. The physical and aesthetic elements of a robot require considered design as they affect its prospect of acceptance and long-term adoption. It is essential to foresee in advance the implicit illusionary functionality brought upon by the design of the robots physical affordance, and to strike a balance between this and human expectation. Keeping human expectation low while stoking interest at the same time may prove to be a good strategy.

Its possible that this is not just a good strategy, but the best strategy (or in fact the only strategy). Were tempted to ascribe all kinds of things to robots that look even vaguely human, and thats been one of the issues that social robots have had in the pastenough human-ness that users think theyre more competent than they are. Commercial social robots are very much aware of this tendency, which is why they often go for a minimalist appro...


Stop Using Python 2: What You Need to Know About Python 3 Hackaday

Though Python 3 was released in 2008, many projects are still stuck on Python 2.

Well take you through some of the features that Python 2 programs are missing out on, not only from 3.0 but up to the current release (3.7).

Why Python 3 Happened

Before 2008, Python developers had a bit of a headache. The language that started in the 1989 Christmas holidays as the pet project of Guido van Rossum was now growing at a fast pace. Features had been piled on, and the project was now large enough that earlier design decisions were hindering implementation. Because of this, the process of adding new features was becoming an exercise in hacking around the existing code.

The solution was Python 3: the only release that deliberately broke backwards compatibility. At the time, the decision was controversial. Was it acceptable for a publicly used open source project to purposefully break on older code? Despite the backlash, the decision was taken, giving Guido and the developers a one off chance to clean out redundant code, fix common pitfalls and re-architect the language. The aim was that within Python 3 there would be only one obvious way of doing things. Its testament to the design choices made back then that were still on 3.x releases a decade later.

The __future__ is Now

The __future__ import is a slice of time-travelling wizardry which allows you to summon select features from future releases of Python. In fact, the current Python release, 3.7, contains __future__ imports from releases which havent yet been written!

Ok fine, so its not quite as grandiose as that, a __future__ import is just an explicit indicator of switching on new syntax which is packaged with the current release. We thought wed mention it because a few of the Python 3 features listed below can be __future__ imported and used in 2.6 and 2.7, which were released to coincide with 3.0 and 3.1 respectively. Having said this, upgrading is, of course, still advised as new features are frozen in past releases and will not benefit from the evolution and maintenance of current versions.

Onto what youre missing out on in Python 3

Print is a Function

Yes, we know that most people are aware of this, but its one of the most used statements by Pythonistas who are starting out. print moved from a...

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Wednesday, 15 August


An Early Look At The L1 Terminal Fault "L1TF" Performance Impact On Virtual Machines Phoronix

Yesterday the latest speculative execution vulnerability was disclosed that was akin to Meltdown and is dubbed the L1 Terminal Fault, or "L1TF" for short. Here are some very early benchmarks of the performance impact of the L1TF mitigation on the Linux virtual machine performance when testing the various levels of mitigation as well as the unpatched system performance prior to this vulnerability coming to light.


5 Jobs Robots Will Never take from Humans TechWorm


Do robots really come to take over our jobs? The line has been drawn with latest AI breakthrough programmes, like AlphaZero, which is able to beat you in Chess, Go and Shogi, so human worries are never been as real, as they are today. Some still think, that we still have a long road to go, referencing new technologies, that are only implemented at the very beginning stages, like surgical robotics for instance. These people, however, forget, that they are already using automatic cashiers and train sales station assistants as a regular convenience, forgetting that not so long ago these tasks were performed by another human-being and was considered a fully obligated paid job. Is this true then, that every task robot performs is better what human abilities can achieve? With this question in mind, for all of you critics, believers, skeptics and dreamers, today we will talk about certain job skills in which humans can still give AI a good run for their money.


This one is a no-brainer yes, machines can actually recognize your face on a photograph, but can they actually paint one? Computer programs are very effective at calculating a viable solution from a number of options, but when it comes to creating their own creative choice they fail miserably. Creating something from scratch is still something that robots are yet to replicate since even we as humans do not fully understand what makes our brain spark with a new idea. Experts are getting robots to make some works of art, recipes and even inspirational quotes, but the end results are, well, mixed, to say the least. All of this means, that any job that is heavily based on a creative process, like musicians, writers, entrepreneurs, etc. can stop breathing heavily they can safely bet for being untouched for a long while.


Sex extortion emails now quoting part of their victims phone number Graham Cluley

Some computer users are reporting that they have received a new type of extortion email in their inbox, which - in an attempt to scare them into giving in to demands for money - quotes part of their phone number.

But where are the blackmailers getting the phone number from?


Universal Method to Sort Complex Information Found SoylentNews

The nearest neighbor problem asks where a new point fits in to an existing data set. A few researchers set out to prove that there was no universal way to solve it. Instead, they found such a way.

If you were opening a coffee shop, there's a question you'd want answered: Where's the next closest cafe? This information would help you understand your competition.

This scenario is an example of a type of problem widely studied in computer science called "nearest neighbor" search. It asks, given a data set and a new data point, which point in your existing data is closest to your new point? It's a question that comes up in many everyday situations in areas such as genomics research, image searches and Spotify recommendations.

And unlike the coffee shop example, nearest neighbor questions are often very hard to answer. Over the past few decades, top minds in computer science have applied themselves to finding a better way to solve the problem. In particular, they've tried to address complications that arise because different data sets can use very different definitions of what it means for two points to be "close" to one another.

Now, a team of computer scientists has come up with a radically new way of solving nearest neighbor problems. In a pair of papers, five computer scientists have elaborated the first general-purpose method of solving nearest neighbor questions for complex data.

Original Submission

Read more of this story at SoylentNews.


Exabeam raises $50 million in series D funding to disrupt SIEM market Help Net Security

Exabeam announced that it has closed $50 million in Series D funding. The round, backed entirely by existing investors, was led by Lightspeed Venture Partners and supported by Aspect Ventures, Cisco Investments, Icon Ventures, Norwest Venture Partners and cybersecurity investor Shlomo Kramer. The funds will be used to grow the companys cloud portfolio, as well as sales and channels to expedite global expansion. The complexities in securing modern digital businesses, along with the increase in More

The post Exabeam raises $50 million in series D funding to disrupt SIEM market appeared first on Help Net Security.


Splunk .conf18 to feature industry visionaries and product innovations Help Net Security

Splunk announced that industry visionaries including Steve Wozniak, will present at .conf18, the annual Splunk conference. The event will take place from October 1-4, 2018, at the Walt Disney World Swan and Dolphin Resort in Orlando, Florida. More than 9,000 people are expected to attend .conf18 to learn about the latest Splunk products and innovations spanning IT, security, developer, artificial intelligence and machine learning, mobile, and the Internet of Things (IoT) technology. Attendees will participate More

The post Splunk .conf18 to feature industry visionaries and product innovations appeared first on Help Net Security.


Orange acquires Basefarm Holding to support its cloud computing strategy Help Net Security

Orange announced that it has completed the acquisition of 100% of Basefarm through its enterprise subsidiary Orange Business Services following the approbation of the competition authorities. Basefarm is an European player in cloud-based infrastructure and services, as well as the management of critical applications and data analysis. The company, which recorded revenues of over 100 million euros in 2017, has enjoyed growth since its creation. Basefarm has an operational presence in several European countries, particularly More

The post Orange acquires Basefarm Holding to support its cloud computing strategy appeared first on Help Net Security.


Jarno Limnll appointed CEO of IoT infrastructure security firm Tosibox Help Net Security

IoT infrastructure security firm Tosibox Oy of Finland announces the appointment of cyber security expert Jarno Limnll as its new Chief Executive Officer. In his new role, Limnll is to lead the drive for Tosiboxs remote connection technology to become the standard for secure Internet of Things (IoT) infrastructures in network management. Clearly, Tosibox is delighted to welcome Jarno Limnll as its new CEO, says Markku Tapio, Chairman of the Board of Tosibox Oy. He More

The post Jarno Limnll appointed CEO of IoT infrastructure security firm Tosibox appeared first on Help Net Security.


PUBG Mobile Lite APK Download | How To Install It TechWorm

How to download PUBG Mobile Lite APK and install it

PUBG Mobile lite Well, this game needs to introduction. You might have heard about this in the past few weeks. Every gaming channel on youtube or even your friends are talking about this. There are plenty of reasons why this game became so famous. It was first launched for desktops and PCs only but this year it was launched for smartphones too. This did a great welfare to all game lovers out there. They quickly downloaded it from the play store and even before you realize its popularity, it went viral like a hell. So in this article, we are providing you with the best way to download and install PUBG.

Download PUBG Mobile lite using Apk File

Yes, you can download PUBG using an APK file. There are two popular APK sites which have highest ranking regarding PUBG download.

  1. ApkPure
  2. ApkMirror

You can directly move to the download sections of PUBG just by clicking these website names Above.

Procedure on how to install PUBG Mobile lite: (Apkpure version)

  • Download the APKPure app
  • Search for PUBG Mobile app and download the APK file
  • Once downloaded, install the PUBG Mobile Lite APK on your smartphone
  • Before you can play the game, you need a VPN to connect to the Philippines server in order to enter a battle royale. (We used X-VPN and had to buy a premium subscription to unlock the Philippines location in order to play PUBG Mobile Lite. However, you can download any other VPN which can set your location in the Philippines).
  • Once youve set your location, you can connect to the local server and start a match.

Procedure on how to install: (Apkmirror version)

  • Simply follow the link above ApkMirror

Another way to download PUBG Is using Google Play store

In this method, you just need to download PUBG like you do for other games.

  • Open Play store
  • Select Games
  • Type PUBG
  • Download it

So these were some ways to get PUBG lite on your smartphone.

The post PUBG Mobile Lite APK Download | How To Install It appeared first on...


64-bit ARM Changes For Linux 4.19 Has "A Bunch Of Good Stuff" Phoronix

Will Deacon submitted the 64-bit ARM (ARM64/AArch64) changes on Tuesday for the Linux 4.19 kernel merge window...


New Office 365 phishing attack uses malicious links in SharePoint documents Help Net Security

Fake emails targeting Office 365 users via malicious links inserted into SharePoint documents are the latest trick phishers employ to bypass the platforms built-in security, Avanan researchers warn. The cloud security company says that the phishing attack was leveraged against some 10% of its Office 365 customers in the past two weeks and they believe the same percentage applies to Office 365 globally. About the PhishPoint attack The victim receives an email containing a link More

The post New Office 365 phishing attack uses malicious links in SharePoint documents appeared first on Help Net Security.


PSD2 SCA requirements will be implemented soon, are you ready? Help Net Security

As the second Payment Services Directive continues its rollout, regulations making it obligatory for organisations to implement strong customer authentication (SCA) in online payments will come into force on September 19th this year. Despite the proximity of this new requirement, regulators have still not made clear what the most effective way to implement SCA is, in a way that does not compromise on customer convenience. This points to a need for greater collaboration between key More

The post PSD2 SCA requirements will be implemented soon, are you ready? appeared first on Help Net Security.


How to install Fortnite for android ? | APK Download TechWorm

How you can download Fortnite APK and install it

Fortnite made disaster in the smartphone gaming industry when it was first launched on iOS. But now it even did more to Android users. As we all know that this game was exclusively launched for only Samsung devices before. But that exclusivity lasted no longer. After a few days, an Apk file was available in the market targeting non-Samsung devices too. Allowing other users to download and install fortnite on their devices. Now anyone can get an access to this game. You can also get access by simply downloading this game from the link provided just below this article.

So after the tremendous success of PUBG, many gamers have shifted towards this masterpiece. The reason is pretty simple, this game has a great potential. I personally played it and felt this game is better than PUBG in terms of performance and graphics. Well, you can try your taste by following the installation guide below:-

Few things to remember before Installing this game (Fortnite):

1. Avoid Playstore

If you are thinking to download this game from official google play store then you are just wasting your time. This game is only available on Fornites official website or on apk website (Link just below this article).

2. Check your device

Check your device first. If you have a compatible Samsung device then you dont need to do anything much. Just simply download Fortnite right away, either through the Samsung Game Launcher or Epics website. In order to check if your device is compatible or not visit Download Fornite for android.

3. Sign Up for the waiting list

4. Waiting for Invite

In this part, all you patience skills will be tested to its core. Some people are getting invites early and some are just waiting for the beautiful moment when they receive e-mail notification via Epic Games. Since the craze and hipe of this game have increased the waiting time may vary from days to even weeks. So Best of luck with that.

5. Download The game Directly | Fortnite APK Download

If you have no roo...


Systematic Analysis Reduces One Chicago Location's Parking Tickets by 50% SoylentNews

Utilizing FOIA and some clever software Mr. Chapman quickly identifies a troubled spot for parking in Chicago and gets results!

The story relates how the author used Freedom of Information Act requests to gather raw data on parking tickets issued in Chicago. What he received was a semicolon-delimited text file containing a great number of data entry errors. The author outlines the steps taken to clean and extract data on a likely problematic parking location. Armed with this data, he visited the location and discovered very confusing signage. He reported this to the city, who rectified the signage. This led to a 50 percent decrease in the number of tickets issued for that location.

I immediately asked myself three things

1. How much more effective has that corner become?
2. Who's grumbling about the loss of revenue?
3. What would happen if more of us did this very thing?

Original Submission

Read more of this story at SoylentNews.


A Remotely Controlled Kindle Page Turner Hackaday

One of the biggest advantages of e-readers such as the Kindle is the fact that it doesnt weigh as much as a traditional hardcover book, much less the thousands of books it can hold in digital form. Which is especially nice if you drop the thing on your face while reading in bed. But as light and easy to use as the Kindle is, you still need to hold it in your hands and interact with it like some kind of a babys toy.

Looking for a way to operate the Kindle without having to go through the exhaustive effort of raising their hand, [abm513] designed and built a clip-on device that makes using Amazons e-reader even easier. At the press of a button, the device knocks on the edge of the screen which advances the book to the next page. Going back a page will still require you to extend your meaty digit, but thats your own fault for standing in the way of progress.

The 3D printed case holds an Arduino and RF receiver, as well as a small servo to power the karate-chop action. Theres no battery inside, meaning the device needs to stay plugged in via a micro USB connection on the back of the case. But lets be honest: if youre the kind of person who has a remote-controlled Kindle, you probably arent leaving the house anytime soon.



Machine Learning Could Help Identify Author of an Anonymous Code TechWorm

Machine Learning Algorithm That De-anonymizes Programmers From Source Code And Binaries

Researchers have found that machine learning can be used to help identify pieces of codes, binaries, and exploits written by anonymous programmers, according to Wired. In other words, machine learning can de-anonymize programmers from source-code or binary form.

The study was presented by Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadts former Ph.D. student and now an assistant professor at George Washington University, at the DefCon hacking experience.

How To De-Anonymize Code

According to the researchers, the code written in the programming language is not completely anonymous. The abstract syntax trees contain stylistic fingerprints that can be used to potentially identify programmers from code and binaries.

In order to study the binary experiment, the researchers examined code samples in machine learning algorithms and removed all the features such as choice of words used, how to organize codes and length of the code. They then narrowed the features to only include the ones that actually differentiate developers from each other.

Examples of a programmers work are fed into the AI where it studies the coding structure. This approach trains an algorithm to recognize a programmers coding structure based on examples of their work.

For the testing, Caliskan and the other researchers used code samples from Googles annual Code Jam competition. It was found that 83% of the time, the AI was successful in identifying the programmers from the sample size.

Where can it be used?

This approach could be used for identifying malware creators or investigating instances of hacks. It can also be used to find out if students studying programming stole codes from others, or whether a developer violated a non-compete clause in their employment contract.

Privacy Implications

However, this approach could have privacy implications, especially for those thousands of developers who contribute open-source code to the world and choose to remain anonymous for certain reasons.

Future Work

Greenstadt and Caliskan plan to study how other factors might affect a persons coding style. For instance, questions such as what happens when members of the same organization work together on a project, or whether people from different countries code in different ways. Also, whether the same attribution methods could be used across...


DRM Updates Sent In For Linux 4.19 With New VKMS Driver, Intel Icelake Work Phoronix

David Airlie has submitted the Direct Rendering Manager (DRM) updates for the Linux 4.19 kernel merge window with these various open-source graphics/display driver updates...


Surfing the internet with your mind seems to be a great step forward Lifeboat News: The Blog

The implications are mind-boggling, oh yes.

Check out what MIT media lab does using bone conduction technology.

#technology #future #internet #biotechnology #communication #immersiveleaks


Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) Open Source Security

Posted by Marcus Meissner on Aug 15



SegmentSmack affects TCP segments,
FragmentSmack affects IP fragments (lower protocol level).

Ciao, Marcus


New Bugs Leave Millions of Phones Vulnerable to Hackers SoylentNews

Submitted via IRC for BoyceMagooglyMonkey

Research funded by the Department of Homeland Security has found a "slew" of vulnerabilities in mobile devices offered by the four major U.S. cell phone carriers, including loopholes that may allow a hacker to gain access to a user's data, emails, text messages without the owner's knowledge.

The flaws allow a user "to escalate privileges and take over the device," Vincent Sritapan, a program manager at the Department of Homeland Security's Science and Technology Directorate told Fifth Domain during the Black Hat conference in Las Vegas.

The vulnerabilities are built into devices before a customer purchases the phone. Researchers said it is not clear if hackers have exploited the loophole yet.

Department of Homeland Security officials declined to say which manufacturers have the underlying vulnerabilities.

Millions of users in the U.S. are likely at risk, a source familiar with the research said, although the total number is not clear.

Because of the size of the market, it is likely that government officials are also at risk. The vulnerabilities are not limited to the U.S.

Researchers are expected to announce more details about the flaws later in the week.


Original Submission

Read more of this story at SoylentNews.


The Linux Benchmarking Continues On The Threadripper 2950X & 2990WX Phoronix

While I haven't posted any new Threadripper 2950X/2990WX benchmarks since the embargo expired on Monday with the Threadripper 2 Linux review and some Windows 10 vs. Linux benchmarks, tests have continued under Linux -- as well as FreeBSD...


Former Microsoft Engineer Gets Prison for Role in Reveton Ransomware The Hacker News

A former Microsoft network engineer who was charged in April this year has now been sentenced to 18 months in prison after pleading guilty to money laundering in connection with the Reveton ransomware. Reveton malware is old ransomware, also known as scareware or police ransomware that instead of encrypting files locks the screen of victims computers and displays a message purporting to come


CodeWeavers Joins The Khronos Group Along With IKEA Phoronix

In addition to the many technical accomplishments of Khronos this week at SIGGRAPH 2018, they were also celebrating the milestone of crossing 140 members to this industry standards group...


Antiquated Patenting Trick: Adding Words Like Apparatus to Make Abstract Ideas Look/Sound Like They Pertain to or Contain a Device Techrights


Summary: 35 U.S.C. 101 (Section 101) still maintains that abstract ideas are not patent-eligible; so applicants and law firms go out of their way to make their ideas seem as though theyre physical

THE examiners at the USPTO have been instructed (as per Section 101/Alice and examination guidelines) not to grant abstract patents, which include software patents. This means that applicants and the law firms whom they pay to game the system will go out of their way to rephrase things, making life harder for examiners.

RichmondBizSenses patent listings, published only a few hours ago, include Method and apparatus for context based data analytics (analysis or analytics using algorithms).

We certainly hope that examiners are clever enough to spot these tricks; the underlying algorithms do not depend on a device and arent strictly tied to any; they can run on any general-purpose computer.Notice how they titled it; apparatus is just the same old trick (like device) for making abstract ideas seem physical. Lawyers tricks like these fool the examiners. Device, at least in the EPO, is the weasel word quite often used to make patents look less as such (or per se as they phrase it in India). We certainly hope that examiners are clever enough to spot these tricks; the underlying algorithms do not depend on a device and arent strictly tied to any; they can run on any general-purpose computer.

Watchtrolls latest attack on 35 U.S.C. 101 (this time Jeremy Doerre again, for the second time in a week) shows that patent quality is the real threat to these maximalists/extremists. They dislike justice, love litigation, and Section 101 is therefore a threat to them. Maybe they will just attack SC...


Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) Open Source Security

Posted by David T. on Aug 15

Is this the same as "SegmentSmack" that came out last week, CVE-2018-5390?
Or, what is the difference?


The Big Networking Update Sent In For Linux 4.19, Including 802.11ax Bits Phoronix

David Miller sent in the networking subsystem updates today for the Linux 4.19 kernel merge window...


CSNC-2018-016 - ownCloud iOS Application - Cross-Site Scripting Bugtraq

Posted by Advisories on Aug 15

# Product: ownCloud iOS Application (owncloud.iosapp) [1]
# Vendor: ownCloud Gmbh
# CSNC ID: CSNC-2018-016
# Subject: Cross-Site Scripting in ownCloud iOS Application's WebViews
# Risk: Low
# Effect:...


CSNC-2018-023 - Atmosphere Framework - Reflected Cross-Site Scripting (XSS) Bugtraq

Posted by Advisories on Aug 15

# Product: Atmosphere [1]
# Vendor:
# CSNC ID: CSNC-2018-023
# Subject: Reflected Cross-Site Scripting (XSS)
# Risk: High
# Effect: Remotely exploitable
# Author: Lukasz D. (advisories ()...


August 2018 Microsoft Patch Tuesday fixes two flaws exploited in attacks in the wild Security Affairs

Microsoft Patch Tuesday update for August 2018 addresses a total of 60 vulnerabilities, two of which are actively exploited in attacks in the wild.

After Adobe, also Microsoft released the Patch Tuesday update for August 2018 that addresses a total of 60 vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, Office, ChakraCore, .NET Framework, Exchange Server, Microsoft SQL Server and Visual Studio.

19 remote code execution vulnerabilities are rated as critical and two flaws are being exploited in the wild at the time of release.

Microsoft has also addressed 39 important vulnerabilities, one moderate and one low in severity.

Lets start with the vulnerabilities exploited in attacks in the wild:

CVE-2018-8373 IE Scripting Engine Memory Corruption Vulnerability

The vulnerability affects Internet Explorer 9, 10 and 11, it was first disclosed last month by Trend Micro and affected all supported versions of Windows.

The flaw could be exploited by remote attackers to take control of the vulnerable systems by tricking victims into viewing a specially crafted website through Internet Explorer. The attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine.

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. reads the security advisory published by Microsoft.

An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

CVE-2018-8414  Windows Shell Remote Code Execution Vulnerability

The flaw is actively exploited in attacks in the wild, it resides in the Windows Shell and tied with the improper validation of file paths. An attacker can execute arbitrary code on the vulnerable system by tricking victims into opening a specially crafted file received via an email or a web page.

An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user. If the current user is logged on as an administrator, an attacker could take control o...


Top 10 Torrent Site iDope Goes Down With Domain Issues TorrentFreak

In the summer of 2016, shockwaves rippled through the BitTorrent scene when KickassTorrents (KAT), the worlds most popular torrent site at the time, was forcefully shut down.

The action coordinated by the US government saw alleged KAT founder Artem Vaulin taken into custody. Meanwhile, millions of former users scrambled to find alternatives elsewhere on the Internet.

Unsurprisingly, many dispersed to existing torrent giants such as The Pirate Bay and RARBG but it didnt take long for new blood to enter the ecosystem. Soon after KATs demise, a new indexer called iDope made its debut, largely as a tribute to the dismantled torrent behemoth.

This project was developed the next day after we knew KAT was taken down, its very very new, and we are a very small team, so you wont find anything about it on the Internet, especially when we never promoted it decently, one of the sites operators said back in 2016.

We only intended to make simple products that everyone can enjoy, we dont make bucks out of it, and thus we promise no annoying pop-up ads.

In the months and years that followed, iDope gained a significant following and in January 2018, the relatively new site broke into TorrentFreaks annual round-up of the worlds most-visited torrent sites. With similar traffic to the equally popular Zooqle, iDope bagged itself a joint tenth position in the list.

During the past week, however, problems have hit the site. Without any warning, iDope which has operated very smoothly from the domain since its launch went offline.

The sites Twitter and Facebook accounts have been dormant for some time and the recent downtime didnt result in any updates. Unfortunately, that vacuum has left people to speculate on what has caused the outage, from technical issues to problems with the authorities.

TorrentFreak contacted the last known email address associated with the iDope team expecting that to be dead too. Overnight, however, we received a response, one that leaves hope for a smooth return for the popular torrent index.

There are some problems with our domain, We are communicating with the domain provider. We believe it can be restored within a few days, TF was told.

While iDope was down, other domains that appeared to be clones or perhaps mirrors of iDope remained up, albeit with indexes a few days out of date. In the first instance it was unclear whether those domains we...


Open Invention Network (OIN) Member Companies Need to Become Unanimous in Opposition to Software Patents Techrights

OIN still going with the flow of millionaires and billionaires who fund it, not Free/libre software developers


Summary: Opposition to abstract software patents, which even the SCOTUS and the Federal Circuit nowadays reject, would be strategically smart for OIN; but instead it issues a statement in support of a GPL compliance initiative

THE USPTO is still granting software patents, never mind if courts continue and persist in rejecting these. OIN still generally supports software patents, albeit shyly. It doesnt talk about that too much. Just look at the member companies of OIN, especially founding members; some of these companies actively pursue their own software patents and IBM is blackmailing companies with these.

OIN still generally supports software patents, albeit shyly.Yesterday OIN issued this press release [1, 2] under the title Open Invention Network Member Companies Unanimous in Support of GPL Cooperation Commitment and whats odd about it is that they talk about software licences rather than patent licences. The GPL is dealing with copyright (mostly), albeit GPLv3 indirectly deals with patents too. So its interesting that OIN now talks about the GPL rather than patent policy. From the opening paragraph:

Open Invention Network (OIN), the largest patent non-aggression community in history, announced today that its eight funding members Google, IBM, Red Hat, SUSE, Sony, NEC, Philips, Toyota have committed to rejecting abusiv...


Hack Causes Pacemakers to Deliver Life-Threatening Shocks SoylentNews

Submitted via IRC for SoyCow1984

Life-saving pacemakers manufactured by Medtronic don't rely on encryption to safeguard firmware updates, a failing that makes it possible for hackers to remotely install malicious wares that threaten patients' lives, security researchers said Thursday.

At the Black Hat security conference in Las Vegas, researchers Billy Rios and Jonathan Butts said they first alerted medical device maker Medtronic to the hacking vulnerabilities in January 2017. So far, they said, the proof-of-concept attacks they developed still work. The duo on Thursday demonstrated one hack that compromised a CareLink 2090 programmer, a device doctors use to control pacemakers after they're implanted in patients.

Because updates for the programmer aren't delivered over an encrypted HTTPS connection and firmware isn't digitally signed, the researchers were able to force it to run malicious firmware that would be hard for most doctors to detect. From there, the researchers said, the compromised machine could cause implanted pacemakers to make life-threatening changes in therapies, such as increasing the number of shocks delivered to patients.


Related: A Doctor Trying to Save Medical Devices from Hackers
Security Researcher Hacks Her Own Pacemaker
Updated: University of Michigan Says Flaws That MedSec Reported Aren't That Serious
Fatal Flaws in Ten Pacemakers Make for Denial of Life Attacks
After Lawsuits and Denial, Pacemaker Vendor Finally Admits its Product is Hackable
8,000 Vulnerabilities Found in Software to Manage Cardiac Devices
465,000 US Patients Told That Their Pacemaker Needs a Firmware Upgrade
Abbott Addresses Life-Threatening Flaw in a Half-Million Pacemakers

Original Submission



Replacement Audi Plastics Thanks To 3D Printing Hackaday

Old cars can be fun, and as long as you drive something that was once moderately popular, mechanical parts can be easy enough to come by. Things like filters, spark plugs, idle air solenoids theyre generally available for decades after a car is out of production as long as you know where to look. However, plastics can be much harder to come by. 20 to 30 years into a cars lifetime, and youll be hard pressed to find a radio surround or vent trim in as-new condition theyve all long ago succumbed to the sun and air like the cracked and discoloured piece in your own car. What is a hacker to do? Bust out the 3D printer, of course!

[Stephen Kraus] has developed a series of parts for his Audi, ready to print on the average home 3D printer. Theres the triple gauge mount which fits in the radio slot for that classic tuner look, to the printed wheel caps which are sure to come in handy after youve lost the originals. There are even useful parts for capping off the distributor if youre switching to a more modern ignition setup. [Stephen] also reports that his replacement shifter bushing printed in PLA has lasted over a year in normal use.

This is an excellent example of what 3D printers do best obscure, bespoke one-off parts with complex geometries are no trouble at all, and can be easily made at home. Weve seen this done to great effect before, too for example with this speedometer correction gear in an old truck.


President Battistelli Killed the EPO; Antnio Campinos Will Finish the Job Techrights

Reducing jobs, only months after outsourcing jobs at EU-IPO (sending these overseas to low-salaried staff, even in defiance of EU rules)


Summary: The EPO is shrinking, but this is being shrewdly disguised using terms like efficiency and a low-profile President who keeps himself in the dark

THE number of granted patents continues to decrease (a steady decline) at the USPTO, representing improvements (restrictions) imposed there by the courts. Well say a little more about that later.

These people dont care about scientists, whom they merely view/perceive as human resources (not to mention who has been put in charge of human resources).At the office in Munich, however, patent maximalism reigns supreme. The agenda has nothing to do with science and technology; the management lacks background in science and technology. The President is a former banker and his predecessor is a politician. These people dont care about scientists, whom they merely view/perceive as human resources (not to mention who has been put in charge of human resources). Its all about money. All. About. Money. Short-term gain. What doesnt count to them is the long-term survival of their company (its actually not a company but an institution with a monopoly, which should not strive for profits but instead serve public interests).

The official announcement is that target per examiner still increases, but the EPO shall have less examiners. Recruitment is halted and retirement shall not compensated.
Anyway, Mrpel says that the EPO is closing shop. (thats her headline). It is not literally but metaphorically doing so; it was killed by Battistelli and his friend...


Foreshadow Attacks 3 New Intel CPU Side-Channel Flaws Discovered The Hacker News

2018 has been quite a tough year for Intel. While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks. Dubbed Foreshadow, alternatively called L1 Terminal Fault or L1TF, the new attacks include


Adobe August 2018 Patch Tuesday addresses 11 vulnerabilities in its products Security Affairs

Adobe released the August 2018 Patch Tuesday updates that address 11 vulnerabilities in Flash Player, the Creative Cloud Desktop Application, Experience Manager, and Acrobat and Reader.

Adobe August 2018 Patch Tuesday updates have addressed eleven vulnerabilities in eleven products, five of them in Flash Player.

Below vulnerability details:

Vulnerability Category Vulnerability Impact Severity CVE Number
Out-of-bounds read Information Disclosure Important CVE-2018-12824
Security bypass Security Mitigation Bypass Important CVE-2018-12825
Out-of-bounds read Information Disclosure Important CVE-2018-12826
Out-of-bounds read Information Disclosure Important CVE-2018-12827
Use of a component with a known vulnerability Privilege Escalation Important CVE-2018-12828

All the five security flaws fixed with the August 2018 Patch Tuesday updates have been rated as Important, the most serious one is a privilege escalation issue tracked as CVE-2018-12828 that can lead to arbitrary code execution.

Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address important vulnerabilities in Adobe Flash Player and earlier versions.  Successful exploitation could lead to arbitrary code execution in the context of the current user. reads the security advisory published by Adobe.

Adobe fixed two critical arbitrary code execution flaws in Acrobat and Reader (CVE-2018-12808, CVE-2018-12799) for Windows and macOS.

Vulnerability Category Vulnerability Impact Severity CVE Number
Out-of-bounds write Arbitrary Code Execution Critical CVE-2018-12808
Untrusted pointer dereference Arbitrary Code Execution Critical CVE-2018-1...


Theo on the latest Intel issues OpenBSD Journal

Theo de Raadt (deraadt@) posted to the tech@ mailing list with some background on how the latest discovered Intel CPU issues relate to OpenBSD.

Date: Wed, 15 Aug 2018 00:31:16 -0600
From: Theo de Raadt [elided]
Subject: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646

These 3 issues all relate to a bug in Intel cpus

The cpu will speculatively honour invalid PTE against data in the
on-core L1 cache.  Memory disclosure occurs into the wrong context.

These 3 issues (CVE-2018-3615, CVE-2018-3620, CVE-2018-3646) together
are the currently public artifacts of this one bug.

Read more


Nuclear Fusion Updated project reviews Terra Forming Terra


I must admit that after discovering just how easy it is to produce a 3D spiral wave able to induce electron decay in Dark Matter, my interest in fusion waned.  As i have posted before, we have all the energy we want for the taking and anywhere inside our galaxy at least.

These research programs remain as excellent work in understanding our physical limits and much is been learned so bravo still.

This item gives us an update and general summary of the ongoing work which has isolated several separate protocols and is attempting to drive them home.  I continue to like LLP simply because containment is not the issue.  The issue is unsurprisingly materials science.  It is also capable of been very compact, but after saying just that i would like to spend the heavy coin to scale it all up ten fold.  I do think that this design will perform much better as scale climbs.

That is exactly why we already have huge gravity ships that you do not know about although just too many folks have seen them pass at night.  Note that all UFO's are gravity ships at least and EM ships second in order to maneuver...


 Nuclear Fusion Updated project reviews


Trumps Prime Directive: Save American Culture From Maoist Forces Terra Forming Terra


The one big problem faced by POTUS is that he has to fight several large wars. Common sense dictates that he must solve them essentially one at a time and completely at that.   Yet before all that it is also necessary to eliminate the DEEP STATE which is central to all these wars.  The DEEP STATE is waging a Maoist campaign against western culture itself and it has become obvious.

Intel from Q  has informed us regarding ongoing actions against the DEEP STATE. I now think that its demise is eminent.  I also think that the Midterms will be a smashing Trump victory.  Dem efforts have been tepid to date and leadership is AWOL.  This can give him real control of both house and congress and i also note a large number of GOP congressmen and senators are stepping out which can only mean Trump endorsed replacements.

Then expect a wall reform legislation including some form of single payer medicare in particular.  The cultural war will be suddenly reversed through the reform of education including the universities in particular.  Having avowed Maoists brainwashing the non STEM crowd has got to stop..

Trumps Prime Directive: Save the American Culture From the Maoist Forces Which Are Imposing Their Communist Will On America

Mao, despicable but effective. According to NYU Professor Rectanwald, Mao is the model that is being used to destroy our country.



Clinker built Viking ship DRAGON HARALD FAIRHAIR Terra Forming Terra

Dragon Harald Fairhair: The construction of a Viking DragonShip

I was unaware that the Norwegians had actually built one of these and had really got it right as well.  a lot of good questions got answered herel.   This one was crafted inside of two years.  Watch all the videos in this post.

It was also build as large as likely ever built as well.  Now i want to see this scaled back to a more practical size, not least because this size comes in at 70 tons.  60 foot length and a 15 foot beam should get us down to under twenty tons.  Assume ten pairs of oars for a crew of forty or so.

This was surely typical of the usual long ship of the vikings.

Better yet it is light enough that sledging it becomes plausible.  Thinner planks would make a big difference there.

There is an excellent prospect for building a fleet of these smaller craft for sailing in Salish Sea between Vancouver and Vancouver Island's Cowichan Valley which was the likely site of the original Vinland.  It is clearly no trick to...

'Gargoyle' Sighting - South of Boston, MA Terra Forming Terra

This time we got a good look without the face.  That the witness confirmed first impression of a gargoyle is important as he surely got it right.  This means not a bird and not a pterodactyl.  We have now had plenty of likely gargoyles and even some other actual IDs as well.

The Chupacabra is surely a gargoyle and there is plenty of game out there for a blood feed as well.  These creatures generally stay well clear of us and our animals though not always with a chicken coop and other small operations.  Larger operations really have way too much protection.

Again we have the Thunder Bird out there as well as the Chupacabra or Gargoyle and we also have a Pterodactyl also.  All these can sit down on a roof and will.

'Gargoyle' Sighting - South of Boston, MA

Friday, August 03, 2018

The following account was posted at Reddit today, by the user named Decay_WithMe. I contacted the witness and received a bit more information:

I live 25 minutes south of Boston. About 6 months ago I saw this insane thing. It was about 3 AM, I had been up late as I normally am. I stepped outside to smoke a cigarette. It was dark as Hell except for the stars and moon. As I was smoking I heard this noise of something flying. I look up and see this winged creature land on my neighbor's roof and just sit there like a Gargoyle would. I thought I was seeing sh*t or seeing something wrong but then the creature jumped up and flew away and I could see its whole body. It was the size of a small human but massive wings. It reminded me of a Gargoyle. I don't know what the f**k I saw but it was crazy. Has anyone ever had an experience seeing something like this? Humanoid creature with wings?

After contacting the witness, I received the following message:

Hey there. I ca...


Home Depot Q2 2018 Results Shed Light on U.S. Economy SoylentNews

Home Depot's Sales Rebound Muted by Inflation in Fuel and Lumber

Home Depot Inc.'s sales rebounded last quarter as Americans took on more remodeling projects, but rising costs for lumber and transportation are weighing on profitability.

[...] Home Depot and its smaller rival Lowe's Cos. are often seen as proxies for the health of the housing sector because property owners spend more on their homes when they believe values are rising. But for several quarters there's been increasing concern that years of robust home-price gains are cooling. For its part, Home Depot has continually said that a shortage of available homes in many markets would actually underpin higher home-improvement spending.

[...] Even as the overall housing market looks to be cooling, several trends are driving demand for home-improvement products. A shortage of available listings has slowed property purchases, causing some owners to opt for sprucing up their homes instead. Additionally, more people are staying longer in their homes, which also supports the uptick.

The labor market also plays a role: A strong run of hiring, coupled with moderate wage growth, has boosted Americans' wherewithal to spend money on fixing up their homes. Spending on home improvement -- which accounts for about 38 percent of private residential construction outlays -- surged 13.8 percent in June from a year earlier to reach $221 billion, according to Commerce Department data. Going forward, the job market may continue to propel housing and remodeling demand. But potential hurdles include a pickup in mortgage rates, a shortage of skilled workers for building and remodeling projects, and rising costs for construction materials such as lumber, which is affected by tariffs.

Also at CNN and CNBC.

Original Submission

Read more of this story at SoylentNews.


FreeBSD Security Advisory FreeBSD-SA-18:11.hostapd Bugtraq

Posted by FreeBSD Security Advisories on Aug 14

FreeBSD-SA-18:11.hostapd Security Advisory
The FreeBSD Project

Topic: Unauthenticated EAPOL-Key Decryption Vulnerability

Category: contrib
Module: wpa
Announced: 2018-08-14
Credits: Mathy Vanhoef of the imec-DistriNet research group of...


FreeBSD Security Advisory FreeBSD-SA-18:10.ip Bugtraq

Posted by FreeBSD Security Advisories on Aug 14

FreeBSD-SA-18:10.ip Security Advisory
The FreeBSD Project

Topic: Resource exhaustion in IP fragment reassembly

Category: core
Module: inet
Announced: 2018-08-14
Credits: Juha-Matti Tilli <juha-matti.tilli () iki fi> from...


FreeBSD Security Advisory FreeBSD-SA-18:09.l1tf Bugtraq

Posted by FreeBSD Security Advisories on Aug 14

FreeBSD-SA-18:09.l1tf Security Advisory
The FreeBSD Project

Topic: L1 Terminal Fault (L1TF) Kernel Information Disclosure

Category: core
Module: Kernel
Announced: 2018-08-14
Affects: All supported versions of FreeBSD.


FreeBSD Security Advisory FreeBSD-SA-18:08.tcp Bugtraq

Posted by FreeBSD Security Advisories on Aug 14

FreeBSD-SA-18:08.tcp Security Advisory
The FreeBSD Project

Topic: Resource exhaustion in TCP reassembly

Category: core
Module: inet
Announced: 2018-08-06
Credits: Juha-Matti Tilli <juha-matti.tilli () iki fi> from...


[slackware-security] openssl (SSA:2018-226-01) Bugtraq

Posted by Slackware Security Team on Aug 14

[slackware-security] openssl (SSA:2018-226-01)

New openssl packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
patches/packages/openssl-1.0.2p-i586-1_slack14.2.txz: Upgraded.
This update fixes two low severity security issues:
Client DoS due to large DH parameter.
Cache timing vulnerability in RSA Key Generation.
For more...


[SECURITY] [DSA 4272-1] linux security update Bugtraq

Posted by Salvatore Bonaccorso on Aug 14

Debian Security Advisory DSA-4272-1 security () debian org Salvatore Bonaccorso
August 14, 2018

Package : linux
CVE ID : CVE-2018-5391



SpaceX preparing astronauts to return to space travel Lifeboat News: The Blog

We are not going to fly until we are ready to fly safely, said SpaceX Chief Operating Officer Gwynne Shotwell at the event Monday. We need to hit all the boxes and do everything we need to do to take astronauts from U.S. soil as often as NASA will let us.After SpaceX successfully completes Demo-2, NASA will certify the spacecraft and systems for regular crewed launches to the ISS, with astronauts Mike Hopkins and Victor Glover flying the first operational mission.

Even with all the safety precautions and testing, however, the astronauts remain aware that space flight is extremely hazardous.The only thing Im afraid of, said Glover, who is married and has four daughters, is not coming home to my family.


Tbx6 Revealed As Crucial To Heart And Skeleton Formation From Stem Cells SoylentNews

Many studies have attempted to identify a single transcription factor that can induce formation of the mesoderm, an early layer in embryonic development, without help from other cellular proteins. None have been successful, until now.

In a new study published in Cell Stem Cell, titled "Tbx6 Induces Nascent Mesoderm from Pluripotent Stem Cells and Temporally Controls Cardiac versus Somite Lineage Diversification," a research team, including experts from the University of Tsukuba, screened over 50 transcription factors and found that Tbx6 alone was able to stimulate mesoderm formation in laboratory-grown stem cells, and could cause those stem cells to become cardiovascular or musculoskeletal cells.

[...] In the study, temporary production of Tbx6 caused the formation of mesoderm that later produced cardiovascular cells, while continuous Tbx6 expression suppressed this cardiovascular-forming mesoderm and caused formation of mesoderm that later produced musculoskeletal cells.

"Our analyses revealed a connection between early Tbx6 expression and cardiovascular lineage differentiation, and we believe that our study and similar studies may change the current view of lineage specification during development," Dr. Ieda explains. "Importantly, this essential and unappreciated function of Tbx6 in mesoderm and cardiovascular specification is conserved from lower organisms to mammals, so this discovery may have wide-ranging applicability in regenerative medicine."

Tbx6 Induces Nascent Mesoderm from Pluripotent Stem Cells and Temporally Controls Cardiac versus Somite Lineage Diversification (DOI: 10.1016/j.stem.2018.07.001) (DX)

Original Submission

Read more of this story at SoylentNews.


Reinforce Happy Faces With Marshmallows And Computer Vision Hackaday

Bing Crosby famously sang Just let a smile be your umbrella. George Carlin, though, said, Let a smile be your umbrella, and youll end up with a face full of rain. [BebBrabyn] probably agrees more with the former and used a Raspberry Pi with Open CV to detect a smile, a feature some digital cameras have had for a long time. This project however doesnt take a snapshot. It launches a marshmallow using a motor-driven catapult. We wondered if he originally tried lemon drops until too many people failed to catch them properly.

This wouldnt be a bad project for a young person as seen in the video below although you might have to work a bit to duplicate it. The catapult was upcycled from a broken kids toy. You might have to run to the toy store or rig something up yourself. Perhaps you could 3D print it or replace it with a trebuchet or compressed air.

In our darker moods, we can think of other things we might want to do upon detecting a smile, but that would sort of spoil the spirit of this light-hearted project. We were a little disappointed, though, that theres no automatic loading of the catapult. Perhaps that will be in phase two.

Wed be more likely to use the launcher for dog treats, but this is a great example of how easy it is to bake Open CV into a Pi project. Its certainly not as violent as the motion tracking air soft gun. If you want to have a go at replacing the catapult with a pneumatic cannon, you might start here.


Opportunity Rover Hasnt Woken Up and Engineers Are Getting Nervous SoylentNews

Submitted via IRC for cmn32480

NASA's Opportunity rover has had an incredible career already, spending years upon years studying the Martian surface and proving to be an incredibly reliable and hardy piece of hardware. Unfortunately, a NASA dust storm that began kicking up in May may have abruptly ended its historic run.

In mid-June, the solar-powered Opportunity ran out of juice and was forced to go into its dormant standby mode. The dust storm which swallowed the entirety of Mars had blocked out the Sun, cutting the rover off of its only available source of power. NASA engineers had remained optimistic that the rover would wake back up when the skies began to clear, but things aren't looking good thus far.

[...] That's...not great news. NASA knew that the rover would be forced to sit dormant for a while because of the intensity of the storm, but that was several weeks ago. The dust has since began to settle, and enough light should be pushing its way down to the surface to begin recharging Opportunity's batteries once again.

Source: NASA's Opportunity rover still hasn't woken up from a Mars dust storm, and engineers are getting nervous

Original Submission

Read more of this story at SoylentNews.


Intel Discloses a Speculative Execution Attack in Software Guard eXtensions (SGX) SoylentNews

Intel's SGX blown wide open by, you guessed it, a speculative execution attack

Another day, another speculative execution-based attack. Data protected by Intel's SGXdata that's meant to be protected even from a malicious or hacked kernelcan be read by an attacker thanks to leaks enabled by speculative execution.

Since publication of the Spectre and Meltdown attacks in January this year, security researchers have been taking a close look at speculative execution and the implications it has for security. All high-speed processors today perform speculative execution: they assume certain things (a register will contain a particular value, a branch will go a particular way) and perform calculations on the basis of those assumptions. It's an important design feature of these chips that's essential to their performance, and it has been for 20 years.

Read more of this story at SoylentNews.


A Radar Module Teardown And Measuring Fan Speed The Hard Way Hackaday

If you have even the slightest interest in microwave electronics and radar, youre in for a treat. The Signal Path is back with another video, and this one covers the internals of a simple 24-GHz radar module along with some experiments that we found fascinating.

The radar module that [Shahriar] works with in the video below is a CDM324 that can be picked up for a couple of bucks from the usual sources. As such it contains a lot of lessons in value engineering and designing to a price point, and the teardown reveals that it contains but a single active device. [Shahriar] walks us through the layout of the circuit, pointing out such fascinating bits as capacitors with no dielectric, butterfly stubs acting as bias tees, and a rat-race coupler thats used as a mixer. The flip side of the PCB has two arrays of beam-forming patch antennas, one for transmit and one for receive. After a few simple tests to show that the center frequency of the module is highly variable, he does a neat test using gimbals made of servos to sweep the signal across azimuth and elevation while pointing at a receiving horn antenna. This shows the asymmetrical nature of the beam-forming array. He finishes up by measuring the speed of a computer fan using the module, which has some interesting possibilities in data security as well as a few practical applications.

Even though [Shahriar]s video tend to the longish side, he makes every second count by packing in a lot of material. He also makes complex topics very approachable, like whats inside a million-dollar oscilloscope or diagnosing a wonky 14-GHz spectrum analyzer.


Amazing New Brain Map of Every Synapse Points to the Roots of Thinking Lifeboat News: The Blog

There are more synapses in a human brain than there are stars in the galaxy. The brain is the most complex object we know of and understanding its connections at this level is a major step forward in unravelling its mysteries, said lead author Dr. Seth Grant at the Center for Clinical Brain Sciences.

Imagine a map of every single star in an entire galaxy. A map so detailed that it lays out what each star looks like, what theyre made of, and how each star is connected to another through the grand physical laws of the cosmos.

While we dont yet have such an astronomical map of the heavens, thanks to a momentous study published last week in Neuron, there is now one for the brain.

If every neuron were a galaxy, then synapsessmall structures dotted along the serpentine extensions of neuronsare its stars. In a technical tour-de-force, a team from the University of Edinburgh in the UK constructed the first detailed map of every single synapse in the mouse brain.


Pennsylvania Report Details Decades of Sexual Abuse by Priests

Via: Reuters: Roman Catholic priests in Pennsylvania sexually abused thousands of children over a 70-year period and silenced victims through the weaponization of faith and a systematic cover-up campaign by their bishops, the state attorney general said on Tuesday. An 884-page report made public by Pennsylvania Attorney General Josh Shapiro after a two-year investigation contained []


Twitter blocks Alex Jones from tweeting for a week The Hill: Technology Policy

Twitter has blocked right-wing conspiracy theorist Alex Jones from tweeting on his personal account for one week after one of his posts violated the platforms policies.A Twitter spokesperson confirmed to The Hill that Jones's account will...


NEW 'Off The Wall' ONLINE 2600 - 2600: The Hacker Quarterly

NEW 'Off The Wall' ONLINE

Posted 15 Aug, 2018 0:38:41 UTC

The new edition of Off The Wall from 14/08/2018 has been archived and is now available online.


Researcher accurately determines energy difference between two quantum states Lifeboat News: The Blog

A kiwi physicist has discovered the energy difference between two quantum states in the helium atom with unprecedented accuracy, a ground-breaking discovery that contributes to our understanding of the universe and space-time and rivals the work of the worlds most expensive physics project, the Large Hadron Collider.

Our understanding of the universe and the forces that govern it relies on the Standard Model of particle physics. This model helps us understand space-time and the fundamental forces that hold everything in the universe in place. It is the most accurate scientific theory known to humankind.

But the Standard Model does not fully explain everything, for example it doesnt explain gravity, dark matter, dark energy, or the fact that there is way more matter than antimatter in the universe.


Scientists find way to make mineral which can remove CO2 from atmosphere Lifeboat News: The Blog

Scientists have found a rapid way of producing magnesite, a mineral which stores carbon dioxide. If this can be developed to an industrial scale, it opens the door to removing CO2 from the atmosphere for long-term storage, thus countering the global warming effect of atmospheric CO2. This work is presented at the Goldschmidt conference in Boston.

Scientists are already working to slow by removing dioxide from the atmosphere, but there are serious practical and economic limits on developing the technology. Now, for the first time, researchers have explained how magnesite forms at low temperature, and offered a route to dramatically accelerating its crystallization. A tonne of naturally-occurring magnesite can remove around half a tonne of CO2 from the atmosphere, but the rate of formation is very slow.

Project leader, Professor Ian Power (Trent University, Ontario, Canada) said:


Einsteins equivalence principle updated with a dash of quantum Lifeboat News: The Blog

New, highly sensitive experiments required to find potential violations.


The Perfect Can Wait: Good Solutions to the Drone Swarm Problem Lifeboat News: The Blog

The nearly successful drone assassination attempt on Venezuelan President Nicolas Maduro earlier this month highlighted yet again a persistent worry for U.S. defense planners: the possibility that a swarm of cheap drone-borne bombs might overwhelm the sophisticated defenses a U.S. base or ship. While the defense industry has seized upon this concern and is currently at work developing new high-tech solutions to this problem, the Department of Defense cant rely on those alone. It makes sense to develop such solutions, but the Department of Defense procurement process is long and the threat is now. With a little ingenuity, there is much that can be done with existing technology to defend effectively against drone threats. Accordingly, this article focuses on the measures the Department of Defense can employ now, with existing technology, to mitigate the threat of drone swarms.

The Current Problem

The drone swarm threat to U.S. naval installations and ships is already quite serious. Only a small amount of explosives and shrapnel would be required to cause significant damage to many of the most important radars, cameras, and important flight systems on ships, missiles, and aircraft. Damaging critical equipment would put military platforms out of action for several weeks or even months and put intense pressure on naval logistics chains and maintenance organizations at a time when they are already hard pressed to keep up with current demands. Even more importantly, such an attack orchestrated on a grand scale could leave U.S. forces unable to respond to critical events around the world in sufficient time to fulfill U.S. defense commitments to allies and friends.


This Two Billion Year-Old Natural Reactor May Hold The Key To Safe Nuclear Waste Disposal Lifeboat News: The Blog

By studying the particular geological conditions found in a two-billion-year-old natural nuclear reactor scientists are hoping to find a safe way to dispose of our modern radioactive waste.


Lawsuit Claims the ACT Sells Students Disability Data to Colleges SoylentNews

Submitted via IRC for SoyCow1984

Students are suing a major college admissions test maker for allegedly selling information about their disability statuses with universities, which they say could hurt their chances at getting into schools and impact the rest of their lives.

When students register to take the ACTa standardized test used for college admissions taken by more than a million high schoolers each yearthey answer a barrage of personal questions. As part of this, they are asked to note if they have disabilities that require "special provisions from the educational institution."

The ACT, which is administered by ACT, Inc., is the only real competitor to the College Board's SAT exam. The lawsuit claims that the ACT is selling the data it gleans from those student questionnairesconnected directly to students' individual identitiesto colleges, which then use it to make important decisions about admissions and financial aid.

"A lot of students and parents have no idea how these testing agencies, which are gatekeepers to college, are using very sensitive and confidential data in the college admissions process," Jesse Creed, one of the plaintiffs' lawyers, told me in a phone call. "[Colleges are] hungry for disability data, because they have limited resources, and it's expensive to educate people with disabilities."


Original Submission

Read more of this story at SoylentNews.


Updated Vega 20 Open-Source Driver Patches Posted, Including PSP & PowerPlay Support Phoronix

Back in May AMD posted initial open-source "Vega 20" patches and support for that yet-to-launch graphics processor was subsequently merged for the Linux 4.18 kernel. More of the Vega 20 AMDGPU kernel driver enablement has now been posted...


HPR2618: Yesod - First Impressions Hacker Public Radio

First place to start is probably Yesods web site at: Often recommended environment for developing Haskell programs is Stack: My road to Haskell started with Learn You a Haskell for Great Good: and going through lecture notes of CIS 194:



Power Management Updates Land In The Linux 4.19 Kernel Phoronix

Intel's Rafael Wysocki has submitted the ACPI and power management updates today for the Linux 4.19 kernel which were subsequently merged by Linus Torvalds...


Microsoft ADFS flaw allows attackers to bypass MFA safeguards Help Net Security

A vulnerability (CVE-2018-8340) in Microsoft Active Directory Federation Services (ADFS) allows a second authentication factor for one account to be used for all other accounts in an organization, Okta REX Security Engineer Andrew Lee has discovered. By employing some simple phishing and leveraging the flaw, an attacker could compromise accounts belonging to other employees or executives and access sensitive information through a variety of company resources. About the vulnerability (CVE-2018-8340) and possible attacks Many organizations More

The post Microsoft ADFS flaw allows attackers to bypass MFA safeguards appeared first on Help Net Security.


Foreshadow: The Sky Is Falling Again for Intel Chips Hackaday

Its been at least a month or two since the last vulnerability in Intel CPUs was released, but this time its serious. Foreshadow is the latest speculative execution attack that allows balaclava-wearing hackers to steal your sensitive information. You know its a real 0-day because it already has a domain, a logo, and this time, theres a video explaining in simple terms anyone can understand why the sky is falling. The video uses ukuleles in the sound track, meaning its very well produced.

The Foreshadow attack relies on Intels Software Guard Extension (SGX) instructions that allow user code to allocate private regions of memory. These private regions of memory, or enclaves, were designed for VMs and DRM.

How Foreshadow Works

The Foreshadow attack utilizes speculative execution, a feature of modern CPUs most recently in the news thanks to the Meltdown and Spectre vulnerabilities. The Foreshadow attack reads the contents of memory protected by SGX, allowing an attacker to copy and read back private keys and other personal information. There is a second Foreshadow attack, called Foreshadow-NG, that is capable of reading anything inside a CPUs L1 cache (effectively anything in memory with a little bit of work), and might also be used to read information stored in other virtual machines running on a third-party cloud. In the worst case scenario, running your own code on an AWS or Azure box could expose data that isnt yours on the same AWS or Azure box. Additionally, countermeasures to Meltdown and Spectre attacks might be insufficient to protect from Foreshadown-NG

The researchers behind the Foreshadow attacks have talked with Intel, and the manufacturer has confirmed Foreshadow affects all SGX-enabled Skylake and Kaby Lake Core processors. Atom processors with SGX support remain unaffected. For the Foreshadow-NG attack, many more processors are affected, including second through eighth generation Core processors, and most Xeons. This is a significant percentage of all Intel CPUs currently deployed. Intel has released a security advisory detailing all the affected CPUs.


A New, Highly Effective And Selective Molecule To Fight Malaria SoylentNews

A novel laboratory-synthesized molecule, based on natural compounds known as marinoquinolines found in marine gliding bacteria, is a strong candidate for the development of a new antimalarial drug.

In tests, the molecule proved capable of killing even the strain that resists conventional antimalarials. The molecule displays low toxicity and high selectivity, acting only on the parasite and not on other cells of the host organism.

The molecule was developed in Brazil at the Center for Research and Innovation in Biodiversity and Drug Discovery (CIBFar). The researchers tested the molecule in strains cultured in vitro as well as in mice using Plasmodium berghei, since mice are immune to infection by Plasmodium falciparum, which causes the most aggressive type of malaria.

"In mice, the number of parasites in the bloodstream (parasitemia) had fallen 62 percent by the fifth day of the test. After 30 days, all the mice given doses of the molecule were still alive," said Rafael Guido, a professor at the University of So Paulo's So Carlos Physics Institute (IFSC-USP).

Guido co-authors an article published in the Journal of Medicinal Chemistry, in which the researchers describe the molecule's inhibitory action in the blood and liver stages of the parasite's asexual cycle, which is responsible for the signs and symptoms of the disease.

Read more of this story at SoylentNews.


Hillicon Valley: Omarosa drops bombshell claim about Trump, WikiLeaks | Dems turn up heat over fake FCC cyberattack | Uber hires ex-NSA official to improve security | FBI boosts cyber team The Hill: Technology Policy

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Morgan Chalfant (@mchalfant16) and Olivia Beavers (@olivia_beavers),...


Tesla creates committee to assess Musk proposal to go private The Hill: Technology Policy

Tesla has created a special committee to consider taking the company private. The move, announced on Tuesday, follows a tweet from CEO Elon Musk last week saying that he had secured funding to take Tesla private at $420 a share, valuing it at $...


Twiddling Youtube; or, I mean, Innovations in Machine Learning Random Thoughts

I mean, weve all been annoyed when we set up our USB monitor in our hallway that displays weather data, and then we decided to show videos from Youtube that somehow relate to the music thats playing our apartment; weve dreamed of having something like the following catch our eyes when passing by on the way to the kitchen.

Oh, what a marvellous dream we all had, but then it turned out that most of the videos that vaguely matched the song titles turn out to be still videos.

So many still photo videos. So very many.

I mean, this is a common problem, right? Something we all have?



xf86-video-v4l X.Org Driver Sees First New Release In A Decade Phoronix

The xf86-video-v4l v0.3.0 driver was announced today as the first new release for this DDX driver in ten years...


Astronomers Discover Supermassive Black Hole In An Ultracompact Dwarf Galaxy SoylentNews

A team of scientists from the Faculty of Physics and Sternberg State Astronomical Institute, MSU, leading an international collaboration with members from Europe, Chile, the U.S. and Australia discovered a supermassive black hole in the center of the Fornax galaxy. The results of the research were published in Monthly Notices of the Royal Astronomical Society journal.

Fornax UCD3 is a part of a Fornax galaxy cluster and belongs to a very rare and unusual class of galaxies, ultracompact dwarfs. The mass of such dwarf galaxies reaches several dozen millions of solar masses, and the radius does not typically exceed 300 light years. This ratio between mass and size makes UCDs the densest stellar systems in the universe.

"We have discovered a supermassive black hole in the center of Fornax UCD3. The black hole mass is 3.5 million that of the sun, similar to the central black hole in our own Milky Way," explained Anton Afanasiev, the first author of the article, a student of the department of the Faculty of Physics, MSU.

[...] The black hole discovered by the authors is the fourth ever to be found in UCDs and corresponds to 4 percent of the total galaxy mass. In average galaxies, this ratio is considerably lower (about 0.3 percent). Though there are few known examples, the existence of massive black holes in UCDs is a strong argument for the tidal origin of such galaxies. According to this hypothesis, an average-sized galaxy passed a bigger and more massive one at a certain stage of its evolution, and as a result of the influence of tidal forces, lost the majority of its stars. The remaining compact nucleus has become what we know as an ultracompact dwarf.

"To be able to say with complete assurance that this hypothesis is correct, we need to discover more supermassive black holes in UCDs. This is one of the prospects of this work.

Moreover, a similar methodology may be applied to more massive and less dense compact elliptical galaxies. In one of our next works, we will study the population of central black holes in objects of this kind," concluded the scientist.

Original Submission

Read more of this story at SoylentNews.


[$] CVE-2018-5390 and "embargoes"

A kernel bug that allows a remote denial of service via crafted packets was fixed recently and the resulting patch was merged on July 23. But an announcement of the flaw (which is CVE-2018-5390) was not released until August 6a two-week window where users were left in the dark. It was not just the patch that might have alerted attackers; the flaw was publicized in other ways, as well, before the announcement, which has led to some discussion of embargo policies on the oss-security mailing list. Within free-software circles, embargoes are generally seen as a necessary evil, but delaying the disclosure of an already-public bug does not sit well.


CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) Open Source Security

Posted by Vladis Dronov on Aug 14


A flaw named FragmentSmack was found in the way the Linux kernel handled
reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could
use this flaw to trigger time and calculation expensive fragment reassembly
algorithms by sending specially crafted packets which could lead to a CPU
saturation and hence a denial of service on the system.

External References:


Bad news conspiracy theorists. QAnon codes are just a guy mashing his keyboard Graham Cluley

The codes in Qs posts arent actual codes, but instead just random typing by someone who might play an instrument and uses a qwerty keyboard, says password expert.


All the Badges of DEF CON 26 (vol 1) Hackaday

Two or three years back you would see a handful of really interesting unofficial badges at DEF CON. Now, theres a deluge of clever, beautiful, and well executed badges. Last weekend I tried to see every badge and meet every badge maker. Normally, I would publish one megapost to show off everything I had seen, but this year Im splitting it into volumes. Join me after the break for the first upload of the incredible badges of DC26!

Telephreak Eleven Badge



Libinput 1.12 RC2 Continues Working On Improving Linux Touchpad Behavior Phoronix

We've known libinput 1.12 is going to be a significant release and that's still holding true in looking at the second release candidate for this Wayland/X.Org input handling library...


When's A Backdoor Not A Backdoor? When The Oz Government Says It Isn't SoylentNews

Australia's promised not-a-backdoor crypto-busting bill is out and the government has kept its word - it doesn't want a backdoor, just the keys to your front one.

The draft of The Assistance and Access Bill 2018 calls for anyone using or selling communications services in Australia will be subject to police orders for access to private data.

That includes all vendors of computers, phones, apps, social media and cloud services in the Lucky Country, and anyone within national borders using them. These data-tapping orders will be enforced with fines of up to AU$10m (US$7.3m) for companies or $50,000 ($36,368) for individuals

The draft legislation also wants five years in prison for anyone who reveals a data-slurping investigation is going on. And while there's no explicit encryption backdoor requirements in the 110 page draft bill, our first look suggests there doesn't need to be.

Original Submission

Read more of this story at SoylentNews.


How Did The Mayans Disappear? Researchers Think They Finally Know Lifeboat News: The Blog

Sediment samples from Lake Chichancanab in Mexico show that annual rainfall decreased by more than 50 percent at the end of Mayan civilization.


"Citizens Police Academies" are used to improve community relations and influence voters MassPrivateI

A recent article in KSFY revealed that the Lincoln County Sheriff's Office is training citizens to act like cops.

Because that is what America needs right now, more police.

These 'citizen cops' go through a ten-week training program called "Citizens Academy" which teaches them to take part in fingerprinting, shooting a taser, A.L.I.C.E. training and much more.

In Great Falls, Montana, Citizen Academy attendees can be tasered by the police.

"Along with learning so much attendees also get to ride with an officer, see a homicide investigation, be Tased (or just watch)."

A.L.I.C.E. training is an acronym for 'Alert, Lockdown, Inform, Counter, Evacuate' or Active Shooter Civilian Response techniques.

Why are police training citizens and corporations in active shooter drills?

A.L.I.C.E. training reduces corporate liability

At approximately 2:45 minutes into the video, the ALICE Institute reveals that active shooter training reduces an organization's liability.

Citizens are also trained to conduct mock traffic stops.


SolvedByData SSD Shared, Reseller Hosting & VPSs from $3/year! Low End Box

Taylor from SolvedByData has submitted their very first offer to LowEndBox today. They are offering deals on their Shared, Reseller and OpenVZ based services out of Los Angeles and New York. Give them a try and let us know what you think about them so!

Their WHOIS is public, and you can find their ToS/Legal Docs here. They accept PayPal, Credit Cards, Alipay and Cryptocurrency (bitcoin and altcoins) as payment methods.

Heres what they had to say: 

SolvedByData provides purpose built hosting for mission critical sites, applications, stores, forums, and more. Our performance tuned platform takes the worry and guesswork out of hosting.

With SolvedByData, we provide hassle-free hosting, with a get-it-done attitude so you can focus on growing your business. With so many hosting companies to choose from, we at SolvedByData want to make this decision as easy and clear to you as possible. We believe in building long term business relationships with our customers, and we do that by understanding your needs and following through with that understanding. With our years of industry experience, we know what it takes in order to get you up and running, and keep you online every step of the way. You can always rely on SolvedByData day and night.

Heres the offers: 
** After your order, open a ticket and request *one* of the following freebies **



  • 20GB SSD Space
  • 750GB Bandwidth
  • 2 Domains
  • DDoS Protection
  • cPanel/Softaculous
  • LiteSpeed/CloudLinux
  • Free Migrations
  • New York Datacenter
  • $3/yr
  • [ORDER]


  • 150GB SSD Space
  • 5TB Bandwidth
  • Unlimited Domains
  • DDoS Protection
  • cPanel/Softaculous
  • LiteSpeed/CloudLinux
  • Free Migrations
  • New York Datacenter
  • $10/yr
  • [ORDER]


  • Unmetered SSD Space
  • 5TB Bandwidth
  • Unlimited Domains
  • DDoS Protection
  • cPanel/Softaculous
  • ...


What would it take to become a trillionaire? Lifeboat News: The Blog

Apple has crossed over into the four-comma club what would it take for a person to do the same?


Microsoft Releases Patches for 60 FlawsTwo Under Active Attack The Hacker News

Get your update caps on. Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for August 2018, patching a total of 60 vulnerabilities, of which 19 are rated as critical. The updates patch flaws in Microsoft Windows, Edge Browser, Internet Explorer, Office, ChakraCore, .NET Framework, Exchange Server, Microsoft SQL Server and Visual Studio. Two of these


DIY Wind Turbine for Where the Sun Doesnt Shine Hackaday

There are plenty of places outside where you may like to have a project requiring electricity that may not get enough sun for solar power to be viable. Perhaps wind power could be used instead? [Greg] has a project to create a platform for using a small wind turbine to generate the power for your projects.

The wind turbine that [Greg] designing is a Savonius-style wind turbine that would put out between 5 and 12 volts. In a Savonius turbine, blades are mounted on a vertical axis allowing for a smaller, less complicated build than traditional horizontal axis wind turbines. The design is named for its inventor, Finnish engineer Sigurd Johannes Savonius.

After doing some research, the design will have a 2:1 height to blade ratio and use three pairs of overlapping curved blades stacked on top of each other, each pair offset by 120 degrees. This design, [Greg] figures, will come within a few percentage points of the efficiency of more exotic blade shapes while making the windmill easy to design and implement. Being half cylinders, the blades can easily be made from existing objects cut in half pop cans, for example, but there has been some designing the blades in Fusion 360 for 3D printing. The stator board has been designed and the initial prototypes of it and the rotor have arrived, so the testing can now commence.

Once the design is finalized and the prototype working, itd be interesting to see some projects start showing up using wind power instead of solar power. Take a look at this design for a vertical wind turbine, and this design for a simple, straightforward turbine.

The HackadayPrize2018 is Sponsored by:


[$] Meltdown strikes back: the L1 terminal fault vulnerability

The Meltdown CPU vulnerability, first disclosed in early January, was frightening because it allowed unprivileged attackers to easily read arbitrary memory in the system. Spectre, disclosed at the same time, was harder to exploit but made it possible for guests running in virtual machines to attack the host system and other guests. Both vulnerabilities have been mitigated to some extent (though it will take a long time to even find all of the Spectre vulnerabilities, much less protect against them). But now the newly disclosed "L1 terminal fault" (L1TF) vulnerability (also going by the name Foreshadow) brings back both threats: relatively easy attacks against host memory from inside a guest. Mitigations are available (and have been merged into the mainline kernel), but they will be expensive for some users.



Apple argued building was worth $200 not $1B to lower tax bill The Hill: Technology Policy

Apple argued that buildings it owned around Cupertino, Calif., where it is headquartered, were only worth $200 instead of the $1 billion tax assessors deemed in 2015, according to appeals reviewed by the San Francisco Chronicle.The report...


Latest Apple Release to Defeat Browser Fingerprinting in Safari SoylentNews

Browser fingerprinting is where JavaScript or other means are used to scrape uniquely identifying information from the browser metadata and functions such as how it draws a canvas object. In it's latest release Apple will defeat browser fingerprinting by making all Mac users look alike to advertisers and websites that use fingerprinting to track users. Apple can afford to do this as it doesn't have skin in the online advertising game.

[This is likely only going to be for the Safari browser. - Ed]

Original Submission

Read more of this story at SoylentNews.


Xen Security Advisory 272 v2 - oxenstored does not apply quota-maxentity Open Source Security

Posted by Xen . org security team on Aug 14

Xen Security Advisory XSA-272

oxenstored does not apply quota-maxentity


Ammend patch to reference XSA-272 in the commit message.

Public release.


The logic in oxenstored for handling writes depended on the order of
evaluation of expressions making up a tuple.

As indicated in section 7.7.3...


PUBG: NetEase Masks Its Copyright Infringement With Game Updates TorrentFreak

PlayerUnknowns Battlegrounds (PUBG) is without a doubt one of hottest games at the moment.

The success earned the company hundreds of millions of dollars, which inspired other developers to create similar games.

Some of these games are too similar, according to PUBG.

To protect its financial interests, the company, therefore, decided to take the developer of two alleged spinoffs to court. PUBG sued the Chinese company NetEase, the makers of Rules of Survival and Knives Out, accusing it of copyright infringement.

While NetEase readily admitted that its games operate in the same genre, it refuted the copyright infringement claims. Last month the company filed a motion to dismiss the lawsuit, describing it as an attempt to monopolize the popular battle royale genre.

This motion triggered a response from PUBG this week, in which it describes NetEases defense as baseless.

Defendants attack on PUBGs complaint is baseless. PUBG is not seeking to monopolize the popular battle royale genre of video games, instead, it seeks to protect its creative expression of unique and distinctive elements within its BATTLEGROUNDS game, PUBG writes.

NetEase argued that the infringement claims are unfounded, pointing at several elements that are clearly different. However, PUBG clearly disagrees, noting that individual elements and the overall selection and combination of these elements were copied.

Those distinctive and protectable elements have been blatantly copied by Defendants in not one, but two, competing games, the company writes.

NetEases defense also summed up a variety of elements that were clearly different in their games.

This is a non-issue according to PUBG, as copyright infringement is based on similarities between works. This means that the differences between the games provide no defense.

In addition, PUBG notes that this argument is improper, as many of the cited differences were introduced in updates that came out after the lawsuit was filed.

[M]any of Defendants claimed dissimilarities are a fallacy, strategically inserted by Defendants after this lawsuit was filed, in a clear attempt to mask Defendants blatant infringement, PUBG writes.

The developer provides several examples of Rules of Survival changes that were added after the complaint was filed. These range from changes to optimize the gameplay to the addition of new weapons and armor.

Many of the cited differences, were not in the Rules of Surv...


Xen Security Advisory 271 v2 (CVE-2018-14007) - XAPI HTTP directory traversal Open Source Security

Posted by Xen . org security team on Aug 14

Xen Security Advisory CVE-2018-14007 / XSA-271

XAPI HTTP directory traversal


Public release.


XAPI has an unauthenticated HTTP endpoint update/ which exports the
contents of /var/update for other hosts to use.

However, the resolution of . and .. in paths is performed before url
unquoting is...


Xen Security Advisory 270 v2 - Linux netback driver OOB access in hash handling Open Source Security

Posted by Xen . org security team on Aug 14

Xen Security Advisory XSA-270

Linux netback driver OOB access in hash handling


Public release.


Linux's netback driver allows frontends to control mapping of requests
to request queues. When processing a request to set or change this
mapping, some input validation was missing or flawed....


Xen Security Advisory 269 v2 - x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS Open Source Security

Posted by Xen . org security team on Aug 14

Xen Security Advisory XSA-269

x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS


Public release.


The DEBUGCTL MSR contains several debugging features, some of which virtualise
cleanly, but some do not. In particular, Branch Trace Store is not
virtualised by the processor, and software has...


Xen Security Advisory 268 v2 - Use of v2 grant tables may cause crash on ARM Open Source Security

Posted by Xen . org security team on Aug 14

Xen Security Advisory XSA-268

Use of v2 grant tables may cause crash on ARM


Public release.


ARM never properly implemented grant table v2, either in the
hypervisor or in Linux.

Unfortunately, an ARM guest can still request v2 grant tables; they
will simply not be properly set up, resulting in...


Uber taps former NSA official to head security team The Hill: Technology Policy

Uber announced Tuesday that it has named Matt Olsen, a former National Counterterrorism Center director and National Security Agency (NSA) general counsel, as its new chief security officer.Olsen, who served as the counterterrorism head...


Xen Security Advisory 273 v1 (CVE-2018-3620,CVE-2018-3646) - L1 Terminal Fault speculative side channel Open Source Security

Posted by Xen . org security team on Aug 14

Xen Security Advisory CVE-2018-3620,CVE-2018-3646 / XSA-273

L1 Terminal Fault speculative side channel


In x86 nomenclature, a Terminal Fault is a pagetable walk which aborts
due to the page being not present (e.g. paged out to disk), or because
of reserved bits being set.

Architecturally, such a memory access will result in a page fault
exception, but some processors will speculatively...


L1 Terminal Fault - The Latest Speculative Execution Side Channel Attack Phoronix

Details are still light but a new vulnerability is coming out called the L1 Terminal Fault. It's been described as a "train-wreck" and is another big deal in the security space as the latest speculative side-channel attack vector...


Turning off Location History doesnt prevent Google from knowing your location Help Net Security

If you believe that by turning off Location History on your Android device or iPhone means that Google wont be able to know your location, think again: Princeton University researchers have confirmed Google services store users location regardless of those settings. The research was performed on behalf of Associated Press, whose interest was piqued by a blog post by a graduate researcher at UC Berkeley, who noticed that her Android phone prompted her to rate More

The post Turning off Location History doesnt prevent Google from knowing your location appeared first on Help Net Security.


Behind The Pin: Logic Level Outputs Hackaday

There is one thing that unites almost every computer and logic circuit commonly used in the hardware hacking and experimentation arena. No matter what its age, speed, or internal configuration, electronics speak to the world through logic level I/O. A single conductor which is switched between voltage levels to denote a logic 1 or logic zero. This is an interface standard that has survived the decades from the earliest integrated circuit logic output of the 1960s to the latest microcontroller GPIO in 2018.

The effect of this tried and true arrangement is that we can take a 7400 series I/O port on an 8-bit microcomputer from the 1970s and know with absolute confidence that it will interface without too much drama to a modern single-board computer GPIO. When you think about it, this is rather amazing.

Its tempting to think then that all logic level outputs are the same, right? And of course they are from a certain viewpoint. Sure, you may need to account for level shifting between for example 5V and 3.3V families but otherwise just plug, and go, right? Of course, the real answer isnt quite that simple. There are subtle electrical differences between the properties of I/O lines of different logic and microcontroller families. In most cases these will never be a problem at all, but can rear their heads as edge cases which the would-be experimenter needs to know something about.

Consider the Voltage



Google parent invests $375M in ObamaCare startup Oscar The Hill: Technology Policy

Googles parent company, Alphabet, is investing $375 million in Oscar Health, a startup health insurance company seeking to redefine the industry by using technology and data. The infusion of funding from the parent of a major technology giant is a...


Millions of Android Devices At Risk of Man-in-the-disk Attack HackRead

By Waqas

Thanks to Ignorant App Developers At Defcon 2018, we have so far witnessed many innovative forms of compromising devices including electoral voting machines. However, this latest revelation Man-in-the-disk Attack is quite surprising and to a great extent concerning for Android users. According to researchers at CheckPoint security firm, the new attack method dubbed as Man-in-the-disk []

This is a post from Read the original post: Millions of Android Devices At Risk of Man-in-the-disk Attack


A Lot Of Spectre Changes Land In The Linux 4.19 Git Tree, Possible Performance Impact Phoronix

"The Speck [Spectre slang, not to be confused with the controversial NSA algo] brigade sadly provides yet another large set of patches destroying the perfomance which we carefully built and preserved," began the latest x86/pti pull request by kernel maintainer Thomas Gleixner...


Links 14/8/2018: Virtlyst 1.2.0, Blender 2.8 Planning Update, Zorin OS 12.4, FreeBSD 12.0 Alpha Techrights

GNOME bluefish



  • Kernel Space

    • XArray Proposed For Merging In The Linux 4.19 Kernel

      Matthew Wilcox who most recently has been employed by Microsoft is looking to get the new XArray data structure added to the Linux 4.19 kernel.

      Earlier this year Wilcox was hoping for XArray in Linux 4.17 but that didnt pan out but he believes it is ready for Linux 4.19. XArray is intended to eventually replace the radix tree data structure in the Linux kernel. XArrays advantages include locking support as part of its design, memory not being pre-loaded, and page cache improvements in using XArray.

    • Btrfs Gets Fixes & Low-Level Improvements With Linux 4.19

      David Sterba of SUSE sent in the Btrfs file-system updates today for the Linux 4.19 kernel merge window.

      The most noticeable change with Btrfs for Linux 4.19 is that it now supports defragging opened read-only files that have read-write permissions. Btrfs in Linux 4.19 is also carrying some validation improvements, error code handling improvements, tree checker improvements, some fsync fixes, a possible deadlock fix, resetting the on-disk device stats value after replacing a drive, and a variety of other code clean-ups and bug fixes.

    • Linux 4.18 Benefits from Energy-Aware Scheduling on ARM

      The fourth major milestone release for the Linux kernel was officially announced by Linus Torvalds on Aug. 12 with the general availability of Linux 4.18.

      Linux 4.18, required a somewhat uncommon eight release candidates and follows the Linux 4.17 release that was announced on June 3.

      One week late(r) and here we are 4.18 is out there, Linus Torvalds wrote in his release announcement. It was a very calm week, and arguably I could just have released on schedule...


House Dems press FCC chairman for answers on false cyberattack claim The Hill: Technology Policy

Democratic lawmakers are putting heat on Federal Communications Commission (FCC) Chairman Ajit Pai over a recent inspector general (IG) report that found the agency falsely claimed it had suffered a cyberattack that briefly took down its electronic...


Free and fast ways to turn your favorite YouTube videos into MP3 files TechWorm

Dont you just love the feeling of lying around and listening to music or watching your favorite singers videos on YouTube? It would be great if you could have their music with you all the time and listen to it without requiring an Internet connection. If you really like a song, you could turn it into a ringtone and thus, make your phone sound like your idol.

There are different programs which can help you convert videos from YouTube to MP3s

Those who want to turn their favorite videos into MP3 files need to start looking for an online converter. You will find a lot of these tools available for free download. Since there are a lot of options, its hard to know which is the right one. Another concern could be represented by the idea that you dont know much about hardware and you wont be able to set up the new program by yourself.

In this case, you dont have any reason to worry. Apart from the fact that YouTube converter installment is not brain surgery, we have compiled a list of the most popular programs dedicated to this process. Music fans from around the world are using them and their positive feedback determined us to mention these programs further in this article.

Legal matters

Before we start, we should mention an important detail. Downloading videos from YouTube is legal under certain terms and conditions. Firstly, its totally safe, secure and legal to download your own footages. In this case, you have to have created and uploaded the content to your personal account.

Secondly, nobody will sue you if you have a written permission for downloading their videos. On the other hand, if you want to get files from the public domain you dont need any permission, but make sure that is the case before proceeding.

YouTube to MP3 converters are not just simple apps

Like we mentioned before, you dont have to be a tech guru for using programs dedicated to turning YouTube videos into MP3 files. The following examples have been chosen from a long list and are safe, fast, easy to install and use and, above all, free.
1. VLC Media Player dedicated to Windows operating systems;
2. Audacity suitable for Windows, Linux and macOS;
3. GenYouTube the fastest way to convert YouTube videos to MP3 files;
4. its features are similar to GenYouTube, but users can customize the videos quality while converting them;
5. MediaHuman YouTube to MP3 Converter suitable to Windows, Mac and Ubuntu operating systems;
6. YouMp34 Android App it is dedicated to downloading videos from YouTube directly to an Android Phone or tablet;
7. Documents iPhone App suitable for iPhone users.
8. Chrome or Firefox Web Browser can be used by Windows systems

Although they...


Defense in depth -- the Microsoft way (part 57): all the latest MSVCRT installers allow escalation of privilege Bugtraq

Posted by Stefan Kanthak on Aug 14

Hi @ll,

about 6 weeks ago, Microsoft updated their MSKB article
listing the current/lastest downloads of their MSVCRT alias
Microsoft Visual C++ Redistributable for Visual Studio 201x

Guess what Microsoft used to build the executable installers
offered on that page: COMPLETELY outdated versions 3.7.3813.0
(and before) of Wix Toolset, which NOBODY...


Aboard The ISS, Researchers Investigate Complex Dust Behavior In Plasmas SoylentNews

[...] PK-4 is a collaboration between the European Space Agency and the Russian State Space Corporation "Roscosmos" to investigate complex plasmas. Complex or dusty plasmas contain electrons, ions and neutral gas, as well as microparticles such as dust grains. The microparticles become highly charged in the plasma and interact strongly with each other, which can lead to liquid or even crystalline behavior within the complex plasma. The most important property of such a system is that investigations of physical phenomena can be performed on the individual (micro-) particle level allowing new insights into fluid and solid-state physics.

[...] In the experiment, a microparticle cloud drifted in a plasma with a constant direct current and formed self-excited wave patterns. After that, the discharge polarity was reversed. Although the field strength was nearly identical for both discharge polarities, the wave patterns exhibited bifurcations: A new wave crest formed between the two old crests in the head of the microparticle cloud.

"The most interesting finding was the velocity of these waves strongly depends on the electric field, which is exciting the waves," said Mikhail Pustylnik, an author on the paper. "We expect to encounter these types of waves in astrophysical situations where you might have dust -- in a cometary tail, for example."

"Many plasma processes are also used in the semiconductor industry," Pustylnik said. Dust poses big challenges for the semiconductor industry because particles may damage a silicon wafer during manufacturing. Starting this fall, the researchers are planning additional experiments that will vary the range of electric fields by switching the polarity of the discharge.

Original Submission

Read more of this story at SoylentNews.


How WeChat Filters Images for One Billion Users News The Citizen Lab

With over 1 billion monthly users, WeChat boasts the title of most popular chat application in China and the fourth largest in the world. However, a new report by Citizen Lab researchers reveals exactly how the platform is able to censor images sent by these billion users.

Building on previous research which shows that WeChat censors sensitive images, this new report demonstrates the technical underpinnings of how this censorship operates. Specifically, findings show that WeChat uses two different algorithms to filter images: an Optical Character Recognition (OCR)-based approach that filters images containing sensitive text and a visual-based one that filters images that are visually similar to those on an image blacklist.

Most censorship research has thus far focused on measuring website blocking or censorship of chat, posts, and other text media, says report author Jeffrey Knockel. As images become an increasingly large component of how we communicate online, we need to also have a good understanding of how image censorship is implemented.

And evidence suggests that images are gaining favour among WeChat users. In a recent study, images ranked as the most preferred type of message shared on WeChat Moments (similar to Facebooks Timeline feature), beating out text-based posts and short videos.

Understanding how the industry leader conducts censorship of different content formats offers us some insights into the trend of censorship and direction of future research, says report author Lotus Ruan.

To evaluate how image censorship functions, Citizen Lab researchers devised a series of tests that revealed the ways in which filters would reject or allow images in Moments. They discovered that the OCR-based algorithm has details common to many standard OCR algorithms in that it converts images to grayscale and uses blob merging to consolidate characters. Additionally, they found that the visual-based algorithm is not based on any machine learning approach that uses high level classification of an image to determine whether it is sensitive or not.



Looking Forward To Electromagnetic Field 2018 Hackaday

There is an air of excitement among the hackerspaces of Europe, because this month is hacker camp season. In Denmark they have Bornhack beginning on Thursday, in Italy IHC was held earlier in the month, while here in the UK we are looking forward to Electromagnetic Field. Were excited be at Eastnor Castle for Electromagnetic Field at the cusp of August and September for several days under canvas surrounded by our communitys best and brightest work. Well even have a Hackaday Readers Village this year!

If youve never been to a hacker camp before, this is one thats not to be missed. Technically this is camping, but where every structure from the smallest tent upwards has mains power and gigabit Ethernet. Its the equivalent of a music festival if you replace the music with technology and other cool stuff from our world. There are talks on a huge variety of fascinating subjects, the chance to see up close some of the things youll have read about here on Hackaday, and best of all, a significant proportion of Europes hackerspace communities all together in one place. They are a uniquely stimulating and exciting environment.

Hackaday Readers Village Among the Highlights



CVE-2018-14722: btrfsmaintenance: Code execution Open Source Security

Posted by Marcus Meissner on Aug 14


SUSE employee Fabian Vogt has found a shell code injection issue in the "btrfsmaintenance" tools.

Mounting btrfs images with a label including shell injection characters could cause
the cron jobs (running as root) to execute the include shellcode.

Our proposed fix attached to this email.

bad image can be created with:
mkfs.btrfs --label "`/evil/command`'...


An 11-Year-Old Changed Election Results On a Replica Florida State Website in Under 10 Minutes

Via: PBS: An 11-year-old boy on Friday was able to hack into a replica of the Florida state election website and change voting results found there in under 10 minutes during the worlds largest yearly hacking convention, DEFCON 26, organizers of the event said. Thousands of adult hackers attend the convention annually, while this year []


Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected Security Affairs

Security expert demonstrated that reusing a key pair across different versions and modes of IPsec IKE open the doors to attacks. Many vendors are affected

Security researchers from the University of Opole in Poland and the Ruhr-University Bochum in Germany have devised a new attack technique that allows cracking encrypted communications.

The products of several vendors, including Cisco, Huawei, ZyXEL, and Clavister, are vulnerable to the attack.

The experts will present their findings this week at the 27th USENIX Security Symposium, meantime they have released a research paper.

In this paper, we show that reusing a key pair across different versions and modes of IKE can lead to cross-protocol authentication bypasses, enabling the impersonation of a victim host or network by attackers. We exploit a Bleichenbacher oracle in an IKEv1 mode, where RSA encrypted nonces are used for authentication. reads the paper.

Using this exploit, we break these RSA encryption based modes, and in addition break RSA signature-based authentication in both IKEv1 and IKEv2.

The experts focused their analysis on the impact of key reuse on Internet Protocol Security (IPsec). IPsec is used for virtual private networks (VPNs). The cryptographic key for IPsec leverages the Internet Key Exchange (IKE) protocol, which has two versions, IKEv1 and IKEv2.

The experts have also described an offline dictionary attack against the PSK (Pre-Shared Key) based IKE modes, thus covering all available authentication mechanisms of IKE.

The researchers found Bleichenbacher oracles in the IKEv1 implementations of Cisco (CVE-2018-0131), Huawei (CVE2017-17305), Clavister (CVE-2018-8753), and ZyXEL (CVE-2018-9129).

Major vendors, including Cisco, Huawei and ZyXEL have published security advisories for this vulnerability.

The Ciscos advisory describes the issue as an issue in the implementation of RSA-encrypted nonces in the IOS and IOS XE software.  A remote unauthenticated attacker can obtain the encrypted nonces of an IKEv1 session by sending specially crafted ciphertexts to the targeted system.

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session. reads the advisory published by Cisco.

The vulnerability exists because the affected software responds incorrectly to decryption failures. An attacker could ex...


Google tracks Android, iPhone users location even with location history turned off TechWorm

Google tracks your movements even when location services are disabled

Many of us turn off location services on our smartphones so that we can avoid being tracked. But what if you get to know that in spite of taking this precaution, Google tracks you everywhere.

According to an Associated Press report released Monday, Google services is storing users location data on Android devices and iPhones even if you have privacy settings explicitly set to not do it. These findings were confirmed by computer-science researchers at Princeton on APs request.

In fact, Googles own support page encourages user autonomy to decide what information to share. You can turn off Location History at any time. With Location History off, the places you go are no longer stored, reads the companys privacy page. However, even with Location History turned off, some Google apps automatically store time-stamped location data without permission, the AP found.

For instance, every time you use an app like Google Maps for navigating, the company asks permission to access your location information on its app. However, this isnt true, as AP found that Google tracks your location even when you have paused Location History on your mobile devices.

For example, Google stores a snapshot of where you are when you merely open its Maps app. Automatic daily weather updates on Android phones pinpoint roughly where you are, the AP explains.

And some searches that have nothing to do with location, like chocolate chip cookies, or kids science kits, pinpoint your precise latitude and longitudeaccurate to the square footand save it to your Google account.

In order to completely turn off location tracking, users must adjust settings in web and app activity, and not only location services. For those unaware, web and app activity is a setting that is enabled by default and stores a variety of information from Google apps and sites to your Google account. Despite turning off web and app activity and location services, it is still difficult to avoid the phone from recording users locations, according to the report.

Google Admits Tracking Users Location

Google issued the following statement in response to APs investigation:

There are a number of different ways that Google may use location to improve peoples experience, including Loca...


Our Families Succumb Lifeboat News: The Blog

Everyone can find plenty of examples from his or her own life of what aging is doing to us all.

A few days ago, I wrote an article while on a plane. Im an expat, and I was flying back to my home country. Im now in my hometown, where I lived until I was 18. I come back here only seldom, and the last time I visited was four years ago.

For the vast majority of the time I lived at my parents house, I was a child. My most vivid memories of the place are from my childhood, when everything looked so much larger. So, even though I did live here as a grown-up as well, every time I come back here after years of absence, every room in the house looks far less spacious. Things have changed a bit since I left. Furniture has changed place and function; ornaments and knick-knacks have been moved, added, or removed; predictably, even the town has changed somewhat over the years.

What has changed the most, though, are the people.


Adobe releases important security patches for its 4 popular software The Hacker News

Adobe has released August 2018 security patch updates for a total of 11 vulnerabilities in its products, two of which are rated as critical that affect Adobe Acrobat and Reader software. The vulnerabilities addressed in this month updates affect Adobe Flash Player, Creative Cloud Desktop Application, Adobe Experience Manager, Adobe Acrobat and Reader applications. None of the security


Hack the Marine Corps bug bounty program kicks off Help Net Security

The U.S. Department of Defense (DoD) and HackerOne launched the Departments sixth bug bounty program, Hack the Marine Corps. The bug bounty challenge will focus on Marine Corps public-facing websites and services in order to harden the defenses of the Marine Corps Enterprise Network (MCEN). The bug bounty program will conclude on August 26, 2018. The Marine Corps bug bounty program kicked off with a live-hacking event in Las Vegas, Nev. on August 12, 2018 More

The post Hack the Marine Corps bug bounty program kicks off appeared first on Help Net Security.


R&D Special Report: Federally Funded Research Labs Lifeboat News: The Blog

Concept art: Air Force

National Defense magazine asked research laboratories involved in national security programs: What is your organizations number one R&D big bet, (in other words: a high-risk, high-reward technology investment) that you believe will have the biggest payoff for those in the military or national security realm? Why? And in what ways do you think it will benefit the end users?


Leather Working with a 3D Printer Hackaday

No, you cant print in leather at least not yet. But [Make Everything] has a tutorial about how to produce a custom leather embossing jig with a 3D printer. From a 3D printing point of view, this isnt very hard to do and you might want to skip over the first six minutes of the video if youve done 3D printing before.

The real action is when he has the 3D print completed. He glues the stamp down to some wood and then fits the assembly to a vise that hell use as a press. After wetting the leather, the wood and 3D printed assembly sandwiches the piece and the vise applies pressure for ten minutes. He did make the leather a bit oversized to make alignment more forgiving. After the embossing is complete, he trims it out.

If you are experienced with leather, this probably isnt a revelation. But if you are not wise in the ways of tanned animal hide, this is an easy way to add a capability to your workshop using nothing more than what you already probably have. All you need is some leather.

If you decide you want to go all out working with textiles, we can help you. Weve actually seen 3D-printing done for leather book covers before, although the technique is quite a bit different as the plastic stays in and the text is outset.


Faxploit: Hackers can use Fax machines to inject malware into a targeted network HackRead

By Waqas

Think twice before sharing your fax number with someone. Many corporations provide their fax number in the contact information page on the websites. After all, it is considered completely harmless to share fax number with other information like the email address or phone number. However, it turns out that the fax number is also exploitable []

This is a post from Read the original post: Faxploit: Hackers can use Fax machines to inject malware into a targeted network


Security updates for Tuesday

Security updates have been issued by Arch Linux (thunderbird), Debian (gdm3 and samba), openSUSE (cgit and lxc), SUSE (grafana, kafka, logstash, openstack-monasca-installer and samba), and Ubuntu (gdm3 and libarchive).


Social Mapper Finds Social Media Profiles Using Only A Photo TechWorm

Social Mapper This Free Tool Lets You Track People Across Social Media

Researchers at Trustwave, a company that provides ethical hacking services, have made it easier for penetration testers and red teamers to search for social media profiles. It has released an open source intelligence tool called Social Mapper that uses facial recognition to compare social media profiles across different sites based on a name and picture. This software tool is aimed at facilitating social engineering attacks.

Social Mapper automatically locates profiles on social media sites, such as Facebook, Instagram, LinkedIn, Google+, Vkontakte and microblogging websites like Weibo and Douban. Automated searching of profiles can be performed much faster and for many people simultaneously.

Performing intelligence gathering is a time-consuming process, it typically starts by attempting to find a persons online presence on a variety of social media sites. While this is an easy task for a few, it can become incredibly tedious when done at scale. Trustwave states in a blog post.

Introducing Social Mapper an open source intelligence tool that uses facial recognition to correlate social media profiles across a number of different sites on a large scale. Trustwave, which provides ethical hacking services, has successfully used the tool in a number of penetration tests and red teaming engagements on behalf of clients.

How does Social Mapper work?

Social Mapper doesnt require API access to social networks. On the basis of the requirement, the Social Mapper first prepares a list of targeted people for processing. It then uses names and photos as input to scan social media profiles online. The software tool then generates reports in the form of spreadsheets, which include profile information like photos, emails, etc. Based on provided names and photos, it takes approximately 60-70 seconds to scan one profile. It takes no less than 15 hours for searching details of 1,000 people.

Social Mapper takes an automated approach to searching popular social media sites for names and pictures of individuals to accurately detect and group a persons presence, outputting the results into a report that a human operator can quickly review.

How to install Social Mapper

Running the Tool

After installing So...


Intel Publishes New DRM Driver For Their Arria 10 FPGA System Phoronix

An Intel engineer has published the "Intel FPGA Video and Image Processing Suite" DRM driver today for Linux. This Direct Rendering Manager is intended for use with their Arria 10 FPGA system when combined with Intel DisplayPort IP...


Def Con 26 Voting Village Sees an 11-Year-Old Crack a Voting Machine SoylentNews

Another item from Def Con 26, which ended the other day, an 11-year-old was easily able to change tallies on real electronic voting equipment within minutes. These machines are designed not to leave any evidence when tampering happens so it was useful that there were many witnesses present for her demo.

Election hackers [sic] have spent years trying to bring attention to flaws in election equipment. But with the world finally watching at DEFCON, the world's largest hacker conference, they have a new struggle: pointing out flaws without causing the public to doubt that their vote will count.

This weekend saw the 26th annual DEFCON gathering. It was the second time the convention had featured a Voting Village, where organizers set up decommissioned election equipment and watch hackers [sic] find creative and alarming ways to break in. Last year, conference attendees found new vulnerabilities for all five voting machines and a single e-poll book of registered voters over the course of the weekend, catching the attention of both senators introducing legislation and the general public. This year's Voting Village was bigger in every way, with equipment ranging from voting machines to tabulators to smart card readers, all currently in use in the US.

In a room set aside for kid hackers [sic], an 11-year-old girl hacked a replica of the Florida secretary of state's website within 10 minutes and changed the results.

Earlier on SN:
Georgia Defends Voting System Despite 243-Percent Turnout in One Precinct
South Carolina's 13k Electronic Voting Machines Vulnerable, Unreliable
Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States

Original Submission

Read more of this story at SoylentNews.


Renewable Energy Could Basically Be Free by 2030, According to New Analysis Lifeboat News: The Blog

A research analyst at Swiss investment bank UBS believes the cost of energy renewables could be so near to zero by 2030 it will effectively be free, according to a projections published on Monday. If renewables could soon be cheaper than all the alternative energy sources, and that this is great news for the planet, and probably also for the economy.

The analysis, published in the Financial Times, explains that solar and wind farms are getting bigger, and that the potential of this sort of cheap, green energy is far-reaching and will only get cheaper. In 2010, using solar power to boil your kettle would have cost you about 0.03, the analyst writes in FT. By 2020, according to estimates by our research team at UBS, the cost will have fallen to half a penny. And just ten years later, the costs will be so minuscule, it will practically be free.

See also: 7 Massive Corporations Going Green to Boost Their Bottom Lines.


X41 D-Sec GmbH Security Advisory X41-2018-005: Multiple Vulnerabilities in Apple smartcardservices Bugtraq

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-005

Multiple Vulnerabilities in Apple smartcardservices

Confirmed Affected Versions: e3eb96a6eff9d02497a51b3c155a10fa5989021f
Confirmed Patched Versions: 8eef01a5e218ae78cc358de32213b50a601662de
Vendor: Apple
Vendor URL:
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public


X41 D-Sec GmbH Security Advisory X41-2018-002: Multiple Vulnerabilities in OpenSC Bugtraq

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-002

Multiple Vulnerabilities in OpenSC

Confirmed Affected Versions: 0.18.0
Confirmed Patched Versions: possibly 0.19.0
Vendor: OpenSC
Vendor URL:
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public

Summary and Impact


X41 D-Sec GmbH Security Advisory X41-2018-003: Multiple Vulnerabilities in pam_pkcs11 Bugtraq

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-003

Multiple Vulnerabilities in pam_pkcs11

Confirmed Affected Versions: 0.6.9
Confirmed Patched Versions: -
Vendor: Unmaintained
Vendor URL:
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public

Summary and Impact


X41 D-Sec GmbH Security Advisory X41-2018-004: Multiple Vulnerabilities in Yubico libykneomgr Bugtraq

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-004

Multiple Vulnerabilities in Yubico libykneomgr

Confirmed Affected Versions: 0.1.9
Confirmed Patched Versions: -
Vendor: Yubico / Depreciated
Vendor URL:
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public

Summary and Impact...


X41 D-Sec GmbH Security Advisory X41-2018-001: Multiple Vulnerabilities in Yubico Piv Bugtraq

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-001

Multiple Vulnerabilities in Yubico Piv

Confirmed Affected Versions: 1.5.0
Confirmed Patched Versions: 1.6.0
Vendor: Yubico
Vendor URL:
Vendor Advisory URL:
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public


New Sound Hardware Support & Other Improvements Playing In Linux 4.19 Phoronix

SUSE's Takashi Iwai sent in the pull request this morning of the sound subsystem updates for the Linux 4.19 kernel and it includes a lot of new hardware support and other improvements for Linux's audio capabilities...


[SECURITY] [DSA 4271-1] samba security update Bugtraq

Posted by Salvatore Bonaccorso on Aug 14

Debian Security Advisory DSA-4271-1 security () debian org Salvatore Bonaccorso
August 14, 2018

Package : samba
CVE ID : CVE-2018-10858 CVE-2018-10919...


Diversity Empowerment Summit Highlights Importance of Allies

Diversity and inclusion are hot topics as projects compete to attract more talent to power development efforts now as well as build their ranks to carry the projects into the future. The Diversity Empowerment Summit co-located with Open Source Summit coming up in Vancouver August 29-31, will offer key insights to help your project succeed in these endeavors.


Big CIFS/SMB3 Improvements Head To Linux 4.19 Phoronix

Linus Torvalds has merged a rather significant set of patches for improving the CIFS/SMB3 support in the mainline kernel...


Virgin Orbit Readies First Launch Hackaday

Ever since the Pan Am Space Clipper first slid into frame in 1968s 2001: A Space Odyssey, the world has been waiting for the day that privately funded spaceflight would become as routine as air travel. Unfortunately, its a dream thats taken a bit longer to become reality than many would have hoped. The loss of Challenger and Columbia were heartbreaking reminders that travel amongst the stars is not for the faint of heart or the ill-equipped, and pushed commercial investment in space back by decades.

Although Pan Am has since folded, we now have a number of companies working hard towards making the dream of commercial spaceflight a reality. SpaceX and Rocket Lab have shown private companies developing and operating their own orbital class vehicles is a concept no longer limited to science fiction. Now that private industry has a foot in the door, more companies are coming forward with their own plans for putting their hardware into orbit. In many ways were seeing the dawn of a second Space Race.

If all goes according to plan, a new challenger should be entering the ring in the very near future. Scheduled to perform their first test launch before the end of the year, Virgin Orbit (a spin-off of the passenger carrying Virgin Galactic) promises to deliver small payloads to Earth orbit fast...

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Tuesday, 14 August


Accenture forms strategic alliance, invests in Chinese AI start-up Malong Technologies Help Net Security

Accenture has formed a strategic alliance with and made an investment in Malong Technologies, an artificial intelligence (AI) start-up headquartered in Shenzhen, China. Through the alliance, Accentures Applied Intelligence practice and Malong will offer computer vision and product recognition capabilities to clients worldwide. The alliance gives Accenture an AI presence in China and forms part of its wider regional growth strategy. Malongs product recognition and auto-tagging technology, ProductAI, lets machines see physical objects the way More

The post Accenture forms strategic alliance, invests in Chinese AI start-up Malong Technologies appeared first on Help Net Security.


Zscaler receives FedRAMP authorization for a Zero Trust remote access platform Help Net Security

Zscaler announced that Zscaler Private Access-Government (ZPA-Government), its application access platform, meets the Federal Risk and Authorization Management Program (FedRAMP) Moderate security requirements and was granted Authority to Operate (ATO) by the Federal Communications Commission (FCC). FedRAMP Authorization enables Zscaler to expand its sales pursuit of Federal market share. FedRAMP is a federal program which assures a standardized, government-wide approach to security assessment, authorization, and continuous monitoring for cloud products and services. With this milestone, More

The post Zscaler receives FedRAMP authorization for a Zero Trust remote access platform appeared first on Help Net Security.


Samsung announces new SmartThings mesh Wi-Fi system Help Net Security

In an effort to eliminate the Wi-Fi buffering zone and prevent streaming latency, Samsung announced its new SmartThings Wifi mesh network system. Equipped with AI-based mesh Wi-Fi technology from Plume and a built-in SmartThings Hub, the system delivers an optimized whole home network with the added value of complete smart home control throughout every room of the home. Reliable and secure Wi-Fi is a need for consumers today, and internet use is no longer limited More

The post Samsung announces new SmartThings mesh Wi-Fi system appeared first on Help Net Security.


X41 D-Sec GmbH Security Advisory X41-2018-005: Multiple Vulnerabilities in Apple smartcardservices Open Source Security

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-005

Multiple Vulnerabilities in Apple smartcardservices

Confirmed Affected Versions: e3eb96a6eff9d02497a51b3c155a10fa5989021f
Confirmed Patched Versions: 8eef01a5e218ae78cc358de32213b50a601662de
Vendor: Apple
Vendor URL:
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public


X41 D-Sec GmbH Security Advisory X41-2018-004: Multiple Vulnerabilities in Yubico libykneomgr Open Source Security

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-004

Multiple Vulnerabilities in Yubico libykneomgr

Confirmed Affected Versions: 0.1.9
Confirmed Patched Versions: -
Vendor: Yubico / Depreciated
Vendor URL:
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public

Summary and Impact...


X41 D-Sec GmbH Security Advisory X41-2018-003: Multiple Vulnerabilities in pam_pkcs11 Open Source Security

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-003

Multiple Vulnerabilities in pam_pkcs11

Confirmed Affected Versions: 0.6.9
Confirmed Patched Versions: -
Vendor: Unmaintained
Vendor URL:
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public

Summary and Impact


X41 D-Sec GmbH Security Advisory X41-2018-002: Multiple Vulnerabilities in OpenSC Open Source Security

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-002

Multiple Vulnerabilities in OpenSC

Confirmed Affected Versions: 0.18.0
Confirmed Patched Versions: possibly 0.19.0
Vendor: OpenSC
Vendor URL:
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public

Summary and Impact


X41 D-Sec GmbH Security Advisory X41-2018-001: Multiple Vulnerabilities in Yubico Piv Open Source Security

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-001

Multiple Vulnerabilities in Yubico Piv

Confirmed Affected Versions: 1.5.0
Confirmed Patched Versions: 1.6.0
Vendor: Yubico
Vendor URL:
Vendor Advisory URL:
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public


California water managers vary in use of climate science Lifeboat News: The Blog

Historically, water managers throughout the thirsty state of California have relied on hydrology and water engineeringboth technical necessitiesas well as existing drought and flood patterns to plan for future water needs.

Now, is projected to shift as winters become warmer, spring snowmelt arrives earlier, and extreme weather-related events increase. Some water utilities have started to consider these risks in their management, but many do not. Lack of change adaptation among water utilities can put water supplies and the people dependent on them at risk, especially in marginalized communities, a new University of California, Davis, paper suggests.

The paper, which analyzes various approaches to climate science by drinking water utility managers in California, was presented along with new research at the American Sociology Association Conference in Philadelphia on Aug. 11. The paper, Climate Information? Embedding Climate Futures within Social Temporalities of California Water Management, was published this spring in the journal Environmental Sociology.


From office windows to Mars: Scientists debut super-insulating gel Lifeboat News: The Blog

A new, super-insulating gel developed by researchers at CU Boulder could dramatically increase the energy efficiency of skyscrapers and other buildings, and might one day help scientists build greenhouse-like habitats for colonists on Mars.

The aerogel, which looks like a flattened plastic contact lens, is so resistant to heat that you could put a strip of it on your hand and a fire on top without feeling a thing. But unlike similar products on the market, the material is mostly see-through.

Transparency is an enabling feature because you can use this gel in windows, and you could use it in extraterrestrial habitats, said Ivan Smalyukh, a professor in the Department of Physics. You could harvest sunlight through that thermally-insulating material and store the energy inside, protecting yourself from those big oscillations in temperature that you have on Mars or on the moon.


Sci-Hub Proves That Piracy Can be Dangerously Useful SoylentNews

Submitted via IRC for SoyCow1984

Despite two lost legal battles in the US, domain name seizures, and millions of dollars in damage claims, Sci-Hub continues to offer unauthorized access to academic papers. The site's founder says that she would rather operate legally, but copyright gets in the way. Sci-Hub is not the problem she argues, it's a solution, something many academics appear to agree with.

Sci-Hub has often been referred to as "The Pirate Bay of Science," but that description really sells the site short.

While both sites are helping the public to access copyrighted content without permission, Sci-Hub has also become a crucial tool that arguably helps the progress of science.

The site allows researchers to bypass expensive paywalls so they can read articles written by their fellow colleagues. The information in these 'pirated' articles is then used to provide the foundation for future research.

What the site does is illegal, according to the law, but Sci-Hub is praised by thousands of researchers and academics around the world. In particular, those who don't have direct access to the expensive journals but aspire to excel in their academic field.


Original Submission

Read more of this story at SoylentNews.


Magic 8X Phone Lens Lifeboat News: The Blog


Get 50% OFF


CompTIA IT Certification Training 2018 12 Course Bundle The Hacker News

The Information Technology industry has witnessed exponential growth over the years, and if you want to be a part of this growing industry, it's important for you to earn certificates in this field. Organisations always prefer employees with strong internationally-recognized professional certifications that proof your skills, knowledge, and what you knowgiving you more credibility and


Berkheimer Changed Nothing and Invalidation Rates of Abstract Software Patents Remain Very High Techrights

Weight comparison

Summary: Contrary to repetitive misinformation from firms that sell services around patents, there is no turnaround or comeback for software patents; the latest numbers suggest a marginal difference at best one that may be negligible considering the correlation between expected outcomes and actions (the nature of risk analysis)

THE QUALITY of patents at the USPTO (existing and newly-awarded ones) isnt great, but at least it seems like its improving and the number of patent grants is declining (at long last).

Sadly, some people who write on patent matters are willfully cluelessThe psyche or mentality surrounding patents ought to change. Not all patents represent innovation and some kinds of patents actively suppress innovation. Its not even a controversial premise as many scholars have shown just that, even empirically.

Microsofts New Patent Will Let You Communicate With Others In 3D, said a headline from yesterday, but patents dont let anything. They restrict. Sadly, some people who write on patent matters are willfully clueless (this site is generally awful in its coverage on most topics because the writers dont specialise in the areas they cover; they do Microsoft ads a lot of the time, under the banner of FOSS)

Apple Could Let You Store Your Passport on an iPhone, said another new headline, misusing that word let again. Patents are not about letting but about monopolising. Another new article about Apple patents talks about so-called Augmented Reality (buzzword); its a patent or at least an application that we wrote about over a weekend. Its abstract, sure, but with trendy terms like Augmented Reality (or AR for short) will examiners see that? Andrew Rossow,...


Turkey plans boycott of US electronics The Hill: Technology Policy

Turkey on Tuesday announced that it will boycott American electronic devices amid tensions with Washington that have led to a historic Turkish currency crisis.The Associated Press reported that Turkish President Recep Tayyip...


Connecting the dots to North Korea as a threat adversary Help Net Security

Reports of malware campaigns invariably focus on two critical conclusions: attribution and who was the intended target of the attack. It is challenging to draw swift conclusions on the former, due to the use of false flags designed to divert attention from the true source of the attack. Those swift conclusions are modified as more information becomes available, and it is much later before we achieve transparency on the campaign. Whilst this is a challenge More

The post Connecting the dots to North Korea as a threat adversary appeared first on Help Net Security.


Three As of SaaS adoption, and why every company goes through them Help Net Security

Ive noticed that as more and more companies turn to SaaS applications to power their business, they all experience the same journey along the way, more or less. Everyone goes through what I call the 3 As of SaaS adoption: aggravation, acceptance, and adoption. Companies go through distinct stages of SaaS adoption. As your SaaS environment matures, needs shift and challenges evolve. But if you know what to expect at each stage and whats coming More

The post Three As of SaaS adoption, and why every company goes through them appeared first on Help Net Security.


Lockton Insurance Brokers Exploiting Patent Trolls to Sell Insurance to the Gullible Techrights

LocktonSummary: Demonstrating what some people have dubbed (and popularised as) disaster capitalism, Lockton now looks for opportunities to profit from patent trolls, in the form of insurance (the same thing Microsoft does [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12...


mRNA Methylation: A Novel Mechanistic Link Between Stress Regulation and Psychiatric Disorders SoylentNews

It is well established that stress can alter the activation pattern of our genes. Stress also triggers epigenetic mechanisms which modulate how DNA, the carrier of genetic information, is read. The genetic information on the DNA is in the next step translated into RNA, which is the blueprint of proteins. In a groundbreaking study, scientists at the Max Planck Institute of Psychiatry (MPI) have shown for the first time that stress can also cause similar epigenetic changes on the RNA level. The research results were recently published in the internationally renowned journal Neuron.

It was recently rediscovered that RNA can be modified by chemical tags in a similar way to the epigenetic modifications seen on DNA. Messenger RNA (mRNA) is made up of four molecular building blocks: adenosine, cytidine, guanosine and uridine, which can be modified by the attachment of chemical tag. These tags or RNA modifications provide a sophisticated extra layer of gene regulation.

A modification of mRNA, which occurs post-transcriptionally is methylation of adenosine and the most abundant is N6-methyladenosine (m6A). Although m6A was first described in 1974, recent technological advances were necessary before more detailed analyses of the epitranscriptome could be carried out.

[...] Alon Chen, Director at the Institute and head of the project explains: Increasing evidence suggests that the fine-tuning seen with mRNA methylation may underlie the etiology of psychiatric disorders. We think that elucidating the role of mRNA methylation in regulating brain function will help us to better understand psychiatric disorders.

Original Submission

Read more of this story at SoylentNews.


RADV Now Supports On-Demand Compilation Of Built-In Shaders Phoronix

For helping out the RADV Vulkan driver in cases where no shader cache is available, this open-source Mesa Radeon Vulkan driver now supports the on-demand compilation of built-in shaders...


10,644 vulnerabilities disclosed in the first half of 2018 Help Net Security

There have been 10,644 vulnerabilities disclosed through June 30th, according to Risk Based Securitys 2018 Mid Year VulnDB QuickView report. This is the highest number of disclosed vulnerabilities at the mid-year point on record. The 10,644 vulnerabilities cataloged during the first half of 2018 by Risk Based Securitys research team eclipsed the total covered by the CVE and National Vulnerability Database (NVD) by well over 3,000. The newly released 2018 mid-year report from Risk Based More

The post 10,644 vulnerabilities disclosed in the first half of 2018 appeared first on Help Net Security.


Five key security tips to avoid an IoT hack Help Net Security

Recently, Russian PIR Bank lost $1,000,000 because of a compromised router that allowed hackers to gain entry into their local network. Why did it happen and how companies can protect themselves? Malicious IoT hacking incidents are a norm today. That is not surprising, considering that by 2020, the IoT is expected to reach a staggering amount of 20.4 Bn devices. Homes and enterprises using legacy security measures are in danger because of the ever-growing IoT. More

The post Five key security tips to avoid an IoT hack appeared first on Help Net Security.


Patent Lawyers Writing Patent Law for Their Own Enrichment Rather Than for Innovation Techrights

Anathema, antithetical to the very concept/purpose of patents

A payment

Summary: We have become detached from the original goals and come to the point where patent offices arent necessarily run by people qualified for the job of advancing science and technology; they, unlike judges, only seem to care about how many patents get granted, irrespective of their quality/merit

THE conundrum which lawmakers sometimes face depends on who pays (or bribes) them. We recently wrote about Orrin Hatch, sponsored the most by the pharmaceutical industry, trying to make pharmaceutical patents immune/exempted from Patent Trial and Appeal Board (PTAB) inter partes reviews (IPRs). The USPTO is itself run by a lot of lawyers, not just scientists; look who has been appointed its Director.

There has always been this danger that nontechnical people (like Battistelli and Campinos) would doom patent offices, making them little more than litigation pipelines, preparing the patents for lawsuits, even frivolous ones.

There has always been this danger that nontechnical people (like Battistelli and Campinos) would doom patent offices, making them little more than litigation pipelines, preparing the patents for lawsuits, even frivolous ones.The UK will also be excluded from the EUs unitary patent framework, says a British magazine this week, perpetuating the false belief that something constructed by lawyers for personal gain is actually worthwhile for all of us. But more importantly, however, there is no such framework. The Unified Patent Court is dead, irrespective of Brexit. It never existed and it doesnt seem as though it ever will....


The assembly line of the future: Automation, DNA construction, and synthetic biology Lifeboat News: The Blog

This story is brought to you by SynbiCITE, which is accelerating the commercialization of synthetic biology applications. To learn how SynbiCITE is nucleating a sustainable UK economy, visit

Just as Henry Fords assembly line revolutionized the automobile industry, synthetic biology is being revolutionized by automated DNA assembly (see SynBioBetaLive! with Opentrons). The key features of an assembly line translate well into the field of synthetic biology speed, accuracy, reproducibility and validation. Instead of welding chassis together, small robotic arms are lifting delicate plates holding dozens of samples, adding and removing miniscule amounts of fluid.

In 2014, Imperial College London received 2 million to develop a DNA Synthesis and Construction Foundry to operate with SynbiCITE, the UK Innovation and Knowledge Centre for synthetic biology. Speaking at the Foundrys inception, SynbiCITE co-director Prof. Paul Freemont said, Standardizing the methods for synthesising DNA is crucial if we are going to scale up efforts to design and create this genetic material. The new DNA Synthesis and Construction Foundry will streamline and automate the writing of DNA at an industrial scale so that tens of thousands of designed DNA constructions can be built and tested.


Run a Linux Terminal on Cheap E-Ink Displays Hackaday

If you havent kept up with the world of e-ink displays, heres some good news: they are pretty cheap now. For as little as $15 you can get a small e-ink display that has good enough performance and contrast to actually do something useful. Theres only one problem: figuring out how to drive them in your project.

Tired of seeing nothing but wiring diagrams and sample code when it came to actually putting these e-ink modules to use, [Jouko Strmmer] decided to try his hand at creating a turn-key application for these gorgeous little displays. The result is PaperTTY, a Python program that allows the user to open up a fully functional Linux virtual terminal on an e-ink display.

Of course, there are some caveats. For one, this all assumes youre using a Waveshare display (specifically their 2.13 inch HAT) connected to a Raspberry Pi over SPI. Not to say thats the only hardware combination that will work, but its the only one that [Jouko] has done any testing on at this point. If you want to try to shake things up in terms of hardware, you might need to get your hands dirty.

The advantage of being able to open a Linux VT on one of these e-ink displays is pretty simple: you can run basically any piece of software you want on it. Rather than having to come up with software that specifically features support for the display, you can just use (or write) standard Linux console progr...


EXT4 & XFS File-System Updates Submitted For Linux 4.19 Phoronix

The pull requests updating the XFS and EXT4 file-system driver code have been sent in for the recently started Linux 4.19 kernel merge window...


A Quick Reminder on HTTPS Everywhere

HTTPS Everywhere! So the plugin says, and now browsers are warning users that sites not implementing https:// are security risks. Using HTTPS everywhere is good advice. And this really means "everywhere": the home page, everything. Not just the login page, or the page where you accept donations. Everything.


Hackers can compromise your network just by sending a Fax The Hacker News

What maximum a remote attacker can do just by having your Fax machine number? Believe it or not, but your fax number is literally enough for a hacker to gain complete control over the printer and possibly infiltrate the rest of the network connected to it. Check Point researchers have revealed details of two critical remote code execution (RCE) vulnerabilities they discovered in the


Pausing Location history doesnt stop Google tracking your location. Heres how to stop it Graham Cluley

You would think that telling Google that you didnt want your location be tracked by disabling an option called Location History would stop the internet giant from errr.. storing data about your location.

Think again.


Investigating Global Air Pollution SoylentNews

At 10.30 a.m. on Tuesday morning the High-Altitude and Long-Range Research Aircraft (HALO) left the German Aerospace Center Airbase in Oberpfaffenhofen, and took off to the Cape Verde Islands.

This marked the official beginning of the Chemistry of the Atmosphere Field Experiment in Africa (CAFE-Africa)a mission coordinated by the Atmospheric Chemistry Department of the Max Planck Institute for Chemistry (MPIC) in Mainz.

The objective of the research mission is to study the influence of the massive biomass burning emissions from Africa on the atmospheric composition and oxidation capacity over the tropical and subtropical Atlantic Ocean. It is expected that these emissions combine with the strongly increasing urban-industrial pollution and with desert dust from the Sahara and may thus change chemically and physically.

The mission will be conducted out of Sal on the Cape Verde Islands and will continue until September 7th, 2018. During these five weeks the HALO research aircraft will fly along the coast and over several countries in Africa to collect unique data, needed for the understanding of long-distance pollution transport over the Atlantic and further areas downwind.

Original Submission

Read more of this story at SoylentNews.


SevenTorrents Shuts Down, Transfers Database to New Torrent Site TorrentFreak

Hundreds of torrent sites have come and gone over the years with most disappearing after relatively short periods in action.

Sites like The Pirate Bay, which has just celebrated 15 years online, tend to drown out smaller players on the news front, but several have an impressive history behind them.

Take SevenTorrents, for example. The site has been serving torrents for around 10 years and last year serviced around six million unique visitors. Its not a giant by any means but its longevity is notable in a somewhat hostile and oppressive anti-piracy environment.

Now, however, the show is over for this long-term player. In an announcement yesterday, SevenTorrents operator said the towel had been thrown in.

We have been serving you for near 10 years and served over 40 Million visitors, with all troubles including copyright complaints, limitations, domain bans and ., we were able to keep this site up and running and make our visitors satisfied, the announcement reads.

Indeed, SevenTorrents has weathered the usual storms over the years. In 2014, the sites main domain was added to the UKs ISP blocking system following a complaint from the Motion Picture Association and in 2015, other domains were added to the list.

Unlike other sites on a downward spiral, no single event appears to have pressured SevenTorrents out of existence but they clearly feel the time is right to move on. However, the sites decision to hand over its database to another torrent site raises some questions.

Today we have decided to retire. But this is not the end for you and we will not let you down, there is a good news for you. We have talked with the owners of our professional friend site WatchSoMuch which is doing same thing as we were doing but in a better way, it has a super fast search and modern and mobile friendly design, SevenTorrents says.

We have transferred all the data and members to there, please visit and continue using your account in WatchSoMuch with same password and enjoy.

While SevenTorrents is an open index, according to its operator it has around 200,000 members, which means that WatchSoMuch a site that only surfaced in June now has the details those users signed up with along with any other data gathered along the way.



The Hidden Dangers of Home DNA Tests Lifeboat News: The Blog

Consumer DNA tests have taken off in popularity, promising to give you clues to your heritage and health. But after the test is done, who owns your personal genetic data? Bloomberg QuickTake explains why you should think twice before sending in that vial.


Bloomberg is the First Word in business news, delivering breaking news & analysis, up-to-the-minute market data, features, profiles and more:
Connect with us on


NVIDIA CUDA 10 Adding nvJPEG, Turing Support Phoronix

NVIDIA is capitalizing upon SIGGRAPH 2018 as now in addition to launching the Quadro RTX GPUs and open-sourcing the MDL SDK they have announced their work on CUDA 10...


CVE-2018-14424: Use-after-free in GDM Open Source Security

Posted by Chris Coulson on Aug 14


I recently discovered a use-after-free in the GDM daemon, which is
possible to trigger via a specially crafted sequence of D-Bus method
calls as an unprivileged user.

Details from follow:

When GdmDisplayStore (daemon/gdm-display-store.c) emits the
"display-removed" signal, the GdmDisplay being removed has already been
removed from the store. Subsequent calls to...


FreeBSD 12.0 Alpha Hits The Web Phoronix

The first alpha release of FreeBSD 12.0 was quietly uploaded a few days ago to the project's download servers as the first step to shipping this next major update to the FreeBSD operating system...


Linux 4.19 Will Fend Off Stack Attacks With STACKLEAK Plugin Phoronix

As expected, Linux 4.19 is getting STACKLEAK as a GCC plug-in for the Linux kernel that will fend off various form of stack attacks...


ASUSTOR NAS ADM - 3.1.0 Remote Command Execution, SQL Injections Bugtraq

Posted by kyle Lovett on Aug 14

Product - ASUSTOR ADM - 3.1.0.RFQ3 and all previous builds
Vendor -
Patch Notes -

Issue: The Asustor NAS appliance on ADM 3.1.0 and before suffer from
multiple critical vulnerabilities. The vulnerabilities were submitted
to Asustor in January and February 2018. Several follow-up requests
were made in an attempt to obtain vendor acknowledgement,...


New Man-in-the-Disk attack leaves millions of Android phones vulnerable The Hacker News

Security researchers at Check Point Software Technologies have discovered a new attack vector against the Android operating system that could potentially allow attackers to silently infect your smartphones with malicious apps or launch denial of service attacks. Dubbed Man-in-the-Disk, the attack takes advantage of the way Android apps utilize 'External Storage' system to store app-related data,


4 Tips for Successful Remote 1-1s

Team dynamics are complicated enough even when everyone can grab lunch together. Its often the relationship side of your team that will need some different techniques in a remote setting. If youre a manager, building strong relationships with your direct reports is paramount for both their success and yours.


Google tracks users movements even if they have disabled the Location History on devices Security Affairs

According to the AP, many Google services on both Android and iPhone store records of user location even if the users have disabled the Location History.

According to a recent investigation conducted by the Associated Press, many Google services on both Android and iPhone devices store records of user location data, and the bad news is that they do it even if the users have disabled the Location History on devices.

When a user disables the Location History from the privacy settings of Google applications, he should prevent Google from stole location data.

Currently, the situation is quite different, experts from AP discovered that even when users have turned off the Location History, some Google apps automatically store time-stamped location data without explicit authorization.

Google says that will prevent the company from remembering where youve been. Googles support page on the subject states: You can turn off Location History at any time. With Location History off, the places you go are no longer stored.

That isnt true. Even with Location History paused, some Google apps automatically store time-stamped location data without asking. (Its possible, although laborious, to delete it .) reads the post published by AP.

For example, Google stores a snapshot of where you are when you merely open its Maps app. Automatic daily weather updates on Android phones pinpoint roughly where you are,

And some searches that have nothing to do with location, like chocolate chip cookies, or kids science kits, pinpoint your precise latitude and longitudeaccurate to the square footand save it to your Google account.

The AP has used location data from an Android smartphone with Location History disabled to desing a map of the movements of Princeton postdoctoral researcher Gunes Acar.



A Molecular Switch May Serve as New Target Point for Cancer and Diabetes Therapies SoylentNews

If certain signaling cascades are misregulated, diseases like cancer, obesity and diabetes may occur. A mechanism recently discovered by scientists at the Leibniz- Forschungsinstitut fr Molekulare Pharmakologie (FMP) in Berlin and at the University of Geneva has a crucial influence on such signaling cascades and may be an important key for the future development of therapies against these diseases. The results of the study have just been published in the prestigious scientific journal 'Molecular Cell'.

Cell growth and cell differentiation as well as the release and efficacy of hormones such as insulin depend on the presence of lipids. Lipids are small molecules resembling fat. They are the building blocks of cell membranes, and they also serve as molecular switches in signaling cascades.

Such cascades play a crucial role in the control of cell growth and division as well as in differentiation processes such as the formation of new blood vessels referred to as angiogenesis. If signaling cascades are disturbed, diseases such as cancer or metabolic disorders such as obesity and diabetes can occur. The ability to influence the enzymes involved in the biosynthesis of signaling lipids in cells could thus serve as a starting point for the treatment of these diseases.

Original Submission

Read more of this story at SoylentNews.


Video of Interactive OpenBSD Porting Workshop OpenBSD Journal

[Dr.] Brian Callahan (bcallah@) recently live-streamed (at an interactive OpenBSD Porting Workshop.

A recording of the workshop is now available.


Internet of Tea: Coaster Watches for Optimum Drinking Temperature Hackaday

Ah, the age-old question: at what temperature does ones tea need to be for maximum enjoyment? Its subjective, of course, but subjective in a way that makes everyone elses opinion demonstrably wrong. Whats worse, the window of opportunity for optimum tea temperature is extremely narrow. Whats a tea drinker to do?

Throw a little technology at the problem, of course, in the form of this Internet of Tea smart coaster. Through careful experimentation, [Benjojo] determined the temperature of his favorite mug when the tea within was just right for drinking and designed a coaster to alert him to that fact. The coaster is 3D-printed and contains an MLX90616 IR temperature sensor looking up at the bottom of the mug. An ESP8266 lives inside the coaster too and watches for the Optimum Tea Window to open, sending an alert via Discord when the time is right. Yes, he admits that a simple blinking LED on the coaster would keep his tea habit metadata from being slurped up by the international tea intelligence community, but he claims he has nothing to hide. Good luck with that.

Whats next for [Dane]s tea preparation? Perhaps he can close the loop and automate the whole pre-consumption process.


DSP Satellite FastWalkers (UFOs) Terra Forming Terra

Consider that the information provided here is already fifty years old.  What is important is that those satellites confirm several atmospheric transitions every week.  Other observations have actually seen them enter water in particular.  Other above sea level access points may exist as well particularly around the SW desert.

It is clear though that accessing a base by going underwater is a preferred method.
That quality of security will start to disappear though as our own deep sea tech has become effective.

Thus full disclosure must happen within the next three decades and is certainly underway already.  After all, actual sightings are increasing and disguised aliens are making like tourists as well..

DSP Satellite FastWalkers (UFOs)

The Defense Support Program (DSP) satellite has been detecting FastWalkers (UFOs) entering our atmosphere for decades. The DSP analyzes the temperature, location and trajectory of a hot infrared source could build up both a description of the type of missile as well as its target dramatically reducing the chances of a surprise ICBM attack. The satellite weighed about 2,000 pounds and had a 12-foot long Schmidt infrared telescope with a linear array of 2,048 lead sulfide detectors that detected infrared energy. The satellite rotated six times per minute as the sensor scanned the entire face of the Earth. The sensor provided below-the-horizon coverage by spotting the missiles exhaust plume and carried sensors for detecting nuclear explosions in the atmosphere....


China Forces All Religious Buildings to Fly Communist Flag Terra Forming Terra

In this Thursday, June 14, 2018, file photo, a Chinese national flag at Tiananmen Square flutters against the capital city tallest skyscraper China Zun Tower under construction at the Central Business District in Beijing. China has threatened "comprehensive measures" in response to U.S. President Donald Trump's new tariff hike, raising
 I find this hilarious.  From now on you advertise the religious nature of a building by hanging a huge flag.  Does hanging a flag make you legal as well?

Perhaps Falun Gong can practice their public exercises by also mounting a giant flag.  The spectacle of government enforcers tearing down a flag will do wonders for party credibility.

This can only bring attention to a religious movement and whatever else they attempt to impose, the public will merely ignore.  All this will trigger organized passive resistance.

China Forces All Religious Buildings to Fly Communist Flag


Qanon Media Deconsolidation Terra Forming Terra

On the corporate front two major initiatives have long been powerfully indicated.I have little doubt that they are underway in the planning stages since Trump landed.

The easy one is the breakup of the Too big to fail crowd and the reestablishment of the original regulatory regime separating ordinary retail banking from any form of investment banking.  This was changed just as clinton left office and led directly to the 2008 crash and the need for 'quantative easing' or money printing.

The more difficult is the smashing of all forms of media monopoly whatsoever. Their access to capital has been through merger after merger and their capacity for internal promotion that came with it.  Thus today we have a single source media that acts exactly like a propaganda machine who even is trying to clumsily suppress competition.  Their abuses have now become visible and their breakup is certainly necessary and it is coming.

This item from Q merely confirms that this is at the top of the legislative agenda and will be underway during the next two years..  .

  Q !!mG7VJxZNCI No.141 
Aug 11 2018 12:23:43 (EST)

Q !!mG7VJxZNCI No.138 ...


Does removing sugar from your diet starve cancer cells? Terra Forming Terra

Somewhere along the way an old doctor had success with his patients by essentially starving them of all foods except cabbage soup.  Sounds boring and all that but this would certainly impose the protocol indicated here.

I also keep coming back to this because it prevents backsliding which is the enemy of every dietary approach.  I am sure a few other veggies work as well but starting with a large bowl of cabbage soup is pretty safe.

I have never actually had any reports on all this and my experience is that no one takes good advice or even truly safe advice. .

Does removing sugar from your diet starve cancer cells? New study finds surprising answers

Sunday, July 22, 2018 by: Ralph Flores
Tags: added sugars, Cancer Cells, cancer prevention, fructose, glucose, goodfood, goodhealth, high-fructose corn syrup, sugar

(Natural News) Cutting back on sugar may help decrease your likelihood of getting certain cancers, a recent study noted. The finding, which was part of an investigation made by researchers from Duke-NUS Medical School and the National University of Singapore, together with the Duke University School of Medicine and the Medical University of Vienna, is part of a unique approach explaining how reducing sugar can cause cancer cells to die.

The paper, which was published in the online journal Science Signaling, presented a novel cell de...


This Will Help You Grasp the Sizes of Things in the Universe - Facts So Romantic Nautilus

In The Zoomable Universe, Scharf puts the notion of scalein biology and physicscenter-stage. The start of your journey through this book and through all known scales of reality is at that edge between known and unknown, he writes.Illustration by Ron Miller

Caleb Scharf wants to take you on an epic tour. His latest book, The Zoomable Universe, starts from the ends of the observable universe, exploring its biggest structures, like groups of galaxies, and goes all the way down to the Planck lengthless than a billionth of a billionth of a billionth of a meter. It is a breathtaking synthesis of the large and small. Readers journeying through the book are treated to pictures, diagrams, and illustrations all accompanied by Scharfs lucid, conversational prose. These visual aids give vital depth and perspective to the phenomena that he points out like a cosmic safari guide. Did you know, he offers, that all the Milky Ways stars can fit inside the volume of our solar system?

Scharf, the director of Columbia Universitys Astrobiology Center, is a suitably engaging guide. Hes the author of the 2012 book Gravitys Engines: How Bubble-Blowing Black Holes Rule Galaxies, Stars, and Life in the Universe, and
Read More


In Reply to Modern Einstein,Next Stephen Hawking and Freud-With Reply of Howard Bloom Lifeboat News: The Blog

Dear Mr Howard Bloom-The modern Einstein,next Stephen Hawking and Freud,

Its an honor to be known by you. Your work on Space Sciences are revolutionary Sir. Your association and projects with CalTech and other scientific organizations will change the world we live in.I also have great passion in Space and Astronomy Sciences and that led me attending multiple workshops of NASA apart from attending its three credit course and organizing its prestigious essay contest in Indian schools in India and Abroad. I have searched NASA websites for close to 16 years and have found that it stores trillions of pages of materials where you can learn and research without help of any other source. I also have written my fundamental concept called The Cosmic Mask which I have sent to National Research Council and The American Astronomical Society for their review. I plan to publish it on AAS website.My two booksThe Cosmic Mask(Not the Fundamental Concept) and NASA-The Story of Manned and Unmanned Missions is dedicated to youths of this world for their love and passion in Space and Astronomy Sciences.

I want to know how you can associate me with National Space Society and other organizations you are associated with.

You asked me few things and here is what I think.

Yes I am a Journalist also and I write for Russian International Affairs Council,Moscow,Life Boat Foundation,Nevada,USA,Global Ethics Network,Washington and few more places.

I think the concept of Globalization has brought many developments in countries. I traveled to China thrice and I am quite amazed kind of progress China has achieved in last 30 years. I will not be wrong if I say that in many aspects its way ahead to USA or western World. They care about their culture,language but at the same time have welcomed and have adopted foreign companies on their soil. Deng Xio Ping and his many successors including current President Xi Jin Ping has metamorphosed China in a way that its now called second super power in exiting world.

As for as Russia is concerned its now a bit stable but it still has to go a long way ahead. Russia and USA relation or Trump and Putin relation are in much better shape than their predecessors and its good for both countries.

Now about country which is my mother land-India. India has all potential to grow and is growing rapidly. From the days in immediate post independence time where it had to import literally everything it is now a giant nation in IT sector and launches satellite every month if not every week . The Great Indian Middle Class is back bone of Indian economy due to its spending capacity and Agriculture its soul. Railways,Metros,New Airports,Thousands of Kilometers of Roads,Seaway-Starting on 15th August from Varanasi to Kolkata Bullet train and curving corruption,Demonetization are few tasks out of many which Narendra Modi gov has achieved. I guess he needs a second term to make those schemes sustainable to make...


ICS-CERT warns of critical flaws in NetComm industrial routers Security Affairs

Security researcher has found two critical vulnerabilities in the industrial routers manufactured by the Australian company NetComm Wireless.

Sood reported the flaws to the ICS-CERT in October 2017.

NetComm industrial routers.jpg

The CSRF and XSS flaws have been classified by as critical, while the information disclosure issues have been classified as high severity.The ICS-CERT published a security advisory that warns of four vulnerabilities that affect the industrial routers. The issues tracked with CVE identifiers CVE-2018-14782 through CVE-2018-14785, are an Information Exposure, a Cross-site Request Forgery, a Cross-site Scripting, an Information Exposure through Directory Listing.

The cross-site request forgery condition could be triggered by a remote attacker to change passwords of the device.

When a web server is designed to receive a request from a client without any mechanism for verifying that it was intentionally sent, then it might be possible for an attacker to trick a client into making an unintentional request to the web server which will be treated as an authentic request. This can be done via a URL, image load, XMLHttpRequest, etc. and can result in exposure of data or unintended code execution. reads the security advisory.

The Netcomm industrial routers are vulnerable to several cross-site scripting attacks, a remote attacker can carry out them to run arbitrary code on the device.

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. states the...


How to Join the Digital Disruption with Progressive E-Learning Design TechWorm

Progressive e-learning design revolves around users and their lives. Sylvia Vorhauser-Smith writes in a Forbes article that the future of e-learning platforms will be making learning easier to find, more engaging to digest and accessible on-demand. So how does progressive e-learning design fit into all of this?

Its long past time that students only had access to the family PC for lessons. Today, 70% of e-learners use their smartphones. And, as well see, progressive design adapts content to suit the device, which is crucial for those who learn on their phones or tablets.

HTML5 is the golden ticket that allows e-learning developers to create online solutions that can automatically morph content to suit varying screen sizes. The crucial part here is to not only adapt the size of content but also make it easily digestible. Shrinking content from desktop to mobile devices isnt enough; the writing becomes all but illegible and frustrates the user.

Progressive design positions content in a way that delivers a delightful experience to the user.

Theres a lot you can also do with progressive design. Many e-learning frameworks, such as Adapt, have a tagging function, which allows you to choose the content that is hidden depending on the device used. Tagging prevents interface cluttering and gives a smooth on-the-go learning experience.

When progressive design is executed well, learners will feel that the course fits well into their lives. And those low completion rates that most e-learning businesses endure will improve.

Progressive Design vs. Apps

Progressive Design vs. Apps

E-learning website platforms have...


Google May Allow Windows 10 to Dual-Boot or Run Alongside ChromeOS on Chromebooks SoylentNews

Google may add Windows 10 dual-boot option to Chromebooks

Google appears to be working on dual-boot support for Chromebooks. XDA-Developers has discovered that Google has been working to support an "alt OS mode" for its Pixelbook laptop for months now. Dubbed "Campfire," an obvious nod to Apple's own Boot Camp feature, Google's dual-boot is rumored to support Windows 10 on Chromebooks.

XDA-Developers claims Google is attempting to pass Microsoft's hardware certification for Windows 10 to allow its Pixelbook to officially run the alternative operating system. References to Microsoft's Windows Hardware Certification Kit have appeared in development builds of Chrome OS, and Google's Campfire work might extend to other new Chromebooks in the future.

Dual-boot support is said to be arriving on the Pixelbook soon, as Google engineers are pushing through multiple changes for Chrome OS to support the new feature.

That makes Google's recent attack ad a little funnier.

Also at Engadget, The Register, 9to5Google, Tom's Hardware, and CNET.

See also: Why cheap Chromebooks running Windows will benefit Google, not you

Related: ChromeOS Gains the Ability to Run Linux Applications
Google's Fuchsia OS Adds Emulator for Debian Linux Applications

Original Submission

Read more of this story at SoylentNews.


GPS Satellite Essential to Space Force Has Been Delayed Again SoylentNews

Submitted via IRC for SoyCow1984

Vice President Mike Pence laid out plans for the US Space Force on Thursday, calling out an advanced type of satellite, GPS III, that is apparently resistant to tampering. According to Bloomberg, however, this specific orbital machinery has been delayed for the last four years, and the launch date has slipped yet again.

Bloomberg reports that the launch, originally scheduled for April of this year and delayed to October, will now happen in December. The Air Force confirmed to the site that the delay will accommodate "qualification testing" and a validation of SpaceX's Falcon 9 Block 5, the rocket that will boost the satellite into orbit.


Original Submission

Read more of this story at SoylentNews.


ex-NSA Hacker Discloses macOS High Sierra Zero-Day Vulnerability The Hacker News

Your Mac computer running the Apple's latest High Sierra operating system can be hacked by tweaking just two lines of code, a researcher demonstrated at the Def Con security conference on Sunday. Patrick Wardle, an ex-NSA hacker and now Chief Research Officer of Digita Security, uncovered a critical zero-day vulnerability in the macOS operating system that could allow a malicious application


Raspberry Pi Foosball Scoreboard Hackaday

Foosball, also known as table football, is a classic game from the 1920s that is completely devoid of the bells and whistles of modern gaming. Players control stoic little figures with the most simplistic of input devices in order to move a tiny ball to and fro on the playing field. So naturally, somebody thought they should add a Raspberry Pi to it and drag the whole thing kicking and screaming into the 21st century.

The team at [Matmi] spend a good portion of their down time huddled over a foosball table, but they found the experience was significantly less exciting for the spectators than the players. To add a little more pomp to their sessions they added a flashy display that not only shows the current score, but makes individual scores a bit more exciting by showing some celebratory confetti.

Micro switches mounted in the ball return tubes of the table allow the Raspberry Pi to know who scored and when. This information is picked up by the web-based scoreboard written in Vue.js and served out by nginx. The actual scoreboard is being displayed by a laptop thats connected to the Pi over Wi-Fi.

If the software setup seems a bit convoluted, its because the project itself was something of a learning experience for HTML5 and web programming in general. Further updates are planned to streamline the system a bit to make it more self-contained, as well as adding...


NVIDIA Announces Open-Source MDL SDK Phoronix

In addition to announcing the Turing-based Quadro RTX GPUs with GDDR6 memory, NVIDIA used SIGGRAPH 2018 to announce their open-sourcing of the MDL SDK...


Mesa 18.1.6 Released With Build System Updates, Various OpenGL/Vulkan Driver Fixes Phoronix

Mesa 18.1.6 is now available as the latest point release for Mesa 18.1 as the Q2'2018 release of this collection of open-source graphics drivers/infrastructure...


FCC Chairman Ajit Pai Passes Blame Over Lying About Public Comment System Being DDoSed SoylentNews

Ajit Pai admits FCC lied about "DDoS," blames it on Obama administration

Federal Communications Commission Chairman Ajit Pai acknowledged Monday that the FCC lied about its public comment system being taken down by a DDoS attack during the net neutrality repeal proceeding.

Pai blamed the spreading of false information on employees hired by the Obama administration and said that he isn't to blame because he "inherited... a culture" from "the prior Administration" that led to the spreading of false information. Pai wrote:

I am deeply disappointed that the FCC's former Chief Information Officer [David Bray], who was hired by the prior Administration and is no longer with the Commission, provided inaccurate information about this incident to me, my office, Congress, and the American people. This is completely unacceptable. I'm also disappointed that some working under the former CIO apparently either disagreed with the information that he was presenting or had questions about it, yet didn't feel comfortable communicating their concerns to me or my office."

Pai's admission came in a statement yesterday. "It has become clear that in addition to a flawed comment system, we inherited from the prior Administration a culture in which many members of the Commission's career IT staff were hesitant to express disagreement with the Commission's former CIO in front of FCC management," he also said.

Inspector General report.

Read more of this story at SoylentNews.


From windows to Mars: Scientists debut super-insulating gel Lifeboat News: The Blog

A new, super-insulating gel developed by researchers at CU Boulder could dramatically increase the energy efficiency of skyscrapers and other buildings, and might one day help scientists build greenhouse-like habitats for colonists on Mars.


MIT Makes Washable LED Fabric Hackaday

Lets face it, one of the challenges of wearable electronics is that people are filthy. Anything you wear is going to get dirty. If it touches you, it is going to get sweat and oil and who knows what else? And on the other side its going to get spills and dirt and all sorts of things we dont want to think about on it. For regular clothes, thats not a problem, you just pop them in the washer, but you cant say the same for wearable electronics. Now researchers at MIT have embedded diodes like LEDs and photodetectors, into a soft fabric that is washable.

Traditionally, fibers start as a larger preform that is drawn into the fiber while heated. The researchers added tiny diodes and very tiny copper wires to the preform. As the preform is drawn, the fibers polymer keeps the solid materials connected and in the center. The polymer protects the electronics from water and the team was able to successfully launder fabric made with these fibers ten times.

The waterproofing isnt just good for the laundry. The fibers even work underwater as the team demonstrated by transmitting music through water in a fish tank.

We often see research like this and have to admit that practical use of it will be many years away, if ever. However, according to reports, commercial products using these fibers will start appearing in 2019.


Kodi Addon Repo Operator Shuts Down Following Threats from BREIN SoylentNews

A Dutch-based developer and Kodi addon repository administrator has shut down his operation following threats from anti-piracy outfit BREIN. Due to the XvBMC-NL repo offering addons including Covenant and IPTV Bonanza, BREIN accused its operator of facilitating access to infringing content. He is now required to sign an abstention agreement and pay a settlement of 2,500 euros.

As the battle to prevent unauthorized content getting into the hands of the masses continues, Kodi remains one of the leading platforms for such consumption.

Completely legal as it leaves its official download platform, the Kodi software is easily modified to provide access to pirated movies, TV shows, and live sports. From here on in, usage of such a setup to infringe copyright is illegal in Europe.

With this established, anti-piracy outfit BREIN has been attempting to stem the tide of platforms offering 'pirate' addons in the Netherlands. One of those was XvBMC-NL, a repository which contained addons including the hugely popular Covenant and live TV addon IPTV Bonanza.

According to a report by BREIN, last month the Dutch developer and administrator of XvBMC-NL received an unwelcome visit to his home by bailiffs sent by the anti-piracy group. BREIN hasn't made the precise contents of its message to 'Z' known but it's clear that it views his work as illegal and contrary to copyright law. The developer shut down soon after.

Original Submission

Read more of this story at SoylentNews.


Novel optics for ultrafast cameras create new possibilities for imaging Lifeboat News: The Blog

MIT researchers have developed novel photography optics that capture images based on the timing of reflecting light inside the optics, instead of the traditional approach that relies on the arrangement of optical components. These new principles, the researchers say, open doors to new capabilities for time- or depth-sensitive cameras, which are not possible with conventional photography optics.

Specifically, the researchers designed new optics for an ultrafast sensor called a streak that resolves images from ultrashort pulses of light. Streak cameras and other ultrafast cameras have been used to make a trillion-frame-per-second video, scan through closed books, and provide depth map of a 3D scene, among other applications. Such cameras have relied on conventional optics, which have various design constraints. For example, a with a given , measured in millimeters or centimeters, has to sit at a distance from an imaging sensor equal to or greater than that focal length to capture an image. This basically means the lenses must be very long.

In a paper published in this weeks Nature Photonics, MIT Media Lab researchers describe a technique that makes a reflect back and forth off carefully positioned mirrors inside the lens system. A fast imaging sensor captures a separate image at each reflection time. The result is a sequence of imageseach corresponding to a different point in time, and to a different distance from the lens. Each image can be accessed at its specific time. The researchers have coined this technique time-folded optics.


Printed electronics breakthrough could lead to flexible electronics revolution Lifeboat News: The Blog

A new form of electronics manufacturing which embeds silicon nanowires into flexible surfaces could lead to radical new forms of bendable electronics, scientists say.

In a new paper published today in the journal Microsystems and Nanoengineering, engineers from the University of Glasgow describe how they have for the first time been able to affordably print high-mobility semiconductor onto flexible surfaces to develop high-performance ultra-thin electronic layers.

Those surfaces, which can be bent, flexed and twisted, could lay the foundations for a wide range of applications including video screens, improved health monitoring devices, implantable devices and synthetic skin for prosthetics.


Terahertz technology creates new insight into how semiconductor lasers work Lifeboat News: The Blog

Lasers are widely used as high power sources of light operating at a specific frequency. But how does this frequency get selected when a laser is turned on, and how quickly?

Pioneering engineers working with technology have been researching how individual frequencies are selected when a laser is turned on, and how quickly the selection is made.

The development of specific terahertz equipment has allowed them to investigate this process for the first time. Their results, published in Nature Communications, will underpin the future development of semiconductor lasers, including those used in public and private sector-owned telecommunications systems.


The behavior of waterscientists find new properties of H2O Lifeboat News: The Blog

A team of scientists has uncovered new molecular properties of watera discovery of a phenomenon that had previously gone unnoticed.

Liquid water is known to be an excellent transporter of its own autoionization products; that is, the charged species obtained when a water molecule (H2O) is split into protons (H+) and hydroxide ions (OH). This remarkable property of water makes it a critical component in emerging electrochemical energy production and storage technologies such as fuel cells; indeed, life itself would not be possible if water did not possess this characteristic.

Water is known to consist an intricate network of weak, directional interactions known as . For nearly a century, it was thought that the mechanisms by which water transports the H+ and OH ions were mirror images of each other identical in all ways except for directions of the hydrogen bonds involved in the process.


3D printed biomaterials for bone tissue engineering Lifeboat News: The Blog

When skeletal defects are unable to heal on their own, bone tissue engineering (BTE), a developing field in orthopedics can combine materials science, tissue engineering and regenerative medicine to facilitate bone repair. Materials scientists aim to engineer an ideal biomaterial that can mimic natural bone with cost-effective manufacturing techniques to provide a framework that offers support and biodegrades as new bone forms. Since applications in BTE to restore large bone defects are yet to cross over from the laboratory bench to clinical practice, the field is active with burgeoning research efforts and pioneering technology.

Cost-effective three-dimensional (3D) printing (additive manufacturing) combines economical techniques to create scaffolds with bioinks. Bioengineers at the Pennsylvania State University recently developed a composite ink made of three materials to 3D print porous, -like constructs. The core materials, polycaprolactone (PCL) and poly (D, L-lactic-co-glycolide) acid (PLGA), are two of the most commonly used synthetic, biocompatible biomaterials in BTE. Now published in the Journal of Materials Research, the materials showed biologically favorable interactions in the laboratory, followed by positive outcomes of in an animal model in vivo.

Since bone is a complex structure, Moncal et al. developed a bioink made of biocompatible PCL, PLGA and hydroxyapatite (HAps) particles, combining the properties of bone-like mechanical strength, biodegradation and guided reparative growth (osteoconduction) for assisted natural bone repair. They then engineered a new custom-designed mechanical extrusion system, which was mounted on the Multi-Arm Bioprinter (MABP), previously developed by t...


A Particle Accelerator Between Your Fingertips Lifeboat News: The Blog

An early prototype of the silicon-chip-sized particle accelerator that scientists at Stanford University are developing. Later, this could be made smaller to be inserted into the body and used to treat tumour.


Robotics Solutions Using Deep Learning Lifeboat News: The Blog

Kinema Systems and GhostRobotics faced off and shared their pitches with the live audience at NVIDIAS GPU Technology Conference (GTC) to showcase different approaches with autonomous systems using deep learning, machine learning and AI.

Kinema Systems, based in Menlo Park, Calif., is building innovative deep learning and 3D vision-based robotic solutions for logistics and manufacturing.

From Philadelphia, Pa., GhostRobotics is revolutionizing legged robotics and the market for autonomous unmanned ground vehicles used in unstructured terrain and harsh environments.


Solar-powered aircraft stays aloft for record-breaking 25 days Lifeboat News: The Blog

While Facebook and Google recently pulled the plug on their solar-powered internet drones, another company with a lot more experience is having success with the idea. Airbus announced that its solar-powered Zephyr S HAPS (high altitude pseudo-satellite) flew for 25 straight days, setting a time aloft record for any airplane, ever. It shattered the previous record of 14 days, marked by a previous prototype Zephyr aircraft.

The Zephyr flies on sun power alone at over 70,000 feet, an altitude that just a few aircraft like the Concorde and SR-71 Blackbird have reached. Thats well above any weather, and lets it perform reconnaissance, surveillance and communications/internet duties. [It fills a] capability gap complimentary to satellites, UAVs and manned aircraft to provide persistent local satellite-like services, Airbus said in a press release. A video of the takeoff (below) shows that it can be lifted and launched by hand. Once aloft, it can be operated for a fraction the cost of a satellite.


FBI warns banks about ATM cash-out scheme Lifeboat News: The Blog

The FBI is warning banks about a fraud scheme called an ATM cash-out, Krebs on Security reports. With this type of heist, attackers typically compromise a bank or payment card processor with malware, disable fraud controls and withdraw large sums of money sometimes millions of dollars with cloned bank cards. The FBI reportedly sent an alert to banks last week. The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an unlimited operation, said the notice.

Once hackers gain access to a financial institutions system, often through phishing, theyll alter account balances as well as disable maximum ATM withdrawal amounts and transaction limits. That way, they can quickly take out large amounts of cash from ATMs with fraudulent bank cards made from stolen card data and gift cards.

Last month, Krebs on Security reported on two successful applications of this type of scheme. Hackers were able to steal around $2.4 million from The National Bank of Blacksburg through two ATM cash-outs in 2016 and 2017.


DeepMind Subsidiary's Software Can Diagnose Eye Diseases SoylentNews

DeepMind's AI can detect over 50 eye diseases as accurately as a doctor

Step by step, condition by condition, AI systems are slowly learning to diagnose disease as well as any human doctor, and they could soon be working in a hospital near you. The latest example is from London, where researchers from Google's DeepMind subsidiary, UCL, and Moorfields Eye Hospital have used deep learning to create software that identifies dozens of common eye diseases from 3D scans and then recommends the patient for treatment.

The work is the result of a multiyear collaboration between the three institutions. And while the software is not ready for clinical use, it could be deployed in hospitals in a matter of years. Those involved in the research described is as "ground-breaking." Mustafa Suleyman, head of DeepMind Health, said in a press statement that the project was "incredibly exciting" and could, in time, "transform the diagnosis, treatment, and management of patients with sight threatening eye conditions [...] around the world."

The software, described in a paper published in the journal Nature Medicine, is based on established principles of deep learning, which uses algorithms to identify common patterns in data. In this case, the data is 3D scans of patients' eyes made using a technique known as optical coherence tomography, or OCT. Creating these scans takes around 10 minutes and involves bouncing near-infrared light off of the interior surfaces of the eye. Doing so creates a 3D image of the tissue, which is a common way to assess eye health. OCT scans are a crucial medical tool, as early identification of eye disease often saves the patient's sight. [...] In a test where the AI's judgments were compared with diagnoses by a panel of eight doctors, the software made the same recommendation more than 94 percent of the time.

Move over, Watson.

Also at BBC and VentureBeat.

Clinically applicable deep learning for diagnosis and referral in retinal disease (DOI: 10.1038/s41591-018-0107-6) (DX)

Original Submission

Read more of this story at SoylentNews.


NVIDIA Announces Turing-Based Quadro RTX GPUs As The "World's First Ray-Tracing GPU" Phoronix

This morning AMD announced the Vega-based Radeon Pro WX 8200 graphics card as the "best workstation GPU under $1,000 USD" while tonight NVIDIA is trying to steal the thunder by announcing the Quadro RTX series as the "world's first ray-tracing GPU" that is also based on their new Turing architecture...


HPR2617: Exposing a Raspberry Pi database through a REST API Hacker Public Radio

Links from the episode Wikipedia - REST API Wikipedia - WSGI Bottle Framework SQLite


Theorists with a Swamp, not a Theory Not Even Wrong

In recent weeks string theory has been again getting a lot of press attention, because of claims that new progress is being made in the study of the relation of string theory and the real world, via the study of the swampland. This is a very old story, and Ive often written about it here. I just added a new category, so anyone who wants to can go follow it by clicking on the Swampland category of posts.

Recent press coverage of this includes an article by Clara Moskowitz at Scientific American, entitled String Theory May Create Far Fewer Universes Than Thought. This motivated Avi Loeb to write his own Scientific American piece highlighting the dangers of string theory speculation unmoored to any possible experimental test, which appeared as Theoretical Physics is Pointless without Experimental Tests. Loeb reports:

There is a funny anecdote related to the content of this commentary. In my concluding remarks at the BHI conference we held at Harvard in May 2018, I recommended boarding a futuristic spacecraft directed at the nearest black hole to experimentally test the validity of string theory near the singularity. Nima Arkani-Hamed commented that he suspects I have an ulterior motive for sending string theorists into a black hole. For the video of this exchange, see

Last week Natalie Wolchover reported on this controversy, with an article that appeared at Quanta magazine as Dark Energy May Be Incompatible With String Theory and at the Atlantic as The Universe as We Understand It May Be Impossible (the Atlantic headline writer misidentifies we as string theorists).

Wolchover accurately explains part of this story as a conflict between string theorists over whether certain solutions (such as the KKLT solution and the rest of the so-called string theory landscape) to string theory really exist. Vafa argues they may not exist, since the proposed solutions are complicated and Usually in physics, we have simple examples of general phenomena. In response Eva Silverstein argues:

They [Vafa and others] essentially just speculate that those things dont exist, citing very limited and in some cases highly dubious analyses.

On Twitter, Jim Baggott...


XArray Proposed For Merging In The Linux 4.19 Kernel Phoronix

Matthew Wilcox who most recently has been employed by Microsoft is looking to get the new XArray data structure added to the Linux 4.19 kernel...


Hillicon Valley: FBI fires Strzok after anti-Trump tweets | Trump signs defense bill with cyber war policy | Google under scrutiny over location data | Sinclair's troubles may just be beginning | Tech to ease health data access | Netflix CFO to step down The Hill: Technology Policy

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Morgan Chalfant (@mchalfant16) and Olivia Beavers (@olivia_beavers),...


Converting A 3-in-1 Printer Into A WiFi Scanner, Just Because Hackaday

[Zaprodk] had trash-picked a defunct HP Envy 450 AIO, a 3-in-1 printer, scanner, and copier. Normally there usually isnt much use for these unless youre willing to hunt down the cartridges which it used, so your next step is to dismantle it for parts. Thats what he was going to do but then decided to see if he could remove as much as possible while leaving just the scanner.

Converted WiFi scanner boards

He ran into trouble after hed fixed the lid-open sensor and unplugged pretty much everything. He was getting too many error messages on the LCD panel to reconfigure the WiFi. Luckily he could connect it to his computer using USB and do the configuration from there. One dubious mod involved turning an unflipped flexible flat cable into a flipped one by doing a little cutting, scraping and gluing. Check out his write-up for the full hack.

Interested in more dumpster hardware recovery? Check out how [Adil Malik] rescued a scope with some reverse engineering and an FPGA. And then theres how [Matt]...


Electron Beam Patterning for High-Resolution Full-Color OLED Displays SoylentNews

Currently, OLED technology faces the hurdle that full-color displays can only be realized by using color filters or shadow masks, which limit OLED efficiency and resolution. Researchers are working intensely on new approaches to fabricate microdisplays characterized by high resolution while at the same time offering high efficiency and long operating life time.

The patterning of the organic layers of OLEDs is one of the greatest challenges, since conventional methods such as photolithography cannot be utilized with organic semiconductor materials. The use of electron beam technology for microstructuring was successfully demonstrated at the Fraunhofer FEP two years ago. Using its patented process, FEP was able to modify the emission of an OLED through the existing encapsulation layer to create any feature imaginable and even produce high-resolution grayscale images.

Further development of the electron beam process has now achieved full-color OLED without using color filters or shadow masks. To create red, green, and blue pixels, an organic layer of the OLED itself is ablated by a thermal electron beam process. This patterning causes a change to the thickness of the layer stack, which makes the emission of different colors possible.

This is the first major step towards the development of full-color displays without the use of restrictive color filters in the process. Elisabeth Bodenstein, developer in the Fraunhofer FEP project team, explains the advantages: With our electron-beam process it is possible to thermally structure even these sensitive organic materials without damaging the underlying layer.

The results were obtained by simulating and initially estimating the HTL (hole transport layer) thicknesses that are produced by the electron beam. The researchers actually achieved the decoupling of red, green, and blue emissions from the white OLED. Following proof of concept at Fraunhofer FEP, these colors were demonstrated on the first test substrates, exhibiting comparable OLED performance.

Original Submission

Read more of this story at SoylentNews.


Tech companies earn White House praise for committing to easier health data access The Hill: Technology Policy

Major technology companies on Monday announced their commitment to making it easier to share data across the healthcare sector, in a move backed by the White House.The companies said that theyre pushing to make data more accessible for the...


[$] The importance of being noisy

Hundreds (at least) of kernel bugs are fixed every month. Given the kernel's privileged position within the system, a relatively large portion of those bugs have security implications. Many bugs are relatively easily noticed once they are triggered; that leads to them being fixed. Some bugs, though, can be hard to detect, a result that can be worsened by the design of in-kernel APIs. A proposed change to how user-space accessors work will, hopefully, help to shine a light on one class of stealthy bugs.


Badness, Enumerated by Robots That grumpy BSD guy

A condensed summary of the blacklist data generated from traffic hitting and cooperating sites.

After my entry was posted, there has been an uptick in interest about the security related data generated at the site. I have written quite extensively about these issues earlier so I'll keep this piece short. If you want to go deeper, the field note-like articles I reference and links therein will offer some further insights.

There are three separate sets of downloadable data, all automatically generated and with only very occasional manual intervention.

Known spam sources during the last 24 hours

This is the list directly referenced in the piece.

This is a greytrapping based list, where the conditions for inclusion are simple: Attempts at delivery to known-bad addresses in domains we handle mail for have happened within the last 24 hours.

In addition there will occasionally be some addresses added by cron jobs I run that pick the IP addresses of hosts that sent mail that made it through greylisting performed by our spamd(8) but did not pass the subsequent spamassassin or clamav treatment. The system is part of the bgp-spamd cooperation.

The traplist has a home page and at one point was furnished with a set of guidelines.

Misc other bots: SSH Password bruteforcing, malicious web activity, POP3 Password Bruteforcing.

The bruteforcers list is really a combination of several things, delivered as one file but with minimal scripting ability you should be able to dig out the distinct elements, described in this piece.

The (usually) largest chunk is a list of hosts that hit the rate limit for SSH connections described in the article or that was caught trying to log on as a non-existent user or other undesirable activity aimed at my sshd(8) service. Some as yet unpublished scriptery helps me feed the miscreants that the automatic processes do not catch into the t...


Fax machines ripe for hacking, says new study The Hill: Technology Policy

Often overlooked office fax machines pose a huge vulnerability to the cybersecurity of businesses and other organizations, according to a new study. Many such machines run on decades-old protocols that are easy for hackers to penetrate, says...


Funding for Tesla to Go Private Could Come From Saudis; Lawsuits and SEC Scrutiny Increase SoylentNews

Musk Says 'Funding Secured' Claim Sparked by Saudi Meeting

Elon Musk said interest from Saudi Arabia's sovereign wealth fund gave him the confidence to drop the bombshell last week that he was considering taking Tesla Inc. private. The Saudi Kingdom's Public Investment Fund had approached Musk going back almost two years about taking Tesla off the market, he wrote in a blog post Monday, confirming that the fund recently bought an almost 5 percent stake. Musk described a July 31 meeting in which the Saudi fund's managing director expressed regret that Tesla hadn't moved forward with a go-private transaction.

[...] Several investors have since sued Musk and Tesla, claiming the company's share price had been manipulated. The Securities and Exchange Commission is said to be intensifying its scrutiny of the company and its chief executive officer after having started gathering general information about Tesla and Musk's earlier public pronouncements about manufacturing goals and sales targets.

One of Tesla's biggest critics, Vertical Group analyst Gordon Johnson, read Musk's blog post as a walk-back maneuver from his "funding secured" tweet last week. He cited Musk's statement Monday that the Saudi fund's support for taking Tesla private was "subject to financial and other due diligence and their internal review process for obtaining approvals." "He is specifically stating that funding is not secured, and I think that's a big deal," Johnson, whose $93 price target on Tesla shares is the lowest among Wall Street analysts, said on Bloomberg Television. "The question then becomes, what does the SEC do here, and do the shareholders stick with him?"

Also at CNBC.

Previously: Elon Musk Considers Taking Tesla Private

Original Submission

Read more of this story at SoylentNews.


Quantum formulation of the Einstein equivalence principle Lifeboat News: The Blog

The physical conditions that support a geometric interpretation of spacetime, such as the equivalence between rest and inertial mass, are shown not to be necessarily valid in the quantum regime, and a quantum formulation is provided.


A Look At The Windows 10 vs. Linux Performance On AMD Threadripper 2990WX Phoronix

Complementing the extensive Linux benchmarks done earlier today of the AMD Threadripper 2990WX in our review (as well as on the Threadripper 2950X), in this article are our first Windows 10 vs. Linux benchmarks of this 32-core / 64-thread $1799 USD processor. Tests were done from Microsoft Windows 10 against Clear Linux, Ubuntu 18.04, the Arch-based Antergos 18.7-Rolling, and openSUSE Tumbleweed.


Defcon: 11-year-old modifies Florida Presidential voting results HackRead

By Waqas

At the largest hacking conference in the world, Defcon 2018, there have been many surprising discoveries. However, the news that has shocked the United States is the hacking and modifications of election results by young kids. The 26th Defcon conference is being held in Las Vegas. Reportedly, the 11-year-old Emmert Brewer managed to modify election []

This is a post from Read the original post: Defcon: 11-year-old modifies Florida Presidential voting results


Thomas The Terrifying Karaoke Robot Hackaday

The junk bin can be a great source of inspiration, unless youre too familiar with the contents to be imaginative with them. But thrift stores are another matter, like giant junk bins that are constantly replenished by underappreciated elves. You never know what kinds of goodies they will pile on the shelves, so its easy to become a fixture and visit them once or thrice a week.

[Hunter Irving] haunts a few choice thrift stores in his neighborhood, and a few months ago he found a knockoff Thomas the Tank Engine with an articulated face. It uses a simple mechanism to produce an impressive amount of movement, especially for a cheap knockoff toy. Both of its eyes slide sideways and its mouth opens, resulting in a very animated (and terrifying) range of expressions. Sensing an opportunity to turn his animatronic robot dreams into karaoke-singing nightmare fuel for the rest of us, he forked over a few bucks and took it home.

As luck would have it, a 9g micro servo fit perfectly in the back of the frightening little face. [Hunter] designed an axle to transfer motion to the face mechanism, but it broke almost immediately. We applaud his Plan B, though, which consists of a mounting block for the servo, and a cable tie armature connected with screws. Once that was...


Wearable "Microbrewery" Used to Measure Radiation Dosage SoylentNews

Wearable 'microbrewery' saves human body from radiation damage

Purdue University researchers have engineered yeast "microbreweries" within disposable badges made of freezer paper, aluminum and tape. Simply adding a drop of water activates the yeast to show radiation exposure as read by an electronic device. On a commercial level, the readout device could one day be a tablet or phone. The badge could also be adapted in the future for nuclear power plant workers and victims of nuclear disasters.

[...] The success of the badge lies in the quick and measurable response of yeast to radiation: The higher the radiation dose, the higher the percentage of yeast cells that die. Wetting the badge activates the cells that are still alive to eat glucose and release carbon dioxide the same fermentation process responsible for brewing beer and making bread rise. When carbon dioxide bubbles at the surface, ions also form. The concentration of these ions increases the electrical conductivity of yeast, which can be measured by hooking up the badge to a readout system.

"We use the change in electrical properties of the yeast to tell us how much radiation damage it incurred. A slow decrease in electrical conductivity over time indicates more damage," said Rahim Rahimi, Purdue postdoctoral researcher in electrical and computer engineering.

Original Submission

Read more of this story at SoylentNews.


Netflix CFO to step down The Hill: Technology Policy

Netflix announced on Monday that its longtime Chief Financial Officer (CFO) David Wells will be stepping down.Wells has been part of the company since 2004 and has served as CFO since 2010. Netflix said he would stay on as it searches for his...


Scientists Have Successfully Reversed The Aging Of Human Cells In The Lab Lifeboat News: The Blog

Aging is a battle that humans have known they cant win since the beginning of history. We can hate it or (eventually) accept it but ultimately we cant avoid growing old. However, over the years scientists have been trying to pinpoint the roots of this biological process and work out if there is any way to stop or reverse it. There have been some minor successes along the way and a new study adds to these.

The researchers were able to reverse the aging process of some old human cells by delivering a specific molecule to their mitochondria, the structures within cells where energy is produced. This approach stops the cells from becoming senescent, a point at which they can no longer duplicate. Some researchers believe that the accumulation of these cells in organs is key to the aging process.

We still dont fully understand why cells become senescent as we age, but damage to DNA, exposure to inflammation and damage to the protective molecules at the end of the chromosomes the telomeres have all been suggested, the authors wrote in a post on The Conversation. More recently, people have suggested that one driver of senescence may be loss of our ability to turn genes on and off at the right time and in the right place.


DaVinci Resolve 15 Video/Effects Editor Released With Linux Support Phoronix

DaVinci Resolve 15 has been released by Blackmagic Design as the company's professional-grade video editing, visual effects, motion graphics, and audio post-production software...


Election systems should be considered critical infrastructure Help Net Security

93 percent of security professionals are concerned about cyber-attacks targeting election infrastructure and data, and 81 percent believe cyber criminals will target election data as it is transmitted by machines, software and hardware applications, from local polling stations to central aggregation points, a recent study by Venafi has revealed. Last year, attendees at DEF CON managed to find and take advantage of vulnerabilities in five different voting machine types within 24 hours, said Jeff Hudson, More

The post Election systems should be considered critical infrastructure appeared first on Help Net Security.


Btrfs Gets Fixes & Low-Level Improvements With Linux 4.19 Phoronix

David Sterba of SUSE sent in the Btrfs file-system updates today for the Linux 4.19 kernel merge window...


Power Generation Modules Mix and Match Wind, Water, and Hand Cranks Hackaday

Whats great about the Power Generation Modules project headed by [Cole B] is the focus on usability and modularity. The project is a system for powering and charging small devices using any number and combination of generator modules: wind turbine, hand-crank, and water turbine so far. Power management and storage is handled by a separate unit that acts as a battery bank to store the output from up to six generators at once. Theres also a separate LED lamp module, designed to be capable of being powered directly from any of the generator modules if needed.

Testing the water turbine module

The hand crank is straightforward in concept, but key to usability was selecting a DC gearmotor with a gear ratio that made cranking by hand both comfortable and sustainable; too weak of a crank and its awkward, too hard and its tiring. The wind turbine has three compact vanes that turn a central shaft, but testing showed the brushless motor it uses as a generator isnt a good match for th...


Is Life Extension Altruistic? Lifeboat News: The Blog

Recently, weve published an article explaining why life extension is not a selfish endeavor. As a matter of fact, life extension is a rather altruistic endeavor, though this depends on your interpretation of the definition. Lets dig deeper.

What is altruism?

According to the Oxford English Dictionary, altruism is disinterested and selfless concern for the well-being of others. Thus, one is altruistic when his or her actions are done for the benefit of others, without placing any importance on his or her own benefit.


Aerial-Biped Is a Quadrotor With Legs That Can Fly-Walk IEEE Spectrum Recent Content full text

Walking around wouldnt be nearly so hard if you could just shut gravity off for a bit

A couple years ago, we wrote about a robot called BALLU from Dennis Hong at UCLAessentially a blimp with skinny little legs, BALLU made walking easier by taking gravity out of the equation. If your robot doesnt weigh anything, you dont have to worry about falling over, right? Inspired in part by BALLU, researchers from the University of Tokyo have developed a quadrotor with legs called Aerial-Biped. Designed primarily for entertainment, Aerial-Biped enables a richer physical expression by automatically generating walking gaits in sync with its quadrotor body.

Until someone invents a robot that can moonwalk, you can model a gait that appears normal by simply making sure that the velocity of a foot is zero as long as its in contact with the ground. The Aerial-Biped robot learns how to do this through reinforcement learning in a physics simulator, and the policy transfers to the robot well enough that the legs can appear to walk as the quadrotor moves.

Right now, getting this to work on the real robot involves using motion capture on the drone, so its not yet suitable for out-of-lab wandering. The researchers are working on adding more degrees of freedom to both the body and the legs, with the goal of being able to physically imitate the gaits of animated characters. 

For a bit more detail on this project, we spoke with lead author Azumi Maekawa from the University of Tokyo.

Where did you get the idea for this research?

We were inspired by bipedal robots that use invisible force to get stability, such as Magdan, created by Tomotaka Takahashi (an electromagnet on the bottom of its feet lets it walk on a metal plate), and BALLU (which uses buoyancy of a helium-filled balloon). The foot trajectory generation method is based on the assumption that one of the key features of walking (or at least the appearance of walking) is that the velocity of the foot in contact with the ground is zero.

What function do the legs serve on this robot? Or, what is the goal of adding legs to a quadrotor?

The goal is to develop a robot that has the ability to display the appearance of bipedal walking with dynamic mobility, and to provide a new visual experience. The robot enables walking motion with very slender legs like those of a flamingo without impairing dynamic mobility. This approach enables casual users to choreograph biped robot walking without expertise. In addition...


Facebook Bans The Sale of All Kodi Boxes, Legal or Not TorrentFreak

Entertainment companies see streaming piracy as one of the largest threats to the industry. This is true for streaming sites, but also specialized pirate boxes, which are often sold with the popular media player Kodi installed.

While Kodi itself is a neutral platform, third-party add-ons can turn it into a powerful pirate tool. This is why Kodi and piracy are often mentioned in the same breath.

This negative stigma has already resulted in Google banning Kodi from the autocomplete feature of its search engine, among other things. And recently Facebook has piled on with another broad measure.

Facebook previously banned the sale of fully-loaded pirate streaming devices, as did Amazon and eBay, but the social network appears to have expanded this to all Kodi-powered hardware now.

This is made clear in the prohibited content section of the companys commerce policies, as shown below.

Facebook states that users are no longer allowed to promote the sale or use of streaming devices with KODI installed. In addition, jailbroken or loaded devices are also banned from the platform.

Banned commerce on Facebook

The issue was first noticed by CordCuttersNews which notes that sellers who violate the policy may have their Facebook accounts banned.

Interestingly, Facebook will still permit the sale of add-on equipment for KODI devices, including keyboards and remotes. However, selling any devices with the software itself is no longer allowed.

TorrentFreak reached out to the Kodi team for a comment on the news, but at the time of publication, we had yet to hear back.

Its unclear why Facebook has expanded its previous ban of piracy-enabling devices to Kodi specifically. Kodi itself is not the problem here, which is something acknowledged by several anti-piracy groups. Perhaps the piracy-stigma is simply too big.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have...


Two Tools That Are Key to Perfect Writing TechWorm

Being a writer can be a tiring job at times. It requires your time, focus and skills. Anyone can write, but not everyone can write something that is compelling, error-free and informative. Just scribbling on paper or typing on your laptop is never equivalent to writing something worth reading.

Whether you are working on your next assignment, article or book, vigilance is the ultimate key. Writing is an art and a good writer is the one who values his time as well as the time of his clients or target audience. A careless piece of writing is not only going to serve you bad, but it will also be off-putting for anyone who reads it.

Plagiarism & Grammar: Two Important Elements in Writing

If you are a student or someone who writes for a living, then you must be well aware of two important terms: Plagiarism & Grammar.

Both plagiarism and grammar play a very important part in any writing. As a student, it is imperative for you to write grammatically correct and free of plagiarism in order to secure high scores and impress your teachers. As a professional, you have to make sure that you are turning in all official documents with no plagiarism or grammar errors. The quality of writing depends on the uniqueness of content, correct grammar usage, and the ability to put those ideas and thoughts into words. Two essential tools that are helpful for people in this regard are Plagiarism Checker and Grammar Checker.

Plagiarism: What is it & How to Avoid It

What is plagiarism and how does it happen? How should I avoid it? These are important questions that go through the mind of anyone attempting to write something. To answer them, lets begin with understanding plagiarism.

Using someone elses ideas or work without proper citation or attribution is known as plagiarism. Of all the instances of plagiarism that may occur, many are unintentional. Some of the common examples include using an argument or information in your research without any attribution, using excerpts from an already published work without quoting the author, and rephrasing a source without giving credit to the original source. That is why, it is advised when youre unsure, its always better to cite a source. The rule of thumb is always to use an offline or online plagiarism checker to make sure you have not ended up plagiarizing accidentally or unintentionally. Thats the best way to prevent plagiarism from occurring.

Grammar Checker: Why Is Grammar Important?

Your language teacher must have told you that correct grammar is the foundation of any piece of writing. You can never successfully communicate your thoughts and messages without correct implementation of grammar. For instance, an interjection or an adverb if incorrectly placed will lose its impact; inc...


The Pirate Bay Turns 15 Years Old SoylentNews

Submitted via IRC for SoyCow1984

The Pirate Bay Turns 15 Years Old

Founded in 2003 by a group of hackers and activists, The Pirate Bay aimed to bring file-sharing to the masses. In the fifteen years that followed, the site transformed from a small community to Hollywood's resilient arch-rival, serving millions of users. And that's not the only thing that changed. Todayish, The Pirate Bay turns 15 years old, which is quite an achievement considering the immense legal pressure it has faced over the years.

While the exact launch date is a bit of a mystery, even to the site's founders, August 10 was previously chosen as its anniversary. What we do know is that the site was brought online in 2003 by now-disbanded pro-culture organization Piratbyrn, which is Swedish for Bureau of Piracy. The group was formed by political activists and hackers in the same year, many of whom had already launched other web projects challenging political, moral, and power structures.

One of the group's unwritten goals was to offer a counterweight to the propaganda being spread by local anti-piracy outfit Antpiratbyrn. With BitTorrent as the up-and-coming file-sharing technology, they saw fit to start their own file-sharing site to promote sharing of information.

The Pirate Bay first came online in Mexico where Gottfrid Svartholm, aka Anakata, hosted the site on a server owned by the company he was working for at the time. After a few months, the site moved to Sweden where it was hosted on a Pentium III 1GHz laptop with 256MB RAM. This one machine, which belonged to Fredrik Neij, aka TiAMO, kept the site online and included a fully operational tracker.

Related: Anti-Piracy Firm: P2P Piracy Still Relevant

Original Submission

Read more of this story at SoylentNews.


Google Tracks Android, iPhone Users Even With 'Location History' Turned Off The Hacker News

Google tracks you everywhere, even if you explicitly tell it not to. Every time a service like Google Maps wants to use your location, Google asks your permission to allow access to your location if you want to use it for navigating, but a new investigation shows that the company does track you anyway. An investigation by Associated Press revealed that many Google services on Android and


Vulnerabilities in smart card drivers open systems to attackers Help Net Security

Security researcher Eric Sesterhenn of X41 D-SEC GmbH has unearthed a number of vulnerabilities in several smart card drivers, some of which can allow attackers to log into the target system without valid credentials and achieve root/admin privileges. A lot of attacks against smart cards have been performed in the past but not much work has focused on hacking the driver side of the smart card stack [the piece of software that interacts with chip More

The post Vulnerabilities in smart card drivers open systems to attackers appeared first on Help Net Security.


Two Startups Use Processing in Flash Memory for AI at the Edge IEEE Spectrum Recent Content full text

Mythic AI and Syntiant sound similar on the surface, but theyre after different markets

Irvine, Calif.based Syntiant thinks it can use embedded flash memory to greatly reduce the amount of power needed to perform deep-learning computations. Austin, Texasbased Mythic thinks it can use embedded flash memory to greatly reduce the amount of power needed to perform deep-learning computations. They both might be right.

A growing crowd of companies are hoping to deliver chips that accelerate otherwise onerous deep learning applications, and to some degree they all have similarities because these are solutions that are created by the shape of the problem, explains Mythic founder and CTO Dave Fick.

When executed in a CPU, that problem is shaped like a traffic jam of data. A neural network is made up of connections and weights that denote how strong those connections are, and having to move those weights around so they can be represented digitally in the right place and time is the major energy expenditure in doing deep learning today.

Our approach is to completely eliminate both memory bandwidth and memory power penalties by doing computation in memory, explains Syntiant CEO Kurt Busch.

In both companies approaches, the network weights are actually levels of charge stored in an array of flash memory cells. The charge alters the amount of current that flows through the cell, and the cells are arranged in a way that the current produces the crucial multiply and accumulate computations needed for a network to tell a stop sign from a sunset, or OK Google from big gray poodle.

Because the weights are always just where they need to be, theres no need to expend any time or energy to move them. The analog nature of the computation also keeps power low. While training neural networks is typically done by computing with fairly precise (8- or 16-bit) numbers, actually using the trained networkcalled inferencingcan be done faster and at lower power using much-less precise5-bit or even 3-bitnumbers as the weights. With analog computation, you can build multiply and accumulate that is low precision but very, very accurate, says Busch.

Mythic is aiming for a mere 0.5 picojoules per multiply and accumulate, which would result in about 4 trillion operations per watt (TOPS/W). Syntiant is hoping to get to 20 TOPS/W. An Nvidia Volta V100 GPU can do 0.4 TOPS/W, according to Syntiant. However, real apples-to-apples comparisons in the machine learning world are difficult to determine, Fick points out.

The extent of analog circuitry each startup uses is a key difference between them. Syntiants entire network is analog, but Mythic surr...


Dawn of the First Digital Camera Hackaday

Technology vanishes. It either succeeds and becomes ubiquitous or fails. For example, there was a time when networking and multimedia were computer buzzwords. Now they are just how computers work. On the other hand, when was the last time you thought about using a CueCat barcode reader to scan an advertisement? Then there are the things that have their time and vanish, like pagers. It is hard to decide which category digital cameras fall into. They are being absorbed into our phones and disappearing as a separate category for most consumers. But have you ever wondered about the first digital camera? The story isnt what you would probably guess.

The first digital camera I ever had was a Sony that took a floppy disk. Surely that was the first, right? Turns out, no. There were some very early attempts that didnt really have the technology to make them work. The Jet Propulsion Laboratory was using analog electronic imaging as early as 1961 (they had been developing film on the moon but certainly need a better way). A TI engineer even patented the basic outline of an electronic camera in 1972, but it wasnt strictly digital. None of these bore any practical fruit, especially relative to digital technology. It would take Eastman Kodak to create a portable digital camera, even though they were not the first to commercialize the technology.

Kodak 1975

Steven Sasson, working for Kodak, received an early CCD image sensor from Fairchild in 1974. The going price for these, by the way, was $965 when they were introduced a year or so earlier. Kodak had an interesting blog post about the camera from the 2007 induction of Sasson into the Consumer Electronics Hall of Fame, although it seems to be gone. Luckily, you can still read it on the Internet Archive (the source of the still images of the Kodak device in this post are from the archived Kodak website).

Just like a bag phone doesnt look much like a cellphone, Sassons 8-pound camera didnt look much like todays digital point and shoot you can see it quite well in the video, below. Featuring a lens from a Super 8 movie camera, 16 NiCad batteries, and a cassette recorder, the box contained about a half dozen circuit boards that included an A/D converter design meant for a digital voltmeter. Even then it took 23 seconds to record one of the 30 pictures onto the cassette (although the 30 limit appears to have been arbitrary to mimic the number of shots on a roll of film which was usually 24 or 36).



Blender 2.80 Now Coming In Early 2019 With Many Improvements Phoronix

The Blender 3D modeling software is facing a slight set-back in their release schedule for the big Blender 2.80 release, but it's moving along and they intend to have it ready by early next year...


What are the Uses of Reverse Image Search? TechWorm

Reverse image search is a technique wherein it allows people to retrieve content that is relevant to a particular image. It is also known as content-based image retrieval a method that eliminates the need for a user to identify keywords that may or may not provide an accurate result. The user only needs to supply the sample image to make a search or query.

We know that Google images can provide us with any photo, but we need to write the keyword or the terms associated with it to be able to proceed with the search. While in using a reverse image search tool we will just provide a sample image. It is helpful in locating the source of an image or the content creator, search for the image in terms of popularity, extract details that are related to an image, look for similar images that have higher resolution, locate the web pages where the photo is displayed, and look for manipulated versions of the image.

If you are into social media and you want to find if a persons account is legit, you can use a reverse image search tool for this purpose. You only have to supply the photo of the person, and it will show you the information that you need to check if the account is legit or not. Verifying account using a reverse image search tool can save you the trouble of being connected with an impostor or scammer. At present, many people are using fake accounts that is why you must be cautious and check the profile of the person first before adding them.

Photographers spend a great deal of money to buy their equipment and to attend workshops. They also exert a lot of time and effort in their craft to be able to produce quality and beautiful pictures that is why it is only right that they get the proper compensation for their work. They can use the reverse image search tool to discover if someone is using their pictures without their permission. By not giving credits to the owner, one can be accused of false ownership.

Whether it is for personal or public use, it should always be a practice to attribute the source of an image. To be able to get the information that you need, you can use a reverse image search from This specific website offers many helpful tools that anybody can use online. One of the most popular tools from Small SEO Tools is the reverse image search because it is simple and easy to use. All you have to do is to upload an image or paste the URL where the image is located, and then it will give you the results in a flash. It will show you similar images and their sources.

Also, if you want to get any information about a particular image like a famous person, place or product you can run it through a reverse image search tool. It can help you save a lot of time looking for answers if you want to know more about the photo. You dont have to go through an intensive research by typing different keywords to get the information that you need from the image.



Time-domain Simulation of Electro-mechanical Sensors and Systems IEEE Spectrum Recent Content full text

Learn how OnScale massively accelerates sensor design by removing compute constraints with powerful CAE integrated directly to Cloud HPC.

If you are interested in modeling a variety of electromechanical sensors, then tune into this webinar to learn how OnScale helps Fortune100 companies optimize their most demanding designs using powerful FEM seamlessly integrated with Cloud HPC directly with on-demand, scalable Cloud HPC.

Understanding the complex, highly coupled behavior of electromechanical sensors (e.g. MUTs, piezoelectric transducer arrays, BAWs and SAWs) and their performance in a system as a whole is critical in the development of innovative technologies (e.g. Ultrasonic Fingerprint Sensors, Medical Imaging, and RF Filters).

Due to the anisotropic materials, complex modal coupling, and multiphysics involved in a single design (piezoelectric, electrostatic, structural, thermal and acoustic), powerful numerical simulation is essential for predicting and understanding effects of design changes, environmental influences, and manufacturing tolerances. By facilitating rapid design iteration and assessment, cloud based simulation tools can explore large design spaces that would be impossible to do via physical prototypes.

In this webinar, OnScale will explore and analyze some of the common pain-problems in the senor space, and present pragmatic examples to show how rapid FEM & Cloud HPC can dramatically accelerate product design cycles, reducing time, cost and risk.


   Gerry Harvey, VP of Engineering, OnScale

Dr. Harvey is a numerical scientist and engineer with 15 years of experience applying FEA/FEM approaches to complex engineering problems. An acoustics expert, Dr. Harvey supports hundreds of RF filter engineers who use OnScale every day for filter design optimization.

   Andrew Tweedie, UK Director, OnScale

Dr. Tweedie is a multi-disciplined engineer with 15 years of experience in Finite Element simulation of piezoelectric devices. Dr. Tweedie supports UK and EU customers while simultaneously managing the development center in Glasgow, Scotland.

Attendees of this IEEE Spectrum webinar have the opportunity to earn PDHs or Continuing Education Certificates!  To request your certificate you will need to get a code. Once you have registered and viewed the webinar send a request to...


Vulkan 1.1.83 Released With Minor Documentation Updates For SIGGRAPH Phoronix

The Khronos Group has released Vulkan 1.1.83 as a routine maintenance update to the Vulkan 1.1 graphics/compute API to coincide with the start of ACM SIGGRAPH 2018 in Vancouver...


Links 13/8/2018: Linux 4.18 and GNU Linux-libre 4.18 Arrive Techrights

GNOME bluefish



  • Kernel Space

    • New ARM SoCs & Boards To Be Supported By The Linux 4.19 Kernel

      Hardware support improvements coming for Linux 4.19 arent limited to the x86 space but a lot of new ARM hardware support is also being introduced in this imminent kernel cycle.

      While the Linux 4.19 kernel merge window isnt quite open yet it should open tonight, following the release of Linux 4.18 the new feature work is already staged. There is the for-next arm-soc.git branch.

    • F2FS In Linux 4.19 Will Fix Big Performance Issue For Multi-Threaded Reads

      The Linux 4.19 kernel updates for the Flash-Friendly File-System (F2FS) should bring much faster performance for multi-threaded sequential reads as much as multiple times faster.

      Two years ago F2FS dropped its write-pages lock on the basis it could improve multi-threading performance 4KB writes across 32 threads went up from 25 to 28MB/s on some tests done on the developers hardware. While it was a minor win for multi-threaded writes, it turns out dropping the write-pages lock took a major toll on the multi-threaded read performance. Now with Linux 4.19, that write-pages lock is being restored.

    • SoundWire For Linux Preps Support For Multiple Masters

      Back in Linux 4.16 the SoundWire subsystem was added to the staging area as the MIPI standard for a low-power, two-wire sound bus that can support multiple audio streams and primarily utilized by small audio peripherals like IoT and mobile devices. With the next Linux kernel cycle, the SoundWire support is being improved upon.

    • GNU Linux-libre 4.18-gnu

      Two new drivers had blob...


DXVK Merges Direct3D 10 API Support Phoronix

Separate from the "DXUP" initiative, the popular DXVK project for accelerating Direct3D 11 atop Vulkan now has support itself for Direct3D 10...


Sony FH-7 Mkii - Can you handle it? Techmoan

There were countless mini component HiFi units in the 1980s - but very few of them came with a handle. The Sony FH-7 is one exception and this video is all about my quest to assemble this classic system.  


My FH-7 Mk2 came from ebay:

If you are interested in the Boombox Calendar - you can find more details here:

The Music and media featured in the video include; Purple Cassette - Anders Enger Jensen - Retro Grooves Vol 2

Colourful Printed Cassette: Jazz Spastiks - Midnight Method (Sold Out)

Labyrinth Soundtrack

Red Record - Colemine Records - Soul Slabs Vol 1.

CD - Marvin Gaye - What's Going On ...


NASA Signs Off on SpaceX's Load-and-Go Procedure for Crew Launches SoylentNews

The NASA manager overseeing development of Boeing and SpaceX's commercial crew ferry ships says the space agency has approved SpaceX's proposal to strap in astronauts atop Falcon 9 rockets, then fuel the launchers in the final hour of the countdown as the company does for its uncrewed missions.

The "load-and-go" procedure has become standard for SpaceX's satellite launches, in which an automatic countdown sequencer commands chilled kerosene and cryogenic liquid oxygen to flow into the Falcon 9 rocket in the final minutes before liftoff.

[...] SpaceX's "load-and-go" procedure raised concerns after a Falcon 9 rocket exploded on its launch pad at Cape Canaveral in September 2016. The fiery accident occurred in the final minutes of a countdown while propellants were flowing into the rocket before a hold-down engine firing, destroying the launcher and an Israeli-owned communications satellite on-board.

Officials from SpaceX said the Crew Dragon's escape system, comprising a set of high-thrust SuperDraco engines around the circumference of the capsule, would be quick enough to push the spacecraft and its crew away from such an explosion during fueling.

The abort thrusters will be activated and armed before fueling of the Falcon 9 during crewed launches.

SpaceX plans an unmanned, in-flight abort test prior to the first crewed flight, which is tentatively scheduled for April 2019.


Original Submission

Read more of this story at SoylentNews.


Faxploit Critical flaws potentially exposes millions of HP OfficeJet Printers to hack Security Affairs

A vulnerability in HP OfficeJet all-in-one inkjet printer can be exploited by attackers to gain control of the printer and use it as entry point into the network environment.

A critical vulnerability potentially exposes millions of HP OfficeJet printers to hack, according to the experts at Check Point the attackers only need to send a fax to the vulnerable printers.

The researchers discovered two critical vulnerabilities in HPs implementation of a widely used fax protocol implemented in all its OfficeJet all-in-one inkjet printers.

The vulnerabilities affect the HP all-in-one printers that support Group 3 (G3) fax protocols that are part of the ITU T.30 standard for sending and receiving color faxes.

OfficeJet HP flawCheckpoint experts reported the flaws to HP and shared details for the two vulnerabilities at the DEF CON conference.

The researchers devised an attack technique dubbed Faxploit, they demonstrated that once the attackers have compromised a fax machine they could leverage the NSA exploit EternalBlue for lateral movements.

The below diagram shows the Faxploit attack flow, following which a threat actor could then move laterally across your network to access your organizations most confidential information. reads the blog post published by CheckPoint Security. 

The crucial element to notice is that whereas most attacks today penetrate through an internet connection to enter an organizations network, using this vulnerability in the fax protocol even a network that is completely detached would be vulnerable. This is due to the attack being channeled through a route that until now was considered to be secure and need not have protection layers applied.


Google Tracks Your Movements, Like It or Not

Mmm hmm. Via: AP: Google wants to know where you go so badly that it records your movements even when you explicitly tell it not to. An Associated Press investigation found that many Google services on Android devices and iPhones store your location data even if youve used privacy settings that say they will prevent []


The fastest-sinking city in the world Lifeboat News: The Blog

With frequent floods, sinking markets and engulfed homes, by 2050 parts of Jakarta will be underwater.


Bayer shares plunge after Monsanto cancer ruling Lifeboat News: The Blog

Shares in German chemicals and pharmaceuticals giant Bayer tumbled more than 10 percent as markets opened Monday, as investors reacted to a shock US ruling against freshly-acquired Monsanto.

Stock in the Leverkusen-based group fell 10.4 percent to 83.61 euros ($95.19) around 9:25 am (0725 GMT), after a California jury on Friday awarded a dying groundskeeper damages of almost $290 million, saying Monsanto should have warned buyers that its flagship Roundup weedkiller could cause cancer.

While observers have predicted thousands of other claims could follow, Bayer said the jurys findings went against scientific evidence and that other courts might arrive at different conclusions.


Distribution Release: Zorin OS 12.4 News

Zorin OS is an Ubuntu-based distribution which strives to provide a desktop interface that will look familiar to Windows users. The project has published an update to the distribution's 12.x series, offering improved hardware support and bug fixes. The release announcement for Zorin OS 12.4 states: "We are....


Biomimetic micro/nanoscale fiber reinforced composites Lifeboat News: The Blog

Over hundreds of millions of years of evolution, nature has produced a myriad of biological materials that serve either as skeletons or as defensive or offensive weapons. Although these natural structural materials are derived from relatively sterile natural components, such as fragile minerals and ductile biopolymers, they often exhibit extraordinary mechanical properties due to their highly ordered hierarchical structures and sophisticated interfacial design. Therefore, they are always a research subject for scientists aiming to create advanced artificial structural materials.

Through microstructural observation, researchers have determined that many biological materials, including fish scales, crab claws and bone, all have a characteristic twisted plywood structure that consists of a highly ordered arrangement of micro/nanoscale fiber lamellas. They are structurally sophisticated natural fiber-reinforced composites and often exhibit excellent damage tolerance that is desirable for engineering structural materials, but difficult to obtain. Therefore, researchers are seeking to mimic this kind of natural hierarchical structure and interfacial design by using artificial synthetic and abundant one-dimensional micro/nanoscale fibers as building blocks. In this way, they hope to produce high-performance artificial structural materials superior to existing materials.


Flat-pack homes and profit-sharing retrofits are making sustainable housing affordable Lifeboat News: The Blog

Wealth-generating, flat-pack solar houses and a profit-sharing scheme that incentivises retrofitting are bringing sustainable living to people who would otherwise not be able to afford it.

One of the biggest problems that we see right now is (the creation of) a big gap between the lower and the middle classes. Everyone is talking about this growing inequality gap, said Bart Glowacki, co-founder of SOLACE, a start-up based in Warsaw, Poland, set up with the aim of making sustainable housing widely affordable.

Tighter mortgage controls, job insecurity and high student debts in Europe has meant that it is increasingly difficult for young people to buy their own homes.


Oil-Immersed Raspberry Pi Keeps Its Cool Under Heavy Loads Hackaday

As a general rule, liquids and electronics dont mix. One liquid bucks that trend, though, and can contribute greatly to the longevity of certain circuits: oil. Dielectric oil cools and insulates everything from the big mains transformers on the pole to switchgear in the substation. But what about oil for smaller circuits?

[Lord_of_Bone] was curious to see if an oil-cooled Raspberry Pi is possible, and the short answer is: for the most part, yes. The experimental setup seen in the video below is somewhat crude just a Pi running Quake 3 for an hour to really run up the CPU temperature, which is monitored remotely. With or without heatsinks mounted, in free air the Pi ranges from about 50C at idle to almost 70C under load, which is pretty darn hot. Dunking the Pi in a bath of plain vegetable oil, which he admits was a poor choice, changes those numbers dramatically: 37C at idle and an only warmish 48C after an hour of gaming. He also tested the Pi post-cleaning, which is where he hit a minor hiccup. The clean machine started fine but suffered from a series of reboots shortly thereafter. Twelve hours later the Pi was fine, though, so he figures a few stray drops of water that hadnt yet evaporated were to blame.

Is oil immersion a practical way to cool a Pi? Probably not. It doesnt mean people havent tried it before, of course, but we applaud the effort and the careful experimentation.

[via r/raspberry_pi]


Security updates for Monday

Security updates have been issued by Debian (blender, openjdk-8, postgresql-9.6, and sam2p), Fedora (libmspack, mingw-glib2, mingw-glibmm24, and rsyslog), Mageia (blender, glpi, godot, kernel, lftp, libjpeg, libsndfile, libsoup, mariadb, mp3gain, openvpn, and soundtouch), openSUSE (cgit, libvirt, mailman, NetworkManager-vpnc, and sddm), Slackware (bind), and SUSE (ffmpeg, glibc, and libvirt).


CVE-2018-11770: Apache Spark standalone master, Mesos REST APIs not controlled by authentication Open Source Security

Posted by Sean Owen on Aug 13

Severity: Medium

Vendor: The Apache Software Foundation

Versions Affected:
Spark versions from 1.3.0, running standalone master with REST API enabled,
or running Mesos master with cluster mode enabled


job submission, in addition to the submission mechanism used by
spark-submit. In standalone, the config property
'spark.authenticate.secret' establishes a shared secret for authenticating
requests to submit jobs via...


Even Anonymous Coders Leave Fingerprints SoylentNews

Wired is reporting on a presentation given at Def Con 26 by Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadt's former PhD student and now an assistant professor at George Washington University, entitled Even Anonymous Coders Leave Fingerprints. Stylistic expression is uniquely identifiable and not anonymous, that includes code especially. There are privacy implications for many developers because as few as 50 metrics are needed to distinguish one coder from another.

The researchers don't rely on low-level features, like how code was formatted. Instead, they create "abstract syntax trees," which reflect code's underlying structure, rather than its arbitrary components. Their technique is akin to prioritizing someone's sentence structure, instead of whether they indent each line in a paragraph.

Original Submission

Read more of this story at SoylentNews.


Flaws in Pre-Installed Apps Expose Millions of Android Devices to Hackers The Hacker News

Bought a new Android phone? What if I say your brand new smartphone can be hacked remotely? Nearly all Android phones come with useless applications pre-installed by manufacturers or carriers, usually called bloatware, and there's nothing you can do if any of them has a backdoor built-ineven if you're careful about avoiding sketchy apps. That's exactly what security researchers from mobile


Linux Kernel 4.18 Keeps Things Solid and Secure

Linus Torvalds published the 4.18 kernel on Sunday, one week later than expected. This has a been a rocky release... and its all Android's fault (more or less).


Project Orion: Detonating Nuclear Bombs For Thrust Hackaday

Rockets with nuclear bombs for propulsion sounds like a Wile E. Coyote cartoon, but it has been seriously considered as an option for the space program. Chemical rockets combust a fuel with an oxidizer within themselves and exhaust the result out the back, causing the rocket to move in the opposite direction. What if instead, you used the higher energy density of nuclear fission by detonating nuclear bombs?

Detonating the bombs within a combustion chamber would destroy the vehicle so instead youd do so from outside and behind. Each bomb would include a little propellant which would be thrown as plasma against the back of the vehicle, giving it a brief, but powerful push.

Thats just what a group of top physicists and engineers at General Atomic worked on between 1958 and 1965 under the name, Project Orion. They came close to doing nuclear testing a few times and did have success with smaller tests, exploding a series of chemical bombs which pushed a 270-pound craft up 185 feet as youll see below.

How Orion Works


Monday, 13 August


arm64 gains RETGUARD OpenBSD Journal

In a series of commits, Todd Mortimer (mortimer@) has added RETGUARD for the arm64 platform.

We previously reported the addition of RETGUARD for amd64.

Read more


Study: 3 of every 10 House candidate websites vulnerable to hacks The Hill: Technology Policy

About 30 percent of House candidates running for office this year have significant cybersecurity issues with their campaign websites, according to a new study. Four independent researchers at a security conference over the weekend unveiled...


Researchers discover volcanic heat source under major Antarctic glacier Lifeboat News: The Blog

A researcher from the University of Rhode Islands Graduate School of Oceanography and five other scientists have discovered an active volcanic heat source beneath the Pine Island Glacier in Antarctica.

The discovery and other findings, which are critical to understanding the stability of the West Antarctic Ice Sheet, of which the Pine Island Glacier is a part, are published in the paper, Evidence of an active source beneath the Pine Island Glacier, in the latest edition of Nature Communications.

Assistant Professor Brice Loose of Newport, a chemical oceanographer at GSO and the lead author, said the paper is based on research conducted during a major expedition in 2014 to Antarctica led by scientists from the United Kingdom. They worked aboard an icebreaker, the RRS James Clark Ross, from January to March, Antarcticas summer.


Small group of students beat Googles machine learning code TechWorm

AI coders from created an algorithm that outdid codes from Googles researchers

A small team of student AI (artificial intelligence) coders outperformed codes from Googles researchers, reveal an important benchmark.

Students from, a non-profit group that creates learning resources and is dedicated to making deep learning accessible to all, have created an AI algorithm that beats code from Googles researchers.

Researchers from Stanford measured the algorithm using a benchmark called DAWNBench that uses a common image classification task to track the speed of a deep-learning algorithm per dollar of compute power. According to the benchmark, the researchers found that the algorithm built by Fast.ais team had beaten Googles code. consists of part-time students who are eager to try out machine learning and convert it into a career in data science. It rents access to computers in Amazons cloud. In fact, it is important that a small organization like succeed, as it is always thought that only those who have huge resources can do advanced AI research.

The previous rankings were topped by Googles researchers in a category for training on several machines, using a custom-built collection by its own chips designed specifically for machine learning. The team was able to deliver something even faster, on more or less equivalent hardware.

State-of-the-art results are not the exclusive domain of big companies, says Jeremy Howard, one of Fast.ais founders and a prominent AI entrepreneur. Howard and his co-founder, Rachel Thomas, created to make AI more accessible and less exclusive.

Howards team have competed with the likes of Google by doing a lot of simple things, such as ensuring that the images fed to its training algorithm were cropped correctly. More information can be found in a detailed blog post. These are the obvious, dumb things that many researchers wouldnt even think to do, Howard says.

Recently, a collaborator at the Pentagons new Defense Innovation Unit developed the code needed to run the learning algorithm on several machines, to help the military work with AI and machine learning.

Although the work of is remarkable, huge amounts of data and significant compute resources are still important for several...


13aug2018 Trivium


Indonesian Island Lifted 10 Inches Lifeboat News: The Blog

Using satellite images of Lombok from the days following the Aug. 5 quake, scientists from NASA and the California Institute of Technologys joint rapid imaging project made a ground deformation map and measured changes in the islands surface.

In the northwest of the island near the epicenter, the rupturing faultline lifted the earth by a quarter of a meter. In other places it dropped by 515 centimeters (26 inches).

NASA said satellite observations can help authorities respond to earthquakes and other natural or manmade disasters.


6 Ways The Centuries-Old Art of Origami is Bringing us The Future Lifeboat News: The Blog

Scientists are using the Japanese art of origami to inspire various technological innovations, including a bulletproof shield and a deep-sea grabber.


Sunlight Might Be the Key to Turning Our Oceans Into Drinkable Water Lifeboat News: The Blog

The Department of Energy is betting big on a new technology to turn saltwater into freshwater.


AMD Threadripper 2990WX Linux Benchmarks: The 32-Core / 64-Thread Beast Phoronix

Whether you are compiling a lot of code, rendering models with Blender, or running various scientific workloads with OpenMP or MPI, the AMD Threadripper 2990WX is capable of delivering immersive Linux performance with its 32-cores and 64 total threads. While coming in at $1800 USD, the AMD Threadripper 2990WX can deliver better performance than the more expensive Intel Core i9 7980XE. Beyond being mesmerized about the performance today with this high-end desktop/workstation processor with the many thread-happy Linux workloads we encounter daily, this 32-core Zen+ processor has us even more eager to see AMD's next-generation Zen2-based EPYC CPUs next year.


AMD Threadripper 2990WX Cooling Performance - Testing Five Heatsinks & Two Water Coolers Phoronix

The 32-core / 64-thread AMD Threadripper 2990WX carries a 250 Watt TDP rating, thus the cooling performance is quite important especially if you don't want to hit any thermal throttling with this $1799 USD processor. Fortunately, the 2990WX doesn't require water cooling but actually can work quite well with high-end air heatsinks too. For adding some perspective on the cooling requirements of the Threadripper 2990WX, here are benchmarks of five heatsinks and two all-in-one water cooling systems.


AMD Threadripper 2950X Offers Great Linux Performance At $900 USD Phoronix

The embargo has expired now for talking about Threadripper 2 performance figures... First up are our initial Threadripper 2950X Linux benchmarks. In this article are the most interesting metrics for this 16-core / 32-thread processor while in the just-published AMD Threadripper 2990WX Linux Benchmarks are a lot more figures complemented by the 2950X and other CPUs plus power consumption numbers, etc. This article is most useful if specifically focused on the performance of the Threadripper 2950X that comes in at $899 USD.


SIGGRAPH 2018: OpenCL-Next Taking Shape, Vulkan Continues Evolving Phoronix

It's a busy week folks as besides the AMD Threadripper 2 performance embargo expiring, it is also SIGGRAPH 2018 week in Vancouver and as well the start of the Linux 4.19 kernel cycle... No longer under wraps are the Khronos announcements from this annual graphics conference. Continue reading to learn about the latest happenings for the various Khronos industry-standard APIs and efforts like Vulkan and OpenCL-Next.


The Strange David and Goliath Saga of Radio Frequencies SoylentNews

The email blast from the head of my son and daughter's theater group relayed a frantic plea: "We need to raise $16,000 before the upcoming spring performances," Anya Wallach, the executive director of Random Farms Kids' Theater, in Westchester, New York, wrote in late May. If the money didn't materialize in time, she warned, there could be a serious problem with the shows: nobody would hear the actors.

Random Farms, and tens of thousands of other theater companies, schools, churches, broadcasters, and myriad other interests across the country, need to buy new wireless microphones. The majority of professional wireless audio gear in America is about to become obsolete, and illegal to operate. The story of how we got to this strange point involves politics, business, science, and, of course, money.


Original Submission

Read more of this story at SoylentNews.


The LEAF Advisory Board Expands Lifeboat News: The Blog

As our organization grows and we are doing more and more things, there is an ever greater need for specialist knowledge and guidance to help inform our decisions as a company. We rely on the advice and expertize of both our scientific and business advisors and we have added to them this week with two new experts joining us.

We are delighted to announce that Steven A. Garan has joined our scientific advisory board. Steven is the Director of Bioinformatics at the Center for Research & Education on Aging (CREA) and serves on its advisory board, and he is a researcher at the Lawrence Berkeley National Laboratory. While at the University of California, Berkeley, he played a major role in the invention and the development of the Automated Imaging Microscope System (AIMS), and he collaborated for many years with a group from Paola S. Timiras lab, researching the role that caloric restriction plays in maintaining estrogen receptor-alpha and IGH-1 receptor immunoreactivity in various nuclei of the mouse hypothalamus.

Steven was also the director of the Aging Research Center and is a leading scientist in the field of aging research. His numerous publications include articles on systems biology, the effects of caloric restriction on the mouse hypothalamus, and the AIMS. He is best known for coining the word Phenomics, which was defined in Phenomics: a new direction for the study of neuroendocrine aging, an abstract published in the journal Experimental Gerontology.


Report: Google tracks users even with location history turned off The Hill: Technology Policy

Google continues to store users' location data even on phones that have privacy settings set to prevent that kind of tracking, according to an Associated Press report released Monday. The AP, along with Princeton University...


Instagram Web | Instagram Download for PC | How to run it? TechWorm

Instagram one of the worlds most leading social networking App is now available for pc (Instagram web). If you are on social media then the chances are high about your visit to this app at least once in your life. This app is loved by millions with over 700 million active users around the world. People use this app because of its simplicity and ease of use. Many leading business corporations or even startups use this platform to showcase their services and products.

It has also been called as the second home for new models as they post their beautiful pictures here and get viral. There are tons of example out there such as Doctor Mike who got viral on Instagram and claimed the title of Hottest Doctor on the planet. It is considered as the most used social networking app just after Facebook and WhatsApp. In 2012 it was sold to Facebook for $1Billion and it has been installed 1 billion times on Google Play store alone as well.

By this, you can easily judge its popularity. Now all of you must be using this amazing app on your smartphones which can be difficult sometimes in the office. So in this article, we are providing you with the best ways to use Instagram just right on your PC screens or laptops.

How to use Instagram on pc?

There are basically two ways to use Instagram on a pc or laptop. The first and most basic way to use Instagram is by using its official website or downloading an Instagram app for windows. If you are not interested in these ways then you have an option of using third party software or android emulator called Bluestacks.

Using the Instagram website (Instagram web).

Instagram Web | Instagram Download for PC |How to run it?


First: Type https://www.insta...


Security breach in the White Houses Situation Room Graham Cluley

Security breach in the White House's Situation Room

A former reality TV star was able to sneak in her smartphone and record secret conversations in the Situation Room, supposedly the most secure place in the White House.


Disciplined Traders Profit With Forex Trading Plans TechWorm

Let your winners run is profit maximizing advice for a forex trader, but instead, traders tend to exit trades too early due to a human fallacy called loss aversion. Traders fall into this mental trap because, psychologically, a loss is twice as powerful as a gain. When a loss does occur in forex tradingsay a price breakout quickly reversesowing to another mental trap called recency bias, you are likely to avoid the trade setup that caused recent losses. Over a dozen such biases can affect trading performance. Alas, if we could only take the human out of trade decisions.

Automated trading is gaining in popularity because it takes the human out of trading decisions. Traders have another optiona forex trading plan. Most trading mistakes are caused by a lack of discipline. A trading plan will instil discipline in your trading by establishing rules for trading.

What Is a Forex Trading Plan?

A forex trading plan is your strategy for when and how to enter and exit trades. Imagine you are a basketball player with no strategy for setting up a winning shot. As you dribble the ball, the other players block you, so you instinctively choose to reverse direction. If you had analyzed the players positions and likelihood of moving in A or B direction, you could have found the likeliest breakaway to sink the ball.

Forex trading is very much like basketball. You need a strategy based on historical trading performance to increase your odds of a trade running up a profit for you. Recording your trading performance in a trading journal, which could include an Excel spreadsheet, will supply you with the performance data. Also consider recording your emotions associated with trading mistakes and successes in your journal. Review five things you must have in your trading journal. When used together, a trading plan and journal can keep you in control of the market.

Steps to Creating a Forex Trading Plan

  1. Start by establishing your trading strategies, whether you are engaged in fundamental forex trading such as a news event (e.g., a central bank interest rate rise) or a technical trading pattern (e.g., a Fibonacci Pricing pattern).
  2. Gather your trading performance data. Ideally, this information has been collected in yours excel spreadsheets and/or journal. This data should inform your rules of trade.

You are now ready to develop your trading rules.

  1. Establish your trading frequency. Are you a day trader entering multiple trades a day? Do you make one trade a day? Determine your average trading frequency per day, per week, or per month.
  2. Set your trade limitation. You are a day trader who makes 10 trades a day, of which 5 are profitable. Multiply 5 by 1.2 to get your trade limitation of 6....


Wine Had A Successful GSoC 2018, Better Direct3D Game Benchmarks Phoronix

The Wine project once again participated in Google Summer of Code (GSoC) for furthering their open-source agenda of better support for Windows programs on Linux and other operating systems...


Ethics Training for Coders SoylentNews

Computer Programmers get new Tech Ethics Code

The guidelines come from the Association for Computing Machinery

Technological professionals are the first, and last, lines of defense against the misuse of technology. Nobody else understands the systems as well, and nobody else is in a position to protect specific data elements or ensure the connections between one component and another are appropriate, safe and reliable. As the role of computing continues its decades-long expansion in society, computer scientists are central to what happens next.

Personally, I am quite concerned that our Congress has not attached Responsibility with Rights when it comes to software. If someone is going to claim ownership and rights to a piece of code then protect it with electronic lock or obscurity, why aren't they also held 100% responsible if that code causes mayhem?

We just had a story here about the concerns we have about a hemoglobin based meat substitute ... and what we go through to make damn sure the substance is harmless to life before we introduce it into the food chain... and even *that* has to be completely described and its molecular structure demonstrated.

Can you imagine the uproar if Chemists started releasing anything tasty, that people would eat, and call it "food"? And would our Congress grant them the right to withhold information as to what it was? Then hold them harmless for whatever it did to people?

Original Submission

Read more of this story at SoylentNews.


Modern PC Crammed Into an Original Xbox Hackaday

When the original Microsoft Xbox was released in 2001, one of the most notable features of its design was that it used a number of off-the-shelf computer components. Inside contemporary offerings from Nintendo and Sony youll see almost nothing but proprietary components, whereas cracking open the Xbox reveals an IDE hard drive, a customized PC DVD-ROM drive, and an Intel Pentium III CPU. Depending on which team you were on, the Xboxs close relation to PC hardware of the day was either a point of honor or ridicule in the early 2000s console wars; but regardless of politics, it ended up being instrumental in all of the hacks and mods the console got over its lifetime.

In that light, [P8ntBal1551] managing to jam a modern computer into the shell of an Xbox is like having the last laugh in this nearly two-decade-old debate. Wanting to build an HTPC that wouldnt look out of place in his entertainment center, he figured the Xbox would make a suitable home for his Intel 4460 powered build. Not to say it was easy: getting all of the hardware and associated wiring inside the case took a bit of cheating, but the end result looks good enough that well give him a pass.

The key to this project is the 3D printed structure inside the Xboxs case that holds everything toget...


Compiler Fuzzing, Part 1

Much has been written about fuzzing compilers already, but there is not a lot that I could find about fuzzing compilers using more modern fuzzing techniques where coverage information is fed back into the fuzzer to find more bugs.

If you know me at all, you know I'll throw anything I can get my hands on at AFL. So I tried gcc. (And clang, and rustc -- but more about Rust in a later post.)


Hackers can manipulate Police body cam footages HackRead

By Waqas

Kiss goodbye to crucial evidence. Body cameras used by the law enforcement nowadays have already remained controversial but no one has, so far, attempted to assess the credibility of the device itself. But, at Defcon 2018, police body cameras became an object of discussion when a researcher Josh Mitchell identified these cameras to be vulnerable []

This is a post from Read the original post: Hackers can manipulate Police body cam footages


GLB: GitHub's Open Source Load Balancer

At GitHub, we serve tens of thousands of requests every second out of our network edge, operating on GitHubs metal cloud. Weve previously introduced GLB, our scalable load balancing solution for bare metal datacenters, which powers the majority of GitHubs public web and git traffic, as well as fronting some of our most critical internal systems such as highly available MySQL clusters.


IEEE Survey Ranks Programming Languages

It's been said that programming languages are akin to religion. Engineers and developers will go out of their way to defend the use of their favorite language. (Perhaps it's more the pain of learning a new language that keeps us using the old). Surely you've seen many surveys on programming language preferences. As with all surveys, the results depend on who was asked. 


Linux look Command Tutorial for Beginners (with Examples)

Linux look Command Tutorial for Beginners (with Examples)

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog