IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Thursday, 18 October

01:09

OpenSUSE Begins Preparing For Leap 15.1 (15 Service Pack 1) "IndyWatch Feed Tech"

As part of some brief openSUSE news today, some early details concerning Leap 15 Service Pack 1 (Leap 15.1) were shared...

01:06

Smashing Security #100: One flippin hundred "IndyWatch Feed Tech"

Smashing Security #100: One flippin' hundred

Yes, its the 100th edition of the Smashing Security podcast.

Theres a little celebration at both ends of this weeks podcast - but the meat of the sandwich is our normal look at the security stories of the last week - including an alarming IoT failure and a dating app disaster for Donald Trump devotees.

01:00

3D Printing, Halloween Style "IndyWatch Feed Tech"

The wonders of 3D printing dont stop coming. Whether its printing tools on the International Space Station, printing houses out of concrete, or just making spare parts for a childs toy, theres virtually nothing you cant get done with the right 3D printer, including spicing up your Halloween decorations.

Not only is this pumpkin a great-looking decoration for the season on its own, but it can also transform into a rather unsettling spider as well for a little bit of traditional Halloween surprise. The print is seven parts, which all snap into place and fold together with a set of ball-and-socket joints. While it doesnt have any automatic opening and closing from a set of servos, perhaps we will see someone come up with a motion-activated pumpkin spider transformer that will shock all the trick-or-treaters at the end of this month.

Its not too late to get one for yourself, either. The files are available on Thingiverse or through the project site. And weve seen plenty of other Halloween hacks and projects throughout the years too if youre looking for other ideas, like the recent candy machine game, a rather surprising flying human head, or this terrifying robot.

00:58

Harvard Calls for Retraction of Dozens of Studies by Noted Cardiologist "IndyWatch Feed Tech"

https://www.nytimes.com/2018/10/15/health/piero-anversa-fraud-retractions.html

A prominent cardiologist formerly at Harvard Medical School and Brigham and Women's Hospital in Boston fabricated or falsified data in 31 published studies that should be retracted, officials at the institutions have concluded.

The cardiologist, Dr. Piero Anversa, produced research suggesting that damaged heart muscle could be regenerated with stem cells, a type of cell that can transform itself into a variety of other cells.

Although other laboratories could not reproduce his findings, the work led to the formation of start-up companies to develop new treatments for heart attacks and stroke, and inspired a clinical trial funded by the National Institutes of Health.

"A couple of papers may be alarming, but 31 additional papers in question is almost unheard-of," said Benoit Bruneau, associate director of cardiovascular research at the Gladstone Institutes in San Francisco. "It is a lab's almost entire body of work, and therefore almost an entire field of research, put into question."

Read more of this story at SoylentNews.

00:30

[$] A new direction for i965 "IndyWatch Feed Tech"

Graphical applications are always pushing the limits of what the hardware can do and recent developments in the graphics world have caused Intel to rethink its 3D graphics driver. In particular, the lower CPU overhead that the Vulkan driver on Intel hardware can provide is becoming more attractive for OpenGL as well. At the 2018 X.Org Developers Conference Kenneth Graunke talked about an experimental re-architecting of the i965 driver using Gallium3Da development that came as something of a surprise to many, including him.

00:24

Twitter says it won't suspend Louis Farrakhan over tweet comparing Jews to termites "IndyWatch Feed Tech"

Twitter said Wednesday that it will not suspend Nation of Islam leader Louis Farrakhan over a tweet comparing Jews to termites, the company confirmed to The Hill. Farrakhan, who has been accused of making anti-Semitic remarks for years,&...

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Wednesday, 17 October

23:59

Naked celebrity photo hacker used to be a high school teacher "IndyWatch Feed Tech"

Former teacher admits hacking into celebrity accounts to steal naked photos

A former high school teacher is to plead guilty to hacking into the online accounts of celebrities and stealing naked photographs and other private information.

23:56

Mesa VCN JPEG Decode Patches Posted For AMD Raven Ridge "IndyWatch Feed Tech"

With the imminent Linux 4.19 kernel release there is VCN JPEG decode support within the AMDGPU DRM driver for use with Raven Ridge APUs. The accompanying user-space patches for the Radeon Gallium3D code have now been posted for making this functionality work on the Linux desktop with these Zen+Vega APUs...

23:37

GCC's Test Suite To Begin Testing C++17 By Default "IndyWatch Feed Tech"

GCC's test suite will soon begin testing the C++17 standard as part of its C++98/11/14 standard tests by default... This doesn't affect the default C++ standard used by the GCC G++ compiler at this point, but at least will help eliminate any lingering C++17 bugs as well as helping to stop regressions in the future...

23:23

The Longevity Project: Surprising Discoveries for Health and Long Life from the Landmark Eight-Decade Study: Howard S. Friedman, Leslie R. Martin: 9780452297708: Amazon.com: Books "IndyWatch Feed Tech"

An extraordinary eighty-year study has led to some unexpected discoveries about long life.

-O, The Oprah Magazine

For years we have been told to obsessively monitor when were angry, what we eat, how much we worry, and how often we go to the gym. So why isnt everyone healthy? Drawing from the most extensive study of long life ever conducted, The Longevity Project busts many long- held myths, revealing how:

23:21

Cumulative Sub-Concussive Impacts in a Single Season of Youth Football "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

In an investigation of head impact burden and change in neurocognitive function during a season of youth football, researchers find that sub-concussive impacts are not correlated with worsening performance in neurocognitive function.

[...] A research team, led by Sean Rose, MD, pediatric sports neurologist and co-director of the Complex Concussion Clinic at Nationwide Children's Hospital, followed 112 youth football players age 9-18 during the 2016 season in a prospective study.

"When trying to determine the chronic effects of repetitive sub-concussive head impacts, prospective outcomes studies are an important complement to the existing retrospective studies," says Dr. Rose. "In this study of primary school and high school football players, a battery of neurocognitive outcomes tests did not detect any worsening of performance associated with cumulative head impacts."

[...] In their secondary analysis, they found that younger age and reported history of attention deficit hyperactivity disorder (ADHD) predicted score changes on several cognitive testing measures and parent-reported ADHD symptoms. Additionally, a reported history of anxiety or depression predicted changes in scores of symptom reporting.

-- submitted from IRC


Original Submission

Read more of this story at SoylentNews.

23:05

Public funds support proposal to remove Zuckerberg as Facebook chairman "IndyWatch Feed Tech"

Several public funds that hold shares of Facebook stock are backing a proposal to remove CEO Mark Zuckerberg from his role as chairman of the company's board.State treasurers in Illinois, Rhode Island and Pennsylvania as well as New York City...

22:50

Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Tavis Ormandy on Oct 17

Apparently it wasn't clear that this allowed reading and writing of
arbitrary files, here is a full exploit (I just modified the CVE-2018-17961
exploit).

$ convert executeonly-bypass.pdf exploit.jpg
$ tail -1 ~/.bashrc
echo pwned by postscript

Thanks, Tavis.

22:36

Authorities search & seize properties of GTA Vs Infamous cheat developers "IndyWatch Feed Tech"

By Carolina

Cheat developers are constantly under the radar of Take-Two Interactive and Rockstar Games. Both companies have previously taken legal action against cheat developers for protecting their games including the very popular Grand Theft Auto V (GTA V). Last month, they launched an operation against Australian developers, who had released a well-known mod-menu cheat for GTA []

This is a post from HackRead.com Read the original post: Authorities search & seize properties of GTA Vs Infamous cheat developers

22:02

Advertisers accuse Facebook of hiding false video metrics for over a year "IndyWatch Feed Tech"

A group of advertisers suing Facebook has filed a new complaint accusing the social media giant of knowing about glitches in its ad software that misrepresented viewership for videos but not disclosing the glitch to advertisers for over a...

22:00

DIY Arc Light Makes An Unnecessarily Powerful Bicycle Headlight "IndyWatch Feed Tech"

Remember when tricking out a bike with a headlight meant clamping a big, chrome, bullet-shaped light to your handlebar and bolting a small generator to your front fork? Turning on the headlight meant flipping the generator into contact with the front wheel, powering the incandescent bulb for the few feet it took for the drag thus introduced to grind you to a halt. This ridiculous arc-lamp bicycle headlight is not that. Not by a long shot.

Were used to seeing [Alex] doing all manner of improbable, and sometimes impossible, things on his popular KREOSAN YouTube channel. And were also used to watching his videos in Russian, which detracts not a whit  from the entertainment value for Andglophones; subtitles are provided for the unadventurous, however. The electrodes for his arc light are graphite brushes from an electric streetcar, while the battery is an incredibly sketchy-looking collection of 98 18650 lithium-ion cells. A scary rats nest of coiled cable acts as a ballast to mitigate the effects of shorting when the arc is struck. The reflector is an old satellite TV dish covered in foil tape with the electrodes sitting in a makeshift holder where the feedhorn used to be. Its bright, its noisy, its dangerous, and it smokes like a fiend, but we love it.

Mounting it to the front of the bike was just for fun, of course, and it works despite the janky nature of the construction. The neighbors into whose apartments the light was projected could not be reached for comment, but we assume they were as amused as we were.

Thanks for the tip, [Nikolai].

21:47

99.7 Percent of Unique FCC Comments Favored Net Neutrality "IndyWatch Feed Tech"

Submitted via IRC for BoyceMagooglyMonkey

After removing all duplicate and fake comments filed with the Federal Communications Commission last year, a Stanford researcher has found that 99.7 percent[pdf] of public commentsabout 800,000 in allwere pro-net neutrality.

"With the fog of fraud and spam lifted from the comment corpus, lawmakers and their staff, journalists, interested citizens and policymakers can use these reports to better understand what Americans actually said about the repeal of net neutrality protections and why 800,000 Americans went further than just signing a petition for a redress of grievances by actually putting their concerns in their own words," Ryan Singel, a media and strategy fellow at Stanford University, wrote in a blog post Monday.

Source: https://motherboard.vice.com/en_us/article/3kmedj/997-percent-of-unique-fcc-comments-favored-net-neutrality


Original Submission

Read more of this story at SoylentNews.

21:15

Spectre V2 "Lite" App-To-App Protection Mode Readying For The Linux Kernel "IndyWatch Feed Tech"

We are approaching one year since the Spectre and Meltdown CPU vulnerabilities shocked the industry, and while no new CPU speculative execution vulnerabilities have been made public recently, the Linux kernel developers continue improving upon the Spectre/Meltdown software-based mitigation techniques for helping to offset incurred performance costs with current generation hardware...

21:14

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry "IndyWatch Feed Tech"

Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware.

Today Id like to share an interesting analysis of a Targeted Attack found and dissected by Yoroi (technical details are available here). The victim was one of the most important leaders in the field of security and defensive military grade Naval ecosystem in Italy. Everything started from a well-crafted email targeting the right office asking for naval engine spare parts prices. The mail was quite clear, written in a great language within detailed spare parts matching the real engine parts. The analyzed email presented two attachments to the victim:
  • A company profile, aiming to present the company who was asking for spare parts
  • A Microsoft.XLSX where (apparently) the list of the needed spare parts was available

The attacker asked for a quotation of the entire spare part list available on the spreadsheet. In such a way the victim needed to open-up the included Microsoft spreadsheet in order to enumerate the fake customer needs. Opening up The Excel File it gets infected.

Lets go deep into that file and see what is happening there. At a first sight, the office document had an encrypted content available on OleObj.1 and OleObj.2. Those objects are real Encrypted Ole Objects where the Encrypted payload sits on EncryptedPackage section and information on how to decrypt it are available on EncryptionInfo xml descriptor. However, in that time, the EncryptionInfo was holding the encryption algorithm and additional information regarding the payload but no keys were provided. The question here was disruptive. How Microsoft Excel is able to decrypt such a content if no password is requested to the end user?  In another way, if the victim opens the document and he/she is not aware of secret key how can he/she get infected? And why the attacker used an encrypted payload if the victim cannot open it?

 

Stage1: Encrypted Content
...

21:07

Arm CEO on 5G, the Fifth Wave of Computing, and the Trillion-Device World "IndyWatch Feed Tech"

The future of technology will be brought to you by the number five, say speakers at ARM TechCon

Its not exactly clear which emerging technology will bring the next major advance that rocks the world but, like an episode of Sesame Street, theres a good chance that it will be brought to you by the number 5.

That was the theme of keynote addresses that kicked off Arm TechCon 2018, a gathering of 4,000 embedded-systems specialists held in San Jose, Calif., this week. Arm CEO Simon Segars counted through computing history: Wave 1, the era of mainframe computing; Wave 2, personal computing and software; Wave 3, the Internet; and Wave 4, mobile and cloud computing.

That brought Segars to Wave 5, something not so easy to define, at least at this early stage. It will, he indicated, involve computers in everything, but simply seeing it as the Internet of Things is too narrow. The 5th Wave, he said, is an era of computing that will be data driven. The traditional algorithmic computing will give way to data flowing through machines and decisions made based on what data is telling us.

We are thinking about the system, how it works end-to-end; it is the combined compute power that is this 5th Wave, he added.

The 5th Wave will also make traditional ways of measuring computing power obsolete, Segars pointed out: We shouldnt measure devices on megahertz, gigaflops, or terawhatever. It is about the system: the devices, network, and the cloud all coming together.

This wave is going to create massive change across the tech sector and drive everything we will do for the next couple of decades, he adds.

And we are at the earliest stages of this wave. That means there is the opportunity for an awful lot of invention, said Drew Henry, ARM senior vice president.

Because the 5th Wave of computing is all about devices that communicate, Segars took attendees on a quick trip through the history of mobile communications: 2G created the ability to send text messages; 3G involved being able to load music and videos onto a device; and 4G made it possible to stream video and music, thanks to low network latency.

5G, he said, will be the biggest change of all. Network providers will no longer be thinking about the number of people or screens...

21:04

Steal This Show S04E07: Bangladesh Bank Heist, Part 1 "IndyWatch Feed Tech"

Had it succeeded, the Bangladesh Bank Heist would easily have been the biggest bank robbery in history.

It was carried out almost entirely in the digital realm, using a variety of exploits and malware, in order to leverage access to the SWIFT banking network and the US Federal Reserve.

In Part One, we look at exactly what happened in the Bangladesh heist, and walk through how it was carried out. To help us through the complex story, we hear from Cheryl Biswas, Strategic Threat Intel Analyst in Cyber Security at a Big Four consulting firm.

After covering the how of the robbery, we consider whether trusted systems like SWIFT can remain secure in an information environment replete with radically heterogeneous, eminently hackable device

Cheryl Biswas wishes to make clear that she speaks here on her own behalf Her views do not represent those of her employer.

Steal This Show aims to release bi-weekly episodes featuring insiders discussing crypto, privacy, copyright and file-sharing developments. It complements our regular reporting by adding more room for opinion, commentary, and analysis.

Host: Jamie King

Guest: Cheryl Biswas

Produced by Jamie King
Edited & Mixed by Lucas Marston
Original Music by David Triana
Web Production by Eric Barch

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

...

20:46

Linux kernel: BPF verifier bug leads to out-of-bounds access (CVE-2018-18445; 4.14.9-4.14.74; 4.15-4.18.12) "IndyWatch Feed Tech"

Posted by Jann Horn on Oct 17

NOTE: I have requested a CVE identifier, and I'm sending this message,
to make tracking of the fix easier; however, to avoid missing security
fixes without CVE identifiers, you should *NOT* be cherry-picking a
specific patch in response to a notification about a kernel security
bug.

In Linux kernel versions 4.14.9-4.14.74 and 4.15-4.18.12, faulty
computation of numeric bounds in the BPF verifier permits
out-of-bounds memory accesses because...

20:31

Court: ISPs Lack of Terminations Didnt Lure Pirating Subscribers "IndyWatch Feed Tech"

Last year several major record labels, represented by the RIAA, filed a lawsuit against ISP Grande Communications, accusing it of turning a blind eye to pirating subscribers.

According to the labels, the Internet provider knew that some of its subscribers were frequently distributing copyrighted material, but failed to take any meaningful action in response.

Grande refuted the accusations and filed a motion to dismiss the case. The ISP partially succeeded as the claims against its management company Patriot were dropped.

In addition, the vicarious infringement allegations were also dismissed. The court saw no evidence that potential customers would specifically sign up with Grande because it did not police infringing conduct by its subscribers.

The labels disagreed, however, and tried to convince the court otherwise. In May they submitted a motion for leave to file an amended complaint including new evidence obtained during discovery. Among other things, they argued that Grande willingly kept pirating subscribers aboard, to generate more revenue.

This second attempt also failed.

Yesterday, US District Court Judge Lee Yeakel denied the record labels request to file an amended complaint. He agrees with the earlier recommendation from the Magistrate Judge, who saw no new evidence which shows that pirate subscribers were specifically drawn to Grande.

First, the original Complaint alleged essentially the same or similar facts, the recommendation reads.

Second, the new allegations still fail to say anything about the motivations of Grandes subscribers when they sign up with Grande. That is, Plaintiffs still fail to plead facts showing Grande gained or lost customers because of its failure to terminate infringers.

The record labels didnt agree with this recommendation and filed their objections two weeks ago, noting that their claims are more than sufficient. The Magistrates report and recommendation lack legal grounds and overlooks important elements, they claim.

[T]he Report effectively ignores Plaintiffs other ground to satisfy the financial benefit element: that Grande profits from known repeat infringing customers to whom it provides ongoing internet service, even despite receiving notice of their infringing conduct, the labels...

20:30

Sonic Robots Dont Play Instruments, They Are The Instruments "IndyWatch Feed Tech"

[Moritz Simon Geist]s experiences as both a classically trained musician and a robotics engineer is clearly what makes his Techno Music Robots project so stunningly executed. The robotic electronic music he has created involves no traditional instruments of any kind. Instead, the robots themselves are the instruments, and every sound comes from some kind of physical element.

A motor might smack a bit of metal, a hard drive arm might tap out a rhythm, and odder sounds come from stranger devices. If its technological and can make a sound, [Moritz Simon Geist] has probably carefully explored whether it can be turned into one of his Sonic Robots. The video embedded below is an excellent example of his results, which is electronic music without a synthesizer in sight.

Weve seen robot bands before, and theyre always the product of some amazing work. The Toa Mata Lego Band are small Lego units and Compressorhead play full-sized instruments on stage, but robots that are the instruments is a different direction that still keeps the same physical element to the music.

The HackadayPrize2018 is Sponsored by:

20:29

2018: The Rise of Spying Transit Police (Updated) "IndyWatch Feed Tech"


Today's Public Transit Police Departments offer a frightening glimpse into the future of commuter surveillance.

Last year the Bay Area Rapid Transit (BART) was accused of creating an app that spied on commuters travel plans, texts and emails. At the same time the Los Angeles Metropolitan Transportation Authority began a pilot program that used facial biometric body scanners to spy on commuters.

Also in 2017 the Southeastern Pennsylvania Transportation Authority (SEPTA) unveiled their new SEPTA Transit Watch app that allows commuters to "discretely" spy on anyone. The app also sends commuters BOLO or "Be On the Look Out" alerts, essentially turning commuters into Transit Police spies. 

In New Jersey politicians considered cutting Transit Police Department funding from...

20:26

Apple launches feature giving US customers access to their data "IndyWatch Feed Tech"

Apple is now allowing customers to download copies of all of the data it holds on them as part of its initiative to contrast its data collection practices with other tech giants that have been under scrutiny in recent months.The iPhone maker...

20:22

Plans for a Modular Martian Base on that Would Provide its own Radiation Shielding "IndyWatch Feed Tech"

At this years AIAA Space and Astronautics Forum and Exposition, engineer Marco Peroni presented his proposal for a modular Martian base that would provide its own radiation shielding.

20:16

Tumblr Patches A Flaw That Could Have Exposed Users Account Info "IndyWatch Feed Tech"

Tumblr today published a report admitting the presence of a security vulnerability in its website that could have allowed hackers to steal login credentials and other private information for users' accounts. The affected information included users email addresses, protected (hashed and salted) account passwords, self-reported location (a feature no longer available), previously used email

20:16

Huawei Introduces a Memory Card That Fits into a Nano SIM Slot "IndyWatch Feed Tech"

Huawei's Nano Memory Cards are replacing microSD on its latest phones

Alongside the slate of new phones Huawei announced today was an interesting addition: a new type of expandable storage the company is calling Nano Memory (NM), which replaces the traditional microSD card in the newly announced Mate 20 and Mate 20 Pro.

On the Mate 20 and Mate 20 Pro, the NM Card goes in one of the slots on the dual-SIM tray, with users having to choose between extra storage or a second SIM card.

The SD 5.0 standard added a 90 MB/s write speed class, intended to allow for 8K and 360 video recording.

The densest microSD cards available store 512 GB, so this 45% smaller 256 GB card could be of a comparable storage density.

Related: Samsung to Offer New Type of Flash Memory Card
Western Digital Demos SD Card Using PCIe Gen 3 x1 Interface for 880 MB/s Read Speed
SD Association Raises Max Capacity to 128 TB, Speed to 985 MB/s Using PCIe and NVMe


Original Submission

Read more of this story at SoylentNews.

20:08

Scammers posted over a thousand fake Womens March events on Facebook to sell T-shirts: report "IndyWatch Feed Tech"

Scammers in Bangladesh created more than 1,700 fake Women's March Facebook pages in order to sell T-shirts, according to a CNN report.CNN reported the Facebook pages appeared to be run by local Women's March organizers when in reality they...

19:46

GreyEnergy: New malware targeting energy sector with espionage "IndyWatch Feed Tech"

By Waqas

After BlackEnergy, critical infrastructure around the world is among key targets of the new malware called GreyEnergy. In its recent research, ESET has revealed details of a new group of cybercriminals dubbed as GreyEnergy, which seems to be the replacement of BlackEnergy APT group. The BlackEnergy groups last activity was observed in December 2015 when []

This is a post from HackRead.com Read the original post: GreyEnergy: New malware targeting energy sector with espionage

19:34

Breaking News "IndyWatch Feed Tech"

Two midday breaking news items:

  • The ACME II experiment is reporting today a new, nearly order of magnitude better, limit on the electric dipole moment of the electron:
    $$|d_e|\leq 1.1 \times 10^{-29} e\ cm$$
    The previous best bound was from ACME I in 2014:
    $$|d_e|\leq 9.4 \times 10^{-29} e\ cm$$

    One significance of this is that while the SM prediction for the electron EDM is unobservably small, generically extensions of the SM predict much larger values. Already the 2014 bound was in conflict with typical SUSY models with LHC-scale supersymmetry, and was starting to rule out parts of the ranges expected for split-SUSY models (Arkani-Hameds current best bet) as well as the expected range for SO(10) GUTs (see for instance slide 25 here).

    Todays result pretty much completely rules out generic versions for both the most popular SUSY models still standing (Split SUSY), as well as the most popular class of GUTs. This provides another nail in the coffin of the SUSY-GUT paradigm which has dominated expectations for physics beyond the SM over the past forty years.

  • The Breakthrough Prize people are having their usual sort of ceremony for the 2019 prizes on November 4, with an Oscars-like production, this year hosted by Pierce Brosnan. In a break with the past, this year theyre announcing the winners in advance, see here. The $3 million physics prize goes to Kane and Mele for their work on topological insulators.

    The $3 million mathematics prize goes to Vincent Lafforgue, for his work on the Langlands correspondence. The prize description has some information about him I was unaware of:

    Deeply concerned about the ecological crisis, Lafforgue is now focused on operator algebras in quantum mechanics and devising new materials for clean energy technologies.

Update: The promotional videos for the Breakthrough Prize winners that will be shown at the November ceremony are already available on Youtube.

19:01

The Supercon Badge is a Freakin Computer "IndyWatch Feed Tech"

It hangs around your neck, comes with the cost of admission, and would blow away a desktop computer from the 1980s. This is the Hackaday Superconference badge and you can get your hands on one for the price of admission to the ultimate hardware conference.

Everyone through the door gets one of these badges featuring a 320 x 240 color display, a full qwerty keyboard, and limitless hacking potential! The stock firmware runs a BASIC interpreter, the CP/M operating system, and includes games and Easter Eggs. Its a giant playground, and we want to see what you can do with this custom hardware during the three days of Supercon. Get your ticket now, then join me after the break for a demo video and plenty more info.

This badge design by Voja Antonic was premiered at the Hackaday Belgrade conference in May and is seeing an encore performance for Supercon. It looks amazing, but what you dont realize until you have it in your hands is how much fun it is to hammer out some BASIC code on the incredibly clicky keyboard. Check out this fun figure: we ordered over 30,000 momentary switches for the assembly of these badges!

Hardware Design and Hacking

...

18:45

Swedish firm buys Falcon Heavy launch "IndyWatch Feed Tech"

WASHINGTON A Swedish company with plans for a geostationary communications satellite announced Oct. 16 a contract with SpaceX for a Falcon Heavy launch no earlier than the fourth quarter of 2020.

Ovzon of Solna, Sweden, has not yet purchased the satellite, but paid Eutelsat $1.6 million earlier this year to move one of its satellites to an unspecified Ovzon orbital slot to preserve spectrum rights at that location.

In a statement, Ovzon CEO Per Wahlberg said procurement of the companys first satellite is in the final stage, and that production of an advanced onboard processor started earlier this month.

18:44

Physicist describes the shape of a wormhole "IndyWatch Feed Tech"

A RUDN physicist demonstrated how to describe the shape of any symmetrical wormholea black hole that theoretically can be a kind of a portal between any two points in space and timebased on its wave spectrum. The research would help understand the physics of wormholes and better identify their physical characteristics. The article was published in the Physics Letters B journal.

Modern concepts of the universe provide for the existence of wormholesunusual curvatures in space and time. Physicists imagine a as a black hole through which one can see a distant point of the universe in four dimensions. Astrophysicists are still unable to determine the shape and sizes of precisely, let alone theoretical wormholes. A RUDN physicist has now demonstrated that the shape of a wormhole can be calculated based on observable .

In practice, physicists can observe only indirect properties of wormholes, such as red shifta downward shift in the frequency of gravitational waves in the course of moving away from an object. Roman Konoplya, a research assistant from the RUDN Institute of Gravitation and Cosmology, the author of the work, used quantum mechanical and geometrical assumptions and showed that the shape and mass of a wormhole can be calculated based on the red shift value and the range of gravitational waves in high frequencies.

18:43

New Details On System76's Open-Source Hardware Plans Come To Light "IndyWatch Feed Tech"

Longtime Ubuntu/Linux PC vendor System76 has been teasing their efforts around an "open-source computer" and other open-source hardware efforts now that they are in the home stretch of setting up their own US-based manufacturing facility. Some new details on their initial aspirations are now out there...

18:39

Raspberry Pi Fans Up in Arms as Mathematica Disappears From Raspbian Downloads "IndyWatch Feed Tech"

Submitted via IRC for Bytram

Raspberry Pi fans up in arms as Mathematica disappears from Raspbian downloads

Knickers have become ever so twisty over the last few days as fans of the diminutive Raspberry Pi computer and its Raspbian operating system noted that Mathematica had been "removed".

Discussions soon popped up on the Raspberry Pi Foundation's own forums and elsewhere as to what the exclusion might mean.

The leading theory was that the contract that allowed the Foundation to bundle the pricey system for free for the education-orientated Pi had expired. Mathematica Desktop for Students, after all, starts at 105 (plus taxes), so getting it for free made the Pi somewhat of a steal.

A Raspberry Pi engineer confirmed the expiration theory in a forum posting, stating: "The contract was for five years and has expired."

However, Wolfram Research contradicted this yesterday with a tweet confirming that Mathematica would indeed continue to be available on the Pi and even gave some handy commands to download the thing.

[...] El Reg additionally got in touch with the Raspberry Pi Foundation and were told by its head honcho, Eben Upton, that the issue was also one of download size (as observed by several forum posters). Upton observed that removing Mathematica "takes a chunk of size out of the most commonly downloaded image (it's never been present in the 'lite' image, but this also lacks the desktop and various other bits)".

However, with not a little bit of understatement, he added: "That said, there's been lots of grumbling, so we might end up putting it back."

Going forwards, Mathematica could well end up being installed on physical media (such as SD cards) but left as an option for downloads.


Original Submission

...

18:36

[$] Secure key handling using the TPM "IndyWatch Feed Tech"

Trusted Computing has not had the best reputation over the years Richard Stallman dubbing it "Treacherous Computing" probably hasn't helped though those fears of taking away users' control of their computers have not proven to be founded, at least yet. But the Trusted Platform Module, or TPM, inside your computer can do more than just potentially enable lockdown. In our second report from Kernel Recipes 2018, we look at a talk from James Bottomley about how the TPM works, how to talk to it, and how he's using it to improve his key handling.

18:29

Links 17/10/2018: Elementary OS 5.0 Juno Released, MongoDBs Server Side Public Licence "IndyWatch Feed Tech"

GNOME bluefish

Contents

GNU/Linux

18:00

Friday Hack Chat: Visual Synthesis "IndyWatch Feed Tech"

For this weeks Hack Chat, were going to be discussing generating analog video for visual synthesis. Whats on the front porch?

Our guest for this weeks Hack Chat will be Jonas Bers, an audiovisual artist and performer. For their work they used hacked video mixers, a hand-built video synthesizer, and various pieces of restored/modded lab equipment and military surplus devices. Jonas has also developed the CHA/V, the Cheap, Hacky, A/V, an open source, DIY, audiovisual video synthesizer. This video synth has been built by people around the world, and has been the subject of international workshops in fancy art schools. Its a dirt-cheap video synth, quick and easy to make, expandable and customization as a part in a larger system, and requires no computer, Arduino, microcontroller, or programming.

Jonas will be discussing entry points into hardware-based real-time video synthesis such as their own tutorial for the CHA/V, and the LZX cadet/castle DIY series. If you enjoy making analog audio circuits, and you are interested in video synthesis, they can suggest some good places to start and helpful resources. Jonass personal practi...

17:42

The 69th Congress of the International Astronautical Federation, in Bremen, celebrated NewSpace, without Musk, Bezos, and Branson "IndyWatch Feed Tech"

SRI Newsletter #06 2018 Great success both for the public and for the speakers, despite the enrollment fees definitely out of budget for many: more than 6300 registered participants, of which almost 50% very young, more than 2000 papers presented in the various symposia. The title of the Congress was very interesting: Involving everyone. This gave the impression that there was plenty of space at the Congress for the themes of civil development in space. The attention to the impetuous development of the NewSpace sector is now felt everywhere, and the most important global space congress could not avoid being impacted. After all, it is thanks to the growth of the NewSpace sector if the IAF Congress has recorded this remarkable success. But which were the predominant themes of the Congress? Has the promise announced in the title been kept? In part, yes, but a lot of work remains to be done. And the main NewSpace entrepreneurs didnt come to Bremen. Read the whole article.


The 69th Congress of the International Astronautical Federation took place in the halls of the Bremen exhibition center from 1 to 5 October.

Great success both for the public and for the speakers, despite the enrollment fees definitely out of budget for many: more than 6300 registered participants, of which almost 50% very young, more than 2000 papers presented in the various symposia. The title of the Congress was very interesting: Involving everyone. This gave the impression that there was plenty of space at the Congress for the themes of civil development in space. The attention to the impetuous development of the NewSpace sector is now felt everywhere, and the most important global space congress could not avoid being impacted. After all, it is thanks to the growth of the NewSpace sector if the IAF Congress has recorded this remarkable success. But which were the predominant themes of the Congress? Has the promise announced in the title been kept? In part, yes, but a lot of work remains to be done.

One aim was to include everyone, for example, in the exploration of the Moon. And we have seen some concrete cases of inclusion. The company Part Time Scientists, earlier in the context of the Lunar X-Prize, and then with the development of subsequent innovative projects, has put in place a lunar exploration project, in which some industries not belonging to the aerospace sector are involved as technological partners, as well as sponsors, s...

17:39

The Pirate Bay And Other Sites Ordered To Be Blocked By ISP Telia "IndyWatch Feed Tech"

ISP Telia has been ordered by the court to block The Pirate Bay, Fmovies, Dreamfilm, and other sites

Telia, an internet service provider (ISP) which operates in Sweden, in an interim ruling on Monday has been ordered by Swedens Patent and Market Court to block large torrent and streaming platforms, such as The Pirate Bay, Dreamfilm, FMovies, and NyaFilmer.

The decision comes following a complaint by a huge association of content companies and groups including the Swedish Film Industry, Nordisk Film, Disney, Paramount, Columbia, Disney, and Twentieth Century Fox.

Also Read: The Pirate Bay Alternatives- 10 Best Torrent Sites like TPB (2018)

Site-blocking has become one of the preferred anti-piracy tools by many content companies and distributors who are looking to decrease the level of copyright infringement.

It all started in Sweden last year when the Swedish Patent and Market Court of Appeal ordered local ISP Bredbandsbolaget (Broadband Company) to block The Pirate Bay and streaming site Swefilmer. Back then, Telia said that it would not block The Pirate Bay, unless it is forced to do so by law and that the decision only affected Bredbandsbolaget.

The order by the Patent and Market Court has now put Telia in the same situation that Bredbandsbolaget was last year.

Per Strmbck of the Film and TV Industry Cooperation Committee said in a statement that a favorable decision was expected, reported IDG.

The decision was expected and complies with the current legal situation. Now its high time that Telia takes the same responsibility in Sweden as it already does in Denmark and Norway, Strmbck said.

However, site blocking in Sweden is not as easy as it seems, as the same was observed in last years decision in the Bredbandsbolaget case.

Apparently, the Court discovered that under EU law, the copyright holders can obtain an injunction against ISPs whose services are used to carry out copyright infringement, mentioning that the Swedish Copyright Act should be interpreted in the light of EU law.

The Court also wanted to ensure before deciding on an injunction that any blocking would be proportional. A blocking order is now considered an appropriate response since sites like The Pirate Bay and similar platforms primarily offer illegally-distributed copyright-protected content.

The interim ruling handed by the Court on Monday will be valid from October 30. Effective that date, Telia will stop providing subscribers access to the sites that are mentioned in the complaint and will continue to follow it until the cas...

17:30

Balancing Robots From Off-The-Shelf Parts "IndyWatch Feed Tech"

In this day and age, we are truly blessed as far as the electronics hobby is concerned. Advanced modules such as gyros and motor controllers are readily available, not just as individual parts, but as pre-soldered modules that can be wired together with a minimum of fuss and at low cost. This simple balancing robot is a great example of what can be done with such parts (Google Translate link).

The robot has an ESP32 running the show, which provides both the processing power required, as well as the WiFi interface used to control the bot from a smartphone. This is achieved using an app from JJRobots, an open-source robotics teaching resource. Stepper motors are controlled by DRV8825 modules sourced from amazon, and an MPU6050 gyro rounds out the major components. Naturally, source code is available on GitHub for your reading pleasure.

Its remarkable that in this day and age, its possible to build such a project with little to no soldering required at all. With a credit card and a healthy supply of patch leads, its possible to whip up complex digital projects quite quickly. Weve seen a similar approach before, too. Video after the break.

[Thanks to Baldpower for the tip!]

17:15

Windows 10 October 2018 Update Build 17763.104 released to Insiders with fixes "IndyWatch Feed Tech"

Patched Windows 10 October 2018 Update Build 17763.104 Released To Slow And Release Preview Rings

This cumulative update KB4464455 that brings the build number up to 17763.104 comes after the file deletion bug that saw Microsoft pausing the rollout of Windows 10 October 2018 update to the public.

The new update adds no new features. According to Microsoft, the Cumulative Update contains the following fixes:

  • We have fixed the issue where the incorrect details were being shown in Task Manager under the Processes tab.
  • We fixed an issue where in certain cases IME would not work in the first process of a Microsoft Edge user session.
  • We fixed an issue where in some cases applications would become unresponsive after resuming from Connected Standby.
  • We fixed several issues causing application compatibility problems with 3rd-party antivirus and virtualization products.
  • We fixed several issues with driver compatibility.

While the new update adds no new features, it, however, does fix the bug in Task Manager in Windows 10 October 2018 Update that caused it to incorrectly report CPU usage. It has also fixed driver compatibility issues and capability issues with 3rd-party antivirus product experienced by some users.

Currently, Microsoft has paused the Windows 10 October 2018 Update and it is unclear when it would re-release the final patch that has fixed all the critical issues.

Insiders in the Slow and Release Preview Ring can install the latest updates by opening Settings, then navigating to Updates & Security and tapping on check for updates button.

The post Windows 10 October 2018 Update Build 17763.104 released to Insiders with fixes appeared first on TechWorm.

17:08

Security updates for Wednesday "IndyWatch Feed Tech"

Security updates have been issued by CentOS (tomcat), Debian (asterisk, graphicsmagick, and libpdfbox-java), openSUSE (apache2 and git), Oracle (tomcat), Red Hat (kernel and Satellite 6.4), Slackware (libssh), SUSE (binutils, ImageMagick, and libssh), and Ubuntu (clamav, libssh, moin, and paramiko).

17:03

Re: ghostscript: bypassing executeonly to escape -dSAFER sandbox (CVE-2018-17961) "IndyWatch Feed Tech"

Posted by Rich Felker on Oct 17

I don't, but one further idea that might appeal to upstream if they
want the fs bindings for the sake of executing ancient programs
written in postscript that operate on files: rather than binding to
actual fs operations on the host, implement a virtual filesystem
within the interpreter, and require explicit command line options to
import/export files from/to the real filesystem at entry/exit.

Rich

17:00

A Techies Tour of New York City "IndyWatch Feed Tech"

Here are some NYC attractions that you wont find in the guidebooks

Do your travel plans include New York City? Are you a techie? If the answer to those questions is yes, let IEEE Spectrum be your guide! Weve put together a list of some of our favorite places to visit, including important locations in the history of electrotechnology (New York was once the center of the electrical and electronic world) and places where fun and interesting things are happening today. See where Nikola Tesla lived, check out cutting-edge artists working with technology, or take the kids to see an Atlas and Titan rocket. 

All the locations are accessible via the subway, and many are free to visit. If you do visit, take a selfie and post a link in the comments below. 

16:58

Jaguar Considers Transformation to EV-Only Brand "IndyWatch Feed Tech"

Autocar reports:

Jaguar Land Rover bosses are considering a plan to turn Jaguar into an EV-only brand within the next decade, Autocar has learned.

It is understood that company product planners have produced an outline strategy under which Jaguar's conventional vehicle range would be phased out over the next five to seven years, to be replaced by pure-electric vehicles.

Jaguar Land Rover bosses are considering a plan to turn Jaguar into an EV-only brand within the next decade, Autocar has learned.  

It is understood that company product planners have produced an outline strategy under which Jaguar's conventional vehicle range would be phased out over the next five to seven years, to be replaced by fully electric vehicles. 

Under the plans being considered, a full-on luxury electric saloon, replacing the unloved XJ, is expected within two years. It will be a direct competitor for Porsche's upcoming Taycan, alongside strong-selling cars such as the Tesla Model S

Rethought as an electric vehicle, the new XJ will both play to the strengths of the 1967 original by offering segment-leading refinement and ride and look to the future by completely reinventing the classic Jaguar interior. 

It is understood that the new XJ will be a no-holds-barred luxury car in every sense, offering customers a zero-pollution alternative to a Mercedes-Benz S-Class or even a Bentley Flying Spur.


Original Submission

Read more of this story at SoylentNews.

16:53

Arm Launches Mbed Linux and Extends Pelion IoT Service "IndyWatch Feed Tech"

Politics and international relations may be fraught with acrimony these days, but the tech world seems a bit friendlier of late. Last week Microsoft joined the Open Invention Network and agreed to grant a royalty-free, unrestricted license of its 60,000-patent portfolio to other OIN members, thereby enabling Android and Linux device manufacturers to avoid exorbitant patent payments.

16:23

Startups in the Aging Sector Ending Age-Related Diseases 2018 "IndyWatch Feed Tech"

Earlier this year, we hosted the Ending Age-Related Diseases 2018 conference at the Cooper Union in New York City. This conference was designed to bring together the best in the aging research and biotech investment worlds and saw a range of industry experts sharing their insights.

Dr. Oliver Medvedik, LEAF vice president and Director of the Maurice Kanbar Center for Biomedical Engineering at the Cooper Union, chaired a panel with a focus on starting up biotech companies and dealing with the challenges inherent to launching a company in this industry.

16:18

LuminosityLink Hacking Tool Author Gets 30-Months Prison Sentence "IndyWatch Feed Tech"

A 21-year-old Kentucky man who previously pleaded guilty to developing, marketing, and selling an infamous remote access trojan (RAT) called LuminosityLink has now been sentenced to 30 months in prison. According to a press release published Monday by U.S. Attorneys Office, Colton Grubbs, who used online moniker 'KFC Watermelon,' was pleaded guilty for three counts--unlawfully accessing

16:05

Tips for an Information Security Analyst/Pentester career - Ep. 67: OSCP path and some considerations - What I did wrong and what I'd change "IndyWatch Feed Tech"

I've been studying for my OSCP certification over the last three months.

I've gone silent, because I'm in full OSCP mode and I'm totally absorbed by my study. 

However, I now feel the need, after all this time into the class and being close to the exam, to express some considerations.

I can't reveal too much about the lab machines and the exam, but I can nonetheless give some advice to who's thinking of approaching this certification.

OSCP general considerations

I won't spend a lot of words about what OSCP is and how to achieve it.

Too many people have already talked about this topic way too much for me to further add to it.

I only need to remark the acronym stands for Offensive Security Certified Professional.

For you to achieve this certification, you need to go through the Penetration Testing with Kali Linux (PWK) class.


As for the OSCP exam, rules are different than the lab, in that they're way stricter (see here: https://support.offensive-security.com/#!oscp-exam-guide.md)

Hands-on tips

  • Metasploit can be utilized only once in the exam, so get used to help it in the lab. You can use Metasploit and Meterpreter on a single machine of your choice, while you can freely use msfvenom and multi/handler. Moreoever, if your payload doesn't work on a machine, you can't use it anymore in the exam.
    My take on this is you guys should learn how to exploit machines without it. Yes, you'll go much slower but you'll learn much more. Additionally, I often have better results with manual exploits than with Metasploit modules, as the latter ones work only if specific conditions are met. I found this...

16:04

DragonFlyBSD Continues Squeezing More Performance Out Of AMD's Threadripper 2990WX "IndyWatch Feed Tech"

DragonFlyBSD 5.4 should be a really great release if you are a BSD user and have an AMD Threadripper 2 box, particularly the flagship Threadripper 2990WX 32-core / 64-thread processor.

16:01

Hacking When It Counts: Setting Sail in a Submarine "IndyWatch Feed Tech"

By the early 20th century, naval warfare was undergoing drastic technological changes. Ships were getting better and faster engines and were being outfitted with wireless communications, while naval aviation was coming into its own. The most dramatic changes were taking place below the surface of the ocean, though, as brave men stuffed themselves into steel tubes designed to sink and, usually, surface, and to attack by stealth and cunning rather than brute force. The submarine was becoming a major part of the worlds navies, albeit a feared and hated one.

For as much animosity as there was between sailors of surface vessels and those that chose the life of a submariner, and for as vastly different as a battleship or cruiser seems from a submarine, they all had one thing in common: the battle against the sea. Sailors and their ships are always on their own dealing with forces that can swat them out of existence in an instant. As a result, mariners have a long history of doing whatever it takes to get back to shore safely even if that means turning a submarine into a sailboat.

Pigs of the Sea

R-14 at the pier. Source: Pigboats.com

The first generation of militarily important submarines were, to modern eyes, terribly primitive affairs. Compared to...

15:59

These Researchers Want to Send Smells Over the Internet "IndyWatch Feed Tech"

Electrical stimulation of cells in the nasal passages produces sweet fragrances and chemical odors

Imagine a virtual reality movie about the Civil War where you can smell the smoke from the soldiers rifles. Or an online dating site where the profiles are scented with perfume or cologne. Or an augmented reality app that lets you point your phone at a restaurant menu and sample the aroma of each dish. 

The researchers who are working on digital smell are still a very long way from such applicationsin part because their technologys form factor leaves something to be desired. Right now, catching a whiff of the future means sticking a cable up your nose, so electrodes can make contact with neurons deep in the nasal passages. But theyve got some ideas for improvements. 

This digital smell research is led by Kasun Karunanayaka, a senior research fellow at the Imagineering Institute in Malaysia. He started the project as a Ph.D. student with Adrian Cheok, now director of the institute and a professor at the City University of London, whos on a quest to create a multisensory Internet. In one of Cheoks earliest projects he sent hugs to chickens, and his students have also worked with digital kisses and electric taste.

Karunanayaka says most prior experiments with digital smell have involved chemical cartridges in devices that attach to computers or phones; sending a command to the device triggers the release of substances, which mix together to produce an odor.

Working in that chemical realm, Karunanayakas team is collaborating with a Japanese startup called Scentee that he says is developing the worlds first smartphone gadget that can produce smell sensations. Theyre working together on a Scentee app that integrates with other apps to add smells to various smartphone functions. For example, the app could link to your morning alarm to get the day started with the smell of coffee, or could add fragrances to texts so that messages from different friends come with distinct aromas.

But Karunanayakas team wanted to find an alternative to chemical devices with cartridges that req...

15:55

Tesla secures land in China for first plant abroad "IndyWatch Feed Tech"

Tesla said Wednesday that it has secured land in Shanghai to build its first plant outside of the U.S., according to The Associated Press.The electric carmaker first announced its plans to expand overseas in July after the Chinese government...

15:49

Twitter releases data on Iranian, Russian influence campaigns "IndyWatch Feed Tech"

Twitter is releasing an archive of all of the content it has discovered from Russian and Iranian disinformation campaigns since 2016.The company announced Wednesday that the release of the datasets is intended to allow researchers to analyze how the...

15:48

Thousands of servers easy to hack due to a LibSSH Flaw "IndyWatch Feed Tech"

The Libssh library is affected by a severe flaw that could be exploited by attackers to completely bypass authentication and take over a vulnerable server.

The Secure Shell (SSH) implementation library, the Libssh, is affected by a four-year-old severe vulnerability that could be exploited by attackers to completely bypass authentication and take over a vulnerable server without requiring a password.

The issue tracked as CVE-2018-10933 was discovered by Peter Winter-Smith from NCC Group, it ties a coding error in Libssh.

The exploitation of the flaw is very trivial, an attacker only needs to send an SSH2_MSG_USERAUTH_SUCCESS message to a server with an SSH connection enabled when it expects an SSH2_MSG_USERAUTH_REQUEST message.

libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials. reads the security advisory.

The library fails to validate if the incoming successful login packet was sent by the server or the client, and also fails to check if the authentication process has been successfully completed.

This means that if a remote attacker sends the SSH2_MSG_USERAUTH_SUCCESS response to libssh, the library considers that the authentication has been successfully completed.

Thousands of vulnerable servers are exposed online, by querying the Shodan search engine we can see that more than 6,500 servers are affected by the issue.

But before you get frightened, you should know that neither the widely used OpenSSH nor Githubs implementation of libssh was affected by the vulnerability.

The Libssh maintainers addressed the flaw with the release of the libssh versions 0.8.4 and 0.7.6.

Experts pointed out that GitHub and OpenSSH implementations of the libssh library are not affected by the flaw.

15:31

Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Bob Friesenhahn on Oct 17

Memory allocations would build to extremely large values across
hundreds of rendered pages. Use of Ghostscript in interactive
programs is still surely common. Programs using libgs will inherit
any leaks. These leaks and other issues should be fixed.

Keep in mind that Ghostscript is also used to render/view PDF files.
When interactively viewing it is common to do just-in-time rendering.

15:23

Re: ghostscript: bypassing executeonly to escape -dSAFER sandbox (CVE-2018-17961) "IndyWatch Feed Tech"

Posted by Perry E. Metzger on Oct 17

On Wed, 17 Oct 2018 02:09:28 -0400 Rich Felker
wrote:

Does anyone other than Tavis know their way around the inside of the
codebase? Perhaps we can collaborate on patches.

Perry

15:15

Facepunch - 342,913 breached accounts "IndyWatch Feed Tech"

In June 2016, the game development studio Facepunch suffered a data breach that exposed 343k users. The breached data included usernames, email and IP addresses, dates of birth and salted MD5 password hashes. Facepunch advised they were aware of the incident and had notified people at the time. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.

14:53

Oracle CPU October 2018: 301 vulnerabilities patched "IndyWatch Feed Tech"

Oracle has released its Critical Patch Update for October 2018, fixing 301 vulnerabilities across a wide range of its products, including Oracle Database Server, Oracle E-Business Suite, Oracle Java SE, and others. As with previous Critical Patch Update releases, a significant proportion of the patches is for third-party components (non-Oracle CVEs, including open source components), Oracle Software Security Assurance Director Eric Maurice has noted. This CPU is the last one scheduled for 2018, and brings More

The post Oracle CPU October 2018: 301 vulnerabilities patched appeared first on Help Net Security.

14:48

Re: CVE-2018-10933: libssh: authentication bypass in server code "IndyWatch Feed Tech"

Posted by Minh Tuan Luong on Oct 17

I have coded a simple POC for this CVE:

--- CVE-2018-10933.py ----

import paramiko
import socket
import sys

nbytes = 4096
hostname = "127.0.0.1"
port = 2222

sock = socket.socket()
try:
    sock.connect((hostname, port))
    # instantiate transport
    m = paramiko.message.Message()
    transport = paramiko.transport.Transport(sock)
    transport.start_client()

   ...

14:37

Why Scientists Had Trouble Predicting Hurricane Michaels Rapid Intensification "IndyWatch Feed Tech"

Submitted via IRC for Bytram

Why scientists had trouble predicting Hurricane Michael's rapid intensification

Hurricane Michael roared into Mexico Beach, Florida, on 10 October as the strongest storm ever to strike the Florida Panhandle in terms of wind speed, and the third strongest to make landfall in the continental United States. The storm caused severe damage to several coastal communities, Tyndall Air Force Base, and Florida State University's Panama City campus. Officials have attributed 18 deaths to the storm and dozens of people have been reported missing.

Although National Hurricane Center (NHC) forecasters were able to predict where and when Michael was likely to make landfall several days in advance, the storm's rapid intensificationjumping from a Category 2 to just shy of a Category 5 in 24 hoursproved tougher to anticipate. NHC defines "rapid intensification" as a storm's maximum sustained winds increasing by at least 56 kilometers per hour in 24 hours or less. Michael underwent at least three intensification periods on its 5-day march toward the coast.

"Predicting a hurricane's track is relatively straightforward because storms are propelled in one direction or another by the large-scale air currents in the atmosphere," says Robert Rogers, a meteorologist at the National Oceanic and Atmospheric Administration's (NOAA's) Hurricane Research Division in Miami, Florida. "We've gotten a much better handle on predicting those large-scale currents over the past 20 years."

But when it comes to predicting changes to a storm's intensity, the underlying physics becomes much more complicated, says Kerry Emanuel, a professor of atmospheric sciences at the Massachusetts Institute of Technology in Cambridge. That's because hurricanes are complex, massive rotating heat engines, Emanuel says, fueled by a favorable combination of warm ocean water, moist air, and consistent atmospheric winds.


Original Submission

Read more of this story at SoylentNews.

14:34

China May Have $5.8 Trillion in Hidden Debt With Titanic Risks "IndyWatch Feed Tech"

Via: Bloomberg: Chinas local governments may have accumulated 40 trillion yuan ($5.8 trillion) of off-balance sheet debt, or even more, suggesting further defaults are in store, according to S&P Global Ratings. The potential amount of debt is an iceberg with titanic credit risks, S&P credit analysts led by Gloria Lu wrote in a report Tuesday. []

13:55

CVE-2018-12617 Qemu: qemu-guest-agent: Integer overflow in qmp_guest_file_read may lead to crash "IndyWatch Feed Tech"

Posted by P J P on Oct 17

Hello,

The QEMU Guest Agent in QEMU is vulnerable to an integer overflow in the
qmp_guest_file_read(). An attacker could exploit this by sending a crafted QMP
command (including guest-file-read with a large count value) to the agent via
the listening socket to trigger a g_malloc() call with a large memory chunk
resulting in a segmentation fault.

A user could use this flaw to crash the Qemu-guest-agent resulting in DoS.

Upstream Patch:...

13:42

Howard S. Friedman "IndyWatch Feed Tech"

Surprising discoveries for health and long life.


An extraordinary eighty-year study has led to some unexpected discoveries about long life.

-O, The Oprah Magazine

For years we have been told to obsessively monitor when were angry, what we eat, how much we worry, and how often we go to the gym. So why isnt everyone healthy? Drawing from the most extensive study of long life ever conducted, The Longevity Project busts many long- held myths, revealing how:

13:24

What can neuroscience tell us about ethics? "IndyWatch Feed Tech"

Today on The Neuroethics Blog is a post by Adina L. Roskies, Professor of Philosophy and chair of the Cognitive Science Program and Helman Family Distinguished Professor at Dartmouth College, entitled What can neuroscience tell us about ethics?


By Adina L. Roskies Image courtesy of Bill Sanderson, Wellcome Collection What can neuroscience tell us about ethics? Some say nothing ethics is a normative discipline that concerns the way the world should be, while neuroscience is normatively insignificant: it is a descriptive science which tells us about the way the world is. This seems in line with what is sometimes called Humes Law, the claim that one cannot derive an ought from an is (Cohon, 2018). This claim is contentious and its scope unclear, but it certainly does seem true of demonstrative arguments, at the least. Neuroethics, by its name, however, seems to suggest that neuroscience is relevant for ethical thought, and indeed some have taken it to be a fact that neuroscience has delivered ethical consequences. It seems to me that there is some confusion about this issue, and so here Id like to clarify the ways in which I think neuroscience can be relevant to ethics.

13:22

Pirate Party enters parliament in Luxembourg, gets 17% in Prague "IndyWatch Feed Tech"

Photo by Jewel Mitchell on Unsplash

Pirate Parties:This past weekend, elections were held in Luxembourg and the Czech Republic. The Pirate Party of Luxembourg tripled their support and entered the Luxembourg Parliament with two MPs, and in the Czech Republic, the Pirate Party increased their support further now receiving a full 17% in Prague.

With 6.45% of the votes of the final tally, the Luxembourg Pirate Party is entering its national Parliament, being the fifth Pirate Party to enter a national or supranational legislature (after Sweden, Germany, Iceland, and the Czech Republic). This may not seem like much, but it is a very big deal, for reasons Ill elaborate on later. A big congratulations to Sven Clement and Marc Goergen, new Members of Parliament for Luxembourg!

Further, the Czech Republic has had municipal elections, and the Czech Pirate Party showed a full 17.1% support in Prague, the Czech capital, making the Pirates the second biggest party with a very narrow gap to the first place (at 17.9%). This may or may not translate to votes for the Czech national legislature, but is nevertheless the highest score recorded so far for a Pirate Party election day. I understand the Czech Pirates have as many as 275 (two hundred and seventy-five!) newly-elected members of city councils, up from 21 (twenty-one). Well done, well done indeed!

For people in a winner-takes-all system, like the UK or United States, this may sound like a mediocre result. In those countries, there are usually only two parties, and the loser with 49% of the vote gets nothing. However, most of Europe have so-called proportional systems, where 5% of the nationwide votes gives you 5% of the national legislation seats. In these systems, the parties elected to Parliament negotiate between themselves to find a ruling majority coalition of 51%+ of the seats, trying to negotiate common positions between parties that are reasonably close to each other in policy. This usually requires a few weeks of intense negotiations between the elections and the presentation of a successfully negotiated majority coalition.

Fu...

13:13

Carnegie Mellon is Saving Old Software from Oblivion "IndyWatch Feed Tech"

A prototype archiving system called Olive lets vintage code run on todays computers.

Researchers growing dependence on computers and the difficulty they encounter when attempting to run old software are hampering their ability to check published results. The problem of obsolescent software is thus eroding the very premise of reproducibilitywhich is, after all, the bedrock of science. ...

13:05

News From M.I.T. "IndyWatch Feed Tech"

M.I.T. Plans College for Artificial Intelligence, Backed by $1 Billion

Submitted via IRC for BoyceMagooglyMonkey

M.I.T. Plans College for Artificial Intelligence, Backed by $1 Billion

Every major university is wrestling with how to adapt to the technology wave of artificial intelligence how to prepare students not only to harness the powerful tools of A.I., but also to thoughtfully weigh its ethical and social implications. A.I. courses, conferences and joint majors have proliferated in the last few years.

But the Massachusetts Institute of Technology is taking a particularly ambitious step, creating a new college backed by a planned investment of $1 billion. Two-thirds of the funds have already been raised, M.I.T. said, in announcing the initiative on Monday.

The linchpin gift of $350 million came from Stephen A. Schwarzman, chief executive of the Blackstone Group, the big private equity firm. The college, called the M.I.T. Stephen A. Schwarzman College of Computing, will create 50 new faculty positions and many more fellowships for graduate students.

It is scheduled to begin in the fall semester next year, housed in other buildings before moving into its own new space in 2022.

Read more of this story at SoylentNews.

13:02

Coreboot's Flashrom Working On Radeon GPU Flashing Support "IndyWatch Feed Tech"

Former RadeonHD driver developer Luc Verhaegen is back at the AMD Radeon GPU reverse-engineering game. He's now pursuing Radeon firmware flashing with the Coreboot Flashrom utility...

13:00

Run and Scale a Distributed Crossword Puzzle App with CI/CD on Kubernetes (Part 3) "IndyWatch Feed Tech"

Title: 
Run and Scale a Distributed Crossword Puzzle App with CI/CD on Kubernetes (Part 3)

13:00

Flamethrower Gets Update, Retains Some Sketchiness "IndyWatch Feed Tech"

Part of what makes flamethrowers fun is their inherent danger. This is what makes a lot of things fun, though, from snowboarding to skydiving to motorcycle riding. As with all of these sensible hobbies, though, its important to take as much unnecessary risk out of the activity as possible to make sure youre around as long as possible to enjoy your chosen activity. With that in mind, [Stephen] decided to make some improvements on his classic wrist-mounted flamethrower.

To start, he ditched the heavy lead-acid battery that powered the contraption in favor of a smaller 5 V battery. In fact, the entire build is much more compact and efficient. He was also able to use the same battery to run a tiny taser that acts as an ignition source for the flamethrowers fuel. The fuel itself is butane, and the modified flamethrower is able to launch flames much further than the original due to improvements in the fuel delivery system. These improvements also include Finding a way to prevent butane droplets from lighting and landing on [his] hand which seems like a necessary feature as well.

The entire build now is very well refined and professional-looking, which is also a major improvement from the first version. Its also worth watching the video after the break as well, which includes a minor run-in with the New York City fire marshal. And, it still retains some of the danger and all of the fun of the original builds which is something we always like to see.

 

12:39

LibSSH Flaw Allows Hackers to Take Over Servers Without Password "IndyWatch Feed Tech"

A four-year-old severe vulnerability has been discovered in the Secure Shell (SSH) implementation library known as Libssh that could allow anyone to completely bypass authentication and gain unfettered administrative control over a vulnerable server without requiring a password. The security vulnerability, tracked as CVE-2018-10933, is an authentication-bypass issue that was introduced in

12:02

Undoing Aging 2019 is on the horizon "IndyWatch Feed Tech"

It will be our second conference totally focussed on the science of actual human rejuvenation therapies to repair the damage of aging.


We are happy to begin introducing the speakers, starting with Dr. Jerry Shay.

Dr. Shay is the Vice Chairman of the Department of Cell Biology at The University of Texas Southwestern Medical Center in Dallas. Dr. Shays work on the relationships of telomeres and telomerase to aging and cancer is well recognized.

Jerry has been a stalwart supporter of the SENS concept for well over a decade, and a world leader in the telomere biology field for much longer than that. He spoke at the very first SENS conference, back in 2003, and it will be a joy to welcome him again. says Aubrey de Grey.

12:02

4-Phase Approach for Taking Over Large, Messy IT Systems "IndyWatch Feed Tech"

Everyone loves building shiny, new systems using the latest technologies and especially the most modern DevOps tools. But that's not the reality for lots of operations teams, especially those running larger systems with millions of users and old, complex infrastructure.

It's even worse for teams taking over existing systems as part of company mergers, department consolidation, or changing managed service providers (MSPs). The new team has to come in and hit the ground running while keeping the lights on using a messy system they know nothing about.

12:00

Silicon Valley tested by Saudi crisis "IndyWatch Feed Tech"

Saudi Arabias alleged involvement in the disappearance and possible murder of a dissident Washington Post columnist is putting Silicon Valley in a difficult position, with potentially billions in business deals at stake.The diplomatic crisis is...

12:00

GreyEnergy group targeting critical infrastructure with espionage "IndyWatch Feed Tech"

ESET has uncovered details of a successor to the BlackEnergy APT group. Named GreyEnergy by ESET, this threat actor focuses on espionage and reconnaissance, quite possibly in preparation for future cyber-sabotage attacks. BlackEnergy has been terrorizing Ukraine for years and rose to prominence in December 2015 when they caused a blackout that left 230,000 people without electricity the first-ever blackout caused by a cyberattack. Around the time of that incident, ESET researchers began detecting More

The post GreyEnergy group targeting critical infrastructure with espionage appeared first on Help Net Security.

11:33

Brazil expert discovers Oracle flaw that allows massive DDoS attacks "IndyWatch Feed Tech"

Oracle has just released a security update to prevent 2.3 million servers running the RPCBIND service from being used in amplified DDoS attacks.

The flaw was discovered by the Brazilian researcher Mauricio Corra, founder of Brazilian security company XLabs. The exploitation of this vulnerability could cause major problems on the Internet.

A proof of concept (POC) made in only one XLabs server generated a traffic of 69 gigabits per second, Mauricio told Cibersecurity.net.br.

At the time of the discovery, the expert queried Shodan and found that there were nearly 2.6 million servers running RPCBIND on the Internet. The multiplication of this exploit in a 2.6 million server farm leads to a frightening conclusion.

RPCBIND ddos

RPCBIND is software that provides client programs with the information they need about server programs available on a network. It runs on port 111 and responds with universal addresses of the server programs so that client programs can request data through RPCs (remote procedure calls).

These addresses are formed by the server IP pool plus port. Since its launch, RPCBIND has been receiving updates that cover several failures, including security. This, however, is the most serious finding so far.

The discovery of the crash began on June 11 this year. On that day, one of the web application firewalls (WAFs) installed in the XLabs SOC (security operations center) detected an abnormal pattern of network traffic that caught the eye of Mauricio.

The data showed that a DDoS attack was in progress, coming from port 111 of several servers, all from other countries.

We then decided to open a server with port 111 exposed on the Internet, with the same characteristics as those who were attacking us and we were monitoring that server for weeks. We found that he was receiving requests to generate attacks, he explained. 

After further analysis of the subject, it was possible to reproduce the attack in the laboratory.

By analyzing the servers exposed at Shodan, the extent of the problem was confirmed, continues Mauricio.

The problem discovered by Mauricio is worse than Memcrashed, detected...

11:31

FCC Says Hurricane Michael Victims in Florida Deserve a Month of Free Cell Service "IndyWatch Feed Tech"

Ars Technica:

Wireless carriers' failure to fully restore cellular service in Florida after Hurricane Michael "is completely unacceptable," Federal Communications Commission Chairman Ajit Pai said today in a rare rebuke of the industry that he regulates.

Verizon in particular has been under fire from Florida Governor Rick Scott, who says Verizon hasn't done enough to restore service. By contrast, Scott has praised AT&T for its disaster response.

The FCC will open an investigation into the post-hurricane restoration efforts, Pai said. Pai and Scott urged wireless carriers to immediately disclose plans for restoring service, waive the October bills of affected customers, and let customers switch providers without penalty.

Pai's statement didn't name specific carriers. but Verizon seems to be struggling the most to restore service, based on criticism from the governor. Verizon was the only wireless carrier mentioned specifically by Scott today in a statement that called on telecom companies to "treat Floridians fairly."

Gov. Scott suggested that Verizon has misled the public about its progress in restoring service. He said:

Verizon recently said in a press release that 98 percent of Florida has service. This statement, which includes customers in Florida that were hundreds of miles away from impacted areas, does not help Florida's law enforcement in Bay County and families communicate with loved ones in Panama City and does not help those needing medicine call their pharmacy in Lynn Haven.

[...] Verizon announced shortly after Pai's statement today that it will give three months of free mobile service to "every Verizon customer in Bay and Gulf counties."

"Verizon is 100 percent focused on repairing our network in the Florida Panhandle," the company said in a press release. "We are making progress every hour, and we expect that trend to continue at a rapid pace. We won't rest until service is completely restored."

Also at...

11:29

Endpoint security solutions challenged by zero-day and fileless attacks "IndyWatch Feed Tech"

There is an endpoint protection gap against modern threats, the result of a recent survey by the Ponemon Institute and Barkly have shown. The organizations polled 660 IT and security professionals to get insight on the state of endpoint security risk, and have found that: 64% of organizations experienced a successful endpoint attack in 2018 (a 20% increase from the previous 12-month period). 63 percent say that the frequency of attacks theyre facing has also More

The post Endpoint security solutions challenged by zero-day and fileless attacks appeared first on Help Net Security.

11:23

VMware addressed Code Execution Flaw in its ESXi, Workstation, and Fusion products "IndyWatch Feed Tech"

VMware has addressed a critical arbitrary code execution flaw affecting the SVGA virtual graphics card used by its ESXi, Workstation, and Fusion products.

VMware has released security updated to fix a critical arbitrary code execution vulnerability (CVE-2018-6974) in the SVGA virtual graphics card used by its ESXi, Workstation, and Fusion solutions.

The issue in the VMware products is an out-of-bounds read vulnerability in the SVGA virtual graphics card that could be exploited by a local attacker with low privileges on the system to execute arbitrary code on the host.

VMware ESXi, Fusion and Workstation contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host. reads the security advisory published by the company.

VMware credited an anonymous researcher for reporting the flaw through Trend Micros Zero Day Initiative (ZDI).

According to the ZDIs own advisory, the vulnerability was reported to VMware in mid-June.

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the guest system in order to exploit this vulnerability. read the ZDIs advisory.

The specific flaw exists within the handling of virtualized SVGA. The issue results from the lack of proper validation of user-supplied data, which can result in an overflow of a heap-based buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the host OS.

VMware classified the issue as medium severity and assigned it a CVSS score of 6.9.

The same anonymous expert also reported an out-of-bounds write vulnerability in the e1000 virtual network adapter, tracked as CVE-2018-6973, used by Workstation and Fusion.

The CVE-2018-6973 flaw could be exploited by a local attacker to execute arbitrary code, VMware addressed this flaw in September.

This flaw is similar to the previous one, an attacker requires at low-privileged access to the exploit the issue on the target system.

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the abil...

11:22

GNOME Developers Are Looking At Sprucing Up Pango "IndyWatch Feed Tech"

GNOME developers want to make sure they have a competitive text rendering stack with other platforms and as such are looking to make some modernization improvements to Pango...

11:10

GCC 9 Feature Development Is Ending Next Month "IndyWatch Feed Tech"

There is just three weeks left for GNU toolchain developers to finish landing new feature material in GCC 9.0 ahead of next year's GCC 9.1 stable release...

11:08

Google Will Charge Android Phone Makers to Use Its Apps In Europe "IndyWatch Feed Tech"

Would you prefer purchasing an Android device that doesn't have any apps or services from Google? No Google Maps, No Gmail, No YouTube! And NOT even the Google Play Storefrom where you could have installed any Android apps you want Because if you live in Europe, from now on, you have to spend some extra cash on a smartphone with built-in Google services, which were otherwise until now

11:03

How Robots and Drones Will Change Retail Forever "IndyWatch Feed Tech"

We are in the early days of what might be called the physical cloud, an e-commerce ecosystem that functions like the internet itself. Netflix caches the movies you stream at a data center physically close to you; Amazon is building warehouse after warehouse to store goods closer to consumers. And the storage systems at those warehouses are looking more like the data-storage systems in the cloud. Instead of storing similar items in the same placea helpful practice when humans were fetching the goodsAmazons warehouses store multiples of the same item at random locations, known only to the robots. Trying to find an Instapot at one of Amazons warehouses would be like trying to find where in the cloud one of your emails is stored. Of course, you dont have to. You just tap your screen and the email appears. No humans are involved.


What if you could store and deliver goods as easily as data? Amazon, Walmart and others are using AI and robotics to transform everything from appliance shopping to grocery delivery. Welcome to the physical cloud.

10:57

Raptor Computing Systems Is Working On Bringing Up Chrome's POWER Support "IndyWatch Feed Tech"

With Raptor Computing Systems' Talos II Lite and especially the forthcoming Blackbird positioning the POWER architecture in a prime spot for use by libre Linux users who want a system that's open-source down to the firmware, they've been trying to make sure the Linux desktop stack is in order. The latest area they've been working on is browser coverage...

10:56

Improving US Patent Quality Through Reassessments of Patents and Courts Transparency "IndyWatch Feed Tech"

Transparency in CD

Summary: Transparency in US courts and more public participation in the patent process (examination, litigation etc.) would help demonstrate that many patents are being granted and sometimes asserted that are totally bunk, bogus, fake

THE new leadership is oftentimes frustrating if now downright depressing; they put the so-called swamp in charge. A new event about patents issued the following nonsensical tweet: A new twist has recently entered the debate about how #patents and #opensource interact and whether the two principles are compatible with each other or not.

So stop granting software patents; the principal problem would be solved.Theyre obviously not compatible, but the sponsors would pay for us to believe otherwise. The event took place yesterday and attending as well as speaking was Director Iancu, who said, according to third-party accounts: lack of predictability on Section 101 limits investment in innovation. [] gets specific: Step 1 of Alice-Mayo test must be a category analysis not a claim analysis. If the matter is sometimes patentable then it is not a subject matter Section 101 problem.

So stop granting software patents; the principal problem would be solved. Well probably say more in the weekend (once all the patent maximalists are done boosting him).

Totally meaningless is the message above (lots of mythology embedded in it, pure fiction from the patent microcosm). He just wants to find ways to defy the courts, ignore caselaw, and grant software patents anyway.

Last night Josh Landau (CCIA) spoke about history and noted that [w]hile the PTO no longer operates under a registration system, that situation still exists today. The PTOunlike many other patent offices around the worldis unable to permanently refuse a patent application.

Here are some key bits:

...

10:54

Anaxi App Shows the State of Your Software Project "IndyWatch Feed Tech"

If you work within the world of software development, youll find yourself bouncing back and forth between a few tools. Youll most likely use GitHub to host your code, but find yourself needing some task/priority software. This could be GitHub itself or other ones like Jira. Of course, you may also find yourself collaborating on several tools, like Slack, and several projects. Considering that its already hard to keep track of the progress on one of your projects, working across several of them becomes a struggle.

10:53

LLVM 7 Improves Performance Analysis, Linking "IndyWatch Feed Tech"

The compiler framework that powers Rust, Swift, and Clang offers new and revised tools for optimization, linking, and debugging.

The developers behind LLVM, the open-source framework for building cross-platform compilers, have unveiled LLVM 7. The new release arrives right on schedule as part of the projects cadence of major releases every six months.

10:30

Roku to Go Back on Sale in Mexico After Copyright Victory "IndyWatch Feed Tech"

Commercial streaming-capable devices are often designed to receive officially licensed programming but many can be reprogrammed to do illegal things.

Manufacturers say they are not responsible for this behavior but last year in Mexico, that position was successfully challenged.

Following a complaint filed by cable TV provider Cablevision, the Superior Court of Justice of the City of Mexico handed down an order preventing the importation of Roku devices and prohibiting stores such as Amazon, Liverpool, El Palacio de Hierro, and Sears from putting them on sale.

Cablevision complained that pirated content was being made available through Roku devices, with claims of more than 300 channels of unauthorized content being supplied to consumers.

Following a swift appeal by Roku, the sales ban was quickly overturned by a federal judge. However, on June 28, 2017, a Mexico City tribunal upheld the previous decision which banned importation and distribution of Roku devices. Several appeals followed, without success, leading to Roku declaring the ban unjust.

Now, however, and after an extended period off the shelves, Roku has booked a significant legal victory. A ruling handed down by the 11th Collegiate Court in Mexico City has found that the original ban was incorrect and the Roku device isnt illegal, which means that the streaming hardware will soon be back on sale.

The Court reportedly acknowledged Rokus efforts to keep pirated content away from its platform, an opinion also shared by Cablevision. However, should pirate channels appear on Roku in the future, Cablevision warned that it would take further legal action to have those sources blocked via the Mexican Institute of Industrial Property and other local authorities.

The decision of the Mexico City Court was welcomed by Roku General Counsel Stephen Kay.

Todays decision is an important victory for Roku and its Mexican distributor, Latamel Distribuidora, S. de R.L. de C.V. and Mexican retailers in the legal battle against an improper ban on sales of its popular streaming players in Mexico. We are pleased with the Collegiate Courts decision and look forward to continuing to build Rokus TV streaming business in Mexico, Kay said.

Noting that streaming is the future of TV, offering greater choice for consumers alongside better value for money, Roku Chief Marketing Officer Matthew...

10:00

Can A Motorized Bicycle Run On Trees? "IndyWatch Feed Tech"

Some of the earliest automobiles werent powered by refined petrochemicals, but instead wood gas. This wood gas is produced by burning wood or charcoal, capturing the fumes given off, and burning those fumes again. During World War II, nearly every European country was under gasoline rations, and tens of thousands of automobiles would be converted to run on wood gas before the wars end.

The basic setup for this experiment is a tiny, tiny internal combustion engine attached to a bicycle. Add a gas tank, and you have a moped, no problem. But this is meant to run on firewood, and for that you need a wood gas generator. This means [NightHawkinLight] will need to burn wood without a whole lot of oxygen, similar to how you make charcoal. There is, apparently, the perfect device to do this, and itll fit on the back of a bike. Its a bee smoker, that thing bee keepers use to calm down a hive of honeybees.

The bee smoker generates the wood gas, which is filtered and cooled in a gallon paint bucket filled with cedar chips. The output from this filter is fed right into where the air filter for the internal combustion engine should be, with an added valve to put more air into the carburetor.

So, with that setup, does the weird bike motorcycle wood gas thing turn over? Yes. The engine idled for a few seconds without producing any useful power. Thats alright, though, because this is just a proof of concept and work in progress. Getting this thing to run and be a useful mode of transportation will require a much larger wood gas generator, but right now [NightHawkinLight] knows his engine can run on wood gas.

09:59

35 Million Voter Records For Sale on Popular Hacking Forum "IndyWatch Feed Tech"

Approximately 35 Million voter registration records from 20 states have appeared for sale online. These records include Full Name, Phone, Address, Voting History and 'other' data. There have been other larger leaks and breaches of voter registration records in the past (for example, in 2015 191 Million were found to be freely accessible online)

Details including the affected states are available here: https://www.anomali.com/blog/estimated-35-million-voter-records-for-sale-on-popular-hacking-forum

Why is our voting history retained beyond the current election? This is especially worrisome if you vote in the wrong primaries in an area that has a prevailing opinion that differs sharply from your own.


Original Submission

Read more of this story at SoylentNews.

09:54

DataLocker Sentry K300 features encrypted micro SSD keypad flash drive "IndyWatch Feed Tech"

The DataLocker Sentry K300 encrypted flash drive is in stock and now available for order. When the company introduced the K300, the company received a positive reaction to the menu driven encrypted keypad flash drive featuring AES 256-bit encryption, an alpha-numeric keypad, enhanced security features, and up to 256GB capacity, all developed around DataLockers Simply Secure design principles. The K300 has passed FIPS 197 and IP57 certifications. The Sentry K300 is the platform-independent and OS More

The post DataLocker Sentry K300 features encrypted micro SSD keypad flash drive appeared first on Help Net Security.

09:42

BestCrypt Explorer: Create and access storage space for data encryption on Android "IndyWatch Feed Tech"

Jetico released of BestCrypt Explorer, a mobile file manager on Android and an extension of BestCrypt Container Encryption. Jeticos Android file encryption app is now available for free download on Google Play. Throughout the digital world, our privacy is constantly threatened by hardware theft, cyber attack and unauthorized account access. says Jetico CEO, Michael Waksman. BestCrypt Explorer is a welcome addition to our family of data protection products, continuing Jeticos mission to ensure a safer More

The post BestCrypt Explorer: Create and access storage space for data encryption on Android appeared first on Help Net Security.

09:38

Zyxel launches SD-WAN solution for SMBs and MSPs "IndyWatch Feed Tech"

Zyxel Communications launches Zyxel SD-WAN, the software-defined wide area network solution. Zyxel SD-WAN enables SMBs and Managed Service Providers (MSP) to optimize network connections between distributed sites over the internet to achieve enterprise-class network performance, stability and security for critical applications across the organization. Zyxel SD-WAN is a solution that mitigates network issues faced by businesses and organizations that depend upon the internet to provide connectivity between distributed sites and remote users. Packet-level routing provides More

The post Zyxel launches SD-WAN solution for SMBs and MSPs appeared first on Help Net Security.

09:30

CVE-2018-18438 Qemu: Integer overflow in ccid_card_vscard_read() allows memory corruption "IndyWatch Feed Tech"

Posted by P J P on Oct 17

Hello,

An integer overflow issue was found in the CCID Passthru card device
emulation, while reading card data in ccid_card_vscard_read() function. The
ccid_card_vscard_read() function accepts a signed integer 'size' argument,
which is subsequently used as unsigned size_t value in memcpy(), copying large
amounts of memory.

A user inside guest could use this flaw to crash the Qemu process resulting in
DoS.

Upstream patch:...

09:00

Kolanovic: The Market Is Disagreeing With The Fed, Raising Risk Of "Policy Error" "IndyWatch Feed Tech"


 

Here we go again.  Interest rates were at historic lows and badly needed to be brought back into balance.  That has now happened and we will likely see no more.

Rising markets reflect improving future business prospects and this allows massive cdapital inflows as well.  This needs to now be cooled down and consolidated.  The USA economy has now recovered or is recovering from the 2008 crash and only eight years late.

Otherwise folks need to catch on that Trump opens negotiations by repudiating the status quo.  What truly matters is the deal arrived at and that is usually unexciting.  .

Kolanovic: The Market Is Disagreeing With The Fed, Raising Risk Of "Policy Error"
 

09:00

UN Admits Latest Outbreak of Polio in Syria Was Caused by the Polio Vaccine "IndyWatch Feed Tech"



 Polio is practically extinct thanks to modern ideas of sanitation and this is merely unfortunate.  Where do they find these people?  The aggressive sale of all forms of vaccines is a criminal outrage.

Yet all our own mothers have been totally brainwashed into trusting these scientific scammers because that is exactly what it has become.

Applying only what is totally necessary would collapse the racket.  Applying what is clearly safe would still cover our childhood nasties which is generally safe enough though we still need to resolve the dangers of the carriers.



UN Admits Latest Outbreak of Polio in Syria Was Caused by the Polio Vaccine


In war-torn Syria, theres little doubt that the conflict has taken a toll on health. Now, the United Nations Childrens Fund (UNICEF) reports that their attempt at using vaccines to protect children against polio has backfire infecting more children with the devastating disease rather than saving them.

...

09:00

The HPV Vaccine On Trial: Seeking Justice For A Generation Betrayed "IndyWatch Feed Tech"

 First off, far too little science was done on this. This means that we were sold a real pig in a poke.

Now the chickens have come home to roost and this will mean extensive settlements not least because of the shoddy science.

The marketing drive associated with this turkey has done huge damage to the vaccination meme.

 .

The HPV Vaccine On Trial: Seeking Justice For A Generation Betrayed


 https://www.activistpost.com/2018/09/the-hpv-vaccine-on-trial-seeking-justice-for-a-generation-betrayed.html

This article represents something Ive never done in my life or as a researcher, writ......

09:00

Can Analogies Reveal the Laws of Physics? - Facts So Romantic "IndyWatch Feed Tech"


Reprinted with permission from Quanta Magazines Abstractions blog.

So-called analogue experiments are becoming increasingly common in physics, but do they teach or mislead?Image by National Institute of Standards and Technology / Wikicommons

Hoping to gain insight into domains of nature that lie beyond experimental reachthe interiors of black holes, the subtleties of the quantum realm, the Big Bangphysicists are experimenting on analogue systems made of fluids and other easily manipulable materials that can be modeled by similar equations. Results from these analogue experiments often end up in top scientific journals, with a sense that they say something about the systems of interest. But do they? And how do we know?

As Stephan Hartmann, philosopher of physics at Ludwig Maximilian University in Munich put it, Under which conditions can evidence that we obtain here in a certain experiment confirm or support claims about a different system, which is far away?

The issue keeps coming up.

In 2014, researchers reported in Nature that they had discovered a particle-like state in a fluid of supercold rubidium atoms that is analogous to a magnetic monopolea long-sought, hypothetical elementary particle that would act like one end of a magnet. One physicist quoted in Nature News deemed the discovery one more
Read More

The United Nations reported that 2.6 million Venezuelans are now living abroad "IndyWatch Feed Tech"

Venezuelan migrants living in Medellin, Colombia sleep as they wait to attend a job fair on 27 September. The United Nations reported that 2.6 million Venezuelans are now living abroad.


We gave been fed a lot of bunkum here whose intent it to rationalize the landing of USA troops.  Other reports are saying nothing of the kind and even here we quote 1000,000 making it into Columbia.  Any other direction is impossible.  The real numbers are likely much lower and may actually be around a couple hundred thousand.

We have an apparent effort to remove Maduro who may or may not have been fairly elected. 

What we now lack is real facts on the ground..  The whole situation can surely be settled since sanctions are actually blocking money transfers.

Venezuela: nearly 2m people have fled country since 2015, UN says UN refugee agency chief called for a non-political and humanitarian response to the exodus

Agence France-Presse in Geneva

Mon 1 Oct 2018 18.10 BST Last modified on Mon 1 Oct 2018 18.32 BST 

Nearly two million people have fled Venezuelas economic and political crisis since 2015, according to the UN which called for a non-political response to an exodus that is straining regional resources.

Some 5,000 people are now leaving Venezuela daily the largest population movement in Latin Americas recent history, UN refugee agency (UNHCR) chief Filippo Grandi told the organisations executive committee on Monday.......

08:59

Ask OIN How It Intends to Deal With Microsoft Proxies Such as Patent Trolls "IndyWatch Feed Tech"

Microsoft does not need to sue GNU/Linux (and hasnt done so in quite a while); there are tentacles for enforcement

Bill and Nathan
The "Microsoft spinoff" Intellectual Ventures is still managed by the same man. Credit: Reuters

Summary: OIN continues to miss the key point (or intentionally avoid speaking about it); Microsoft is still selling protection from the very same patent trolls that it is funding, arming, and sometimes even instructing (who to pass patents to and sue)

WE HAD been writing about Microsofts attacks especially by means of patents and defensive aggregators (DPAs) long before the Open Invention Network (OIN) added Microsoft as a member (or even LOT Network). We wrote many articles about why OIN wasnt the solution, except perhaps to large companies such as Red Hat and IBM (which already cross-licenses with Microsoft anyway). We foresaw Microsoft joining as a member and clarified that it would not mean very much. OIN cannot really tackle some of the key problems. Even if Microsoft threw away all of its patents (voiding everything) however unlikely that is that would still leave many patents out there that it gave to patent trolls such as MOSAID (now known as Conversant). For well over a decade Microsoft has polluted several spaces/domains with trolls, flooding them with risks that help Microsoft sell Azure IP Advantage [1,...

08:27

Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Rich Felker on Oct 16

An obvious fix for UaF's would be just removing the frees. Use of gs
as an interactive program where leaks would matter is a historical
curiosity; the only meaningful modern use is as a converter.

If someone insists there are still uses where freeing matters,
something like talloc may be a reasonable solution, removing all the
internal frees and only performing frees of the whole context.

Rich

08:25

Re: ghostscript: bypassing executeonly to escape -dSAFER sandbox (CVE-2018-17961) "IndyWatch Feed Tech"

Posted by Rich Felker on Oct 16

This. It's utterly ridiculous that the interpreter even has bindings
for accessing the filesystem and such. But I wonder if some of its
library routines (e.g. font loading) are implemented in Postscript,
using these bindings, rather than being implemented in C outside of
the language interpreter. If so it might be harder to extricate. But I
still think it's worthwhile to try. Once there are patches I would
expect all reasonable distros...

08:20

Researchers Produce Virus-resistant Pigs, Could Vastly Improve Global Animal Health "IndyWatch Feed Tech"

Submitted via IRC for Bytram

Researchers produce virus-resistant pigs, could vastly improve global animal health

Researchers at the University of Missouri have successfully produced a litter of pigs that are genetically resistant to a deadly porcine virus.

Coronaviruses, highly contagious and widespread viruses known for their distinctive microscopic halos, are responsible for a variety of deadly intestinal diseases in livestock. One such virus, Transmissible Gastroenteritis Virus (TGEV), commonly infects the intestines of pigs, causing almost 100 percent mortality in young pigs. Now, a team of researchers from MU, Kansas State University and Genus plca global leader in animal genetics has succeeded in breeding pigs that are resistant to the virus by means of gene editing.

"Previous research had identified an enzyme called ANPEP as a potential receptor for the virus, meaning it could be an important factor in allowing the virus to take hold in pigs," said Randall Prather, distinguished professor of animal sciences in the College of Agriculture, Food and Natural Resources. "We were able to breed a litter of pigs that did not produce this enzyme, and as a result, they did not get sick when we exposed them to the virus."


Original Submission

Read more of this story at SoylentNews.

08:10

Why we need to bridge the gap between IT operations and IT security "IndyWatch Feed Tech"

Thycotic released the findings from its 2018 VMworld survey of more than 250 IT operations professionals which looked into their experiences in using cybersecurity tools on a daily basis, including their concerns and preferences. According to the findings, even though IT operations personnel help influence the selection of cybersecurity tools, nearly two out of three say complexity in deployment (30 percent) and complexity in daily use (34 percent) are the biggest hindrances in security tool More

The post Why we need to bridge the gap between IT operations and IT security appeared first on Help Net Security.

08:00

Protecting applications from malicious scripts "IndyWatch Feed Tech"

In 2018, malicious client-side scripts are still posing a problem for large organizations. This year, British Airways revealed that they suffered a data breach in which 380,000 records were exfiltrated. Now, NewEgg has been hit with a similar data breach. This follows a string of attacks from a group known as Magecart, who were also responsible for publicized data breaches of Ticketmaster and Feedlify. Any time malicious Javascript is loaded onto a critical page for More

The post Protecting applications from malicious scripts appeared first on Help Net Security.

07:45

How corporate boards are navigating cybersecurity risks and data privacy "IndyWatch Feed Tech"

Digital transformation initiatives have transcended beyond the sole domain of IT to involve the entire organization, elevating digital strategy to the top of the board agenda, according to BDO USA. Developing a strategic path for an organizations digital transformation and devoting company resources and board oversight to cybersecurity and data privacy are now necessities for businesses to survive and thrive during this time of intense change, said Amy Rojik, national assurance partner and director of More

The post How corporate boards are navigating cybersecurity risks and data privacy appeared first on Help Net Security.

07:30

Few organizations use cyber wargaming to practice response plan "IndyWatch Feed Tech"

Nearly half (46 percent) of executive-level respondents to a Deloitte poll say their organizations have experienced a cybersecurity incident over the past year, with more than 1,500 surveyed professionals feeling only somewhat confident in their organizations ability to respond to and remediate a cyber incident. With cybercrime expected to reach $6 trillion annually and no indication of a slowdown in cyber threats, the Deloitte poll taken during a webcast on cyber preparedness and wargaming exposes More

The post Few organizations use cyber wargaming to practice response plan appeared first on Help Net Security.

07:22

A crippling ransomware attack hit a water utility in the aftermath of Hurricane Florence "IndyWatch Feed Tech"

A water utility in the US state of North Carolina suffered a severe ransomware attack in the week after Hurricane Florence hit the East Coast of the U.S.

According to the Onslow Water and Sewer Authority (aka ONWASA) some internal systems were infected with the Emotet malware, but the regular water service was not impacted.

According to ONWASA, the infections would require several of the main databases to be completely recreated, fortunately, no customer information was compromised.

We are in the middle of another disaster following Hurricane Florence and tropical storm Michael, CEO Jeff Hudson said employees in a video posted on Facebook,

With a very sophisticated attack they penetrated our defenses, just as they penetrated the city of Atlanta and Mecklenburg county.

hurricane florence

ONWASA CEO Jeffrey Hudson confirmed the ransomware attack began on October 4, the IT staff initially thought to have locked out the threat, however, on October 13 the malware started dropping the Ryuk ransomware into the infected systems.

An ONWASA IT staff member was working was working at 3am and saw the attack, ONWASA said.

IT staff took immediate action to protect system resources by disconecting ONWASA from the internet, but the crypto-virus spread quickly along the network encrypting databases and files.

Operators at the utility did not pay the ransom and opted out to recreate the infected systems.

Ransom monies would be used to fund criminal, and perhaps terrorist activities in other countrie...

07:15

Researchers expose security vulnerabilities in terahertz data links "IndyWatch Feed Tech"

A new study shows that terahertz data links, which may play a role in ultra-high-speed wireless data networks of the future, arent as immune to eavesdropping as many researchers have assumed. The research shows that it is possible for a clever eavesdropper to intercept a signal from a terahertz transmitter without the intrusion being detected at the receiver. Terahertz eavesdropping (Mittleman lab / Brown University) The conventional wisdom in the terahertz community has been that More

The post Researchers expose security vulnerabilities in terahertz data links appeared first on Help Net Security.

07:01

LibSSH Vuln: You Dont Need to See my Authentication "IndyWatch Feed Tech"

Another day, another CVE (Common Vulnerabilities and Exposures). Getting a CVE number assigned to a vulnerability is a stamp of authenticity that you have a real problem on your hands. CVE-2018-10933 is a worst case scenario for libssh.  With a single response, an attacker can completely bypass authentication, giving full access to a system.

Before you panic and yank the power cord on your server, know that libssh is not part of OpenSSH. Your Linux box almost certainly uses OpenSSH as the SSH daemon, and that daemon is not vulnerable to this particular problem. Libssh does show up in a few important places, the most notable is probably Github and their security team already announced their implementation was not vulnerable.

The libssh project shares code between their client and server implementations, as one would expect. There are different callbacks to handle packet types as a new connection completes the handshake process. The SSH protocol defines several responses that are to be sent as an authentication request is handled. One of those messages is USERAUTH_SUCCESS, which the server sends to inform the client that authentication was successful, and the requested service is ready.

/**
 * @internal
 *
 * @brief Handles a SSH_USERAUTH_SUCCESS packet.
 *
 * It is also used to communicate the new to the upper levels.
 */
SSH_PACKET_CALLBACK(ssh_packet_userauth_success) {
  (void)packet;
  (void)type;
  (void)user;

  SSH_LOG(SSH_LOG_DEBUG, "Authentication successful");
  SSH_LOG(SSH_LOG_TRACE, "Received SSH_USERAUTH_SUCCESS");

  session->auth.state = SSH_AUTH_STATE_SUCCESS;

You may already begin to guess the vulnerability here. Libssh didnt have a mechanism to determine if an incoming packet was allowed for the current state of the connection. An attacker could start a connection, the server would send the authentication challenge, and the attacker could reply with the USERAUTH_SUCCESS response. The problem is that this response is only meant to be sent by the server, not the client, and only after authentication is completed.

Because of the shared code, the server incorrectly jumps to the handler for this message type, and marks the authentication phase completed. At that point, the daemon sets up the SSH connection just as if the client had authenticated, rolling out the red carpet for the attacker.

...

06:44

Palm Rises From the Dead as a Zombie Brand, Launches Tiny Smartphone "IndyWatch Feed Tech"

Submitted via IRC for BoyceMagooglyMonkey

Palm rises from the dead as a zombie brand, launches tiny smartphone

If you recall, Palm, creator of the Palm Pilot and WebOS, bombed out of the smartphone market and was purchased by HP. Palm died at HP after a short run of tablets and smartphones, and eventually Chinese smartphone company TCL snatched up the rights to the Palm brand in 2014, and things have been quiet since then. You might know TCL from running that other smartphone zombie brand, Blackberry.

Today, TCL's Palm presents itself as actual new company with new co-founders, a new logo, and an office in San Francisco. The company is launching the, uh, "Palm" phone (Do we call it the Palm Palm?) and it's taking the "Palm" name literally, with a device small enough to fit in the palm of your hand. The Palm Palm has a practically microscopic 3.3-inch display, and it measures just 96.6mm tall by 50.6mm wide, which is close to the size of a credit card. Palm is pitching the Palm as a "companion" device to your main smartphone, allowing you to leave your big phone behind and bring the Palm in a wallet, on a lanyard, or in any tiny pocket.

This tiny phone also comes with a really tiny spec sheet. You're getting a 3.3-inch 1280720 display with a respectable 445ppi. This is powered by a Qualcomm Snapdragon 435 SoC (that's eight Cortex A53 cores, usually at 1.4GHz) 3GB of RAM, and an 800mAh battery. There's 32GB of storage, a 12MP rear camera, 8MP front camera, IP68 dust and water resistance, USB-C, Wi-Fi, Bluetooth, GPS, and LTE.


Original Submission

Read more of this story at SoylentNews.

06:23

YouTube Went Down for Millions Around the World "IndyWatch Feed Tech"


YouTube is down and reports are coming in worldwide about the service being unavailable.

06:00

LLVM Still Proceeding With Their Code Relicensing "IndyWatch Feed Tech"

It's been three years since the original draft proposal for relicensing the LLVM compiler code was sent out and while there hasn't been a lot to report on recently about the effort, they are making progress and proceeding...

05:53

YouTube experiences global outage "IndyWatch Feed Tech"

YouTube on Tuesday night went down for more than an hour, impacting users across the globe.The video-sharing website, which is a subsidiary of Google, acknowledged the outage in a tweet after users began posting about it on other social...

05:11

Two Degrees Decimated Puerto Rico's Insect Populations "IndyWatch Feed Tech"

Submitted via IRC for Bytram

Two degrees decimated Puerto Rico's insect populations

While temperatures in the tropical forests of northeastern Puerto Rico have climbed two degrees Celsius since the mid-1970s, the biomass of arthropodsinvertebrate animals such as insects, millipedes, and sowbugshas declined by as much as 60-fold, according to new findings published today in the Proceedings of the National Academy of Sciences.

The finding supports the recent United Nations Intergovernmental Panel on Climate Change warnings of severe environmental threats given a 2.0 degree Celsius elevation in global temperature. Like some other tropical locations, the study area in the Luquillo rainforest has already reached or exceeded a 2.0 degree Celsius rise in average temperature, and the study finds that the consequences are potentially catastrophic.

"Our results suggest that the effects of climate warming in tropical forests may be even greater than anticipated" said Brad Lister lead author of the study and a faculty member in the Department of Biological Sciences at Rensselaer Polytechnic Institute. "The insect populations in the Luquillo forest are crashing, and once that begins the animals that eat the insects have insufficient food, which results in decreased reproduction and survivorship and consequent declines in abundance."


Original Submission

Read more of this story at SoylentNews.

04:59

SpaceX successfully landed its Falcon 9 rocket on the California coast for the first time "IndyWatch Feed Tech"

Original Story: This evening, SpaceX is set to launch a used Falcon 9 rocket from California, a flight that will be followed by one of the companys signature rocket landings. But this time around, SpaceX will attempt to land the vehicle on a concrete landing pad near the launch site not a drone ship in the ocean. If successful, itll be the first time that the company does a ground landing on the West Coast.

Up until now, all of SpaceXs ground landings have occurred out of Cape Canaveral, Florida, the companys busiest launch site. SpaceX has two landing pads there, and has managed to touch down 11 Falcon 9 rockets on them. And each time the company has attempted to land on land, its been a success.

04:54

How will NASA transform by joining forces with private space travel? "IndyWatch Feed Tech"

60 years of NASA has brought us the first moon landing, the Voyagers, a progression of Mars rovers, Hubble, Cassini, TESSand the next six decades are going to see it venturing even further into uncharted territory, but this time, the space agency will not be alone on the voyage.

NASA couldnt even start fantasizing about private spaceflightor collaborating with the private sectorwhen it first took off in 1958. Now companies like SpaceX, Boeing and Blue Origin will bring dreams that originally lived between the pages of science fiction books into reality. Dreams like space travel for anyone.

Private companies could potentially lower the cost of suborbital flights from hundreds of thousands to tens of thousands. That still might sound astronomical to the average Earthling, but to NASA, it could mean more opportunities than ever. NASAs Commercial Crew Program is a collab with Boeing and SpaceX to fly astronauts to and from the ISS (which is not going to end up as space junk after all). SpaceXs Crew Dragon and Boeings CST-100 Starliner will start making crewed flights into low-Earth orbit as soon as next year.

04:53

Autonomous Flights Are One Step Closer to Reality "IndyWatch Feed Tech"

The air cargo industry is already considering one-person flight crews. Self-flying planes may be next.

04:33

Yuval Harari & Russell Brand in conversation | Penguin Talks "IndyWatch Feed Tech"

Hacking humanity russell brand & noah yuval harari


Penguin Talks is a new series of free creative events which gives young people the opportunity to hear

04:21

Space Force is not a crazy idea "IndyWatch Feed Tech"

The famed astrophysicist sits down with CBS News Chief White House Correspondent Major Garret for The Takeout.

04:00

FIDO2 Authentication In All The Colors "IndyWatch Feed Tech"

Here at Hackaday, we have a soft spot for security dongles. When a new two-factor-authentication dongle is open source, uses USB and NFC, and supports FIDO2, the newest 2FA standard, we take notice. That just happens to be exactly what [Conor Patrick] is funding on Kickstarter.

Weve looked at [Conor]s first generation hardware key, and the process of going from design to physical product.  With that track record, the Solo security key promises to be more than the vaporware that plagues crowdfunding services.

Another player, Yubikey, has also recently announced a new product that supports FIDO2 and NFC. While Yubikey has stepped away from their early open source policy, Solo is embracing the open source ethos. The Kickstarter promises the release of both the software and hardware design as fully open, using MIT and CC BY-SA licenses.

For more information, see the blog post detailing the project goals and initial design process.  As always, caveat emptor, but this seems to be a crowdfunding project worth taking a look at.

03:28

Stephen Hawking Essay Warns of Gene Editing; Final Hawking Research Paper Published "IndyWatch Feed Tech"

Essays reveal Stephen Hawking predicted race of 'superhumans'

The late physicist and author Prof Stephen Hawking has caused controversy by suggesting a new race of superhumans could develop from wealthy people choosing to edit their and their children's DNA. Hawking, the author of A Brief History of Time, who died in March, made the predictions in a collection of articles and essays.

[...] In Brief Answers to the Big Questions, Hawking's final thoughts on the universe, the physicist suggested wealthy people would soon be able to choose to edit genetic makeup to create superhumans with enhanced memory, disease resistance, intelligence and longevity. Hawking raised the prospect that breakthroughs in genetics will make it attractive for people to try to improve themselves, with implications for "unimproved humans". "Once such superhumans appear, there will be significant political problems with unimproved humans, who won't be able to compete," he wrote. "Presumably, they will die out, or become unimportant. Instead, there will be a race of self-designing beings who are improving at an ever-increasing rate."

Stephen Hawking's last paper on black holes is now online

Stephen Hawking never stopped trying to unravel the mysteries surrounding black holes -- in fact, he was still working to solve one of them shortly before his death. Now, his last research paper on the subject is finally available online through pre-publication website arXiv, thanks to his co-authors from Cambridge and Harvard. It's entitled Black Hole Entropy and Soft Hair, and it tackles the black hole paradox. According to Hawking's co-author Malcolm Perry, the paradox "is perhaps the most puzzling problem in fundamental theoretical physics today" and was the center of the late physicist's life for decades.

Read more of this story at SoylentNews.

03:03

Updated Proton 3.16 Beta For Steam Play Has DXVK 0.90, D3D11 Fixes "IndyWatch Feed Tech"

Valve in cooperation with CodeWeavers and other developers continues making rapid progress on Steam Play and their "Proton" downstream flavor of Wine...

03:03

NEW 'Off The Wall' ONLINE "IndyWatch Feed Tech"

NEW 'Off The Wall' ONLINE

Posted 17 Oct, 2018 1:03:30 UTC

The new edition of Off The Wall from 16/10/2018 has been archived and is now available online.

02:59

Google Engineer Proposes KUnit As New Linux Kernel Unit Testing Framework "IndyWatch Feed Tech"

Google engineer Brendan Higgins sent out an experimental set of 31 patches today introducing KUnit as a new Linux kernel unit testing framework to help preserve and improve the quality of the kernel's code...

02:52

Chrome 70 Now Officially Available With AV1 Video Decode, Opus In MP4 & Much More "IndyWatch Feed Tech"

Google's Chrome/Chromium 70 web-browser made it out today for Linux users as well as all other key supported platforms...

02:00

HPR2663: Short review on a 2.5 inch SSD/HDD caddy "IndyWatch Feed Tech"

Well Ken made another call for shows and as my recent interview series has come to an end by the time you listen to this here is a short review of a USB3 2.5inch HDD/SSD caddy I got from E-bay a few weeks ago. As many of you who have listened to my previous ramblings know I frequent a local Computer auction and recently they have had some cheap 128Gig SSDs for sale and I managed to pick several up at a good price. After using some to upgrade some desktop PCs to SSD I had a couple of these spare and as I have USB3 on my main laptop thought it would be good to be able to use one or two of these as portable storage or even for boot drives to test out odd Linux distro or 2. So I purchased a caddy off that font of all things techie E-bay for 5.50, link here: https://www.ebay.co.uk/itm/USB-3-0-to-SATA-Hard-Drive-Enclosure-Caddy-Case-For-2-5-Inch-HDD-SSD-External/282930148654?ssPageName=STRK%3AMEBIDX%3AIT&_trksid=p2057872.m2749.l2648 So after it arrived I plugged in one of the drives and tested it out. The first thing to notice is that SSDs being 7mm in depth flop about a bit in the case but this is easily resolved by a bit of card under the drive to help it fit snug in the case and it does mean that the case will support the larger 9mm 2.5inch spinners if needed. Ive not tested a larger older spinner but I suspect they will not fit as 9mm ones are very snug in the case. Anyway the drive was detected by the PC/Laptop and works flawlessly and as it is so quick to swap drives in the caddy means I can carry large data files and my music and video library when on the move with the advantage that it is less likely to be damaged if accidentally dropped or knocked off a surface, which is quite likely with a portable spinner HDD. I am very happy with this purchase and it has already become a regular part of my travelling tool kit/laptop bag.

Saudi Arabia Reportedly Prepared to Admit Involvement in Journalist's Death "IndyWatch Feed Tech"

Saudis preparing to admit Jamal Khashoggi died during interrogation, sources say

The Saudis are preparing a report that will acknowledge that Saudi journalist Jamal Khashoggi's death was the result of an interrogation that went wrong, one that was intended to lead to his abduction from Turkey, according to two sources.

One source says the report will likely conclude that the operation was carried out without clearance and transparency and that those involved will be held responsible.

One of the sources acknowledged that the report is still being prepared and cautioned that things could change.

The Washington Post columnist was last seen in public when he entered the Saudi consulate in Istanbul in Turkey on October 2. Previously, Saudi authorities had maintained Khashoggi left the consulate the same afternoon of his visit, but provided no evidence to support the claim.

Saudi Arabia could hike oil prices over the Khashoggi case. Here's why it would backfire

Saudi Arabia's not-so-veiled threat issued in a government statement Sunday emphasized its "vital role in the global economy" and that any action taken upon it will be met with "greater action". But as oil ticks upward, a look at history and geopolitics suggests that while a Saudi-driven oil price spike would bring pain for much of the world, it would ultimately backfire on itself.

"If this is something the Saudis were allowed to do, they'd be really shooting themselves in the foot," Warren Patterson, commodities analyst at ING, told CNBC's Squawk Box Europe on Tuesday. "In the short to medium term we'll definitely see an incremental amount of demand destruction, but the bigger issue is in the longer term."

Any action in withholding oil from the market, he said, "would only quicken the pace of energy transition."

Previously: Turkey Says that a Missing Critic of the Saudi Government was Killed in Saudi Consulate in Istanbul


Original Submission

Read more of t...

01:44

From Canada to Argentina, Security Researchers Have RightsOur New Report "IndyWatch Feed Tech"

EFF is introducing a new Coders' Rights project to connect the work of security research with the fundamental rights of its practitioners throughout the Americas. The project seeks to support the right of free expression that lies at the heart of researchers' creations and use of computer code to examine computer systems, and relay their discoveries among their peers and to the wider public.  

To kick off the project, EFF published a whitepaper today, Protecting Security Researchers' Rights in the Americas (PDF), to provide the legal and policy basis for our work, outlining human rights standards that lawmakers, judges, and most particularly the Inter-American Commission on Human Rights, should use to protect the fundamental rights of security researchers.

We started this project because hackers and security researchers have never been more important to the security of the Internet. By identifying and disclosing vulnerabilities, hackers are able to improve security for every user who depends on information systems for their daily life and work.

Computer security researchers work, often independently from large public and private institutions, to analyze, explore, and fix the vulnerabilities that are scattered across the digital landscape. While most of this work is conducted unobtrusively as consultants or as employees, sometimes their work is done in the public interestwhich gathers researchers headlines and plaudits, but can also attract civil or criminal suits. They can be targeted and threatened with laws intended to prevent malicious intrusion, even when their own work is anything but malicious. The result is that security researchers work in an environment of legal uncertainty, even as their job becomes more vital to the orderly functioning of society.

Drawing on rights recognized by the American Convention on Human Rights, and examples from North and South American jurisprudence, this paper analyzes what rights security researchers have; how those rights are expressed in the Americas unique arrangement of human rights instruments, and how we might best interpret the requirements of human rights lawincluding rights of privacy, free expression, and due processwhen applied to the d...

01:10

Hillicon Valley: Agencies show progress on email security | DHS pushes back on report claiming spike in election attacks | Judge approves SEC-Elon Musk settlement | Uber IPO proposal valued at $120B "IndyWatch Feed Tech"

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen...

01:10

What To Do If Your Account Was Caught in the Facebook Breach "IndyWatch Feed Tech"

Keeping up with Facebook privacy scandals is basically a full-time job these days. Two weeks ago, it announced a massive breach with scant details. Then, this past Friday, Facebook released more information, revising earlier estimates about the number of affected users and outlining exactly what types of user data were accessed. Here are the key details you need to know, as well as recommendations about what to do if your account was affected.

30 Million Accounts Affected

The number of users whose access tokens were stolen is lower than Facebook originally estimated. When Facebook first announced this incident, it stated that attackers may have been able to steal access tokensdigital keys that control your login information and keep you logged infrom 50 to 90 million accounts. Since then, further investigation has revised that number down to 30 million accounts.

The attackers were able to access an incredibly broad array of information from those accounts. The 30 million compromised accounts fall into three main categories. For 15 million users, attackers access names and phone numbers, emails, or both (depending on what people had listed).

For 14 million, attackers access those two sets of information as well as extensive profile details including:

  • Username
  • Gender
  • Locale/language
  • Relationship status
  • Religion
  • Hometown
  • Self-reported current city
  • Birthdate
  • Device types used to access Facebook
  • Education
  • ...

01:00

Modular Violin Takes A Bow "IndyWatch Feed Tech"

They say the only difference between a violin and a fiddle is the way you play it. If thats so, this modular violin will need a new name, since it can be broken apart and changed in ways that make it sound completely different, all within a few minutes.

The fiddle is the work of [David Perry] and has 3D printed body, neck, pegbox, and bridge. While it might seem useful on the surface as a way to get less expensive instruments out in the world where virtually anyone has access to them, the real interesting qualities are shown when [David] starts playing all of the different versions hes created. The sound changes in noticeable ways depending on the style of print, type of plastic used, and many other qualities.

Of course you will need a bow, strings, pegs, and a fingerboard, but the rest is all available if you have a 3D printer around. If youre already a skilled violinist this could be a very affordable way to experiment with new sounds. Its not the first time weve seen 3D printed violins, but it is the first time weve seen them designed specifically to alter the way they sound rather than their physical characteristics. If you want to make your own, all of the .stl files are available on the projects site.

00:44

Toward Community-Oriented, Public & Transparent Copyleft Policy Planning "IndyWatch Feed Tech"

More than 15 years ago, Free, Libre, and Open Source Software (FLOSS) community activists successfully argued that licensing proliferation was a serious threat to the viability of FLOSS. We convinced companies to end the era of vanity licenses. Different charities from the Open Source Initiative (OSI) to the Free Software Foundation (FSF) to the Apache Software Foundation all agreed we were better off with fewer FLOSS licenses. We de-facto instituted what my colleague Richard Fontana once called the Rule of Three assuring that any potential FLOSS license should be met with suspicion unless (a) the OSI declares that it meets their Open Source Definition, (b) the FSF declares that it meets their Free Software Definition, and (c) the Debian Project declares that it meets their Debian Free Software Guidelines. The work for those organizations quelled license proliferation from radioactive threat to safe background noise. Everyone thought the problem was solved. Pointless license drafting had become a rare practice, and updated versions of established licenses were handled with public engagement and close discussion with the OSI and other license evaluation experts.

Sadly, the age of license proliferation has returned. It's harder to stop this time, because this isn't merely about corporate vanity licenses. Companies now have complex FLOSS policy agendas, and those agendas are not to guarantee software freedom for all. While it is annoying that our community must again confront an old threat, we are fortunate the problem is not hidden: companies proposing their own licenses are now straightforward about their new FLOSS licenses' purposes: to maximize profits.

Open-in-name-only licenses are now common, but seem like FLOSS licenses only to the most casual of readers. We've succeeded in convincing everyone to check the OSI license list before you buy. We can therefore easily dismiss licenses like Common Clause merely by stating they are non-free/non-open-source and urging the community to...

00:43

Initial thoughts on MongoDB's new Server Side Public License "IndyWatch Feed Tech"

MongoDB just announced that they were relicensing under their new Server Side Public License. This is basically the Affero GPL except with section 13 largely replaced with new text, as follows:



MongoDB admit that this license is not currently open source in the sense of being approved by the Open Source Initiative, but say:We believe that the SSPL meets the standards for an open source license and are working to have it approved by the OSI.

At the broadest level, AGPL requires you to distribute the source code to the AGPLed work[1] while the SSPL requires you to distribute the source code to everything involved in providing the service. Having a license place requirements around things that aren't derived works of the covered code is unusual but not entirely unheard of - the GPL requires you to provide build scripts even if they're not strictly derived works, and you could probably make an argument that the anti-Tivoisation provisions of GPL3 fall into this category.

A stranger point is that you're required to provide all of this under the terms of the SSPL. If you have any code in your stack that can't be released under those terms then it's literally impossible for you to comply with this license. I'm not a lawyer, so I'll leave it up to them to figure out whether this means you're now only allowed to deploy MongoD...

00:34

Ubuntu Server Is Making It Easier To Deploy Let's Encrypt SSL Certificates "IndyWatch Feed Tech"

The Ubuntu Server developers are looking to make it easier to deploy free SSL/TLS certificates from Let's Encrypt...

00:29

[$] A farewell to email "IndyWatch Feed Tech"

The free-software community was built on email, a distributed technology that allows people worldwide to communicate regardless of their particular software environment. While email remains at the core of many projects' workflow, others are increasingly trying to move away from it. A couple of recent examples show what is driving this move and where it may be headed.

00:22

Internet Relay Chat Turns 30and We Remember How It Changed Our Lives "IndyWatch Feed Tech"

Submitted via IRC for BoyceMagooglyMonkey

Internet Relay Chat turns 30and we remember how it changed our lives

Internet Relay Chat (IRC) turned 30 this August.

The venerable text-only chat system was first developed in 1988 by a Finnish computer scientist named Jarkko Oikarinen. Oikarinen couldn't have known at the time just how his creation would affect the lives of people around the world, but it became one of the key early tools that kept Ars Technica running as a virtual workplaceit even lead to love and marriage.

To honor IRC's 30th birthday, we're foregoing the cake and flowers in favor of some memories. Three long-time Ars staffers share some of their earliest IRC interactions, which remind us that the Internet has always been simultaneously wonderful and kind of terrible.


Original Submission

Read more of this story at SoylentNews.

00:13

Notes on the UK IoT cybersec "Code of Practice" "IndyWatch Feed Tech"

The British government has released a voluntary "Code of Practice" for securing IoT devices. I thought I'd write some notes on it.


First, the good parts

Before I criticize the individual points, I want to praise if for having a clue. So many of these sorts of things are written by the clueless, those who want to be involved in telling people what to do, but who don't really understand the problem.

The first part of the clue is restricting the scope. Consumer IoT is so vastly different from things like cars, medical devices, industrial control systems, or mobile phones that they should never really be talked about in the same guide.

The next part of the clue is understanding the players. It's not just the device that's a problem, but also the cloud and mobile app part that relates to the device. Though they do go too far and include the "retailer", which is a bit nonsensical.

Lastly, while I'm critical of most all the points on the list and how they are described, it's probably a complete list. There's not much missing, and the same time, it includes little that isn't necessary. In contrast, a lot of other IoT security guides lack important things, or take the "kitchen sink" approach and try to include everything conceivable.

1) No default passwords

Since the Mirai botnet of 2016 famously exploited default passwords, this has been at the top of everyone's list. It's the most prominent feature of the recent California IoT law. It's the major feature of federal proposals.

But this is only a superficial understanding of what really happened. The issue wasn't default passwords so much as Internet-exposed Telnet.

IoT devices are generally based on Linux which maintains operating-system passwords in the /etc/passwd file. However, devices almost never use that. Instead, the web-based management interface maintains its own password database. The underlying Linux system is vestigial like an appendix and not really used.

But these devices exposed Telnet, providing a path to this otherwise unused functionality. I bought several of the Mirai-vulnerable devices, and none of them used /etc/passwd for anything other than Telnet.

Another way default passwords get exposed in IoT devices is through debugging interfaces. Manufacturers configure the system one way for easy development, and then ship a separate "release" version. Sometimes they make a mistake and ship the...

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Tuesday, 16 October

23:58

Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Perry E. Metzger on Oct 16

Good question. One obstacle for me is a lack of familiarity with the
codebase (which others here seem to have), but on the other hand, I
appear to have more motivation.

Perry

23:28

Ecuador to Assange: Look after cat, clean bathroom if you want internet "IndyWatch Feed Tech"

The government of Ecuador reportedly is making WikiLeaks founder Julian Assange's internet access subject to a series of rules, including cleaning the bathroom, taking care of his cat and steering clear of hot political topics.Assange is&...

23:25

Google to start charging phone makers for app store in Europe "IndyWatch Feed Tech"

Google is set to start charging phone makers to use its Google Play app store and it will also allow them to use rivals of its Android mobile operating system, as a part steps to comply with a European Union antitrust order. The...

23:10

Lawsuit Seeking to Unmask Contributors to Shitty Media Men List Would Violate Anonymous Speakers First Amendment Rights "IndyWatch Feed Tech"

A lawsuit filed in New York federal court last week against the creator of the Shitty Media Men list and its anonymous contributors exemplifies how individuals often misuse the court system to unmask anonymous speakers and chill their speech. Thats why were watching this case closely, and were prepared to advocate for the First Amendment rights of the lists anonymous contributors.

On paper, the lawsuit is a defamation case brought by the writer Stephen Elliott, who was named on the list. The Shitty Media Men list was a Google spreadsheet shared via link and made editable by anyone, making it particularly easy for anonymous speakers to share their experiences with men identified on the list. But a review of the complaint suggests that the lawsuit is focused more broadly on retaliating against the lists creator, Moira Donegan, and publicly identifying those who contributed to it.

For example, after naming several anonymous defendants as Jane Does, the complaint stresses that Plaintiff will know, through initial discovery, the names, email addresses, pseudonyms and/or Internet handles used by Jane Doe Defendants to create the List, enter information into the List, circulate the List, and otherwise publish information in the List or publicize the List.

In other words, Elliott wants to obtain identifying information about anyone and everyone who contributed to, distributed, or called attention to the list, not just those who provided information about Elliot specifically.

The First Amendment, however, protects anonymous speakers like the contributors to the Shitty Media Men list, who were trying to raise awareness about what they see as a pervasive problem: predatory men in media. As the Supreme Court has ruled, anonymity is a historic and essential way of speaking on matters of public concernit is a shield against the tyranny of the majority.

Anonymity is particularly critical for people who need to communicate honestly and openly without fear of retribution. People rely on anonymity in a variety of contexts, including reporting harassment, violence, and other abusive behavior theyve experienced or witnessed. This was the exact purpose behind the Shitty Media Men list. Donegan, who after learning she would be identified as the creator of the list, came forward and ...

22:54

New York AG subpoenas 14 companies in net neutrality comments probe: report "IndyWatch Feed Tech"

New York Attorney General Barbara Underwood (D) has subpoenaed more than a dozen companies and organizations as part of the states investigation into widespread fake public comments submitted to the Federal Communications Commission (FCC) over net...

22:51

Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Hanno Bck on Oct 16

I think nobody here will disagree with you that this would be good to
have.
The question is: Who's gonna do it? Will you?

22:47

Uber valued at $120 billion in IPO proposals: report "IndyWatch Feed Tech"

Uber received valuations from Wall Street banks that could put the value of the company up to $120 billion for an initial public offering that could happen as soon as early next year, according to the Wall Street Journal. That value...

22:34

Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Tavis Ormandy on Oct 16

We have to work with what we've got.

Even with the easy to exploit stuff compiled out (which upstream do not
support), I haven't been bothering to get CVE's for all the memory
corruption or UaF I've been reporting, because nobody can keep up with
these operator leaks anyway.

Tavis.

22:22

AMD Dual EPYC 7601 Benchmarks - 9-Way AMD EPYC / Intel Xeon Tests On Ubuntu 18.10 Server "IndyWatch Feed Tech"

Arriving earlier this month was a Dell PowerEdge R7425 server at Phoronix that was equipped with two AMD EPYC 7601 processors, 512GB of RAM, and 20 Samsung 860 EVO SSDs to make for a very interesting test platform and our first that is based on a dual EPYC design with our many other EPYC Linux benchmarks to date being 1P. Here is a look at the full performance capabilities of this 64-core / 128-thread server compared to a variety of other AMD EPYC and Intel Xeon processors while also doubling as an initial look at the performance of these server CPUs on Ubuntu 18.10.

22:00

TechVPS 6GB KVM VPS for $10/mo, 512MB $12/yr & more in Los Angeles and New York! "IndyWatch Feed Tech"

John from TechVPS has sent over their first ever offer for the LowEndBox community today! They are offering RAID-10 powered KVM services out of Los Angeles and New York with amazing pricing so you can get your foot in the door and try them out! Please let us know if you have any questions and enjoy this new offer.

Heres what they had to say:

TechVPS is an infrastructure hosting provider comprised of a team of developers who are on a mission to improve the internet. All of us here at TechVPS are a lot like you making it easier to understand what you need. We are a company that is here to stay, inspiring change in the ways that we fulfill our customers needs. With our state of the art datacenters TechVPS has the resources to meet all hosting needs.

TechVPS has now expanded to New York datacenter location, and we are here to share some KVM VPS deal for the community based out of New York and Los Angeles California!!!

KVM 512MB
  • 512MB RAM
  • 1x CPU Core
  • 10GB Storage
  • 1TB Bandwidth
  • 100Mbps Uplink
  • 1 x IPv4
  • KVM/SolusVM
  • $7/semi-yearly OR $12/yr
  • [ORDER]
KVM 1GB
  • 1GB RAM
  • 1x CPU Core
  • 20GB Storage
  • 2TB Bandwidth
  • 100Mbps Uplink
  • 1 x IPv4
  • KVM/SolusVM
  • $2.50/mo OR $19/yr
  • [ORDER]
KVM 3GB
  • 3GB RAM
  • 3x CPU Core
  • 50GB Storage
  • 3TB Bandwidth
  • 100Mbps Uplink
  • 1 x IPv4...

21:59

Sears files for bankruptcy after years of turmoil "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

Sears, the one-time titan of American retail, filed for bankruptcy ahead of a $134 million debt payment due Monday and announced that it will close 142 stores.

For years, Sears has contended with the threat that it would become the latest big-name retailer to fall to online competition and crushing debt. The icon once known for its pristine catalogs, and more recently known for decrepit showrooms and a controversial chief executive, saw its stock price plunge last week after reports that it had hired an advisory firm to prepare a bankruptcy filing ahead of the Oct. 15 payment.

Early Monday morning, Sears announced it had filed for Chapter 11 bankruptcy -- which would allow it to reorganize and possibly reemerge from bankruptcy with some part of the business intact -- and received commitments for $300 million in debtor-in-possession financing to carry through the bankruptcy period while it restructures its debt and reorganizes its business.

[...] Sears will close 142 unprofitable stores near the end of this year, with liquidation sales at those stores expected to begin soon. It was not immediately clear where those stores are located or how many jobs would be affected. Those store closings are in addition to 46 others that were expected by next month.

[...] It has also already sold off many of its brands, including Craftsman tools, and hasn't turned a profit since 2010. Many of its most valuable properties have been sold off, with the other half leased and offering little cost savings from rent restructurings since Sears already pays below market rents.

-- submitted from IRC


Original Submission

Read more of this story at SoylentNews.

21:58

Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Perry E. Metzger on Oct 16

On Tue, 16 Oct 2018 11:06:14 -0700 Tavis Ormandy
wrote:

Again, given that PostScript is an archival format for a lot of
do anything dangerous removed from the interpreter at compile time be
rational?

(And yes, it wouldn't be "standard" but I don't know that I
care much about that, and it would mean it would be safe to look...

21:47

Russia-linked APT group DustSquad targets diplomatic entities in Central Asia "IndyWatch Feed Tech"

Kaspersky experts published a detailed analysis of the attacks conducted by the Russian-linked cyber espionage group DustSquad.

Earlier October, security experts from ESET shared details about the operations of a cyber espionage group tracked as Nomadic Octopus, a threat actor focused on diplomatic entities in Central Asia.

The group has been active since at least 2015, ESET researchers presented their findings at the Virus Bulletin conference.

ESET researchers recently discovered an interesting cyber espionage campaign active in several countries of Central Asia. We attribute these attacks to a previously undocumented APT group that we have named Nomadic Octopus. states the blog post published by Virus Bulletin.

Our findings suggest that this APT group has been active since at least 2015. The main goal of Nomadic Octopus appears to be cyber espionage against high-value targets, including diplomatic missions in the region

The experts presented their findings at the Virus Bulletin conference.

Now Kaspersky experts published a detailed analysis of the attacks conducted by the group, tracked by the Russian firm as DustSquad, and the tools they used.

Kaspersky is monitoring the activity of the group for the last two years, DustSquad is a Russian-language cyberespionage group particularly active in Central Asian.

For the last two years we have been monitoring a Russian-language cyberespionage actor that focuses on Central Asian users and diplomatic entities. We named the actor DustSquad and have provided private intelligence reports to our customers on four of their campaigns involving custom Android and Windows malware. states the analysis published by Kaspersky Lab.

The name was originally coined by ESET in 2017 after the 0ct0pus3.php script used by the actor on their old C2 servers. We also started monitoring the malware and, using Kaspersky Attribution Engine based on similarity algorithms, discovered that Octopus is related to DustSquad, something we reported in April 2018. 

The group targeted the victims with spear-phishing emails, the threat actors use Russian malware filenames.

Kaspersky tracked a campaign conducted by the group back to 2014 when hackers targeted entities in the former Soviet republics of Central Asia, plus Afghanistan.

In April 2018...

21:24

Elementary OS 5.0 "Juno" Released For A Pleasant Linux Desktop Experience "IndyWatch Feed Tech"

Just ahead of Ubuntu 18.10, Solus 4, and Fedora 29 among other forthcoming Linux distribution releases, Elementary OS 5 "Juno" has been released for a polished desktop experience that aims to compete with macOS and Windows for desktop usability...

21:20

Convert Screenshots of Equations into LaTeX Instantly With This Nifty Tool "IndyWatch Feed Tech"

Mathpix is a nifty little tool that allows you to take screenshots of complex mathematical equations and instantly converts it into LaTeX editable text.

LaTeX editors are excellent when it comes to writing academic and scientific documentation.

There is a steep learning curved involved of course. And this learning curve becomes steeper if you have to write complex mathematical equations.

Mathpix is a nifty little tool that helps you in this regard.

21:19

Paul Allen Remembered "IndyWatch Feed Tech"

The Microsoft cofounder was a different kind of tech billionaire

Think buddy movie.

The advent of personal computers in the late 1970s, which foreshadowed todays laptops and smartphones, was shaped by two dynamic duos. In northern California, the two StevesJobs and Wozniakcreated Apple Computer. To the north, in Seattle, two teenage pals, Bill Gates and Paul Allen, created Microsoft.

The parallels between these two sets of buddies were clear and durable. Jobs and Gates became public figures of enormous influence. Wozniak and Allen, both socially awkward, were viewed as solitary geeks, idiosyncratic digital geniuses, and idealists. The latter pair were known to be impatient with the very logic business that so energized Jobs and Gates and pushed those two to seek fame and fortune.

Before long, perhaps inevitably, these partnerships frayed and fractured. Jobs shed Wozniak and Gates shed Paul Allen. But while Wozniak left Apple relatively penniless and to this day remains a lovable curiosity bereft of social status, Allen insisted on retaining his large stake in Microsoft. He beat back Gatess attempt to reduce his holdings, and left Microsoft with an equity position of staggering size.

On the strength of his vast shares in Microsoft, Allen, an IEEE member, amassed a fortune estimated at more than US $20 billion. He also carved out an unconventional life and a singular legacy that makes him, to my eyes, the most interesting of the digital-age tycoons.

Before Mark Cuban and Steve Ballmer, Allen was the first super-rich geek to buy a sports team. He purchased the Portland Trailblazers of the National Basketball Association and later the Seattle Seahawks of the National Football League, ensuring that these beloved northwest cities retained a foothold in the world of big-time sports.

That wasnt the extent of his civic-mindedness. He revived a neglected neighborhood of Seattle, and made enormous investments into the health sciences and understanding the human brain.

But while passionately interested in science and technology, he stayed clear of computer software and hardware, to keep out of the path of Bill Gates. And while Gates created the largest foundation in history, Allen eschewed bureaucracies, and retained an auteurs flair for innovation. His list of activities and charitable...

Boston Dynamics' SpotMini Can Dance Now "IndyWatch Feed Tech"

A quadruped robot dance-off is inevitable

At IROS in Madrid a few weeks ago, Marc Raibert showed a few new videos during his keynote presentation. One was of Atlas doing parkour, which showed up on YouTube last week, and the other was just a brief clip of SpotMini dancing, which Raibert said was a work in progress. Today, Boston Dynamics posted a new video of SpotMini (which theyre increasingly referring to as simply Spot) dancing to Uptown Funk, and frankly displaying more talent than the original human performance

The twerking is cute, but gets a little weird when you realize that SpotMinis got some eyeballs back there as well.

While we dont know exactly whats going on in this video (as with many of Boston Dynamics video), my guess would be that these are a series of discrete, scripted behaviors that are played in sequence. Theyre likely interchangeable and adaptable to different beats, but (again, as with many of their videos) its not clear to what extent these dancing behaviors are autonomous, and how it would react to a different song. 

With that in mind, if I were writing a paper about dancing robots, Id probably say something like:

The development of robots that can dance has received considerable attention. However, they are often either limited to a pre-defined set of movements and music or demonstrate little variance when reacting to external stimuli, such as microphone or camera input.

Im not writing a paper about dancing robots, because Im not in the least bit qualified, but the folks at ANYbotics and the Robotics Systems Lab at ETH Zurich definitely are, and that was the intro to their 2018 IROS paper on Real-Time Dance Generation to Music for a Legged Robot. Why write a paper on this? Why is teaching ANYmal to dance important? Its because people like dancing, of course, and we want people to like robots, too!

Dance, as a performance art form, has been part of human social interaction for multiple millennia. It helps us express emotion, communicate feelings and is often used as a form of entertainment. Consequently, this form of interaction has often been attempted to be imitated by robots.

Our goal with this work is to bridge the gap between the ability to react to external stimuli (in this case music), and the execution of dance motions that are both synchronized to the beat, and visually pleasing and varied.

...

21:12

Distribution Release: elementary OS 5.0 "IndyWatch Feed Tech"

elementary OS is an Ubuntu-based distribution which features the Pantheon desktop environment and a custom application store. The project's latest stable release is elementary OS 5.0 "Juno". There are several new improvements to the desktop, file manager and software centre in the new version: "We're happy to debut....

21:07

The Next Linux Kernel Will Bring More Drivers Converted To Use BLK-MQ I/O "IndyWatch Feed Tech"

More Linux storage drivers have been converted to the "blk-mq" interfaces for the multi-queue block I/O queuing mechanism for the 4.20~5.0 kernel cycle...

21:02

Millions of People Living and Working in Space "IndyWatch Feed Tech"

Blue Origin believes in a future where millions of people are living and working in space. Why? Because we believe that in order to preserve Earth, our home, for our grandchildrens grandchildren, we must go to space to tap its unlimited resources and energy. If we can lower the cost of access to space with reusable launch vehicles, we can enable this dynamic future for humanity.

Its a hopeful vision.

Blue Origin is committed to building a road to space so our children can build a future. www.blueorigin.com

20:30

These Twenty Projects Won The Musical Instrument Challenge In The Hackaday Prize "IndyWatch Feed Tech"

The Hackaday Prize is the greatest hardware competition on the planet. Its the Academy Awards of Open hardware, and over the past few months weve challenged makers and artists to create the Next Big Thing. All things must come to an end, though, and last week we wrapped up the final challenge in the Hackaday Prize. The results were fantastic, with over one hundred entries to the Musical Instrument Challenge. Now, were ready to announce the winners.

Over the past few months, weve been running a series of five challenges, and picking the best twenty projects to come out of these challenges. The Musical Instrument Challenge was the final challenge in The Hackaday Prize, and now were happy to announce the winners. These projects have been awarded a $1,000 cash prize, and theyre moving onto the final round where one lucky winner will receive the Grand Prize of $50,000. Here are the winners of the Musical Instrument Challenge, in no particular order:

Musical Instrument Challenge Hackaday Prize finalists:

20:30

Gene Editing Jobs Expected to Increase "IndyWatch Feed Tech"

Why gene editing could create so many jobs

As more treatments that rely on gene editing move from research laboratories into hospitals around the world, the demand for the skilled genetic engineers who make it possible is expected to soar. The UK government predicts there could be more than 18,000 new jobs created by gene and cell therapy in Britain alone by 2030, while the US Bureau of Labor Statistics estimates it will see a 7% increase in jobs for biomedical engineers and a 13% increase in medical scientists, together accounting for around 17,500 jobs.

But there will also be a need for people away from the laboratory bench, including those who can help make sense of the huge amounts of data that will be generated as medical treatment becomes increasingly personalised to patients' individual genomes.

"Gene therapy is rapidly becoming an accepted and growing part of the medical research and development industry," says Michele Calos, president of the American Society of Gene and Cell Therapy and a professor of genetics at Stanford University. "The growth of established and new gene therapy companies is expected to be accompanied by an increase in jobs, as these companies recruit scientists to staff their expanded operations.

"The gene therapy industry requires a range of graduates, with backgrounds in scientific fields like genetics, medicine, molecular biology, virology, bioengineering and chemical engineering, as well as business graduates."


Original Submission

Read more of this story at SoylentNews.

20:14

Federal Circuit (Finally) Makes Briefs Immediately Available to the Public "IndyWatch Feed Tech"

In a victory for transparency, the Federal Circuit has changed its policies to give the public immediate access to briefs. Previously, the court had marked submitted briefs as tendered and withheld them from the public pending review by the Clerks Office. That process sometimes took a number of days. EFF wrote a letter [PDF] asking the court to make briefs available as soon as they are filed. The court has published new procedures [PDF] that will allow immediate access to submitted briefs.

Regular readers might note that this is the second time we have announced this modest victory. Unfortunately, our earlier blog post was wrong and arose out of a miscommunication with the court (the Clerks Office informed us of our mistake and we corrected that post). This time, the new policy clearly provides for briefs to be immediately available to the public. The announcement states:

The revised procedure will allow for the immediate filing and public availability of all electronically-filed briefs and appendices. As of December 1, 2018, when a party files a brief or appendix with the court, the document will immediately appear on the public docket as filed, with a notation of pending compliance review.

In our letter to the Federal Circuit, we had explained that the publics right of access to courts includes a right to timely access. The Federal Circuit is the federal court of appeal that hears appeals in patent cases from all across the country, and many of its cases are of interest...

20:07

ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Tavis Ormandy on Oct 16

Hello, this <<a href="https://bugs.chromium.org/p/project-zero/issues/detail?id=1696" rel="nofollow">https://bugs.chromium.org/p/project-zero/issues/detail?id=1696>
is CVE-2018-18284, another ghostscript sandbox escape. Because procedures
in postscript are just executable arrays, all system procedures need to be
marked as executeonly, so that users cannot peek at their internals with
array operators.

We have also recently learned that they must be marked as pseudo-operators,
otherwise their contents might leak to error...

20:05

Anki Vector Robot Review "IndyWatch Feed Tech"

Many of the early videos about of the Anki Vector have beeen sponsored by the manufacturer - this one isn't. I bought my Vector on a pre-order and received it a couple of days before it went on general sale. Here's my independent review. 

Available from Amazon https://amzn.to/2A42Ehl (US) https://amzn.to/2ywOaVr (UK)

(Affiliated Links)

20:04

400% increase in cryptomining malware attacks against iPhones "IndyWatch Feed Tech"

By Waqas

It wouldnt be wrong to state that Apple has become the apple of the eyes of cryptomining enthusiasts and cybercriminals. According to Check Points latest Global Threat Index, the company is being targeted more frequently in cryptomining malware attacks. The report discloses some startling new facts about the sudden rise in cryptomining malware attacks against []

This is a post from HackRead.com Read the original post: 400% increase in cryptomining malware attacks against iPhones

19:54

Your video - on vinyl "IndyWatch Feed Tech"

In this follow up to my video about VinylVideo. I'm taking a look at one of the first custom cut Vinylvideo discs off the Supersense record lathe featuring yours truly.

 

You can get a custom Vinylvideo disc cut here

19:44

Ten Legislative Victories You Helped Us Win in California "IndyWatch Feed Tech"

 Your strong support helped us persuade Californias lawmakers to do the right thing on many important technology bills debated on the chamber floors this year. With your help, EFF won an unprecedented number of victories, supporting good bills and stopping those that would have hurt innovation and digital freedoms.

Heres a list of victories you helped us get the legislature to pass and the governor to sign, through your direct participation in our advocacy campaigns and your other contributions to support our work.

Net Neutrality for California

Our biggest win of the year, the quest to pass Californias net neutrality law and set a gold standard for the whole country, was hard-fought. S.B. 822 not only prevents Internet service providers from blocking or interfering with traffic, but also from prioritizing their own services in ways that discriminate.

California made a bold declaration to support the nations strongest protections of a free and open Internet. As the state fights for the ability to enact its lawfollowing an ill-conceived legal challenge from the Trump administrationyou can continue to let lawmakers know that you support its principles.

Increased Transparency into Local Law Enforcement Policies

Transparency is the foundation of trust. Thanks to the passage of S.B. 978, California police departments and sheriffs offices will now be required to post their policies and training materials online, starting in January 2020. The California Commission on Peace Officer Standards and Training will be required to make its vast catalog of trainings available as well. This will encourage better and more open relationships between law enforcement agencies and the communities they serve.

Increasing public access to police materials about training and procedures benefits everyone by making it easier to understand what to expect from a police encounter. It also helps ensure that communities have a better grasp of new police surveillance technologies, including body cameras and drones.

Public Access to Footage from Police Body Cameras...

19:43

NASA wants to send humans to Venus and its a brilliant idea "IndyWatch Feed Tech"

The upper atmosphere of Venus is the most Earth-like location in the solar system.


Popular science fiction of the early 20th century depicted Venus as some kind of wonderland of pleasantly warm temperatures, forests, swamps, and even dinosaurs.

In 1950, the Hayden Planetarium at the American Natural History Museum were soliciting reservations for the first space tourism mission, well before the modern era of Blue Origins, SpaceX, and Virgin Galactic. All you had to do was supply your address and tick the box for your preferred destination, which included Venus.

Today, Venus is unlikely to be a dream destination for aspiring space tourists. As revealed by numerous missions in the last few decades, rather than being a paradise, the planet is a hellish world of infernal temperatures, a corrosive toxic atmosphere, and crushing pressures at the surface.

19:35

The best Neck Speaker "IndyWatch Feed Tech"

I went a bit crazy and bought all the wireless neck speakers on the market. In this video I pass on everthing I've learned about them, which is a sound buy and which are a pain in the neck. 

BOSE at AMAZON

UK  US  CA  DE  FR  ES  IT 

SONY on ebay

UK  US  DE  CA  NL  AU 

JBL at AMAZON

UK  US  CA  DE  FR  ES  IT 

 

19:01

Cool Tools: Deus Ex Autorouter "IndyWatch Feed Tech"

The first thing you probably asked yourself when learning how to lay out PCBs was cant the computer do this? which inevitably led to the phrase never trust the autorouter!. Even if it hooks up a few traces the result will probably be strange to human eyes; not a design youd want to use.

But what if the autorouter was better? What if it was so far removed from the autorouter you know that it was something else? Thats the technology that JITX provides. JITX is a company that has developed new tools that can translate a coarse textual specification of a board to KiCAD outputs autonomously.

The JITX DSL

How do you use JITX? At this point the company provides a front end to their tools; you use their...

19:00

Hyperactive Comet Wirtanen to Show off During Historically Close Flyby "IndyWatch Feed Tech"

Hyperactive Comet Wirtanen to Show off During Historically Close Flyby:

The comet 46P/Wirtanen was discovered in 1948, but this could be the best year to get a good look at the small, hyperactive space ball of rock, ice and debris.

That's because when the comet passes nearest to Earth on Dec. 16 at a distance of 7.1 million miles (11.5 million kilometers), it'll be the 10th closest encounter with our planet since 1950. And it could be the brightest of the entire top 10.

It should become visible with the naked eye in the night sky as it approaches and could remain that way for weeks, according to the University of Maryland's astronomy department, which is leading an observation campaign of the comet.

[...] Astronomers are already busy tracking and observing Wirtanen, but expect it to become the subject of some excitement and numerous star parties as it becomes visible to the rest of us in December.

At closest approach, it would still be at 30 times the Earth-Moon distance; no risk of impact with the Earth. This time around, at least.


Original Submission

Read more of this story at SoylentNews.

18:49

Bioquark Inc. Real Bodies Ms. Chiara Bordi HealthQe QantiQa Ira Pastor "IndyWatch Feed Tech"

Exciting visitor at the Real Bodies (https://www.realbodies.it/) exhibit!

The lovely Ms. Chiara Bordi (https://www.facebook.com/Chiara-Bordi-474572166390000/), Miss Italia 3rd place runner up (aka the Bionic Beauty) stopping by to visit our associates at HealthQE (www.healthqe.cloud), and QantiQa (https://www.qantiqa.com/), to test out their new Musyke device

Bio-mechanics and Bio-acoustics

Two critical components in the regeneration, repair, and rejuvenation equation, and part of the integrated age-reversal paradigm of Embrykinesis at Bioquark Inc.- (www.bioquark.com)

18:43

Bro becomes Zeek "IndyWatch Feed Tech"

The Bro network security monitoring project has announced a name change to "Zeek". "On the Leadership Team of the Bro Project, we heard clear concerns from the Bro community that the name 'Bro' has taken on strongly negative connotations, such as 'Bro culture'. These send a sharp, anti-inclusive - and wholly unintended and undesirable - message to those who might use Bro. The problems were significant enough that during BroCon community sessions, several people have mentioned substantial difficulties in getting their upper management to even consider using open-source software with such a seemingly ill-chosen, off-putting name."

18:43

Ask LEAF Anything "IndyWatch Feed Tech"

Today is our first Ask LEAF Anything where you can ask us questions about our work in the rejuvenation biotechnology field.

Home

In 2014, the Life Extension Advocacy Foundation was established as a 501(3) non-profit organization dedicated to promoting healthy human lifespan through fiscally sponsoring longevity research projects and raising awareness regarding the societal benefits of healthy life extension.

18:34

Links 1610/2018: Linux 4.19 RC8, Xfce Screensaver 0.1.0 Released "IndyWatch Feed Tech"

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • Chrome OS Stable Channel Gets Linux Apps

      After months of user testing in developer and beta channels, the Crostini project at Google finally delivered the goods, Linux apps for most users of Chromebooks in the stable channeldefinitely worth the wait. While this still is aimed primarily at developers using Chromebooks, I think theres a good chance these Linux apps will be used and enjoyed by the general public using Chromebooks as well. Theres still a bit of a learning curve to overcome before that possibility is realized, but if you already are a user of any Linux distro, it will feel very familiar. Heres an overview of how to install it and what to expect afterward.

    • Update KB4468550 Fixes Audio Issues Caused In Windows 10 October Patch [Ed: Alternative...

18:17

Vodlocker Hammers Streaming Sites with JavaScript-based DDoS "IndyWatch Feed Tech"

Last year we highlighted a rather interesting service which makes it easy for anyone to embed a pirated movie.

Requiring only an IMDb number, Vodlocker.to allows anyone to embed videos, many of which are pirated.

This turned out to be a welcome feature for many smaller site operators, who use basic scripts to set up a streaming portal with minimal investment. In exchange, Vodlocker can serve some extra ads on these sites, which makes it a win-win for both parties.

More recently, however, it appears that someone has added some extra code to the Vodlocker site that does more than streaming video or placing ads. As a result, the embedded videos are also being used to DDoS certain video streaming portals.

Looking at the source of the embed pages, we see a piece of JavaScript that attempts to load content from external sites. This is triggered by unwitting visitors; not once, but dozens of times per second. The smaller sites in question, understandably, collapse under this load.

The script

When we checked the site on Monday, Rainierland.com and Movie2k.st were being targeted, resulting in downtime. Today, the code has been updated and its now pointing movie4k.is, which is mostly unreachable as a result.

Movie4k.is attack in action

Its not clear what the motivation for this attack is, or if Vodlocker is perhaps compromised, but it appears to be an intentional effort to take these streaming sites down.

Before the weekend the German news site Tarnkappe reported that another site, Filmpalast.to, was suffering from a similar DDoS attack.

Many of the sites that rely on these Vodlocker.to embed codes probably have no idea that they are participating in the attacks. The same is true for their visitors, who are unwittingly transformed into an army of stream-watching DDoS bots.

We contacted several of the affected sites for a comment but havent heard back. Vodlocker.to has no contact address listed, so we havent been able to reach out...

18:02

Amazon worker pushes Bezos to stop selling facial recognition tech to law enforcement "IndyWatch Feed Tech"

An Amazon employee is seeking to put new pressure on the company to stop selling its facial recognition technology to law enforcement. An anonymous worker, whose employment at Amazon was verified by Medium, published an op-ed on...

18:01

NVIDIA 410.66 Linux Driver Released With RTX 2070 Support, Vulkan Ray-Tracing, Etc "IndyWatch Feed Tech"

NVIDIA has released the 410.66 Linux graphics driver today as their first stable release in the 410 series and comes with support for the new GeForce RTX 2070 graphics card...

17:41

Bug in Newly Released iOS 12.0.1 Gives Access To Your Photos "IndyWatch Feed Tech"

By Waqas

An iOS user Jose Rodriguez, who discovered a passcode bypass related flaw in iOS 12 last month, has now identified another passcode bypass bug in the recently released iOS 12.0.1. According to Rodriguez, a Spanish security researcher, the new bug offers an easy access to Photo Library of any locked iPhone. An attacker can select []

This is a post from HackRead.com Read the original post: Bug in Newly Released iOS 12.0.1 Gives Access To Your Photos

17:30

Just in Time for Halloween: Another Talking Skull "IndyWatch Feed Tech"

It isnt a unique idea, but we liked [Eric Wiemerss] take on the classic animated skull for Halloween. In addition to showing you the code and the wiring, the video spends some time discussing what the audio looks like and what has to happen to get it into a format suitable for the Arduino. You can see the spooky video, below.

Of course, this is also a 3D printing project, although the skull is off-the-shelf. We wondered if he felt like a brain surgeon taking the Dremel to the poor skull. To fix the two parts of the device, he used brass threaded inserts that are heat set, something weve seen before, but are always surprised we dont see more often.

Of course, the project uses a servo. We may have missed it but other than freezing the video, we didnt see the Arduino source code online. It isnt much code, though, so typing it from the video is an option. The schematic is a little easier to read when you realize the top part is the schematic and the bottom part is the as built layout.

We are glad this skull doesnt taunt us with our time remaining like some weve seen. Weve seen this done with fewer parts, by the way, and you can compare the videos to see how different the circuits respond.

17:28

SFLC: Automotive Software Governance and Copyleft "IndyWatch Feed Tech"

The Software Freedom Law Center has announced the availability of a whitepaper [PDF] about automotive software and copyleft, written by Mark Shuttleworth and Eben Moglen. At its core, it's an advertisement for Ubuntu and Snap, but it does look at some of the issues involved.

The fine grain of interface access rights provided by the snapd governance agent can thus provide further isolation and security when it is running user-modified code, guaranteed under the snap packaging paradigm to cause no other program code to be modified, to break, or to perform differently because of the presence of the user-modified program. Such a structure of modification permission can be operated by the OEM consistent with the requirements of GPLv3. The OEM can publish an authenticated record of the installation permission issued, indexed by the Vehicle Identification Numberwithout publishing the car owners personal informationso that public and private parties can be assured that no surreptitious modification of vehicle software occurs.

17:26

Judge approves SEC settlement with Tesla, Musk "IndyWatch Feed Tech"

A federal judge on Tuesday approved a settlement between the Securities and Exchange Commission (SEC), Tesla and its CEO Elon Musk.The settlement follows an SEC investigation last month into a Musk tweet from August in which he said he had...

17:18

Ganymede Was Shaped by Past Tectonic Activity "IndyWatch Feed Tech"

Even Ganymede is Showing Tectonic Activity. We're Going to Need Another Icy Moon Orbiter

Ganymede was shaped by pronounced periods of tectonic activity in the past, according to a new paper. It's no longer active and its surface is more-or-less frozen in place now. But this discovery opens the door to better planning for future missions to Jupiter's other frozen moon Europa. Unlike Ganymede, Europa is still tectonically active, and understanding past geological activity on Ganymede helps us understand present-day Europa.

Ganymede is one of Jupiter's moons, and it has a sub-surface ocean under a solid layer of frost and ice. The moon shows signs of strike-slip faulting, or strike-slip tectonism. On Earth, this type of tectonic activity created features like the San Andreas fault, a seismically-active region at the boundary between the Pacific Plate and the North American Plate.

Europa is considered a prime target in the search for life in our Solar System because of its sub-surface ocean. Europa is exposed to Jupiter's intense radiation, but the icy sphere surrounding the sub-surface ocean may act as a radiation barrier, protecting life from its harmful effects. Not only is the sub-surface ocean protected from radiation, it's warm.

Ganymede will be visited by ESA's Jupiter Icy Moons Explorer, which should launch in June 2022, reach Jupiter orbit in October 2029, and orbit Ganymede starting in 2033. The mission may include a Russian-built Ganymede lander.

Morphological mapping of Ganymede: Investigating the role of strike-slip tectonics in the evolution of terrain types (DOI: 10.1016/j.icarus.2018.06.024) (DX)

1982 paper: The tectonics of Ganymede (DOI: 10.1038/295290a0) (DX)

Related: NASA Analyzes Forgotten Galileo Data from Flyby of Ganymede


Original Submission

...

17:07

CodeWeavers CrossOver Linux 18 Released With DXVK/VKD3D Support "IndyWatch Feed Tech"

While CodeWeavers' developers have been busy with improvements to Wine and Valve's downstream "Proton" for allowing a great Windows-on-Linux gaming experience, they haven't parted ways with their core business and today they announced the availability of CrossOver 18...

17:03

Tesla aims for new neural net computer in production in 6 months, results in 5002000% increase in ops/sec, says Elon Musk "IndyWatch Feed Tech"

Tesla CEO Elon Musk updated the timeline to release the companys new neural net computer, which they claimed will be the worlds most advanced computer for autonomous driving.

They are now aiming for the new computer to be in production in about 6 months and it could result in a 5002000% increase in operation per second, according to Musk.

The release of this new computer with Teslas own AI chip would be the culmination of a long project that Tesla started about 3 years ago as it anticipated a need for more computing power in its vehicles.

17:00

AI on a MEMS Device Brings Neuromorphic Computing to the Edge "IndyWatch Feed Tech"

For the first time, artificial intelligence has been integrated into a MEMS device

In order to achieve the edge computing that people talk about in a host of applications including 5G networks and the Internet of Things (IoT), you need to pack a lot of processing power into comparatively small devices.

The way forward for that idea will be to leverage artificial intelligence (AI) computing techniquesfor so-called AI at the edge. While some are concerned about how technologists will tackle AI for applications beyond traditional computingand some are wringing their hands over which country will have the upper hand in this new frontierthe technology is still pretty early in its development cycle.

But it appears that still-too-early-yet status is about to change a bit. Researchers at the Universit de Sherbrooke in Qubec, Canada, have managed to equip a microelectromechanical system (MEMS) device with a form of artificial intelligence, marking the first time that any type of AI has been included in a MEMS device. The result is a kind of neuromorphic computing that operates like the human brain but in a microscale device. The combination makes it possible to process data on the device itself, thus improving the prospects for edge computing.

We had already written a paper last year showing theoretically that MEMS AI could be done, said Julien Sylvestre, a professor at Sherbrooke and coauthor of the research paper detailing the advance. Our latest breakthrough was to demonstrate a device that could do it in the lab.

The AI method the researchers demonstrated in their research, which is described in the Journal of Applied Physics, is something called reservoir computing. Sylvestre explains that to understand a bit about reservoir computing, you need to understand a bit about how...

16:58

Security updates for Tuesday "IndyWatch Feed Tech"

Security updates have been issued by CentOS (ghostscript and spamassassin), Debian (moin, spice, and tomcat8), Fedora (kernel-headers, kernel-tools, and libgit2), Oracle (ghostscript and tomcat), Red Hat (ghostscript and tomcat), Scientific Linux (ghostscript and tomcat), SUSE (git, kernel, python, and samba), and Ubuntu (net-snmp and thunderbird).

16:36

Police use electronic ticketing to fine more people and increase profits "IndyWatch Feed Tech"


The opening seconds of the Saltus Technologies video says it all. Electronic tickets are about one thing, increasing productivity (profits).

"The digiTICKET electronic ticketing solution is an innovative force multiplier for Public Safety - enabling officers to quickly create and submit tickets electronically. "

Enabling police officers to write more tickets increases profits.

According to Saltus, their entire business model appears to be focused on profits.

"Saltus Technologies is dedicated solely to developing and marketing digiTICKET an eCitation solution for Public Safety agencies. Electronic ticketing provides an excellent return on investment."

Is this what policing has become?  Is electronic ticketing and ticket quotas really an excellent return on investment?

Ticketing profitability measured in real-time

To convince police departments to switch to electronic ticketing, Saltus offers funding incentives or vehicles to assist them with acquiring their electronic ticketing program.

One of digiTICKET's main selling points is that police can measure "ticketing productivity" in real-time. To emphasize that fact, Saltus mentions increased cash flow or "increased productivity" four times in their eCtitation Solutions page.

Saltus has even created the KLER Justice Solution and "eCitation Solution" to make it easier for police departments to purchase digiTICKETS.

Electronic ticketing or eCitations is so profitable that the eleven companies involved in providing ticketing to law enforcement and court systems started their own eCitation Coalition.

The coalition calls the companies profiting from digital ticketing "the best-of-the-best at making law enforcement and courts more productive". Below is a list...

16:30

Qualcomm Introduces New Chipsets for 60-Gigahertz Wi-Fi "IndyWatch Feed Tech"

The chipsets are the first to utilize the new 802.11ay standard

Millimeter waves arent just for 5G networks. The gigahertz frequencies could also be a boon for Wi-Fi. Routers like the Nighthawk XR700, which sends and receives signals at 60 gigahertz, have emerged in the past few years, though theyve remained useful largely for specialized applications like online gaming.

60-GHz Wi-Fi is not new by any means, says Caleb Banks, a senior manager of product marketing at Qualcomm. But its very complex. Putting millimeter-wave technology into a mobile device is challenging.

Qualcomm hopes to make 60-GHz Wi-Fi easier with two new chipsets, announced today. The chipsets, the QCA64x8 and QCA64x1, make use of the new IEEE standard 802.11ay. 802.11ay improves upon the 2014 standard 802.11ad, which laid the groundwork for 60-GHz Wi-Fi.

Traditionally, the 2.4-GHz and 5-GHz bands have been synonymous with Wi-Fi. However, data demands continue to growparticularly with applications like AR/VR on the horizonand the old Wi-Fi spectrum bands wont be able to cope on their own.

At first blush, 60-GHz Wi-Fi offers a whole host of advantages over 2.4- and 5-GHz Wi-Fi. The higher frequency offers multigigabit speeds and much lower latency. A 60-GHz router could also theoretically be more power efficient, since it will take far less time for uploads and downloads, meaning it can spend more time in power-saver mode.

That said, 60-GHz Wi-Fi faces some of the same challenges as 5G cellular networks, which will operate in similar regions of the spectrum. The limitation to 60 GHzand millimeter waves in generalis range, says Banks. By range, Banks means that the problem is not just that millimeter waves dont have as much effective distance as longer-wavelength, lower-frequency communications do, but also their inability to penetrate objects. 2.4 and 5 [GHz] are great, says Banks. Theyll go through walls. 60 GHz will not.

That said, Qualcomm still sees potential. 60-GHz Wi-Fi has lots of great applications, if you have line of sight, Banks says. That includes straightforward applications like high-speed downloads to emerging uses like Wi-Fi sensing to detect people and gestures using millimeter waves.

The Wireless Gigabit Alliance...

16:23

How the Internet of Things Can Save You Money on Insurance "IndyWatch Feed Tech"

Discounts can be garnered by installing monitoring devices in the smart home or by using telematics to monitor driving habits.

In the home, the internet of things (IoT) is quickly becoming ubiquitous in terms of how it connects multiple devices and appliances to the internet in order to make it easier to enable home automation.

These smart devices such as thermostats, locks, lighting, security, appliances, curtains and more are generally controlled through a proprietary app allowing homeowners to control these home automation features either directly or remotely. There are also a multitude of smart speakers such as voice assistants from Amazon, Google and Apple that can control these IoT devices through voice recognition.

While many consumers have already adopted a smart thermostat or smart lock or are currently using an Amazon Alexa-enabled device or Google Home, one of the more interesting aspects to the IoT is what it is enabling in other adjacent markets.

While offering more efficiencies in the home, IoT is also bringing these same efficiencies into the insurance market from homeowners to automotive. As adoption levels in the IoT increase, the benefits of having connected devices in the home and in the car will bring new ways to experience return on investment in the insurance world while at the same time providing insurance with more data on users to determine fair rates and provide services that keep people and assets safe.

Protecting the Home While Getting a Discount

Water leak detection devices such as iHome Smart Water Leak Sensor use a smartphone app to alert homeowners to potential property damaging situations Credit: iHome Figure 1: Water leak detection devices such as iHome Smart Water Leak Sensor use a smartphone app to alert homeowners to potential property damaging situations.

Sure, the IoT can allow users to stream music from lightbulbs or monitor a home security system through a smartphone, but it can also save users a load of money on homeowners insurance.

Damage from plumbing problems and from household appliances can result in thousands of dollars in repairs or insurance claims. With the IoT, these problems can be prevented or mitigated by installing monitoring devices next to plumbing fixtures and appliances such as washing machines, dishwashers, water heaters, toilets and sinks.

When a leak is detected, a signal is sent to an electronic unit that closes the homes main water supply and alerts the homeowner. Other systems limit damage by connecting leak detectors to a central monitoring system, which then relays the problem to the homeowner to prevent a bigger disaster. Because o....

16:15

Spinnaker: The Kubernetes of Continuous Delivery "IndyWatch Feed Tech"

Title: 
Spinnaker: The Kubernetes of Continuous Delivery

16:07

Expert disclosed a new passcode bypass to access photos and contacts on a locked iPhone "IndyWatch Feed Tech"

iOS passionate Jose Rodriguez disclosed a new passcode bypass bug that could be to access photos and contacts on a locked iPhone XS.

The security passionate Jose Rodriguez has discovered a new passcode bypass bug that could be exploited on the recently released iOS 12.0.1.

Now the expert discovered a similar flaw that is very easy to execute by a physical attacker to access photo album of a locked device. The bug allows the attacker to select photos and send them to anyone using Apple Messages.

The new hack devised by Rodriguez leverage Siri assistant and VoiceOver screen reader to bypass the passcode.

Below the step-by-step procedure for the passcode bypass discovered by Rodriguez:

  1. Call the target phone from any other phone.
  2. Instead of answering the call, click on Message in the call window.
  3. Select Custom to reply via text message. That will open the Messages input screen.
  4. Invoke Siri to activate VoiceOver, the iOS feature that helps sight-impaired users use an iPhone.
  5. Click on the camera icon.
  6. Invoke Siri with the iPhones home button while you double-tap the display. The screen will turn black. This is where the bug kicks in and iOS gets confused.
  7. From here, click on the home button again while the screen remains black.
  8. Swipe up to the upper left corner while the screen remains black. VoiceOver will tell you what you have selected.
  9. Keep swiping to the top left corner until VoiceOver tells you that you can select the Photo Library (Fototeca in Rodriguez video).
  10. Tap to select Photo Library.......

16:03

Printable solar materials could soon turn many parts of a house into solar panels "IndyWatch Feed Tech"

New houses could soon deliver on a long-awaited promise and incorporate windows or roof tiles that harvest solar energy, research conducted at KAUST suggests.

Derya Baran, at the KAUST Solar Center, and her colleagues have developed a photovoltaic organic material that captures light efficiently and that potentially could be coated on building .

Traditional roof-mounted solar panels are made from slabs of silicon, but can also capture energy from sunlight. These molecules could be formulated as inexpensive printable inks that are applied to regular building components such as windows. Turning sunlight into electricity is a multistep process, and the key to developing high-performance has been to find organic molecules that are good at every step, Baran explains.

16:03

Independent solar power could offer reliable electricity to sub-saharan Africa "IndyWatch Feed Tech"

Six-hundred million people in Sub-Saharan Africa lack access to electricity. To meet these power needs, a mix of large public-run utility grids and standalone systems will be necessary for universal access in the region. Governments, aid organizations, and scientists are working to understand which electricity grid solution would be most cost-effective and reliable across urban, peri-urban, and rural areas.

Standalone, or decentralized electricity systemsmost often solar power with battery storageare usually thought to be too expensive compared to large state-run grids in all but the most remote locations. However, declining costs of solar and new battery technologies are changing the best pathways to deliver reliable power to people that currently lack access to electricity. New UC Berkeley research published today in Nature Energy finds that decentralized electricity systems in sub-saharan Africa can be designed for extremely high reliability, and that this may come at remarkably low costs in the future.

Jonathan Lee, a Ph.D. candidate in the Energy and Resources Group (ERG) and Associate Professor Duncan Callaway worked with more than 10 years of solar data from NASA and developed an optimization that determines the lowest cost way to build a standalone system given component costs and a target reliability. At current costs, their model indicates that most regions in Sub-Saharan Africa can get 95% reliable powermeaning customers can use electricity from some combination of solar panels and batteries 95% of the timefor roughly USD$0.40 per kWh. Though that cost is high relative to current costs, their model indicates that with aggressive but plausible future cost declines in decentralized system costs, largely in batteries, these costs would drop to levels competitive with the grid in many parts of the continent in less than a decade.

...

16:01

The Science of Landing on an Asteroid "IndyWatch Feed Tech"

Exploiting the resources of the rock-strewn expanse of space between Mars and the outer planets has been the stuff of science fiction for ages. Theres gold in them thar space rocks, or diamonds, or platinum, or something that makes them attractive targets for capitalists and scientists alike. But before actually extracting the riches of the asteroid belt, stuck here as we are at the bottom of a very deep gravity well thats very expensive to climb out of, we have to answer a few questions. Like, how does one rendezvous with an asteroid? Whats involved with maneuvering near a comparatively tiny celestial body? And most importantly, how exactly does one land on an asteroid and do any useful work?

Back in June, a spacecraft launched by the Japanese Aerospace Exploration Agency (JAXA) finally caught up to an asteroid named Ryugu after having chased it for the better part of four years. The Hayabusa2 was equipped to answer all those questions and more, and as it settled in close to the asteroid with a small fleet of robotic rovers on board, it was about to make history. Heres how they managed to not only land on an asteroid, but how the rovers move around on the surface, and how theyll return samples of the asteroid to Earth for study.

These Are Not the Rovers Youre Looking For

...

15:45

Molecular semiconductors could be the future of electronics, and this new technique offers a way to mass produce them "IndyWatch Feed Tech"

Visions for what we can do with future electronics depend on finding ways to go beyond the capabilities of silicon conductors. The experimental field of molecular electronics is thought to represent a way forward, and recent work at KTH may enable scalable production of the nanoscale electrodes that are needed in order to explore molecules and exploit their behavior as potentially valuable electronic materials.

15:45

Studying the stars with machine learning "IndyWatch Feed Tech"

To keep up with an impending astronomical increase in data about our universe, astrophysicists turn to machine learning.

15:32

DNS_Probe_Finished_No_Internet fix for the chrome browser "IndyWatch Feed Tech"

Ignoring the fact that you love playing with this dinosaur, having it while browsing the internet can be a huge pain. This dns_probe_finished_no_internet or DNS probe finished no internet error irritates lots of people in many ways. So in this article, we are providing you with the ways to fix it. But before learning these methods, we must be familiar with the reasons for its occurrence.

How dns_probe_finished_no_internet error occur?

There can be many reasons behind this.

It may originate from multiple sources or It can be a result of several issues at once or just one at a time. So at first glance, you just cant be sure on how to fix it, since different problems require different solutions.

So what to do? How to fix it?. Is there any way to fix it? The answer to all these questions is Yes.

But in order to fix this error, just make sure you dont mess with the default router settings. As it might give you a problem later. So without further ado, lets get right into it.

How to fix dns_probe_finished_no_internet

Method 1: Checking the Internet Connectivity

Yes, the first and foremost reason to have this error on your web browser screen is having poor internet connectivity or no-working internet.

So make sure to plug in all your wifi modem cables or check the router if it is working or not.

If all your cables are plugged in and modem/router is working properly then still dont worry. There are some other ways as well.

One of them is a ping test and it can be done with the help of command prompt.

  • Step 1

Navigate to the start menu and search for command prompt.

  • Step 2

Then Click on Command prompt

  • Step 3

When the command prompt opens, type the following command and hit enter.

  • ping -t 4.2.2.2

After hitting enter, the following lines will appear.

...

15:31

Bing Is Suggesting the Worst Things You Can Imagine "IndyWatch Feed Tech"

Submitted via IRC for chromas

Bing Is Suggesting the Worst Things You Can Imagine

If you use Bings image search, youre going to see the worst filth you can imagine.  Bing suggests racist terms and shows horrifying images. Bing will even suggest you search for exploited children if you have SafeSearch disabled.

We contacted Microsoft for comment, and Jeff Jones, Senior Director at Microsoft, gave us the following statement:

We take matters of offensive content very seriously and continue to enhance our systems to identify and prevent such content from appearing as a suggested search. As soon as we become aware of an issue, we take action to address it.

Update: Since publication, Microsoft has been working on cleaning up the offensive Bing suggestions that we mentioned. Based on our research, there are still many other offensive suggestions that have not yet been fixed, including a few that weve mentioned below. We are unsure if they are simply fixing the offensive items we pointed out, or if they are improving the algorithm.

Read more of this story at SoylentNews.

15:22

Longevity Impact Forum will make digital health mainstream "IndyWatch Feed Tech"

Invite to consolidation of efforts.


Top of Longevity and healthtech companies. AI, blockchain, digital health and mHealth are the top investment opportunities in aging world.

15:16

Anthem will pay $16 million to settle HIPAA violation due to 2015 breach "IndyWatch Feed Tech"

Anthem has agreed to pay $16 million to the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) and take substantial corrective action to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules after a series of cyberattacks led to the largest U.S. health data breach in history and exposed the electronic protected health information of almost 79 million people. Details of the Anthem HIPAA More

The post Anthem will pay $16 million to settle HIPAA violation due to 2015 breach appeared first on Help Net Security.

15:10

The Higgs Boson May Have Saved Our Universe from Cosmic Collapse. For Now "IndyWatch Feed Tech"

Our universe is permeated with a vast, unseen force that seems to oppose gravity. Physicists call this force dark energy, and it is thought to be constantly pushing our universe outward.

But in June, a group of physicists published a paper in the preprint journal arXiv implying that dark energy changes over time. This means that the universe will not expand forever but might eventually collapse into the size it was before the Big Bang.

Almost immediately, however, physicists found problems with the theory: Several independent groups subsequently published papers that suggested revisions to the conjecture. Now, a paper published on Oct. 2 in the journal Physical Review D suggests that, as it stands, the original conjecture cant be true because it cant explain the existence of the Higgs boson which we know exists, thanks to the Large Hadron Collider, the massive particle collider on the border between France and Switzerland. [Beyond Higgs: 5 Elusive Particles That May Lurk in the Universe].

15:09

Scientists discover new properties of uranium compounds "IndyWatch Feed Tech"

Scientists from Russia, China and the United States predicted and have now experimentally identified new uranium hydrides, predicting superconductivity for some of them. The results of their study were published in Science Advances.

15:09

Coalition says new autism guidelines wont affect NDIS access "IndyWatch Feed Tech"

Fletcher told the ABC the guidelines were developed in consultation with people living with autism, researchers and doctors, and had been approved by the National Health and Medical Research Council.

It does not change what the NDIS does and indeed it may well be that there are people who, today, would not be diagnosed who will be diagnosed, he said. That will be a judgment for clinicians and medical profession and the NDIS will continue to do what it does, which is make an assessment of the impairment that somebody suffers as a result of a disability. Is it likely to be permanent and lifelong? Is it significant? What impact does it have on the functioning?

Dr Wenn Lawson, the co-chair of the Australian Autism Research Council, said a consistent assessment and diagnosis process for autism meant people would be able to access more appropriate supports.

15:09

Twenty-five years of using microlensing to study dark matter "IndyWatch Feed Tech"

The impact of gravitational-microlensing observations from 1993.

15:08

All in the family: Kin of gravitational wave source discovered "IndyWatch Feed Tech"

On October 16, 2017, an international group of astronomers and physicists excitedly reported the first simultaneous detection of light and gravitational waves from the same sourcea merger of two neutron stars. Now, a team that includes several University of Maryland astronomers has identified a direct relative of that historic event.

15:08

Is age an illness? "IndyWatch Feed Tech"

We cant all be Dorian Gray, Father time (and natural selection) comes for us all.

15:08

Stunning new sea slug species look just like seaweed "IndyWatch Feed Tech"

This may be the best example of an animal masquerading as a plant that we have, biologist Nicholas Paul, an expert on seaweed and algae at Australias University of the Sunshine Coast, said in an email. He wasnt involved with the new study.

The new species exclusively feed on the seaweed genus Caulerpa and are found throughout the Pacific, including Malaysia, Australia, Guam, and the Philippines. Humans consider the algaes caviar-like bulbs, called sea grapes, a delicacybut few sea creatures dare eat the stuff, making them highly invasive. Thanks to the global aquarium trade, the algae has invaded waters from the Mediterranean to Japan.

15:03

MIT Knows That AI Is The Future "IndyWatch Feed Tech"

MIT has launched the Stephen A. Schwarzman College of Computing, a $1 billion center dedicated to reshaping its academic program around AI. The idea, said MIT president L. Rafael Reif, is to use AI, machine learning and data science with other academic disciplines to educate the bilinguals of the future, defining bilingual as those working in biology, chemistry, politics, history and linguistics with computing skills that can be used in their field.

15:03

Pepper the robot tells MPs about artificial intelligence "IndyWatch Feed Tech"

My name is Pepper, robot tells MPs

Jump to media player Pepper the robot answers questions from MPs on the education select committee about helping to care for older people.

15:00

NVIDIA GeForce RTX 2070 Linux Benchmarks Will Be Coming "IndyWatch Feed Tech"

NVIDIA's embargo for reviews on the GeForce RTX 2070 graphics cards has now expired ahead of the expected retail availability on Wednesday...

14:42

2018 US voter records offered for sale on hacking forum "IndyWatch Feed Tech"

Somebody is selling US voter registration databases on an English-language speaking dark web hacker forum and the offer comes with the promise they will be updated every week, Anomali and Intel 471 researchers have discovered. About the databases for sale The databases include information about voters of 19 US states: Montana, Louisiana, Iowa, Utah, Oregon, South Carolina, Wisconsin, Kansas, Georgia, New Mexico, Minnesota, Wyoming, Kentucky, Idaho, Tennessee, South Dakota, Mississippi, West Virginia and Texas. Anomali More

The post 2018 US voter records offered for sale on hacking forum appeared first on Help Net Security.

14:29

10 Best Sites To Watch Hindi Movies Online- Free And Legally In 2018 "IndyWatch Feed Tech"

Bollywood often referred to as Hindi movies is the Indian Hindi-language film industry with the highest number of movie releases per year. Moreover, Bollywood also has one of the highest viewers in the movie industry around the world. A decade ago a majority of Indians relied on movie theatres and television to watch Hindi movies.

Not every movie lover goes to watch Hindi movies in cinema halls or they watch Bollywood movies on tv. Smartphones and the drastic increase in the number of internet users over the past few years has completely transformed the way we watch movies. Many of us now rely on the internet to watch online Hindi movies or to download Bollywood movies.

We can now watch Hindi movies online and even download them for offline viewing. That said, its relatively difficult to find the perfect website for watching Hindi movies online legally. Most of the site available online to watch Bollywood movies either share pirated content or carries adware and malware.

So heres a list of ten best sites or services that offer an extensive collection of Bollywoods Hindi movies to watch online.

ALSO READ: 

List of best Websites to Watch Bollywood movies online

1. Box TV

The first website on the list is Box TV. Surprisingly, Box TV is one of many few sites that offer an extensive collection of Hollywood, Tollywood and Bollywood movies. In addition to that, a majority of content on Box TV is free to watch. Unlike other websites, you can find content on BoxTV in more than a dozen languages.

BoxTV is owned and operated by Times Internet group. Consequently, watching content on BoxTV is entirely legal. This popular service offers impressive video quality, and the streaming speeds are also reliable. Moreover, you can get a monthly plan of Rs.199 for enjoying ad-free movies.

BoxTV Best Features...

14:23

CVE-2018-10933: libssh: authentication bypass in server code "IndyWatch Feed Tech"

Posted by Marcus Meissner on Oct 16

Hi,

https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/

-----
libssh 0.8.4 and 0.7.6 security and bugfix release

This is an important security and maintenance release in order to address CVE-2018-10933.

libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server
an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message...

14:18

The Nature of Indefinite Life Extension in Context of Immanuel Kants Insights on Ethics and Duty "IndyWatch Feed Tech"

Is working to pioneer the full scope of everything that exists a duty? I have been contemplating aspects of that question for some years now. Here I move in the direction of articulating its nature and making the case by drawing out correlations with life extension and Immanuel Kants thoughts in The Metaphysical Elements of Ethics.

IV. What are the Ends which are also Duties? They are: A. Our own perfection, B. Happiness of others.

His notion of categorical imperative is that of a universally applicable, non-contradictory, absolute necessity which everyone can use pure practical reason to understand without it needing to be experienced or taught to them.

He says that ethics may also be defined as the system of the ends of the pure practical reason.

Perfection is doing whats necessary, virtuous, moral, ethical and so forth, and doing it well, but its more of a direction to move in than a destination to be at.

He says its adding to happiness of others that is necessary, not happiness of ourselves, but if pain, poverty or so forth are to become us, it is our duty to remedy it not for our happiness, but to secure proper functioning of our moral agent in pursuit of our own perfection and happiness of others.

That this beneficence is a duty results from this: that since our self-love cannot be separated from the need to be loved by others (to obtain help from them in case of necessity), we therefore make ourselves an end for others; and this maxim can never be obligatory except by having the specific character of a universal law, and consequently by means of a will that we should also make others our ends. Hence the happiness of others is an end that is also a duty.

Its pursuit of perfection of oneself that already covers personal happiness. If we took our own happiness on as an end then it would be unstructured, superfluous and generally unconcerned with imperative ends. That time could be used on the fulfilling and consequential variety of satisfaction that comes from sense of uprightness, accomplishment, and humanity-scale progress and security gained from contributing to and belonging to a happier collective when one is in pursuit of perfection. As people like Viktor Frankl and Abraham Maslow have told us, the brand of fulfillment derived from contributing to progress of humanity takes a person to a level beyond happiness and is capable even of eliminating suffering. Kant says:

For he who is to feel himself happy in the mere consciousness of his uprightness already possesses that perfection which in the previous section was defined as that end which is also duty.

To make others happy is not to go out of ones way to shower them with greatness so much as it is to make sure that you arent a creator of its deficit. Its ju...

14:04

Physics: Not everything is where it seems to be "IndyWatch Feed Tech"

Scientists at TU Wien, the University of Innsbruck and the AW have for the first time demonstrated a wave effect that can lead to measurement errors in the optical position estimation of objects. The work now published in Nature Physics could have consequences for optical microscopy and optical astronomy, but could also play a role in position measurements using sound, radar, or gravitational waves.

With modern optical imaging techniques, the position of objects can be measured with a precision that reaches a few nanometers. These techniques are used in the laboratory, for example, to determine the position of atoms in quantum experiments.

We want to know the position of our quantum bits very precisely so that we can manipulate and measure them with laser beams, explains Gabriel Araneda from the Department of Experimental Physics at the University of Innsbruck.

14:04

SoundBender levitates objects "IndyWatch Feed Tech"

Levitation is often thought of as the realm of magicians or The Jetsons, but it is technically possible. That said, the tech seems to be moving pretty slowly. Now, researchers at the University of Sussex have developed SoundBender, a technology that bends sound waves around obstacles to acoustically levitate objects above them.

13:55

Tesla Model 3 Drive System Designed to Last for Over One Million Miles "IndyWatch Feed Tech"

Via: Electrek: Tesla says that the Model 3 drive system is designed and validated for over one million miles of range. Today, the automaker released impressive pictures of Model 3 drive units after testing, which Elon Musk says drove 1M miles.

13:54

Winamp to make a comeback as a mobile app in 2019 "IndyWatch Feed Tech"

Winamp reimagined as an audio app for mobile could arrive in 2019

Winamp, the 21-year-old iconic media player, is set to receive a major overhaul and will be available on desktop and mobile devices in 2019, reports TechCrunch.

For those unaware, Winamp is one of the oldest popular MP3 players for Microsoft Windows devices, that supports numerous audio and video formats. Released in 1997, Winamp was originally developed by Justin Frankel and Dmitry Boldyrev by their company Nullsoft, which they later sold to AOL in 1999 for $80 million. However, in January 2014, Winamp was acquired by Radionomy for an undisclosed sum.

He added, What I see today is you have to jump from one player to another player or aggregator if you want to listen to a radio station, to a podcast player if you want to listen to a podcast this, to me, is not the final experience.

According to TechCrunch, the Winamp 6 could allow you to connect to Spotify, Google Music, podcasts, Audible, play your MP3s, and also have a search feature that lets you use all of it from one user interface. The aim is to make all of your media accessible in one place.

The post...

13:54

Polarity Governs Atomic Interaction Through Two-Dimensional Materials "IndyWatch Feed Tech"

Submitted via IRC for Bytram

The vast majority of computing devices today are made from silicon, the second most abundant element on Earth, after oxygen. Silicon can be found in various forms in rocks, clay, sand, and soil. And while it is not the best semiconducting material that exists on the planet, it is by far the most readily available. As such, silicon is the dominant material used in most electronic devices, including sensors, solar cells, and the integrated circuits within our computers and smartphones.

Now MIT engineers have developed a technique to fabricate ultrathin semiconducting films made from a host of exotic materials other than silicon. To demonstrate their technique, the researchers fabricated flexible films made from gallium arsenide, gallium nitride, and lithium fluoridematerials that exhibit better performance than silicon but until now have been prohibitively expensive to produce in functional devices.

The new technique, researchers say, provides a cost-effective method to fabricate flexible electronics made from any combination of semiconducting elements, that could perform better than current silicon-based devices.

"We've opened up a way to make flexible electronics with so many different material systems, other than silicon," says Jeehwan Kim, the Class of 1947 Career Development Associate Professor in the departments of Mechanical Engineering and Materials Science and Engineering. Kim envisions the technique can be used to manufacture low-cost, high-performance devices such as flexible solar cells, and wearable computers and sensors.

and see https://phys.org/news/2018-10-cost-effective-method-semiconducting-materials-outperform.html#nRlv for a more readable summary

Source: http://dx.doi.org/10.1038/s41563-018-0176-4


Original Submission

Read more of this story at SoylentNews.

13:48

Linux's LoRa Is Ready To Deliver Long-Range, Low-Power Wireless "IndyWatch Feed Tech"

Adding to the long list of new features for what will be Linux 4.20 or likely renamed to Linux 5.0 per Linus Torvalds' numbering preferences is a new wireless networking subsystem within the kernel's networking code... Meet LoRa...

13:43

Judge-Bashing Tactics, Undermining PTAB, and Iancus Warpath for the Litigation and Insurance Industries "IndyWatch Feed Tech"

The existing USPTOs management feels like it doesnt care about justice (facts), technology and science, only about legal bills

Trump and Iancu

Summary: Many inter partes reviews (IPRs) at the Patent Trial and Appeal Board (PTAB) of the U.S. Patent and Trademark Office (USPTO) leverage 35 U.S.C. 101 against software patents; instead of putting an end to such patents Director Iancu decides to just serve the industry he came from (a meta-industry where his firm had worked for Donald Trump)

THE USPTO under the new leadership (Director) deviates further and further away from Federal Circuit (CAFC) rulings and SCOTUS caselaw. The Office does so at its own peril, however, as the certainty associated with US patents will be further reduced. More and more granted patents will be presumed invalid. Is the leadership/Director OK with that?

This post binds together last weeks stories about court cases and Office policies. What we hope to show is a divergence from the law; the Office just cares about granting patents, not defending their value by limiting their scope.

We begin with this affirmation by CAFC one in which a U.S. District Court was supported by CAFC. The divergence between the courts is being lowered over time. CAFC learned to obey SCOTUS and U.S. District Courts have, in turn, become more like CAFC. This is a good thing as its indicative of correct or at least consistent judgment. The same cannot be said about the Office because far too many patents these days are later discovered/unmasked as fake patents.

Yesterday Kluwer Patent Blog wrote about a British court finding that the claims in question were invalid for obviousness. Its not just a US issue.

A couple of days ago Steve Brachmann and Gene Quinn (Watchtroll)......

13:35

35 million US voter records available for sale in a hacking forum "IndyWatch Feed Tech"

Millions of voter records are available for sale on the Dark Web, experts discovered over 35 million US voter records for sale in a hacking forum.

Millions of voter records are available for sale on the Dark Web, experts from Anomali and Intel 471 discovered 35 million US voter records for sale in a hacking forum.

Researchers have analyzed a sample of voter records and determined the data to be valid with a high degree of confidence.

Records in the voter registration database include personal and voting history information of US residents.

Certain states require the seller to personally travel to locations in-state to receive the updated voter information. reads the post published by Anomali.

This suggests the information disclosure is not necessarily a technical compromise but rather a likely targeted campaign by a threat actor redistributing possibly legitimately obtained voter data for malicious purposes on a cybercrime forum, 

The seller only provided the number of records for the lists of voters belonging to three states asking for prices between $1,300 and $12,500.

  • Louisiana (3 million);
  • Wisconsin (6 million);
  • Texas (14 million);

us voter records

The seller also claims to have lists of voters for other states, including Montana, Iowa, Utah, Oregon, South Carolina, Wisconsin, Kansas, Georgia, New Mexico, Minnesota, Wyoming, Kentucky, Idaho, South Carolina, Tennessee, South Dakota, Mississippi, and West Virginia.

According to the seller, voting lists are weekly updated with the help of people in the state governments.

Certain states require the seller to personally travel to locations in-state to receive the updated voter information. reads a...

13:27

The Biggest Features Of Linux 4.19: Intel/AMD, CoC, 802.11ax, EROFS, GPS & GASKET "IndyWatch Feed Tech"

With the Linux 4.19 kernel set to be released next weekend, here's a recap of the most prominent features to be found in this next kernel release...

13:06

Considering Electronic Document Signing? Try OneSpan Sign Free For 30 Days "IndyWatch Feed Tech"

Graham Cluley Security News is sponsored this week by the folks at OneSpan. Thanks to the great team there for their support!

More than 10,000 customers in 100 countries rely on OneSpan to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems.

In todays digital era, more and more organizations choose e-Signature technology as part of their digitization process.

OneSpan Sign is the white-labeled solution behind some of the most trusted brands and security-conscious organizations in the world. The last ten industry reports show that OneSpan Sign received the highest overall customer satisfaction score among e-signature products. 99% of users rated it four or five stars.

Try sending and e-signing documents now, free of charge, and discover how to:

  • Enhance user experience across all channels
  • Increase operational efficiency
  • Meet compliance challenges

Start e-signing in minutes on web and mobile, by signing-up for an Unlimited 30-Day Trial now!


If youre interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.

13:00

Life Imitates Art: 3D Printed Banksy Frame Shreds Oeuvre, Prints Money "IndyWatch Feed Tech"

[David] is working on a re-design of his piece which will be easier to build so keep an eye on his Reddit thread if youd like to print your own.

12:57

Qt 5.12 Beta 2 Brings Many Fixes "IndyWatch Feed Tech"

Just two weeks after the Qt 5.12 beta release, a second beta is now available for testing of this forthcoming tool-kit update...

12:22

Jeff Bezos Wants Us All to Leave Earthfor Good "IndyWatch Feed Tech"

At Blue Origin, Amazons space-obsessed founder is building rockets, and he hopes to someday blast humanity into an extraterrestrial future.

12:22

Apple Donates 1,000 Apple Watches to Binge Eating Study "IndyWatch Feed Tech"

Apple donates 1,000 watches to eating disorder study

The use of Apple Watches in medical studies now includes research into eating disorders. Apple is donating 1,000 smartwatches to a University of North Carolina study (the Binge Eating Genetics Initiative, or BEGIN) that will help understand bulimia nervosa patients and others with binge eating behavior. The wristwear will track heart rates over a month-long period to see if there are any spikes ahead of binging incidents. If there are, it might be possible to alert caregivers and patients before these acts take place.

They either have too many unwanted smartwatches laying around, or want doctors to prescribe the Apple Watch treatment.

Also at 9to5Mac and Fast Company.

Related: Apple's Watch Can Detect an Abnormal Heart Rhythm With 97% Accuracy, UCSF Study Says
Apple Watch Could be Used to Detect Hypertension and Sleep Apnea
FDA Approves First Medical Device Accessory for the Apple Watch
AliveCor Sensor for Apple Watch Could Detect Dangerous Levels of Potassium in the Blood
What Cardiologists Think About the Apple Watch's Heart-Tracking Feature


Original Submission

Read more of this story at SoylentNews.

12:13

Cloud, AI and Other Buzzwords as Excuses for Granting Fake Patents on Software "IndyWatch Feed Tech"

Cloud on beach

Summary: With resurgence of rather meaningless terms like so-called clouds (servers/hosting) and AI (typically anything in code which does something clever, including management of patents) the debate is being shifted away from 35 U.S.C. 101 (Section 101); but courts would still see past such faade

THE EPO and USPTO both have a bad new habit that they spread to other patent offices, such as KIPO in Korea. They use or misuse buzzwords. They try to make things outside patent scope seem so innovative that somehow this supposed innovation defies the rules (scope). Sometimes that manages to impress or at least confuse examiners and judges.

So lets start with this assumption that patent maximalists have come to accept Section 101/Alice renders software patents worthless and even overzealous, very large law firms (Finnegan is one of the biggest) insist that patenting has gone too far for practical purposes. Where do they go from here? Buzzwords.Its hard to patent software. So its not hard to see why patent maximalists would pursue such tricks. As recently as Sunday Watchtroll published this rant about Section 101/Alice the basis (or legal framework) upon which most software patents become void. This has prompted many to cast a grim prospect for the software patent industry, Babak Nouri (at Watchtroll) wrote less than a couple of days ago, as if the patents themselves are the industry

A Realistic Perspective on post-Alice Software Patent Eligi

12:00

Eta Compute Debuts Spiking Neural Network Chip for Edge AI "IndyWatch Feed Tech"

Chip can learn on its own and inference at 100-microwatt scale, says company at Arm TechCon

At Arm TechCon today, West Lake Village, Calif.based startup Eta Compute showed off what it believes is the first commercial low-power AI chip capable of learning on its own using a type of machine learning called spiking neural networks. Most AI chips for use in low-power or battery-operated IoT devices have a neural network that has been trained by a more powerful computer to do a particular job. A neural network that can do whats called unsupervised learning can essentially train itself: Show it a pack of cards and it will figure out how to sort the threes from the fours from the fives.

Eta Computes third-generation chip, called TENSAI, also does traditional deep learning using convolutional neural networks. Potential customers already have samples of the new chip, and the company expects to begin mass production in the first quarter of 2019.

Neural networks are essentially a group of nodes having values called weights and connections to other nodes. The combination of connections and weights is the intelligence that can tell a slug from a snake in a photo or the word slug from the word snake in a spoken sentence. In convolutional neural networks (the deep learning kind), these weights are often 8- or 16-bit numbers. But in spiking neural networks, theyre all just 1s or 0s. In consequence, the key neural network operationmultiply and accumulatebecomes mostly addition, reducing the amount of computation and therefore the power consumed. Its a much more simple operation, says Paul Washkewicz, cofounder and vice president of marketing.

Another difference is that while the nodes in a convolutional neural network tend to be densely connected, the connections for spiking networks wind up being quite sparse. The combination of a sparse network and less complex math means it takes less data and time to come to an answer. For example, to recognize the cheetah seen in the photo in the video below, a CNN needs 100,000 pixels; the spiking neural network needs less than 1,000.

One of the holy grails of machine learning is unsupervised learning, says Washkewicz. Usually, networks are trained on hundreds or thousands of labeled examples of what theyll need to recognize in the real world. For an embedded system, the resulting set of weights and connections is then programmed onto the chip. When you talk about the democratization of machine learning and getting regular engineers and computer scientists...

11:22

Microsoft co-founder Paul Allen dead at 65 "IndyWatch Feed Tech"

Some of Allens philanthropy has taken a scientific bent: Allen founded the Allen Institute for Brain Science in 2003, pouring $500 million into the non-profit that aims to give scientists the tools and data they need to probe how brain works. One recent project, the Allen Brain Observatory, provides an open-access catalogue of activity in the mouses brain, Saskia de Vries, senior scientist on the project, said in a video. That kind of data is key to piecing together how the brain processes information.


Microsoft co-founder Paul Allen died today from complications with non-Hodgkins lymphoma. He was 65. Allen said earlier this month that he was being treated for the disease.

Allen was a childhood friend of Bill Gates, and together, the two started Microsoft in 1975. He left the company in 1983 while being treated for Hodgkins lymphoma and remained a board member with the company through 2000. He was first treated for non-Hodgkins lymphoma in 2009, before seeing it go into remission.

In a statement given to ABC News, Gates said he was heartbroken by the passing of one of my oldest and dearest friends. He went on to commend his fellow co-founder for his life after Microsoft:

11:21

Kali Linux for Vagrant: Hands-On "IndyWatch Feed Tech"

What Vagrant actually does is provide a way of automating the building of virtualized development environments using a variety of the most popular providers, such as VirtualBox, VMware, AWS and others. It not only handles the initial setup of the virtual machine, it can also provision the virtual machine based on your specifications, so it provides a consistent environment which can be shared and distributed to others.

11:15

The Expected Feature We Didn't See Yet For Ubuntu 18.10 "IndyWatch Feed Tech"

While Ubuntu 18.10 is set to roll out this week with its new theme and an assortment of package updates and other enhancements, there is one feature Canonical previously talked about for the Ubuntu 18.10 "Cosmic Cuttlefish" cycle that we have yet to see made public...

11:03

Set Up a CI/CD Pipeline with a Jenkins Pod in Kubernetes (Part 2) "IndyWatch Feed Tech"

Title: 
Set Up a CI/CD Pipeline with a Jenkins Pod in Kubernetes (Part 2)

11:02

5 Things Your Team Should Do to Make Pull Requests Less Painful "IndyWatch Feed Tech"

In this article well go over some best practices that help ensure good pull requests. Writing good pull requests and having an effective workflow will increase a teams productivity and minimize frustration. Although a pull request is traditionally considered the final point in the developer workflow, these best practices span the entire development process. Well focus on the key points that affect the quality of a pull request.

11:01

Intel DRM Linux Driver Working On DisplayPort Forward Error Correction "IndyWatch Feed Tech"

Going in hand with their work on display stream compression for dealing with next-generation displays, the Intel Direct Rendering Manager driver developers are working on "FEC" support to deal with any errors that come up in the stream...

10:50

Fake or Real? New Study Finds Consumers Wary of Manipulated Photos "IndyWatch Feed Tech"

Submitted via IRC for Bytram

Fake or real? New study finds consumers wary of manipulated photos

In the age of fake news and doctored photos, wary consumers are not nearly as gullible as one might presumeespecially if they have knowledge of social media, experience with the internet and are familiar with online photo-imaging tools. But the source of the images does not matter much as people evaluate what is fake and what is real, a University of California, Davis, study suggests.

In an online experiment with 3,476 people ranging from 20 to 87 years in age, researchers found that most people were able to correctly identify fake images, rating image credibility fairly low on a 7-point scale (1 being not credible at all, 7 being extremely credible). This was true even when they were told they came from The New York Times or NPR, or other known news organizations.

"We found that participants' internet skills, photo-editing experience, and social media use were significant predictors of image credibility evaluation," said the study's lead author, Cuihua (Cindy) Shen, professor of communication at UC Davis. "The results show that participants, no matter how careless or distracted they may be, can still be discerning consumers of digital images."

The findings, published in the journal New Media & Society, surprised researchers. Credibility of the source, and acceptance by others (those who hit buttons to share, like, "favorite" or retweet images), swayed photo viewers in previous studies, but not so much in the current study.

More information: Cuihua Shen et al, Fake images: The effects of source, intermediary, and digital media literacy on contextual assessment of image credibility online, New Media & Society (2018). DOI: 10.1177/1461444818799526


Original Submission

Read more of this story at SoylentNews.

10:37

IBM rolls out cybersecurity operations center on wheels "IndyWatch Feed Tech"

IBM Security launched the mobile Security Operations Center, capable of traveling onsite for cybersecurity training, preparedness, and response. The IBM X-Force Command Cyber Tactical Operations Center (C-TOC) will travel around the U.S. and Europe, running incident response drills with clients, providing on-demand cybersecurity support, and building cybersecurity awareness and skills with professionals, students and consumers. The IBM X-Force C-TOC is an operational Security Operations Center on wheels, modeled after Tactical Operations Centers used by the More

The post IBM rolls out cybersecurity operations center on wheels appeared first on Help Net Security.

10:36

Trend Micro redefines endpoint security with Trend Micro Apex One "IndyWatch Feed Tech"

Trend Micro launched the evolution of its endpoint security offering. Now re-branded as Trend Micro Apex One, the product redefines endpoint security with the capabilities delivered as a single agent, with consistency across SaaS and on-premises deployments. This offering enhances automated detection and response and provides actionable insights that maximize security for customers and offers growth opportunities for the channel. Overextended IT security teams are overwhelmed by the number of products required to protect their More

The post Trend Micro redefines endpoint security with Trend Micro Apex One appeared first on Help Net Security.

10:35

CyberArk launches Privileged Session Management for Cloud "IndyWatch Feed Tech"

CyberArk launched CyberArk Privileged Session Manager for Cloud. Through a transparent user experience, this new offering extends privileged access session isolation, monitoring and control to the most common web applications, cloud and social media platforms. As part of an integrated solution, Privileged Session Manager for Cloud also leverages risk scoring capabilities to detect and alert on suspicious privilege-related activity. CyberArk Privileged Session Manager for Cloud will be available as part of the CyberArk Privileged Access More

The post CyberArk launches Privileged Session Management for Cloud appeared first on Help Net Security.

10:35

RiskSense cloud service protects against cyber threats and vulnerabilities ahead of midterm elections "IndyWatch Feed Tech"

RiskSense released its AI-Assisted Pen Testing Service called Attack Surface Validation for Election Systems which provides visibility and prioritization of security vulnerabilities that enables any district to remediate problems before the midterms. Findings are delivered through the RiskSense cloud-service and cover the assessment of a districts entire voting ecosystem, including devices, applications, databases, networks, etc., for vulnerabilities, missing patches, misconfigurations, and more. RiskSense allows resource and security expert-constrained districts to know what to fix, and More

The post RiskSense cloud service protects against cyber threats and vulnerabilities ahead of midterm elections appeared first on Help Net Security.

10:29

How Cybercriminals are Targeting free Wi-Fi Users? "IndyWatch Feed Tech"

Free Wi-Fi is convenient, but it is also unsafe and puts users at great risk. Heres how the cybercriminals attack user on these open networks.

The free Wi-Fi is one of the catchiest things for the users in todays world. This is the main reason why so many free public Wi-Fi can be found without much of a problem. It is not only free but convenient to use these open networks. However, many might not be aware of the fact that these free open Wi-Fi hotspots are actually unsafe and they put the users at great risk.

There are multiple ways in which many cybercriminals are targeting the users of these free Wi-Fi hotspots. Many of these users are at least aware that the open networks they connect are actually unsafe. But what they do not know are various ways in which they are being targeted by the cybercriminals and hackers on these open networks.

Ways in which Hackers Target free Wi-Fi Users

The open for all nature of the free public Wi-Fi networks makes them unsafe for all the users. All the cybercriminals are always on the lookout to get their hands on users personal or financial data or they look for vulnerabilities to get access to their devices. These free networks give the cybercriminals the perfect opportunity to fulfill their purpose. The following are some of the common ways how cybercriminals target the free Wi-Fi users.

free Wi-Fi

  1. Man in the middle attack

The man in the middle attack is one of the most commonly used attacks where the cybercriminal places himself between the user and the router. This way, all the requests by the user actually routes through the hacker. This way, the hacker can actually have full control over the network, and he or she can easily get what they want from the user.

Carrying this attack successfully is so eas...

10:07

Pentagon data breach puts personal details of 30,000 staff at risk "IndyWatch Feed Tech"

The Pentagon has admitted that up to 30,000 military workers and civilian personnel have had their personal information and credit card data exposed following a security breach.

Read more in my article on the Hot for Security blog.

10:00

Best-selling author C.J. "IndyWatch Feed Tech"

Best-selling author C.J. Cherryh joins our Futurists Board. Read her Hugo Award-winning novels "Downbelow Station" and "Cyteen".

10:00

Performing A Chip Transplant To Resurrect A Dead Board "IndyWatch Feed Tech"

[Uri Shaked] accidentally touched a GPIO pin on his 3.3 V board with a 12 V alligator clip, frying the board. Sound familiar? A replacement would have cost $60, which for him wasnt cheap. Also, he needed it for an upcoming conference so time was of the essence. His only option was to try to fix it, which in the end involved a delicate chip transplant.

Removing the shield on the Bluetooth LE boardThe board was the Pixl.js, an LCD board with the nRF52832 SoC with its ARM Cortex M4, RAM, flash, and Bluetooth LE. It also has a pre-installed Espruino JavaScript interpreter and of course the GPIO pins through which the damage was done.

Fortunately, he had the good instinct to feel the metal shield over the nRF52832 immediately after the event. It was hot. Applying 3.3 V to the board now also heated up the chip, confirming for him that the chip was short-circuiting. All he had to do was replace it.

Digging around, he found another nRF52832 on a different board. To our surprise, transplanting it and getting the board up and running again took only an hour, including the time to document it. If that sounds simple, it was only in the way that a skilled person makes something seem simple. It included plenty of delicate heat gun work, some soldering iron microsurgery, and persistence with...

09:54

New iPhone Bug Gives Anyone Access to Your Private Photos "IndyWatch Feed Tech"

A security enthusiast who discovered a passcode bypass vulnerability in Apple's iOS 12 late last month has now dropped another passcode bypass bug that works on the latest iOS 12.0.1 that was released last week. Jose Rodriguez, a Spanish amateur security researcher, discovered a bug in iOS 12 in late September that allows attackers with physical access to your iPhone to access your contacts

09:18

Google Algorithm Effective at Spotting Breast Cancer "IndyWatch Feed Tech"

Google AI can spot advanced breast cancer more effectively than humans

Google has delivered further evidence that AI could become a valuable ally in detecting cancer. The company's researchers have developed a deep learning tool that can spot metastatic (advanced) breast cancer with a greater accuracy than pathologists when looking at slides. The team trained its algorithm (Lymph Node Assistant, aka LYNA) to recognize the characteristics of tumors using two sets of pathological slides, giving it the ability to spot metastasis in a wide variety of conditions. The result was an AI system that could tell the difference between cancer and non-cancer slides 99 percent of the time, even when looking for extremely small metastases that humans might miss.

LYNA was even more effective when serving as a companion -- pathologists performing simulated diagnoses found that the deep learning tech made their work easier. It not only reduced the rate of missed micro-metastases by a "factor of two," it cut the inspection time in half to a single minute.

Artificial IntelligenceBased Breast Cancer Nodal Metastasis Detection (open, DOI: 10.5858/arpa.2018-0147-OA) (DX)

Impact of Deep Learning Assistance on the Histopathologic Review of Lymph Nodes for Metastatic Breast Cancer (open, DOI: 10.1097/PAS.0000000000001151) (DX)


Original Submission

Read more of this story at SoylentNews.

09:08

A simple message containing certain symbols could crash the Sony PlayStation 4 "IndyWatch Feed Tech"

PlayStation 4 gaming consoles could crash when they receive messages containing certain symbols from fellow gamers.

The consoles could freeze on while the owners are playing their preferred games, the DoS condition is triggered while the devices are parsing symbols in messages received.

There is a new glitch that basically bricks your console and forces you to factory reset it. Even deleting the message from the mobile app doesnt work. It happened to me during Rainbow Six: Siege. A player from the other team used a dummy account to send the message and crashed my entire team. We all have had to factory reset. Only one of our guys wasnt affected and he has his messages private. reads a thread on Reddit.

Many users reported the glitch in the PlayStation 4, even deleting the message from the mobile app the problem persists. Some users fixed the issue by restoring the gaming console to factory settings, but in this way, they have lost data related to their game if they did not subscribe to PS Plus service that backs them up automatically to Sony cloud.

PlayStation 4 parser error

According to the Reddit thread, some gamers playing online multiplayer games sent the malicious message to the members of the opposing team, causing them crashing.

The error triggered by the message was tracked as with the PS4 code CE-36329-3.

Fortunately, the issue could be easily fixed by deleting the crashing message from the mobile app.

Experts recommend to rebuild the database of the console to completely fix the problem, below the step-by-step procedure:

  1. Turn off the PS4 system by pressing the power button on the front panel. The power indicator will blink for a few moments before turning off.
  2. Once the PS4 system is off, press and hold the power button again. Release it after you hear the second beep: one beep will sound when you first press, and another seve...

09:05

Court Orders Swedish ISP Telia to Block The Pirate Bay & FMovies "IndyWatch Feed Tech"

In an effort to reduce levels of copyright infringement, content companies and distributors have adopted site-blocking as one of their preferred anti-piracy tools.

The practice is now commonplace across Europe, with many of the main torrent and streaming portals blocked by local ISPs.

In Sweden, pirate site blocking became a reality in February 2017 when ISP Bredbandsbolaget (Broadband Company) was ordered to block The Pirate Bay and streaming portal Swefilmer.

That process took a long time to come to fruition. The original lawsuit, filed in 2014 by Universal Music, Sony Music, Warner Music, Nordisk Film, and the Swedish Film Industry, initially went in the ISPs favor.

A subsequent appeal, however, saw the rightsholders emerge victorious, with Bredbandsbolaget ordered to implement technical measures to prevent its customers from accessing the pirate sites through a number of domain names and URLs.

For more than a year, other ISPs in Sweden have been able to provide subscribers with access to The Pirate Bay, since the earlier case was targeted at just one ISP. Now, however, local ISP Telia finds itself in a similar position following an order handed down Monday by the Patent and Market Court.

Following an application by a huge coalition of content companies and groups including the Swedish Film Industry, Nordisk Film, Disney, Paramount, Columbia, Disney, and Twentieth Century Fox, Telia must now block subscriber access to several pirate sites.

As is often the case, torrent favorite The Pirate Bay heads the list, with streaming platforms Fmovies, Dreamfilm and NyaFilmer following closely behind.

Cited by IDG, Per Strmbck of the Film and TV Industry Cooperation Committee said that a favorable decision was anticipated.

The decision was expected and complies with the current legal situation. Now its high time that Telia takes the same responsibility in Sweden as it already does in Denmark and Norway, Strmbck said.

While the move to site blocking in Sweden hasnt always plain sailing, last years decision in the Bredbandsbolaget case laid down some valuable pointers.

The Court found that under EU law it is possible for copyright holders to obtain an injunction against ISPs whose services are used to commit copyright infringement, noting that the Swedish Copyright Act should be interpreted...

09:00

Astronomers detect moon outside solar system for first time "IndyWatch Feed Tech"







Its is truly astounding just how wonderfully we have advanced in our ability to observe planets and now moons.  The  next scope going up will likely wink out a slew of moons associated with known planets.
 
Soon enough we will learn how to  produce and direct wormholes in space.  This will certainly allow sending telescopes out into deep space allowing excellent triangulation long before we travel ourselves. 
 
I even have a starting point on that technology and it s also central to so called time travel.  We do have evidence that it has been developed in our near future.  Maybe i will get to converge on it.

In the event, our first application of wormholes will be to establish space observatories several light years away in at least four directions and then many more thereafter.  Easy data transfer will also be possible and all that data can be integrates to provide superb resolutions.
 
We will always have lots of questions to follow up on but that will typically be messy and never that efficient even with sis billion eyeballs working on it... .

.

Astronomers detect moon outside solar system for first time

Space telescopes find giant body orbiting planet 8,000 light-years from Earth3
 
 Clive Cookson, Science Editor

https://www.ft.com/content/e903d380-c659-11e8-ba8f-ee390057b8c9
 
Astronomers have compelling evidence that they have made the first discovery of an e...

09:00

The Army May Have Found Its Next Rifle In A Colorado Garage "IndyWatch Feed Tech"

army rifle colorado ribbon gun


This appears to be promising.  we have had about three generations of work with light rapid fire automatic weapons which lay on the fire power but always give up accuracy.  This often means a loss of reliability as well.  The AK 47 stills works well enough in that environment even if it is  seventy years old.

Something like this may well solve the reliability problem while throwing real weight down range. 

My personal standard is still the military Lee - Enfield 303 which has only now been replaced by the Arctic Rangers. The delay was for reasons that i can completely appreciate. The new weapon had to be able to stop a charging polar bear.  It is what I want if I  were so unfortunate as to face a charging grizzly.  Trained hands can lay down an aimed  shot every second.  A bear is traveling at thirty miles per hour and you are at less than one hundred yards.  That means you have about three shots at best and you will not need to breathe.

Laying down four rounds from this device may have the same weight and rapid fire ability.  Reports have suggested that anything less is likely fatal even if you pepper the bear with a large mag of smaller ammunition.






.


The Army May Have Found Its Next Rifle In A Colorado Garage 

By Tom Roeder, The Gazette (Colorado Springs, Colo.) on October 1, 2018
 
The Army adopted its battle rifle in 1963 and has spent 55 years looking for a replacement for the M-16 and its variants.

They might have found it in Martin Gr...

09:00

Churchill, Hitler and "The Unnecessary War" with Pat Buchanan "IndyWatch Feed Tech"




I had largely come to this opinion years ago but reading this book rather clearly makes the whole argument.  The only thing missing in this mix was the continuing pressure from Russia at the same time that set up the French opportunity  to play revenge.

Churchill's grasp of strategy was always lacking and famously so.  That he strengthened Grey before the WWI led directly to the central decision of jumping into France without an escape strategy was a complete folly that ultimately allowed the American's to dismantle the British Empire which was also folly of the American kind...

I was brought up in a school system still loyal to the British Empire. My teachers had lived and participated in WWII.  I have always thought that the decision to help France was the death of the Empire and unforgivable.  When it went quickly wrong, they never got out.  They could have at any point.  How stupid is proven over and over again.

It is a bracing reminder of just how wrong headed a political leader can be and how baleful his influence.
,
.
Churchill, Hitler and "The Unnecessary War": How Britain Lost Its Empire and the West Lost the World

by

Patrick J. Buchanan


https://www....

09:00

Due Process and the Trump Presidency "IndyWatch Feed Tech"



I am writing this item to address our natural impatience.  All of us have seen politicians and their enablers go out and essentially flaunt the law.  Others such as my self have investigated the genesis of many important decisions in many areas including medical in particular and easily locate a troubling stream of behavior that is best described as corrupt.  That is the direct evidence.  At the same time we all mostly understand human behavior and understand that the easy road is to initiate a corrupt practice.

My key point though is that it is easy to be a witness to a criminal act.  The correction of that criminal action is hard and demands due process.  This takes a lot of time.  Weeks and months elapse.

We had a riot in Vancouver caught on ample camera points.  At the same time riots took place in England, folks were arrested and no charges were ever possible and they were all released almost immediately.  In Vancouver they applied due process.  In a few weeks arrests took place and convictions secured.  Do you think that this encourages similar behavior next opportunity?  Of course not.  Everyone knows that they will pay.

Two years ago Trump elected to apply the full power of due process with no deals and unleashed the full investigative powers of the State to fully correct the festering corruption of the whole governmental apparatus.  That is why thousands of pedophile cases have finally gone forward double step.  That is why there is now 55,766  sealed indictments outstanding while he cleans up the whole judiciary as well.

Feeding this monumental housecleaning is the astounding reality that since 9/11, we have collected all electronic communication, particularly in government.  Thus the same guys who found Saddam Hussein can identify networks and review cash transfers to establish probable cause.  A computer does all t...

08:26

Eneasz Brodski, author of Red Legacy, joins our Futurists Board. "IndyWatch Feed Tech"

Eneasz Brodski, author of "Red Legacy", joins our Futurists Board.

08:18

4 Useful Tools to Run Commands on Multiple Linux Servers "IndyWatch Feed Tech"

Title: 
4 Useful Tools to Run Commands on Multiple Linux Servers

08:15

9 in 10 organizations have a cybersecurity culture gap "IndyWatch Feed Tech"

With cybersecurity threats continuing to escalate worldwide, the ISACA/CMMI Institute Cybersecurity Culture Report found that just 5 percent of employees think their organizations cybersecurity culture is as advanced as it needs to be to protect their business from internal and external threats. Cybersecurity culture is a workplace culture in which security awareness and behaviors are integrated into everyones daily operations, as well as an executive leadership priority. In a threat-ripe environment, an effective cybersecurity culture More

The post 9 in 10 organizations have a cybersecurity culture gap appeared first on Help Net Security.

08:04

Have We Already Detected a Dark Matter Particle? "IndyWatch Feed Tech"

Dark matter supposedly makes up 85% of the matter in the universe, but so far, efforts to catch hypothesized dark matter particles have all ended in failure. Weakly interacting massive particles (WIMPs) are no-shows at grand experiments housed in Italy, Canada, and the United States. Even tinier axions have not been detected either. Neutralinos, born out of supersymmetry, may look nice on paper but so far have no bearing on reality.

08:04

Stephen Hawkings words from beyond the grave bring "IndyWatch Feed Tech"

Speaking from beyond the grave, Professor Stephen Hawking has told a new generation growing up in an increasingly insular world: Remember to look up at the stars and not down at your feet.

The eminent cosmologist, who had motor neurone disease and died in March, had his final public thoughts broadcast at a special event to launch his last book, Brief Answers To The Big Questions.

Prof Hawkings words of advice and defiance, echoing from an Imax screen at Londons Science Museum, brought tears to the eyes of his daughter Lucy.

08:04

Worlds fastest camera can shoot light in slow motion "IndyWatch Feed Tech"

The slow motion modes on modern smartphones crank up the speed of video recording so that when its played back at regular speed, the motion you see on the screen is slowed down. Its a neat feature to mess around with, but slow motion capture has some very serious scientific applications as well. Capturing the microscopic world at high speeds can help researchers shed light on all kinds of interesting behaviors and phenomena that shape our reality.

Now, imaging specialists have built what is being called the fastest camera on the planet, allowing for the capture of movement at up to 10 trillion frames per second. Forget slowing down a video of a home run at your kids softball game, this incredible contraption can slow down light itself.

A new paper published in Light: Science & Applications explains how the camera works, and boy is it complicated. To put it in its most basic terms, the camera uses laser pulses so ultra-fast that they are measured in quadrillionths of a second and combines those frames with images captured from a second camera moving at the same speed, allowing for high-quality images generated 10 trillion times every second.

08:04

How Inclusive Capitalism, Technology And Social Prescribing Could Reverse Flagging Life Expectancy "IndyWatch Feed Tech"

Hard as it is to believe, for the first time the life expectancy for Americans (not counting  the effect of wars) has https://www.ajc.com/lifestyles/health/cdc-life-expectancy-de279HCufnO/ target=_blank rel= nofollow noopener noreferrer data-ga-track= ExternalLink: https://www.ajc.com/lifestyles/health/cdc-life-expectancy-de279HCufnO/>dropped for two consecutive years. Perhaps less hard to believe is that this is https://news.harvard.edu/gazette/story/2016/04/for-life-expey-matters/ target=_blank rel= nofollow noopener noreferrer data-ga-track= ExternalLink: https://news.harvard.edu/gazette/story/2016/04/for-life-expey-matters/>not true across economic levels. The richest Americans are gaining in longevity, indeed to unprecedented levels. The poor dont have it so well, and in the U.S., this includes the shrinking middle class, who are also dying earlier. With the widening income gap, theres a growing discrepancy between life expectancies for the rich and poor. Depending on geography, those on the lower end of the income bracket spread can expect to live 20 years less than their better-off counterparts, a shocking finding from an http://jamanetwork.com/journals/jamainternalmedicine/fullart.2017.0918 target=_blank rel= nofollow noopener noreferrer data-ga-track= ExternalLink: http://jamanetwork.com/journals/jamainternalmedicine/fullart.2017.0918>in-depth study coming out of the University of Washington.

...

08:00

You are who you say you are: Establishing digital trust with the blockchain "IndyWatch Feed Tech"

Over the last few years, blockchain use has gained popularity driven partly by the interest in cryptocurrency, but mostly with the growing understanding of what distributed ledger technology can enable through decentralization of trust. Most large companies have innovation teams looking at ways that blockchain technology can be applied, and many analyst firms, system integrators and other influencers have focused teams providing advice on applications of blockchain technology. I have spoken to experts at leading More

The post You are who you say you are: Establishing digital trust with the blockchain appeared first on Help Net Security.

08:00

Paul Allen Dead at 65 "IndyWatch Feed Tech"

Paul Allen has died at age 65:

https://www.theguardian.com/technology/2018/oct/15/paul-allen-co-founder-microsoft-dies

Paul Allen, who co-founded Microsoft with his childhood friend Bill Gates, has died. He was 65.

Allen's company Vulcan said in a statement that he died Monday. Earlier this month Allen said the cancer he was treated for in 2009, non-Hodgkin lymphoma, had returned.

Allen, who was an avid sports fan, owned the Portland Trail Blazers and the Seattle Seahawks.

Of course the article has more information. There was more to Paul Allen that just mentioned above. Bound to hit multiple sources with different takes so be on the lookout for something from a source you like.

takyon: Allen Institute bio and Vulcan Inc. statement.

Related: Billionaire Boater Destroys almost 14,000 square feet of Reef in Cayman Islands
Scientists Force Genetically Engineered Mouse to Watch Classic Film Noir
Stratolaunch: The World's Largest Plane Rolls Out
Paul Allen Finds Lost World War II Cruiser USS Indianapolis
Allen Brain Atlas Releases Data on Live Human Brain Cells
World's Largest Plane is Designed to Lift Rockets Into the Stratosphere


Original Submission

Read more of this story at SoylentNews.

07:46

History of dark matter "IndyWatch Feed Tech"

The standard model of modern cosmology is unthinkable without dark matter, although direct detections are still missing. A broad perspective of how dark matter was postulated and became accepted is presented, from prehistory, over observations of galaxy clusters, galaxy rotation curves, the search for baryonic dark matter, possible alternative explanations via modified gravity, up to the hunt for dark matter particles. The interplay is described between observational discoveries and theoretical arguments which led finally to the adoption of this paradigm.

Sylvain Neuvel, author of Sleeping Giants, joins our Futurists Board. "IndyWatch Feed Tech"

Sylvain Neuvel, author of "Sleeping Giants", joins our Futurists Board. This novel has been optioned by Sony Pictures for development into a film and was sold for translation into twenty languages.

07:45

Exploring the current state of employee knowledge in cybersecurity and data privacy "IndyWatch Feed Tech"

Seventy-five percent of professionals pose a moderate or severe risk to the corporate data of the companies they work for. According to MediaPROs third-annual State of Privacy and Security Awareness Report, workers in the financial sector are more likely to be a risk with 85 percent of survey respondents falling into one of the two risk categories. MediaPRO surveyed more than 1,000 employees across the U.S. to quantify the state of privacy and security awareness More

The post Exploring the current state of employee knowledge in cybersecurity and data privacy appeared first on Help Net Security.

07:45

This is how Earth feeds volcanic supereruptions "IndyWatch Feed Tech"

Scientists studying the Taupo Volcanic Zone in New Zealand have uncovered clues to what causes giant eruptions.

07:44

What Is A Quantum Computer? The 30,000 Foot Overview "IndyWatch Feed Tech"

If you replace classical bits with qubits, though, you go back to only needing one per spin in the system, because all the quantum stuff comes along for free. You don&st need extra bits to track the superposition, because the qubits themselves can be in superposition states. And you don&st need extra bits to track the entanglement, because the qubits themselves can be entangled with other qubits. A not-too-big quantum computer again, 50100 qubits can efficiently solve problems that are simply impossible for a classical computer.

These sorts of problems pop up in useful contexts, such as the study of magnetic materials, whose magnetic nature comes from adding together the quantum spins of lots of particles, or some types of superconductors. As a general matter, any time you&sre trying to find the state of a large quantum system, the computational overhead needed to do it will be much less if you can map it onto a system of qubits than if you&sre stuck using a classical computer.

So, there&ss your view-from-30,000-feet look at what quantum computing is, and what it&ss good for. A quantum computer is a device that exploits wave nature, superposition, and entanglement to do calculations involving collective mathematical properties or the simulation of quantum systems more efficiently than you can do with any classical computer. That&ss why these are interesting systems to study, and why heavy hitters like Google, Microsoft, and IBM are starting to invest heavily in the field.

07:44

Scientists achieve first ever acceleration of electrons in plasma waves "IndyWatch Feed Tech"

The Large Hadron Collider (LHC) at the European Organization for Nuclear Research (CERN) near Geneva, Switzerland is said to be the largest particle accelerator in the world. The accelerator occupies a tunnel 27 kilometers in circumference as deep as 175 meters beneath the French-Swiss border. The facility has helped scientists uncover the Higgs boson, the last particle predicted by the Standard Model, in 2012.

07:44

Two HUGE earthquakes STRIKE New Caledonia tremors RICOCHET across Ring of Fire "IndyWatch Feed Tech"

TWO MASSIVE earthquakes have struck the French island of New Caledonia sending aftershocks ricocheting through the volatile Ring of Fire region.

07:30

Cryptomining attacks against Apple devices increase sharply "IndyWatch Feed Tech"

Check Point has published its latest Global Threat Index for September 2018, revealing a near-400% increase in cryptomining malware attacks against Apple iPhones. These attacks are using the Coinhive mining malware, which continues to occupy the top position in the Index that it has held since December 2017. Coinhive now impacts 19% of organizations worldwide. Check Points researchers also observed a significant increase in Coinhive attacks against PCs and devices using the Safari browser, which More

The post Cryptomining attacks against Apple devices increase sharply appeared first on Help Net Security.

07:15

Legacy government networks stifle cloud migration "IndyWatch Feed Tech"

67 percent of government agencies legacy network infrastructures are simply not prepared to handle the cloud migration lift or keep pace with the changing demands of cloud and hybrid networks, according to MeriTalk. One of the biggest areas holding agencies back is the chaos and lack of prioritization to properly update networks necessary for cloud adoption and IT modernization efforts, 51 percent of managers reported. Respondents also noted that to reach their cloud goals, agencies More

The post Legacy government networks stifle cloud migration appeared first on Help Net Security.

07:04

Photo-catalytic Killing of HeLa Cancer Cells Using Facile Synthesized Pure and Ag Loaded WO3 Nanoparticles "IndyWatch Feed Tech"

The cancer is a group of diseases characterized by the uncontrolled growth and spread of abnormal cells, and in most of the cases develop into malignant masses of tissues called tumors, and it is the leading causes of mortality and a major public health challenge worldwide. In normal body, genes in the cell nucleus, containing long strings of DNA (deoxyribonucleic acid) regulate the controlled division and function of cells and any damage to DNA causes the mutation of genes, which in turn triggers the uncontrolled division of abnormal cells, leading to the damage of vital organs. Cancer cells can detach from the original mass of tumor and migrate to new locations through blood and lymphatic system and also cancer cells produce enzymes that are capable of breaking the normal cells. For cancer diagnostics, the conventional histopathological and radiological examinations are still used for evaluating the clinical and pathologic staging, needed for cancer treatments. Depends on the stage of cancer development, different treatment options like chemotherapy, radiation therapy, stem cell transplant, immunotherapy, hormone therapy, targeted drug therapy and surgery are advised. The major disadvantages of the available advanced treatment options include non localized invasion to other body parts, intolerable cytotoxicity, unsystematic distribution of antitumor agents, immune to chemical agents, low bioavailability and limited option to evaluate the tumor cell response to therapies4,5. In spite of the drawbacks of these advanced treatment options, cancer is curable if it is diagnosed at an early stage.

Phototherapy has been used for the treatment of jaundice, cancer, dermatological conditions, and ophthalmological disorders by simply using the light of certain selected wavelength. Photodynamic therapy, on the other han...

07:00

Circuit Bending A TV For Better Input "IndyWatch Feed Tech"

If you havent noticed, CRTs are getting hard to find. You cant get them in Goodwill, because thrift stores dont take giant tube TVs anymore. You cant find them on the curb set out for the trash man, because they wont pick them up. Its hard to find them on eBay, because no one wants to ship them. Thats a shame, because the best way to enjoy old retrocomputers and game systems is with a CRT with RGB input. If you dont already have one, the best you can hope for is an old CRT with a composite input.

But theres a way. [The 8-Bit Guy] just opened up late 90s CRT TV and modded it to accept RGB input. Thats a monitor for your Apple, your Commodore, and a much better display for your Sega Genesis.

There are a few things to know before cracking open an old CRT and messing with the circuits. Every (color) CRT has three electron guns, one each for red, green, and blue. These require high voltage, and in CRTs with RGB inputs youre looking at a circuit path that takes those inputs, amplifies them, and sends them to the gun. If the TV only has a composite input, theres a bit of circuitry that takes that composite signal apart and sends it to the guns. In [8-bit guy]s TV and just about every CRT TV you would find from the mid to late 90s theres a Jungle IC that handles this conversion, and most of the time theres RGB inputs meant for the on-screen display. By simply tapping into those inputs, you can add RGB inputs with fancy-schmancy RCA jacks on the back.

While the actual process of adding RGB inputs to a late 90s CRT will be slightly different for each individual make and model, the process is pretty much the same. Its really just a little bit of soldering and then sitting back and playing with old computers that are finally displaying the right colors on a proper screen.

06:47

Gwyneth Jones, author of Divine Endurance, in which she created the term gynoid, joins our Futurists Board. "IndyWatch Feed Tech"

Gwyneth Jones, author of "Divine Endurance", in which she created the term gynoid, joins our Futurists Board.

06:32

Paul Allen: Microsoft co-founder and billionaire dies aged 65 "IndyWatch Feed Tech"

"Paul Allen, who co-founded Microsoft, has died aged 65 from complications of non-Hodgkin's lymphoma."

https://www.bbc.com/news/world-us-canada-45871379

06:24

Spontaneous genetic mutations in the womb may drive the majority of dementia cases "IndyWatch Feed Tech"

New research, led by scientists at the University of Cambridge, suggests spontaneous DNA mutations that occur when a babys brain is growing in the womb may help explain why so many people develop dementia without having any prior family history with the disease.

06:24

Shocking stories about monitoring Yellowstone National Park "IndyWatch Feed Tech"

Yellowstone Caldera Chronicles is a weekly column written by scientists and collaborators of the Yellowstone Volcano Observatory. This weeks contribution is from Beth Bartel and Tim Dittman, from the non-profit UNAVCO consortium in Boulder, Colorado.

About 18 miles west of the Yellowstone National Park boundary in Idaho, UNAVCO field engineer Tom Lyman surveys the damage at GPS station P361 on Sawtell Peak. This is an important site, not only because it is located close to active faults in the Yellowstone region, but also because it serves as a data relay for four additional nearby GPS stations. None of the GPS equipment is transmitting data.

UNAVCO, a member of the Yellowstone Volcano Observatory consortium, is responsible for maintaining the deformation network in and around Yellowstone. In Yellowstone National Park alone this network includes 14 GPS stations and six borehole geophysics stations. All the data are free and open access.

06:24

Researchers Find Oldest Evidence of Animal Life on Earth "IndyWatch Feed Tech"

The oldest clue of animal life, dating back at least 100 million years before the Cambrian period, when most major types of animals appear, has been found by University of California, Riverside (UCR) researchers.

The researchers have been tracking molecular signs of animal life, called biomarkers, as far back as 660635 million years ago during the Neoproterozoic Era. They found a steroid compound produced only by sponges, which are among the earliest forms of animal life, in ancient rocks and oils from Oman, Siberia, and India.

The biomarker identified, a steroid compound named 26-methylstigmastane (26-mes), has a unique structure that is currently only known to be synthesized by certain species of modern sponges called demosponges.

06:23

New treatment prevents transplant rejection "IndyWatch Feed Tech"

A new treatment strategy could increase the success rate of stem cell transplants, according to University of Queensland researchers.

The approach removes the need for donor matching and the use of immunosuppressant drugs to prevent rejection, and could make stem cell treatment accessible to more patients.

UQ Diamantina Institute researcher Dr Jatin Patel said researchers found immunosuppressant drugs had a negative impact on the transplanted stem cells.

06:14

NASA's Chandra X-Ray Observatory Fixed "IndyWatch Feed Tech"

After briefly going offline, NASA's Chandra X-ray space telescope is back in action

After briefly going into safe mode last week, NASA's Chandra X-ray Observatory which observes galaxies and nebulas from Earth's orbit should be getting back to normal operations soon. The cause of the disruption was a small glitch in one of the spacecraft's instruments used for steering and pointing. But the space agency has since fixed the problem, and the telescope will be back to observing the Universe by the end of the week.

[...] The glitch resulted in the gyro measuring three seconds of "bad data," which led Chandra's onboard computer to come up with the wrong value for the vehicle's momentum, according to NASA. This apparently prompted the safe mode. Now, NASA has decided to use one of Chandra's other gyros in its place and put the glitchy one on reserve.

Also at Space.com.

Previously: NASA's Chandra X-Ray Observatory Enters Safe Mode; Investigation Underway

Related: Puzzling X-Ray Emissions From Pluto
A New Stellar X-Ray 'Reality' Show Debuts
Galaxy Collision Creates Ring of Black Holes and Neutron Stars


Original Submission

Read more of this story at SoylentNews.

06:08

GCC Is Preparing To End Support For Solaris 10 "IndyWatch Feed Tech"

Solaris 10, what may will argue as the last "good" Solaris operating system release before Sun Microsystems fell under control of Oracle, may soon see its support deprecated by the GCC compiler stack...

05:43

Archeologists find a 66-foot Viking ship buried in Norway "IndyWatch Feed Tech"

Whether theyll ever be able to unearth it from a vast complex of at least seven dome-shaped burial mounds remains to be seen.

05:00

RiskRecon invents asset risk valuation algorithms "IndyWatch Feed Tech"

RiskRecon released its asset valuation algorithms that determine the inherent risk value of any Internet-facing system. Automatically determining asset value is critical to managing cyber risk because it enables organizations to create action plans focused on addressing risk. Risk professionals spend too much time analyzing mountains of issues to determine the risk relevance, explained Kelly White, Co-Founder and CEO of RiskRecon. RiskRecon automatically contextualizes every issue with issue severity and asset value that enables professionals More

The post RiskRecon invents asset risk valuation algorithms appeared first on Help Net Security.

04:42

The Social Media Purge Continues Carey Wedler "IndyWatch Feed Tech"

This is an issue that we cannot simply stand back and do nothing. This Social Media Purge is beneath Western Civilization and we have the power to stop it.


The WaPo hit piece in question: https://www.youtube.com/redirect?q=https%3A%2F%2Fwww.washingescription

Note: Im now unable to find the list Prop or Not compiled, but suffice to say Anti-Media was on it, and so were multiple others purged today. To be safe, Ill modify my statement in video from a lot of the outlets to at least some.

04:37

New Version of Winamp Planned for 2019 "IndyWatch Feed Tech"

Winamp 6, due out in 2019, aims to whip more llama ass

[...] The Belgian company that bought Winamp from AOL in January 2014 hasn't really done much with it since buying the remnants of the property just months after AOL finally pulled the plug.

Winamp.

Related: "Whipping the Llama's Ass" with this Javascript WinAmp Emulator


Original Submission

Read more of this story at SoylentNews.

04:35

Bezos says commercial space travel is his most important work "IndyWatch Feed Tech"

Amazon CEO Jeff Bezos said Monday that his aerospace company, Blue Origin, is his "most important" project.Bezos made the comments at the Wired 25th anniversary summit in San Francisco, according to CNBC.He added that he expects there to one...

04:16

To The Stars Academy $37 Million Deficit "IndyWatch Feed Tech"

Take Off Your Pants and Jacket and bend over: If were fucked up, youre to blame Via: Ars Technica: The accompanying financial statements have been prepared on a going concern basis, which contemplates the realization of assets and the satisfaction of liabilities in the normal course of business. The Company has incurred losses from operations []

04:00

Telit introduces new smaller IoT form factor module family "IndyWatch Feed Tech"

Telit released the xE310 family of miniature IoT modules. With initial models planned in LTE-M, NB-IoT and European 2G, the new form factor will enable Telit to meet growing demand for modules for wearable medical devices, fitness trackers, industrial sensors, smart metering, and other applications. Telit will start shipping xE310 modules in Q4 this year. The xE310 family is one of the smallest LGA form factors available in the market with a flexible perimeter footprint More

The post Telit introduces new smaller IoT form factor module family appeared first on Help Net Security.

04:00

Hams see Dark Side Of The Moon Without Pink Floyd "IndyWatch Feed Tech"

Ham radio operators bouncing signals off the moon have become old hat. But a ham radio transmitter on the Chinese Longjiang-2 satellite is orbiting the moon and has sent back pictures of the Earth and the dark side of the moon. The transceivers main purpose is to allow hams to downlink telemetry and relay messages via lunar orbit.

While the photo was received by the Dwingeloo radio telescope, reports are that other hams also picked up the signal. The entire affair has drawn in hams around the world. Some of the communications use a modulation scheme devised by [Joe Taylor, K1JT] who also happens to be a recipient of a Nobel prize for his work with pulsars. The Dwingeloo telescope has several ham radio operators including [PA3FXB] and [PE1CHQ].

You can find technical particulars about the satellite on its web page. There are also GNU Radio receivers and information about tracking. If you want to listen in, youll need some gear, but it looks very doable. The same page details several successful ham radio stations including those from [PY2SDR], [CD3NDC], [PY4ZBZ], [N6RFM], and many others. While the Dwingeloo telescope is a 25-meter dish, most of the stations have more conventional looking Yagi or helical antennas.

If your Mandarin is up to it, there is live telemetry on that page, too. You might have more luck with the pictures.

For working conventional satellites, you often need an agile antenna. We suspect the lunar orbiting satellite appears to move less, but youll have other problems with more noise and weak signals. Although hams have been bouncing signals off the moon for decades, theyve only recently started bouncing them off airplanes.

03:47

Smart Home Surveillance: Governments Tell Googles Nest To Hand Over Data 300 Times "IndyWatch Feed Tech"

Shocker. Via: Forbes: Anyone pumped for this weeks launch of Googles Home Hub might want to temper their excitement. A smart home is a surveilled home. Thats been the concern of privacy activists since citizens started lighting up their abodes with so-called smart tech in recent years. Take Googles current smart home division, Nest Labs. []

03:44

Are Black Holes Actually Dark Energy Stars? "IndyWatch Feed Tech"

George Chapline believes that the Event Horizon Telescope will offer evidence that black holes are really dark energy stars. NASAWhat

03:30

Therap announces enhanced secure communication tool "IndyWatch Feed Tech"

Therap announces an improved and user-friendly interface for its HIPAA-compliant secure messaging module. User experience is enhanced through a simple and intuitive design. The new design maintains the functionality of the module while streamlining the communication process, reducing the steps needed to complete the task. The secure communications (SComm) module facilitates the exchange of information among users in an agency or across different agencies, in a secure, HIPAA compliant way. SComm messages help improve communication More

The post Therap announces enhanced secure communication tool appeared first on Help Net Security.

03:00

Nucleus Cyber acquires Security Sheriff "IndyWatch Feed Tech"

Nucleus Cyber acquired the Security Sheriff platform from Cyxtera Technologies and launched into the Microsoft SharePoint, Office 365 and file share space to advance the data security in on-premises, cloud and hybrid environments. Kurt A. Mueffelmann, former CEO of HiSoftware, the company that developed Security Sheriff, returns as CEO for Nucleus Cyber. New investment, leadership and domain expertise are expected to drive technology innovation that has already enabled dozens of Fortune 1000 customers to safeguard More

The post Nucleus Cyber acquires Security Sheriff appeared first on Help Net Security.

02:59

HP Footnote Leads Intel to Confirm Support for 128 GB of DRAM for 9th-Generation Processors "IndyWatch Feed Tech"

Following HP's announcement of new ZBook mobile workstations, Intel has confirmed that the memory controller in 9th generation Intel Core processors will support up to 128 GB of DRAM. AMD's memory controller should also support 128 GB of DRAM:

Normally mainstream processors only support 64GB, by virtue of two memory channels, two DIMMs per memory channel (2DPC), and the maximum size of a standard consumer UDIMM being 16GB of DDR4, meaning 4x16GB = 64GB. However the launch of two different technologies, both double height double capacity 32GB DDR4 modules from Zadak and G.Skill, as well as new 16Gb DDR4 chips coming from Samsung, means that technically in a consumer system with four memory slots, up to 128GB might be possible.

With AMD, the company has previously stated that its memory controller can support future memory that comes to market (with qualification), however Intel has been steadfast in limiting its memory support on its chips specifically within the specification. HP is now pre-empting the change it its latest launch with the following footnote:

1. 128GB memory planned to be available in December 2018

This has forced Intel into a statement, which reads as the following:

The new 9th Gen Intel Core processors memory controller is capable of supporting DDR4 16Gb die density DIMMs which will allow the processors to support a total system memory capacity of up to 128GB when populating both motherboard memory channels with 2 DIMMs per Channel (2DPC) using these DIMMs. As DDR4 16Gb die density DIMMs have only recently become available, we are now validating them, targeting an update in a few months' time.

Here's an example of double height, double capacity 32 GB memory modules from G.Skill, which uses 8 Gb DRAM chips.

These are the Samsung 32 GB SO-DIMM DDR4 modules for laptops mentioned in the article. They are of a normal size but use Samsung's latest 16 Gb chips instead of 8 Gb.


...

02:55

Mesa Vulkan Drivers Move Ahead With PCI Bus Info, Calibrated Timestamps "IndyWatch Feed Tech"

With this weekend's release of Vulkan 1.1.88 stealing the show was the Vulkan transform feedback capability to allow projects like DXVK to support Direct3D's Stream Output functionality. But besides VK_EXT_transform_feedback, there are other extensions also being worked on for Mesa ANV / RADV Vulkan driver coverage...

02:00

HPR2662: Repairing a motherboard "IndyWatch Feed Tech"

Continued from hpr2549 :: DVD ripping using old hardware Acquired new user tower, replaced old tower with blown caps Dell Pentium 4 CPU 3.20GHz, 2Gb RAM sudo shred -n 5 -vz /dev/sdX -n, --iterations=N -v, --verbose show progress -z, --zero add a final overwrite with zeros to hide shredding Used same Slackware USB from old tower Used soldering iron from Amazon - Weller WLC100 40-Watt Soldering Station https://www.amazon.com/gp/product/B000AS28UC/ref=oh_aui_detailpage_o02_s00?ie=UTF8&psc=1 https://photos.app.goo.gl/VpRxvZLBy49PCo5DA

01:46

Hillicon Valley: Microsoft co-founder Paul Allen dies at 65 | Pentagon gets cyber wake-up call | Google pulls out of Saudi conference | Facebook takes steps against voter misinformation "IndyWatch Feed Tech"

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen...

01:23

[$] Fighting Spectre with cache flushes "IndyWatch Feed Tech"

One of the more difficult aspects of the Spectre hardware vulnerability is finding all of the locations in the code that might be exploitable. There are many locations that look vulnerable that aren't, and others that are exploitable without being obvious. It has long been clear that finding all of the exploitable spots is a long-term task, and keeping new ones from being introduced will not be easy. But there may be a simple technique that can block a large subset of the possible exploits with a minimal cost.

01:18

Damage Control: Boeing-Sponsored Newsletter Praises Space Launch System (SLS), Trashes Saturn V "IndyWatch Feed Tech"

Elon Musk pegs SpaceX BFR program at $5B as NASA's rocket booster nears $5B in cost overruns

[Compared] to Boeing's first serious 2014 contract for the SLS Core Stages $4.2B to complete Core Stages 1 and 2 and launch EM-1 in Nov. 2017 the company will ultimately end up 215% over-budget ($4.2B to $8.9B) and ~40 months behind schedule (42 months to 80+ months from contract award to completion). Meanwhile, as OIG notes, NASA has continued to give Boeing impossibly effusive and glowing performance reviews to the tune of $323 million in "award fees", with grades that would under the contracting book NASA itself wrote imply that Boeing SLS Core Stage work has been reliably under budget and ahead of schedule (it's not).

[...] Boeing recently brought to light as the likely source of a spate of egregiously counterfactual op-eds published with the intention of dirtying SpaceX's image also took it upon itself to sponsor what could be described as responses to NASA OIG's scathing October 10th SLS audit. Hilariously, a Politico newsletter sponsored by Boeing managed to explicitly demean and belittle the Apollo-era Saturn V rocket as a "rickety metal bucket built with 1960s technology", of which Boeing was very tenuously involved thanks to its eventual acquisition of companies that actually built Saturn and sent humans to the Moon.

At the same time, that newsletter described SLS as a rocket that will be "light years ahead of thespacecraft [sic] that NASA astronauts used to get to the moon 50 years ago." At present, the only clear way SLS is or will be "light years" ahead as much a measure of time as it is of distance of Saturn V is by continuing the rocket's trend of endless delays. Perhaps NASA astronomers will soon be able to judge exactly how many "light years ahead" SLS is by measuring the program's redshift or blueshift with one of several ground- and space-based telescopes.

Here's a typical Boeing shill response (archive) to the NASA Inspector General report.

See also: Will the US waste $100+ billion on SLS, Orion and LOP-G by 2030?

Previously: Maiden Flight of the Space Launch System Delayed to 2019 (now delayed to June 2020, li...

01:00

Hybrid Robot Walks, Transforms, And Takes Flight "IndyWatch Feed Tech"

[Project Malaikat] is a 3D printed hybrid bipedal walker and quadcopter robot, but theres much more to it than just sticking some props and a flight controller to a biped and calling it a day. Not only is it a custom design capable of a careful but deliberate two-legged gait, but the props are tucked away and deployed on command via some impressive-looking linkages that allow it to transform from walking mode to flying mode.

Creator [tang woonthai] has the 3D models available for download (.rar file) and the video descriptions on YouTube contain a bill of materials, but beyond that there doesnt seem to be much other information available about [Malaikat]. The creator does urge care to be taken should anyone use the design, because while the robot may be small, it does essentially have spinning blades for hands.

Embedded below are videos that show off the robots moves, as well as a short flight test demonstrating that while control was somewhat lacking during the test, the robot is definitely more than capable of actual flight.

This video has the best resolution and demonstrates walking.

Heres a video showing more walking, and the flight hardware (deploying rotors starts at 1:40 in the video below).

Finally, a brief flight test showing that the robot is more than capable of liftoff:

The low-level flight work is being done by a CC3D ATOM flight controller, which takes care of managing thrust to maintain stability. Multirotor flight controllers are incredible pieces of technology in their own right, demonstrated well by making an...

00:24

To be or not to be an enhanced human "IndyWatch Feed Tech"

Should there be any ethical or legal boundaries to technologies that enhance humans? I pondered this last week as I read an online article about the recent trials of upper-body exoskeletons by production line staff at Volkswagen and at Chrysler-Fiat. These lightweight wearable frames greatly reduce the physical strain of repetitive overhead assembly work, and will be an important industrial enhancement as workforces age.

We tend to think of medical advancement in terms of better cures for diseases and recovery from injury. Enhancement however goes beyond therapy, and extends us in ways that some may argue are unnatural. Some human enhancements are of course also pre-emptive therapeutic interventions. Vaccination is both an enhancement of our immune system, and a therapeutic intervention. However, in cases where there is little preventative justification, what degree of enhancement is acceptable?

We drink coffee expecting our work performance to improve. We accept non-elective operations, breast implants, orthodontic improvements and other interventions which improve our perception of ourselves. We generally accept such enhancements with little question. However devices and drugs that improve athletic performance can lead us to question their legitimacy.

00:23

AI can analyze changes in Earths magnetic field to predict quakes unprecedentedly early "IndyWatch Feed Tech"

Researchers have revealed a radical new use of AI to predict earthquakes.

A team from Tokyo Metropolitan University have used machine-learning techniques to analyze tiny changes in geomagnetic fields.

These allow the system, to predict natural disaster far earlier than current methods.

00:18

Purism Shares The Latest Librem 5 Smartphone Progress - Dev Kits Going Out Soon "IndyWatch Feed Tech"

Purism has shared the latest details on their efforts to deliver the open-source Linux Librem 5 smartphone to market in 2019...

00:08

Microsoft co-founder Paul Allen dies at 65 "IndyWatch Feed Tech"

Paul Allen, a co-founder of Microsoft, died on Monday at age 65.Allen died of complications from non-Hodgkins lymphoma, according to a statement from his family.My brother was a remarkable individual on every level. While most knew Paul Allen as a...

00:04

Facebook bans midterm voting disinformation "IndyWatch Feed Tech"

Facebook announced on Wednesday that it is taking new steps to prevent voter suppression by banning fake voting requirement information and hoax reports of violence at polling stations ahead of next month's midterm elections.The move comes as a...

Monday, 15 October

23:55

Linux's Qualcomm Ath10k Driver Getting WoWLAN, WCN3990 Support "IndyWatch Feed Tech"

The Qualcomm/Atheros "Ath10k" Linux driver coming up in the Linux 4.20~5.0 kernel merge window is picking up two prominent features...

23:46

Invisible Manipulation: 10 Ways our Data is Being Used Against Us "IndyWatch Feed Tech"

Invisible Manipulation: 10 Ways our Data is Being Used Against Us:

The era where we were in control of the data on our own computers has been replaced with devices containing sensors we cannot control, storing data we cannot access, in operating systems we cannot monitor, in environments where our rights are rendered meaningless. Soon the default will shift from us interacting directly with our devices to interacting with devices we have no control over and no knowledge that we are generating data. Below we outline 10 ways in which this exploitation and manipulation is already happening.

As just one example from the short article:

8. Invisible Discrimination and Poverty

Online, and increasingly offline, companies gather data about us that determine what advertisements we see; this, in turn, affects the opportunities in our lives. The ads we see online, whether we are invited for a job interview, or whether we qualify for benefits is decided by opaque systems that rely on highly granular data. More often than not, such exploitation of data facilitates and exacerbates already existing inequalities in societieswithout us knowing that it occurs. As a result, data exploitation disproportionately affects the poorest and most vulnerable in society.

That reminds me of the old saying: "The rich get richer and the poor get poorer." Percy Bysshe Shelley.

Here's another old saying:

"If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged." Cardinal Richelieu.

How much data would suffice to accomplish this, today?


Original Submission

Read more of this story at SoylentNews.

23:45

How do we practice alternative medicine? "IndyWatch Feed Tech"



This is a good question that i have spent some time on as uniting methodologies needs to be fully addressed.  The current economic model actually mitigates against real progress.
At the same time massive effort is now been spent in the fitness industry applying techniques that are both effective but also damaging and do nned to be also addressed.
 Most folks supplying services are usually skilled technicians and are blinkered by their own medical narrative.  That happens to include doctors generally.
I do think that a working gym needs to be integrated with medical technicians to optimize medical care.  It needs to include a range of machines but particularly including passive systems that induce muscle engagement as a whole body system that generates whole body muscle tone.  From such a base it is possible to address issues as needed..
.
How do we practice alternative medicine?

Published on October 2, 2018

https://drsircus.com/general/alternative-medicine-2/

How do we practice alternative medicine? What is alternative medicine exactly and isnt the real questionwhat is the best way to practice medicine? There must be a right way and a wrong way to practice medicine. The concept of malpractice sustains this belief. Medical malpractice kills 500 times more Americans than accidental gun deaths do. An eight-year study from Johns Hopkins found that there are at least 250,000 deaths due to malpractice in America each year. Other studies have found such deaths surpass 400,000 per year. We also know that over 100,000 Americans die each year from properly prescribed medicines.

As presently defined alternative medicine is the practice of anything other than mainstream medicine, which reall...

23:37

Study: Nearly all unique comments to FCC opposed net neutrality repeal "IndyWatch Feed Tech"

Nearly 100 percent of unique comments made on net neutrality to the Federal Communications Commission (FCC) last year were in opposition to the agency's eventual move to repeal the regulations, according to a new study by a Stanford University...

23:30

3D Print Real Tools, Not Toys "IndyWatch Feed Tech"

Register to receive two free Markforged sample partsone printed with standard thermoplastic, and one reinforced with continuous carbon fiber.

3D Print Real Tools, Not Toys

Register to receive two free Markforged sample partsone printed with standard thermoplastic, and one reinforced with continuous carbon fiber.

Can your 3D printer deliver parts tough enough for the factory floor? With  Markforged, 3D printed composite parts are up to 23x stronger than ABS, giving you the reliability you need to keep production lines running smoothly.

Ideal for applications in manufacturing tooling, custom, end-use production and functional prototyping, only Markforged composite 3D printers can embed continuous reinforcing fibers carbon, fiberglass, or Kevlar to print lightweight, non-marring parts with the strength of 6061 aluminum.

Request your sample part today, and test the strength yourself.

23:14

Will NIH's 1 million person DNA database of immigrant children, prisoners and adults be a law enforcement goldmine? "IndyWatch Feed Tech"


If you thought sending your DNA to for-profit DNA companies was a bad idea, boy do I have bad news for you.

The National Institute of Health (NIH) is building a 1 million person DNA database of immigrant children, prisoners and adults, claiming that it will help them study diseases.

NIH's "All of Us Research Program" (AoURP) will make corporate DNA databases look like a drop in the bucket.

"NIH's program will involve populations traditionally underrepresented in biomedical research who have exceptionally high mobility, including migrant workers, the homeless, and gender and sexual minorities."

Curiously, the NIH makes no mention of "variant reclassification" meaning, a person's genetic results can change. Which makes NIH's claims about studying diseases even more suspect.


How will the NIH convince one million immigrants to willingly hand over their DNA, medical history and much more?  By touring the country and enlisting doctors and nurses from hospitals and Community Health Centers who 'ask' them to provide it.

If you are thinking isn't China doing the same thing? You would be correct.

China's so-called health care program also uses doctors and nurses to collect millions of immigrant's DNA.

The mandatory databanking of a whole populations biodata, including DNA, is a gross violation of international human rights...

23:13

David Walton, author of the award-winning novel Terminal Mind, joins our Futurists Board. "IndyWatch Feed Tech"

David Walton, author of the award-winning novel "Terminal Mind", joins our Futurists Board.

23:05

Google pulls out of Saudi investor conference "IndyWatch Feed Tech"

Google became the latest company to pull out of a Saudi business conference being held in Riyadh later this month.A Google spokesperson confirmed Monday that Diane Greene, CEO of the companys cloud computing division, would no longer be attending...

22:57

DSLWP-B Moonbounce cross-correlation analysis "IndyWatch Feed Tech"

In one of my latest posts I commented on the Moonbounce signal of the Chinese lunar satellite DSLWP-B, as received in Dwingeloo. In the observation made in 2018-10-07 Cees Bassa discovered a signal in the waterfall of the Dwingeloo recordings that seemed to be a reflection off the Moon of DSLWP-Bs 70cm signal. My analysis showed that the Doppler of this signal was compatible with a specular reflection on the lunar surface.

In this post I study the cross-correlation of the Moonbounce signal against the direct signal. This gives some information about how the radio signals behave when reflecting off the Moon. Essentially, we compute the Doppler spread and time delay of the Moonbounce channel.

In the previous post weve seen that the reflected signal was weak, barely visible over the noise floor. Still, we can compute the cross-correlation between the reflected and direct signals. The calculations have been done in this Jupyter notebook.

The cross-correlation algorithm I have used can be summarised by the following formula:\[(x \star y)_k(\tau, \omega) = \sum_{j = 0}^{M-1} |\mathcal{F}_N^{-1}[z_{k+js,\omega}](\tau)|^2,\]where\[z_{k,\omega} = \mathcal{F}_N(x(n+k)w(n) e^{i\omega n} )\overline{\mathcal{F}_N(y(n+k) w(n))},\] and \(x,y\) are the direct and reflected signals respectively, \(\tau\) is the time delay, \(\omega\) is the frequency, \(k\) is the starting sample for the correlation calculation, \(\mathcal{F}_N\) denotes an \(N\)-point DFT, and \(w\) is a window function.

The parameter \(s\) determines the DFT overlap. An usual choice which we will use here is \(s = N/2\), which means that half of the points of one DFT overlap with the next one.

The parameters \(N\) and \(M\) give the so-called coherent integration length and non-coherent integration length. We say that the coherent integration length is \(N\) samples and the non-coherent integration length is \(M(s-1) + N\) samples (or that we do \(M\) non-coherent integrations). The choice of the coherent and non-coherent integration lengths is important because it determines the SNR of the correlation, the frequency resolution and the computational cost. It is also related to the frequency stability of the signal: unstable signals do not get an SNR gain when doing longer coherent integrations.

The recordings made at Dwingeloo use a sampling rate of 40ksps. After several trials I have decided to set a coherent length of \(N = 2^{16}\) samples, or 1.64 seconds. I ha...

22:56

Text Bomb Causing PS4 to Crash "IndyWatch Feed Tech"

By Uzair Amir

Sonys most prestigious gaming console till date PlayStation 4 or PS4 contains a bug that exploits and crashes the console through a text message. It is believed that malicious threat actors are sending infected messages to the console to crash it. Reddit is bursting with reports from PS4 users who are complaining about receiving strings []

This is a post from HackRead.com Read the original post: Text Bomb Causing PS4 to Crash

22:34

Microsoft employees urge company not to pursue $10 billion Pentagon contract "IndyWatch Feed Tech"

A group of Microsoft employees urged the company not to bid for a lucrative military contract, citing ethical concerns. An anonymous group of employees wrote a letter posted on Medium asking that Microsoft forgo bidding on the Joint Enterprise...

22:28

Generation Z, millennials most likely victims of tech support scams: Microsoft "IndyWatch Feed Tech"

A new study shows that younger internet users might be the most susceptible group to online scams, bucking the conventional wisdom that older users are the most likely to fall prey to digital fraud. New research by Microsoft found...

22:24

GTA Cheat Developers Have Homes Searched and Assets Frozen "IndyWatch Feed Tech"

Over the past year there has been a wave of copyright infringement lawsuits against alleged cheaters or cheat makers.

More than a handful have been filed in the US, but theres also been some action in Australia recently.

In one case, filed last month, GTA V developer Rockstar Games and its parent company Take-Two Interactive are going after several people believed to be linked to the popular Infamous cheat.

This lawsuit is notable because the Federal Court of Australia has signed off on several broad enforcement actions. Not only are the defendants restrained from any cheating related activity, they are also the subject of a search and assets freezing order.

The orders are issued against the person or persons known as Christopher Anderson, Cycus Lesser, Sfinktah, Koroush Anderson, and Koroush Jeddian. Per the courts order, all are prohibited from cheating and can be imprisoned if they refuse to comply.

Restrained

The associated search order identifies two Melbourne premises. It allows a search party to enter the buildings and search, copy, or remove relevant evidence including any computer, electronic storage device, or documents related to Infamous. Any cars that are located at these locations can also be searched.

In addition to the search order, the Federal Court also issued a freezing order preventing the defendants from taking out more money than needed for regular expenses.

You must not remove from Australia or in any way dispose of, deal with or diminish the value of any of your assets in Australia (Australian assets) up to the unencumbered value of AU$286,609.80 (the Relevant Amount), the order states.

This freezing order also applies to any cryptocurrency and other digital currency, including the money stored in the PayPal account thats assigned to Christopher Anderson.

It is likely that Rockstar Games and Take-Two Interactive will try to obtain copyright infringement related damages, and with the freezing order they can make sure that the money isnt spent beforehand.

The orders in question were initially not disclosed, but that restriction has now been lifted. From the information we have available the searches were carried out late last month. In a follow-up order, the federal court ruled that the freezing and other orders should remain in place for now.

The defendant(s) have yet to file a defense, which is expected later...

22:14

Ubisoft Promises to Release Hieroglyphics Initiative Tools as Open Source "IndyWatch Feed Tech"

Ubisoft pledge to make hieroglyph translation algorithm open access

During development [of Assassin's Creed Origins], [Ubisoft] partnered with Egyptologists, and in doing so they apparently discovered that translating hieroglyphs is very difficult and time consuming. In response, they started looking into ways to streamline the process using machine learning, and this week, they presented their initial progress.

[...] Ubisoft's first step was asking for volunteers to trace hieroglyphs on their website, and Assassin's Creed fans were well up for it "more than 80,000 glyphs were drawn in the tool" on the first night it was active.

[...] Now they've got the basics in place, they've pledged to bring the algorithm into open access by the end of the year, so that academics can both use it and help them to improve it. They're taking the drawing tool and reworking it as a teaching tool for students learning the hieroglyphic script, too.

Ubisoft, Google Cloud and Psycle demonstrate the power of machine learning, lay the ground for automated hieroglyphics translation

The support of Academic contributors around the world has helped shape the Hieroglyphics Initiative. However it is only starting and now requires the contribution of the scientific community to deliver its full promise, therefore the data and tools will open source before the end of the year.

[...] Ubisoft will keep supporting the Hieroglyphics Initiative on the longer term in collaboration with Google Cloud teams as both hope for it to have a long-lasting legacy, and be the basis for more innovations in the study of Middle Egyptian.

2017 video (2m45s).


Original Submission

Read more of this story at SoylentNews.

22:09

This Weeks Hype "IndyWatch Feed Tech"

The story of string theory as a theory of everything has settled into a rather bizarre steady-state, with these three recent links providing a look at where we are now:

  • At his podcast site, Sean Carroll has an interview with string theorist Clifford Johnson. Its accurately entitled Whats So Great About Superstring Theory, since its an hour of unrelenting propaganda about the glories of string theory, save for a short mention that there had been some criticism from (unnamed) sources a decade or so ago.

    The truly odd thing about the discussion though was the way it seemed frozen in time back in 1998 just after the advent of AdS/CFT duality, with almost no discussion of developments of the last twenty years. Nothing about the string theory landscape and the controversy over it, nothing about the negative SUSY results from the LHC. The attitude of Carroll and Johnson towards the failure of string theory unification seems to be to simply refuse to talk about it, and try to keep alive the glory days just after the publication of The Elegant Universe. Theyve taken to heart the post-fact environment we now live in, one where if you keep insisting something is true (string theory unification is a great idea) despite all evidence, then for all practical purposes it is true. Johnson has famously admitted that he refuses to read my book or Lee Smolins. As far as hes concerned our arguments do not exist, and Carroll goes along with this by not even mentioning them.

  • For the latest on the Swampland (for background, see here), theres String Theorists Heads Bobble Over Potential Dark Energy Wobble, where were told that string theorists are claiming huge excitement over the possibility that string theory might make a prediction about dark energy. Over the years there have been endless claims about predictions of string theory, none of which have ever turned out to actually exist, and this is just one more in that long line. The rather odd aspect of this latest prediction is indicated by how it is described in the last paragraph of the article:

    The real excitement comes from how soon we might know whether Vafas work has produced a testable prediction of string theorywhich would be a first. Experiments like the Dark Energy Survey or the upcoming WFIRST telescope could possibly detect whether dark energy is constant or changing over time, and could perhaps do so within the next few years.

    Reading this, one gets the impression t...

22:00

Wind Turbine Pushes Limits Of Desktop 3D Printing "IndyWatch Feed Tech"

There was a time, not so long ago, when hype for desktop 3D printing as so high that it seemed you could print anything. Just imagine it, and your handy dandy magical 3D printer could manifest it into reality. But now that more people have had first hand experience with the technology, the bubble has burst. Reality has sobered us up a bit, and today weve got a much better idea of what can and cannot be printed on a traditional desktop 3D printer.

But that doesnt mean we arent surprised from time to time. As a perfect example, take a look at this almost entirely 3D printed wind turbine designed and built by [Nikola Petrov]. Outside of the electronics, the pole its mounted to, and some assorted bits and bobs, he produced all the parts on his own large-format TEVO Black Widow printer. He mentions there are a few things he would do differently if he was to build another one, but its hard to find much to complain about with such a gorgeous build.

To be sure, this one isnt for the 3D printing novice. First of all, youll need a printer with a bed thats at least 370 mm wide just to print the blades. [Nikola] also recommends printing the parts in ABS and coating them with acetone to smooth and harden the out...

21:56

Chance the Rapper works as Lyft driver to raise money for Chicago schools "IndyWatch Feed Tech"

Chicago hip-hop artist Chance the Rapper surprised unsuspecting Lyft riders in his latest effort to raise money for Chicagos public schools.Lyft shared a video of the rapper and philanthropist appearing as an undercover driver to encourage riders...

21:45

Mammals cannot evolve fast enough to escape current extinction crisis "IndyWatch Feed Tech"

Humans are exterminating animal and plant species so quickly that natures built-in defence mechanism, evolution, cannot keep up. An Aarhus-led research team calculated that if current conservation efforts are not improved, so many mammal species will become extinct during the next five decades that nature will need 3 to 5 million years to recover.

There have been five upheavals over the past 450 million years when the environment has changed so dramatically that the majority of Earths plant and animal species became extinct. After each mass extinction, evolution has slowly filled in the gaps with new species.

The sixth is happening now, but this time, the extinctions are not being caused by natural disasters; they are the work of humans. A team of researchers from Aarhus University and the University of Gothenburg has calculated that the extinctions are moving too rapidly for evolution to keep up.

21:44

These Are The Most Distant Objects Weve Ever Discovered In The Universe "IndyWatch Feed Tech"

The cosmic records we have are meant to be broken, but oh, have we ever gone so far.

21:36

Real-time Google Translate available on all Google Assistant headphones "IndyWatch Feed Tech"

Real-time translation is coming to all Google Assistant-optimized headphones and Android phones

When Google launched the Google Assistant-enabled Pixel Buds last year, one of the highlighted features of the headphone was its ability to translate in real-time using Google Translate. However, until now this feature was exclusive only to Pixel Buds paired with a Google Pixel smartphone.

Google is now opening up the feature to more users and bringing real-time translation capabilities to all Google Assistant-powered headphones, according to a report from Droid-Life.

Google has updated the support page for the Pixel Buds that reads Google Translate is available on all Assistant-optimised headphones and Android phones. The Google Assistant on Google Pixel Buds is only available on Android and requires an Assistant-optimised Android device and data connection.

Check out the video demonstration from the 2017 Made By Google event that shows how Google translate works on the Pixel Buds:

Some of the few headphones that are equipped with the Google Assistant include the Pixel Buds, Bose Quiet Control 35 II, Sony WI-1000X, Sony WH-1000XM2, Sony WH-1000XM3, JBL Everest 710GA, JBL Everest 110GA, OnePlus Bullets and a few more come with built-in Google Assistant.

If you are interested in trying out the feature, all you need to do is say Hey Google, help me speak (name of the language) to the Google Assistant on your earphone or device.

The post Real-time Google Translate available on all Google Assistant headphones appeared first on TechWorm.

21:20

Introducing our new associate member forum! "IndyWatch Feed Tech"

I'm excited to share that we've launched a new forum for our associate members. We hope that you find this forum to be a great place to share your experiences and perspectives surrounding free software and to forge new bonds with the free software community. If you're a member of the FSF, head on over to https://forum.members.fsf.org to get started. You'll be able to log in using the Central Authentication Service (CAS) account that you used to create your membership. (Until we get WebLabels working for the site, you'll have to whitelist its JavaScript in order to log in and use it, but rest assured that all of the JavaScript is free software, and a link to all source code can be found in the footer of the site.) Participation in this forum is just one of many benefits of being an FSF member if you're not a member yet, we encourage you to join today, for as little as $10 per month, or $5 per month for students.

The purpose of this member forum is to provide a space where members can meet, communicate, and collaborate with each other about free software, using free software. While there are other places on the Internet to talk about free software, this forum is unique in that it is focused on the common interests of FSF members, who care very much about using, promoting, and creating free software.

The forum software we chose to use is Discourse.

One of the technical requirements for the forum was that it needs to work well with single sign-on (SSO) systems, specifically our CAS system. In the process of launching the new member forum, I patched our CAS server so that it would verify FSF associate membership. I also wrote a patch for the Discourse CAS SSO service so that we can require email validation when users log into Discourse for the first time.

We built our own patched instance of Discourse's base Docker image to resolve a freedom issue, and as preparation for any times in the future that we may need to make changes to the upstream source code for our local installation.

I spent some time trying to set up Discourse without using Docker, but getting email delivery to work without a Docker image proved to be very challenging. In the end, we decided that using Docker adds complexity when making patches to the software, but think that it makes using Discourse easier overall.

One of the reasons we chose Discourse is because it allows users to respond to conversations via email. Users may enable the "mailing list mode" in their user settings, which allows us to interact with the member forum as if it were a mailing list.

I would like to thank the Discourse team for creating this software, and for their responsiveness to my questions about Discourse patchin...

21:14

Apples iOS 12.0.1 software update causing new problems to users "IndyWatch Feed Tech"

Apples iOS 12.0.1 software update creating network and signal connectivity problems, broken calls

After the update, a number of iPhones users are facing problems such as frequently broken calls, network and signal connectivity problems along with issues pertaining to battery life as well.

Since upgrading, owners of both new and old iPhones are finding their phones either dont make or receive calls. Bluetooth connectivity, Wi-Fi and battery-related issues are again surfacing on an iOS generation which Apple has promoted as being all about efficiency, stability and speed, Forbes reported on Friday.

Among other fixes, Apple has also reportedly addressed the iOS 12 issue with iMessage delivering personal messages to wrong and multiple people.

Apple has been telling users that iMessage accidentally sending messages to wrong people is actually a feature for iOS 12 and that it is happening because Apple is now organising all contacts by Apple ID, so if family members or friends share an ID now all these messages are shared simultaneously with everyone who has that ID, the report added.

Recently, Apple also released a minor update for the WatchOS 5 to fix the charging issue and activity-related problems that were experienced by some users.

The post Apples iOS 12.0.1 software update causing new problems to users appeared first on TechWorm.

21:00

Blood Pressure Monitoring Off the Cuff "IndyWatch Feed Tech"

Cuffless blood pressure monitors could help continuously measure this vital sign

Blood pressure is normally monitored using a cuff wrapped around the upper arm, but new research could one day lead to a cuffless, less intrusive way to measure blood pressure.

Blood pressure reflects both physical health and emotional states. Traditionally, doctors measure this vital sign using an inflating cuff that applies pressure against the arm to stop blood flow and slowly releases this outside pressure to help sensors detect the amount of pressure in the blood as it surges back into the arm.

Researchers would like to monitor the blood pressure of people while they are engaged in a variety of activities to help shed light on precisely how this vital sign fluctuates after exercise or mood swings. However, cuffs that repeatedly impede blood flow can damage the body over time, limiting how much data standard blood pressure monitors can gather. As such, doctors would prefer cuffless techniques for blood pressure monitoring.

One way to potentially eliminate the cuffs involves soft devices placed on the skin to measure the velocity of pulse waves inside arteries. Two equations can then convert these velocity measurements to blood pressure.

That strategy could also lead to a noninvasive method of continuous blood pressure monitoring, which is essential for the care of critically ill patients. Today, continuous blood pressure monitoring is typically accomplished by inserting a needle into an artery, an invasive technique that exposes patients to risks of dangerous complications.

We realized that our unique skin-interfaced biophysical sensors could, potentially, address this challenge, but we found a lack of rigorous, physics-based models in the existing literature, says study coauthor John Rogers, a materials scientist at Northwestern University, in Evanston, Ill.

Previous work found that one of the two equations for converting pulse-wave velocity to blood pressure relied on unrealistic assumptions that do not hold for human arteries. Among the debunked beliefs: Artery walls are essentially thin shells, and that artery thickness and diameter remain fixed as blood pressure changes. Moreover, although the other equation is based on both pulse-wave velocity and blood pressure data, there is no theoretical basis for how an...

...

20:49

Check how many CPUs are there in Linux system "IndyWatch Feed Tech"

I am a new Linux user. How do you check how many CPUs are there in Linux system using the command line option?

The post Check how many CPUs are there in Linux system appeared first on nixCraft.

17:13

Malicious Platform Independent Trojan GPlayed Disguised as Google Play Store "IndyWatch Feed Tech"

By Waqas

Newly discovered Trojan malware, which has been dubbed as GPlayed by the IT security experts at Cisco Talos, disguises itself as Google Play Store to trick users into downloading it. After getting installed, it steals location information and bank details from the device. Additionally, it is capable of transferring code between desktop and mobile platforms. []

This is a post from HackRead.com Read the original post: Malicious Platform Independent Trojan GPlayed Disguised as Google Play Store

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog