IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Friday, 17 August

14:00

Endpoint breach prevention by reducing attack surfaces "IndyWatch Feed Tech"

In this podcast recorded at Black Hat USA 2018, Chris Carlson, VP of Product Management, Cloud Agent Platform at Qualys, talks about endpoint breach prevention by reducing attack surfaces. Heres a transcript of the podcast for your convenience. Welcome to this Help Net Security podcast. Im Chris Carlson, vice president of product management at Qualys, and today well talk about endpoint breach prevention by reducing attack surfaces. And that really is a key thing around More

The post Endpoint breach prevention by reducing attack surfaces appeared first on Help Net Security.

13:50

Telecom services: Patient zero for email-based attacks? "IndyWatch Feed Tech"

Organizations offering telecommunication services are seeing more advanced malware threats than organizations in other industries, Lastline researchers have found. They have come to that conclusion after having analyzed all the threats seen by the telecom services companies over the past 30 days and the latest 100 malware samples submitted by Lastline customers in this vertical, and comparing them to the latest global malscape statistics. Unknown/unclassified threats Around 90 percent of files [we analyzed] had not More

The post Telecom services: Patient zero for email-based attacks? appeared first on Help Net Security.

13:46

TrueVault launches data security solution focused on protecting Personally Identifiable Information "IndyWatch Feed Tech"

TrueVault announced the launch of its expanded platform to cover all PII-related regulations such as HIPAA, GDPR, and the California Consumer Privacy Act as well as additional use cases including Applications, Data Warehouses and Machine Learning. TrueVault had focused on helping companies protect consumers health-related data, ensuring HIPAA compliance. But its customers began asking for help with new regulations related to PII, such as GDPR. TrueVault already had the know-how and platform, and decided to More

The post TrueVault launches data security solution focused on protecting Personally Identifiable Information appeared first on Help Net Security.

13:45

Busting the security myth: Should I use WordPress for my website? "IndyWatch Feed Tech"

WordPress has been around for 15 years. Today it powers around 30% of the top 10 million websites on the internet. Being such a popular platform, WordPress has been in the limelight quite a few times, more often than not for wrong reasons security, or lack of. Though is it really as insecure as many think? If it is really that insecure, how come world renowned names and brands such as The New York More

The post Busting the security myth: Should I use WordPress for my website? appeared first on Help Net Security.

13:30

New infosec products of the week: August 17, 2018 "IndyWatch Feed Tech"

Alkemist: Harden vulnerable embedded systems and devices RunSafe Security announced the availability of Alkemist, a proprietary self-service technology built to reduce vulnerabilities and deny malware the uniformity needed to execute. Alkemist uses deployable software binary runtime application self-protection (RASP) methods to reduce risk by precluding exploits from spreading across multiple devices and networks. F5 simplifies network functions virtualization for service providers With F5, organizations can take advantage of the lifecycle management of VNF services, unlocking More

The post New infosec products of the week: August 17, 2018 appeared first on Help Net Security.

13:21

Apple hacked by 16-year-old who dreamed of working for firm "IndyWatch Feed Tech"

Apple hacked by 16-year-old who

An Australian teenager has admitted hacking into Apples internal network and stealing 90 GB worth of files. The 16-year-old has pleaded guilty to breaking into Apples systems on multiple occasions over the course of a year, from his parents home in Melbournes suburbs.

Read more in my article on the Hot for Security blog.

13:17

AMD Begins Staging AMDGPU Patches For Linux 4.20/5.0, Including FreeSync Refactoring "IndyWatch Feed Tech"

With the DRM feature work for Linux 4.19 now in the kernel, AMD's stellar open-source driver team has begun staging their work-in-progress changes for the AMDGPU Direct Rendering Manager driver for the next kernel cycle...

13:06

DXVK 0.70 Released With Initial Direct3D 10 Over Vulkan Support "IndyWatch Feed Tech"

Just in time for any weekend Linux gamers, a new release of DXVK is available that maps the Direct3D API to Vulkan for allowing faster Windows gaming performance under Wine...

13:00

Whats Behind the Door? An IoT Light Switch "IndyWatch Feed Tech"

Were not sure who designed [Max Glenister]s place, but they had some strange ideas about interior door positioning. The door to his office is right next to a corner, yet it opens into the room instead of toward the wall. Well, that issues been taken care of. But the architect and the electrician got the last laugh, because now the light switch is blocked by the open door.

Folks, this is the stuff that IoT is made for. [Max] here solved one problem, and another sprang up in its place. What better reason for your maiden voyage into the cloud than a terrible inconvenience? He studied up on IoT servo-controlled light switching, but found that most of the precedent deals with protruding American switches rather than the rockers that light up the UK. [Max] got what he needed, though. Now he controls the light with a simple software slider on his phone. It uses the Blynk platform to send servo rotation commands to a NodeMCU, which moves the servo horn enough to work the switch. Its simple, non-intrusive, and it doesnt involve messing with mains electricity.

Got those protruding American switches? [Suyash] shed light on that problem a while back.

12:43

Re: spice CVE-2018-10873: post-auth crash or potential heap corruption when demarshalling "IndyWatch Feed Tech"

Posted by Jeffrey Walton on Aug 17

I believe Florian is correct. I think the most freedom you are allowed
is to access one beyond the "end" of the array; otherwise it is
undefined behavior. The compiler is free to remove the code or dragons
can fly out your nose.

Jeff

12:39

Linux mount an LVM volume / partition command "IndyWatch Feed Tech"

I have some data on second SATA hard disk created by Fedora Linux installer with some data. How do I mount an LVM volume/partition in Linux to access my data? Can you tell me the command to mount LVM partition in Linux?

The post Linux mount an LVM volume / partition command appeared first on nixCraft.

12:31

Turkeys Lira Weakens More than 6 Percent on Threat of More U.S. Sanctions "IndyWatch Feed Tech"

Via: Reuters: Turkeys battered lira weakened more than 6 percent against the dollar on Friday, after a U.S. warning that Ankara should expect more economic sanctions unless it hands over the detained American evangelical pastor Andrew Brunson. It has lost nearly 40 percent of its value against the dollar this year, hit by both the []

12:24

Smallest Transistor Switches Current With a Single Atom in Solid Electrolyte "IndyWatch Feed Tech"

Smallest transistor switches current with a single atom in solid electrolyte:

At Karlsruhe Institute of Technology (KIT), physicist Professor Thomas Schimmel and his team have developed a single-atom transistor, the world's smallest. This quantum electronics component switches electrical current by controlled repositioning of a single atom, now also in the solid state in a gel electrolyte. The single-atom transistor works at room temperature and consumes very little energy, which opens up entirely new perspectives for information technology. The transistor is presented in Advanced Materials.

[...] In Advanced Materials, the KIT researchers present the transistor that reaches the limits of miniaturization. The scientists produced two minute metallic contacts. Between them, there is a gap as wide as a single metal atom. "By an electric control pulse, we position a single silver atom into this gap and close the circuit," Professor Thomas Schimmel explains. "When the silver atom is removed again, the circuit is interrupted." The world's smallest transistor switches current through the controlled reversible movement of a single atom. Contrary to conventional quantum electronics components, the single-atom transistor does not only work at extremely low temperatures near absolute zero, i.e. -273C, but already at room temperature. This is a big advantage for future applications.

The advance heralds a means of dramatically reducing the amount of electricity required to power electronic devices.

Full journal article is paywalled; free abstract: Fangqing Xie, Andreas Peukert, Thorsten Bender, Christian Obermair, Florian Wertz, Philipp Schmieder, Thomas Schimmel. Quasi-Solid-State Single-Atom Transistors. Advanced Materials, 2018; 30 (31): 1801225 DOI: 10.1002/adma.201801225


Original Submission

Read more of this story at SoylentNews.

12:18

2019 HACKER CALENDAR IS OUT "IndyWatch Feed Tech"

The brand new 2019 Hacker Calendar has been officially released. It contains yet another set of amazing payphone photos from around the world, along with calendar entries for nearly every day of the year, filled with momentous historical notes of interest to hackers and the world of technology in general. Each month features another 12"x12" glossy color photo of a public phone, none of which have been printed before, either in previous calendars or in 2600. And while 2019 may seem far away, it grows closer with every moment. (Plus, this calendar becomes operational in September of this year, as we have a special four-month page for the last part of 2018, complete with yet another awesome payphone photo!)

Get your 2019 calendar here. Get your super-discounted 2018 calendar here.

 

12:01

Re: spice CVE-2018-10873: post-auth crash or potential heap corruption when demarshalling "IndyWatch Feed Tech"

Posted by Frediano Ziglio on Aug 17

Technical but not real. Unless it wraps is correct. To wrap the memory
layout would have to have the kernel before the userspace and the
memory buffer at the very end of memory. Neither Linux nor Windows which
we support have these characteristics.

cursor_u__nw_size is either 0 or 17, very hard to wrap, impossible in currently
supported systems as stated earlier.

Yes, check is not perfect and can be modified to support any possible
technical...

11:47

Lubuntu Planning Switch To Wayland, Porting Openbox To Mir "IndyWatch Feed Tech"

Ubuntu derivative Lubuntu that is now using the LXQt desktop environment has laid out more of their plans to switch over to Wayland rather than the existing X.Org based session...

11:39

Qualcomm Adreno 600 Series Support Submitted For Linux 4.19 "IndyWatch Feed Tech"

Following the main DRM features update for Linux 4.19, a secondary pull request has now been submitted that offers up the nine thousand lines of code for bringing up the Adreno 600 series support for supporting the very latest Qualcomm Snapdragon SoCs...

11:29

More AMDGPU Work For Linux 4.19 Has VCN + PSP Firmware Hookup For Future Hardware "IndyWatch Feed Tech"

The good news is that the open-source AMD graphics team continues working on support for upcoming hardware, but the bad news is that it looks like their VCN video hardware might be a bit more locked down than it is now...

11:26

New PHP Code Execution Attack Puts WordPress Sites at Risk "IndyWatch Feed Tech"

Sam Thomas, a security researcher from Secarma, has discovered a new exploitation technique that could make it easier for hackers to trigger critical deserialization vulnerabilities in PHP programming language using previously low-risk considered functions. The new technique leaves hundreds of thousands of web applications open to remote code execution attacks, including websites powered by

11:09

POWER Changes On The Way To Linux 4.19 Include More Spectre Work "IndyWatch Feed Tech"

The POWER architecture changes have been submitted for the in-development Linux 4.19 kernel...

10:47

Install LXD pure-container hypervisor on Ubuntu 18.04 LTS "IndyWatch Feed Tech"

How can I install LXD pure-container hypervisor on Ubuntu 18.04 LTS to runs unmodified Debian/Ubuntu/CentOS Linux operating systems VM at incredible speed? How do I setup and use LXD on Ubuntu Linux server?

The post Install LXD pure-container hypervisor on Ubuntu 18.04 LTS appeared first on nixCraft.

10:42

Hitting the pause button on life "IndyWatch Feed Tech"

The wood frog, Rana sylvatica, is one of many animals to master the art of a reversible, coma-like state known as metabolic depression. Metabolically depressed animals use tiny amounts of energy, sometimes so little that scientists cant tell if they have any metabolism at all. Somehow, these animals press the pause button on life, outlasting hard times in demanding environments. Could humans ever learn to imitate death like these animals? Workers from fields as diverse as medicine to space exploration are itching to know the answer .


If other members of the animal kingdom can shut down their bodies over winter, then why cant we?

10:40

Credit Card Skimmers Now Need to Fear the Reaper "IndyWatch Feed Tech"

Submitted via IRC for Fnord666

SkimReaper, subject of a USENIX Security paper, detects most common card skimmers.

[...] At the USENIX Security Symposium here today, University of Florida researcher Nolen Scaife presented the results of a research project he undertook with Christian Peeters and Patrick Traynor to effectively detect some types of "skimmers"maliciously placed devices designed to surreptitiously capture the magnetic stripe data and PIN codes of debit and credit cards as they are inserted into automated teller machines and point-of-sale systems. The researchers developed SkimReaper, a device that can sense when multiple read heads are presenta telltale sign of the presence of a skimmer.

Source: https://arstechnica.com/information-technology/2018/08/researchers-develop-device-to-aid-in-hunt-for-stealthy-atm-card-skimmers/


Original Submission

Read more of this story at SoylentNews.

10:31

[SECURITY] [DSA 4276-1] php-horde-image security update "IndyWatch Feed Tech"

Posted by Sebastien Delafond on Aug 17

-------------------------------------------------------------------------
Debian Security Advisory DSA-4276-1 security () debian org
https://www.debian.org/security/ Sebastien Delafond
August 17, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : php-horde-image
CVE ID : CVE-2017-9773...

10:05

Re: spice CVE-2018-10873: post-auth crash or potential heap corruption when demarshalling "IndyWatch Feed Tech"

Posted by Florian Weimer on Aug 17

These checks are still technically invalid because start + 2 is not a
valid pointer if it points past the allocated object.

This is more problematic here:

If cursor_u__nw_size results in pointer wraparound, the check might fail
incorrectly.

The commit message quotes the right pattern, nw_size > (uintptr_t)
(message_end - start), but it is not used in the actual code AFAICS.

Thanks,
Florian

10:00

No SD Card Slot? No Problem! "IndyWatch Feed Tech"

We feature hacks on this site of all levels of complexity. The simplest ones are usually the most elegant of Why didnt I think of that! builds, but just occasionally we find something that is as much a bodge as a hack, a piece of work the sheer audacity of which elicits a reaction that has more of the How did they get away with that! about it.

Such a moment comes today from [Robinlol], who has made an SD card socket. Why would you make an SD card socket when you could buy one is unclear, beyond that he didnt want to buy one on an Arduino shield and considered manufacture his only option. Taking some pieces of wood, popsicle sticks, and paperclips, he proceeded to create a working SD card of such bodgeworthy briliance that even though it is frankly awful we still cant help admiring it. Its an SD card holder, and despite looking like a bunch of bent paperclips stuck in some wood, it works. What more could you want from an SD card holder?

Paperclips are versatile items. If an SD card holder isnt good enough, how about using them in a CNC build?

09:56

TheISOZone: Yet Another Retro Gaming Site Shuts Down "IndyWatch Feed Tech"

Last month, Nintendo flexed its considerable muscles by targeting two retro-gaming platforms.

The Japanese gaming giant filed a complaint at a federal court in Arizona, targeting LoveROMS.com and LoveRETRO.co for copyright and trademark infringement.

With potentially millions of dollars in damages at stake, both sites quickly shut down, taking libraries of gaming ROMs with them. But for fans of emulators and retro-gaming, the bad news wasnt over yet.

In an announcement last week, EmuParadise, one of the webs longest standing emulator and ROM download portals, announced that it will no longer be offering game ROMs for download. After 18 years of service, EmuParadise had fallen, largely because of Nintendos aggressive actions elsewhere.

This chain of events caused shockwaves in the retro-gaming community, waves that are already beginning to widen. A statement just published by fellow gaming site TheISOZone indicates that it too will make a sharp exit from the scene.

Copyright infringement laws vary from country to country, but the premise in a nutshell is that copyright infringement is the cause of monetary loss or damage to the copyright holder. With retro gaming, there are no ways of purchasing the games let alone the systems to play them on in a way that would still generate the copyright holders revenue. None whatsoever, TiZ from the site said.

This is why retro roms have always been a grey area. The distribution of their works, although frowned upon, were never actioned against as in a court of law that is what they would have to prove monetary loss or damages. And they couldnt because its simply not true.

While lawyers in various jurisdictions will queue up to dissect his take on the law, TiZ says that times are changing, perhaps in a way that will allow copyright holders to more easily demonstrate monetary losses.

There are now growing ways of obtaining these retro titles through avenues which DO benefit the copyright holders and it seems clear due to recent events, that there are a lot more avenues in development, TiZ says.

This is why we decided to throw in the towel of our own accord. It was a good ride and it was a just ride, however it is clear that in the not so distant future, distributing retro ti...

09:03

ISPs Won't Invest Without Handouts "IndyWatch Feed Tech"

Broadband providers have spent years lobbying against utility-style regulations that protect consumers from high prices and bad service.

But now, broadband lobby groups are arguing that Internet service is similar to utilities such as electricity, gas distribution, roads, and water and sewer networks. In the providers' view, the essential nature of broadband doesn't require more regulation to protect consumers. Instead, they argue that broadband's utility-like status is reason for the government to give ISPs more money.

[...] "Like electricity, broadband is essential to every American," USTelecom CEO Jonathan Spalter and NTCA CEO Shirley Bloomfield wrote Monday in an op-ed for The Topeka Capital-Journal. "Yet US broadband infrastructure has been financed largely by the private sector without assurance that such costs can be recovered through increased consumer rates."

[...] While ISPs want the benefits of being treated like utilitiessuch as pole attachment rights and access to public rights-of-waythey oppose traditional utility-style obligations such as regulated prices and deployment to all Americans.

https://arstechnica.com/tech-policy/2018/08/isps-want-to-be-utilities-but-only-to-get-more-money-from-the-government/


Original Submission

Read more of this story at SoylentNews.

09:02

From 12/26/1965 edition of the Sunday comic strip Our New Age Close enough "IndyWatch Feed Tech"

From 12/26/1965 edition of the Sunday comic strip Our New Age Close enough .

09:00

Technocracy In Education: A Continental System Of Human Conditioning "IndyWatch Feed Tech"


 


The real problem is choice. And choice must then lead naturally to mastery. As important we must learn how to teach a wider range of necessary skills as soon as practical. We certainly do this with most physical skills including music.


The first step is to at least push it all downstream in terms of our political world and let local interests have at it.   Recall reading writing and arithmetic did produce Abraham Lincoln and a single minded focus on real estate produced Donald Trump.  Of course both knew far more than they ever let on.


Far too much of our book learning has been used as a memory test.  That is an awful idea.  If you want to teach memory find a better way than memorizing garbage.  Summarizing in three paragraphs what the lesson taught you is effective.  That is what i do here and i have been doing that all along..

  

Technocracy In Education: A Continental System Of Human Conditioning


Source: Tech In Asia

Written By: Dr. Tim Ball July 31, 2018

https://www.technocracy.news/technocracy-in-education-a-continental-system-of-human-conditioning/

Dr. Tim Ball doesnt mention it by name, but what he describes is pure Technocracy at heart. In 1934, the Technocracy Study Course defined education as A continental system of human conditioning will have to be installed to replace the existing insufficient educational methods and institutions. This continental system of general education will have to be organized as to provide the fullest possible conditioning and physical training It must educate and train the student public so as to obtain the highest possible percentage of proficient functional capacity. TN Editor

I write this article from 40-years of direct involvement in education at all levels from kindergarten to postsecondary, in several countries. Overall, it is an unmitigated disaster for the majority of citizens. It only favors a few elites who created it and work...

09:00

Six inch wide diamond disks guide megawatt of microwave heating for nuclear fusion "IndyWatch Feed Tech"


09:00

Betting on a Catastrophically Cooling World "IndyWatch Feed Tech"



This does not address the core question of why did the heat content of the Earth decline during the past three thousand years.  My answer to that is simple and it leads directly back to our solution.  The Sahara and the whole Middle East has lost its tree canopy.  It is now mostly abandoned desert.  This actually reflects massively incoming radiation back out into space.  Nighttime temperatures plummet.


This process has been underway throughout the whole Holocene but really got serious over the past two thousand years..    

The really good news is that the process has now started on a path of reversal as best practice has begun recovering those lands.  Merely predation control and tree grooming will do a lot.

In fact fencing of a barren square mile of the Sahel will allow buried root systems to rebound.  After a couple years of that you will have a robust cover.  Then applying the water box tech allows injecting commercial trees able to reach deep for water.  all this will lift the water table as well..

Long term we will return to Bronze Age conditions.
 
Betting on a Catastrophically Cooling World

By Ed Hoskins

August 1, 2018

https://www.lewrockwell.com/2018/08/no_author/betting-on-a-catastrophically-cooling-world/

According to ice core records, the last millennium 1000AD 2000AD has been the coldest millennium of our current Holocene interglacial. This point is more fully illustrated with ice core records on a millennial basis back to the Eemian period here:

Our current, warm, congenial Holocene interglacial, although cooler than the Eemian interglacial 120,000 years ago, has been the enabler of mankinds civilisation for the last 10,000 years, spanni...

09:00

Explaining the High Cost of US Health Care: No Skin in the Game "IndyWatch Feed Tech"





  • I completely disagree with the idea that universal medicare cannot work.  It has actually worked well enough everywhere else.  The insurance companies are not involved at all. as it should be for a universal need.  Do you pay an insurance company to provide your food?
     
    My key point though is 'well enough'  That amazingly in Canada provides a plane trip for a rare brain operation handled in one key place.  You simply do not need two places and you have only a handful.
     
    What is not provided is best service for discretionary aspects, but so what. The easy fix to all that is allowing queue jumping for cash because there is actually slack enough.  Waiting a year for a knee operation is no fun but most are already retired.  Paying to have it now is an option.

    We are now trending toward a massive improvement in human health and in outcomes as well.  This will actually drop the general cost profile.
     
    A free market is only possible in the USA if the insurance gaming is excluded.  Fifteen percent of that twenty percent is drained by unnecessary admin and insurance profiteering with markups stacked on markups.

    Explaining the High Cost of US Health Care: No Skin in the Game
    ...

08:44

Cosmos Bank Hackers stole Rs 94 crore ($13.5 million) in just in 2 days "IndyWatch Feed Tech"

Cosmos Bank, one of the largest Indian cooperative banks, confirmed it was the victim of a cyberheist, over the weekend hackers stole over 940 million rupees ($13.5 million) in three days.

Hackers stole over 940 million rupees ($13.5 million) in three days from the Indian cooperative Cosmos bank. The Cosmos bank publicly disclosed the attacks in a press conference on Tuesday, according to the financial institution, the hackers stole the funds in three attacks using a malware.

Hackers managed to siphon off over Rs 94 crore through a malware attack on the server of Pune-based Cosmos Bank and cloning thousands of the banks debit cards over a period of two days, a top official said. reports the economictimes.indiatimes.com.

According to Cosmos Bank chairman Milind Kale, the attack was launched from Canada, but likely the country was used as a relay for the attack.

The first two security breaches occurred on August 11 when hackers withdrew 805 million rupees ($11.4 million) through 14,849 ATM transactions across 28 countries.

The fraudulent transactions were carried out on August 11 and August 13 and the malware attack by the hackers originated in Canada, Cosmos Bank chairman Milind Kale told reporters here today.

In two days, hackers withdrew a total Rs 78 crore from various ATMs in 28 countries, including Canada, Hong Kong and a few ATMs in India, and another Rs 2.5 crore were taken out within India, he said. 

On August 13, hackers again transferred Rs 13.92 crore in a Hong Kong-based bank by using fraudulent transactions.

In the first wave of attacks, crooks stole 780 million rupees ($11 million) through 12,000 ATM withdrawals via the VISA card system. Most of the fraudulent transactions were made overseas.

The second wave of attacks was launched two hours later, cybercriminals withdrew an additional 25 million rupees ($400,000) via 2,849 ATM transactions via the Rupay debit card system at ATM locations across India.

The good news is that the Cosmos Bank detected the fraudulent transactions and halted them, but its staff was not able to lock out the attackers.

On Monday, August 13, the hackers launched a third wave of attacks targeting the SWIFT system. Crooks made three fraudulent transactions to a bank account in Hong Kong for a total of Rs 13.92 crore rupees ($1,8 million).

The good news is that money wasnt stolen from customer accounts, the ban...

08:42

SpaceXs futuristic Crew Dragon astronaut walkway is ready for US human spaceflight revival "IndyWatch Feed Tech"

SpaceX has publicly revealed the sleek, minimalist design of the access arm that NASA astronauts will soon use to board Crew Dragon spacecraft, bringing to an end more than half a decade of U.S. dependency upon non-native rockets and space agencies to transport crew to the International Space Station.

After several months of concerted effort in a tent located on Pad 39A property, SpaceX engineers, welders, and technicians have nearly completed the most critical portion of the launch facility modifications and upgrades necessary to return the pads human spaceflight capabilities. Known as a Crew Access Arm (CAA), SpaceX will likely complete installation of the Arm by the end of August, wrapping up what is by far the most visible step yet towards returning astronauts to the ISS on American rockets and spacecraft.

07:26

FDA and NIH Propose Reduction in Gene Therapy Biosafety Oversight "IndyWatch Feed Tech"

After intense discussions regarding the ethical, legal, and social implications of this technology, conversations were initiated at the NIH that led to the establishment of the Recombinant DNA Advisory Committee (RAC) in 1974. The RAC's mission was to advise the NIH director on research that used emerging technologies involving manipulation of nucleic acids a mission that was eventually expanded to encompass the review and discussion of protocols for gene therapy in humans. In 1990, the FDA oversaw the first U.S. human gene-therapy trial, which involved pediatric patients with adenosine deaminase deficiency and was conducted at the NIH Clinical Center in Bethesda, Maryland.

Although no major safety concerns were initially reported, over the course of the 1990s it became evident that many questions regarding the safety and efficacy of gene therapy remained unanswered. These unknowns were brought into sharp focus in 1999 when Jesse Gelsinger died of a massive immune response during a safety trial of gene therapy for ornithine transcarbamylase deficiency.1 This tragic death led to closer scrutiny of the field, including a greater focus on open dialogue and increased regulatory oversight.

[...] In changes proposed on August 17, 2018, in the Federal Register, the NIH and the FDA seek to reduce the duplicative oversight burden by further limiting the role of the NIH and RAC in assessing gene-therapy protocols and reviewing their safety information. Specifically, these proposals will eliminate RAC review and reporting requirements to the NIH for human gene-therapy protocols. They will also revise the responsibilities of institutional Biosafety Committees, which have local oversight for this research, making their review of human gene-therapy protocols consistent with review of other research subject to the NIH Guidelines. Such streamlining will also appropriately place the focus of the NIH Guidelines squarely back on laboratory biosafety.

Source: New England Journal of Medicine: https://www.nejm.org/doi/full/10.1056/NEJMp1810628


Original Submission

Read more of this story at SoylentNews.

07:00

PCB Junk Drawer Turned Into Blinky Mosaic "IndyWatch Feed Tech"

Weve all got a box full of old PCBs, just waiting to be stripped of anything useful. [Dennis1a4] decided to do something with his, turning it into an attractive mosaic that he hung on the wall of his new workshop. But this isnt just a pile of old PCBs: [Dennis1a4] decided to use the LEDs that were on many of the old boards, creating a blinky junk build. Thats kind of neat in itself, but he then decided to go further, building in an IR receiver so he could control the blinkiness, and a PIR sensor that detected when someone was near the mosaic.

This whole setup is controlled by an ATMega328p  that is driving a couple of PCF8575 port expanders that drive the LEDs. These blink in Morse code patterns. [Dennis1a4] also used an array of DIP switches on one of the boards to randomize the patterns, and wired in a pizeo buzzer on another board to make appropriate bleepy noises.

06:02

The One About a Russian Satellite Raising Alarm with U.S. "IndyWatch Feed Tech"

Just a few stories for context about this Russian satellite situation: Mystery Russian Satellites Behaviour Raises Alarm in U.S.: A mysterious Russian satellite displaying very abnormal behaviour has raised alarm in the US, according to a State Department official. We dont know for certain what it is and there is no way to verify it, []

05:49

Children Are Susceptible to Peer Pressure From Robots "IndyWatch Feed Tech"

Submitted via IRC for Fnord666

[...] In a study published today in the journal Science Robotics, researchers from Germany and the UK demonstrated that children are susceptible to peer pressure from robots. The findings, say the researchers, show that, as robots and AIs become integrated into social spaces, we need to be careful about the influence they wield, especially on the young.

The paper's authors ask, "For example, if robots recommend products, services, or preferences, will compliance [...] be higher than with more traditional advertising methods?" They note that robots are being introduced to plenty of other domains where social influence could be important, including health care, education, and security.

[...] Although it's the susceptibility of the children that leaps out in this experiment, the fact that the adults were not swayed by the bots is also significant. That's because it goes against an established theory in sociology known as "computer are social actors," or CASA. This theory, which was first outlined in a 1996 book, states that humans tend to interact with computers as if they were fellow humans. The results of this study show that there are limits to this theory, although Belpaeme says he and his colleagues were not surprised by this.

Source: https://www.theverge.com/2018/8/15/17688120/social-influence-robots-ai-peer-pressure-children


Original Submission

Read more of this story at SoylentNews.

05:27

Inflation: Venezuela Will Cut Five Zeros from Currency "IndyWatch Feed Tech"

Ah yes, ye ole Zimbucks solution: Via: WRAL: Faced with nearly incomprehensible inflation 32,714 percent as of Wednesday Venezuelan officials thought they had a solution: They changed the color of the bank notes and increased their denomination. Then they said they would lop off three zeros. And when that didnt seem enough, they []

05:00

7 Awesome Solar System Destinations That Will Kill You - Facts So Romantic "IndyWatch Feed Tech"


Even if you make it past the interplanetary radiation, youre still confronted with any number of hazards, and they dont stop once you land.Image by SyFy / YouTube

In the why-arent-you-watching-this television show The Expanse, humanity has spread out into the solar system. Mars and Earth stand as bitter rivals, with Ceres settlers somewhere in between. A few companies even have settlers in the outer regions of the solar system.

You wouldnt necessarily want to live in the world of The Expanse, as fantastic as it is. Yet the show still plays to the dreams of those of us who long to wander the final frontier. However, the reality of what awaits you beyond Earth is far more dangerous than the show. Even if you make it past the interplanetary radiation, youre still confronted with any number of hazards, and they dont stop once you land.

Here are a few places from your colonization dreams that might end up actual nightmares.

The Moon

The Moon is closetantalizingly closeand weve actually stepped foot there. But as the Apollo astronauts returned to Earth in their moon dust-covered space suits, every moonwalker encountered the same set of symptoms: sneezing, wheezing, sore throats, and nasal congestion. It seemed like they were
Read More

04:30

[SECURITY] [DSA 4275-1] keystone security update "IndyWatch Feed Tech"

Posted by Moritz Muehlenhoff on Aug 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-4275-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 16, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : keystone
CVE ID : CVE-2018-14432
Debian Bug :...

04:27

[SECURITY] [DSA 4274-1] xen security update "IndyWatch Feed Tech"

Posted by Moritz Muehlenhoff on Aug 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-4274-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 16, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : xen
CVE ID : CVE-2018-3620 CVE-2018-3646

This...

04:24

[SECURITY] [DSA 4273-1] intel-microcode security update "IndyWatch Feed Tech"

Posted by Moritz Muehlenhoff on Aug 16

-------------------------------------------------------------------------
Debian Security Advisory DSA-4273-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
August 16, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : intel-microcode
CVE ID : CVE-2018-3639...

04:21

SEC Consult SA-20180813-0 :: SQL Injection, XSS & CSRF vulnerabilities in Pimcore "IndyWatch Feed Tech"

Posted by SEC Consult Vulnerability Lab on Aug 16

SEC Consult Vulnerability Lab Security Advisory < 20180813-0 >
=======================================================================
title: SQL Injection, XSS & CSRF vulnerabilities
product: Pimcore
vulnerable version: 5.2.3 and below
fixed version: 5.3.0
CVE number: CVE-2018-14057, CVE-2018-14058, CVE-2018-14059
impact: High
homepage: https://pimcore.com/en...

04:11

MIT Scientists Crack the Case of Breaking Spaghetti in Two "IndyWatch Feed Tech"

Submitted via IRC for Fnord666

Pasta purists insist on plonking dry spaghetti into the boiling pot whole, but should you rebel against convention and try to break the strands in half, you'll probably end up with a mess of scattered pieces.

[...] It wasn't until 2006 that a pair of French physicists successfully explained the dynamics at work and solved the mystery. They found that, counterintuitively, a spaghetti strand produces a "kick back" traveling wave as it breaks. This wave temporarily increases the curvature in other sections, leading to many more breaks.

[...] This isn't just fun and games for the sake of idle curiosity (not that there's anything wrong with that). A collaboration between Audoly and Columbia University computer scientist Eitan Grinspun led to developing an Adobe paint brush that bends and moves, introduced in Adobe Illustrator 5 and Adobe Paint Brush 5. The MIT scientists say their new work could be used to better understand how cracks form and spread in similarly structured materials and brittle structuresbridge spans, for instance, or human bones. The secret could lie in the pasta.

Source: MIT scientists crack the case of breaking spaghetti in two


Original Submission

Read more of this story at SoylentNews.

04:00

Digital Dining With Charged Chopsticks "IndyWatch Feed Tech"

Eating Cheetos with chopsticks is a famous lifehack but eating unsalted popcorn could join the list if these chopsticks take hold and people want to reduce their blood pressure. Salt is a flavor enhancer, so in a way, this approach can supplement any savory dish.

Smelling is another popular machine hack in the kitchen, and naturally, touch is popular beyond phone screens. You have probably heard some good audio hacks here, and we are always seeing fascination stuff with video.

03:41

[$] The first half of the 4.19 merge window "IndyWatch Feed Tech"

As of this writing, Linus Torvalds has pulled just over 7,600 non-merge changesets into the mainline repository for the 4.19 development cycle. 4.19 thus seems to be off to a faster-than-usual start, perhaps because the one-week delay in the opening of the merge window gave subsystem maintainers a bit more time to get ready. There is, as usual, a lot of interesting new code finding its way into the kernel, along with the usual stream of fixes and cleanups.

03:35

Google acknowledges it tracks users even with location setting disabled "IndyWatch Feed Tech"

Google has revised descriptions on its website to clarify that it continues to track users' whereabouts even after they have turned off their location settings.The move came after an Associated Press investigation earlier this week found...

02:57

On Status of KKLT "IndyWatch Feed Tech"

(Warning, this is just more about the topic of the last posting, which for most people will be a good reason to stop reading now. On the other hand, if youre obsessed with the controversy over string theory, you might find this interesting).

I finally got around to watching some more of the Simons Center Workshop on the Swampland talks, and noticed a remarkable exchange at the end of Thomas Van Riets talk On Status of KKLT (starting at 1:30). The first commenter (a German, Arthur Hebecker?) starts off saying I think you are doing something that is very dangerous, with the danger being that KKLT will get thrown out and people will think that it is a theorem that string theory has no dS vacua. He is interrupted by Vafa who tells him that your statement is defamatory, lets calm down. The German goes on to explain to Vafa the significance of the danger he is concerned about:

Maybe for you in the US its fine at Harvard, for me it will be a pain because people will turn against me. The little standing that string theory and new physics at all has in Germany will be harmed by a backlash on us that we have been talking nonsense all the time, which is not true.

Van Riet after a while interjects that there is an even worse danger:

The opposite happened and actually back-reacted very badly. We had the books by Woit and Smolin and it was based on the existence of the multiverse as a correct statement, right? And thats when the criticism of string theory took off, right?

Someone else in the audience (Iosif Bena?) comes in on the Vafa/Van Riet side of the argument, criticizing multiverse mania:

I think the main problem was that at the beginning people in the KKLT camp, they came up with, OK string theory has the multiverse, were not going to do physics anymore, the anthropic principle They came up with all these ideas that hurt string theory much much worse, at least in Europe, at least in my part of Europe. And you know, essentially hurt us heavily Then there were these books by Woit and Smolin that were very popular

Its remarkable to see publicly acknowledged by string theorists just how damaging to their subject multiverse mania has been, and rather bizarre to see that they attribute the problem to my book and Lee Smolins. The source of the damage is actually different books, the ones promoting the multiverse, for example this one. A large group of prominent theorists, especially many from the West Coast, including the group at Stanford and the late Joe Polchi...

02:53

spice CVE-2018-10873: post-auth crash or potential heap corruption when demarshalling "IndyWatch Feed Tech"

Posted by Doran Moppert on Aug 16

Frediano Ziglio reported a missing check in the code generated by
spice-common/python_modules/demarshal.py, which could be exploited to
cause integer overflow leading to a crash and/or heap OOB read/writes.

The generated code is used in both client and server, so both are
vulnerable. The most obvious outcome is a crash (since the overflowed
integers are very large), but it's possible a crafty attacker could
leverage this into worse, even...

02:42

How cancer cells communicate and how we can slow them down "IndyWatch Feed Tech"

When cancer cells are closely packed together in a tumor, theyre able to communicate with each other and coordinate their movement throughout the body. What if we could interrupt this process? In this accessible talk about cutting-edge science, Hasini Jayatilaka shares her work on an innovative method to stop cancer cells from communicating and halt their fatal ability to spread.

This talk was presented at an official TED conference, and was featured by our editors on the home page.

02:39

Firefox Add-On With 220,000+ Installs Caught Collecting Users Browsing History "IndyWatch Feed Tech"

A popular Firefox add-on is secretly logging users' browsing history, according to reports from the author of the uBlock Origin ad blocker and Mike Kuketz, a German privacy and security blogger. The add-on in question is named Web Security and is currently installed by 222,746 Firefox users, according to the official Mozilla Add-ons Portal. The add-on's description claims Web Security "actively protects you from malware, tampered websites or phishing sites that aim to steal your personal data."

Its high install count and positive reviews got the add-on on a list of recommended security and privacy add-ons on the official Firefox blog last week.

But this boost of attention from the Mozilla team didn't go down as intended. Hours after Mozilla's blog post, Raymond Hill, the author of the uBlock Origin ad blocker pointed out on Reddit that the add-on exhibited a weird behavior.

"With this extension, I see that for every page you load in your browser, there is a POST to http://136.243.163.73 Hill said. "The posted data is garbled, maybe someone will have the time to investigate further."

Hill's warning went under the radar for a few days until yesterday, when Kuketz, a popular German blogger, posted an article about the same behavior. Hours later, a user on Kuketz's forum managed to decode the "garbled" data, revealing that the add-on was secretly sending the URL of visited pages to a German server. Under normal circumstances, a Firefox add-on that needs to scan for threats might be entitled to check the URLs it scans on a remote server, but according to a format of the data the add-on was sending to the remote server, Web Security appears to be logging more than the current URL.

The data shows the plugin tracking individual users by an ID, along with their browsing pattern, logging how users went from an "oldUrl" to a "newUrl." This logging pattern is a bit excessive and against Mozilla's Addon Portal guidelines that prohibit add-ons from logging users' browsing history.

Source: Firefox Add-On With 220,000+ Installs Caught Collecting Users' Browsing History


Original Submission

Read more of this story at SoylentNews.

02:23

Physicists fight laser chaos with quantum chaos to improve laser performance "IndyWatch Feed Tech"

To tame chaos in powerful semiconductor lasers, which causes instabilities, scientists have introduced another kind of chaos.

High-powered semiconductor lasers are used in materials processing, biomedical imaging and industrial research, but the emitted light they produce is affected by instabilities, making it incoherent.

The instabilities in the laser are caused by optical filaments; light structures that move randomly and change with time, causing chaos. Removing these instabilities has long been a goal in physics, but previous strategies to reduce filaments have usually involved reducing the power of the laser.

02:23

A filter that turns saltwater into freshwater just got an upgrade "IndyWatch Feed Tech"

Smoothing out a material used in desalination filters could help combat worldwide water shortages.

02:23

Settling Arguments About Hydrogen With 168 Giant Lasers "IndyWatch Feed Tech"

With gentle pulses from gigantic lasers, scientists at Lawrence Livermore National Laboratory in California transformed hydrogen into droplets of shiny liquid metal.

Their research, reported on Thursday in the journal Science, could improve understanding of giant gas planets like Jupiter and Saturn whose interiors are believed to be awash with liquid metallic hydrogen.

The findings could also help settle some fractious debates over the physics of the lightest and most abundant element in the universe.

02:23

The Invisible Forest Under The Sea "IndyWatch Feed Tech"

Half of the planets oxygen comes from tiny plants under the oceans surfacephytoplankton.

02:22

China will send a rover to the far side of the Moon in December "IndyWatch Feed Tech"

The United States and Russia arent the only two nations working hard at realizing their space-faring dreams. China has quickly ramped up its high-flying ambitions in the past couple of decades and late 2018 will mark a real milestone for the countrys space program. The country just announced that it plans on launching a lunar rover to the far side of the Moon in December of this year.

The announcement comes via Chinas state-run news agency CCTV, and China seems bullish on the prospect of being the first country to explore the far side of Earths moon with a robotic rover.

The mission, named Change 4, follows in the footsteps of its predecessor (you guessed it, Change 3) which saw a rover nicknamed Jade Rabbit land on the near side of the Moon back in 2013. That rover ran out of steam in August of 2016, and the model that will be flying to the far side is built largely of backup parts from the Change 3 mission.

02:22

Wheat gene map to help feed the world "IndyWatch Feed Tech"

Researchers are set to develop higher yield wheat varieties requiring less water after making a gene map.

02:14

FCC chief after Alex Jones controversy: Enforcement has nothing to do with content "IndyWatch Feed Tech"

Federal Communications Commission (FCC) Chairman Ajit Pai on Thursday said the FCC this week shut down a pirate radio station because it was broadcasting illegally, not because it was known for airing controversial radio host Alex Jones."...

02:00

HPR2620: Thoughts on language learning part 1 "IndyWatch Feed Tech"

This is the first part of a 3 part series in which I ramble on about my thoughts on language learning. Im no expert and I barely know one language well. In a nutshell: Teach as much as possible in the new language, focusing on vocabulary. Rather than starting with baby books, which might not be a bad idea, try to use a similar approach but assume the learners know a bit about how the world works. The goal is to get to about age 5-6 level in vocabulary so the learner can then switch to language books in the new language which already exist.

01:06

210 Million-Year-Old Pterosaur Predates Most Dinosaurs "IndyWatch Feed Tech"

Winged reptiles thrived before dinosaurs

Palaeontologists have found a new species of pterosaur - the family of prehistoric flying reptiles that includes pterodactyl. It is about 210 millions years old, pre-dating its known relatives by 65 million years.

Named Caelestiventus hanseni, the species' delicate bones were preserved in the remains of a desert oasis. The discovery suggests that these animals thrived around the world before the dinosaurs evolved.

[...] Finding a pterosaur in an ancient Triassic-aged sand dune is a hugely pleasant surprise. What makes this discovery so remarkable is that very few pterosaurs are known from the entire Triassic Period, which means that we have few fossils that tell the story of how these strange winged reptiles evolved during the first 30 million years of their history.

It's a trifecta: a Triassic pterosaur from a new place, preserved in an immaculate way, and found in rocks from an environment that we didn't think they lived in so early during their evolution. What this means is that pterosaurs were already geographically widespread and thriving in a variety of environments very early in their evolution.

Dinosaurs first appeared during the Triassic period, between 243 and 233.23 million years ago.

Caelestiventus hanseni gen. et sp. nov. extends the desert-dwelling pterosaur record back 65 million years (DOI: 10.1038/s41559-018-0627-y) (DX)


Original Submission

Read more of this story at SoylentNews.

01:02

Within 5 years, the world could widely accept that we are within striking distance of a post aging world "IndyWatch Feed Tech"

George Church, Age-X, HIV, Aubrey, a lil bit of everything here.


Within 5 years, the world could widely accept that we are within striking distance of a post-aging world. This could be with the achievement of mice that would normally die at the age of three getting life extension at the age of two and living beyond 5 years. It might be after that with the similar treatments to reverse aging in dogs. It could be with the first age reversal treatments in humans that make people look significantly younger but also restore muscle and other body functions.

Investors would then accelerate any funding needed to complete several very promising anti-aging treatments which are currently being worked upon.

One of the many George Church companies is Rejuvenate Bio. This is a stealth company that has been running tests to reverse aging in dogs.

01:00

A Surprisingly Practical Numitron Watch "IndyWatch Feed Tech"

Regular Hackaday readers are surely familiar with Nixie tubes: the fantastically retro cold cathode display devices that hackers have worked into all manner of devices (especially timepieces) to give them an infusion of glowing faux nostalgia. But unfortunately, Nixie displays are fairly fragile and can be tricky to drive due to their high voltage requirements. For those who might want to work with something more forgiving, a possible alternative is the Numitron that uses incandescent filaments for each segment.

There hasnt been a lot of prior-art that utilizes Numitrons, but that might be changing, given how fantastic this wristwatch created by [Dycus] looks. With a multi-day battery life, daylight readability, and relatively straightforward construction, the Filawatch is likely to end up being something of a reference design for future Numitron watches.

00:36

The Problems and Promise of WebAssembly (Project Zero) "IndyWatch Feed Tech"

Over at Google's Project Zero blog, Natalie Silvanovich looks at some of the bugs the project has found in WebAssembly, which is a binary format to run code in the browser for web applications. She also looks to the future: "There are two emerging features of WebAssembly that are likely to have a security impact. One is threading. Currently, WebAssembly only supports concurrency via JavaScript workers, but this is likely to change. Since JavaScript is designed assuming that this is the only concurrency model, WebAssembly threading has the potential to require a lot of code to be thread safe that did not previously need to be, and this could lead to security problems. WebAssembly GC [garbage collection] is another potential feature of WebAssembly that could lead to security problems. Currently, some uses of WebAssembly have performance problems due to the lack of higher-level memory management in WebAssembly. For example, it is difficult to implement a performant Java Virtual Machine in WebAssembly. If WebAssembly GC is implemented, it will increase the number of applications that WebAssembly can be used for, but it will also make it more likely that vulnerabilities related to memory management will occur in both WebAssembly engines and applications written in WebAssembly."

00:28

ASUS Begins Offering Linux-Based Endless OS On Select Laptops "IndyWatch Feed Tech"

It has been a while since ASUS last offered any Linux options for laptops, but they appear to have a new effort underway with Endless OS...

00:27

Debian: 25 years and counting "IndyWatch Feed Tech"

The Debian project is celebrating the 25th anniversary of its founding by Ian Murdock on August 16, 1993. The "Bits from Debian" blog had this to say: "Today, the Debian project is a large and thriving organization with countless self-organized teams comprised of volunteers. While it often looks chaotic from the outside, the project is sustained by its two main organizational documents: the Debian Social Contract, which provides a vision of improving society, and the Debian Free Software Guidelines, which provide an indication of what software is considered usable. They are supplemented by the project's Constitution which lays down the project structure, and the Code of Conduct, which sets the tone for interactions within the project. Every day over the last 25 years, people have sent bug reports and patches, uploaded packages, updated translations, created artwork, organized events about Debian, updated the website, taught others how to use Debian, and created hundreds of derivatives." Happy birthday to the project from all of us here at LWN.

00:22

Smartphones are damaging this generations mental health "IndyWatch Feed Tech"

Anti-social media.


A new paper suggests that an increase in mobile phone ownership could have led to a rise in mental health problems in young people.

00:21

Hillicon Valley: Twitter CEO Jack Dorsey sits down with The Hill | Drama over naming DHS cyber office | Fallout over revoking Brennan's security clearance | Google workers protest censored search engine for China "IndyWatch Feed Tech"

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Morgan Chalfant (@mchalfant16) and Olivia Beavers (@olivia_beavers),...

00:02

NYU Offers Full-Tuition Scholarships for All Medical Students "IndyWatch Feed Tech"

Doctor? Who?


New York University said Thursday that it will cover tuition for all its medical students regardless of their financial situation, a first among the nations major medical schools and an attempt to expand career options for graduates who wont be saddled with six-figure debt [Editors note: the link may be paywalled]. From a report: School officials worry that rising tuition and soaring loan balances are pushing new doctors into high-paying fields and contributing to a shortage of researchers and primary care physicians. Medical schools nationwide have been conducting aggressive fundraising campaigns to compete for top prospects, alleviate the debt burden and give graduates more career choices. NYU raised more than $450 million of the roughly $600 million it estimates it will need to fund the tuition package in perpetuity, including $100 million from Home Depot founder Kenneth Langone and his wife, Elaine. The school will provide full-tuition scholarships for 92 first-year students another 10 are already covered through M.D./PhD programs as well as 350 students already partway through the M.D.-only degree program.

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Thursday, 16 August

23:50

Twitter reverses decision to block GOP candidate from promoting video "IndyWatch Feed Tech"

A Republican congressional candidate in California is accusing Twitter of censorship for briefly deciding not to allow her to run a campaign ad depicting gruesome images of Cambodia's Khmer Rouge regime.A spokesperson for Twitter confirmed the video...

23:37

Dems urge tech companies to remove 3D-gun blueprints "IndyWatch Feed Tech"

A group of Democratic senators are urging tech companies to ban the publication of 3D gun blueprints on their platforms.The lawmakers told companies in letters made public Thursday and dated Aug. 14th that the blueprints would "allow users from all...

23:30

Power the Small Cells to Prepare for 5G "IndyWatch Feed Tech"

This webinar will share some basic knowledge about 5G, explain how it will impact the entire telecommunications infrastructure. Then it will focus on small cells and how to power and secure this equipment.

In recent months we have seen more and more pilot projects with 5G equipment around the world. This new technology will have a significant impact on the entire infrastructure, especially with the development of edge computing and the new antennas (called small cells) that we will need to power and secure.

The principle of edge computing is to add more data processing capabilities to the edge of the network (i.e., close to the users). The purpose is both to reduce the latency (the time between the request of a data and the reception of this one) and to decongest the network at the core level.

Since 5G operates with millimeter waves, the range of the signal is greatly reduced. As a result, we will need to add thousands of small cells throughout urban areas to provide sufficient coverage.

In this webinar, we will give some basic knowledge about 5G, explain how it will impact the entire telecommunications infrastructure, and then we will focus on small cells and how to power and secure this equipment.

PRESENTER:
 
 ...

New Zealand Bans Sales of Homes to Foreigners "IndyWatch Feed Tech"

New Zealand bans sales of homes to foreigners

New Zealand's parliament has banned many foreigners from buying existing homes in the country - a move aimed at making properties more affordable. The ban only applies to non-residents. Australians and Singaporeans are exempt because of free-trade deals.

New Zealand is facing a housing affordability crisis which has left home ownership out of reach for many. Low interest rates, limited housing stock and immigration have driven up prices in recent years.

[...] [Foreigners] are now banned from purchasing most types of homes - but they will be able to make limited investments in new apartments in large developments.

[...] Chinese investors have been among the biggest and most active offshore buyers of property in the New Zealand market. Also, some wealthy Americans - like Silicon Valley tech billionaire Peter Thiel - have become New Zealand citizens or have bought property in the country. Average prices in New Zealand have risen more than 60% in the past 10 years, while in Auckland - the country's largest city - they have almost doubled.


Original Submission

Read more of this story at SoylentNews.

23:20

Trying to make the DSLWP-B GMSK decoder more robust "IndyWatch Feed Tech"

If youve being following my latest posts, probably youve seen that Im taking great care to decode as much as possible from the SSDV transmissions by DSLWP-B using the recordings made at the Dwingeloo radiotelescope. Since Dwingeloo sees a very high SNR, the reception should be error free, even without any bit error before Turbo decoding.

However, there are some occasional glitches that corrupt a packet, thus losing an SSDV frame. Some of these glitches have been attributed to a frequency jump in the DSLWP-B transmitter. This jump has to do with the onboard TCXO, which compensates frequency digitally, in discrete steps. When the frequency jump happens, the decoders PLL loses lock and this corrupts the packet that is being received (note that a carrier phase slip will render the packet undecodable unless it happens very near the end of the packet).

There are other glitches where the gr-dslwp decoder is at fault. The ones that Ive identify deal in one way or another with the detection of the ASM (attached sync marker). Here I describe some of these problems and my proposed solutions.

The relevant part of the GNU Radio OQPSK decoder for DSLWP-B can be seen below. There are three custom blocks. The first block, QT GUI FFT Correlator Hier correlates against the 64bit ASM that marks the beginning of a packet. It uses an FFT to search in the frequency domain. Essentially, it has a matched filter whose taps are formed by the GMSK-modulated ASM. The signal is first routed through this filter, then a block of samples at the output of the filter is taken, and the FFT of this block is calculated. A peak in the FFT indicates a correlation at the particular frequency corresponding to the bin where the peak has occured and the particular time corresponding to the samples where the block has been taken. This algorithm is very similar to the one I use for my GMSK detector.

DSLWP-B GNU Radio decoder

When the Correlator Hier block detects a correlation peak, it sends tags with the correlation parameters to the downstream blocks. These tags inform of the estimated frequency and phase, signal amplitude and Eb/N0, and (impl...

23:13

Links 16/8/2018: MAAS 2.4.1, Mesa 18.2 RC3 "IndyWatch Feed Tech"

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • How to install Linux apps on your Chromebook

      Chromebooks are great because theyre simple: theres a lot you can get done with web services without exposing yourself to the troubles and security issues that plague more complex platforms.

      But if you need to do a bit more with your Chromebook, you have a few options. Most Chromebooks these days allow you to install apps from the Google Play Store, which should fill most productivity gaps. If not, youll soon have one more option: installing Linux apps. To be clear, youve been able to install Linux apps on Chromebooks for years because Chrome OS is Linux. But, its about to get much easier.

    • Top 5 Features Still Missing From Chrome OS
      ...

22:23

End of an Era in Indian Politics "IndyWatch Feed Tech"

India keeps losing its stalwarts of Indian politics this year. First J.Jayalitha of AIADMK in Tamilnadu then K. Karunanidhi of DMK in Tamilnadu and Somnath Chatterjee of Communist Party in W.Bengal and now Indias most popular Prime Minister after Pt Jawahar Lal Nehru and Mrs Indira Gandhi, Atal Bihari Vajapayee who was admitted in All India Institute of Medical Sciences took his last breath  today at 05;02 PM in New Delhi.
Atal Bihari Vajpayee is regarded as a great orator who gave India a strong opposition party including bringing a non Congress government in power for first time which completed its full tenure. Apart from this he had a very long and fruitful career as leader of opposition,Foreign Minister,Prime Minister,Poet,Social Servant,Journalist and Writer.He was such a great charismatic leader that Indias first Prime Minister Pt Jawahar Lal Nehru had predicted that he would become Prime Minister of the country when Atal Bihari was still in his youth and was sitting in opposition of Nehru.
He was such a great stalwart that he was regarded as a tall and great leader not with in his party but out side party.It was during his Prime Ministership that India Visited a swift in its foreign policy and USA started getting close through the Civilian Nuclear Deal .His USA counter part President Bush also appraised him for his cooperation in Civilian Nuclear Deal. He extended his hands of friendship towards Pakistan through Lahore Summit and a Bus Service.
He was born in Madhya Pradesh in North India on December 25,1924 but has lived his political life in Uttar Pradesh. During the demolition of Babri Mosque in Ayodhya he apologized to the nation but at the same time advocated that a scientific investigation be allowed to extract the proof of Ram Temple and ordered an excavation of site of dispute. While he advocated that a friendly ties be maintained with Pakistan he warned Pakistan from any unwanted steps towards borders and Kashmir. It was during his Prime Ministership that Pakistani troops infiltrated above the hills of Kargil and pushed back by Indian Army.It was referred as Kargil War. It was during his tenure that a scientist from a minority Muslim community was credited with honor of becoming President of India The highest constitutional post in India who pioneered Indias Missile program and tested second Nuclear Bomb in the Run of Pokharan successfully despite being aware of geo-political odds and reciprocations .

His legendary speeches on many occasions including at the time of his resignation from a 13 days government,his speech during Kargil War,his advice during Gujrat Riots,his speech in Hindi in United Nations when he was external Affairs Minister his speech on Ayodhya Issue,his poetry and journalism are regarded as milestones of Indian Politics,Society and Literature. He sheltered and nourished a chain of new age politicians including current Prime Minister Narendra Mod...

22:00

Hanging, Sliding Raspi Camera Adds Dimension To Octoprint "IndyWatch Feed Tech"

Are you using Octoprint yet? Its so much more than just a way to control your printer over the internet, or to keep tabs on it over webcam when youre off at work or fetching a beer. The 3D printing community has rallied around Octoprint, creating all sorts of handy plug-ins like Octolapse, which lets you watch the print blossom from the bed via time-lapse video.

Hackaday alum [Jeremy S Cook] wanted to devise a 3D-printable mount for a Raspi camera after finding himself inspired by [Tom Nardi]s excellent coverage of Octoprint and Octolapse. He recently bought a wire shelving unit to store his printer and printer accessories, and set to work. We love the design he came up with, which uses the flexibility of the coolant hose to provide an endlessly configurable camera arm. But wait, theres more! Since [Jeremy] mounted it to the rack with zip ties, the whole rig shimmies back and forth, providing a bonus axis for even more camera views. Slide past the break to see [Jeremy]s build/demo video.

Its great to be able to monitor a print from anywhere with internet access, but the camera is almost always set up for a tight shot on the print bed. How would you ever know if youre about to run out of filament? For that, you need a fila-meter.

21:50

Los Angeles to Become the First City to Use Body Scanners in Rail Transit Systems "IndyWatch Feed Tech"

Submitted via IRC for Fnord666

LA to become the first city to use body scanners in rail transit systems

The Los Angeles County Metropolitan Transportation Authority just announced its plans to become the first city to use portable body scanners in its subway and light-rail systems to help detect the presence of explosive devices.

"We're dealing with persistent threats to our transportation systems in our country," TSA administrator David Pekoske in a statement. "Our job is to ensure security in the transportation systems so that a terrorist incident does not happen on our watch."

The portable scanners will begin rolling out in a few months, the executive director of security for the LA Metro Alex Wiggins said yesterday. According to the AP, the scanners will be able to conduct full-body scans from 30 feet away and are capable of scanning more than 2,000 passengers per hour.

[...] The city is one of several in which the TSA has piloted these new body scanners, although LA will be the first to fully adopt them. The agency has also worked with public transit officials from San Francisco's Bay Area Rapid Transit, New Jersey's transit system, as well as Amtrak stations at New York's Penn Station and DC's Union Station. Wiggins assured passengers that screenings in the LA Metro would be well-marked and that those choosing to opt out could do so by leaving the station.


Original Submission

Read more of this story at SoylentNews.

21:45

ISP Has No Safe Harbor Defense in Piracy Case, Record Labels Argue "IndyWatch Feed Tech"

Last year several major record labels, represented by the RIAA, filed a lawsuit against ISP Grande Communications accusing it of turning a blind eye to pirating subscribers.

According to the RIAA, the Internet provider knew that some of its subscribers were frequently distributing copyrighted material, but failed to take any meaningful action in response.

Grande refuted the accusations and filed a motion to dismiss the case. The ISP partially succeeded as the claims against its management company Patriot were dropped. The same was true for the vicarious infringement allegations, as the court saw no evidence that the ISP had a direct financial interest in the infringing activity.

The labels were not willing to let go so easily.

They submitted a motion for leave to file an amended complaint including new evidence obtained during discovery. And a few days ago, they upped the pressure with a motion for summary judgment, arguing that Grande has no safe harbor defense.

In order to get safe harbor protection, the DMCA requires ISPs to adopt and reasonably implement a policy for terminating the accounts of repeat copyright infringers. According to the motion, it is clear that Grande failed to do so. As such, the company should be held directly liable.

For years, Grande claimed in its online Acceptable Use Policy that it had a policy of terminating repeat infringers. Grande continued to assert that claim in its pleadings and written discovery responses in this suit.

None of that was true. The undisputed record evidence establishes that Grandes Acceptable Use Policy was a sham, the labels motion reads.

There can be little dispute over Grandes failing policy, the labels state. They point out that corporate paperwork and testimony of Grandes senior executives clearly show that there wasnt an adequate repeat infringer policy.

Indeed, the documents and testimony demonstrate that rather than a policy for terminating repeat infringers, Grande consciously chose the opposite: a policy allowing unlimited infringement by its subscribers, the labels write.

At the same time, there was no lack of DMCA notices. The labels note that the ISP received at least 1.2 million notices of alleged copyright infringement between 2011 and 2016. This includes hundreds of thousands of notices from Rightscorp.

Despite these repeated warnings, the company didnt te...

21:32

New Engineering Journal from Annual Reviews "IndyWatch Feed Tech"

The inaugural volume of the Annual Review of Control, Robotics, and Autonomous Systems is now available online!

Annual Reviews

The Annual Review of Control, Robotics, and Autonomous Systems highlights the theoretical and applied research in control and robotics that drives and enriches the engineering of autonomous systems. This new journal is the first of its kind to cover both the broad fields of control and robotics and their fundamental roles in the increasingly important area of autonomous systems.

View the full Table of Contents for Volume 1 here: https://www.annualreviews.org/toc/control/1/1

Free online preview is available now.

Topics in the first volume cover control and its connections to game theory, distributed optimization, Kalman filtering, geometric mechanics, privacy, data-driven strategies, and deep learning, together with robotics and its connections to manipulation, materials, mechanisms, planning, decision-making, and synthesis. Applications include artificial touch, soft micro and bio-inspired robotics, minimally invasive medical technologies, rehabilitative robotics, autonomous flight, airspace management, and systems biology.

"The opportunities are enormous for control, robotic, and autonomous systems to help make the world a better place. Search and rescue, environmental monitoring, surgical assistance, and smart grids are just a few of the high-impact applications. The Annual Review of Control, Robotics, and Autonomous Systems provides a much-needed unifying forum for the richly varied and ever-evolving research that promotes creativity and advances control, robotics, and the engineering of autonomous systems. Researchers and practitioners alike will find the articles of great value in learning and integrating across the many interconnected disciplines that contribute to this fantastically exciting field."

-Dr. Naomi Ehrich Leonard, Editor

Gain insights into top research faster with Annual Reviews.

Annual Reviews is a non-profit publisher dedicated to synthesizing and integrating knowledge to stimulate the progress of science and benefit society. For more than 85 years, Annual Reviews has published top-cited reviews by invited experts. Our authors synthesize research and identify areas for further investigation and help researchers and students in biomedical, life, physical, and social sciences advance their fields.

Sign up to get email alerts for the next volume of Annual Review of Control, Robotics, and Autonomous Systems....

20:22

Two Industries in One Field "IndyWatch Feed Tech"

Now that we are starting to see the arrival of actual therapies aimed at targeting the processes of aging directly in order to prevent age-related diseases, it has become easier to separate two very distinct groups.

The first group consists of the snake oil salesmen peddling unproven supplements and therapies to whoever is foolish enough to buy and take things on faith without using the scientific method. The hucksters have long been a plague on our field, preying on the gullible and tainting legitimate science with their charlatanry and nonsense. One example is the biotech company that makes bold claims yet never delivers on those claims in practice, offering data based on poorly designed experiments and tiny cohorts that are statistically irrelevant; another example is the supplement peddler selling expensive supplement blends with flashy names, which, on inspection, turn out to be commonly available herbs and minerals mixed and sold at a high markup. These sorts of people have plagued our community and given the field a reputation of snake oil.

The second group are the credible scientists, researchers, and companies who have been working on therapies for years and sometimes more than a decade. Many of these therapies are following the damage repair approach advocated by Dr. Aubrey de Grey of the SENS Research Foundation over a decade ago. The basic idea is to take an engineering approach to the damage that aging does to the body and to periodically repair that damage in order to keep its level below that which causes pathology. These therapies are now starting to arrive, with some already in human trials right now, and this marks a milestone in our field: the credible science has finally outstripped the snake oil, and the focus can move from pseudoscience to real, evidence-based science.

20:22

Google employees organize against censored search service for China "IndyWatch Feed Tech"

Google employees are protesting the companys reported efforts to build a censored search service that would allow it to enter the Chinese market.More than a thousand workers have signed a letter, obtained by The Hill, demanding greater transparency...

20:16

AT&T sued for enabling SIM swap fraud "IndyWatch Feed Tech"

A cryptocurrency investor is suing AT&T because criminals were able to empty his accounts through SIM swap fraud (aka account port out fraud), even though he had already asked for additional protections to be set up on his AT&T account. He is asking the US District Court for the Central District of California to find in his favor and award him $24 million of compensatory damages and over $200 million of punitive damages. Given all More

The post AT&T sued for enabling SIM swap fraud appeared first on Help Net Security.

20:00

A Twist in Graphene Could Make for Tunable Electronic Devices "IndyWatch Feed Tech"

A single material could be 'twisted' into various components of a circuit with distinct electronic properties

Engineering a band gap into graphene has become almost a rite of passage for research groups who work with the material. While many have accomplished this feat, many more have written off graphene in digital logic applications because of the fact that you have to give it a band gap.

It turns out that all of that engineering of graphene has revealed another feature: tunable electronic properties. This is accomplished by combining graphene with another material that has a very large band gap, like boron nitrideso-called heterostructuresor by giving graphene a twist.

Now, an international team of researchers from Columbia University, the National Institute for Materials Science in Tsukuba, Japan and the Centre National de la Recherche Scientifique (CNRS) in France have overcome some of the limitations that previous attempts to twist graphene have faced.

In research described in the journal Science, the group demonstrated proof of principle for a twisting technique using graphene/boron nitride heterostructures. They showed that their technique can control the rotation of the graphene, and demonstrated how the electrical, optical, and even mechanical properties of the device can be dynamically varied with this technique.

By finding a way to change the angle of the twist of graphene in relation to the boron nitride and even alter that angle after manufacturing, the researchers believe this fresh approach could lead to new kinds of electronic devices.

All of this twisting of graphene with other two-dimensional (2D) materials occurs because there is very low friction between them. Also, there is no strong chemical bonding between the crystal planes, so they slide easily over one another. The researchers realized that a benefit of the low sliding friction is that devices could be intentionally designed to be rotatable, according to Cory De...

19:44

Valve Seems to be Working on Tools to Get Windows Games Running on Linux "IndyWatch Feed Tech"

Submitted via IRC for Fnord666

Valve appears to be working on a set of "compatibility tools," called Steam Play, that would allow at least some Windows-based titles to run on Linux-based SteamOS systems.

Yesterday, Reddit users noticed that Steam's GUI files (as captured by SteamDB's Steam Tracker) include a hidden section with unused text related to the unannounced Steam Play system. According to that text, "Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems."

Other unused text in the that GUI file suggests Steam Play will offer official compatibility with "supported tiles" while also letting users test compatibility for "games in your library that have not been verified with a supported compatibility tool." That latter use comes with a warning that "this may not work as expected, and can cause issues with your games, including crashes and breaking save games."

Tools that let users run Windows apps in Linux are nothing new; Wine has existed for decades, after all. But an "official" Steam-based compatibility tool, with the resources and backing of Valve behind it, could have a huge impact on the Linux development space that could reach well beyond games. Assuming it worked for a wide range of titles, the Steam Play system could also help ameliorate one of SteamOS' biggest failingsnamely, the relative lack of compatible games when compared to Windows.

With all that said, some caution is warranted before getting too excited about these possibilities. For one, we don't know what specific form Steam Play will take. Valve could simply be preparing a wrapper that lets users run existing emulation tools like Wine and DOSBox on top of SteamOS without actively advancing the state of that emulation directly.

Source: https://arstechnica.com/gaming/2018/08/valve-seems-to-be-working-on-tools-to-get-windows-games-running-on-linux/

...

19:24

A Quick Look At The Windows Server vs. Linux Performance On The Threadripper 2990WX "IndyWatch Feed Tech"

One of the frequent requests/comments stemming from the launch-day Windows 10 vs. Linux benchmarks on the new AMD Threadripper 2990WX were questions about whether this 32-core / 64-thread processor would do better with Windows Server given Microsoft's obvious tuning of that Windows flavor to high core/thread counts... Well, here are some initial figures with Windows Server 2016 and a Windows Server 2019 preview.

19:01

Getting Kitted to Teach your First Hardware Workshop "IndyWatch Feed Tech"

I was always a sucker for art classes in my early days. There was something special about getting personal instruction while having those raw materials in your hands at the same time. Maybe it was the patient voice of the teacher or the taste of the crayons that finally got to my head. Either way, I started thinking: I want to do this; I want to teach this stuff.

Last year at Hackaday Superconference I got my chance. Hardware workshops with real hardware were so rare; I just had to bring one to the table! What follows is my tale of joys and woes bringing together a crew to take their first few steps into the world of cable-driven animatronics. If youre thinking about getting your feet wet with teaching your own hardware workshop, read on. Ive packed this story with as much of my own learnings as I could to set you on a path to success.

The good news is that Supercon returns every year. I you want to take part in some epic workshops like this one, grab a ticket for this years conference now. If you want to host a hardware workshop, the Call for Proposals is still open! Okay, lets dive in.

2016 was the year of the tentacle

In July of 2017 I saw the call for workshop proposals go out. The year before that I had taken some inspiration from the...

19:01

Hanging Up on Mobile in the Name of Security "IndyWatch Feed Tech"

An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless provider was negligent when it failed to prevent thieves from hijacking his mobile account and stealing millions of dollars in cryptocurrencies. Increasingly frequent, high-profile attacks like these are prompting some experts to say the surest way to safeguard ones online accounts may be to disconnect them from the mobile providers entirely.

The claims come in a lawsuit filed this week in Los Angeles on behalf of Michael Terpin, who co-founded the first angel investor group for bitcoin enthusiasts in 2013. Terpin alleges that crooks stole almost $24 million worth of cryptocurrency after fraudulently executing a SIM swap on his mobile phone account at AT&T in early 2018.

A SIM card is the tiny, removable chip in a mobile device that allows it to connect to the providers network. Customers can legitimately request a SIM swap when their existing SIM card has been damaged, or when they are switching to a different phone that requires a SIM card of another size.

But SIM swaps are frequently abused by scam artists who trick mobile providers into tying a targets service to a new SIM card and mobile phone that the attackers control. Unauthorized SIM swaps often are perpetrated by fraudsters who have already stolen or phished a targets password, as many banks and online services rely on text messages to send users a one-time code that needs to be entered in addition to a password for online authentication.

Terpin alleges that on January 7, 2018, someone requested an unauthorized SIM swap on his AT&T account, causing his phone to go dead and sending all incoming texts and phone calls to a device the attackers controlled. Armed with that access, the intruders were able to reset credentials tied to his cryptocurrency accounts and siphon nearly $24 million worth of digital currencies.

According to Terpin, this was the second time in six months someone had hacked his AT&T number. On June 11, 2017, Terpins phone went dead. He soon learned his AT&T password had been changed remotely after 11 attempts in AT&T stores had failed. At the time, AT&T suggested Terpin take advantage of the companys extra security feature a customer-specified six-digit PIN which is required before any account changes can be made.

Terpin claims an investigation by AT&T into the 2018 breach found that an employee at an AT&T store in Norwich...

18:42

Global Renewable power spending has been virtually flat for seven years and most countries will need expensive grid upgrades to handle more solar and wind "IndyWatch Feed Tech"

Global investment in renewable energy (Solar, Wind, Hydro and biofuel) edged up 2% in 2017 to $279.8 billion, taking cumulative investment since 2010 to $2.2 trillion. The level of global renewable power spending has been virtually flat for seven years. There has been an increase in overall installed renewable power each year because of the dropping prices. A 2% increase in spending has resulted in 10% increase in global installations from 2016 to 2017.

A record 157 gigawatts of renewable power capacity was commissioned in 2017, up from 143GW in 2016. This was more than the 70GW of net fossil fuel generating capacity added last year. However, the installed fossil fuel power generates more kilowatt hours because of the low capacity factors of solar and wind power.

18:40

KDE Applications 18.08 Released "IndyWatch Feed Tech"

Today the quarterly update to the collection of KDE software applications has shipped with its newest features...

18:33

FCC chair says White House called him about Sinclair-Tribune merger "IndyWatch Feed Tech"

Federal Communications Commission (FCC) Chairman Ajit Pai on Thursday revealed that White House counsel Don McGahn called him about the merger between Sinclair Broadcast Group and Tribune Media last month as the deal was imploding due to...

18:26

Sketchy Crypto-mining Containers Removed from Docker Repository "IndyWatch Feed Tech"

In case you havent heard, Docker is shaping up to be one of the most disruptive technologies to date that are currently at our disposal. And its deemed as such rightly so. It has the potential to completely replace virtual machines because its incredibly self-sustaining, resource-efficient, and openly compatible across a wide variety of computer systems.

If you arent familiar with containerism, then well give you the quick and simple version. See, the use of virtual machines is the current trend, because virtual machines allow for the optimal utilization of the power of a computer system.

Prior to the use of virtual machines, systems were limited to running a single process for fear that running two processes simultaneously would lead to a metaphorical tug-of-war for resources between the two processes. This would lead to crashes, of course. That used to be a serious issue because computer systems werent used efficiently; often, only half of the computers capabilities were utilized.

Virtual machines granted the ability to run multiple processes simultaneously without the risk of these processes taking resources from each other. You can say that these processes are quarantined from each other, resource-wise.

Now, containers such as Docker run on the same principle as virtual machines, but to a higher degree. While processes are quarantined in virtual machines, in containerism each program (well refer to this as images from here on) comes packaged with the resources required to run it. This ensures that the image can run on any system, because it already comes with the components to make it function.

These are, however, a few additional advantages from using Docker.

Now, about a few months ago, security companies Fortinet and Kromtech exposed a total of 17 Docker images that were tampered with. These Docker images were found to contain Monero Miners, which rob users of computing power in order to mine cryptocurrency.

Further investigation found that as a collective, the 17 images were downloaded at least 5 million times. This suggests that the instigators were able to inject scripts into vulnerable containers.

These tainted images were found on the Docker repository, Docker Hub. Of course, this presents a worrisome problem that exploits have been found this early. Fortunately, the images have since been removed from the repository, though its clear that the crypto criminals might have gotten away with as much as $90,000 from the scheme.

While I do agree that its a paltry amount when compared to what other unscrupulous users gain, the mere fact that they were able to tamper with images is worrying. Theres an arms race between criminals and proper users, and t...

18:22

Study to Help Develop Vibrant Future Commercial Space Economy "IndyWatch Feed Tech"

Last week, NASA announced the awardees for an ongoing effort to foster commercial activity in space. This effort allows 13 companies to study the future of commercial human spaceflight in low-Earth orbit, including long-term opportunities for the International Space Station.

Im pleased to share that NanoRacks is one of these awardees.

This study is not only a big step for NanoRacks, but a big step for the commercial space ecosystem. Today, we are the largest commercial user of the International Space Station and are proud of the impact weve made to help foster this ecosystem and bring customers from all over the world into to orbit. This study will allow us to take our vision to the next step and detail the viability for habitable and automated platforms for low-Earth orbit.

18:14

Mystery Russian Satellite's Behaviour Raises Alarm In US "IndyWatch Feed Tech"

A mysterious Russian satellite displaying "very abnormal behaviour" has raised alarm in the US, according to a State Department official. "We don't know for certain what it is and there is no way to verify it," said assistant secretary Yleem Poblete at a conference in Switzerland on 14 August.

She voiced fears that it was impossible to say if the object may be a weapon.

Russia has dismissed the comments as "unfounded, slanderous accusations based on suspicious" [sic].

The satellite in question was launched in October last year. "[The satellite's] behaviour on-orbit was inconsistent with anything seen before from on-orbit inspection or space situational awareness capabilities, including other Russian inspection satellite activities," Ms Poblete told the conference on disarmament in Switzerland.

"Russian intentions with respect to this satellite are unclear and are obviously a very troubling development," she added, citing recent comments made by the commander of Russia's Space Forces, who said adopting "new prototypes of weapons" was a key objective for the force. Ms Poblete said that the US had "serious concerns" that Russia was developing anti-satellite weapons.

[...] [Ms Stickings (Royal United Services Institute - RUSI) said] "The narrative coming from the US is, 'space was really peaceful, now look at what the Russians and Chinese are doing' - ignoring the fact that the US has developed its own capabilities."


Original Submission

Read more of this story at SoylentNews.

18:12

ODX and YouDeal Team Up to Deliver Free Internet Access to Emerging Markets "IndyWatch Feed Tech"

On August 9, 2018, ODX Pte. Ltd (ODX), announced its partnership with YouDeal, the worlds largest peer-to-peer services marketplace. ODX, which is a subsidiary of Xurpas, the largest consumer technology company in the Philippines, aims to solve what is perhaps the most basic problem for consumers in emerging economies: internet access.

ODXs blockchain-based data marketplace, Open Data Exchange, is backed by heavy hitters in the blockchain and technology space, including Andromeda, BlockTower Capital, DNA Fund, Wavemaker Genesis, Hexa Labs, Pantera Capital and Strong Ventures. Through its data marketplace, ODX unites internet service providers and publishers from across the globe to offer consumers free internet access via sponsored data packages. The partnership between YouDeal and ODX brings YouDeals large network of internet users closer to receiving uninterrupted internet access through ODX.

Based out of China, YouDeal has more than 50 million users, seven million sellers and does $60 billion in trading volume. YouDeal currently connects users in China with more than 300 industries including fitness, yoga instructors, masseurs, hairstylists, information technology programmers, user interface designers and financial advisors. It now has its sights set on Southeast Asia, with a free internet strategy powered by ODX.

According to a press release Techworm received from PMBC Group, ODXs PR firm, Nix Nolledo, ODX Founder and CEO said, Data free access is a critical advantage in emerging markets. Your app becomes the default choice for most people most of the time. YouDeal understands that success in emerging markets requires dealing with a fundamental problem that most users are offline 20 days of the month. Mobile data is expensive in these markets, costing as much as six times what the average user can afford. As a result, consumers are offline over 80 percent of the time. Through this key partnership with ODX, YouDeal solves this issue by providing users free internet access to its services. Customers will be able to access the app 24/7, even when they have no mobile data plan or mobile airtime credits.

At the helm of the company is Nix Nolledo, a seasoned entrepreneur and tech executive who has played a significant role in the success of many companies, including Xurpas, which he started with only $3 and grew into the thriving billion-dollar company that it is today. Xurpas, is the largest publicly listed consumer tech company in the Philippines and employs more than 900 employees across Southeast Asia. With more than 17 years in operation, Xurpas has an established network of publishers and Telcos, which provides ODX with the perfect platform to achieve its lofty goals.

Last month, ODX raised more than $60 million in a private token sale and...

18:05

Dem requests DOJ probe on law enforcement use of facial recognition technology "IndyWatch Feed Tech"

A Democratic lawmaker is raising concerns about law enforcements use of facial recognition technologies, saying it could pose issues for minority Americans and potentially be in violation of civil rights protections.Rep. Emanuel Cleaver (D-Mo.)...

18:01

Breakfast at DEF CON The Greatest Illicit Meetup of All "IndyWatch Feed Tech"

Every year we host Breakfast at DEF CON on the Sunday morning of the largest hacker conference in the United States. I think its a brilliant time to have a meetup almost nobody is out partying on Sunday morning, and coffee and donuts is a perfect way to get your system running again after too much excess from Saturday evening.

This year marks our fourth Breakfast and we thought this time it would be completely legit. Before weve just picked a random coffee shop and showed up unannounced. But this year we synced up with some of our friends running the Hardware Hacking Village and they were cool with us using the space. Where we ran afoul was trying to wheel in coffee and pastries for 100+ people. The casino was having none it.

...

17:41

Google offers rewards for techniques that bypass their abuse, fraud, and spam systems "IndyWatch Feed Tech"

Google is expanding its vulnerability reward program again: the company wants to be notified about techniques that allow third parties to successfully bypass their abuse, fraud, and spam systems. About the program expansion This expansion is intended to reward research that helps us mitigate potential abuse methods, Eric Brown and Marc Henson of Googles Trust and Safety team explained. A few examples of potentially valid reports for this program could include bypassing our account recovery More

The post Google offers rewards for techniques that bypass their abuse, fraud, and spam systems appeared first on Help Net Security.

17:36

Cyber Defense Magazine August 2018 has arrived. Enjoy it! "IndyWatch Feed Tech"

Cyber Defense Magazine August 2018 Edition has arrived.

Sponsored by: Bosch

We hope you enjoy this months editionpacked with 130+ pages of excellent content.  InfoSec Knowledge is Power.  We have 6 years of eMagazines online with timeless content.  Visit our online library by clicking here.   Please tell your friends to

17:31

ARM Aims To Deliver Core i5 Like Performance At Less Than 5 Watts "IndyWatch Feed Tech"

ARM has made public an aggressive CPU forward-looking road-map and some performance expectations. ARM is hoping to deliver year-over-year performance improvements of more than 15% through 2020...

17:19

SAP Security Notes August 2018, watch out for SQL Injection "IndyWatch Feed Tech"

SAP released security notes for August 2018 that address dozens patches, the good news is that there arent critical vulnerabilities.

SAP issues 27 Security Notes, including 14 Patch Day Notes and 13 Support Package Notes. Seven notes are related to previously published patches.

On 14th of August 2018, SAP Security Patch Day saw the release of 12 Security Notes. Additionally, there were 2 updates to previously released security notes. reads the advisory published by SAP.

Principal type of vulnerabilities fixed by SAP security notes are SQL Injection and Information Disclosure flaws as reported in the following graph.

SAP security notes August 2018

According to the experts from ERPScan, in August Implementation Flaw and Missing Authorization Check are the largest groups in terms of the number of vulnerabilities

...

17:11

F5 simplifies network functions virtualization for service providers "IndyWatch Feed Tech"

F5 Networks introduced a network functions virtualization (NFV) offering for services that are deployed, scaled, managed, and decommissioned as service needs evolve. F5s new VNF Manager simplifies consumption of F5s portfolio of VNFs (based on BIG-IP capabilities) that are provisioned in service providers networking environments. With F5, organizations can take advantage of the lifecycle management of VNF services, unlocking scale and automation for newly virtualized networks without complexity. This approach is fit for mobile operators More

The post F5 simplifies network functions virtualization for service providers appeared first on Help Net Security.

17:04

Security vs. Utility: Talking about regulation "IndyWatch Feed Tech"

Raising capital with ICOs (Initial Coin Offerings) has become very popular: in 2017 alone ,ICOs has raised a combined $3.7 billion. Projects using this model typically raise capital by issuing digital tokens on a blockchain and distributing them to investors for a financial contribution. Such crypto tokens represent a virtual store of value, which can be transferred via peer-to-peer networks and may serve different functions. Depending on their role, crypto tokens may be broadly subdivided into two major types: utility tokens and security tokens.

Utility tokens are used for granting access to a companys products or services or entitle their holders to be a part of an ecosystem where this token acts as a native currency. Utility tokens are not designed for investments and this leads to a lack of security regulations.

Security tokens derive their value from an external, tradable asset and share specific characteristics with regular financial instruments which are subject to security regulations. The commonly known  characteristics are the representation of ownership and entitlement to the residual cash flows generated by the digital enterprise. When the token is classified as a security, it may represent shares of company stock.

Utility Token Can Mean Scam All Too Often

A recent study conducted by Satis Group LLC, a premier ICO advisory company, states that over 80 percent of all ICOs are fraudulent. As mentioned, utility tokens are not subject to the same regulatory requirements as security tokens, which opens up a broad field of opportunities for fraudsters of all kinds. The absence of security can be shown as a sort of freedom during the ICOs marketing, but in fact, the token may easily turn out to be a scam. In most cases of fraud, tokens of such projects turn to dust. Investors are not protected from such situations at all. When a token is a utility token: all guarantees and agreements are in words, and if it turns out that a project has no intention of fulfilling development duties with the funds, theres no law or regulation to help the defrauded investors.

A security token, on the other hand, being subject to security regulations should satisfy legal requirements, thus theres much less of a chance a project with a token classified as a security would turn out to be a scam. Its also important to understand that a company cannot easily claim its tokens a security tokens. Security regulations are firm, and if one fails to abide by regulations, it can result in costly penalties and even threaten to derail the project.

Thats why the emergence of a regulatory framework for the crypto industry is a necessary step. Regulatory interferen...

17:01

DARPA Goes Underground For Next Challenge "IndyWatch Feed Tech"

We all love reading about creative problem-solving work done by competitors in past DARPA robotic challenges. Some of us even have ambition to join the fray and compete first-hand instead of just reading about them after the fact. If this describes you, step on up to the DARPA Subterranean Challenge.

Following up on past challenges to build autonomous vehicles and humanoid robots, DARPA now wants to focus collective brainpower solving problems encountered by robots working underground. There will be two competition tracks: the Systems Track is what weve come to expect, where teams build both the hardware and software of robots tackling the competition course. But there will also be a Virtual Track, opening up the challenge to those without resources to build big expensive physical robots. Competitors on the virtual track will run their competition course in the Gazebo robot simulation environment. This is similar to the NASA Space Robotics Challenge, where algorithms competed to run a virtual robot through tasks in a simulated Mars base. The virtual environment makes the competition accessible for people without machine shops or big budgets. The winner of NASA SRC was, in fact, a one-person team.

Back on the topic of the upcoming DARPA challenge: each track will involve three sub-domains. Each of these have civilian applications in exploration, infrastructure maintenance, and disaster relief as well as the obvious military applications.

  • Man-made tunnel systems
  • Urban underground
  • Natural cave networks

There will be a preliminary circuit competition for each, spaced roughly six months apart, to help teams get warmed up one environment at a time. But for the final event in Fall of 2021, the challenge course will integrate all three types.

More details will be released on Competitors Day, taking place September 27th 2018. Registration for the event just opened on August 15th. Best of luck to all the teams! And just like we did for past challenges, we will excitedly follow progress. (And have a good-natured laugh at fails.)

16:58

TSA's Transit Police use full-body scanners to search and watchlist commuters "IndyWatch Feed Tech"


It has been a year, since I warned commuters that the TSA wanted to install full-body biometric scanners at train stations. 

And just like last year, the MSM interviewed one person that is fine with losing their rights. Last year, I warned commuters that full-body scanners come equipped with watchlist software.

Stay on constant lookout for known wolves and other watchlist individuals using proven facial recognition and human IQ. Integrated video camera provides positive ID for alarm resolution. Send notifications and alerts to mobile team or operations center.

Why has the MSM refused to talk about watchlisting commuters? 

If the TSA has its way, commuters across the country will be body scanned and watchlisted.

Yesterday, the Los Angles Times revealed that the Los Angeles County Metropolitan Transportation Authority Police will begin using Thruvision's full-body scanners.


"Later this year, the Metropolitan Transportation Authority will deploy several portable scanners that can be moved to any of the systems 93 subway and light-rail stations."

What does this mean for commuters?

It means that public transit is being run by the TSA.

According...

16:43

Russia Gives Lessons in Electronic Warfare "IndyWatch Feed Tech"

Soldiers stupid and disobedient enough to carry their own tracking devices into the field on operations are teaching their units harsh lessons when entering combat. The Association of the United States Army, the U.S. Army's professional association and lobbying group, has an article on how mobile phones are used against soldiers carrying them in the field. This includes, but is not limited to, psychological operations, artillery strikes, monitoring, or all three at once. Given the lax discipline about leaving the mobile phones behind, the attacks built on phone info have been increasingly successful both physically and mentally.

[Ed Note: The second link details how Russian backed separatists are using advanced EW and psyops tactics against the Ukrainian Armed Forces]


Original Submission

Read more of this story at SoylentNews.

16:42

Why Top-notch App isnt the only Key to Success in P2P Economy "IndyWatch Feed Tech"

The buzzwords like Uber, Airbnb, Lyft or Ola are familiar to almost everybody. Thousands of people use mobile applications and web portals of these companies. One can fall under a deceptive impression that the only thing necessary to succeed in peer-to-peer (P2P) economy is quality software or even copying somebody elses proven app. IT specialists complain they often have to deal with clients desire to ride on the success of popular brands, e.g., creating a mobile app like Uber. Its a common mistake that investors should be aware of. Very few people realize, most of the P2P companies are first of all mature offline businesses that managed to create brilliant applications. A high-quality mobile app earns a lot of money for its owners but is not the root cause of commercial success. What exactly has brought companies like Airbnb or Ola to the top?

Marketplace

It is a backbone of any sharing economy business model. A marketplace attracts entrepreneurs because it assists with client search, leads processing, loyalty systems, legal issues and payment options. A marketplace is a complex e-commerce platform embedding the following modules:

  •        Omni-channel commerce
  •        Banking, payments, refunds
  •        Users agreements and legislation issues
  •        Executors portal
  •        Educational materials
  •        Editors, Communication, and Support portals

Technical features of web services and apps are important, but a software application development company and investors should also pay a lot of attention to market requirements and choose an appropriate business model.

Customers Portal and Applications

This ingredient of the P2P business ensures smooth user experience and helps communicate with customers. Create one of the best applications in a field and reinforce it with perfect services, impeccable support, and competitive prices. To have the maximum audience outreach, your sharing economy software should cover all the popular platforms (iOS, Android, OS X, Windows or Linux). Your companys well-being fully depends on the users of your app. P2P software providers are challenged to create a solution able to stand out in a competitive market.

Analytics

Sharing economy solutions are global scale by nature. They are able to reach the target audience. A large number of users generates a lot of statistics and analytical data. You have to take care of the following aspects:

  • System for analytical data generation and aggregation
  • Analytical tools for managing statistics
  • R...

16:23

Mapping the future direction for quantum research "IndyWatch Feed Tech"

The way research in quantum technology will be taken forward has been laid out in a revised roadmap for the field.

Published today in the New Journal of Physics, leading European quantum researchers summarise the fields current status, and examine its challenges and goals.

In the roadmap:

16:22

Scientists discover chemical which can kill glioblastoma cells "IndyWatch Feed Tech"

Aggressive brain tumour cells taken from patients self-destructed after being exposed to a chemical in laboratory tests, researchers have shown.

The study could be the first step in tackling cancers like , which led to Dame Tessa Jowells death earlier this year.

The research, led by the University of Leeds, found that the synthetic , named KHS101, was able to cut the energy source of from glioblastoma, leading to the death of the .

16:05

[CVE-2018-11771] Apache Commons Compress 1.7 to 1.17 denial of service vulnerability "IndyWatch Feed Tech"

Posted by Stefan Bodewig on Aug 16

CVE-2018-11771: Apache Commons Compress 1.7 to 1.17 denial of service vulnerability

Severity: Low

Vendor:
The Apache Software Foundation

Versions Affected:
Apache Commons Compress 1.7 to 1.17

Description:
When reading a specially crafted ZIP archive, the read method of
ZipArchiveInputStream can fail to return the correct EOF indication
after the end of the stream has been reached. When combined with a
java.io.InputStreamReader this can lead...

16:02

Hologram Computers "IndyWatch Feed Tech"

Computing innovation, computer-generated images, Virtual Reality Glasses, Hybrid Reality, communications, Holographic platform, AR, VR, PC, lifelike experience, 3D cameras, cosmic computing, computer security, gaming displays, in-flight entertainment, computer code, Holographic ideal/paradigm, gaming mechanics, automotive, medical, space, spatial, holographic memory, Artificial Neural Networks, Robotics, holographic 3D, software company, mixed-realty, holographic data, hologram monitors, hologram keyboards, voice equipment, projector system, Holographic apps, HD photography, smartphones, tablets, TVs, laptops, digital displays, 360 Video, Virtual Realty Headsets, Mobile Platforms, holographic universe, ubiquitous computing paradigm, virtual images, Holoquad, Holographic Projector Pyramid, cloud computing, spaceships, teleportation, anti-gravity devices, emulation, advanced technology, light field displays, Mobile Hologram Technology, computer programs, untethered, Immersive Technology, Computer Chips, Elohim computer, custom software, mobile application development, computing library, human-computer interactions, Artificial Neural Networks, holographic memory, Spider-Robots, pop-up gaming displays, automate machinery, computer-generated simulation, 3D Pyramid, consumer electronics, personal computers, holographic images, real-world objects, hardware interconnection, missionary, virtual assistant, Computer Systems Structure, two-dimensional computer display, computerization, Projection Screen, Portable, 3D printer, Hologram goggles, 3D Holographic Projection Technology, Hologram Computer Table, hologram generator, multilevel computer, mixed reality, Bluetooth enabled, Virtual Reality Display, transparent screen display, quantum computer, computer animation, 3D plasma display, meta surface, Dark Energy, holographic interferograms, photorefractive, Holographic atomic memory, computer-generated hologram, real-time hologram, x-ray mirror mandrels, virtual wavefront recording plane, Artificial intelligence, AI, Human Resources, Advertising, Animation, Graphic Web Design, Photography, Robotics, computer science, human-robot interaction, Emergency Medical Hologram, wearable computing, bio-computing, battlefield simulations, Holographic Associative Memory, artificial neural network, Digital Avatar.

...

16:01

Jump Start Your Car With A Drill Battery "IndyWatch Feed Tech"

Sometimes, you move to a new city, and things just arent going your way. Youre out of cash, out of energy, and thanks to your own foolishness, your cars battery is dead. You need to jump-start the car, but youre feeling remarkably antisocial, and you dont know anyone else in town you can call. What do you do?

Its not a problem, because youre a hacker and you have a cordless drill in the back seat of your car. The average drill of today tends to run on a nice 18 volt lithium battery pack. These packs are capable of delivering large amounts of current and can take a lot of abuse. This is where they come in handy.

Typically, when jump starting a car, another working vehicle is pulled into place, and the battery connected in parallel with the dead battery of the disabled vehicle. Ideally, the working vehicle is then started to enable its alternator to provide charge to the whole system to avoid draining its own battery. At this point, the disabled vehicle can be started and its alternator can begin to recharge its own battery. After disconnecting everything, youre good to go.

...

15:56

James Bottomley on Linux, Containers, and the Leading Edge "IndyWatch Feed Tech"

Its no secret that Linux is basically the operating system of containers, and containers are the future of the cloud, says James Bottomley, Distinguished Engineer at IBM Research and Linux kernel developer. Bottomley, who can often be seen at open source events in his signature bow tie, is focused these days on security systems like the Trusted Platform Module and the fundamentals of container technology.

15:52

New stable kernels "IndyWatch Feed Tech"

Greg Kroah-Hartman has released a new batch of stable kernels: 4.18.1, 4.17.15, 4.14.63, 4.9.120, and 4.4.148. These include the fixes for the L1 terminal fault vulnerability and a few other fixes here and there. Users should upgrade.

15:43

CyberSights RansomStopper 3.0 maximizes protection against ransomware attacks "IndyWatch Feed Tech"

CyberSight announced the availability of RansomStopper 3.0 for Business. RansomStopper 3.0 includes enhancements ranging from auto-start protection to improved visualization of an enterprises security posture. Customer and industry reaction to RansomStopper has been spectacular, said Tim McElwee, CEO and Founder of CyberSight. RansomStoppers ability to detect and stop ransomware is rated Excellent in independent testing and the product is now being used in over 50 countries by consumers, SMBs and enterprises. Version 3.0 takes RansomStopper More

The post CyberSights RansomStopper 3.0 maximizes protection against ransomware attacks appeared first on Help Net Security.

15:42

Human wastewater valuable to global agriculture, economics, study finds "IndyWatch Feed Tech"

It may seem off-putting to some, but human waste is full of nutrients that can be recycled into valuable products that could promote agricultural sustainability and better economic independence for some developing countries.

Cities produce and must manage huge quantities of . Researchers at the University of Illinois at Urbana-Champaign have developed a model to clarify what parts of the world may benefit most from re-circulation of human-waste-derived nitrogen, potassium and phosphorus from cities and back into farm fields. They report their findings in the journal Nature Sustainability.

We grow our in the field, apply nutrient-rich fertilizers, eat the crops, excrete all of the nitrogen, phosphorus and potassium and then those nutrients end up at the , said Jeremy Guest, a civil and environmental engineering professor and study co-author. It is a very linear, one-directional flow of resources. Engineering a more circular nutrient cycle would create opportunities that could benefit the environment, economy and agriculture.

15:42

A way to get green revolution crops to be productive without needing so much nitrogen "IndyWatch Feed Tech"

A team of researchers from the Chinese Academy of Sciences, the Academy of Agriculture and Forestry Sciences in China and the University of Oxford in the U.K. has found a way to grow green revolution crops using less nitrogen with no reduction in yield. In their paper published in the journal Nature, the group describes their research efforts and the results they found when planting newly developed plant varieties. Fanmiao Wang and Makoto Matsuoka with Nagoya University offer a News & Views piece on the work done by the team in the same journal issue.

The green revolution was characterized by big increases in crop production in developing countriesit came about due to the increased use of pesticides, fertilizers and changes in crop varieties used. One of the changes to the crops came about as and wheat plants were bred to grow less tall to prevent damage from wind and rain. While this resulted in improved yields, it also resulted in the use of more nitrogen-based fertilizers, which are environmentally harmful. In this new effort, the researchers wondered if it might be possible to re-engineer green-revolution crop varieties in such a way as to restrict height and therefore retain high productivity, while also using nitrogen more efficiently.

Prior research had shown that proteins in the DELLA family reduced plant growth. Crop breeding in the 1960s led to varieties of rice and wheat with genetic mutations that allowed the proteins to build up in the plants, thus stunting their growth. Unfortunately, DELLA proteins have also been found to be the cause of inefficient nitrogen use in the same as a result, farmers used more of it to increase yields. To overcome this problem, the researchers crossbred varieties of rice to learn more, and found that the transcription factor OsGRF4 was associated with nitrogen uptake. Using that information, they engineered some varieties of rice to express OsGRF4 at higher levels, which, when tested, showed higher uptake of nitrogen. The team then planted the varieties they had engineered and found that they required less nitrogen to produce the same yieldsand they were just as stunted. They therefore claim that it is possible to grow that require less...

15:41

Hackers steal $13.5 million from Indian bank in global attack "IndyWatch Feed Tech"

Hackers steal $13.5 million from Indian bank in global attack

Hackers planted malware on an automated teller machine (ATM) server belonging to an Indian bank as part of a criminal scheme which saw the theft of nearly 944 million rupees (US $13.5 million) in a co-ordinated attack across 28 countries last weekend.

Read more in my article on the Tripwire State of Security blog.

15:27

Security updates for Thursday "IndyWatch Feed Tech"

Security updates have been issued by Debian (fuse), Fedora (cri-o, gdm, kernel-headers, postgresql, units, and wpa_supplicant), Mageia (iceaepe, kernel-linus, kernel-tmb, and libtomcrypt), openSUSE (aubio, libheimdal, nemo-extensions, and python-Django1), Red Hat (flash-plugin), SUSE (apache2, kernel, php7, qemu, samba, and ucode-intel), and Ubuntu (gnupg).

15:11

Australian State Government Bans TV News Channel from Train Stations "IndyWatch Feed Tech"

The state of Victoria, Australia has banned broadcasting of Sky News from the underground loop stations in Melbourne's train network.

The ban comes after Sky (owned by Rupert Murdoch's NewsCorp) broadcast an interview with far-right activist Blair Cottrell. Cottrell, the leader of the United Patriots Front, has convictions for arson, burglary and racial vilification, has advocated violence against women and has called for portraits of Adolf Hitler to be hung in school classrooms.

Victoria's transport minister, Jacinta Allen, has defended the decision against claims of censorship, stating that "Hatred and racism have no place on our screens or in our community." ... "If people want to watch Sky News in their own homes, they can do that to their heart's content," she said. "Any material that uses our public transport assets to promote itself needs to be appropriate."


Original Submission

Read more of this story at SoylentNews.

14:58

SevenTorrents Shuts Down After 10 Years; Moves Database To New Torrent Site "IndyWatch Feed Tech"

SevenTorrents bids adieu after 10 years; transfers database to WatchSoMuch

SevenTorrents has decided to call it a day after having a long stint of 10 years in the torrent industry. The torrent index who announced its retirement has serviced more than 40 million unique users over the past 10 years, reports TorrentFreak.

For those unaware, SevenTorrents has been serving torrents for around 10 years. Last year, it serviced around six million unique visitors and has around 200,000 members.

Although SevenTorrents has decided to pull its curtains, it has transferred its user database to a brand-new torrent site, WatchSoMuch.

The SevenTorrents homepage displays the following message:

Dear SevenTorrents Lovers

We have been serving you for near 10 years and served over 40 Million visitors, with all troublems including copyright complaints, limitations, domain bans and ., we were able to keep this site up and running and make our visitors satisfied.

Today we have decided to retire. But this is not the end for you and we will not let you down, there is a good news for you. We have talked with the owners of our professional friend site WatchSoMuch which is doing same thing as we were doing but in a better way, it has a super fast search and modern and mobile friendly design.

We have transferred all the data and members to there, please visit and continue using your account in WatchSoMuch with same password and enjoy.

SevenTorrents will be up for few days but we no longer update this site.
We promise this event will look like a change of address and layout to you. there is no difference the data will be better and more complete, all data including movies, torrents, activities, comments have been transferred to WSM so you will feel like home.

Farewell
SevenTorrents Team

The transfer of SevenTorrents user database to WatchSoMuch (WSM) a site that only surfaced in June has raised privacy concerns for users as their data is being transferred to WatchSoMuch.

When TorrentFreak contacted SevenTorrents highlighting the privacy concerns raised by users, the latter said that the users shouldnt be worried.

[T]he announcement...

14:57

A Look At Linux Gaming Performance Scaling On The Threadripper 2950X "IndyWatch Feed Tech"

On Monday when the launch embargo expired on the Threadripper 2950X and Threadripper 2990WX I hadn't run any gaming benchmarks since, well, most games even on Windows can't scale out to 32 threads let alone 64 threads... Especially on Linux. It's far more practical getting these Threadripper 2 processors if you want to compile with 32 or 64 make jobs -- among many other common multi-threaded Linux workloads -- versus using this $899 or $1799 processor for a Linux gaming system. But if you are curious how Linux games scale with the Threadripper 2950X, here are some benchmark results when testing both AMD Radeon and NVIDIA GeForce graphics.

14:57

Americans Own Less Stuff, and Thats Reason to Be Nervous "IndyWatch Feed Tech"

What happens when a nation built on the concept of individual property ownership starts to give that up?

14:28

Ex-NSA hacker proves how easily macOS user warnings can be bypassed by malware "IndyWatch Feed Tech"

By Uzair Amir

Apple is generally considered reliable in making safe and secure software. It is widely believed that the company works really hard to make the defense mechanism of its OS and devices strong enough to evade malware infections and another malicious coding. However, days of blindly trusting any firm including Apple are long gone..or so it []

This is a post from HackRead.com Read the original post: Ex-NSA hacker proves how easily macOS user warnings can be bypassed by malware

14:25

Instagram hack locking users out of their accounts "IndyWatch Feed Tech"

Instagram hack: Users become victims of a strange account locking hack

In a widespread Instagram hacking campaign, hundreds of users are reporting that their accounts have been compromised. Besides losing access to the Instagram account, the profile image, email address, phone number, and bios related to the accounts of the affected users have been changed too.

Instagram Users Reporting Strange Hacks

Instagram users have been reporting of the bizarre hack since the beginning of August. Users are reporting that they are getting logged out of their account, and if they try to log in again, it shows that their username no longer exist. The affected users also found hackers had altered their profile info and changed contact details.

Many of them saw their profile pictures typically set to a Disney or Pixar character with the new email addresses switching to a Russian .ru email address. Also, their bios and personal information have been deleted.

My account has been hacked! Username, email, and password have been changed. Now someone called Laitus Maria has all my pics, one Instagram user complained. While another disgruntled user tweeted:

Instagram responds to the widespread hack

The Facebook-owned app in a blog post said that people who have been locked out of their accounts can regain access here with a new, secure email address.

The company wrote, If you received an email from us notifying you of a change in your email address, and you did not initiate this change, please click the link marked revert this change in the email, and then change your password. We advise you pick a strong password.

...

14:22

USPTO Craziness: Changing Rules to Punish PTAB Petitioners and Reward Microsoft for Corruption at ISO "IndyWatch Feed Tech"

Mr. Iancu and his colleagues do not appear to understand (or care) that they are rewarding Microsoft for epic corruption at ISO and elsewhere

No-OOXML

Summary: The US patent office proposes charging/imposing on applicants that are not customers of Microsoft a penalty; theres also an overtly and blatantly malicious move whose purpose is to discourage petitions against wrongly-granted (by the USPTO) patents

THE previous post spoke about how the Federal Circuit rejects software patents, as does the Patent Trial and Appeal Board (PTAB). An inter partes review (IPR) is almost guaranteed to thwart any software patent if it is applied to one (not a cheap process, but a lot more affordable than a court battle, which can only be initiated by patent holders).

Iancu was a pick of the notoriously corrupt Trump, whose firm had previously worked for Trump. Coincidence?It is no secret that Director Iancu wrote articles in support of software patents and software patents are not valid anymore, based on what the SCOTUS has decided. This means that the person whom Trump put in charge of the patent office in inherently is disagreement with patent courts. An untenable situation? Iancu was a pick of the notoriously corrupt Trump, whose firm had previously worked for Trump. Coincidence?

Either way, everything we have seen so far confirms our worst fears that Iancu would work for the patent microcosm rather than for science and technology. The patent system was conceived to serve that latter group, not a bunch of lawyers, but things have changed since conception and nowadays the Office is adding yet more fees that make expensive lawyers a must to some. With prohibitive costs, too (maybe $200 per hour). Punishing poor companies, obviously.

Docket Navigator has been covering qu...

13:45

2.6 billion records exposed in 2,300 disclosed breaches so far this year "IndyWatch Feed Tech"

Risk Based Security released its Mid-Year 2018 Data Breach QuickView report, showing there have been 2,308 publicly disclosed data compromise events through June 30th. After a surprising drop in the number of reported data breaches in first quarter, breach activity appears to be returning to a more normal pace. At the mid-year point, 2018 closely mirrors 2016s breach experience but still trails the high water mark set in 2017. 2018 has been a curious year. More

The post 2.6 billion records exposed in 2,300 disclosed breaches so far this year appeared first on Help Net Security.

13:45

Linux 4.19 Goes Ahead And Makes Lazy TLB Mode Lazier For Small Performance Benefit "IndyWatch Feed Tech"

Last month I wrote about lazy TLB mode improvements on the way to the mainline kernel and this week the changes were indeed merged for the in-development Linux 4.19 kernel...

13:44

Re: OpenSSH Username Enumeration "IndyWatch Feed Tech"

Posted by Matthew Daley on Aug 16

I've written a POC for this issue, located at
https://bugfuzz.com/stuff/ssh-check-username.py . It requires the
Paramiko library (http://www.paramiko.org/) to be available. It does
some gross monkey patching of Paramiko to force it into sending an
invalid `SSH2_MSG_USERAUTH_REQUEST` and intercepting the potentially
resultant `SSH2_MSG_USERAUTH_FAILURE` but seems to work well enough. A
sample usage is as follows:

$ nc test.internal 22...

13:34

Researchers Unearth Remarkable Horse 'Shoes' "IndyWatch Feed Tech"

Alex Meyer continues to be in awe of the treasure trove that is Vindolanda.

For years, the former Roman auxiliary fort, located just south of Hadrian's Wall in northern England, has yielded a number of finds unique to the site and to the former empire. To date, excavations have yielded well-preserved artefacts such as ink tablets, shoes, combs, swords and textiles.

Meyer, a Roman historian and Classical Studies professor at Western, was recently part of a team that unearthed four early Roman hipposandals shoes worn by horses at Vindolanda.

"The most interesting thing about this is we found all four of the hipposandals. It's rare and remarkable to find one, but to find all four, deposited like this, is really cool. I've seen one other set of four in all my days," Meyer said.

[...] Vindolanda, a designated UNESCO World Heritage Site, which housed some of the most famous documents of the Roman world, has been a location of study for Classical Studies students since 2012, when Western's Field School at Vindolanda was developed by professors Meyer and Elizabeth Greene, a Roman archeologist. Over the years, the pair has acted as supervisors for excavations and volunteer programs at the fort. The school provides training in field excavation, archaeology and history of Roman Britain for students through excavations and the first-hand study of Roman artefacts unearthed at the site.

It is believed that Romans did not use actual horseshoes, which are nailed into the hoof of the horse, Meyer explained. The unearthed hipposandals are more like actual shoes, resembling "soup ladles," which would wrap around the sole of a horse's foot.

[...] "This shows that the use of hipposandals is not just isolated to rocky terrain in the mountains where horses' feet would have to be protected, but in Vindolanda, where there is little rock and lots of grass fields, there is still a use for hipposandals."


Original Submission

Read more of this story at SoylentNews.

13:28

L1TF / Foreshadow Mitigations Land In Linux 4.18 / 4.17 / 4.14 / 4.9 / 4.4 Kernel Update "IndyWatch Feed Tech"

Linux stable maintainer Greg Kroah-Hartman has released new updates across the Linux 4.18, 4.17, 4.14, 4.9, and 4.4 kernel channels to address the recently exposed L1 Terminal Fault "L1TF" / Foreshadow Meltdown-like CPU vulnerability affecting Intel processors...

13:12

The Demise of US Software Patents Continues at the Federal Circuit "IndyWatch Feed Tech"

Courts decline and the judiciary rejects such patents, leading to a decline in such patent grants as well

A decline

Summary: Software patents are rotting away in the United States; it remains to be seen when the U.S. Patent and Trademark Office (USPTO) will truly/fully honour 35 U.S.C. 101 and stop granting such patents

THE situation in 2018 is probably worse for software patents than it has ever been (except before such patents were introduced, a few decades after software itself had emerged). The Federal Circuit continues to affirm inter partes reviews (IPRs) undertaken by the Patent Trial and Appeal Board (PTAB) at the USPTO in (re)assessing software patents, so why does the USPTO still grant any such patents? That merely harms confidence is US patents and collectively reduces their value.

That merely harms confidence is US patents and collectively reduces their value.As we often note here, the USPTO continues granting far too many abstract patents because of tricks like calling these apparatus (examples from yesterday) and buzzwords like AI. In spite of knowing courts would void these, examiners let them be. See this day-old survey of newly-granted patents; many of them sound very abstract and here's why they're still being granted. Theres more money in granting than in rejecting, but what would be the fate of the office if it kept granting patents only for them to be rendered invalid later?

it seems like CAFC is pretty consistent in such rulings and its therefore unsurprising that the patent microcosm attacks CAFC and its judges. These maximalists cannot think of any other strategy.In the United States patent courts not Office (PTO) software patents are pretty much dead, but its expensive to show this....

13:01

Welcome to the Internet of Swords "IndyWatch Feed Tech"

As has been made abundantly clear by the advertising department of essentially every consumer electronics manufacturer on the planet: everything is improved by the addition of sensors and a smartphone companion app. Doesnt matter if its your thermostat or your toilet, you absolutely must know at all times that its operating at peak efficiency. But why stop at household gadgets? What better to induct into the Internet of Things than 600 year old samurai weaponry?

Introducing the eKatana by [Carlos Justiniano]: by adding a microcontroller and accelerometer to the handle of a practice sword, it provides data on the motion of the blade as its swung. When accuracy and precision counts in competitive Katana exhibitions, a sword that can give you real time feedback on your performance could be a valuable training aid.

The eKatana is powered by an Adafruit Feather 32u4 Bluefruit LE and LSM9DS0 accelerometer module along with a tiny 110 mAh LiPo battery. Bundled together, it makes for a small and unobtrusive package at the base of the swords handle. [Carlos] mentions a 3D printed enclosure of some type would be a logical future improvement, though a practice sword that has a hollow handle to hold the electronics is probably the most ideal solutio...

12:38

Smashing Security #091: Sextortion, Las Vegas hotels, and Alex Jones "IndyWatch Feed Tech"

Just how did sextortionists get (some) of the digits in your phone number? Why are some hackers saying they wont be going to DEF CON in Las Vegas anymore? And should Alex Jones from InfoWars be banned from Twitter?

All this and much more is discussed in the latest edition of the award-winning Smashing Security podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Maria Varmazis.

12:11

How Blockchain and the Auto Industry Will Fit Together "IndyWatch Feed Tech"

At this point, most of the specific potential uses for blockchain in various industries are quite speculative and a number of years out, says Gordon Haff, technology evangelist at Red Hat. What we can do, though, is think about the type of uses that play to blockchain strengths.

12:04

Almost Two Months After the ILO Ruling Staff Representative Brumme is Finally Back on the Job at EPO "IndyWatch Feed Tech"

A photo of Ion Brumme

Summary: Ion Brumme (above) gets his position at the EPO back, owing to the Administrative Tribunal of the International Labour Organization (ILO-AT) ruling back in July; things, however, arent rosy for the Office as a whole

THE EPOs peculiar affairs with justice go quite some while back. Things culminated in early 2015 when the EPOs management refused to obey a Dutch courts ruling regarding SUEPO. Aside from that, the EPO had become notorious for its kangaroo courts a staged notion of justice (or mere theatre) as later confirmed by ILO-AT.

Even a petition regarding patent quality needed to be made anonymous and it did not receive sufficient press coverage (not as much as it deserved anyway).Well, belatedly (as was the case with Judge Corcoron) the EPO is complying with court rulings from ILO-AT. It is better late than never, the saying goes, but they had to eventually do it, even cursorily, otherwise it would count as eternal contempt of the courts.

IPPro Patents wrote about Ion Brumme, naming Aurlien Ptiaud, Michael Lund, Laurent Prunier and Elizabeth Hardon. If someone can pass to us the full message from Brumme, that would be appreciated. The article contains many fragments from it, but not the original in its entirety. To quote a couple of portions:

European Patent Office (EPO) president Antnio Campinos must give back the staff their voice, according to Ion Brumme, chairman of the Staff Union of the EPO (SUEPO) Munich section.

Brumme was speaking in a message circulated to SUEPO on the day (15 August) he returned to active duty at the EPO following his dismissal two and a half years ago.

In the message Brumme revealed he had returned to the office after the International Labour Organisation (ILO) exonerated him and his colleague Malika Weaver.

Brumme specifically addressed Campinos, asking him to stop the persecutions of union officials and staff representatives.

Some are still undergoing unnecessary disciplinary procedures and ILO complaints. You can...

11:57

Trump Administration Expected to Propose Limiting Citizenship for Legal Immigrants "IndyWatch Feed Tech"

CBS News reports:

The Trump administration is expected to issue a proposal in coming weeks that would make it harder for legal immigrants to become citizens or get green cards if they have ever used a range of popular public welfare programs, including Obamacare, four sources with knowledge of the plan told NBC News.

The move, which would not need congressional approval, is part of White House senior adviser Stephen Miller's plan to limit the number of migrants who obtain legal status in the U.S. each year.

[...] Though its effects could be far-reaching, the proposal to limit citizenship to immigrants who have not used public assistance does not appear to need congressional approval. As the Clinton administration did in 1999, the Trump administration would be redefining the term "public charge," which first emerged in immigration law in the 1800s in order to shield the U.S. from burdening too many immigrants who could not contribute to society.


Original Submission

Read more of this story at SoylentNews.

11:45

Linux Kernel Diverts Question To Distros: Trust CPU Hardware Random Number Generators? "IndyWatch Feed Tech"

In a controversial move, the Linux kernel will be pushing the question off to distribution vendors on whether to put trust in CPU hardware random number generators...

11:39

What is CI/CD? "IndyWatch Feed Tech"

Continuous integration (CI) and continuous delivery (CD) are extremely common terms used when talking about producing software. But what do they really mean? In this article, I'll explain the meaning and significance behind these and related terms, such as continuous testing and continuous deployment.

11:22

Some Of The Smaller Features Hitting The Linux 4.19 Kernel This Week "IndyWatch Feed Tech"

Here is a look at some of the smaller features landing in the Linux 4.19 kernel this week in a variety of different subsystems...

11:15

Cloud computing remains top emerging business risk "IndyWatch Feed Tech"

Cloud computing ranks as the top risk concern for executives in risk, audit, finance and compliance, according to the latest survey by Gartner. In Gartners latest quarterly Emerging Risks Report, 110 senior executives in risk, audit, finance and compliance at large global organizations identified cloud computing as the top concern for the second consecutive quarter. Additional information security risks, such as cybersecurity disclosure and GDPR compliance, ranked among the top five concerns of the executives More

The post Cloud computing remains top emerging business risk appeared first on Help Net Security.

11:03

NASA 60th: Whats Out There "IndyWatch Feed Tech"

Click on photo to start video.

During our past 60 years of existence, weve advanced our understanding of NASA Solar System Exploration and beyond by continually asking Whats out there?. Learn more about our story of exploration, innovation and discovery:

Click on photo to start video.

#NASA60th

11:02

In race for better batteries, Japan hopes to extend its lead "IndyWatch Feed Tech"

TOKYO Imagine electric cars that can travel 700km to 800km on a single charge, twice as far as they do today. Imagine batteries that are smaller, safer and pack more punch than the lithium-ion cells that power our gadgets now.

Such is the promise of solid-state batteries. Capable of holding more electricity and recharging more quickly than their lithium-ion counterparts, they could do to lithium-ion power cells what transistors did to vacuum tubes: render them obsolete.

As their name implies, solid-state batteries use solid rather than liquid materials as an electrolyte. That is the stuff through which ions pass as they move between the poles of a battery as it is charged and discharged. Because they do not leak or give off flammable vapor, as lithium-ion batteries are prone to, solid-state batteries are safer. They are also more energy-dense and thus more compact.

10:55

eBook: Windows PowerShell Scripting Tutorial "IndyWatch Feed Tech"

This PowerShell tutorial opens with an introduction to PowerShell scripting basics. It guides you through various topics, starting with launching PowerShell and preparing to run PowerShell scripts. Learning these basics will help you easily perform virtually any administration task in your Windows IT environment. In this eBook youll find: PowerShell (PS) Scripting Basics Top 10 Active Directory Management Tasks with PS Top 10 File System Management Tasks with PS Automating PS Scripts How to More

The post eBook: Windows PowerShell Scripting Tutorial appeared first on Help Net Security.

10:48

TRON: Our BitTorrent Plan Might Take Two Decades "IndyWatch Feed Tech"

Back in May, TF broke the news that Justin Sun, the entrepreneur behind the popular cryptocurrency TRON, was in the process of acquiring BitTorrent Inc.

Two months later, BitTorrent Inc. and the TRON Foundation confirmed the acquisition.

With this acquisition, BitTorrent will continue to provide high quality services for over 100M users around the world. We believe that joining the TRON network will further enhance BitTorrent and accelerate our mission of creating an Internet of options, not rules, BitTorrent Inc. said.

TRONs Justin Sun added that the acquisition of BitTorrent supports his foundations goal to decentralize the web but more concrete details beyond this vision have proven elusive. The entrepreneur has mentioned the possibility of rewarding BitTorrent seeders but that raises even more questions.

This week, in celebration of TRONs US and China teams meeting up for the first time, Sun dangled some additional information on why the acquisition took place and what TRONs plans are for the future.

Contrary to speculation, the main reason for the acquisition isnt BitTorrents more than 100M active users, and it isnt for an amazing commercial opportunity, Sun said.

Yes, these things are great perks, but the more important reason is that BitTorrent has always been committed to one value, which is Democratize the Internet. This is very much in line with TRONs Decentralize the Web. The fact that our values are in sync is the driving force behind this acquisition.

Following a short history lesson on Web 1.0 through to todays Web 3.0, Sun highlighted BitTorrent achievements in the decentralized arena, one which enabled people to envision a totally decentralized Internet in the future. However, profit-focused companies like Google, Apple, Facebook, Amazon, and Netflix eventually stepped in with models that only served to further centralize the Internet.

The mistrust in centralization naturally results in a public reaction where people are expecting government intervention to monitor big te...

10:30

Trend Micro launches product to protect telecom networks serving business and home users "IndyWatch Feed Tech"

Trend Micro announced the launch of a product that enables telecom carriers as well as service and cloud providers to protect telecom networks. This solution is customized for network function virtualization architectures, which networks are being built upon. The telecom industry is undergoing a profound change as service providers scramble to support the proliferation of devices available on the market and future-proof networks for the coming 5G standard, said Eva Chen, CEO of Trend Micro. More

The post Trend Micro launches product to protect telecom networks serving business and home users appeared first on Help Net Security.

10:27

SSIC advances cyber risk analytics with new release "IndyWatch Feed Tech"

Secure Systems Innovation Corporation (SSIC) is announcing the upcoming release of X-Analytics 2.0, its patented cyber risk analytics model. The new release includes several additions to deliver cyber risk analytics to customers: Interactive data visualization: The new release now leverages Tableau, technology to create compelling, impactful data visualization stories, transforming cyber risk financial analysis into executive and board-level outputs. Cybersecurity ROI analysis: The new release now illustrates the results from pre-built what-if cyber risk simulations More

The post SSIC advances cyber risk analytics with new release appeared first on Help Net Security.

10:26

BAE Systems and Splunk secure U.S. government clouds through machine learning "IndyWatch Feed Tech"

BAE Systems announced a new collaboration with Splunk to integrate Splunk Enterprise into its government cloud solution. The federated secure cloud, developed by BAE Systems and Dell EMC, is a scalable, hybrid cloud solution designed from the ground up to meet both the mission needs and security requirements for any US Intelligence Community, Department of Defense (DoD), or federal/civilian government organization. The security tools and advanced machine learning algorithms included with Splunk Enterprise automate the More

The post BAE Systems and Splunk secure U.S. government clouds through machine learning appeared first on Help Net Security.

10:23

Alkemist: Harden vulnerable embedded systems and devices "IndyWatch Feed Tech"

RunSafe Security announced the availability of Alkemist, a proprietary self-service technology built to reduce vulnerabilities and deny malware the uniformity needed to execute. Previously known as Software Guardian, Alkemist uses deployable software binary runtime application self-protection (RASP) methods to reduce risk by precluding exploits from spreading across multiple devices and networks. Originally born out of a research project for the Advanced Research Projects Agency of the Department of Defense, Alkemist is the self-service cyberhardening tool More

The post Alkemist: Harden vulnerable embedded systems and devices appeared first on Help Net Security.

10:22

US targets a megawatt laser by 2023 and then deployment in drones and satellites for hypersonic and ICBM defense "IndyWatch Feed Tech"

The US Congress wants the Missile Defense Agency (MDA) to rapidly develop and demonstrate a boost-phase ICBM (and hypersonic weapon) intercept capability as soon as practicable.

Space-based laser weapons technology is one of the options.

10:20

Bridge Collapses in Genoa, Kills Over 20 People "IndyWatch Feed Tech"

https://www.npr.org/2018/08/14/638462800/suspension-bridge-on-busy-highway-partially-collapses-in-genoa:

A long section of the towering Ponte Morandi Bridge completely collapsed in Genoa, Italy, on Tuesday, sending cars and trucks on the A10 highway crashing down below. Dozens of people died in the bridge failure, officials say.

As news emerged from the chaotic scene, the death toll fluctuated several times Tuesday. Prime Minister Giuseppe Conte said there were 22 dead, according to public broadcaster Rai News. But Italy's ANSA news agency has reported at least 37 people died, citing the fire brigade.

Workers have found bodies and vehicles in the massive amount of wreckage left by the collapse and at least 11 people have been pulled from the rubble alive, Italian media report.

[...] The disaster struck shortly before noon, when one of the bridge's central pillars collapsed during a violent rainstorm. A witness told ANSA that lightning had struck the bridge before the collapse.

[...] The bridge was built in the late 1960s, at a length of more than 3,600 feet. It had recently been the subject of renovation and repair efforts. Italian roadway company Autostrade says the most recent work included consolidating the viaduct's base a project that included installing a bridge crane.

Besides the obvious news value of this event, I'd be curious of any civil engineers or structural engineers could comment on the engineering behind such things. What causes these types of crumblings to happen, and exactly how reliable is infrastructure around the world?


Original Submission

Read more of this story at SoylentNews.

10:18

SnapLogic accelerates SDLC with new DevOps and automation capabilities "IndyWatch Feed Tech"

SnapLogic announced DevOps and automation capabilities, including new integration with GitHub and support for Mesosphere to automate elements of continuous integration and continuous delivery (CI/CD). These new enhancements to the SnapLogic Enterprise Integration Cloud provide the companys customer base with self-service application and data integration to streamline and accelerate the software development lifecycle. SnapLogic also announced updates to its Iris AI technologies and a new patterns catalog to help users build integration pipelines. Todays enterprises More

The post SnapLogic accelerates SDLC with new DevOps and automation capabilities appeared first on Help Net Security.

10:01

Theo Jansen Invents A Faster, Simpler, Wind-Powered Strandbeest "IndyWatch Feed Tech"

[Theo Jansen] has come up with an intriguing wind-powered strandbeest which races along the beach with surprising speed and grace. According to [Jansen], it doesnt have hinging joints like the classical strandbeests, so they dont get sand in their joints and you dont have to lubricate them. Its called UMINAMI, which appropriately means ocean wave in Japanese.

There are only videos of it in action to go on so far, but a lot can be gleaned from them. To make it easier to keep track of just a single leg, weve slowed things down and reddened one of them in the banner animation. Those legs seem to be providing a push but the forward motion is more likely supplied by the sails. The second video below shows it being pulled along by the type of strandbeest were all more used to seeing.

What follows is an analysis and best guess about how it works. Or you can just enjoy its graceful undulations in the videos below.

How is it all connected together? There are two sets of horizontal beams which span the length of the strandbeest around halfway down the height. These beams are fixed in length and seem to be for constraining the overall length. There are two sets of them, dividing the wave in the middle and possibly done that way to allow the two sections to tilt sideways independently of each other

...

09:49

Piping botnet: Researchers warns of possible cyberattacks against urban water services "IndyWatch Feed Tech"

Piping botnet Israeli researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation systems that water simultaneously.

Ben-Gurion University of the Negev (BGU) cyber security researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation systems that water simultaneously. A botnet is a large network of computers or devices controlled by a command and control server without the owners knowledge.

Ben Nassi, a researcher at Cyber@BGU, will be presenting Attacking Smart Irrigation Systems in Las Vegas at the prestigious Def Con 26 Conference in the IoT Village on August 11.

The researchers analyzed and found vulnerabilities in a number of commercial smart irrigation systems, which enable attackers to remotely turn watering systems on and off at will. The researchers tested three of the most widely sold smart irrigation systems: GreenIQ, BlueSpray, and RainMachine smart irrigation systems. Watch the video.

By simultaneously applying a distributed attack that exploits such vulnerabilities, a botnet of 1,355 smart irrigation systems can empty an urban water tower in an hour and a botnet of 23,866 smart irrigation systems can empty good water reservoir overnight, Nassi says. We have notified the companies to alert them of the security gaps so they can upgrade their smart systems irrigation systems firmware.

Water production and delivery systems are part of a nations critical infrastructure and generally, are secured to prevent attackers from infecting their systems. However, municipalities and local government entities have adopted new green technology using IoT smart irrigation systems to replace traditional sprinkler systems, and they dont have the same critical infrastructure security standards.

In the study, the researchers present a new attack against urban water services that doesnt require infecting its physical cyber systems. Instead, the attack can be applied using a botnet of smart irrigation regulation systems at urban water services that are much easier to attack.

...

09:00

Revolving Door: How Security Clearances Perpetuate Top-Level Corruption in the United States "IndyWatch Feed Tech"

 



What has changed is that all these folks now have their communications recorded and actively tracked.  The prime reason that these clearances have not been revoked is because all these fine chaps are been actively investigated for serious crimes.   Just because it is obvious, does not mean that we have the whole story. 

Add in the continuing provocation of the so called Mueller investigation whose sole achievement to date has been to act as a stalking horse for Clinton wrong doing and you may have a clue as to what is really happening.

The whole world now understands the depth and even the detail of corrupt practice clearly undertaken by the past administration.  All while pretending to investigate Trump.  Meanwhile we have plus 45,000 sealed indictments out there and  a massive wave of high level resignations.  Those are two completely verifiable facts that ring in the sound of a very large door slamming shut.

Even Judge Jeanine finally got the joke.  No need to cancel clearances when they will soon be arrested for high crimes and treason.  In the meantime the silence has been golden and very welcome.

...

09:00

Get The Champagne Out" - The Longest Bull Market Of All Time "IndyWatch Feed Tech"

 

 

 What was missing for most of this secular bull market was reinvestment in the USA. Most of those investment dollars were clearly going offshore not least because of Obama Administration policy initiatives and promotion of the regulatory State.  The corporations were doing fine, just elsewhere.

This also explains just how easy it was for Trump to succeed in Jaw boning the USA economy back into a robust health.  The Global economy has been expanding and will continue to do so because the whole global population is fully monetizing and accessing cell phone banking.   It is the USA which has been draggging its feet through stupid policy not unlike what has been done at times elsewhere.

Recent shakedowns on Tariffs are all about forcing open negotiations in regard to general trade.  Trump happens to be a free  trader  who understands that it takes two free traders to make it work.  The USA has been as guilty as anyone but so what.  Start a trade war so all bad behavior gets confronted..

Get The Champagne Out": In 14 Trading Days This Becomes The Longest Bull Market Of All Time

...

After 50 years, the patient victims of Leftist oppression finally begin to resist "IndyWatch Feed Tech"

09:00

Qanon - Gmail drafts supported Global criminality "IndyWatch Feed Tech"





As I posted a long time ago, the pedophilia conspiracy is the sole stable conspiracy.  For that reason it morphed into the NWO as well and all this has been sustained for generations plausibly tracking back to the seventeenth century when it was still possible to draw on older satanic lore.

What now becomes obvious is that the take down of the NWO is only a side benefit of taking down the global pedophile network. All the activity i have been reporting on is aimed first at the pedophiles.   This was a bit of a surprise at first but it is also inevitable.  Read these items just now coming in on the Q feed.

The big shock is that Google operated a clandestine network outside the USA to accommodate the Muslim brotherhood and likely drug traffickers and of course child trafficking. 

We also learn that a program is presently underway shutting down countries involved.  This is well underway although we are looking at the easy ones in which we have been engaged.  Not mentioned in this list is Pakistan and conditions there supplies feudal lords who have serfs to sell.

Q has quite suddenly brought it all up front and center.  This will be the primary cover for the coming mass arrests.  After all only a few were ever political players.  At the same time we now have had two years of visible local law enforcement action as well.  That arresting 50,000 pedophiles also guts the political class is almost unnoticed.  

...

08:43

How IoT Devices Empower Companies at the Expense of Consumers "IndyWatch Feed Tech"

David Rosenthal has written a blog post on how end users may be affected by tort law. Specifically, he discusses two points in The Internet of Torts raised by Rebecca Crootof:

  • Introducing the Internet of Torts, in which she describes "how IoT devices empower companies at the expense of consumers and how extant law shields industry from liability."
  • Accountability for the Internet of Torts, in which she discusses "how new products liability law and fiduciary duties could be used to rectify this new power imbalance and ensure that IoT companies are held accountable for the harms they foreseeably cause."

Original Submission

Read more of this story at SoylentNews.

08:27

PhishPoint Phishing Attack A new technique to Bypass Microsoft Office 365 Protections "IndyWatch Feed Tech"

Security experts from the cloud security firm Avanan have discovered a new technique dubbed PhishPoint, that was used by hackers to bypass Microsoft Office 365 protections.

PhishPoint is a new SharePoint phishing attack that affected an estimated 10% of Office 365 users over the last 2 weeks.

The experts are warning of the new technique that was already used in attacks by scammers and crooks to bypass the Advanced Threat Protection (ATP) mechanism implemented by most popular email services, Microsoft Office 365.

Over the past two weeks, we detected (and blocked) a new phishing attack that affected about 10% of Avanans Office 365 customers. We estimate this percentage applies to Office 365 globally. PhishPoint marks an evolution in phishing attacks, where hackers go beyond just email and use SharePoint to harvest end-users credentials for Office 365. reads the analysis published by Avanan.

Essentially, hackers are using SharePoint files to host phishing links. By inserting the malicious link into a SharePoint file rather than the email itself, hackers bypass Office 365 built-in security. 

In a PhishPoint attack scenario, the victim receives an email containing a link to a SharePoint document. The content of the message is identical to a standard SharePoint invitation to collaborate.

phishpoint attack

Once the user clicked the hyperlink included in the fake invitation, the browser automatically opens a SharePoint file.

The SharePoint file content impersonates a standard access request to a OneDrive file, with an Access Document hyperlink that is actually a malicious URL that redirects the victim to a spoofed Office 365 login screen.

This landing page asks the victim to provide his login credentials.

Experts highlighted that Microsoft protection mechanisms scan the b...

07:06

SEC Reportedly Subpoenas Tesla Over Take-Private Tweet "IndyWatch Feed Tech"

Tesla Is Said to Be Subpoenaed by S.E.C. Over Elon Musk Tweet (archive)

Federal securities regulators have served Tesla with a subpoena, according to a person familiar with the investigation, increasing pressure on the electric car company as it deals with the fallout from several recent actions by its chief executive, Elon Musk.

The subpoena, from the Securities and Exchange Commission, comes days after regulators began inquiring about an Aug. 7 Twitter post by Mr. Musk, in which he said he was considering converting Tesla to a private company. In the post, he said that the financing for such a transaction, which would probably run into the tens of billions of dollars, had been "secured."

Tesla shares, a popular target for so-called short sellers who bet on certain stocks losing value, soared about 11 percent on the day Mr. Musk posted the message.

It has become clear since then that neither Mr. Musk nor Tesla had actually lined up the necessary financing aside from having preliminary conversations with some investors.

Musk tweeted[*] that he wanted to take Tesla private at $420 a share. Azealia Banks claimed[**] to have been in Musk's home and witnessed Elon Musk tweeting while using LSD and making frantic calls to shore up funding for a take-private attempt. Maybe Azealia Banks will be called to testify by the SEC?

[*] The actual tweets:

Read more of this story at SoylentNews.

07:00

Zener Diode Tutorial "IndyWatch Feed Tech"

We always enjoy [w2aews] videos, and his latest on zener diodes is no exception. In it, he asserts that all Zener diodes are not created equal. Why? Youll have to watch the video below to find out.

Zener diodes are one of those strange items that have several uses but are not as popular as they once were. There was a time when the Zener was a reasonable way to regulate a voltage inexpensively and easily. Unfortunately the regulation characteristics were not very good, and the power lost was very high. But that was sometimes a reasonable trade, compared to putting a pass transistor and the associated discrete circuitry in place to make a linear regulator. With the advent of chips like the 7800-series regulators, you can have a high-quality regulator with one extra wire and still keep your costs under $1. Even if you want to do better and go with a switching power supply, thats easy now and not much more expensive.

So you dont see as many Zener power supplies as you used to. But there are still cases where they are useful. For example as part of a voltage reference circuit, since they can be reasonably accurate if the load current is constant. They are also useful for clipping voltages, circuit protection, and can even be part of a random number generator that will take advantage of their inherent noise during avalanche operation.

Whats avalanche operation? Watch the end of the video and find out. This isnt the first time weve talked about the lowly Zener. Weve also talked about Zeners and Schottky diodes, too.

05:49

NEW 'Off The Hook' ONLINE "IndyWatch Feed Tech"

NEW 'Off The Hook' ONLINE

Posted 16 Aug, 2018 3:49:59 UTC

The new edition of Off The Hook from 15/08/2018 has been archived and is now available online.

05:29

Nvidia Announces Turing Architecture With Focus on Ray-Tracing and Lower-Precision Operations "IndyWatch Feed Tech"

NVIDIA Reveals Next-Gen Turing GPU Architecture: NVIDIA Doubles-Down on Ray Tracing, GDDR6, & More

The big change here is that NVIDIA is going to be including even more ray tracing hardware with Turing in order to offer faster and more efficient hardware ray tracing acceleration. New to the Turing architecture is what NVIDIA is calling an RT core, the underpinnings of which we aren't fully informed on at this time, but serve as dedicated ray tracing processors. These processor blocks accelerate both ray-triangle intersection checks and bounding volume hierarchy (BVH) manipulation, the latter being a very popular data structure for storing objects for ray tracing.

NVIDIA is stating that the fastest Turing parts can cast 10 Billion (Giga) rays per second, which compared to the unaccelerated Pascal is a 25x improvement in ray tracing performance.

The Turing architecture also carries over the tensor cores from Volta, and indeed these have even been enhanced over Volta. The tensor cores are an important aspect of multiple NVIDIA initiatives. Along with speeding up ray tracing itself, NVIDIA's other tool in their bag of tricks is to reduce the amount of rays required in a scene by using AI denoising to clean up an image, which is something the tensor cores excel at. Of course that's not the only feature tensor cores are for NVIDIA's entire AI/neural networking empire is all but built on them so while not a primary focus for the SIGGRAPH crowd, this also confirms that NVIDIA's most powerful neural networking hardware will be coming to a wider range of GPUs.

New to Turing is support for a wider range of precisions, and as such the potential for significant speedups in workloads that don't require high precisions. On top of Volta's FP16 precision mode, Turing's tensor cores also support INT8 and even INT4 precisions. These are 2x and 4x faster than FP16 respectively, and while NVIDIA's presentation doesn't dive too deep here, I would imagine they're doing something similar to the data packing they use for low-precision operations on the CUDA cores. And without going too deep ourselves here, while reducing the precision of a neural network has diminishing returns by INT4 we're down to a total of just 16(!) values there are certain models that really can get away with this very low level of precision. And as a result the lower precision modes, while not always useful, will undoubtedly make some users quite happy at the throughput, especially in inferencing tasks....

05:00

How Women Came to Dominate Neuroendocrinology - Issue 63: Horizons "IndyWatch Feed Tech"


When Kathleen Morrison stepped onto the stage to present her research on the effects of stress on the brains of mothers and infants, she was nearly seven and a half months pregnant. The convergence was not lost on Morrison, a postdoctoral researcher at the University of Maryland School of Medicine, nor on her audience. If there ever was a group of scientists that would be both interested in her findings and unfazed by her late-stage pregnancy, it was this one. Nearly 90 percent were women.

It is uncommon for any field of science to be dominated by women. In 2015, women received only 34.4 percent of all STEM degrees.1 Even though women now earn more than half of PhDs in biology-related disciplines, only 36 percent of assistant professors and 18 percent of full professors in biology-related fields are women.2 Yet, 70 percent of the speakers at this years meeting of the Organization for the Study of Sex Differences (OSSD), where Morrison spoke, were women. Women make up 67 percent of the regular members and 81 percent of trainee members of OSSD, which was founded by the Society for Womens Health Research. Similarly, 68 percent of the speakers at the annual meeting
Read More

The Online Magazine You Cant Read Online - Issue 63: Horizons "IndyWatch Feed Tech"


The latest cover of The Disconnect, a new online magazine, features an animated digital fingerprint that is unique to you, the reader. It tells you what browser youre using, what time zone your clock is set to, and what kind of hardware your computer or device has.

Unlike most magazines and websites, though, this information is not tracked or stored. In fact, the magazines founder and editor, Chris Bolin, cant tell which stories youre reading or how long youve been on the site. Thats because, if youre reading his magazine, youre not on the internet.

When you browse to The Disconnects homepage, youre greeted with an unusual request. Please Disconnect from the Internet. This is an offline-only magazine of commentary, fiction and poetry. Bolin, who is a software engineer, uses a browser feature to check whether youre online, and will only show you an issue when youre not. No cheatingconnecting back online when youre in the middle of a story will hide it.

The magazine presents the reader with a set of paradoxes: It can only be reached online, but cant be read online. It shows you it can track you, but then doesnt.
Read More

Beyond Sexual Orientation - Issue 63: Horizons "IndyWatch Feed Tech"


Lisa Diamonds seventh interview is the one that she remembers best. She had recruited subject 007 at Cornell University, where she was studying how women who express attraction to other women come to understand their sexual identity.  One early evening in 1995, in a conference room on the university campus, she settled down to ask the first question of her subject.

How did 007 currently identify herself on the spectrum of sexual identities? The woman answered that she didnt know. She told Diamond that she had been heterosexual all her life until just that last week, when she suddenly found herself falling in love with her best frienda woman. They had had sex a couple of times, something she described as very satisfying. Part of Diamonds work was to categorize her subjects based on how they self-identified, but 007 wasnt sureso Diamond put her into the unlabeled category.

By the time 007 left after the two hour interview, Diamond had tentatively concluded that the woman would come out as bisexual in her follow-up interview. But 007 never did. The interaction marked the beginning of Diamonds gradual realization that her assumptions about sexuality needed to change. In addition to the static
Read More

04:03

Why US elections remain dangerously vulnerable to cyber-attacks "IndyWatch Feed Tech"

Officials have dragged their feet on updating machines and securing data and a climate of fear could undermine voter confidence.

04:02

Google tracks users who turn off location "IndyWatch Feed Tech"

A study from Associated Press suggests that users are still tracked even if they turn off location history.

04:00

Before Sending A Probe To The Sun, Make Sure It Can Take The Heat "IndyWatch Feed Tech"

This past weekend, NASAs Parker Solar Probe took off for a journey to study our local star. While its mission is well covered by science literate media sources, the equally interesting behind-the-scenes information is a little harder to come by. For that, we have Science News who gave us a look at some of the work that went into testing the probe.

NASA has built and tested space probes before, but none of them were destined to get as close to the sun as Parker will, creating new challenges for testing the probe. The lead engineer for the heat shield, Elizabeth Congdon, was quoted in the article: Getting things hot on Earth is easier than you would think it is, getting things hot on Earth in vacuum is difficult. The team used everything from a concentrated solar facility to hacking IMAX movie projector lenses.

The extreme heat also posed indirect problems elsewhere on the probe. A rocket launch is not a gentle affair, any cargo has to tolerate a great deal of shock and vibration. A typical solution for keeping fasteners in place is to glue them down with an epoxy, but theyd melt where Parker is going so something else had to be done. Its not all high technology and exotic materials, though, as when the goal was to verify that the heat shield was strong enough to withstand up to 20G of acceleration expected during launch, the test team simulated extra weight by stacking paper on top of it.

All that testing should ensure Parker can perform its mission and tell...

03:52

Alexa and Cortana Integration Starts Rolling Out Today "IndyWatch Feed Tech"

Microsoft's Cortana and Amazon's Alexa digital assistants can now talk to each other. The collaboration between the two assistants was announced last year and was originally due to become available by the end of 2017.

Microsoft showed how the integration would work at its Build conference earlier this year, and what's rolling out today seems little changed from that demo. From a Cortana-native device (a Windows 10 PC, an Xbox, the Harman Kardon speaker), "Hey Cortana, open Alexa" will switch you to speaking to Alexa. From there, you have access to Alexa's full range of shopping (not that anyone seems to really care about that), music, weather, and so on.


Original Submission

Read more of this story at SoylentNews.

03:25

The Hill Interview: Twitter CEO Jack Dorsey explains what got Alex Jones suspended "IndyWatch Feed Tech"

Twitter CEO Jack Dorsey isnt sure if the timeout given to Alex Jones will convince the right-wing conspiracy theorist to reconsider his social media behavior.But Dorsey, in an interview with The Hill the morning after his company handed down a...

03:18

[$] LWN.net Weekly Edition for August 16, 2018 "IndyWatch Feed Tech"

The LWN.net Weekly Edition for August 16, 2018 is available.

02:22

I almost died from a leading American killer: Choking on food "IndyWatch Feed Tech"

I have a very important and scary story to share I wrote. Give it a read. Its published the Napa Valley Register (the main paper of a community where my wine business is newly located). The article is about one of the most common and unexpected ways people around the world die. I almost did.


I recently completed a European speaking tour discussing transhumanism, a social movement whose primary goal is to live as long as possible through science.

Ironically, Ill probably remember the month-long tour most for a specific 60 secondswhen I almost choked to death on thick, leathery bread in a German restaurant. This may be surprising, but the fourth-leading cause of unintentional death in America is asphyxiation from choking on food, according to the National Safety Council.

In fact, a few years ago, a high school friend of mine who was a talented athlete died when meat became lodged in his windpipe. In total, approximately 2,500 Americans perish every year from choking on food.

Most people never worry about the mechanics of how food travels from the mouth to the stomachmany of us have eaten tens of thousands of times without serious incident. But in todays modern society, with a range of new types of foods and textures, and the fact many of us are always in a rush (like I was constantly on my speaking tour), people should consider choking dangers far more. People should also know that they can choke on a wide variety of foods that accidentally get stuck in the trachea instead of going down the esophagus.

02:15

Bethesda Clashes With Sony on PS4 Cross-Play, Changes Review Policy "IndyWatch Feed Tech"

Bethesda Declares War on Sony Over Cross-Play Limitations

[The Elder Scrolls Legends] is a strategy card game that encompasses both single and multiplayer...It is both cross-platform play and cross-platform progress. It is our intention in order for the game to come out, it has to be those things on any system. We cannot have a game that works one way across everywhere else except for on this one thing. The way the game works right now on Apple, Google, Steam, and Bethesda.net, it doesn't matter where you buy your stuff, if you play it on another platform that stuff is there. It doesn't matter what platform you play on, you play against everyone else who is playing at that moment. There's no 'Oh, it's easier to control, or it has a better framerate on this system.' It's a strategy card game. It doesn't matter.

Separately, Why Bethesda changed its review policy:

Read more of this story at SoylentNews.

01:57

CORRECTION: FCC targets pirate radio station that broadcasts Alex Jones "IndyWatch Feed Tech"

The Federal Communications Commission (FCC) has shut down a pirate radio station known for its broadcasts of conspiracy theorist Alex Jones.The Austin American-Statesman reported Wednesday that the station, Liberty Radio, was hit with...

01:40

GNOME Celebrates Its 21st Birthday By Releasing GNOME 3.29.91 "IndyWatch Feed Tech"

Today marks 21 years since the GNOME desktop environment project was started by Miguel de Icaza and Federico Mena. Coincidentally, released today is GNOME 3.29.91 that is the GNOME 3.30 desktop's second beta release...

01:16

Hillicon Valley: Trump revokes Brennan's security clearance | Twitter cracks down on InfoWars | AT&T hit with crypto lawsuit | DHS hosts election security exercise "IndyWatch Feed Tech"

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Morgan Chalfant (@mchalfant16) and Olivia Beavers (@olivia_beavers),...

01:16

UPS to Deploy Fuel Cell/Battery Hybrids as Zero-Emission Delivery Trucks "IndyWatch Feed Tech"

Hydrogen fuel cells extend the range of battery-powered trucks now heading for California roads

img
Photo: Roy Pea/University of Texas Road Ready: This converted UPS truck features a 32-kilowatt fuel-cell module from Hydrogenics.

Austin Mabrey steers the clanging United Parcel Service (UPS) van down a street in Austin, Texas. But hes not driving the boxy brown vehicle to deliver packages. Mabrey is road-testing its zero-emission systema hybrid of hydrogen fuel cells and lithium iron phosphate batteries.

Its peppier than I wouldve imagined, he says. Near my perch in the passenger seat, a high-pitched hum emanates from the electric motor that drives the hydraulic power-steering pump. As we approach a narrow turn, Mabrey engages the regenerative braking system, which recharges the batteries, and a whining noise erupts from the back.

Were circling the Center for Electromechanics at the University of Texas (UT), where engineers are almost finished testing the vans power train inside a cavernous research hangar. They began road trials in June after working for more than a year to design and model the concept, though the project first won federal funding in 2013. UPS plans to deploy the prototype in California later this year and, if all goes well, roll out more vehicles just like it.

Logistics companies and automakers worldwide are developing vans and trucks that dont emit any pollution. But its much more complicated to build a zero-emission cargo truck than it is to produce an emissionless passenger car. New fuel systems cant encroach on cargo space or add more weight to a trucks bulky frame. And trucks must be able to run their normal routes without making extra stops to recharge batteries or refill tanks.

The driver has to be able to accomplish their missionits a work truck, says Joe Ambrosio of Unique Electric Solutions, which is integrating the UPS vans electric components. The New York firm hired six interns from UT to work on the project, including Mabrey, who is now an engineer at the company.

From the sidewalk, the van looks like any other delivery vehicle. UPS provided a 2007 diesel van to UT researchers, who converted it into a fuel-cell/battery hybrid. The new system includes a high-power, 99-kilowatt-hour battery pack from Lithium...

01:00

Every Shop Needs A Giant Wooden Utility Knife "IndyWatch Feed Tech"

Generally speaking, we dont cover that many woodworking projects here at Hackaday. Whats the point? Its bad enough that wood reminds us of the outside world, but it hardly ever blinks, and forget about connecting it to Wi-Fi. This doesnt seem to bother you fine readers, so we have to assume most of you feel the same way. But while we might not always get large woodworking projects around these parts, were quite familiar with the obsession dedication required to work on a project for no other reason than to say you managed to pull it off.

On that note, we present the latest creation of [Paul Jackman], a supersized replica of a Stanley utility knife made entirely out of wood. All wooden except for the blade anyway, which is cut from 1/8 thick knife steel. Thats right, this gigantic utility knife is fully functional. Not that we would recommend opening too many boxes with it, as youre likely to open up an artery if this monster slips.

We cant imagine there are going to be many others duplicating this project, but regardless [Paul] has done a phenomenal job documenting every step of the build on his site. From cutting the rough shape out on his bandsaw to doing all painstaking detail work, everything is clearly photographed and described. After the break theres ev...

00:38

Chinese Electric Carmaker NIO Eyes $1.8 Billion IPO In US "IndyWatch Feed Tech"

Chinese electric carmaker NIO has filed for a $1.8 billion initial public offering in the United States as the burgeoning company seeks to compete with US rival Tesla. NIO is one of dozens of new automakers to crop up in China as policymakers in Beijing push an all-electric future for the world's largest auto market.

American, Japanese and European auto giants dominate sales of combustion engine vehicles in China, but homegrown firms unencumbered by the billions sunk into refining gasoline engines are in the driver's seat when it comes to electric cars.

While Tesla chief Elon Musk is in talks with Saudi Arabia's sovereign wealth fund and other investors to take his company private, NIO filed papers at the US Securities and Exchange Commission on Monday to go public.

But the upstart Chinese automaker faces a long road ahead for its proposed float of up to $1.8 billion on the New York Stock Exchange. The company had delivered only 481 of its first mass production electric SUV model the ES8 by the end of July, with reservations and deposits in place for an additional 17,000.


Original Submission

Read more of this story at SoylentNews.

00:10

Ixia delivers visibility into all traffic in virtual workloads in private cloud environments "IndyWatch Feed Tech"

Keysight Technologies announced Cloud Sensor vTap, a new feature of CloudLens from Ixia, a Keysight Business. Cloud Sensor vTap enables organizations to manage their security risk in private and hybrid cloud environments, such as Microsoft Azure Stack, with visibility into East-West traffic without requiring access. The increase in cloud adoption has heightened the need for securing data, applications, and workloads that reside in any cloud-based environment. In fact, in a recent Ixia survey, Lack of More

The post Ixia delivers visibility into all traffic in virtual workloads in private cloud environments appeared first on Help Net Security.

00:10

CSI launches open API platform to provide secure connections to data "IndyWatch Feed Tech"

Computer Services introduces CSIbridge, an open application programming interface (API) platform, to give banks the power to build custom technology integrations that maximize efficiency and enhance competitiveness. CSIbridge provides a platform that banks and third-party providers can use to access data for ancillary solutions. CSI customers can take advantage of the open API platform to customize and release new services through pre-built APIs into banking features. Customers continue to expect more and more from their More

The post CSI launches open API platform to provide secure connections to data appeared first on Help Net Security.

00:09

PTC launches cybersecurity collaboration initiative for more secure and resilient IoT deployments "IndyWatch Feed Tech"

Continuing its commitment to promoting shared responsibility for safe and secure IoT deployments, PTC has unveiled a Coordinated Vulnerability Disclosure (CVD) Program. The new program is designed to support the reporting and remediation of security vulnerabilities that could affect the environments in which PTC products operate, including industrial and safety-critical industries. The CVD Program is a component of PTCs Shared Responsibility Model, which defines a framework for cybersecurity collaboration with customers, partners, and others within More

The post PTC launches cybersecurity collaboration initiative for more secure and resilient IoT deployments appeared first on Help Net Security.

00:09

Lockpath partners with RapidRatings to increase third-party risk visibility "IndyWatch Feed Tech"

Lockpath announced a new partnership with RapidRatings. This partnership aims to further risk management technology by broadening its scope to provide third-party risk visibility that includes financial health analytics. The partnership will include a technology integration of RapidRatings Financial Health Rating within Lockpaths Keylight Platform, a governance, integrated risk management and compliance (GRC) solution. This integration will benefit joint customers, who will be able to garner a view of the risk posed to them by More

The post Lockpath partners with RapidRatings to increase third-party risk visibility appeared first on Help Net Security.

00:08

EZShield acquires IdentityForce "IndyWatch Feed Tech"

EZShield announced it has acquired IdentityForce. The acquisition expands EZShields identity protection ecosystem by nearly 50 percent, providing partners in every industry, businesses of all sizes, and consumers with secure capabilities and restoration services. The pervasiveness of cyber fraud incidents and data breaches is estimated to cost $6 trillion annually by 2021. IdentityForce is a trusted, top-ranked leader in identity theft protection and their business is comprised of a highly customer-centric team of experts who More

The post EZShield acquires IdentityForce appeared first on Help Net Security.

Wednesday, 15 August

23:30

Broadband ADC with X-point switch - Un-paralleled Flexibility in Multi-channel RF applications "IndyWatch Feed Tech"

One flexible ADC for multiple complex RF applications

The AQ600 is a high speed, broadband analog to digital convertor comprised of four 12-bit, 1.5 Gsps cores linked to a flexible wideband cross point switch (CPS). The device offers an input signal bandwidth up to 8 GHz (extended bandwidth mode) enabling direct sampling in high order Nyquist zones.

The CPS allows the ADC cores to sample in either synchronous (in phase) or time interleaving modes. A high-performance clock and synchronization system manages fine timing both within the device and across multi-devices. Thus, designers gain a free-hand in operating the part as a 4-channel ADC at 1.5 Gsps, a 2-channel device sampling at 3 Gsps or combining all four channels to sample a single channel at 6 Gsps.

Output data is formatted for transmission using the ESIstream, low overhead, low latency, open source serial digital interface operating at up to 12 Gbps.

Key topics

  1. A quick architectural overview - Whats different about the AQ600?

  2. The benefits of an integrated high performance cross point switch

  3. Wideband operation enables high order Nyquist zone direct sampling

  4. Programmable device features key controls and trimming facilitated by the SPI interface

  5. Where will it be used and why?

PRESENTER:
 
 

Mark Holdaway, electronic engineer and technical content producer

Marks career has revolved around analog ICs. Much of that time working on high performance, signal path applications. Formative years were spent as an application engineer with National Semiconductor (now part of TI) in the UK followed by a transfer to Munich as marketing manager.

He enjoyed a career defining stint as marketing director with start-up Xignal, successfully helping define and launch the first, multi-channel, continuous time delta sigma (CTDS) ADC for portable medical ultrasound.

Throughout his career, Mark has been driven to write about technology and today dedicates time crafting multimedia technical content. At Teledyne e2v hes helping explain their innovative data convertors....

23:13

SpaceX's Falcon Heavy Could Launch Japanese and European Payloads to Lunar Orbital Platform-Gateway "IndyWatch Feed Tech"

SpaceX's Falcon Heavy eyed by Europe/Japan

According to RussianSpaceWeb, SpaceX's Falcon Heavy rocket is under serious consideration for launches of major European and Japanese payloads associated with the Lunar Orbital Platform-Gateway (formerly the Deep Space Gateway).

[...] Regardless of the LOPG's existential merits, a lot of energy (and money) is currently being funneled into planning and initial hardware development for the lunar station's various modular segments. JAXA is currently analyzing ways to resupply LOPG and its crew complement with its HTV-X cargo spacecraft, currently targeting its first annual ISS resupply mission by the end of 2021. While JAXA will use its own domestic H-III rocket to launch HTV-X to the ISS, that rocket simply is not powerful enough to place a minimum of ~10,000 kg (22,000 lb) on a trans-lunar insertion (TLI) trajectory. As such, JAXA is examining SpaceX's Falcon Heavy as a prime (and affordable) option: by recovering both side boosters on SpaceX's drone ships and sacrificing the rocket's center core, a 2/3rds-reusable Falcon Heavy should be able to send as much as 20,000 kg to TLI (lunar orbit), according to comments made by CEO Elon Musk.

That impressive performance would also be needed for another LOPG payload, this time for ESA's 5-6 ton European System Providing Refueling Infrastructure and Telecommunications (ESPRIT) lunar station module. That component is unlikely to reach launch readiness before 2024, but ESA is already considering Falcon Heavy (over its own Ariane 6 rocket) in order to save some of the module's propellant. Weighing 6 metric tons at most, Falcon Heavy could most likely launch ESPRIT while still recovering all three of its booster stages.

Previously: NASA's Chief of Human Spaceflight Rules Out Use of Falcon Heavy for Lunar Station...

22:24

[$] The Data Transfer Project "IndyWatch Feed Tech"

Social networks are typically walled gardens; users of a service can interact with other users and their content, but cannot see or interact with data stored in competing services. Beyond that, though, these walled gardens have generally made it difficult or impossible to decide to switch to a competitorall of the user's data is locked into a particular site. Over time, that has been changing to some extent, but a new project has the potential to make it straightforward to switch to a new service without losing everything. The Data Transfer Project (DTP) is a collaborative project between several internet heavyweights that wants to "create an open-source, service-to-service data portability platform".

22:22

Google releases archive of online political ads "IndyWatch Feed Tech"

Google has released a library of political advertisements purchased on its platforms, revealing how much groups are spending on online campaign efforts and where theyre focusing.The archive is a new part of the company's regular...

22:15

How to update source tree at /usr/src using svn on FreeBSD "IndyWatch Feed Tech"

I compiled custom FreeBSD kernel for my FreeBSD jail to use vnet. How do I update my FreeBSD /usr/src/ code tree? How can I update source tree at /usr/src on FreeBSD using svn command to patch and compile kernel again?

The post How to update source tree at /usr/src using svn on FreeBSD appeared first on nixCraft.

22:10

New Intel chip flaw Foreshadow attacks SGX technology to extract sensitive data "IndyWatch Feed Tech"

By Waqas

Security fraternity is still dealing with the adverse consequences and versatile range of threats caused by the Spectre and Meltdown vulnerabilities. But, to add to their misery, there is another possibly worst hardware flaw detected by security researchers in Intel chips. This flaw, dubbed as Foreshadow, can obtain information even from the most secured components []

This is a post from HackRead.com Read the original post: New Intel chip flaw Foreshadow attacks SGX technology to extract sensitive data

22:00

Dont Forget Your Mints When Using This Synthesizer "IndyWatch Feed Tech"

While synthesizers in the music world are incredibly common, theyre not all keyboard-based instruments as you might be imagining. Especially if youre trying to get a specific feel or sound from a synthesizer in order to mimic a real instrument, there might be a better style synth that you can use. One of these types is the breath controller, a synthesizer specifically built to mimic the sound of wind instruments using the actual breath from a physical person. Available breath controllers can be pricey, though, so [Andrey] built his own.

To build the synthesizer, [Andrey] used a melodica hose and mouthpiece connected to a pressure sensor. He then built a condenser circuit on a custom Arduino shield and plugged it all into an Arduino Mega (although he notes that this is a bit of overkill). From there, the Arduino needed to be programmed to act as a MIDI device and to interact with the pressure sensor, and he was well on his way to a wind instrument synthesizer.

The beauty of synthesizers is not just in their ability to match the look and sound of existing instruments but to do things beyond the realm of traditional instruments as well, sometimes for a greatly reduced price point.

21:52

Intel Begins Teasing Their Discrete Graphics Card "IndyWatch Feed Tech"

Don't expect the Intel discrete gamer graphics card to come until 2020, but with the SIGGRAPH graphics conference happening this week in Vancouver, they have begun teasing their first PCI Express graphics card...

21:33

New Law Bans U.S. Government from Buying Equipment from Chinese Telecom Giants ZTE and Huawei "IndyWatch Feed Tech"

President Trump yesterday signed a defense funding bill that included a sweeping ban on the US government using technology supplied by Chinese telecommunications giants ZTE and Huawei. The bill also includes a narrower ban on using surveillance gear provided by Chinese companies Hytera Communications, Hangzhou Hikvision Digital Technology, or Dahua Technology for national security applications.

The legislation directs federal agencies to stop using the Chinese-made hardware within two years. If that proves impractical, an agency can apply for a waiver to permit a longer phase-out period.

Previously: Verizon Cancels Plans to Sell Huawei Phone Due to U.S. Government Pressure
U.S. Intelligence Agency Heads Warn Against Using Huawei and ZTE Products
The U.S. Intelligence Community's Demonization of Huawei Remains Highly Hypocritical
Huawei CEO Still Committed to the U.S. Market
Rural Wireless Association Opposes U.S. Government Ban on Huawei and ZTE Equipment
ZTE Suspends Operations Due to U.S. Ban (UPDATED)


Original Submission

Read more of this story at SoylentNews.

21:31

The U.S. Needs a Cyber Force More Than a Space Force "IndyWatch Feed Tech"

Agree?


Trump shouldnt be ridiculed for looking to the heavens, but a more urgent threat looms.

21:24

Google One launches with cheaper cloud storage plans "IndyWatch Feed Tech"

For some reason, Google is rebranding Google Drive storage plans under the name Google One. Along with the rebranding, Google is also improving its pricing in ways that give customers more options and more storage at lower prices. It marks the services first price cut in four years.

Google One plans start at the same place as Google Drive plans $1.99 per month for 100GB of additional storage but the situation improves after that. Google is introducing a new $2.99-per-month tier, which includes 200GB of storage, and its upgrading the $9.99-per-month tier to include 2TB of storage instead of 1TB.

We signed up for a 2TB storage option to try out Google One. The process is simple, you just head into Google Drive and click on Storage, then Upgrade Storage, to bring up all the possible upgrades.

21:23

Google Needs To Come Clean About Its Chinese Plans "IndyWatch Feed Tech"

In 2010, EFF and many other organizations praised Google for refusing to sacrifice the companys values for access to the Chinese market. At the time, this move followed public backlash and several attacks on Googles infrastructure that targeted the personal data of several prominent Chinese human rights activists. Googles departure from China showed that strong core values in fundamental human rights could beat out short-term economic gain in the calculus of an Internet company.

But now it seems the company has reversed course.

This news comes amid other reports of American tech giants compromising values to enter or remain within China: Facebook has piloted a censored version of its own platform, and Apple recently faced criticism for moving its customers' data into China-hosted servers, and adding code to filter the Taiwanese flag emoji in Chinese locales.

Within China, Googles direct competitor, Baidu, has been facing a significant amount of social, regulatory, and economic backlash over recent advertising malpractice, such as monetizing questionable medical advertisements, heavily deprioritizing non-Baidu services, and allegedly promoting phishing sites. There may well be...

21:22

Phoronix Test Suite 8.2 M2 Released With Offline Improvements, L1TF/Foreshadow Reporting "IndyWatch Feed Tech"

The second development snapshot of the upcoming Phoronix Test Suite 8.2-Rakkestad to benchmark to your heart's delight on Linux, macOS, Windows, Solaris, and BSD platforms from embedded/SBC systems to cloud and servers...

21:22

AI can peer pressure you, too "IndyWatch Feed Tech"

A new study finds children are particularly susceptible to the influence of AI.

21:19

Twitter restricts Infowars account "IndyWatch Feed Tech"

Twitter has restricted the account of the right-wing conspiracy show Infowars just hours after taking action against its host, Alex Jones.The Infowars account will be restricted from tweeting, but will still be able to browse Twitter and send direct...

21:16

Telling the Truth About Defects in Technology Should Never, Ever, Ever Be Illegal. EVER. "IndyWatch Feed Tech"

Congress has never made a law saying, "Corporations should get to decide who gets to publish truthful information about defects in their products," and the First Amendment wouldn't allow such a law but that hasn't stopped corporations from conjuring one out of thin air, and then defending it as though it was a natural right they'd had all along.

Some background: in 1986, Ronald Reagan, spooked by the Matthew Broderick movie Wargames (true story!) worked with Congress to pass a sweeping cybercrime bill called the Computer Fraud and Abuse Act (CFAA) that was exceedingly sloppily drafted. CFAA makes it a felony to "exceed[] authorized access" on someone else's computer in many instances.

Fast forward to 1998, when Bill Clinton and his Congress enacted the Digital Millennium Copyright Act (DMCA), a giant, gnarly hairball of digital copyright law that included section 1201, which bans bypassing any "technological measure" that "effectively controls access" to copyrighted works, or "traffic[ing]" in devices or services that bypass digital locks.

Notice that neither of these laws bans disclosure of defects, including security disclosures! But decades later, corporate lawyers and federal prosecutors have constructed a body of legal precedents that twist these overbroad laws into a rule that effectively gives corporations the power to decide who gets to tell the truth about flaws and bugs in their products.

Businesses and prosecutors have brought civil and criminal actions against researchers and whistleblowers who violated a company's terms of service in the process of discovering a defect. The argument goes like this: "Our terms of service ban probing our system for security defects. When you login to our server for that purpose, you 'exceed your authorization,' and that violates the Computer Fraud and Abuse Act."

Likewise, businesses and prosecutors have used Section 1201 of the DMCA to attack researchers who exposed defects in software and hardware. Here's how that argument goes: "We designed our products with a lock that you have to get around to discover the defects in our software. Since our software is copyrighted, that lock is an 'access control for a copyrighted work' and that means that your research is prohibited, and any publication you make explaining how to replicate your findings is illegal speech, because helping other people get around our locks is 'trafficking.'"

The First Amendment would certainly not allow Cong...

21:00

Widespread Instagram Hack Locking Users Out of Their Accounts "IndyWatch Feed Tech"

Instagram has been hit by a widespread hacking campaign that appears to stem from Russia and have affected hundreds of users over the past week, leaving them locked out of their accounts. A growing number of Instagram users are taking to social media, including Twitter and Reddit, to report a mysterious hack which involves locking them out of their account with their email addresses changed to

20:45

VKMS Coming In Linux 4.19 Is One Of The Best GSoC & Outreachy Projects Of The Year "IndyWatch Feed Tech"

One of the student summer coding projects that ended up being a cross between Google Summer of Code (GSoC) and Outreachy was the VKMS driver to provide a virtual KMS implementation for headless systems and other interesting use-cases...

20:44

Yuneecs latest drone comes with 4K shooting, voice controls, and face detection "IndyWatch Feed Tech"

Yuneecs Mantis Q is a foldable drone that features 4K, voice controls, face detection, and 33 minutes of battery life. Its available for preorder now.

20:43

This alga may be seeding the worlds skies with clouds "IndyWatch Feed Tech"

After some of these microbes die, their calcium shells make their way into sea air.

20:43

This one particle could solve five mega-mysteries of physics "IndyWatch Feed Tech"

Forget the Higgs: theorists have uncovered a missing link that explains dark matter, what happened in the big bang and more. Now theyre racing to find it.

By Michael Brooks

911? Its an emergency. The most important particle in the universe is missing. Florian Goertz knows this isnt a case for the police, but he is still waiting impatiently for a response. This 911 isnt a phone number, but a building on the northern edge of the worlds biggest particle accelerator.

20:43

Researchers suggest phonons may have mass and perhaps negative gravity "IndyWatch Feed Tech"

A trio of physicists with Columbia University is making waves with a new theory about phononsthey suggest they might have negative mass, and because of that, have negative gravity. Angelo Esposito, Rafael Krichevsky and Alberto Nicolis have written a paper to support their theory, including the math, and have uploaded it to the xrXiv preprint server.

Most theories depict waves as more of a collective event than as physical things. They are seen as the movement of molecules bumping against each other like balls on a pool tablethe energy of one ball knocking the next, and so onany motion in one direction is offset by motion in the opposite direction. In such a model, sound has no mass, and thus cannot be impacted by . But there may be more to the story. In their paper, the researchers suggest that the current theory does not fully explain everything that has been observed.

In recent years, physicists have come up with a word to describe the behavior of at a very small scalethe phonon. It describes the way sound vibrations cause complicated interactions with molecules, which allows the sound to propagate. The term has been useful because it allows for applying principles to sound that have previously been applied to actual particles. But no one has suggested that they actually are particles, which means they should not have mass. In this new effort, the researchers suggest the phonon could have negative , and because of that, could also have negative gravity.

20:42

Cant get out of bed? NASA picked the perfect songs to wake up its Mars rover "IndyWatch Feed Tech"

NASA engineers have crafted a themed playlist to greet their sleeping Opportunity rover on Mars, which lost power in a Martian dust storm in June.

20:40

Networking vendors patch against new cryptographic attack "IndyWatch Feed Tech"

Vulnerable IPSec IKE implementations used in Cisco, Huawei, ZyXel and Clavister networking devices can allow attackers to retrieve session keys and decrypt connections, researchers have found. The attack Dennis Felsch, Martin Grothe and Jrg Schwenk from Ruhr-Universitt Bochum, and Adam Czubak and Marcin Szymanek of the University of Opole are scheduled to demonstrate the new attack this week at the USENIX Security Symposium in Baltimore. In the meantime, they published a paper about their discovery. More

The post Networking vendors patch against new cryptographic attack appeared first on Help Net Security.

20:30

Rover V2 Handles Stairs as Easily as the Outdoors "IndyWatch Feed Tech"

Rover V2 is an open-source, 3D-printable robotic rover platform that has seen a lot of evolution and development from its creator, [tlalexander]. There are a number of interesting things about Rover V2s design, such as the way the wheel hubs themselves contain motors and custom planetary gearboxes. This system is compact and keeps weight down low to the ground, which helps keep a rover stable. The platform is all wheel drive, and moving parts like the suspension are kept high up, as far away from the ground as possible. Software is a custom Python stack running on a Raspberry Pi that provides basic control.

The Rover V2 is a full mechanical redesign of the previous version, which caught our attention with its intricate planetary gearing inside the wheel hubs. [tlalexander]s goal is to create a robust, reliable rover platform for development that, thanks to its design, can be mostly 3D printed and requires a minimum of specialized hardware.

The HackadayPrize2018 is Sponsored by:

20:22

India to launch its first manned space mission by 2022 "IndyWatch Feed Tech"

The countrys space agency plans to send a crew of three on a mission within 40 months.

20:12

Email Phishers Using New Way to Bypass Microsoft Office 365 Protections "IndyWatch Feed Tech"

Phishing works no matter how hard a company tries to protect its customers or employees. Security researchers have been warning of a new phishing attack that cybercriminals and email scammers are using in the wild to bypass the Advanced Threat Protection (ATP) mechanism implemented by widely used email services like Microsoft Office 365. Microsoft Office 365 is an all-in-solution for users

20:02

Weird circles in the sky may be signs of a universe before ours "IndyWatch Feed Tech"

By Chelsea Whyte

Swirling patterns in the sky may be signs of black holes that survived the destruction of a universe before the big bang.

What we claim were seeing is the final remnant after a black hole has evaporated away in the previous aeon, says Roger Penrose, a mathematical physicist at the University of Oxford.

19:50

Hundreds of Instagram accounts were hijacked in a coordinated attack "IndyWatch Feed Tech"

Hundreds of Instagram accounts were hijacked in what appears to be the result of a coordinated attack, all the accounts share common signs of compromise.

Alleged attackers have hijacked Instagram accounts and modified personal information making impossible to restore the accounts.

The number of Instagram accounts that was hacked has increased since the beginning of August, all the victims were logged out of their accounts, their personal and contact information were deleted, personal email address was changed.

The attackers changed victims email addresses with one associated to a Russian domain (.ru).

The media outlet Mashable first reported the spike in the account takeover.

Like half a dozen other hacking victims who spoke with Mashable, her profile photo had been changed, as had all the contact information linked to the account, which was now linked to an email with a .ru Russian domain. reported Mashable.

Megan and Kristas experiences are not isolated cases. They are two of hundreds of Instagram users who have reported similar attacks since the beginning of the month.

More than 5,000 tweets from 899 accounts were mentioning Instagram hacks in the last seven days, many users have been desperately tweeting at Instagrams Twitter account requesting support.

Numerous reports of hacks were reported on Reddit, and Mashable reported a Google Trends search that shows a spike in searches for Instagram hacked on Aug. 8, and again on Aug. 11.

Instagram accounts hacked

Instagram hacked accounts have had their profile photos changed with D...

19:44

A Small Team of Student AI Coders Beats Google's Machine-Learning Code "IndyWatch Feed Tech"

Submitted via IRC for SoyCow1984

Students from Fast.ai, a small organization that runs free machine-learning courses online, just created an AI algorithm that outperforms code from Google's researchers, according to an important benchmark.

Fast.ai's success is important because it sometimes seems as if only those with huge resources can do advanced AI research.

Fast.ai consists of part-time students keen to try their hand at machine learningand perhaps transition into a career in data science. It rents access to computers in Amazon's cloud.

But Fast.ai's team built an algorithm that beats Google's code, as measured using a benchmark called DAWNBench, from researchers at Stanford. This benchmark uses a common image classification task to track the speed of a deep-learning algorithm per dollar of compute power.

Google's researchers topped the previous rankings, in a category for training on several machines, using a custom-built collection its own chips designed specifically for machine learning. The Fast.ai team was able to produce something even faster, on roughly equivalent hardware.

"State-of-the-art results are not the exclusive domain of big companies," says Jeremy Howard, one of Fast.ai's founders and a prominent AI entrepreneur. Howard and his cofounder, Rachel Thomas, created Fast.ai to make AI more accessible and less exclusive.

Source: https://www.technologyreview.com/s/611858/small-team-of-ai-coders-beats-googles-code/


Original Submission

Read more of this story at SoylentNews.

19:33

Crypto Updates Sent In For Linux 4.19 Kernel, Speck Is Still In The Kernel "IndyWatch Feed Tech"

The Linux kernel's crypto subsystem updates were sent out today with its new feature work for the Linux 4.19 kernel. One change we were curious to see was whether they were going to nuke the Speck cipher code, but they did not...

19:02

SpaceX seeks approval for Starlink internet tests on high-performance govt. planes "IndyWatch Feed Tech"

According to updated regulatory documents and recent Aviation Week interviews with the US Air Force Research Laboratory, it can be all but guaranteed that the USAF has begun working with SpaceX to test the feasibility of using the companys planned Starlink satellite internet constellation for military communications purposes.

In early August, SpaceX updated regulatory documents required by the Federal Communications Commission (FCC) for the company to be permitted to experimental test its two prototype Starlink internet satellites, named Tintin A and B. Launched roughly six months ago as a copassenger on one of SpaceXs own Falcon 9 rockets, the satellite duo has been quietly performing a broad range of tests on orbit, particularly focused on general satellite operations, orbital maneuvering with SpaceXs own custom-built electric propulsion, and most importantly the experimental satellites cutting-edge communications capabilities.

The orbit histories of @SpaceXs Tintin A/B Starlink prototype satellites, launched in February! Some thoroughly intriguing differences in behavior over the six months theyve spent on-orbit. Data and visualizations generated by the lovely http://CalSky.com. pic.twitter.com/a8CfQaZJep

19:01

Track Everything, Everywhere with an IoT Barcode Scanner "IndyWatch Feed Tech"

Ive always considered barcodes to be one of those invisible innovations that profoundly changed the world. What we might recognize as modern barcodes were originally designed as a labor-saving device in the rail and retail industries, but were quickly adopted by factories for automation, hospitals to help prevent medication errors, and a wide variety of other industries to track the movements of goods.

Medication errors in hospitals are serious and scary: enter the humble barcode to save lives. Source: The State and Trends of Barcode, RFID, Biometric and Pharmacy Automation Technologies in US Hospitals

The technology is accessible, since all you really need is a printer to make barcodes. If youre already printing packaging for a product, it only costs you ink, or perhaps a small sticker. Barcodes are so ubiquitous that weve ceased noticing them; as an experiment I took a moment to count all of them on my (cluttered) desk I found 43 and probably didnt find them all.

Despite that, Ive only used them in exactly one project: a consultant and friend of mine asked me to build a reference database out of his fairly extensive library. I had a tablet with a camera in 2011, and used it to scan the ISBN barcodes to a list. That list was used to get the information needed to automatically enter the reference to a simple database, all I had to do was quickly verify that it was...

18:35

Europeans Take Upload Filter Protests to The Streets "IndyWatch Feed Tech"

After years of careful planning and negotiating, the European Parliament was ready to vote on its new copyright directive last month.

With backing from large political factions and pretty much the entire entertainment industry, many assumed that proposal would pass.

They were wrong.

The Copyright Directive was sent back to the drawing board following protests from legal scholars, Internet gurus, activists, and many members of the public. Article 13, often referred to as the upload filter proposal, was at the center of this pushback.

The vote was a massive blow to those who put their hope on the EUs proposed copyright changes. Following the failure of SOPA and ACTA, this was another disappointment, which triggered several entertainment industry insiders to call foul play.

They claimed that the grassroots protests were driven by automated tools, which spammed Members of Parliament were with protest messages, noting that large tech companies such as Google were partly behind this.

This narrative is gaining attention from the mainstream media, and there are even calls for a criminal investigation into the matter.

Opponents of the upload filters clearly disagree. In part triggered by the criticism, but more importantly, to ensure that copyright reform proposals will change for the better, they plan to move the protests to the streets of Europe later this month.

Julia Reda, the Pirate Partys Member of European Parliament, is calling people to join these protests, to have their voices heard, and to show the critics that there are real people behind the opposition.

We havent won yet. After their initial shock at losing the vote in July, the proponents of upload filters and the link tax have come up with a convenient narrative to downplay the massive public opposition they faced, Reda writes.

Theyre claiming the protest was all fake, generated by bots and orchestrated by big internet companies. According to them, Europeans dont actually care about their freedom of expression. We dont actually care about EU lawmaking enough to make our voices heard. We will just stand idly by a...

18:29

OpenSSH Username Enumeration "IndyWatch Feed Tech"

Posted by Qualys Security Advisory on Aug 15

Hi all,

We sent the following email to openssh () openssh com and
distros () vs openwall org about an hour ago, and it was decided that we
should send it to oss-security () lists openwall com right away (as far as
we know, no CVE has been assigned to this issue yet):

========================================================================

While reviewing the latest OpenSSH commits, we stumbled across:...

18:27

Google Pixel 3XL design and specs revealed in a massive leak "IndyWatch Feed Tech"

Leaked video of Google Pixel 3XL shows 6.7-Inch QHD+ Screen and a Triple-Camera Setup

Googles upcoming flagships, Pixel 3 and Pixel 3XL is expected to be released this October. However, a new unboxing video has revealed Pixel 3XL in its entirety. A Ukrainian blogger by the name Ivan Luchkov has posted a video of a white Pixel 3XL that uses the AnTuTu app. This reveals specifications, in-box content, and more regarding the forthcoming third-gen Pixel smartphone. The same blogger had earlier posted an unboxing video of Pixel 3XL confirming the addition of USB-C headphones.

Watch the leaked video Of Pixel 3XL specifications:

The video reveals that the Pixel 3XL will have a massive 6.7-inch screen. This is 0.7-inches bigger than the Pixel 2XL and 0.3-inches bigger than the newly launched Galaxy Note 9. The Pixel 3XL is the largest mass-market smartphone ever made. Other specs reveal that the phone will have a 29601440 display and 494ppi. It will come with 4GB of RAM and 64GB of non-expandable onboard storage. The device is also shown running Android 9.0 Pie out of the box and a Snapdragon 845 chipset.

The Pixel 3 XL will apparently boast three front-facing cameras, all of which are 8.1MP. It will also have a single 12.2 MP camera on the rear. The device is by a 3,430mAH battery, which is disappointingly smaller than the 3,520mAh battery included in Pixel 2 XL.

Images from the unboxing video also reveal that the Pixel 3 XL will come with a USB-C cable, USB adapter, 3.5mm adapter, and a pair of headphones that looks similar to Pixel Buds with a USB-C connector.

Since the Pixel 3 XL is still in the processing stage, there are chances that the hardware and features may vary when the Pixel 3 XL is finally launched.

Source: Android Police

The post Google Pixel 3XL design and specs revealed in a massive leak appeared first on TechWorm.

18:23

Links 15/8/2018: Akademy 2018 Wrapups and More Intel Defects "IndyWatch Feed Tech"

GNOME bluefish

Contents

GNU/Linux

18:11

AT&T hit with $224M lawsuit over cryptocurrency loss "IndyWatch Feed Tech"

Cryptocurrency investor Michael Terpin on Wednesday filed a $224 million lawsuit against AT&T, accusing the telecommunications company of gross negligence, fraud and other violations after millions in online currency were allegedly...

18:11

Xen Security Advisory 274 v3 (CVE-2018-14678) - Linux: Uninitialized state in x86 PV failsafe callback path "IndyWatch Feed Tech"

Posted by Xen . org security team on Aug 15

Xen Security Advisory CVE-2018-14678 / XSA-274

Linux: Uninitialized state in x86 PV failsafe callback path

UPDATES IN VERSION 3
====================

Fix spelling in CREDITS.

ISSUE DESCRIPTION
=================

Linux has a `failsafe` callback, invoked by Xen under certain
conditions. Normally in this failsafe callback, error_entry is paired
with error_exit; and error_entry uses %ebx...

18:11

OpenSSL (1.1.0g) Key Sniffed From Radio Signal "IndyWatch Feed Tech"

If you missed the OpenSSL update released in May, go back and get it: a Georgia Tech team recovered a 2048-bit RSA key from OpenSSL using smartphone processor radio emissions, in a single pass.

The good news is that their attack was on OpenSSL 1.1.0g, which was released last November, and the library has been updated since then. Dubbed One&Done, the attack was carried out by Georgia tech's Monjur Alam, Haider Adnan Khan, Moumita Dey, Nishith Sinha, Robert Callan, Alenka Zajic, and Milos Prvulovic.

The researchers only needed a simple and relatively low cost Ettus USRP B200 mini receiver (costing less than $1,000/900/800) to capture the revealing radio noise from a Samsung Galaxy phone, an Alcatel Ideal phone, and a A13-OLinuXino single-board computer.

In Georgia Tech's announcement, the group explained that its attack is the first to crack OpenSSL without exploiting cache timing or organisation.

[...] The good news is that not only was mitigation relatively simple, it improved OpenSSL's performance. Our mitigation relies on obtaining all the bits that belong to one window at once, rather than extracting the bits one at a time, the paper stated. For the attacker, this means that there are now billions of possibilities for the value to be extracted from the signal, while the number of signal samples available for this recovery is similar to what was originally used for making a binary (single-bit) decision.

This mitigation results in a slight improvement in execution time of the exponentiation, the paper continued.

Here's the link to the group's upcoming Usenix talk.


Original Submission

Read more of this story at SoylentNews.

18:00

Friday Hack Chat: LED Diffusion "IndyWatch Feed Tech"

A decade ago, the first Arduino projects featuring addressable RGB LEDs came on the scene, and the world hasnt been the same since. Now we have full wall video displays with WS2812s and APA102s, wearable blinky, and entire suits of armor made of LEDs. The future is bright, and in RGB.

For this weeks Hack Chat, were going to be talking all about how to maintain the blinky without eye-searing brightness. Its the LED Diffusion Hack Chat, full of tips and tricks on how to get the glowey without it being imprinted on your retina.

Our guest for this weeks Hack Chat is the incredible Becky Stern. Becky is one of the most prolific makers around and has a long history of fabricating some really, really cool stuff. Shes published hundreds of tutorials on everything from microcontrollers to computerized knitting machines, and has been featured by dozens of media outlets including the BBC, CNN, The Late Show with Colbert, VICE, and Forbes. Right now, shes working at Autodesk with Instructables.

During this Hack Chat, were going to be talking all about diffusing LEDs, with topics including:

  • Taking some san...

17:50

Mesa 18.2-RC3 Released With Two Dozen Fixes "IndyWatch Feed Tech"

Mesa 18.2 as the next quarterly feature release to the contained OpenGL/Vulkan drivers is about two weeks out if all goes well, but today for testing Mesa 18.2-RC3 is now available...

17:48

New Network 2030 Group Asks: What Comes After 5G? "IndyWatch Feed Tech"

The ITU focus group wants to make sure the backbone of every network can support future demand for data

5G report logo, link to report landing page

If you listen to the hype about 5G, with its promises of self-driving vehicles and immersive virtual reality, it doesnt take long to realize how much data the coming generation of wireless will require. But have engineers been so preoccupied with delivering low-latency networks to feed data-hungry applications that theyve forgotten about the rest of our vast, tangled telecommunications network? 

That concern has sparked some researchers to start thinking about where all that data will go after it travels from your phone to the nearest cell tower.

The International Telecommunication Union, an agency of the United Nations that coordinates telecom infrastructure between countries, recently launched a new focus group to, in part, address an emerging imbalance in our wireless communications. The group, Network 2030more accurately, the ITU-T Focus Group Technologies for Network 2030 (FG NET-2030)will explore ways to close the growing gap between the fixed and mobile components of future communications networks.

The fixed side and the mobile side are both parts of the unified system that sends information to all of our wireless devices. Even so, Richard Li, the chief scientist of future networks at Huawei and the chairman of the ITU Network 2030 group, sees enough of a distinction to consider them as two separate components. And that distinction is where he sees problems beginning to emerge.

Think of the mobile side as the antennas and radio waves that directly deliver data to our devices. This is the side that has gotten a lot of attention in recent years with the advent of 5G, along with beamforming, massive MIMO, and millimeter waves. The fixed side is everything elseincluding antennas to beam data wirelessly between two fixed points, and also the cables, fibers, and switches that handle the va...

...

17:43

Smart consumption management system for energy-efficient industrial companies "IndyWatch Feed Tech"

Energy use in industrial buildings continues to skyrocket, contributing to the negative impact on global warming and Earths natural resources. An EU initiative introduced a disruptive system thats able to reduce electricity consumption in the industrial sector.

Using energy efficiently helps industry save money, conserve resources and tackle climate change. ISO 50001 supports companies in all sectors to use energy more efficiently through the development of an system. It calls on the to integrate energy management into their overall efforts for improving quality and environmental management. Companies can perform several actions to successfully implement this new international standard, including creating policies for more efficient energy use, identifying significant areas of and targeting reductions.

17:43

Liquid battery could lead to flexible energy storage "IndyWatch Feed Tech"

A new type of energy storage system could revolutionise energy storage and drop the charging time of electric cars from hours to seconds.

In a new paper published today in the journal Nature Chemistry, chemists from the University of Glasgow discuss how they developed a system using a nano-molecule that can store electric power or giving a new type of hybrid storage system that can be used as a flow battery or for hydrogen storage.

Their hybrid-electric-hydrogen flow battery, based upon the design of a nanoscale battery molecule can store energy, releasing the power on demand as electric power or hydrogen gas that can be used a fuel. When a concentrated liquid containing the nano-molecules is made, the amount of energy it can store increases by almost 10 times. The energy can be released as either electricity or hydrogen gas meaning that the system could be used flexibly in situations that might need either a fuel or .

17:43

European aquaculture to benefit from a better quality of live feed "IndyWatch Feed Tech"

The aquaculture sector is growing, with fish farming being a key way to ensure Europe gets the quality food it needs without exploiting marine resources further. One key problem the industry faces is how to get the immature fish though their first few months one EU project may be about to smooth the way.

Aquaculture is a growing market within the EU, bringing employment and providing a sustainable source of fish at a time when our marine life is under pressure. The main bottle-neck for the production of marine fish is the juvenile phase, especially during the time in which live diets are used. Even the established species, sea bream and sea bass, have a very low survival rate with an average of 25 percent. For new species in aquaculture, such as amberjack and tuna, the mortality is even higher.

The natural first feed for most is crustacean nauplii, the offspring of many types of crustacean zooplankton. Fish larvae is evolutionary adapted to such a diet, and it is believed that this type of prey fulfils the fish larvas nutritional requirements.

17:43

State-of-the-art solar panel recycling plant "IndyWatch Feed Tech"

The German engineering company Geltz Umwelt-Technologie has successfully developed an advanced recycling plant for obsolete or ageing solar panels.

As sales of solar power increase, there is a looming problem that is quite often overlooked: disposing waste from outdated or destroyed . A surge in solar panel disposal is expected to take place in the early 2030s, given the design life of installed around the millennium.

To address this problem before this big disposal wave, the EU has funded the ELSi project. With strong competencies in plant manufacturing and wastewater treatment including , the Geltz Umwelt-Technologie firm has built a test and treatment facility at a large disposal firm to retrieve reusable materials from solar modules.

17:32

Foreshadow Attacks experts found 3 new Intel CPU side-channel flaws "IndyWatch Feed Tech"

Foreshadow Attacks Security researchers disclosed the details of three new speculative execution side-channel attacks that affect Intel processors.

The new flaws, dubbed Foreshadow and L1 Terminal Fault (L1TF), were discovered by two independent research teams.

An attacker could exploit the Foreshadow vulnerabilities attacks to gain access to the sensitive data stored in a computers memory or third-party clouds.

The flaws affect the Intels Core and Xeon processors, they were reported to Intel in January, shortly after the disclosure of Spectre and Meltdown attacks.

The three Foreshadow vulnerabilities are:

  • CVE-2018-3615 that affects the  Intels Software Guard Extensions (SGX);
  • CVE-2018-3620 that affects operating systems and System Management Mode (SMM); 
  • CVE-2018-3646 that affects virtualization software and Virtual Machine Monitors (VMM).

Today, Intel and our industry partners are sharing more details and mitigation information about a recently identified speculative execution side-channel method called L1 Terminal Fault (L1TF). This method affects select microprocessor products supporting Intel Software Guard Extensions (Intel SGX) and was first reported to us by researchers at KU Leuven University*, Technion Israel Institute of Technology*, University of Michigan*, University of Adelaide* and Data61.  reads the post published by Intel

Further research by our security team identified two related applications of L1TF with the potential to impact other microprocessors, operating systems and virtualization software..

Security researchers initially discovered the SGX vulnerability, meanwhile, Intel experts found other two other issues while analyzing the cause of Foreshadow.

All previously known attacks against Intel SGX rely on application-specific information leakage from either sidechannels [30, 39, 45, 51, 57, 58, 60] or software vulnerabilities [38, 59]. It was generally believed that well-written enclaves could prevent information leakage by adhering to good coding practices, such as never branching on secrets, prompting Intel to state that in general, these research papers do not demonstrate anything new or unexpected about the Intel SGX architecture. states the research paper.

[Foreshadow-NG] attacks can potentially be used...

17:31

Arcade Inspired Halloween Candy Dispenser "IndyWatch Feed Tech"

The days are getting shorter and the nights are a little cooler, which can only mean one thing: its officially time to start devising the trials youll put the neighborhood children through this Halloween. For [Randall Hendricks], that means building a new candy dispensing machine to make sure the kids have to work for their sugary reward. After all, wheres the challenge in just walking up and taking some candy from a bowl? These kids need to build character.

[Randall] writes in to share his early work on this years candy contraption which hes based on a popular arcade game called Goal Line Rush. In this skill based game a disc with various prizes spins slowly inside the machine, and the player has a button that will extend an arm from the rear of the disc. The trick is getting the timing right to push the prize off the disc and into the chute. Replace the prizes with some empty calorie balls of high fructose corn syrup, and you get the idea.

Theres still plenty of time before All Hallows Eve, so the machine is understandably still a bit rough. He hasnt started the enclosure yet, and at this point is still finalizing the mechanics. But this early peek looks very promising, and in the video after the break you can see how the machine doles out the goodies.

The disc is rotated by a high torque...

17:23

Lets pray for clear skies "IndyWatch Feed Tech"

The International Space Station (ISS) will be visible to the naked eye in several areas in the country starting tonight!

According to the NASA website, the space station looks like an airplane or a very bright star moving across the sky and moves considerably faster than a typical airplane.

17:22

U.S. $23 trillion will be lost if temperatures rise four degrees by 2100 "IndyWatch Feed Tech"

Imagine something similar to the Great Depression of 1929 hitting the world, but this time it never ends.

Economic modelling suggests this is the reality facing us if we continue emitting greenhouse gases and allowing temperatures to rise unabated.

Economists have largely underestimated the global economic damages from climate change, partly as a result of averaging these effects across countries and regions, but also because the likely behaviour of producers and consumers in a climate change future isnt usually taken into consideration in climate modelling.

17:11

Multiple vulnerabilities in Jenkins "IndyWatch Feed Tech"

Posted by Daniel Beck on Aug 15

Jenkins is an open source automation server which enables developers around
the world to reliably build, test, and deploy their software. The following
releases contain fixes for security vulnerabilities:

* Jenkins weekly 2.138
* Jenkins LTS 2.121.3

Summaries of the vulnerabilities are below. More details, severity, and
attribution can be found here:
https://jenkins.io/security/advisory/2018-08-15/

We provide advance notification for security...

17:03

Indonesia earthquakehow scrap tyres could stop buildings collapsing "IndyWatch Feed Tech"

At the time of writing, 436 people have died following an earthquake in the Indonesian island of Lombok. A further 2,500 people have been hospitalised with serious injuries and over 270,000 people have been displaced.

Earthquakes are one of the deadliest natural disasters, accounting for just 7.5% of such events between 1994 and 2013 but causing 37% of deaths. And, as with all , it isnt the countries that suffer the most earthquakes that see the biggest losses. Instead, the number of people who die in an earthquake is related to how developed the country is.

In Lombok, as in Nepal in 2015, many deaths were caused by the widespread collapse of local rickety houses incapable of withstanding the numerous aftershocks. More generally, low quality buildings and inadequate town planning are the two main reasons why seismic events are more destructive in developing countries.

17:03

New water-splitting technology brings clean hydrogen fuel one step closer "IndyWatch Feed Tech"

In the quest for clean alternative energy sources, hydrogen is a favorite. It releases a lot of energy when burnedwith a bonus: The major byproduct of burning hydrogen is pure water.

The big obstacle has been getting pure in sufficient quantity to burn. So scientists are studying , or HERs, a type of water-splitting technology in which electrodes, covered with catalytic materials, are inserted into water and charged with electricity. The interaction of the electricity, the catalysts and the water produce hydrogen gasa clean fueland clean, breathable oxygen.

Alas, there is a problem: At present, electrodes must be coated with precious, expensive metals, most notably platinum.

17:02

How to conserve half the planet without going hungry "IndyWatch Feed Tech"

Every day there are roughly 386,000 new mouths to feed, and in that same 24 hours, scientists estimate between one and 100 species will go extinct. Thats it. Lost forever.

To deal with the biodiversity crisis we need to find a way to give nature more spacehabitat loss is a key factor driving these extinctions. But how would this affect our food supplies?

New research, published in Nature Sustainability, found it could mean we lose a lot of food but exactly how much really depends on how we choose to give nature that space. Doing it right could mean rethinking how we do agriculture and altogether.

17:02

An Interview With Didier Coeurnelle "IndyWatch Feed Tech"

An interview with Didier Coeurnelle from the Healthy Life Extension Society.


As you might remember, we have recently posted about the Longevity Film Competition, an initiative by HEALES, ILA, and the SENS Research Foundation that encourages supporters of healthy life extension to produce a short film to popularize the subject.

Didier Coeurnelle is a jurist and the co-chair of HEALES, the Healthy Life Extension Society promoting life extension in Europe, as well as a long-standing member of social and environmental movements.

We got in touch with Didier, who serves as co-director of the competition, to ask him about the initiative and to share his thoughts on advocacy in general.

16:55

Security updates for Wednesday "IndyWatch Feed Tech"

Security updates have been issued by CentOS (kernel), Debian (kernel, linux-4.9, postgresql-9.4, and ruby-zip), Fedora (cgit, firefox, knot-resolver, mingw-LibRaw, php-symfony, php-symfony3, php-symfony4, php-zendframework-zend-diactoros, php-zendframework-zend-feed, php-zendframework-zend-http, python2-django1.11, quazip, sox, and thunderbird-enigmail), openSUSE (python-Django and seamonkey), Oracle (kernel), Red Hat (kernel, kernel-rt, and redhat-virtualization-host), Scientific Linux (kernel), Slackware (openssl), SUSE (clamav, firefox, kernel, and samba), and Ubuntu (kernel, libxml2, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-hwe, linux-azure, linux-gcp, linux-lts-trusty, linux-lts-xenial, linux-aws, linux-raspi2, and samba).

16:52

Patch Tuesday, August 2018 Edition "IndyWatch Feed Tech"

Adobe and Microsoft each released security updates for their software on Tuesday. Adobe plugged five security holes in its Flash Player browser plugin. Microsoft pushed 17 updates to fix at least 60 vulnerabilities in Windows and other software, including two zero-day flaws that attackers were already exploiting before Microsoft issued patches to fix them.

According to security firm Ivanti, the first of the two zero-day flaws (CVE-2018-8373) is a critical flaw in Internet Explorer that attackers could use to foist malware on IE users who browse to hacked or booby-trapped sites. The other zero-day is a bug (CVE-2018-8414) in the Windows 10 shell that could allow an attacker to run code of his choice.

Microsoft also patched more variants of the Meltdown/Spectre memory vulnerabilities, collectively dubbed Foreshadow by a team of researchers who discovered and reported the Intel-based flaws. For more information about how Foreshadow works, check out their academic paper (PDF), and/or the video below. Microsofts analysis is here.

One nifty little bug fixed in this patch batch is CVE-2018-8345. It addresses a problem in the way Windows handles shortcut files; ending in the .lnk extension, shortcut files are Windows components that link (hence the lnk extension) easy-to-recognize icons to specific executable programs, and are typically placed on the users Desktop or Start Menu.

That description of a shortcut file was taken verbatim from the first widely read report on what would later be dubbed the Stuxnet...

16:37

Early Japanese Eating Habits Gleaned From Hairs In Old Books "IndyWatch Feed Tech"

The diet and eating habits of earlier civilizations has been inferred from old manuscripts and artwork, but there is always a question as to how representative that is of what the common diet was at the time, in much the same way as whether in a millennia from now one could infer our modern-day diet from surviving ``foodie'' magazines. It is always a bonus when you can have access to direct tissue to analyze. In a recent paper in the Open Access journal Nature Scientific Reports, Atsushi Maruyama and colleagues in Japan acquired a number of book sets produced during the Edo period and they analyzed samples of human hair found in the books. By analyzing the abundances of various carbon and nitrogen isotopes they were able to make inferences about the early Japanese diet.

The covers of such books are made of recycled thick paper, which, for financial reasons, was believed to have been produced soon before book printing, using waste paper collected in the same cities where the books were printed. Because the hairs are embedded in the paper fibres, the hairs are thought to have been mixed accidentally during waste paper collection or blended intentionally for reinforcement during paper production. In either case, the hairs most likely belong to people living in the city and year of book printing, both of which are available from the records (colophon) on the book. Thus, the hairs found in each book, together with the records of time and place, constitute the ideal human tissue samples to reconstruct the eating habits at the time and place of the book printing, using isotope analysis.

They found that people depended upon rice, vegetables, and fish more exclusively than contemporary Japanese people. They also noticed that the levels of nitrogen increased over 200 years, indicating an increase in the contribution of marine fish as both food and fertilizer, which generally confirms what literature-based studies have found.

Atsushi Maruyama, Jun'ichiro Takemura, Hayato Sawada, Takaaki Kaneko, Yukihiro Kohmatsu & Atsushi Iriguchi, Hairs in old books isotopically reconstruct the eating habits of early modern Japan, Scientific Reports volume 8, Article number: 12152 (2018)


Original Submission

Read more of this story at SoylentNews.

16:30

Top 10 Free Movie Download Websites | Watch movies online legally 2018 "IndyWatch Feed Tech"

List of top 10 free movie download websites that are absolutely legal to download HD movies or to watch them online

I am simply a lunatic movie lover, and I guess you too, for you are here! Well, we all love watching movies, dont we? Certainly, that appears to be one of the most amazing ways we can spend our leisure time. Whenever I find the weekend to be near, I get to look for ways to spend my off-time. However, when I switch on to download movies, I tend to dive into immense confusion since there are a plenty of websites, but only a few of them are legal. Keeping this in mind, today I decided to make things clear for you. This ultimately made me come up with a list of top 10 free movie download websites that are absolutely legal, without any doubt!

Crackle

Free Movie Download Websites | Crackle

Crackle is one of the best online movie streaming apps available today. It lets you watch your favorite movies online. This website supports vision in tablets, streaming players, gaming console, smart TVs, and mobiles as well. All you need is to create an account with Crackle. Simply put your device activation code. If you are not much in favor of downloading the movie, Crackle still allows you to watch it online without downloading!

Vimeo

...

16:17

10 Reasons to Attend ONS Europe in September | Registration Deadline Approaching Register & Save $605 "IndyWatch Feed Tech"

Heres a sneak peek at why you need to be at Open Networking Summit Europe in Amsterdam next month! But hurry spots are going quickly. Secure your spot and register by September 1 to save $605.

16:08

Haru: An Experimental Social Robot From Honda Research "IndyWatch Feed Tech"

The Honda Research Institute gives an in-depth look at the design of its newest social robot prototype

Social robots have had it tough recently. There are lots of reasons for this, but a big part of it is that its a challenge to develop a social robot thats able to spark long-term user interest without driving initial expectations impractically high. This isnt just the case for commercial robotssocial robots designed for long-term user interaction studies have the same sorts of issues. The Honda Research Institute is well aware of how tricky this is, and researchers there have been working on the design of a prototype social robot that achieves a balance between human expectation, surface appearance, physical affordance, and robot functionality. Its called Haru, and Honda Research has provided a fascinating and detailed look into how they came up with its design.

A paper on Haru was presented at the ACM/IEEE International Conference on Human Robot Interaction (HRI) earlier this year, and the introduction does a lovely job of presenting why its so important to carefully consider the physical design of social robots intended to interact with humans:

Various studies confirm that human expectations are shaped by the physical attributes of a robot. As a consequence, human expectations can set the bar high depending on the promise it holds as a function of its physical appearance and how this measures up with the robots actual affordances. For example, a six-foot-tall humanoid robot with a futuristic look would turn out be a disappointment if it only performed Q&A tasks and nothing more. This indifference does not impact on the smaller and basic-shaped smart devices, as the simple Q&A task completion of current smart devices is proportional to the simple image they project. The physical and aesthetic elements of a robot require considered design as they affect its prospect of acceptance and long-term adoption. It is essential to foresee in advance the implicit illusionary functionality brought upon by the design of the robots physical affordance, and to strike a balance between this and human expectation. Keeping human expectation low while stoking interest at the same time may prove to be a good strategy.

Its possible that this is not just a good strategy, but the best strategy (or in fact the only strategy). Were tempted to ascribe all kinds of things to robots that look even vaguely human, and thats been one of the issues that social robots have had in the pastenough human-ness that users think theyre more competent than they are. Commercial...

16:01

Stop Using Python 2: What You Need to Know About Python 3 "IndyWatch Feed Tech"

Though Python 3 was released in 2008, many projects are still stuck on Python 2.

Well take you through some of the features that Python 2 programs are missing out on, not only from 3.0 but up to the current release (3.7).

Why Python 3 Happened

Before 2008, Python developers had a bit of a headache. The language that started in the 1989 Christmas holidays as the pet project of Guido van Rossum was now growing at a fast pace. Features had been piled on, and the project was now large enough that earlier design decisions were hindering implementation. Because of this, the process of adding new features was becoming an exercise in hacking around the existing code.

The solution was Python 3: the only release that deliberately broke backwards compatibility. At the time, the decision was controversial. Was it acceptable for a publicly used open source project to purposefully break on older code? Despite the backlash, the decision was taken, giving Guido and the developers a one off chance to clean out redundant code, fix common pitfalls and re-architect the language. The aim was that within Python 3 there would be only one obvious way of doing things. Its testament to the design choices made back then that were still on 3.x releases a decade later.

The __future__ is Now

The __future__ import is a slice of time-travelling wizardry which allows you to summon select features from future releases of Python. In fact, the current Python release, 3.7, contains __future__ imports from releases which havent yet been written!

Ok fine, so its not quite as grandiose as that, a __future__ import is just an explicit indicator of switching on new syntax which is packaged with the current release. We thought wed mention it because a few of the Python 3 features listed below can be __future__ imported and used in 2.6 and 2.7, which were released to coincide with 3.0 and 3.1 respectively. Having said this, upgrading is, of course, still advised as new features are frozen in past releases and will not benefit from the evolution and maintenance of current versions.

Onto what youre missing out on in Python 3

Print is a Function

Yes, we know that most people are aware of this, but its one of t...

15:45

An Early Look At The L1 Terminal Fault "L1TF" Performance Impact On Virtual Machines "IndyWatch Feed Tech"

Yesterday the latest speculative execution vulnerability was disclosed that was akin to Meltdown and is dubbed the L1 Terminal Fault, or "L1TF" for short. Here are some very early benchmarks of the performance impact of the L1TF mitigation on the Linux virtual machine performance when testing the various levels of mitigation as well as the unpatched system performance prior to this vulnerability coming to light.

15:35

5 Jobs Robots Will Never take from Humans "IndyWatch Feed Tech"

Intro

Do robots really come to take over our jobs? The line has been drawn with latest AI breakthrough programmes, like AlphaZero, which is able to beat you in Chess, Go and Shogi, so human worries are never been as real, as they are today. Some still think, that we still have a long road to go, referencing new technologies, that are only implemented at the very beginning stages, like surgical robotics for instance. These people, however, forget, that they are already using automatic cashiers and train sales station assistants as a regular convenience, forgetting that not so long ago these tasks were performed by another human-being and was considered a fully obligated paid job. Is this true then, that every task robot performs is better what human abilities can achieve? With this question in mind, for all of you critics, believers, skeptics and dreamers, today we will talk about certain job skills in which humans can still give AI a good run for their money.

Creativity

This one is a no-brainer yes, machines can actually recognize your face on a photograph, but can they actually paint one? Computer programs are very effective at calculating a viable solution from a number of options, but when it comes to creating their own creative choice they fail miserably. Creating something from scratch is still something that robots are yet to replicate since even we as humans do not fully understand what makes our brain spark with a new idea. Experts are getting robots to make some works of art, recipes and even inspirational quotes, but the end results are, well, mixed, to say the least. All of this means, that any job that is heavily based on a creative process, like musicians, writers, entrepreneurs, etc. can stop breathing heavily they can safely bet for being untouched for a long while.
...

15:11

Sex extortion emails now quoting part of their victims phone number "IndyWatch Feed Tech"

Some computer users are reporting that they have received a new type of extortion email in their inbox, which - in an attempt to scare them into giving in to demands for money - quotes part of their phone number.

But where are the blackmailers getting the phone number from?

15:02

Universal Method to Sort Complex Information Found "IndyWatch Feed Tech"

The nearest neighbor problem asks where a new point fits in to an existing data set. A few researchers set out to prove that there was no universal way to solve it. Instead, they found such a way.

If you were opening a coffee shop, there's a question you'd want answered: Where's the next closest cafe? This information would help you understand your competition.

This scenario is an example of a type of problem widely studied in computer science called "nearest neighbor" search. It asks, given a data set and a new data point, which point in your existing data is closest to your new point? It's a question that comes up in many everyday situations in areas such as genomics research, image searches and Spotify recommendations.

And unlike the coffee shop example, nearest neighbor questions are often very hard to answer. Over the past few decades, top minds in computer science have applied themselves to finding a better way to solve the problem. In particular, they've tried to address complications that arise because different data sets can use very different definitions of what it means for two points to be "close" to one another.

Now, a team of computer scientists has come up with a radically new way of solving nearest neighbor problems. In a pair of papers, five computer scientists have elaborated the first general-purpose method of solving nearest neighbor questions for complex data.


Original Submission

Read more of this story at SoylentNews.

14:33

Russian trolls had burst of activity for pro-Trump website: report "IndyWatch Feed Tech"

Russian social media operatives stepped up activity last year to boost a website known for inaccurate content favorable toward President Trump, eight months after carrying out a disinformation campaign during the 2016 campaign.Bloomberg...

14:33

A Git Origin Story "IndyWatch Feed Tech"

A look at Linux kernel developers' various revision control solutions through the years, Linus Torvalds' decision to use BitKeeper and the controversy that followed, and how Git came to be created.

14:17

Why Locking Down the Kernel Wont Stall Linux Improvements "IndyWatch Feed Tech"

The Linux Kernel Hardening Project is making significant strides in reducing vulnerabilities and increasing the effort required to exploit vulnerabilities that remain. Much of what has been implemented is obviously valuable, but sometimes the benefit is more subtle. In some cases, changes with clear merit face opposition because of performance issues. In other instances, the amount of code change required can be prohibitive. Sometimes the cost of additional security development overwhelms the value expected from it.

13:52

PUBG Mobile Lite APK Download | How To Install It "IndyWatch Feed Tech"

How to download PUBG Mobile Lite APK and install it

PUBG Mobile lite Well, this game needs to introduction. You might have heard about this in the past few weeks. Every gaming channel on youtube or even your friends are talking about this. There are plenty of reasons why this game became so famous. It was first launched for desktops and PCs only but this year it was launched for smartphones too. This did a great welfare to all game lovers out there. They quickly downloaded it from the play store and even before you realize its popularity, it went viral like a hell. So in this article, we are providing you with the best way to download and install PUBG.

Download PUBG Mobile lite using Apk File

Yes, you can download PUBG using an APK file. There are two popular APK sites which have highest ranking regarding PUBG download.

  1. ApkPure
  2. ApkMirror

You can directly move to the download sections of PUBG just by clicking these website names Above.

Procedure on how to install PUBG Mobile lite: (Apkpure version)

  • Download the APKPure app
  • Search for PUBG Mobile app and download the APK file
  • Once downloaded, install the PUBG Mobile Lite APK on your smartphone
  • Before you can play the game, you need a VPN to connect to the Philippines server in order to enter a battle royale. (We used X-VPN and had to buy a premium subscription to unlock the Philippines location in order to play PUBG Mobile Lite. However, you can download any other VPN which can set your location in the Philippines).
  • Once youve set your location, you can connect to the local server and start a match.

Procedure on how to install: (Apkmirror version)

  • Simply follow the link above ApkMirror

Another way to download PUBG Is using Google Play store

In this method, you just need to download PUBG like you do for other games.

  • Open Play store...

13:49

64-bit ARM Changes For Linux 4.19 Has "A Bunch Of Good Stuff" "IndyWatch Feed Tech"

Will Deacon submitted the 64-bit ARM (ARM64/AArch64) changes on Tuesday for the Linux 4.19 kernel merge window...

13:28

How to install Fortnite for android ? | APK Download "IndyWatch Feed Tech"

How you can download Fortnite APK and install it

Fortnite made disaster in the smartphone gaming industry when it was first launched on iOS. But now it even did more to Android users. As we all know that this game was exclusively launched for only Samsung devices before. But that exclusivity lasted no longer. After a few days, an Apk file was available in the market targeting non-Samsung devices too. Allowing other users to download and install fortnite on their devices. Now anyone can get an access to this game. You can also get access by simply downloading this game from the link provided just below this article.

So after the tremendous success of PUBG, many gamers have shifted towards this masterpiece. The reason is pretty simple, this game has a great potential. I personally played it and felt this game is better than PUBG in terms of performance and graphics. Well, you can try your taste by following the installation guide below:-

Few things to remember before Installing this game (Fortnite):

1. Avoid Playstore

If you are thinking to download this game from official google play store then you are just wasting your time. This game is only available on Fornites official website or on apk website (Link just below this article).

2. Check your device

Check your device first. If you have a compatible Samsung device then you dont need to do anything much. Just simply download Fortnite right away, either through the Samsung Game Launcher or Epics website. In order to check if your device is compatible or not visit Download Fornite for android.

3. Sign Up for the waiting list

4. Waiting for Invite

In this part, all you patience skills will be tested to its core. Some people are getting invites early and some are just waiting for the beautiful moment when they receive e-mail notification via Epic Games. Since the craze and hipe of this game have increased t...

13:25

Systematic Analysis Reduces One Chicago Location's Parking Tickets by 50% "IndyWatch Feed Tech"

Utilizing FOIA and some clever software Mr. Chapman quickly identifies a troubled spot for parking in Chicago and gets results!

http://mchap.io/using-foia-data-and-unix-to-halve-major-source-of-parking-tickets.html

The story relates how the author used Freedom of Information Act requests to gather raw data on parking tickets issued in Chicago. What he received was a semicolon-delimited text file containing a great number of data entry errors. The author outlines the steps taken to clean and extract data on a likely problematic parking location. Armed with this data, he visited the location and discovered very confusing signage. He reported this to the city, who rectified the signage. This led to a 50 percent decrease in the number of tickets issued for that location.

I immediately asked myself three things

1. How much more effective has that corner become?
2. Who's grumbling about the loss of revenue?
3. What would happen if more of us did this very thing?


Original Submission

Read more of this story at SoylentNews.

13:00

A Remotely Controlled Kindle Page Turner "IndyWatch Feed Tech"

One of the biggest advantages of e-readers such as the Kindle is the fact that it doesnt weigh as much as a traditional hardcover book, much less the thousands of books it can hold in digital form. Which is especially nice if you drop the thing on your face while reading in bed. But as light and easy to use as the Kindle is, you still need to hold it in your hands and interact with it like some kind of a babys toy.

Looking for a way to operate the Kindle without having to go through the exhaustive effort of raising their hand, [abm513] designed and built a clip-on device that makes using Amazons e-reader even easier. At the press of a button, the device knocks on the edge of the screen which advances the book to the next page. Going back a page will still require you to extend your meaty digit, but thats your own fault for standing in the way of progress.

The 3D printed case holds an Arduino and RF receiver, as well as a small servo to power the karate-chop action. Theres no battery inside, meaning the device needs to stay plugged in via a micro USB connection on the back of the case. But lets be honest: if youre the kind of person who has a remote-controlled Kindle, you probably arent leaving the house anytime soon.

To...

12:56

Machine Learning Could Help Identify Author of an Anonymous Code "IndyWatch Feed Tech"

Machine Learning Algorithm That De-anonymizes Programmers From Source Code And Binaries

Researchers have found that machine learning can be used to help identify pieces of codes, binaries, and exploits written by anonymous programmers, according to Wired. In other words, machine learning can de-anonymize programmers from source-code or binary form.

The study was presented by Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadts former Ph.D. student and now an assistant professor at George Washington University, at the DefCon hacking experience.

How To De-Anonymize Code

According to the researchers, the code written in the programming language is not completely anonymous. The abstract syntax trees contain stylistic fingerprints that can be used to potentially identify programmers from code and binaries.

In order to study the binary experiment, the researchers examined code samples in machine learning algorithms and removed all the features such as choice of words used, how to organize codes and length of the code. They then narrowed the features to only include the ones that actually differentiate developers from each other.

Examples of a programmers work are fed into the AI where it studies the coding structure. This approach trains an algorithm to recognize a programmers coding structure based on examples of their work.

For the testing, Caliskan and the other researchers used code samples from Googles annual Code Jam competition. It was found that 83% of the time, the AI was successful in identifying the programmers from the sample size.

Where can it be used?

This approach could be used for identifying malware creators or investigating instances of hacks. It can also be used to find out if students studying programming stole codes from others, or whether a developer violated a non-compete clause in their employment contract.

Privacy Implications

However, this approach could have privacy implications, especially for those thousands of developers who contribute open-source code to the world and choose to remain anonymous for certain reasons.

Future Work

Greenstadt and Caliskan plan to study how other factors might affect a persons coding style. For instance, questions such as what happens w...

12:49

DRM Updates Sent In For Linux 4.19 With New VKMS Driver, Intel Icelake Work "IndyWatch Feed Tech"

David Airlie has submitted the Direct Rendering Manager (DRM) updates for the Linux 4.19 kernel merge window with these various open-source graphics/display driver updates...

12:42

Surfing the internet with your mind seems to be a great step forward "IndyWatch Feed Tech"

The implications are mind-boggling, oh yes.


Check out what MIT media lab does using bone conduction technology.

#technology #future #internet #biotechnology #communication #immersiveleaks

12:28

Top Linux Developers' Recommended Programming Books "IndyWatch Feed Tech"

Without question, Linux was created by brilliant programmers who employed good computer science knowledge. Let the Linux programmers whose names you know share the books that got them started and the technology references they recommend for today's developers. How many of them have you read?

12:08

Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) "IndyWatch Feed Tech"

Posted by Marcus Meissner on Aug 15

Hi,

no.

SegmentSmack affects TCP segments,
FragmentSmack affects IP fragments (lower protocol level).

Ciao, Marcus

11:48

New Bugs Leave Millions of Phones Vulnerable to Hackers "IndyWatch Feed Tech"

Submitted via IRC for BoyceMagooglyMonkey

Research funded by the Department of Homeland Security has found a "slew" of vulnerabilities in mobile devices offered by the four major U.S. cell phone carriers, including loopholes that may allow a hacker to gain access to a user's data, emails, text messages without the owner's knowledge.

The flaws allow a user "to escalate privileges and take over the device," Vincent Sritapan, a program manager at the Department of Homeland Security's Science and Technology Directorate told Fifth Domain during the Black Hat conference in Las Vegas.

The vulnerabilities are built into devices before a customer purchases the phone. Researchers said it is not clear if hackers have exploited the loophole yet.

Department of Homeland Security officials declined to say which manufacturers have the underlying vulnerabilities.

Millions of users in the U.S. are likely at risk, a source familiar with the research said, although the total number is not clear.

Because of the size of the market, it is likely that government officials are also at risk. The vulnerabilities are not limited to the U.S.

Researchers are expected to announce more details about the flaws later in the week.

Source: https://www.fifthdomain.com/show-reporters/black-hat/2018/08/07/manufacturing-bugs-allow-millions-of-phones-to-be-taken-over-dhs-project-to-announce/


Original Submission

Read more of this story at SoylentNews.

11:38

The Linux Benchmarking Continues On The Threadripper 2950X & 2990WX "IndyWatch Feed Tech"

While I haven't posted any new Threadripper 2950X/2990WX benchmarks since the embargo expired on Monday with the Threadripper 2 Linux review and some Windows 10 vs. Linux benchmarks, tests have continued under Linux -- as well as FreeBSD...

11:28

Former Microsoft Engineer Gets Prison for Role in Reveton Ransomware "IndyWatch Feed Tech"

A former Microsoft network engineer who was charged in April this year has now been sentenced to 18 months in prison after pleading guilty to money laundering in connection with the Reveton ransomware. Reveton malware is old ransomware, also known as scareware or police ransomware that instead of encrypting files locks the screen of victims computers and displays a message purporting to come

11:25

CodeWeavers Joins The Khronos Group Along With IKEA "IndyWatch Feed Tech"

In addition to the many technical accomplishments of Khronos this week at SIGGRAPH 2018, they were also celebrating the milestone of crossing 140 members to this industry standards group...

11:20

Antiquated Patenting Trick: Adding Words Like Apparatus to Make Abstract Ideas Look/Sound Like They Pertain to or Contain a Device "IndyWatch Feed Tech"

Apparatus

Summary: 35 U.S.C. 101 (Section 101) still maintains that abstract ideas are not patent-eligible; so applicants and law firms go out of their way to make their ideas seem as though theyre physical

THE examiners at the USPTO have been instructed (as per Section 101/Alice and examination guidelines) not to grant abstract patents, which include software patents. This means that applicants and the law firms whom they pay to game the system will go out of their way to rephrase things, making life harder for examiners.

RichmondBizSenses patent listings, published only a few hours ago, include Method and apparatus for context based data analytics (analysis or analytics using algorithms).

We certainly hope that examiners are clever enough to spot these tricks; the underlying algorithms do not depend on a device and arent strictly tied to any; they can run on any general-purpose computer.Notice how they titled it; apparatus is just the same old trick (like device) for making abstract ideas seem physical. Lawyers tricks like these fool the examiners. Device, at least in the EPO, is the weasel word quite often used to make patents look less as such (or per se as they phrase it in India). We certainly hope that examiners are clever enough to spot these tricks; the underlying algorithms do not depend on a device and arent strictly tied to any; they can run on any general-purpose computer.

Watchtrolls latest attack on 35 U.S.C. 101 (this time Jeremy Doerre again, for the second time in a week) shows that patent quality is the real threat to these maximalists/extremists. They dislike justice, love litigation, and Section 101 is therefore a threat to them. Maybe they will just attack SC...

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog