IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Tuesday, 26 September

18:58

XPCTRA financial malware leaves no stone unturned "IndyWatch Feed Tech"

A Trojan that has previously been only stealing users banking credentials has been modified to do much more than that. This new variant, dubbed XPCTRA, can also steal users credentials for bitcoin cryptocurrency wallet Blockchain.info, online e-payment service PerfectMoney, e-wallet provider Neteller, as well as email credentials. The XPCTRA financial malware threat The threat was discovered and analyzed by Morphus Labs CRO (and SANS ISC incident handler) Renato Marinho, who says that the sample he More

15:30

Sophisticated threats? Its usually the basic ones that get you "IndyWatch Feed Tech"

To listen to the headlines, the threats we face today are so sophisticated and intense, they can only be evaded with the help of artificial intelligence and machine learning. Losing sleep over zero-day cyber APTs launched by nation states? You shouldnt be. Its much more likely to be a common password or an off-the-shelf web app attack that puts you at the mercy of hackers. If you want to protect your business, youre better off More

15:00

Three out of four DDoS attacks target multiple vectors "IndyWatch Feed Tech"

Three out of every four DDoS attacks employed blended, multi-vector approaches in the second quarter of 2017, according to Nexusguard. Distribution of DDoS attack vectors The quarterly report, which measured more than 8,300 attacks, demonstrated that hackers continued to rely on volumetric attacks to overwhelm system resources. For example, UDP-based attacks increased by 15 percent this quarter, targeting hijacked devices connected to the IoT, and overtaking SYN, HTTP Flood and other popular volumetric attacks in More

14:30

macOS High Sierra is now available "IndyWatch Feed Tech"

Apple macOS High Sierra is now available as a free update from the Mac App Store, and it supports all Macs introduced in late 2009 or later. Apple File System (APFS) APFS is a new, advanced storage architecture providing an extensible foundation to support new features and future storage technologies on the Mac. APFS brings support for the latest high-capacity storage devices and delivers enhanced performance, security and reliability. With APFS, common operations such as More

13:02

ImageMagick : CVE-2017-14741 : Infinite loop in ReadCAPTIONImage "IndyWatch Feed Tech"

Posted by NOIRFATE on Sep 26

Description:The ReadCAPTIONImage function in coders/caption.c in ImageMagick allows attackers to cause a denial of
service (infinite loop) via a crafted font file.Affected version:ImageMagick 7.0.7-3 (maybe previous versions are
affected as well)Fixed version:ImageMagick 7.0.7-4Commit
fix:...

13:00

Chess Robots Got the Moves "IndyWatch Feed Tech"

[RoboAvatar]s Chess Robot consists of a gantry-mounted arm that picks up chess pieces and places them in their new location, as directed by the software. The game begins when the human, playing white, makes a move. When a play has been made, the human player presses a button to let the robot to take its turn. You can see it in action in the videos weve posted below the break.

Running the robot is an Arduino UNO with a MUX shield as well as a pair of MCP23017 I/O expander chips a total of 93 pins available! Thanks to all those pins, the Arduino is able to listen to 64 reed switches, one for every square.

The robot detects the humans move by listening to its reed switches and identifying when there is a change. The gantry consists of X and Y tracks made out of PVC slabs, with half-inch lead screws turned by NEMA-23s and powered by ST-6600 stepper drivers.

Unlike some chess robots that rely on pre-existing software, this one features a custom minimax chess algorithm that [RoboAvatar] coded himself. It consists of Python scripts run on a computer, which interacts with the Arduino via a serial connection. In the second video, he explains how his algorithm works. You can also download the Arduino and Python files from [RoboAvatar]s GitHub repository.

Youd be surprised how many chess-playing robots weve published, like the ChessM8 robot and this voice-controlled chess robot.


Filed under: Arduino Hacks

13:00

Advisory: Git cvsserver OS Command Injection "IndyWatch Feed Tech"

Posted by joernchen on Sep 26

Hi,

see attached advisory.

Cheers,

joernchen

12:54

Ohio Bill Would Ban Abortion when a Prenatal Test is Positive for Down Syndrome "IndyWatch Feed Tech"

http://www.pressherald.com/2017/09/24/ohio-bill-would-bar-abortion-when-prenatal-test-is-positive-for-down-syndrome/

an Ohio bill [would] ban abortions in cases where a pregnant woman has had a positive test result or prenatal diagnosis indicating Down syndrome. Physicians convicted of performing an abortion under such circumstances could be charged with a fourth-degree felony, stripped of their medical license and held liable for legal damages. The pregnant woman would face no criminal liability.

Several other states have considered similar measures, triggering emotional debate over women's rights, parental love, and the trust between doctor and patient.

The Ohio bill's chief Senate sponsor, Republican Sen. Frank LaRose, said Republican lawmakers accelerated the measure after hearing a mid-August CBS News report on Iceland's high rate of abortions in cases involving Down syndrome. The report asserted Iceland had come close to "eradicating" such births.

Read more of this story at SoylentNews.

12:22

Mir Continues Pushing Ahead With Wayland Client Support "IndyWatch Feed Tech"

It hasn't been this exciting watching the Mir Bazaar repository since Mir was first announced...

12:14

macOS' APFS File-System Performing Much Better Than The Dated HFS+ "IndyWatch Feed Tech"

I'm currently running some macOS 10.13 vs. Linux benchmarks for publishing within the next day or two on Phoronix. But so far in my macOS 10.12 Sierra vs. macOS 10.13 High Sierra benchmarks, what has stood out the most is the file-system performance due to HFS+ file-systems automatically being converted to the Apple File-System (APFS)...

11:57

NVIDIA Officially Launches CUDA 9.0 "IndyWatch Feed Tech"

NVIDIA has kicked off their GTC world tour and in beginning that, they have launched the CUDA 9.0 toolkit...

11:50

Stack Overflow launches salary calculator for developers "IndyWatch Feed Tech"

Stack Overflow introduces salary calculator to check how much your skills are worth

Stack Overflow, the popular developer community that offers a question-and-answer site for coders, has unveiled a new salary calculator that lets developers know how much they should be earning on the basis of role, location, education level, experience, and areas of expertise.

Called the Stack Overflow Salary Calculator, this is based on a survey that the company conducted earlier this year, which saw about 65,000 developers respond to a variety of questions.

The great thing about multiple linear regression is it allows us to control for, all other things being equal, how much does using some technology make your salary go up? All other things being equal, how much does an extra year of experience make your salary go up? So thats the real power of the statistical approach that weve taken here, says Stack Overflow.

We did this because we believe developers should be empowered with more information around job searches, careers, and salary. In fact, we know that developers want more salary information to make better choices about their careers.

Job listings that include salary information receive 75 percent more clicks that those that dont. In fact, even in cases when the salary described in the ad was below average, the ads still get 60 percent more clicks, compared to ads that didnt have salary information mentioned.

One of the biggest factors in how much a developer is paid is where she or he lives and works, says Stack Overflow. For instance, the median salary in the U.S. is considerably higher than in Canada, Germany, UK or France. Based on Stack Overflows data, a developer with five years of experience could earn, on average, around $34,000 more in the U.S. than in Canada, Germany or the UK and $47,000 more than in Germany.

Not only this, there is a visible difference in salaries between major cities in the same country. For instance, where a backend Java developer with no Bachelors degree and one year of experience can earn between $66,000 and $94,000 in New York, the same developer could earn between $74,000 and $105,000 in San Francisco. The calculator also offers an optional technologies field with tags for key technologies, frameworks and platforms.

Besides skills and location, the salary of a developer also depends on his or her role. According to Stack Overflows survey data, the highest median salaries go to developers working in DevOps, followed by data scientist, embedded applications/devices developer, quality-assurance engineer, web developer, mobile developer, desktop applications developer, systems administrator, database administrator, graphics programming and graphic designer.

Stack Overflow also found...

11:42

Maker of graphics cards to supply Alibaba, Baidu, Tencent with chips that run AI five times faster "IndyWatch Feed Tech"

The new Nvidia Volta GPU computing platform is designed to accelerate AI for a broad range of enterprise and consumer applications, and will be adopted by Alibaba Cloud, Baidu, and Tencent in their data centres and cloud-service infrastructures, Nvidia said on Tuesday.


The new chip is claimed to be up to five times more powerful than the current Pascal-based chips deployed by the Chinese firms.

PUBLISHED : Tuesday, 26 September, 2017, 2:04pm.

UPDATED : Tuesday, 26 September, 2017, 4:00pm.

11:38

Numerous email accounts exposed after Deloitte got hacked "IndyWatch Feed Tech"

All the top notch and most renowned firms and websites are becoming vulnerable to severe hacking attacks these days. This time it is an auditing and global taxation firm known as Deloitte. As a private firm established in the U.S., it is often ranked amongst the top four accountancy firms around the globe. Deloitte offers

The post Numerous email accounts exposed after Deloitte got hacked appeared first on Hacker News Bulletin | Find the Latest Hackers News.

11:36

Unsigned apps can dump the full OS keychain, including your plaintext passwords "IndyWatch Feed Tech"

The researchers tested the exploit on Sierra and High Sierra, but he confirmed that El Capitan appears vulnerable as well. This issue is not a High Sierra specific vulnerability.

The researchers shared a video that shows how an unsigned application can exfiltrate sensitive data from the macOS Keychain, including plaintext passwords.

OS keychain hack

What does your attack do?
A: I discovered a flaw where malicious non-privileged code (or apps) could programmatically access the keychain and dump all this data . including your plain text passwords. This is not something that is supposed to happen! :( explained Wardle.

It interesting to note that the attack does not require root permissions. The attack does require...

11:22

Uber Boss Dara Khosrowshahi Apologises after London Ban "IndyWatch Feed Tech"

Mr Khosrowshahi, who took over at the firm less than a month ago, wrote: "While Uber has revolutionised the way people move in cities around the world, it's equally true that we've got things wrong along the way.

[...] In a letter addressed to Londoners, the new boss said the firm "won't be perfect, but we will listen to you".

"On behalf of everyone at Uber globally, I apologise for the mistakes we've made."

[...] Mr Khan, who is also chairman of TfL [Transport for London], told the BBC: "What you can't do is have a situation where unfair pressure is brought on a quasi-judicial body, where there are officials working incredibly hard.

"I appreciate Uber has an army of PR experts, I appreciate Uber has an army of lawyers - they've also made aggressive threats about taking us to court."

Wielding the coercive power of government is stressful enough without people fighting back?


Original Submission

Read more of this story at SoylentNews.

11:17

Julia Reda MEP Likened to Nazi in Sweeping Anti-Pirate Rant "IndyWatch Feed Tech"

The debate over copyright and enforcement thereof is often polarized, with staunch supporters on one side, objectors firmly on the other, and never the twain shall meet.

As a result, there have been some heated battles over the years, with pro-copyright bodies accusing pirates of theft and pirates accusing pro-copyright bodies of monopolistic tendencies. While neither claim is particularly pleasant, they have become staples of this prolonged war of words and as such, many have become desensitized to their original impact.

This morning, however, musician and staunch pro-copyright activist David Lowery published an article which pours huge amounts of gas on the fire. The headline goes straight for the jugular, asking: Why is it Every Time We Turn Over a Pirate Rock White Nationalists, Nazis and Bigots Scurry Out?

Lowerys opening gambit in his piece on The Trichordist is that one only has to scratch below the surface of the torrent and piracy world in order to find people aligned with the above-mentioned groups.

Why is it every time we dig a little deeper into the pro-piracy and torrenting movement we find key figures associated with white nationalists, Nazi memorabilia collectors, actual Nazis or other similar bigots? And why on earth do politicians, journalists and academics sing the praises of these people? Lowery asks.

To prove his point, the Camper Van Beethoven musician digs up the fact that former Pirate Bay financier Carl Lndstrom had some fairly unsavory neo-fascist views. While this is not in doubt, Lowery is about 10 tens years too late if he wants to tar The Pirate Bay with the extremist brush.

Its called guilt by association, Pirate Bay co-founder Peter Sunde explained in 2007.

One of our previous ISPs [owned by Lndstrom] (with clients like The Red Cross, Save the Children foundation etc) gave us cheap bandwidth since one of the guys in TPB worked there; and one of the owners [has a reputation] for his political opinions. That does NOT make us in any way associated to what political views anyone else might or might not have.

After dealing with TPB but failing to include the above explanation, Lowery moves on to a more recent target, Megaupload founder Kim Dotcom. Dotcom owns an extremely rare signed copy of Hitlers autobiographical manifesto, Mein Kampf (My Struggle) and once wore a German World War II helmet. Its a mistake Prince Harry made in 2005 too.

Ive bought memorabilia from Churchill, from Stali...

10:02

MD: Ive Seen Cases of Vaccine Injury for 40 Years "IndyWatch Feed Tech"



That is the point is it not? If a patient walked into your practice exhibiting leprosy, you would expect a profound public health response. Here we have exactly that happening over and over again to completely healthy children. Where any single stand alone doctor can connect the dots.

Then we have the deliberate refusal to perform basic science itself. Any papers such as exist are in fact fraud.

The whole vaccination meme is likely wrong.  Think about that.  Does it make sense to ingest anything whatsoever directly into the blood stream?  The conditions should be extraordinary.  Then we find a range of chemicals, none of which we would ingest into our stomachs either and at least there the tools exist to eliminate the problem.

Complaining about mercury in our fish and then injecting it is bizarre.

Vaccination may have actually worked for child hood diseases but then did they?  Or was it superior sanitation that eliminated the pool? And just how much is needed?

What really disturbs me is the low level of robust healthy children among the vaccinated..

 
MD: Ive Seen Cases of Vaccine Injury for 40 Years


http://humansarefree.com/2017/09/md-ive-seen-cases-of-vaccine-injury-for.html#more

Australian doctor exposes vaccine damage, stands up to government/media attacks. Here is what he w...

10:00

Emulate ICs in Python "IndyWatch Feed Tech"

Most people who want to simulate logic ICs will use Verilog, VHDL, or System Verilog. Not [hsoft]. He wanted to use Python, and wrote a simple Python framework for doing just that. You can find the code on GitHub, and there is an ASCII video that wont embed here at Hackaday, but which you can view at ASCIInema.

Below the break we have an example of constructing a circuit in Python using ICemu:

dec = SN74HC138()
sr1 = CD74AC164()
sr2 = CD74AC164()
mcu_pin = OutputPin('PB4')

sr1.pin_CP.wire_to(dec.pin_Y0)
sr2.pin_CP.wire_to(dec.pin_Y1)
sr1.pin_DS1.wire_to(mcu_pin)
sr2.pin_DS1.wire_to(mcu_pin)

print(dec.asciiart())
     _______
   A>|- U +|>Y7
   B>|-   +|>Y6
   C>|-   +|>Y5
 G2A>|-   +|>Y4
 G2B>|-   +|>Y3
  G1>|+   +|>Y2
  Y0<|-___+|>Y1

Note that the + and signs show the current state of the pin.

Useful? Depends. If you are using Python anyway or trying to integrate with other Python code or even another language that binds with Python it might be useful. On the other hand, if you dont have a reason to use Python, you will probably get more help, examples, and jobs by learning Verilog or another conventional hardware definition language. If you insist, you might consider using Python that can synthesize to an FPGA, at least.


Filed under: software hacks

09:49

Scientists Create Buoyant Aluminum "IndyWatch Feed Tech"

http://aluminiuminsider.com/researchers-confirm-discovery-floating-aluminium/

Like most common metals, aluminium lacks natural buoyancy. However, with a little rearranging of the metals natural molecular structure, one can produce an ultra-light crystalline form of the metal that is actually less dense than water and, as a result, floats upon it.

Research conducted by Utah State University Department of Chemistry and Biochemistry professor Alexander Boldyrev and published in the latest issue of The Journal of Physical Chemistry C has yielded just such a crystalline form using computational modeling.

My colleagues approach to this challenge was very innovative, explained Boldyrev. They started with a known crystal lattice, in this case, a diamond, and substituted every carbon atom with an aluminum tetrahedron.

Boldyrevs colleagues, namely Iliya Getmanskii, Vitaliy Koval, Rusian Minyaev, and Vladimir Minkin of Southern Federal University in Rostov-on Don, Russia, confirmed the structure which is metastable and has a density of 0.61 grams per cubic centimeter. By comparison, conventional aluminium possesses a density of 2.7 grams per cubic centimeter.


Original Submission

Read more of this story at SoylentNews.

09:47

Even More Evidence That Russian Was Meddling in the 2016 US Election "IndyWatch Feed Tech"

Evidence that Russian hackers attempted to interfere with the 2016 US Election continues to pile up, DHS notified states whose systems were hit by APTs.

Evidence that Russia attempted to interfere with the 2016 US Election continues to pile up.
Rumours started almost as soon as the 2016 US Election was completed, individuals with the White House have been questioned and even Facebook identified ad campaigns funded by Russian-linked groups that appear targeted to sway voter opinions. This week we find out that the Department of Homeland Security (DHS) has notified election officials in at least 21 states that they were targeted by Russian-linked groups during the 2016 US Election.

In February of 2017, several States accused the DHS of trying to hack their state electoral systems during the previous months. Indiana, Ohio, Georgia, Idaho all claimed that the DHS had performed security scans of their networks without permission. Kentucky and West Virginia also reported evidence of DHS security scans but said that the work was previously authorized. It seems that the scans were not originated by the DHS but by Russian-linked hacking groups.

2016 US Election

In June of 2017, DHS cybersecurity official Jeanette Manfra confirmed that the Department had determined as early as October 2016, that Internet-connected election-related networks, including websites, in 21 states were potentially targeted by Russian government cyber actors. In a US Senate Intelligence Committee hearing in July, DHS officials claimed, ...

09:36

[security bulletin] HPESBGN03773 rev.1 - HPE Application Performance Management (BSM), Remote Code Execution "IndyWatch Feed Tech"

Posted by swpmb . cyber-psrt on Sep 26

https://softwaresupport.hpe.com/km/KM02960811

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM02960811
Version: 1

HPESBGN03773 rev.1 - HPE Application Performance Management (BSM), Remote
Code Execution

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2017-09-25
Last Updated: 2017-09-25

Potential Security...

09:33

Re: Linux kernel CVEs not mentioned on oss-security "IndyWatch Feed Tech"

Posted by Greg KH on Sep 26

Define "all" :)

Anyway, as many people know, there are various reasons why the kernel
security team works the way it works, let's not debate that issue again
please.

But it turns out it's not all written down anywhere in one place, for
people to easily understand, so I've started to do so. I'm giving a
talk about this very topic tomorrow at a conference, and should be
turning it into a document sometime in the...

09:09

Re: Linux kernel CVEs not mentioned on oss-security "IndyWatch Feed Tech"

Posted by Agostino Sarubbo on Sep 26

This certainly does not answer to the original question, but upstream should
consider to do something like ffmpeg does here:
https://www.ffmpeg.org/security.html

I guess this would be benefit for all.

09:05

binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c) "IndyWatch Feed Tech"

Posted by Agostino Sarubbo on Sep 26

Description:
binutils is a set of tools necessary to build programs.

The complete ASan output of the issue:

# nm -A -a -l -S -s --special-syms --synthetic --with-symbol-versions -D $FILE
==40547==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61a000000574 at pc 0x0000004c1ca8 bp 0x7ffc34f58d10
sp 0x7ffc34f584c0
WRITE of size 6 at 0x61a000000574 thread T0
#0 0x4c1ca7 in __asan_memcpy...

09:02

Re: Linux kernel CVEs not mentioned on oss-security "IndyWatch Feed Tech"

Posted by Moritz Muehlenhoff on Sep 26

Priedhorsky, Reid wrote:

No, it's not. oss-security is just another mailing list to report security vulnerabilities,
and not a canonical source.

This Debian repo has data on all public kernel vulnerabilities affecting
the mainline Linux kernel: https://anonscm.debian.org/viewvc/kernel-sec/

Cheers,
Moritz

09:00

7 Suppressed Technologies That Could Have Changed the World "IndyWatch Feed Tech"


 
  We have reviewed most of this material and can confirm one thing.  My Cloud Cosmology opens a theoretical framework for all of it and it becomes no surprise that empirical work could have arrived at these end points. Our own ignorance is actually trained into us and is so pervasive that it is believed by most of our teachers as well. Anyone following my work is well aware that so called free energy is no more than the induced decay of Dark Matter neutralized free electrons to produce ample safe radiation energy to flood target circuits.  This nicely conserves the Law of Conservation of Energy.  Rather important if you hope to count it up.
Recent work has confirmed that 98 % of the apparent gravity of our galaxy is related to this Dark matter.  My work shows that we live in an ocean of Dark Matter and are passing through it at around 8 m/s.  Our observed third tier matter  acts as a holding apparatus for Dark Matter. We have covered the Nazi UFO narrative here as well. The claim of eye witness reports over major cities is unexpected and provides huge confirmation of the material available if true.



7 Suppressed Technologies That Could Have Changed the World

September 10th, 2017
 
By Paul A. P...

Larry Kudlow And Brian Domitrovic's 'JFK And The Reagan Revolution' "IndyWatch Feed Tech"




Just read this through and i am quite astonished.  First by the simple fact that i was never aware of Kennedy's huge contribution.  I should have been.  Yet the counter narrative has blinded me and everyone else for my entire life.   My personal opinion regarding Kennedy has now jumped from a B to an A.

The results speak for themselves.  Two key policies ensures prosperity regardless.  Add in two or three other policies as well and it can be unbeatable.

Our true enemy has been economic ignorance from two groups.  The first been the general mass of politicians and their staff of government employees whose economic sense is zero and banally self serving.  The second been economists themselves.

That Clinton was forced to accept good policy by the house is telling.  It was not obvious at the time.

The take home is that it is possible to operate a naturally prosperous economy.  Doing so has been the captive of pure ignorance and mental midgets.


.
Book Review: Larry Kudlow And Brian Domitrovic's 'JFK And The Reagan Revolution'

 


...

09:00

Archaeologists uncovered the fifth known Viking Age ring fortress in Denmark "IndyWatch Feed Tech"




.
These timber fortresses mark the real beginning of castle building throughout the medieval world.  These existed at the time of the Norman conquest and was quickly superseded by stone keeps of which we have many examples.

What makes this design interesting and rather unique is the timber apron that is acting as bracing around the outside.  This could not work at all unless it was defended at ground level by warriors behind the timbers.  There with  two inch spacing between timbers, a warrior is fully shielded while he thrusts at any attackers or pushes fire bundles away.  The gates would protect access as well.


Thus the top would hold archers and stone throwers while the actual warriors would be at ground level chopping at attackers.  Pretty daunting even today.  With the back timbers backed by an earthen bank and the front timbers sunk six feet. you could hold of a modern assault with artillery.  Anything heavy would pass through the timbers into the earth to be smothered.  Thus a sustained bombardment would be necessary to clear this type of robust obstruction.


Not good enough though to prevent a large medieval force investing and soon enough burning the place out.  Thus the quick shift over to stone keeps and real moats.. .

Archaeologists uncovered the fifth known Viking Age ring fortress in Denmark


Thousand-year-old Viking fortress reveals a technologically advanced society

By Michael Price 


Aug. 16, 2017 , 3:02 PM

http://www.sciencemag.org/news/2017/08/thousand-year-old-viking-fortress-reveals-technologically-advanced-society

When archaeologists uncovered four ancient ring-shaped fortresses in Denmark in the 1930s, the find profoundly changed the way they thought about the Vikings that built them. Rather than mindless marauders, Vikings in the Middle Ages must have been a complex, technologically advanced people to build these fortifications....

08:57

Re: Linux kernel CVEs not mentioned on oss-security "IndyWatch Feed Tech"

Posted by Simon McVittie on Sep 25

https://security-tracker.debian.org/tracker/source-package/linux is
probably not comprehensive either, but should include all the
non-embargoed CVEs and other vulnerabilities that the Debian security team
is aware of, including vulnerabilities that were assessed as too minor
to justify a Debian security advisory.

(The same works for any other Debian source package, e.g.
https://security-tracker.debian.org/tracker/source-package/ioquake3 is
a...

08:34

Oracle releases security patches for Apache Struts CVE-2017-9805 Flaw exploited in the wild "IndyWatch Feed Tech"

Oracle fixed several issues in the Apache Struts 2 framework including the flaw CVE-2017-9805 that has been exploited in the wild for the past few weeks.

Oracle has released patches for vulnerabilities affecting many of its products, the IT giant has fixed several issues in the Apache Struts 2 framework, including the flaw CVE-2017-9805 that has been exploited in the wild for the past few weeks.

The vulnerability tracked as CVE-2017-9805 is related to the way Struts deserializes untrusted data, it affects all versions of Apache Struts since 2008, from Struts 2.5 to Struts 2.5.12.

The experts warn that the Struts REST communication plugin fails to handle XML payloads while deserializing them, all web applications using this plugin are vulnerable to remote attacks.

The company Lgtm, who discovered the CVE-2017-9805 vulnerability, warned that at least 65 percent of Fortune 100 companies use Struts and they could all be exposed to remote attacks due to this vulnerability.

The Apache Struts development team acknowledge the vulnerability and published a patch.

An exploit and a Metasploit module to trigger the CVE-2017-9805 vulnerability were created released shortly after its disclosure.

Researchers from Cisco Talos and NVISO Labs spotted attacks aimed to find vulnerable servers leveraging a Russian website used to send the requests and collect the results.

The Oracle Security Alert Advisory CVE-2017-9805 includes the list of affected products and versions.

Recently, the Apache Foundation released fixes for a number of additional Apache Struts 2 vulnerabilities, including CVE-2017-9805, CVE-2017-7672, CVE-2017-9787, CVE-2017-9791, CVE-2017-9793, CVE-2017-9804, and CVE-2017-12611. Oracle just published Security Alert CVE-2017-9805 in order to distribute these fixes to our customers. Please refer to the...

08:16

ESA Expert Envisions "Moon Village" by 2030-2050 "IndyWatch Feed Tech"

https://phys.org/news/2017-09-moon-lunar-village.html (AFP)

By 2040, a hundred people will live on the Moon, melting ice for water, 3D-printing homes and tools, eating plants grown in lunar soil, and competing in low-gravity, "flying" sports.

To those who mock such talk as science fiction, experts such as Bernard Foing, ambassador of the European Space Agency-driven "Moon Village" scheme, reply the goal is not only reasonable but feasible too.

At a European Planetary Science Congress in Riga this week, Foing spelt out how humanity could gain a permanent foothold on Earth's satellite, and then expand.

He likened it to the growth of the railways, when villages grew around train stations, followed by businesses.

By 2030, there could be an initial lunar settlement of six to 10 pioneersscientists, technicians and engineerswhich could grow to 100 by 2040, he predicted.

"In 2050, you could have a thousand and then... naturally you could envisage to have family" joining crews there, Foing told AFP .


Original Submission

Read more of this story at SoylentNews.

07:42

DARPA funds Reaction Engines hypersonic precooler tests "IndyWatch Feed Tech"

Reaction Engines Inc., the U.S. subsidiary of Reaction Engines, today announced that it has received a contract from the U.S. Defense Advanced Research Projects Agency (DARPA) to conduct high-temperature airflow testing in the United States of a Reaction Engines precooler test article called HTX. The precooler heat exchanger is a key component of the companys revolutionary SABRE air-breathing rocket engine and has the potential to enable other precooled propulsion systems. The primary HTX test objective is to validate precooler performance under the high-temperature airflow conditions expected during high-speed flights up to Mach 5.

We have been greatly encouraged by the increasing interest in our technologys potential and are thrilled to embark on our first U.S. government contract with DARPA for HTX, said Dr. Adam Dissel, President of Reaction Engines Inc. Full-temperature testing of the precooler will provide the most compelling near-term proof of the technologys potential to accelerate the future for high-speed air-breathing systems.

The HTX precooler test builds upon previous successful ground tests of the precooler technology conducted at ambient environmental conditions in the United Kingdom. These previous tests validated precooler design methodology, manufacturing techniques, and test operations plans.

07:00

A Cold Hard Look at FPGAs "IndyWatch Feed Tech"

Researchers at the Delft University of Technology wanted to use FPGAs at cryogenic temperatures down around 4 degrees Kelvin. They knew from previous research that many FPGAs that use submicron fabrication technology actually work pretty well at those temperatures. It is the other components that misbehave in particular, capacitors and voltage regulators. They worked out an interesting strategy to get around this problem.

The common solution is to move the power supply away from the FPGA and out of the cold environment. The problem is, that means long wires and fluctuating current demands will cause a variable voltage drop at the end of the long wire. The traditional answer to that problem is to have the remote regulator sense the voltage close to the load. This works because the current going through the sense wires is a small fraction of the load current and should be relatively constant. The Delft team took a different approach because they found sensing power supplies reacted too slowly: they created an FPGA design that draws nearly the same current no matter what it is doing.

There are two parts to this trick. First, you have to know that the FPGA voltage dropped (implying a rise in current consumption). They do this by measuring the delay through a cell. Then you have to selectively control your power consumption. To do this, their design includes 4 farms of 128 oscillators each. These, of course, draw power. As other parts of the chip draw more power, the FPGA turns off 4 oscillators (one from each farm) at a time to keep the power consumption constant. As the chip draws less power, of course, the oscillators will reactivate to take up the slack.

The paper has some good data on how components behave at cold temperatures. Weve actually looked at that before. Maybe this technique is just what you need to hack your rapid popsicle cooler.


Filed under: FPGA

06:57

CVE-2017-12154 Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register "IndyWatch Feed Tech"

Posted by P J P on Sep 25

Hello,

Linux kernel built with the KVM virtualisation support(CONFIG_KVM), with
nested virtualisation(nVMX) feature enabled(nested=1), is vulnerable to a
crash due to disabled external interrupts. As L2 guest could access(r/w)
hardware CR8 register of the host(L0).

In a nested virtualisation setup, L2 guest user could use this flaw to
potentially crash the host(L0) resulting in DoS.

Upstream patch
--------------
->...

06:43

Automated Robot Installs Dental Implant "IndyWatch Feed Tech"

http://time.com/4952886/china-world-first-dental-surgery-robot-implant/ (Note: Javascript may be required.)

In China, a robot dentist installed two dental implants for a woman last Saturday, in what could be the world's first fully automated dental implant surgery, reports the South China Morning Post. Human doctors supervised the whole procedure but did not actively intervene. The surgery, which took place in the city of Xi'an, was first reported by the state-run Science and Technology Daily.

According to the report, the robot followed a set of pre-programmed commands to install the dental implants. Experts said that the implants were fitted within a margin of error of 0.2-0.3 mmmatching the standards required for this type of procedure, reports the Post.


Original Submission

Read more of this story at SoylentNews.

05:10

Ancient Frog Could Have Eaten Small Dinosaurs "IndyWatch Feed Tech"

http://www.popsci.com/beelzebufo-devil-frog-bite-force-dinosaur

Beelzebufo ampinga, so named for the ancient deity often called the "Lord of the Flies," was a devilish frog indeed. The species, which lived on the island of Madagascar around 70 million years ago, was likely the biggest frog that ever hopped about the Earth (National Geographic describes it, delightfully, as "beach-ball-size"). And according to new research on its modern cousins published in Scientific Reports, Beelzebufo ampinga may have had jaws powerful enough to obliterate small dinosaurs.

[...] When you bump up the scale to match the size of Beelzebufo ampinga fossils, the estimated bite force shoots up to 2,200 Newtonswhich is comparable to what you see in predators like lions.

"At this bite force, Beelzebufo would have been capable of subduing the small and juvenile dinosaurs that shared its environment," study author Marc Jones, researcher at the University of Adelaide's School of Biological Sciences and honorary researcher at the South Australian Museum, said in a statement.


Original Submission

Read more of this story at SoylentNews.

04:00

DIY LiPo Protectors "IndyWatch Feed Tech"

Spidermans Uncle Ben was known to say, With great power comes great responsibility. The same holds true for battery power. [Andreas] wanted to use protected 18650 cells, but didnt want to buy them off the shelf. He found a forty cent solution. Not only can you see it in the video, below, but he also explains and demonstrates what the circuit is doing and why.

Protection is important with LiPo technology. Sure, LiPo cells have changed the way we use portable electronics, but they can be dangerous. If you overcharge them or allow them to go completely dead and then charge them, they can catch fire. Because they have a low source resistance something that is usually desirable short-circuiting them can also create a fire hazard. Weve covered the chemistry in depth, but to prevent all the badness youll want a charger circuit.

The little circuit fits on top of a standard 18650 cell and uses two chips (one of which is just a dual MOSFET) and three discrete components. It does add about 3 mm to the cell. [Andreas] found that battery holders with a coiled spring would accommodate the extra length, but those with metal leaf springs would not.

We have looked at LiPo charging a few times in the past. Weve even looked at a site with obsessive battery testing.

 


Filed under: misc hacks

03:42

A Japanese doctor who studied longevity and lived to 105 reveals the key to living a long life "IndyWatch Feed Tech"

On July 18, 2017 Japan lost a national treasure. He was the 105-year-old Dr. Shigeaki Hinohara.

Dr. Hinohara made a lions contribution to healthcare in Japan, both as a practicing medical doctor and as a physician. He headed five foundations in addition to being the president of St Lukes International Hospital in Tokyo. He was responsible for introducing Japans system of comprehensive annual medical check-ups, which have been credited with greatly contributing to the countrys longevity, reports the BBC.

Those are laudable achievements, but it is his longevity and the fact that he saw patients until a few months before his death that defies everything we have come to expect of old age.

03:42

Re: Linux kernel CVEs not mentioned on oss-security "IndyWatch Feed Tech"

Posted by Kurt Seifried on Sep 25

Nope. To quote the web site: 'Open Source software security discussions "
http://www.openwall.com/lists/ the fact that it has turned into a security
announce list with limited discussion is just how things go I guess. Also
it's tough because the Linux Kernel has explicitly said they won't get
CVE's for all their security issues, they simply fix and move on, their
culture is "run something current, if not, to...

03:37

General Mills Brings Back Old Trix Cereal in All Its Artificial Glory "IndyWatch Feed Tech"

So much for making the recipe more natural. People would rather eat artificial ingredients than give up vibrant colors.

[...] Ever since General Mills announced in 2015 that it would start phasing out artificial colors and flavors from all its cereals (an announcement that boosted sales by 6 percent in early 2016 and pleased many shoppers and scientists who have concerns about the health effects of these petroleum-sourced food dyes), there has been a parallel outpouring of protest from committed cereal lovers. People weren't happy with the way the cereal looked or tasted.

"Petroleum-sourced food dyes," it's what's for breakfast!


Original Submission

Read more of this story at SoylentNews.

03:36

Linux kernel CVEs not mentioned on oss-security "IndyWatch Feed Tech"

Posted by Priedhorsky, Reid on Sep 25

Hello all,

Debian recently issued DSA-3981-1, which announced fixes for quite a few CVEs affecting the Linux kernel. For five of
these, I could find no evidence of any mention on oss-security:

CVE-2017-10661
CVE-2017-11600
CVE-2017-12146
CVE-2017-12154
CVE-2017-14156

Another CVE not in Debians announcement also seems not to have been mentioned here:

CVE-2016-10200

Of these six, three are possible privilege escalations...

02:03

US military invests $900 million on next generation microchips for AI "IndyWatch Feed Tech"

The Defense Advanced Research Projects Agencys (DARPA) Electronics Resurgence Initiatives will create six new programs over the next four years.

These are aimed at ensuring the predictions made by Moores law, which have governed the increases in microchip processing power, will continue to apply to chip development.

Three areas will be focused on, materials and integration, circuit design, and systems architecture.

02:02

Humans could soon live on the moon and Mars in LAVA tunnels "IndyWatch Feed Tech"

Two separate teams of researchers have been working on ways to exploit these lava tubes.

They are found in many volcanic areas on Earth, including Lanzarote, Hawaii, Iceland, North Queensland in Australia, Sicily and the Galapagos islands.

Previous research identified the potential for the underground networks of tubes, which can stretch up to 40 miles (65 kilometres), as habitats for future space dwellers.

02:02

Fears grow Balis volcano could erupt at any time "IndyWatch Feed Tech"

More than 35,000 people have fled the largest volcano on the Indonesian island of Bali, fearing it will erupt for the first time in more than half a century.

A natural disaster has been declared in parts of Bali as authorities imposed an exclusion zone around Mount Agung following increasing volcanic activity on Sunday.

Strong tremors rippled through areas in the eastern part of the one of the worlds most popular tourist destinations, packed with Australian families enjoying the school holidays, sparking authorities to order people to leave a 12 kilometre (8 mile) zone around the mountain.

01:58

Intel Launches 8th-Gen Core Desktop Chips; Claims New Core i7-8700K is its Best Gaming Chip Ever "IndyWatch Feed Tech"

PCWorld:

Intel's new 8th-gen Core chips now include six cores on the high end, attacking one of AMD's Ryzen advantages.

[...] Orders for the Intel's new Core desktop chips will begin on Oct. 5, Anand Srivatsa, general manager of the desktop platform group at Intel, said. They will begin shipping later in the fourth quarter. Though Intel executives didn't use the term, the new chips have been referred to as part of the "Coffee Lake" family.

Of the six new desktop chips that Intel announced, the flagship offering is clearly the Core i7-8700K, which Srivatsa touted as its best gaming processor ever. The new Core i7-8700K will offer an additional 25 percent in frames per second running Microsoft's Gears of War 4, versus its 7th-gen Core i7-7700Ka 4-core, 8-thread part. Multitasking, thoughsuch as gaming, streaming, and recording using the popular Player Unknown: Battlegroundswill be a whopping 45 percent faster than a 7th-gen part, executives said.

Tom's Hardware:

Intel indicated that this 8th-generation part is built on what it calls a 14nm++ process. The company would not comment on the die size or transistor count at this time

The company has added a few more knobs for the overclocking crowd to turn, as well. Turbo Boost 2.0 is still supported, but you now get per-core overclocking, a maximum memory ratio up to 8,400 MT/s, memory latency control, and PLM Trim controls. We've included a slide from Intel's press deck below. It lists some of the key specs and pricing. Notably, the high-end Core i7 part is $20 higher than initial Kaby Lake pricing; the Core i5 sits $15 higher. This move is likely designed to cover the additional costs of the silicon along with avoiding cannibalizing the existing Kaby Lake models. Cache sizes are higher and base clocks are lower, comparatively, but the single-core max frequencies are higher. TDP is also higher, presumably to support the higher core count.


Original Submission

Read more of this story at SoylentNews.

01:57

Linux 4.14 + ROCm Might End Up Working Out For Kaveri & Carrizo APUs "IndyWatch Feed Tech"

It looks like the upstream Linux 4.14 kernel may end up playing nicely with the ROCm OpenCL compute stack, if you are on a Kaveri or Carrizo system...

01:32

Twitter explains why they won't delete Trump tweet threatening NK "IndyWatch Feed Tech"

Twitter on Monday explained why it will not be deleting President Trump's tweet threatening North Korea, saying it did not violate the company's rules after weighing its "newsworthiness.""We hold all accounts to the same Rules, and...

01:32

Canada Pushes Back Against U.S. Copyright Demands in NAFTA "IndyWatch Feed Tech"

The third round of negotiations over the modernization of the North American Free Trade Agreement (NAFTA) is underway right now in Ottawa, and EFF is there to represent you. It's been a frustrating few days so far. Before explaining why, we'll skip straight to what you probably want to know: how close are the parties to a deal, and what do we know about what's in it?

Canada Bucks U.S. Copyright and Patent Demands

In the case of the Intellectual Property (IP) chapter, they are pretty far apart. That's because the United States, despite President Trump's criticism of the Trans-Pacific Partnership (TPP), is nevertheless using it as a template for the draft IP chapter that it is presenting to its negotiating partners in this round. Canada, however, isn't down with that. That's because Canada joined the TPP late, after most of the text had already been locked down, and Canada was prohibited from revisiting that text.

Canada's own preferred starting point for negotiation over IP is the original NAFTA, augmented by some newer instruments that Canada has subsequently signed and ratified such as the WIPO Internet Treaties, and its trade agreement with with the EU, the Comprehensive Economic and Trade Agreement (CETA). Although there are still elements of those agreements that we are unhappy with, some of which were also part of TPP (notably CETA's criminalization of camcording in movie theatres), Canada's approach would avoid some of the TPP's biggest flaws such as the extension of the copyright term by 20 years.

On Sunday night the Centre for International Governance Innovation (CIGI), an independent but Canadian government-supported think tank, launched a publication NAFTA 2.0 and Intellectual Property Rights to an audience that included EFF and U.S. trade negotiators. The document (which will be, but is not yet available online) makes a compelling case for Canada standing its ground on copyright and patent law, including this passage from Michael Geist:

As the country embarks on a new round of NAFTA talks, it should be recognized that Ottawa already meets its international obligations when it comes to respect for copyright and patents and has largely addressed long-standing U.S. demands regarding additional reforms....

01:25

Overnight Tech: White House unveils tech education initiative | Bannon reportedly sought to spy on Facebook | Uber CEO to appeal London ban | John Oliver rips AT&T-Time Warner merger "IndyWatch Feed Tech"

WHITE HOUSE ROLLS OUT NEW COMPUTER SCIENCE INITIATIVE: The White House will put at least $200 million in grant funding towards bolstering tech and engineering education, including computer science, "particularly among historically underserved...

01:23

Links 26/9/2017: Linux 4.14 RC2, Mesa 17.1.10, Red Hats Results Published "IndyWatch Feed Tech"

GNOME bluefish

Contents

GNU/Linux

  • Desktop

    • 10 Tips For First Time Linux Users

      New to Linux? Never fear, a superior operating system is here! Youll go from asking everyone for help to re-compiling your own kernel in no time! (Relevant XKCD).

    • Are These the Toughest Linux Operating Systems to Install?

      Its important to keep in mind that no matter the Linux operating system you choose to install, what matters is getting it onto your computer and using it. Sure, there may be benefits or drawbacks to whatever setup you pursue, but thats just how Linux is: various by nature.

      Whats really important is choosing something that best suits you. If you want a high level of flexibility, then by all means, use something like Arch Linux. And if you want something more automated, thats fine as well. Its still Linux, after all.

    • FreeType Improvements For The Adobe Engine

      With FreeType 2.8.1 having been released last week, a lot of new code landed in...

01:03

Industry reactions to the Deloitte cyber attack "IndyWatch Feed Tech"

Deloitte has been targeted in an attack that compromised the emails and plans of some of its clients. Here are some of the industry comments Help Net Security received regarding this incident. Dr Jamie Graves, CEO at ZoneFox This attack is another clear example that anyone can be affected by cybercriminals even those whose speciality is to stop them. Its discomforting to see that even an experienced firm as Deloitte have fallen victim to More

01:00

Clouds and Puppies at Open Source Summit: Day 3 in 5 Minutes "IndyWatch Feed Tech"

Title: 
Clouds and Puppies at Open Source Summit: Day 3 in 5 Minutes

01:00

Pulleys within Pulleys form a Unique Transmission for Robots "IndyWatch Feed Tech"

After a couple of millennia of fiddling with gears, youd think there wouldnt be much new ground to explore in the field of power transmission. And then you see something like an infinitely variable transmission built from nested pulleys, and you realize theres always room for improvement.

The electric motors generally used in robotics can be extremely efficient, often topping 90% efficiency at high speed and low torque. Slap on a traditional fixed-ratio gearbox, or change the input speed, and efficiency is lost. An infinitely variable transmission, like [Alexander Kernbaum]s cleverly named Inception Drive, allows the motor to stay at peak efficiency while smoothly changing the gear ratio through a wide range.

The mechanism takes a bit of thought to fully grok, but it basically uses a pair of split pulleys with variable spacing. The input shaft rotates the inner pulley eccentrically, which effectively walks a wide V-belt around a fixed outer pulley. This drives the inner pulley at a ratio depending on the spacing of the pulley halves; the transmission can shift smoothly from forward to reverse and even keep itself in neutral. The video below will help you get your head around it.

Weve seen a couple of innovative transmissions around here lately; some, like this strain-wave gear and this planetary gearbox, are amenable to 3D printing. Looks like the Inception Drive could be printed too. Hackers, start your printers and see what this drive can...

00:33

Does Buying in Bulk Save Money, or is it a False Economy? "IndyWatch Feed Tech"

The entire big box economy is a big honking subsidy to people with cars living in the suburbs by the poor, the singles, the seniors, the urban, the cyclists.

It only works because of the highways and the parking lots and the infrastructure paid for by everyone (road taxes do not cover the cost of the roads) and enjoyed by the drivers. The companies charge twice as much for small packages as big ones because they can; the purchasers without cars and access to the big boxes, the ability to drive between the Walmart and the Costco and the Price Club, don't have a choice.

Read on for Treehugger's reasons. Is bulk buying bad after all?


Original Submission

Read more of this story at SoylentNews.

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Monday, 25 September

23:38

Dell Joins The Khronos Group "IndyWatch Feed Tech"

Dell is now the latest company joining The Khronos Group as a contributing member...

23:35

Report: Russian Facebook ads sought to stress racial divisions "IndyWatch Feed Tech"

Facebook ads from the 2016 election cycle that were linked to Russian government actors included messages that sought to exploit and divide based on hot-button racial issues, The Washington Post reported Monday.The report says that some of the...

23:00

NASA Finds a Pitch-Black Hot Jupiter Exoplanet "IndyWatch Feed Tech"

NASA has found that a gas giant exoplanet discovered in 2008 traps around 94% of the visible light that hits its atmosphere:

The oddball exoplanet, called WASP-12b, is one of a class of so-called "hot Jupiters," gigantic, gaseous planets that orbit very close to their host star and are heated to extreme temperatures. The planet's atmosphere is so hot that most molecules are unable to survive on the blistering day side of the planet, where the temperature is 4,600 degrees Fahrenheit. Therefore, clouds probably cannot form to reflect light back into space. Instead, incoming light penetrates deep into the planet's atmosphere where it is absorbed by hydrogen atoms and converted to heat energy.

"We did not expect to find such a dark exoplanet," said Taylor Bell of McGill University and the Institute for Research on Exoplanets in Montreal, Quebec, Canada, lead researcher of the Hubble study. "Most hot Jupiters reflect about 40 percent of starlight."

But the planet's nighttime side is a different story. WASP-12b has a fixed day side and night side because it orbits so close to the star that it is tidally locked. The nighttime side is more than 2,000 degrees Fahrenheit cooler, which allows water vapor and clouds to form. Previous Hubble observations of the day/night boundary detected evidence of water vapor and possibly clouds and hazes in the atmosphere. WASP-12b is about 2 million miles away from its star and completes an orbit once a day.

"This new Hubble research further demonstrates the vast diversity among the strange population of hot Jupiters," Bell said. "You can have planets like WASP-12b that are 4,600 degrees Fahrenheit and some that are 2,200 degrees Fahrenheit, and they're both called hot Jupiters. Past observations of hot Jupiters indicate that the temperature difference between the day and night sides of the planet increases with hotter day sides. This previous research suggests that more heat is being pumped into the day side of the planet, but the processes, such as winds, that carry the heat to the night side of the planet don't keep up the pace."

Also at Science Magazine, which managed to list temperatures in Celsius in its blurb about the exoplanet.

WASP-12b (and check out the file history for this image).

...

22:26

China blocks WhatsApp in latest online crackdown: report "IndyWatch Feed Tech"

China is blocking the messaging app WhatsApp ahead of a large Communist Party meeting slated for October, according to The New York Times.Next month, Beijing will host the Communist Partys congress in order to choose its leadership, an event that...

22:12

Source: Deloitte Breach Affected All Company Email, Admin Accounts "IndyWatch Feed Tech"

Deloitte, one of the worlds big four accounting firms, has acknowledged a breach of its internal email systems, British news outlet The Guardian revealed today. Deloitte has sought to downplay the incident, saying it impacted very few clients. But according to a source close to the investigation, the breach dates back to at least the fall of 2016, and involves the compromise of all administrator accounts at the company as well as Deloittes entire internal email system.

deloitte

In a story published Monday morning, The Guardian said a breach at Deloitte involved usernames, passwords and personal data on the accountancys top blue-chip clients.

The Guardian understands Deloitte clients across all of these sectors had material in the company email system that was breached, The Guardians Nick Hopkins wrote. The companies include household names as well as US government departments. So far, six of Deloittes clients have been told their information was impacted by the hack.

In a statement sent to KrebsOnSecurity, Deloitte acknowledged a cyber incident involving unauthorized access to its email platform.

The review of that platform is complete, the statement reads. Importantly, the review enabled us to understand precisely what information was at risk and what the hacker actually did and to determine that only very few clients were impacted [and] no disruption has occurred to client businesses, to Deloittes ability to continue to serve clients, or to consumers.

However, information shared by a person with direct knowledge of the incident said the company in fact does not yet know precisely when the intrusion occurred, or for how long the hackers were inside of its systems.

This source, speaking on condition of anonymity, said the team investigating the breach focused their attention on a company office in Nashville known as the Hermitage, where the breach is thought to have begun.

The source confirmed The Guardian reporting that current estimates put the intrusion sometime in the fall of 2016, and added that investigators still are not certain that they have completely evicted the intruders from...

22:11

Re: CVE-2017-14160: libvorbis-1.3.5 bark_noise_hybridmp() integer signedness bug "IndyWatch Feed Tech"

Posted by Salvatore Bonaccorso on Sep 25

Hi

If possible, please do report your findings back to upstream (in this
case at https://gitlab.xiph.org/xiph/vorbis/issues) so that upstream
might get noticed and can address the issues.

Regards,
Salvatore

22:01

John Oliver rips AT&T-Time Warner merger "IndyWatch Feed Tech"

Late-night host John Oliver took on antitrust policy in a segment during his HBO show where he railed against the planned AT&T-Time Warner merger.On Sunday night, during an episode of Last Week Tonight, Oliver took shots at the major...

22:00

Reverse Engineering Guitar Hero "IndyWatch Feed Tech"

What do you do when a ten-year-old video game has a bug in it? If you are [ExileLord] you fix it, even if you dont have the source code. Want to know how? Luckily, he produced a video showing all the details of how he tracked the bug down and fixed it. You can see the video below. You may or may not care about Guitar Hero, but the exercise of reverse engineering and patching the game is a great example of the tools and logic required to reverse engineer any binary software, especially a Windows binary.

The tool of choice is IDA, an interactive debugger and disassembler. The crash thows an exception and since [ExileLord] has done some work on the game before, he was able to find a function that was creating a screen element that eventually led to the crash.

By snooping around the virtual table, he figured out that the object that caused the crash. However, he also found that the objects constructor had been obscured by a copy protection scheme. However, [ExileLord] was adept enough to overcome the obscuring code.

The problem arises because text objects are drawn from a preallocated pool. If the pool runs empty, there is no provision for creating more. The fix? There are several, but [ExileLord] just bumped up the pools initial size which is fine unless you break that limit, too.

If you want to try your hand at this kind of work and you dont have IDA, you might start with an online disassembler tool. It isnt as capable, but it does work. IDA is very capable, though, and weve seen it used before to good effect.


Filed under: software hacks

21:29

Haiku OS Is Gearing Up For Its Long-Awaited Beta Release "IndyWatch Feed Tech"

The BeOS-inspired Haiku operating system is finally gearing up for its long-awaited beta milestone...

21:26

Imagination Technologies Acquired for $675 Million, MIPS to be Sold Off "IndyWatch Feed Tech"

The company that failed to acquire Lattice Semiconductor will acquire Imagination Technologies instead:

https://www.bloomberg.com/news/articles/2017-09-22/imagination-technologies-agrees-to-takeover-by-canyon-bridge

Imagination Technologies Group Plc agreed to be acquired by China-backed private equity firm Canyon Bridge Capital Partners.

Canyon Bridge said it will pay 182 pence a share in cash, or more than 500 million pounds ($675 million), for the U.K. designer of graphics chips. That's 42 percent more than Imagination's closing share price on Friday.

As part of the deal, Imagination will sell its U.S.-based embedded processor unit MIPS to Tallwood MIPS, a company indirectly owned by California-based investment firm Tallwood Venture Capital, Canyon Bridge said.

Canyon Bridge was keen to structure a bid to avoid scrutiny from U.S. regulators, Bloomberg reported earlier this month.

Earlier in September President Donald Trump rejected a takeover by Canyon Bridge of U.S. chipmaker Lattice Semiconductor Corp., just the fourth time in a quarter century that a U.S. president has ordered a foreign sale of an American firm stopped for security reasons.

Also at The Verge, AnandTech, and Financial Times.

Previously:

Related:


...

21:25

IonSwitch Exclusive VPS offer: 1GB KVM starting at $22.50/yr! "IndyWatch Feed Tech"

Hey guys! Today we have an offer from Nick over at IonSwitch that were pretty excited to be able to post. IonSwitch has been featured here a few times and has always received good reviews. Theyre a registered company in Delaware (USA, #6377101), their WHOIS is public, and you can find their legal docs/ToS here. They accept  PayPal, Credit Card (via Stripe), Bitcoin, and Alipay as method of payment.

What makes this offer/these offers special: NVME Drives! We are just now launching our latest product offering which is VPSs with NVMe Drives. With reads/writes over 1GB/s, we have some of the fastest drives on the market. Premium hardware, network (Telia, Cogent, Wave, Internap, and peering with 100+ networks on the Seattle Internet Exchange), and free IP Announcement and BGP sessions.

In their own words: 

The IonSwitch team consists of multiple professionals who are heavily experienced in the network and hosting field. We offer a fairly uncommon location in Seattle, WA (at least in the low-end space), with premium fully owned hardware and a very premium network at a very competitive price. We operate our own BGP Network (AS395970), which consists of Telia, Spectrum (Wave Broadband), Cogent, Hurricane Electric, and direct peering with over 100+ providers on the Seattle Internet Exchange, some prime examples being Google, Amazon, TELUS, Dropbox, Google, and many more!

The offers: 

512MB RAM
1x vCPU
5GB NVMe SSD space
500GB transfer
1Gbps uplink
1x IPv4
/64 IPv6
KVM/Virtualizor
Coupon: None needed!
$22.50/year (Annual Only)
[ORDER NOW]


 1GB RAM
1x vCPU
10GB NVMe SSD Space
1TB transfer
1Gbps uplink
1x IPv4
/64 IPv6
KVM/Virtualizor
Coupon: None needed!
$4.50/month
$45.00/year (2 Months Free)
[ORDER NOW]


2GB RAM
2x vCPU
25GB NVMe SSD space
2TB transfer
1Gbps uplink
1x IPv4
/64 IPv6
KVM/Virtualizor
Coupon: None Needed!
$9....

20:47

Re: Why send bugs embargoed to distros? "IndyWatch Feed Tech"

Posted by Leo Famulari on Sep 25

Guix is not on the distros lists, but sometimes upstream projects
contact us privately with pre-release embargoed bug fixes. We will test
and prepare the updated packages during the embargo period whether or
not we thing the bugs warrant an embargo.

Agreed, your reports are very useful to us, whether we read them in the
pre-release period, or after they have been disclosed publicly.

20:32

Canadian ISP Bell Calls For Pirate Site Blacklist in NAFTA Hearing "IndyWatch Feed Tech"

Website blocking has become a common tool for copyright holders to target online piracy.

In most countries, these blockades are ordered by local courts, which compel Internet providers to restrict access to certain websites.

While most ISPs initially object to such restrictions, the largest Canadian telco Bell is actively calling for such measures. In a hearing before the Standing Committee on International Trade on NAFTA, the company is clear on how online piracy should be curbed.

Rob Malcolmson, Bells Senior Vice-President Regulatory Affairs, mentioned that the United States has repeatedly complained about Canadas apparent lack of copyright enforcement. To make NAFTA work better for Canadian culture in the digital economy, stronger enforcement is crucial.

US interests have long complained that widespread online copyright infringement here in Canada is limiting the growth of the digital economy. In fact, many of the most prominent global players in the piracy ecosystem operate out of Canada as a relative safe harbor, Malcolmson said.

We recommend that the Government commits to stronger intellectual property enforcement by having an administrative agency dedicated to such enforcement and by prioritizing enforcement against digital pirates.

In Bells view, all Canadian Internet providers should be required to block access to the most egregious pirate sites, without intervention from the courts.

We would like to see measures put in place whereby all Internet service providers are required to block consumer access to pirated websites. In our view, that is the only way to stop it, Malcolmson said.

The telco, which is a copyright holder itself, has clearly thought the plan through. It notes that Internet providers shouldnt be tasked with determining which sites should be blocked. This should be the job of an independent outfit. Alternatively, the Canadian telco regulator CTRC could oversee the blocking scheme.

In our view, it would be an independent agency that would be charged with that task. You certainly would not want the ISPs acting as censors as to what content is pirate content, Malcolmson said.

But, surely, an independent third party agency could be formed, could create a blacklist of pirate sites, and then the ISPs would be required to block it. That is at a high level how we would see it unfolding, perhaps overseen by a regulator like the CRTC.

In addition to website blocking, Bell also recommend...

20:30

Hackaday Prize Entry: OrthoSense, a Smart Knee Brace for Physical Therapy "IndyWatch Feed Tech"

If you have knee surgery, you can probably count on some physical therapy to go with it. But one thing you might not be able to count on is getting enough attention from your therapist. This was the case with [Vignesh]s mother, who suffers from osteoarthritis (OA). Her physiotherapist kept a busy schedule and couldnt see her very often, leaving her to wonder at her rehabilitation progress.

[Vignesh] already had a longstanding interest in bio-engineering and wearables. His mothers experience led him down a rabbit hole of research about the particulars of OA rehabilitation. He found that less than 35% of patients adhere to the home regimen they were given. While there are a lot of factors at play, the lack of feedback and reinforcement are key components. [Vignesh] sought to develop a simple system for patients and therapists to share information.

The fruit of this labor is Orthosense, an intelligent knee brace system that measures gait angle, joint acoustics, and joint strain.  The user puts on the brace, pairs it with a device, and goes through their therapy routine. Sensors embedded in the brace upload their data to the cloud over Bluetooth.

Joint strain is measured by a narrow strip of conductive fabric running down the length of the knee. As the user does their exercises, the fabric stretches and relaxes, changing resistances all the while. The changes are measured against a Wheatstone bridge voltage divider. The knees gait angle is measured with an IMU and is calculated relative to the hip anglethis gives a reference point for the data collected by the strain sensor. An electret mic and a sensitive contact mic built for body sounds picks up all the pops and squeaks emitted by the knee. Analysis of this data provides insight into the condition of the cartilage and bones that make up the joint. As you might imagine, unhealthy cartilage is noisier than healthy cartilage.

The HackadayPrize2017 is Sponsored by:
Digi-Key
...

20:02

A Binary Main-Belt Comet "IndyWatch Feed Tech"

The paper in Nature covering an object known as 288P lays out the case in its title: A Main Belt Comet. But what makes this story stand out is the fact that 288P is also a binary.

A team of scientists led by Jessica Agarwal (Max Planck Institute for Solar System Research) discovered when 288P neared perihelion in September of 2016 that it was not one but two objects, asteroids of roughly the same mass and size, in a binary separated by about 100 kilometers. Moreover, they have verified that the small system is not quiescent.

Using the Hubble instrument, Agarwal and colleagues discovered that the increased solar heating due to perihelion was producing sublimation of water ice, in much the same way that the tail of a comet is created. Heres how the paper describes the process on 288P:

Repeated activity near perihelion is a strong indicator of the sublimation of water ice due to increased solar heating. A model of the motion of the dust under the influence of solar gravity and radiation pressure suggests that the activity began with a brief release of comparatively large (millimetre-sized) grains in July, while from mid-September until at least the end of January 2017 (the last of our observations), the dominant grain size fell to 10 m This indicates that the developing gas production first lifted a layer of large, loosely connected grains, possibly deposited around the end of the previous period of activity in 2011/12. After their removal and with decreasing heliocentric distance, the gas drag became sufficiently strong to lift also smaller particles.

As a main-belt comet, 288P may give us further insights into how water came to Earth. It is also the first known binary asteroid that can be classified as a main-belt comet.

Image: This set of images from the ESA/NASA Hubble Space Telescope reveals two asteroids with comet-like features orbiting each other. These include a bright halo of material, called a coma, and a long tail of dust. The asteroid pair, called 288P, was observed in September 2016 just before the asteroid made its closest approach to the Sun. These images reveal ongoing activity in the binary system. The apparent movement of the tail is a projection effect due to the relative alignment between the Sun, Earth, and 288P changing between observations. The tail orientation is also affected by a change in the particle size. Initially, the tail was pointing towards the direction where comparatively large dust particles (about 1 millimeter in size) were emitted in late...

19:53

Hidden 2015 European Commission Report on Copyright Infringement "IndyWatch Feed Tech"

Last week, Minister of the European Parliament, Julia Reda, unearthed a well-hidden 2014 study financed by the European Commission entitled Estimating displacement rates of copyrighted content in the EU [warning: PDF] that studied the effects of copyright infringement on sales. The study cost 360,000 EUR to carry out and although it was ready in 2015, it was only made public last week when Reda was able to get ahold of a copy.

The study's conclusion was that with the exception of recently released blockbusters, there is no evidence to support the idea that online copyright infringement displaces sales. This conclusion is consistent with previous studies, and raises the following question: "Why did the Commission, after having spent a significant amount of money on it, choose not to publish this study for almost two years?"


Original Submission

...

19:49

California is Close to Bringing Transparency and Accountability to Gang Databases "IndyWatch Feed Tech"

In April 2017, Terry Spears shared his story with San Diegos local public media station KPBS on what its like to be listed in the CalGang database. Even though Mr. Spears says he has never been in a gang, it hasnt stopped law enforcement from harassing him, and he once had his car seized for two weeks, disrupting his livelihood. Hes not the only one. California has several shared gang databases, the biggest of which is CalGang, and they are in desperate need of reform.

Fortunately, Governor Brown can sign a bill today, A.B. 90, that will go far in solving these problems.

As we explained in our earlier blogpost about A.B. 90, a 2016 California State Auditors report on Californias gang database was damning. It detailed how the CalGang database is riddled with errors and unsubstantiated information. It contains records on individuals that should never have been included in the database as well as records that should have long since been purged. And the system lacks basic oversight safeguards. The report went as far as saying that due to the inaccurate information in the database, its crime-fighting value was diminished. 

With the engagement of a broad coalition of civil liberties organizationssuch as Youth Justice Coalition, National Immigration Law Center, Urban Peace Institute, among othersmuch needed reform was passed last year. However, that bill (A.B. 2298) was written prior to the California Auditor publishing its findings and therefore did not anticipate many of the important problems identified by the audit. Therefore, further work is needed to ensure that the reforms passed last year are followed through by law enforcement agencies, and that we build on them to prevent future abuses.

A.B. 90 has passed the California Senate and Assembly and is currently awaiting Gov. Jerry Browns signature. As we argued in our letter to Gov. Brown:

A.B. 90 enhances acco...

19:48

Mesa 17.1.10 Released, Time To Upgrade To Mesa 17.2 "IndyWatch Feed Tech"

Mesa 17.1.10 just hit the wire and is the last planned update for the Mesa 17.1 series...

19:42

White House announces new tech jobs initiative "IndyWatch Feed Tech"

The White House will put at least $200 million in grant funding towards bolstering STEM and Computer Science education particularly among historically underserved groups, the administration announced Monday.The minimum $200 million commitment from...

19:39

Oracle Announces Java SE 9 and Java EE 8 "IndyWatch Feed Tech"

Oracle releases Java SE 9 and Java EE 8

Oracle Corp. has just announced the general availability of Java SE 9 (JDK 9), Java Platform Enterprise Edition 8 (Java EE 8) and the Java EE 8 Software Development Kit (SDK). In other words, these releases have set the stage for faster releases and more open source engagement from now on.

JDK 9 is a production-ready implementation of the Java SE 9 Platform Specification, which was recently approved along with Java EE 8 in the Java Community Process (JCP). On the other hand, with updates to eight major specifications, Java EE 8 looks to streamline and simplify the Java EE platform for the cloud and micro services.

Java SE 9

The star feature of Java SE 9 is the Java Platform Module System, also known as Project Jigsaw, whose goal is to help developers reliably assemble and maintain sophisticated applications. The module system also makes the JDK more flexible, as it allows the developers to bundle only those parts of the JDK that is required to run an application when deploying to the cloud.

Java SE 9 has 91 new features to offer, which includes modularisation and quite a few improvements that look to bring enhanced security, better performance management, and more scalability. However, Oracle reckons its best features are:

jshell delivers an interactive Read-Eval-Print-Loop tool to evaluate declarations, statements, and expressions of the Java programming language along with an API, which allows other applications to leverage this functionality. It also makes easier for developers to explore APIs and try out language features.

Improved Javadoc, which makes it easier for developers to learn new APIs by adding a search box to API documentation generated by the standard doclet, which can be used to search for program elements and tagged words and phrases within the documentation. It can also be used to search information on which module defines each class or interface.

Streams API enhancements, by adding methods to conditionally take/drop items from a Stream, iterate over a Streams elements, and create a Stream from a nullable value while expanding the set of Java SE APIs that can...

19:34

Microsoft And Facebook Complete 160 Tbps Undersea Cable Between U.S. And Spain "IndyWatch Feed Tech"

4,000-mile Marea undersea cable completed by Microsoft and Facebook

Microsoft and Facebook, together with Spanish telecom infrastructure firm Telxius, gathered at an event in Williamsburg, Va on September 22 to announce the completion of the 4,000-mile long subsea cable Marea that connects Spain to the east coast of the U.S. Marea, which means tide in Spanish, is a joint project between Microsoft, Facebook and Telxius.

Suresh Kumar, Microsofts Corporate Vice-President for Cloud Infrastructure and Operations in a blog post, said the subsea cable was the most technologically advanced subsea cable to cross the Atlantic Ocean.

In a time when global economies are deepening their reliance on cloud technologies, and both private and public sectors are embracing the opportunities for growth and improvement through digital transformation, were energized by the impact the Marea subsea cable will have on the advancement of cloud computing and digital services, said Kumar.

And we look forward to furthering our respective investments in building high-tech infrastructure to better connect our world, foster economic growth and advance technological capabilities.

The fiber-optic cable that runs for more than 6600 kms, lies more than 17,000 feet below the Atlantic, and weighs about 4.65 million kgs (same as the weight of 34 blue whales), is also the first cable to connect Virginia and Spain, landing in Virginia Beach, Va and Bilbao, Spain.

It transmits data at speeds of 160 terabits per second (Tbps), which is 16 million times faster than the average U.S. home internet connection. This speed makes Marea capable of streaming 71 million HD videos simultaneously. More importantly, the communication infrastructure will allow Microsoft and Facebook to transfer large bits of information between the many computer data centers more efficiently. The subsea cable is expected to be operational by early 2018.

Mareas route is south of existing transatlantic cable systems, most of which are located in New York and New Jersey.

Being physically separate from the other cables helps ensure more resilient and reliable connections for customers in the United States, Europe and beyond, Kumar wrote.

Kumar also said the cables new open design would allow it to grow with technology, as the need to meet the demand for internet and cloud service has increased around the world.

And make no mistake, the demand is growing. Just think of the many high-bandwidth applications and content you use today such as Skype and Facebook Live, and the volume of streaming videos, movies and music consumed daily, he said....

19:34

Deloitte targeted by a cyber attack that exposed clients secret emails "IndyWatch Feed Tech"

The accountancy firm Deloitte announced it is has been targeted by a sophisticated hack that compromised its global email server.

Today the accountancy firm giant Deloitte revealed that is has been targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients.

According to The Guardian that first reported the incident, hackers may have accessed company customers emails along with usernames, passwords and personal details of top accountancy firms blue-chip clients.

In addition to emails, hackers had potential access to IP addresses, architectural diagrams for businesses and health information.

The Guardian understands Deloitte clients across all of these sectors had material in the company email system that was breached. The companies include household names as well as US government departments. reported The Guardian.

So far, six of Deloittes clients have been told their information was impacted by the hack. Deloittes internal review into the incident is ongoing.

Deloitte hack

The newspaper described the breach as a deep embarrassment due to the efforts of the firm in the cybersecurity industry.

Deloitte discovered the hack in March this year, and according to The Guardian, the attackers may have had access to the company systems since October or November 2016.

The attackers hacked into the Deloitte global email server through an administrators account that allowed them to have full access to any area of the accountancy firm.

The Guardian was told an estimated 5m emails were stored in the cloud that was accessed by the hackers, anyway, Deloitte said the number of emails that were exposed was a fraction of this number.

It seems that the account was poorly protected, the company did not adopt a two-step authentication for it.

Emails to and from Deloittes 244,000 staff were stored in the Azure cloud service, which was provided by Microsoft. This is Microsofts equivalent to Amazon Web Service and Googles Cloud Platform. continues The Guardian.

Deloitte confirmed it has immediately notified the incident to government authorities and the affected clients, it also tried to downplay the incident but anyway it is my opinion that such kind of inc...

19:31

Deloitte Hacked Cyber Attack Exposes Clients' Emails "IndyWatch Feed Tech"

Another day, another data breach. This time one of the world's "big four" accountancy firms has fallen victim to a sophisticated cyber attack. Global tax and auditing firm Deloitte has confirmed the company had suffered a cyber attack that resulted in the theft of confidential information, including the private emails and documents of some of its clients. Deloitte is one of the largest

19:22

Robert Shmookler Reis Joins the LEAF Advisory Board "IndyWatch Feed Tech"

We are very pleased to announce that Dr. Robert Shmookler Reis has joined the LEAF scientific advisory board. He studied at Harvard University (B.A.) and Sussex University (D.Phil.). He joined the University of Arkansas for Medical Sciences in 1980, where he holds the Udupa Chair of Gerontologic Research; he also serves as Affiliate Professor of Pathology at the Univ. of Washington in Seattle WA.

Dr. Robert Shmookler Reis is an expert in genetics whose work focuses on the molecular genetics of longevity and age-associated diseases and his team holds the world record for life extension in C. elegans (roundworms) making them live ten times their normal lifespan.

19:09

AT&T hit with second complaint of discrimination against low-income neighborhoods "IndyWatch Feed Tech"

A prominent civil rights attorney is accusing AT&T of discriminating against low-income minority communities within Detroit in a complaint filed with the Federal Communications Commission on Monday.The complaint is the second in as many months...

19:07

Mako Web Server v2.5 Multiple Unauthenticated Vulnerabilities (apparitionsec / hyp3rlinx) "IndyWatch Feed Tech"

Posted by apparitionsec on Sep 25

[+] SSD Beyond Security: https://blogs.securiteam.com/index.php/archives/3391
[+] Credits: John Page a.k.a hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MAKO-WEB-SERVER-MULTIPLE-UNAUTHENTICATED-VULNERABILIITIES-SECURITEAM.txt
[+] ISR: ApparitionSec

Vulnerabilities Summary
The following advisory describe three (3) vulnerabilities found in Mako Servers tutorial page.

The...

19:07

[$] Safety-critical realtime with Linux "IndyWatch Feed Tech"

Doing realtime processing with a general-purpose operating-system like Linux can be a challenge by itself, but safety-critical realtime processing ups the ante considerably. During a session at Open Source Summit North America, Wolfgang Maurer discussed the difficulties involved in this kind of work and what Linux has to offer.

19:00

Cuban Embassy Attacks and The Microwave Auditory Effect "IndyWatch Feed Tech"

If youve been paying attention to the news, you may have seen a series of articles coming out about US staffers in Cuba. It seems that 21 staffers have suffered a bizarre array of injuries ranging from hearing loss to dizziness to concussion-like traumatic brain injuries. Some staffers have reported hearing incapacitating sounds in the embassy and in their hotel rooms. The reports range from clicking to grinding, humming, or even blaring sounds. One staffer described being awoken to a horrifically loud sound, only to have it disappear as soon as he moved away from his bed. When he got back into bed, the mysterious sound came back.

Cuba has denied any wrongdoing. However, the US has already started to take action expelling two Cuban diplomats from the US in May. The question though is what exactly could have caused these injuries. The press has gone wild with theories of sonic weaponry, hidden bugs, and electronic devices, poisons, you name it. Even Julian Assange has weighed in, stating The diversity of symptoms suggests that this is a pathogen combined with paranoia in an isolated diplomatic corps.

So whats going on? Bizarre accidents? Cloak and dagger gone awry? Mass hysteria among the US state department, or something else entirely?

The most common theory passed around is some sort of auditory or sonic weapon. Acoustic (ultrasonic) non-lethal weapons like the Long Range Acoustic Device (LRAD) are well known due to their use by law enforcement to disperse protests, or on oceangoing ships to deter pira...

18:59

TV broadcasts in California interrupted to show end of the world alert "IndyWatch Feed Tech"

By Waqas

Gear up for Armageddon- Strange Warning Messages Startled TV Viewers

This is a post from HackRead.com Read the original post: TV broadcasts in California interrupted to show end of the world alert

18:22

Peter W. Singer "IndyWatch Feed Tech"

Useful Idiots: A wonderful guide to how Russian bots synchronized with far right trolls to target German election https://t.co/USZwzGeu0D

18:04

Governments Are Testing Their Own Cryptocurrencies "IndyWatch Feed Tech"

Via: MIT Technology Review: The people of Sweden are breaking up with cash. The number of banknotes and coins in circulation has fallen to its lowest level in three decades. Riksbank, Swedens central bank, estimates that cash transactions made up only 15 percent of all retail transactions last year, down from 40 percent in 2010, []

18:00

Testing Radio Propagation With a Baofeng UV-82 and APRS "IndyWatch Feed Tech"

As I've said in passing before here on SoylentNews, I'm a ham radio operator, (KD2JRT - Tech). Due to a lack of time and money, I've only been able to afford relatively cheap equipment, primarily two BaoFeng UV-82s, and an external antenna mount for the car. Many of the older ham radio ops decry the Baofengs as cheaply made Chinese junk, but I wanted to see what these radios are actually capable of. Historically, I've had decent success with an external antenna and decent positioning, but I recently conducted an impromptu experiment testing the propagation characteristics with these radios and seeing how well they actually work, and perhaps creating a baseline for more in-depth radio testing in the future.

Over the weekend, I took a day trip to the southern tip of New Jersey, out to Cape May from New York City, and along the way, using a hookup from the radio to my phone, I connected my radio to the national APRS (Automatic Packet Reporting System) network, and used it to measure distance and propagation effects. Since most of the readership of SoylentNews aren't radio techs, past the fold, I'll talk a bit about Baofeng radios, APRS, digital modes, and my results.

Read more of this story at SoylentNews.

17:49

Canadian Man Gets 9 Months Detention for Serial Swattings, Bomb Threats "IndyWatch Feed Tech"

A 19-year-old Canadian man was found guilty of making almost three dozen fraudulent calls to emergency services across North America in 2013 and 2014. The false alarms, two of which targeted this author involved phoning in phony bomb threats and multiple attempts at swatting a dangerous hoax in which the perpetrator spoofs a call about a hostage situation or other violent crime in progress in the hopes of tricking police into responding at a particular address with deadly force.

Curtis Gervais of Ottawa was 16 when he began his swatting spree, which prompted police departments across the United States and Canada to respond to fake bomb threats and active shooter reports at a number of schools and residences.

Gervais, who taunted swatting targets using the Twitter accounts ProbablyOnion and ProbablyOnion2, got such a high off of his escapades that he hung out a for-hire shingle on Twitter, offering to swat anyone with the following tweet:

wantswat

Several Twitter users apparently took him up on that offer. On March 9, 2014, @ProbablyOnion started sending me rude and annoying messages on Twitter. A month later (and several weeks after blocking him on Twitter), I received a phone call from the local police department. It was early in the morning on Apr. 10, and the cops wanted to know if everything was okay at our address.

Since this was ...

17:37

Enjoy the dual driver tech into their latest pair of headphones, the BlitzWolf BS2 "IndyWatch Feed Tech"

Enjoy your hearing experience with BilitzWolf BS2 headphones with first ever dual driver tech

How do you listen to your audio? Headphones have been around for ages, and although youve probably been through a few different styles, little has changed in the actual parts that count, the drivers.

The best standard drivers are tuned to sound great and have diaphragms engineered to widen frequency range. With all this tech you still cant beat the physical limitations of a single driver. When a single driver is pressed to produce a full range, it will distort much easier than if it was only covering a smaller range. The wider the range, the greater the distortion.

Dual Sounds Better.

Quality home theater and car audio split the frequency into a Subwoofer, midrange, and tweeter. The same logic is packed into dual driver earbuds.

Dual Sounds Better.

When dual drivers blend, you have a full-spectrum of sound that a single driver could never replicate. Less distortion, more volume. What you listen to will sound more natural and almost realistic.

BlitzWolf packed dual driver tech into their latest pair of headphones, the BS2. These headphones deliver a mouth-watering sound experience unrivaled to the capabilities of a single driver. Released in mid-2017, they have been rated as excellent value for money and produce sound that rivals much more expensive professional audio equipment.

Unboxing the BS2 is where it all begins, the full package includes a gift box and zipper carry bag.

Dual Sounds Better.

Both straight mate black and a vibrant accented red versions of the BS2 have a semi-transparent case so you can see the drivers in action. From the box to your ears, the BS2 is a quality experience.

BlitzWolf also has an outstanding reputation for speakers, fast chargers, cables, and other phone accessories. Their previous headphones are made with the latest tech including graphene drivers.

...

17:30

Seek Out Scammers With Skimmer Scanner "IndyWatch Feed Tech"

Last week we reported on some work that Sparkfun had done in reverse engineering a type of hardware card skimmer found installed in gasoline pumps incorporating card payment hardware. The device in question was a man-in-the-middle attack, a PIC microcontroller programmed to listen to the serial communications between card reader and pump computer, and then store the result in an EEPROM.

The devices featured a Bluetooth module through which the crooks could harvest the card details remotely, and this in turn provides a handy way to identify them in the wild. If you find a Bluetooth connection at the pump bearing the right identification and with the right password, it can then be fingered as a skimmer by a simple response test. And to make that extra-easy they had written an app, which when we reported on it was available from a GitHub repository.

It would be nice to think that this work might draw attention to the shocking lack of security in gas pumps that facilitates the skimmers, disrupt the finances of a few villains, and even result in some of them getting a free ride in a police car. We can hope, anyway.

Gasoline pump image: Michael Rivera [CC BY-SA 3.0].


Filed under: security hacks

17:17

Governments Turn Tables by Suing Public Records Requesters "IndyWatch Feed Tech"

Via: AP: An Oregon parent wanted details about school employees getting paid to stay home. A retired educator sought data about student performance in Louisiana. And college journalists in Kentucky requested documents about the investigations of employees accused of sexual misconduct. Instead, they got something else: sued by the agencies they had asked for public []

17:14

Dip update 91/n "IndyWatch Feed Tech"

[Orig: Sept 25, 2017]
Hi everyone,
Below is the latest LCO light curve including data from the past two nights (last night there was bad weather at TFN, so only data from OGG to report).  
More later,
~Tabby and team
PS: These observations are happening because of the wonderful backers of our 2016 Kickstarter project. The Kickstarter campaign has ended, but we are still accepting donations to purchase additional observing time on the LCO 0.4m network. Thanks in advance for your support!      

17:10

4 Must-Have Ecommerce Tools for Starting Your First Online Store "IndyWatch Feed Tech"

Here Are Four Must-Have Ecommerce Tools for Starting Your First Online Store

Starting your first online store isnt as daunting a task as you might think. With proper planning, a little bit of effort, and a few helpful tools, you can be well on your way to making sales. Weve put together a list of the 4 must-have ecommerce tools for starting your first online store. Together, these tools will help you lay a foundation, manage inventory and payments, and grow your business.

Build a foundation with an ecommerce platform

As with a physical store, you need a foundation and framework upon which to build your business. An ecommerce platform creates a customizable structure with all the functionality you would expect from an online store such as a product catalog, a shopping cart, and marketing analytics. Most online stores are powered by one of two popular platforms: Shopify or BigCommerce.

Use Oberlo to stock your digital shelves with inventory

Any online store needs a sizable inventory of products that appeal to your target customer.

Oberlo is a tool to help you find and import hundreds of products to your online store in minutes. Oberlo leverages the power of dropshipping to easily import products into your catalog and automatically fulfill your customers orders. A powerful and intuitive management system gives you the ability to customize product descriptions, automate price changes, and track sales.

Oberlo offers a free starter plan (to test the waters) that helps you quickly populate your store with inventory. As time goes on and your business needs grow, you can upgrade to a paid plan to remove some of the limitations of the free starter plan.

Shopify

Shopify powered over 500,000 businesses in 2017, according to statistics. Much of this popularity can be credited to Shopifys feature-rich platform, which gives business owners a wealth of options to take away most of the guesswork and heavy lifting from running an online store.

Shopify will help you create an online store with a fully-customizable website, storefront, and blog. Shopifys included payment functionality accepts credit card payments as soon as your website comes online. A number of apps including tools included in this post can be synced with Shopify to further enhance management of your online store, creating additional functionality for everything from tracking conversions to building a mailing list.

WooCommerce

In contrast to Shopify,...

17:00

Simple Trade for you with a MT 4 for Android "IndyWatch Feed Tech"

Simple Trade for you with an MT 4 for Android Smartphone

Mobile apps are actively entering into the lifestyle of dvanced brokers. They allow us to conduct more active trade. There is no need just to be constantly in the workplace. Its enough to take a gadget with you. Now there is an ability to control completely all the markets situation you are interested in.

With a smartphone, you can conduct an auction in time, no matter in what part of the world you are. You can carry out transactions directly, be constantly aware of all financial operations, monitor market conditions, using specially developed by MetaQuotes mobile applications for MT4 for Android operating system devices. Financial markets are getting closer and more accessible to working with this kind of application.

FxPro is an NDD forex broker headquartered in Cyprus, and offices in UK and Australia. It offers excellent conditions and high quality of clients protection to guarantee them a calm, profitable, and successful trade. FxPro is registered in CySEC, FCA (UK) and ASIC. Moreover, this broker is a member of Investor Compensation Fund (ICF) and Financial Services Compensation Program (FSCS).

The apps which FxPro offers include MT 4 (MT4) and Trader ECN they are very popular with traders. They allow you to trade in one click, to study the depth of market, to monitor price levels. They have excellent chartering and 30 technical indicators, as well as the rapid execution of orders. The programme gives access to liquidity of 10 suppliers.

Options

The soft MT4 for Forex from MetaQuotes allows you to:

  • Trade anywhere and anytime;
  • Available versions for Android, iOS, as well as network versions;
  • Quick conclusion of transactions;

Beginners can take advantage of the educational resources of this broker video lessons, webinars, live sessions, etc. For more advanced traders there are additional analytical tools such as Trading Central and Autochartist. Dow Jones news is integrated into the MT4 soft.

Advantages

Modern technologies, huge functionality, and simplicity of using made MT 4 one the most popular trading programme in the world. Which advantages of this program attracts users from all over the world?

  • A clear interface and many technical analysis tools;
  • The ability to trade with smartphones, tablets, and PDAs;
  • built-in programming language MQL4, allowing to create your own trading indicators;
  • access to interbank liquidity using MT4 Bridge technology, no D...

17:00

Long-Lasting Qubits Share Vibrations to Stay Cool "IndyWatch Feed Tech"

With a new technique, a single qubit can remain coherent for roughly 10 minutes Illustration: Tsinghua University/Nature Photonics

A quantum computer can theoretically vastly outperform a normal computer, but until now its basic component, known as a qubit, could only remain stable for less than a minute. Now scientists in China have developed single qubits that could remain coherent for about 10 minutes. These magnetically trapped qubits could someday become an essential component of quantum computers and quantum networks .

The quantum effect known as superposition permits a particle to essentially spin in two opposite directions at once, or exist in two or more places simultaneously. Using superposition, qubits can symbolize data as both a one and zero at the same time, whereas transistors in standard computers are each limited to representing data as single digits. When qubits are linked or entangled together, they can help perform exponentially more computations than a comparable number of transistors.

But qubits are only useful if their superpositions can stay coherent or stable. More than 20 years ago, scientists found they could achieve coherence times of roughly 10 minutes with ensembles of magnetically trapped ions. However, unexpectedly, when it came to single qubits, researchers were cursed with much shorter coherence times. Until now, the best coherence time they could accomplish was less than one minute with solitary magnetically trapped ions.

Now scientists at Tsinghua University in Beijing have achieved a coherence time of more than 10 minutes for a single qubit consisting of a magnetically trapped, positively charged ytterbium-171 ion.

"What we have demonstrated is basically how the memory zone for quantum memory, one essential part of a quantum computer, can be physically implemented,...

16:52

Security updates for Monday "IndyWatch Feed Tech"

Security updates have been issued by Debian (bzr, clamav, libgd2, libraw, samba, and tomcat7), Fedora (drupal7-views, gnome-shell, httpd, krb5, libmspack, LibRaw, mingw-LibRaw, mpg123, pkgconf, python-jwt, and samba), Gentoo (adobe-flash, chromium, cvs, exim, mercurial, oracle-jdk-bin, php, postfix, and tcpdump), openSUSE (Chromium and libraw), Red Hat (chromium-browser), and Slackware (libxml2 and python).

16:47

Kazan Continues Making Progress As A CPU-Based Vulkan Implementation "IndyWatch Feed Tech"

While Google Summer of Code ended one month ago, Jacob Lifshay has continued working on his "Vulkan-CPU" project now known as Kazan. He's certainly making progress on this CPU-based Vulkan implementation...

16:47

Hubble Telescope Observes Binary Asteroid With Comet-Like Features "IndyWatch Feed Tech"

NASA's Hubble Space Telescope has found a binary asteroid pair that exhibits characteristics of a comet:

Hubble was used to image the asteroid, designated 300163 (2006 VW139), in September 2016 just before the asteroid made its closest approach to the Sun. Hubble's crisp images revealed that it was actually not one, but two asteroids of almost the same mass and size, orbiting each other at a distance of 60 miles.

Asteroid 300163 (2006 VW139) was discovered by Spacewatch in November 2006 and then the possible cometary activity was seen in November 2011 by Pan-STARRS. Both Spacewatch and Pan-STARRS are asteroid survey projects of NASA's Near Earth Object Observations Program. After the Pan-STARRS observations it was also given a comet designation of 288P. This makes the object the first known binary asteroid that is also classified as a main-belt comet.

The more recent Hubble observations revealed ongoing activity in the binary system. "We detected strong indications for the sublimation of water ice due to the increased solar heating similar to how the tail of a comet is created," explained team leader Jessica Agarwal of the Max Planck Institute for Solar System Research, Germany.

The combined features of the binary asteroid wide separation, near-equal component size, high eccentricity orbit, and comet-like activity also make it unique among the few known binary asteroids that have a wide separation. Understanding its origin and evolution may provide new insights into the early days of the solar system. Main-belt comets may help to answer how water came to a bone-dry Earth billions of years ago.

The team estimates that 2006 VW139/288P has existed as a binary system only for about 5,000 years. The most probable formation scenario is a breakup due to fast rotation. After that, the two fragments may have been moved further apart by the effects of ice sublimation, which would give a tiny push to an asteroid in one direction as water molecules are ejected in the other direction.

Also at HubbleSite, New Atlas, ScienceAlert, and Space.com.

(300163) 2006VW...

16:42

Deloitte hit by cyberattack "IndyWatch Feed Tech"

Deloitte was hit with a cyberattack that allowed hackers access to company emails and possibly confidential client information, the Guardian reported Monday.  A spokesman for the firm confirmed to The Hill in an email that...

16:36

Android unlock patterns are a boon for shoulder surfing attackers "IndyWatch Feed Tech"

The swiping unlock patterns typical for Android devices are considerably easier for attackers to discern than PIN combinations. In fact, after only one observation of a user entering the pattern, 64% of shoulder surfing attackers will be able to reproduce it, a group of researchers from the US Naval Academy and the University of Maryland Baltimore County has found. In comparison, only one in ten attackers could make out a six-digit PIN after one viewing. More

16:32

Steve Bannon sought to spy on Facebook: report "IndyWatch Feed Tech"

Former White House chief strategist Stephen Bannon tried to spy on Facebook by planting a mole in the company, BuzzFeed reported.According to internal emails obtained by the news outlet, Bannon was seeking to gain insight into Facebook's hiring...

16:24

Mondo 2000 is back. "IndyWatch Feed Tech"

If you've been around for a while you may remember a certain magazine called Mondo 2000 from the 90's.  It was a time when using the prefix cyber- wasn't done in irony and computers were still weird and edgy and nobody actually knew what the hell they were doing.  Psychedelic explorers like Timothy Leary and Terence McKenna were still alive (though Leary died in '96 and McKenna four years later), raves required you to go on quests to find map points so you could get your wristband to get in, and we all knew - we just knew - that the Net would usher in an age of understanding because people from vastly different kinds of lives could communicate openly with each other and learn to see eye to eye.

Go ahead and laugh, get it out of your system.

If you've never run across it before, a fair amount of M2k as well as the 'zines that eventually lead to its creation have been uploaded to the Internet Archive so you can read them for free.  Unfortunately, Mondo 2000 ceased publication late in the 90's after a perfect storm of multiple things going sideways within a fairly short period of time.  Frontbeing R.U. Sirius has been around the entire time, working on multiple publishing projects at the same time and keeping his neurons in the game.  I would like to announce that his latest project is the return of Mondo 2000 as a blog featuring articles from many of the original contributors, some classic articles with commentary for the twenty-first century, and insights from some new minds from the other side of the millennium rollover.

Take a look at it and see what you think.  If you like it, please circulate the URL to get more eyes on it.

16:23

Last year at Adobe "IndyWatch Feed Tech"

Private Keys. You will be part of the special command of General Failure. You will be reporting to Colonel Panic. @grauhut

(Kontext)

16:04

Maine senator lobbies for a new lobster emoji "IndyWatch Feed Tech"

Sen. Angus King (I-Maine) is lobbying for a new emoji to represent lobsters.King submitted a formal request Friday to the Unicode Consortium, the group in charge of smartphone emojis. In his letter, King stressed the economic and...

16:02

Re: Why send bugs embargoed to distros? "IndyWatch Feed Tech"

Posted by Cliff Perry on Sep 25

Hi Hanno,
The detail of your report was good quality and I'm sure appreciated by
everyone who needed to review it. I know that for Red Hat the
pre-disclosure was useful.

During analysis, like SUSE, we rated it as having a security impact of
Moderate (https://access.redhat.com/security/updates/classification);
and not highly impacting that required expedited preparation of packages
for the embargo date. Additional information is contained...

16:01

The Electronics Markets of Ho Chi Minh City, Vietnam "IndyWatch Feed Tech"

When we think about world-famous electronics markets in Asia, usually Shenzhen, Tokyos Akihabara, or Shanghais Beijing Road come to mind.

Theres another market that Ive had my eye on for a few years: Nht To market in Ho Chi Minh City, Vietnam. It might not be as large or accessible as the more well-known markets, but its very much worth a visit if youre in the area. I decided it was time to hop on my red motorbike (red things go faster) and give you a short tour of the central market, as well as some more hobbyist-friendly options.

Overview

Nht To is a busy market. A good strategy is to go in the late morning or early afternoon on a weekday or Saturday. Its slightly less busy at those times, and I avoid Sundays because some stores will be closed or have reduced hours. Do not go during rush hour.

If possible, go with someone who speaks Vietnamese. Someone from Fablab Saigon might be willing to help you out if theyre available (more on that later). You may even run into the author of this article.

Electronics suppliers in Nht To are set up for the local market. While we will cover a few exceptions, most only speak Vietnamese, and high-volume retailers arent really set up to answer detailed questions in any case. In these places its best to know what youre looking for, but luckily all the stock tends to be visible, and the vendors all have calculators they can use to quickly show you prices. All business is done in local currency and in cash.

Our focus will be on locations that have been present for at least the last two years and are likely to still be there for a while, as the overall stores and stock tends to be pretty fluid.

One major convenience worth noting is that haggling over price is rarely necessary: my experience has been that these stores sell their products at set prices that do not depend on your nationality. While Im by no means fluent in Vietnamese, I do speak enough to confirm this, and I know several of the vendors personally.

A word of warning Google translate does not handle Vietnamese gracefully yet. It works reasonably well for single words or very short phrases, but anything longer often becomes unintelligible. For example, it sometimes translates ten as salt by getting the tonal accents wrong. Speaking of condiments, Nht To market borders on District 5, which is considered by locals to have above-average restaurants. You may want to scope out a place to eat after going to the market.

A Tour of Nht To Market

We start our journey at the...

16:00

Cyber threat analysis in complex adaptive systems "IndyWatch Feed Tech"

The use of wartime analogies in cybersecurity is common in our industry. Sun Tzu is often quoted in presentations and papers to emphasize an authors key point. I will spare you that in this article; however, I would like to introduce the idea of applying a rigorous framework derived from kinetic warfare to the cyber realm. The notion of complex adaptive systems (CAS) as introduced by Brigadier General Wayne Michael Hall and Dr. Gary Citrenbaum More

15:54

Future Proof Your SysAdmin Career: Advancing with Open Source "IndyWatch Feed Tech"

Title: 
Future Proof Your SysAdmin Career: Advancing with Open Source

15:38

Landmark Pirate Kodi Box Trial Canceled After Man Changes Plea to Guilty "IndyWatch Feed Tech"

Over the past year, there have been a lot of discussions about UK-based Brian Tomo Thompson. The Middlesbrough-based shopkeeper was raided by police and Trading Standards in 2016 after selling fully loaded Android boxes from his small shop.

The case against Thompson is being prosecuted by his local council but right from the very beginning, he insisted hed done nothing wrong.

All I want to know is whether I am doing anything illegal. I know its a gray area but I want it in black and white, he said last September.

Tomo in his store

In January this year, Thompson appeared before Teeside Crown Court for a plea hearing. He pleaded not guilty to two offenses under section 296ZB of the Copyright, Designs and Patents Act. This section deals with devices and services designed to circumvent technological measures.

A person commits an offense if he in the course of a business sells or lets for hire, any device, product or component which is primarily designed, produced, or adapted for the purpose of enabling or facilitating the circumvention of effective technological measures, the law reads.

This section of the law has never been tested against infringing Kodi/IPTV boxes so a full trial would have been an extremely interesting proposition. However, everyone was denied that opportunity this morning when Thompson appeared before Teesside Crown Court with a change of heart.

Before Judge Peter Armstrong, the 54-year-old businessman changed his previous not guilty plea to guilty on both counts.

According to GazetteLive, defense barrister Paul Fleming told the Court there had been an exchange of correspondence in the case.

There is a proposal in relation to pleas which are acceptable to the prosecution, Fleming said.

Judge Armstrong told Thompson that the case will now be adjourned until October 20 to allow time for a pre-sentence report to be prepared.

Your bail is renewed until that date. I have to warn you that the renewal of your bail at this stage mustnt be taken by you as any indication of the type of sentence thatll be passed, the Judge said.

I dont know what the sentence will be but all options will be open to the court when youre dealt with. Free to go on those terms.

Thompson will be sentenced on the same day as Jul...

15:37

Uber CEO apologizes, vows appeal of London ban "IndyWatch Feed Tech"

Uber CEO Dara Khosrowshahi apologized to London residents and vowed an appeal after the citys transportation authorities decided not to renew the companys license.While Uber has revolutionised the way people move in cities around the world its...

15:30

Large DDoS attacks over 50 Gbps have quadrupled between 2015 and 2017 "IndyWatch Feed Tech"

Organizations are experiencing an increase in the magnitude of DDoS attacks, with the average size of attacks over 50 Gbps quadrupling in just two years, according to A10 Networks. Growth of DDoS attacks The study also found the gargantuan 1 Tbps attacks that started last year with the Mirai botnet have begun to leave their mark, with 42% of organizations reporting an average size of DDoS attacks greater than 50 Gbps, a significant increase from More

15:15

AMD Rebrands CrossFire As Just mGPU "IndyWatch Feed Tech"

While not particularly relevant to Linux gamers at this point in time, AMD is dropping their CrossFire branding in favor of just calling it their mGPU technology...

15:01

Storing Light Waves as Sound for Energy-Saving Acoustic Memory "IndyWatch Feed Tech"

Data centers of the future could rely on photonic 'wires' instead of electronic interconnects Illustration: Rhys Holland & Sebastian Zentilomo/University of Sydney

A device that turns light into sound has allowed researchers to capture lightning in a bottle, in a sense, slowing down the light beams enough so that they can be easily stored and manipulated.

Researchers at the University of Sydney in Australia, have figured out how to turn a light wave into a sound wave, creating an acoustic memory that they say will help data centers save energy by eliminating some electrical connections between processors. They reported their work in a recent issue of Nature Communications .

Our vision is to replace the electronic interconnects between different processors and computing machines with photonic wires, said Birgit Stiller, a postdoctoral researcher who led the project. So light transmission will be used instead of electronic connections.

The team built a chip that consists of a spiral-shaped waveguide made from a soft glass called chalcogenide, sandwiched between two stiffer pieces of silica glass. As a light beam travels through the chip, it is met by another pulse of light that has a slightly different frequency. The difference between the frequencies of the two light beams is a beat, a wave with a frequency 100,000 times lower, thus turning the light wave into a sound wave.

The sound wave lives for a brief timeseveral nanosecondsin the spiral chalcogenide waveguide. To read it out, the device reverses the process, adding the beat frequency to a light pulse to recreate the original light wave.

In standard optical fibers, light waves are prevented from leaking out of the fiber by a difference in refractive index between the core of the fiber and the cladding wrapped around it. In a similar way, the two types of glass keep the sound wave in place; the speed of sound is much slower in the chalcogenide than in the silica.

Slowing down the waves provides time to synchronize different signals coming from different processors. That eliminates the need to convert the optical signal to an electronic signal. Electronics can produce excess heat and require more energy, which...

15:00

Standard cloud migration models are insufficient when moving mission critical workloads "IndyWatch Feed Tech"

Enterprises have found that standard cloud migration models are insufficient when moving mission critical workloads and require a specialized approach, according to a study conducted by Forrester Consulting. One size does not fit all The study, which is based on a global survey of 500 IT decision makers at businesses with more than 500 employees, notes that almost half of the cloud migrators questioned are utilizing more than one cloud platform. The study also notes More

14:59

CVS Limits Opioid Prescriptions "IndyWatch Feed Tech"

CVS is finally trying to do something about the opioid epidemic:

Drug-store chain CVS Health announced Thursday that it will limit opioid prescriptions in an effort to combat the epidemic that accounted for 64,000 overdose deaths last year alone.

Amid pressure on pharmacists, doctors, insurers and drug companies to take action, CVS also said it would boost funding for addiction programs, counseling and safe disposal of opioids.

[...] The company's prescription drug management division, CVS Caremark, which provides medications to nearly 90 million people, said it would use its sweeping influence to limit initial opioid prescriptions to seven-day supplies for new patients facing acute ailments.

It will instruct pharmacists to contact doctors when they encounter prescriptions that appear to offer more medication than would be deemed necessary for a patient's recovery. The doctor would be asked to revise it. Pharmacists already reach out to physicians for other reasons, such as when they prescribe medications that aren't covered by a patient's insurance plan.

The plan also involves capping daily dosages and initially requiring patients to get versions of the medications that dispense pain relief for a short period instead of a longer duration.

[...] "The whole effort here is to try to reduce the number of people who are going to end up with some sort of opioid addiction problem," CVS Chief Medical Officer Troyen Brennan said in an interview.

It appears this initiative is limited to initial filling of prescriptions there is no mention of changes in the handling of refills.


Original Submission

Read more of this story at SoylentNews.

14:49

For eight years, hackers have been able to exploit this password-stealing flaw in Joomla "IndyWatch Feed Tech"

For the last eight years a critical vulnerability has lurked within the code of the Joomla CMS which could have allowed malicious hackers to steal every user's login credentials - including those belonging to administrators.

Read more in my article on the Hot for Security blog.

14:44

FreeType Improvements For The Adobe Engine "IndyWatch Feed Tech"

With FreeType 2.8.1 having been released last week, a lot of new code landed in the early hours of today to its Git repository...

14:44

Adobe accidentally leaked online its Private PGP Key "IndyWatch Feed Tech"

The Adobe product security incident response team (PSIRT) accidentally published a private PGP key on its blog, once discovered the issue it quickly revoked it.

On Friday, the Adobe PSIRT updated its Pretty Good Privacy (PGP) key and published the new public key on the blog post. The new key should have been valid until September 2018, but something strange has happened. The security expert  Juho Nurminen first noted that scrolling down in the blog post containing there were present both public and private PGP keys.

In a PKI infrastructure, messages to be sent to the recipient are encrypted with the public key it has shared (in the Adobe case it was published in the blog post), and only the legitimate recipient can read it by using the associated private PGP key.

encryption PGP key

The accidental disclosure of the private key could have allowed anyone to decrypt encrypted email messages sent by the users to the company.

The Adobe PGP key was generated using Mailvelope, a popular open source browser extension for OpenPGP.

Mailvelope allows users to export either the public key, the private key, or both by selecting the All option. The Adobe employee who was exported the public PGP key likely selected the All option and copied the generated data without noticing it was sharing the private PGP key as well.

Adobe has promptly removed the blog post and revoked the compromised private key, but it was too late because it is still possible to find copy of the post online. Adobe has generated a...

14:42

wordpress <= 4.8.1 SQLi "IndyWatch Feed Tech"

Posted by Slavco Mihajloski on Sep 25

Isuue in wpdb->prepare() method guides to sqli in the wordpress.

https://wordpress.org/news/

https://medium.com/websec/wordpress-sqli-bbb2afcc8e94

PoC:
https://medium.com/websec/wordpress-sqli-poc-f1827c20bf8e

Regards,
Slavco

14:30

Criminal hacking: Top technology risk to health, safety and prosperity "IndyWatch Feed Tech"

Americans believe criminal hacking into computer systems is now a top risk to their health, safety and prosperity. Criminal hacking, a new ESET survey finds, outranks other significant hazards, including climate change, nuclear power, hazardous waste, and government surveillance. The survey was conducted by ESET security researchers, and asked randomly selected adults to rate their risk perception of 15 different hazards. Six of the hazards were cyber-related while the rest were other forms of technology More

14:22

When a tanker vanishes, all the evidence points to Russia "IndyWatch Feed Tech"

Introducing: GPS attacks. By creating a false signal it is possible to fool a system into thinking its in a different place. Russian oligarchs undertaking piracy? Check.

Spoofing is currently used in Russia. Around the Kremlin, GPS devices typically show the location 20 miles away, says Nathan Brubaker, head of the cyber-physical intelligence unit at FireEye.

14:11

Foreman 1.1+ stored XSS in organizations/locations assignment to hosts "IndyWatch Feed Tech"

Posted by Marek Huln on Sep 25

CVE-2017-7535: Attempting to assign all hosts to an organization or location
that contains HTML does not properly escape the html in the toast notification
informing of success. Exploiting this requires a user to actively assign hosts
to an organization that contains html in its name which is visible to the user
prior to taking action.

Affects Foreman 1.1 and higher.

Patch available at https://github.com/theforeman/foreman/pull/4851
Fix...

14:10

Be Nice: Hyperledgers Brian Behlendorf Offers Tips for Creating Sustainable Open Source Projects "IndyWatch Feed Tech"

So, whats unique about projects like Linux that thrive where others fail? Whats the secret sauce that sustains one project over others? Is it the community? The license? The code? The organizations backing it?

14:07

Occams Taser "IndyWatch Feed Tech"

Occams Taser

Occams Taser: The most painful explanation is usually the correct one. This is definitely an Ops theorem. Scott Lyon

via Tatiana Azundris

14:00

GitLab v10 Integrates with Kubernetes "IndyWatch Feed Tech"

This GitLab release provides capabilities to fully embrace the benefits of DevOps specifically CI/CD and Kubernetes based application development, said Sid Sijbrandij, CEO of GitLab. The sector is increasingly adopting cloud-native capabilities utilizing the Kubernetes open source container orchestration software in the market, he noted, resulting in an increasing need for automated processes.

13:42

The large parts of America left behind "IndyWatch Feed Tech"

Most of America is deteriorating economically.

Economic prosperity is concentrated in Americas elite ZIP Codes, but economic stability outside of those communities is rapidly deteriorating.

Thats the stark conclusion by Axios tech editor Kim Hart, in one of the most sobering pieces we have run in the eight months since we launched.

13:05

Re: CVE-2017-14489: Linux kernel: scsi: nlmsg is not properly parsed in iscsi_if_rx() "IndyWatch Feed Tech"

Posted by Vladis Dronov on Sep 25

heololo,

an additional research shows that the very latest kernels are not showing
a crash with a reproducer. git bisect showed that:

commit 7f564528a480084e2318cd48caba7aef4a54a77f (between v4.11 and v4.12-rc1)
is the first commit a crash is not reproduced with:

commit 7f564528a480084e2318cd48caba7aef4a54a77f
Author: Steffen Klassert
Date: Sat Apr 8 20:36:24 2017 +0200
skbuff: Extend gso_type to...

13:00

3D Printing Aluminum with Nanoparticles "IndyWatch Feed Tech"

We love our 3D printers. But sometimes we really wish we could print in metal. While metal printing is still out of reach for most of us, HRL Labs announced a powdered aluminum printing process that they claim is a breakthrough because it allows printing (and welding) of high-strength aluminum alloys that previously were unprintable and unweldable.

The key is treating the metal with special zirconium-based nanoparticles. The nanoparticles act as nucleation sites that allow the aluminum to form the correct microstructure. The full paper on the process appears in Nature.

Other than the nanoparticles, the process is a conventional laser sintered metal powder process. Thats not new. However, aluminum comes in alloys and not all the alloys are good for all purposes. Some of the alloys commonly used for high strength are not weldable and in general metal that wont weld cant laser sinter, either. HRL claims that 7075 and 6061 are both printable with this process. Presumably, other metals could benefit from this nanoparticle treatment, although different materials may need different kinds of nanoparticles.

We winced at the over-extrusion of the plastic part they show in the video, but hopefully, that was just a stock video. Of course, this isnt going to make home metal printing affordable. Until that happens, youll have to settle for electroplating or you can print with lower-temperature metals.


Filed under: 3d Printer hacks, news

12:53

New Zealand: Family of Four Living in Bus Conversion "IndyWatch Feed Tech"

Wow, thats a much nicer bus (we call them Choochoo buses because of the chimneys) than the ones we see around Kaitaia. Via: Exploring Alternatives:

12:38

Molecular Machines Assemble Four Different Chemical Products "IndyWatch Feed Tech"

University of Manchester researchers have created a molecular machine that can assemble four different chemical products:

David A. Leigh of the University of Manchester and coworkers made molecular-machine-based chemical synthesis a reality four years ago when they developed a large molecule that picks up amino acids and assembles them into tripeptides (Science 2013, DOI: 10.1126/science.1229753). Now, they've taken the concept to another level by creating a programmable molecular machine that creates four different products by adding thiol and alkene substituents asymmetrically to an ,-unsaturated aldehyde substrate (Nature 2017, DOI: 10.1038/nature23677). The machine makes each of the products with stereoselectivity similar to, but in some cases lower than, that of corresponding catalytic reactions in solution, Leigh says.

To generate the products, Leigh and coworkers attach an ,-unsaturated aldehyde substrate to an "arm" in the molecular machine. An acyl hydrazone located in the center of the machine changes conformation in response to pH changes, causing the arm to rotate between two fixed orientations. Rotations position the substrate above one or another of two silyl prolinol activation sites in the machine that mediate reactions with opposite chiralityR for one site, S for the other. So arm position controls reaction chirality.

The substrate forms a reactive iminium intermediate with an activation site, and the intermediate then reacts with a thiol for the first addition. Then the substrate, with its added sulfide, forms a reactive enamine with an activation site, and the alkene adds to that. If the arm is rotated between the two activation sites mid-synthesis by adding acid, the steps have opposite chirality, and the diastereomer products have (R,S) or (S,R) configuration. If the arm is stationary between steps, both additions occur with the same chirality, and the product has (R,R) or (S,S) configuration.


Original Submission

Read more of this story at SoylentNews.

12:00

Accelerate Application Modernization with Node.js "IndyWatch Feed Tech"

Node.js is much more than an application platform. In a 2016 Forrester report, the research firm talked with several Node.js users and developers to better understand the growth of Node within global enterprises across all a range of industries.

Forresters key takeaways:

12:00

Week ahead in tech: Social media giants under scrutiny over Russian interference "IndyWatch Feed Tech"

Social media companies, including giants Facebook and Twitter, are in the spotlight over Russian efforts to interfere in the 2016 campaign.Twitter will brief the Senate Intelligence Committee next week over Russian influence on its...

11:42

Closing in on cancer "IndyWatch Feed Tech"

THE numbers are stark. Cancer claimed the lives of 8.8m people in 2015; only heart disease caused more deaths. Around 40% of Americans will be told they have cancer during their lifetimes. It is now a bigger killer of Africans than malaria. But the statistics do not begin to capture the fear inspired by cancers silent and implacable cellular mutiny. Only Alzheimers exerts a similar grip on the imagination.

Confronted with this sort of enemy, people understandably focus on the potential for scientific breakthroughs that will deliver a cure. Their hope is not misplaced. Cancer has become more and more survivable over recent decades owing to a host of advances, from genetic sequencing to targeted therapies. The five-year survival rate for leukemia in America has almost doubled, from 34% in the mid-1970s to 63% in 2006-12. America is home to about 15.5m cancer survivors, a number that will grow to 20m in the next ten years. Developing countries have made big gains, too: in parts of Central and South America, survival rates for prostate and breast cancer have jumped by as much as a fifth in only a decade.

11:08

Peru Authorities Shut Down First Pirate Websites, Three Arrested "IndyWatch Feed Tech"

For a country with a soaring crime rate, where violent car-jackings and other violent crime are reportedly commonplace, Internet piracy isnt something thats been high on the agenda in Peru.

Nevertheless, under pressure from rightsholders, local authorities have now taken decisive action against the countrys most popular pirate sites.

On the orders of prosecutor Miguel ngel Puicn, a specialized police unit carried out searches earlier this month looking for the people behind Pelis24 (Movies24) and Series24, sites that are extremely popular across all of South America, not just Peru.

Local media reports that an initial search took place in the Los Olivos district of the Lima Province where two people were arrested in connection with the sites. On the same day, a second search was executed in the town of Rimac where a third person was detained.

The case was launched following a rightsholder complaint to the Special Prosecutors Office for Customs Crimes and Intellectual Property in Lima. It stated that three domains pelis24.com, pelis24.tv and series24.tv were offering unlicensed movies and TV shows to the public.

In view of the abundant evidence, the office requested measures indicative of the right to the criminal judge. A search was carried out in search of the property and the preliminary 48-hour detention of the people investigated was requested, authorities said in a statement.

The warrant not only covered seizure of physical items but also the domain names associated with the platforms. As shown in the image below, they now display the following seizure banner (translated from Spanish).

Pelis24/Series24 Seizure Banner

Authorities say that a detailed preliminary investigation took place in order to corroborate the information provided by the complainant. Once the measures were approved by a judge, the Prosecutors Office acted in coordination with the Investigations Division of the High Technology Crimes unit to carry out the operation.

According to Puicn, this is the first action against the operators of a pirate site in Peru.

The purpose was to have the detainees close the sites voluntarily after providing us with the login codes, he s...

11:03

Experts say United Cyber Caliphate hackers have low-level cyber capabilities "IndyWatch Feed Tech"

United Cyber Caliphate members stopped trying to develop their own hacking and communication tools and used to search them into the criminal underground.

According to Kyle Wilhoit, a senior security researcher at DomainTools, who made a speech at the DerbyCon hacking conference in US, ISIS members stopped trying to develop their own hacking and communication tools and used to search them into the criminal underground.

United Cyber Caliphate ISIS mobile app-download-page

The expert explained that members of hacker groups that go under the banner of the United Cyber Caliphate (UCC) have low-level coding skills and their opsec are garbage.

ISIS members belonging to groups under the United Cyber Caliphate (UCC) developed three apps for their communication, they also developed trivial malware whom code was riddled with bugs.

ISIS is really really bad at the development of encryption software and malware, Wilhoit explained. The apps are sh*t to be honest, they have several vulnerabilities in each system that renders them useless.

Due to their technical limitations, ISIS-linked groups started using mainstream communication systems like Telegram and Russian email services that are widely used by cyber criminals.

...

11:02

What is Edge Computing and How Its Changing the Network "IndyWatch Feed Tech"

Edge computing is a mesh network of micro data centers that process or store critical data locally and push all received data to a central data center or cloud storage repository, in a footprint of less than 100 square feet, according to research firm IDC.

It is typically referred to in IoT use cases, where edge devices would collect data sometimes massive amounts of it and send it all to a data center or cloud for processing. Edge computing triages the data locally so some of it is processed locally, reducing the backhaul traffic to the central repository.

10:17

Developers Need to Start Paying Attention to Licenses "IndyWatch Feed Tech"

Today's applications are arguably the equivalent of a Girl Talk album in code. They are made up of code that comes from a variety of sources. For instance, they may use one or more frameworks and libraries each of which may also may rely on hundreds of modules (ex. npm, Ruby gems). Even portions the "original" code in a project may have originally been copy/pasted from documentation, a tutorial or *gasp* StackOverflow.

10:17

Olfaguard is an Electronic Nose for Smelling Pathogens in Food Factories "IndyWatch Feed Tech"

Submitted via IRC for Fnord666:

A recent deadly outbreak of Salmonella has so far sickened more than 200 people throughout the eastern and southern United States. The culprit? Madrol papayas coming from three different distribution companies, all originating from four close farms in Mexico.

[...] Mitigating risk of food-borne illnesses can be a costly and time-consuming business for food manufacturers -- but one that is necessary. ...

This machine works by picking up on possible pathogens, running it through the system and then coming out with results, which founder and CEO Pierre Salameh says have so far yielded results with a 94 percent accuracy in the lab.

[...] "We provide an affordable method, but I don't want to save money for factories. I want to double and triple output within the same budget of what they are doing," Salameh tells TechCrunch.

Source: https://techcrunch.com/2017/09/19/olfaguard-is-an-electronic-nose-for-smelling-pathogens-in-food-factories/


Original Submission

Read more of this story at SoylentNews.

10:08

Re: Why send bugs embargoed to distros? "IndyWatch Feed Tech"

Posted by John Haxby on Sep 25

This pre-disclosure interval is extremely useful. We may not, in
general, publish a patch quite as soon after disclosure that I would
like but that doesn't mean we have ignored the pre-disclosure or taken
no action.

While it may not be readily apparent, the distros list does allow us to
get our act together so that when customers come knocking asking "what's
this security problem all about then?" we have answers prepared....

10:07

How Containers Scale: Service Mesh vs. Traditional Architecture "IndyWatch Feed Tech"

Containers continue to be a hot topic. Some claim they are on the verge of a meteoric rise to dominate the data center. Others find them only suitable for cloud. And still others are waiting patiently to see if containers are the SDN of app infrastructure or not highly touted by pundits but rarely put it into practice in production.

A quick perusal of research and surveys shows that containers certainly are gaining traction somewhere.

10:06

Kaltura - Remote Code Execution and Cross-Site Scripting "IndyWatch Feed Tech"

Posted by robin . verton on Sep 25

Telekom Security
security.telekom.com

Advisory: Kaltura - Remote Code Execution and Cross-Site Scripting
Release Date: 2017/09/12
Author: Robin Verton (robin.verton () telekom de)
CVE: CVE-2017-14141, CVE-2017-14142, CVE-2017-14143

Application: Kaltura <= 13.1.0
Risk: Critical
Vendor Status: Kaltura 13.2.0 was released to fix this vulnerabilities.

Overview:...

10:01

Top 10 Most Pirated Movies of The Week on BitTorrent 09/25/17 "IndyWatch Feed Tech"

This week we have two newcomers in our chart.

Pirates of the Caribbean: Dead Men Tell No Tales is the most downloaded movie for the third week in a row.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This weeks most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 (1) Pirates of the Caribbean: Dead Men Tell No Tales 6.9 / trailer
2 (3) Baby Driver 8.0 / trailer
3 (9) Despicable Me 3 6.4 / trailer
4 (2) Transformers: The Last Knight ...

10:00

Push Buttons, Create Music With A MIDI Fighter "IndyWatch Feed Tech"

Musicians have an array of electronic tools at their disposal to help make music these days. Some of these are instruments in and of themselves, and [Wai Lun] inspired by the likes of Choke and Shawn Wasabi built himself a midi fighter

Midi fighters are programmable instruments where each button can be either a note, sound byte, effect, or anything else which can be triggered by a button. [Lun]s is controlled by an ATmega32u4 running Arduino libraries flashed to be recognized as a Leonardo and is compatible with a number of music production programs. He opted for anodized aluminum PCBs to eliminate flex when plugging away and give the device a more refined look. Check it out in action after the break!

[Lun] designed the project in Fusion 360 and KiCad with plenty of room to spare for some electronic art gotta love Daft Punk. Hes using Sanwa OBSC 24mm arcade buttons for their premium quality and two SK6812 mini LEDs apiece for a slick lighting effect when theyre pressed.

After receiving the manufactured boards and parts, a quick test fit flowed right into final assembly. With the ATmega32u4 flashed and programmed, he was ready to rock. Down the line, [Lun] wants to have a GUI to configure the notes each button plays without tinkering around in the code, but it works great for now.

For an astounding acoustic to electronic instrument conversion, check out this MIDI accordion!


Filed under: Arduino Hacks, musical hacks

09:52

[slackware-security] libxml2 (SSA:2017-266-01) "IndyWatch Feed Tech"

Posted by Slackware Security Team on Sep 25

[slackware-security] libxml2 (SSA:2017-266-01)

New libxml2 packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/libxml2-2.9.5-i586-1_slack14.2.txz: Upgraded.
This release fixes some security issues:
Detect infinite recursion in parameter entities (Nick Wellnhofer),
Fix handling of parameter-entity...

09:38

[SECURITY] [DSA 3983-1] samba security update "IndyWatch Feed Tech"

Posted by Moritz Muehlenhoff on Sep 25

-------------------------------------------------------------------------
Debian Security Advisory DSA-3983-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
September 22, 2017 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : samba
CVE ID : CVE-2017-12150 CVE-2017-12151...

09:19

Intel Core i9 7980XE Linux Benchmarks: 18 Core / 36 Threads For $1999 USD "IndyWatch Feed Tech"

Besides the embargo expiring this morning on the Intel Core i9 7960X, the Core i9 7980XE Extreme Edition processor is also now fair game. Here is our look at the Linux performance for this 18 core / 36 thread processor within a single 165 Watt package.

09:05

How The Internet Kept Humming During 2 Hurricanes "IndyWatch Feed Tech"

The New York Times has a nice article about Data Center Infrastructure vs. Hurricanes, suitable for muggles.

Yet another data center, west of Houston, was so well prepared for the storm with backup generators, bunks and showers that employees displaced family members took up residence and United States marshals used it as a headquarters until the weather passed.

It wasnt Noahs ark, but it was darn close, said Rob Morris, managing partner and co-founder of Skybox, the company that runs the center.

 

09:03

Spammed-out emails threaten websites with DDoS attack on September 30th "IndyWatch Feed Tech"

Websites are being told that they have until September 30th to pay extortionists $720 worth of Bitcoin, or else suffer a distributed denial-of-service (DDoS) attack.

Read more in my article on the We Live Security blog.

09:01

Intel Core i9 7960X Linux Benchmarks "IndyWatch Feed Tech"

While Intel previously announced the expanded Intel Core X-Series line-up including the Core i9 7960X and Core i9 7980XE processors, only today is the performance embargo expiring as these CPUs begin to ship to further battle AMD's Ryzen Threadripper line-up. Here is today's launch-day Linux benchmarks of the Core i9 7960X.

09:00

Why did Britain go to war in 1914? "IndyWatch Feed Tech"




This is something i had never properly understood.   The public reasons were always bunkum.  The actual consequences for the British Empire were unforgivable.  The road to war itself was mostly driven by Russian mischief making taking full advantage of French enthusiasm to redress 1871, in order to extend Russian interests in Europe and the Balkans.

The German posture was purely defensive even though this ultimately meant preemptive action.

In the end, the British handled their hand badly and did not forestall the rush to war at the least as was surely possible through strong diplomatic engagement in the prewar years. It was always in their interest to keep the peace and do this by withholding military support from France if they did not play ball.

An obvious strategic deployment would have been to place British land forces in Belgian to act as a staging force to move to support an attacked all.  They had the guarantees without means to even assist.  This would have completely nullified the sweep through Belgian used by the Germans and possibly reduced the WWI war to demonstrations on the main frontier with France....


Why did Britain go to war in 1914? 

Cameron Greene, History is eternal and perpetual, there are no rules.

...

09:00

The Irish diaspora "IndyWatch Feed Tech"




 
 
 From the beginning, the Irish provided the manpower to occupy the colonies produced by Great Britain.  Irish agriculture was unsustainable in the face of increasing populations and the industrial revolution happened elsewhere to suck up populations there.

The extent is surprising  and several times larger than the Scots or the English.
 
What truly drove it was Irish serfdom and landowners, Irish or English selling their surplus populations to the colony ships who resold them on as indentured servants.  I have noticed in my own ancestral lore that ancestors all made the fare and arrived with a serious stake able to homestead or whatever.  That would never have been true for most Irish.
 
...
.
The Irish diaspora

There are 70 million people around the world who claim Irish ancestry. What shaped and made the great Irish emigration?

https://aeon.co/essays/the-irish-experience-and-the-meaning-of-modern-diaspora


From 1700 to the present, fully ten million Irish men, women and children left Ireland and settled abroad. Remarkably, this figure is more than twice the population of the Republic of Ireland today (4.8 million). It exceeds the population of the island of Ireland, north and south (6.6 million). And it is greater than the population of Ireland at its peak in 1845, on the eve of the Famine (8.5 million). Some 70 million people worldwide claim Irish descent, more than half of them in the United States, where Irish is the second most common ancestry after German.

In the United States, the Irish found a kind of mirror, or complement: a nation of immigrants for a nation of emigrants. Most people know about Americas distinctive claims to be a nation composed of immigrants. Irelands status as the nation of emigrants to the modern world is less well-known but perhaps as unique and historic. For most of the 19th and 20th centuries, Ireland had the highest emigration rate in Europe.

How are we to explain a historical phenomenon of thi...

09:00

Secret Military 'Cloaking' Aircraft? "IndyWatch Feed Tech"





















Obviously a test protocol with a test plane and available secured eyeballs and hardware to observe the test itself.  The plane was large but otherwise not unusual..  

Yet the cloaking demonstrated is excellent.  You effectively see the background.  That is as good as it gets and it has been fitted onto a conventional craft as well.  Thus the technology is plausibly ready for deployment.


Secret Military 'Cloaking' Aircraft?


Jeannie in Mansfield, Ohio called in to tell of a weird sighting she had:

http://www.phantomsandmonsters.com/2017/09/secret-military-cloaking-aircraft.html?

Friday, September 08, 2017

So I'm 50 years old. I'm a military wife since I was 17. I've lived near several bases. My ex was with aviation with regard to fuels. I've been on Independence Day cruises and been out on an aircraft carrier, lived near bases including overseas particularly in Spain. Aviation boats and fuel and, so I'm just saying, I would not have believed this happened had these two ladies not been standing next to me. I wish to this moment that I had gotten their information but nonetheless, I'll try to make this quick because I know you have a lot of callers.

I was going in a local grocery store. We live in a town that has a large reserve community, as far as reserve forces. And an aircraft wing that operates out of a local small airport. So I'm in that side of town and I look up. It's a cloudy day and I see this extra large aircraft and I counted 25 plus windows in this. It was passing through a cloud at the time and I looked at these ladies next to me because they were loading their groceries in the car, as well as I was, and I said, "That's kind of a big aircraft for around here" and at that moment, I kid you not, had they not been standing there, it was like somebody...

09:00

Conrad Black: Trump the best defence against world becoming playpen of nuclear powers "IndyWatch Feed Tech"






I do want to say that what i am seeing from the Trump administration is extraordinary good news.  Bad trends are been interrupted.  Not defeated yet, but no longer been ignored.  These are all issues easily identified by the discerning and are best dealt with early or in rare cases best dealt with late.


Trump's great fortune is that the whole nuclear weapon system happens to be totally obsolete and no one understands that yet.  It is obvious to me that they will soon particularly if the USA  uses Korea to unleash the Space Fleet which commands Kinetic Bombardment weapons, Super Lasers and Small Tactical Nukes as well. 


Recall that the USA has done little to advance the known systems in place and that is because there is little point except to keep potential enemys confused and deeply in the dark.  Hell, we still fly the B- 52s for an attack platform when air superiority is assured.


Conrad here spells out the likely preemptive attack expected by any body.  For that conventional attack to properly go ahead we need assurance that the artillery threat can be completely and almost instantly neutralized.  Doing that is a task for the US Space Bombardment Fleet with their rapid fire lasers.  Thus i expect plenty of smoke to hide this as occurred in Iraq during the first Gulf War.

I further expect a Trump doctrine in which all nuclear powers will be aggressively disarmed and will also lead to the full decommissioning of uranium based power systems as well.  It is likely to be deliberately evolved over the next few years.

 
.
Conrad Black: Trump the best defence again...

08:40

RedBoot ransomware also modifies partition table, is it a wiper? "IndyWatch Feed Tech"

The RedBoot ransomware encrypts files on the infected computer, replaces the Master Boot Record and then modifies the partition table.

Malware Blocker researcher discovered a new bootlocker ransomware, dubbed RedBoot, that encrypts files on the infected computer, replaces the Master Boot Record (MBR) of the system drive and then modifies the partition table.

The experts noticed that there is no way to input a decryption key to restore the MBR and partition table, a circumstance that suggests this malware may be a wiper.

When the victim executes the RedBoot ransomware it will extract 5 other files into a random folder in the directory containing the launcher.

The five files are:

  • boot.asm.  it is an assembly file that will be compiled into the new master boot record. When the boot.asm has been compiled, it will generate the boot.bin file.
  • assembler.exe  it is a renamed copy of nasm.exe that is used to compile the boot.asm assembly file into the master boot record boot.bin file.
  • main.exe  It is the user mode encrypter that will encrypt the files on the computer
  • overwrite.exe. It is used to overwrite the master boot record with the newly compiled boot.bin file.
  • protect.exe  It is the executable will terminate and prevent various programs from running such as the task manager and processhacker.

Once the files are extracted, the main launcher will compile the boot.asm file generating the boot.bin. The launcher executes the following command:

[Downloaded_Folder]\70281251\assembler.exe" -f bin "[Downloaded_Folder]\70281251\boot.asm" -o "[Downloaded_Folder]\70281251\boot.bin"

Once boot.bin has been compiled, the launcher will delete the boot.asm and assembly.exe files, then it will use the overwrite.exe program to overwrite the current master boot record with the compiled boot.bin using this command.

"[Downloaded_Folder]\70945836\overwrite.exe" "[Downloaded_Folder]\70945836\boot.bin"

At this point, the malware starts the encryption process, the launcher will start the main.exe that will scan the machine for files to encrypt appending the .locked extension onto each encrypted file. The main.exe program will also execute the protect.exe component to stop the execution of any software that can halt the infection.

...

07:56

Ichidan Is a Shodan-Like Search Engine for the Dark Web "IndyWatch Feed Tech"

Submitted via IRC for SoyCow5743

[On September 12], Bleeping Computer came across a new Dark Web portal that allows users to search Tor Onion sites in the same way users utilize Shodan to discover Internet-exposed services [1, 2].

Named Ichidan the Japanese word for "first stage/step" the service is located at ichidanv34wrx7m7.onion, and, in the long run, can prove a useful tool for anyone investigating Dark Web services.

"This search engine is gold," said Victor Gevers, after Bleeping Computer asked the researcher for an opinion. "There is so much we didn't know about many .onion addresses. I am just amazed at things I see."

[...] Under normal circumstances, Tor sites should not be exposing such wealth of information, as they could reveal the whereabouts and identity of the website's owner.

While this much data is good news when tracking down cyber-criminals and other crooks, this might not be good news if you're running a secret news portal in a country with an oppressive regime.

Source: https://www.bleepingcomputer.com/news/security/ichidan-is-a-shodan-like-search-engine-for-the-dark-web/


Original Submission

Read more of this story at SoylentNews.

07:28

07:00

A Very 2017 Take On A BBC Micro "IndyWatch Feed Tech"

In the early 1980s, there were a plethora of 8-bit microcomputers on the market, and the chances are that if you were interested in such things you belonged to one of the different tribes of enthusiasts for a particular manufacturers product. If you are British though there is likely to be one machine that will provide a common frame of reference for owners of all machines of that era: The Acorn BBC Microcomputer which was ubiquitous in the nations schools. This 6502-driven machine is remembered today as the progenitor and host of the first ARM processors, but at the time was notable for the huge array of built-in interfaces it contained. Its relatively high price though meant that convincing your parents to buy you one instead of a ZX Spectrum was always going to be an uphill struggle.

So, you never owned a BBC Micro, and this has scarred you for life. Never mind, all is not lost, for now you can have that Acorn experience without scouring eBay for a classic micro, by running one entirely in silicon on a myStorm FPGA board.

To be fair, running classic hardware on an FPGA is nothing new and there have been a few BBC Micros implemented in this way, not to mention an Acorn Atom. But this project builds on the previous FPGA BBC Micros by porting it entirely to Verilog and incorporating some of the bug fixes from their various forks. There are screenshots of the result running several classic games, as well as test screens and a benchmark revealing it to be a faithful reproduction of a 2MHz BBC Micro.

We covered the myStorm board when it arrived last year. Weve also brought you another FPGA board running as a coprocessor for a real BBC micro.

Thanks [monsonite] for the tip. He also alerts us that the myStorm boards ARM microcontroller can now be programmed from the Arduino IDE.


Filed under: classic hacks

06:13

Run kali Linux on Windows 10 in Docker "IndyWatch Feed Tech"

How to run Kali Linux in Docker on Windows 10

A lot of people use Linux. A lot of people use Windows. A lot of people come in the over lap and use both Linux and Windows on the same machine. Until now, the ways to do this , was either by using a virtual machine or by dual booting the two OSes on the machine. Both these methods have their pros and cons. However, with Windows 10, Microsoft has introduced a third method for running multiples OSes by using containers and in this article, well go through the steps required to achieve this.

Step 1: First thing that you need to do, is enable containers. For this, open the Run dialog box by hitting the Windows key+R ,type optionalfeatures and hit enter.

Step 2: In the dialog box that appears, make sure the Containers option is checked.

Step 3: Once done, you will need to install the docker. Install the stable channel Windows MSI.

Step 4: Once the installation completes, you will need to log off and log in once. When you log in, you should get the message Docker is starting

Step 5: Well be using Kali Linux in our example. Open up the Command Line Interface(CLI) of your choice and enter docker pull kalilinux/kali-linux-docker. This will pull the image from the docker store.

Step 6: Now, we will enter an interactive bash session by typing docker run -t -I kalilinux/kali-linux-docker /bin/bash. This installation is supposed to be minimal, so do be sure to get all the packages you really want.

Step 7: In the last step, we shall install the go-to for most pentester Metasploit by using the command apt install metasploit-framework ruby

Step 8: Start up the PostgresSQL database that Metasploit uses , initialize it and to msfconsole we go.

Source: Microsoft TechNet

The post Run kali Linux on Windows 10 in Docker appeared first on...

06:00

A Recap Of XDC2017: Advancing Wayland, Mesa & Yes The X.Org Server "IndyWatch Feed Tech"

The annual X.Org Developers' Conference wrapped up on Friday as the meeting of key contributors to components including the xorg-server, Wayland, Mesa, and other crucial components of the Linux desktop stack...

05:48

Sky Marsen, author of "Becoming More Than Human: Technology and the Post-Human Condition", joins our Futurists Board "IndyWatch Feed Tech"

Sky Marsen, author of "Becoming More Than Human: Technology and the Post-Human Condition", joins our Futurists Board.

05:40

Re: Why send bugs embargoed to distros? "IndyWatch Feed Tech"

Posted by Igor Seletskiy on Sep 24

This pre-disclosure was very useful to CloudLinux. Most of our
customers are shared hosting companies and are affected by this bug.
The early notification gave us time to thoroughly test the fix, and
analyze if it can potentially have any side effects.
It also let us deliver the fix to beta channel right after the
announcement, and to the main channel a day later.

Regards,
Igor Seletskiy | CEO
CloudLinux OS | KernelCare | Imunify360...

05:35

2010 JO179: A Highly Inclined Dwarf Planet Candidate in 21:5 Resonance with Neptune "IndyWatch Feed Tech"

Astronomers have found a probable dwarf planet beyond Neptune using data from the Pan-STARRS Outer Solar System Survey. The trans-Neptunian object's perihelion is 39.32 AU. Although 2010 JO179 is a relatively bright (and red) object, it was not discovered earlier due to its high 32 orbital inclination and 30 ecliptic latitude.

Astronomers think they might have found a new dwarf planet beyond the orbit of Neptune. It's about a quarter of the size of Pluto and may be one of thousands of objects awaiting discovery at the edge of our Solar System.

Tentatively named 2010 JO179, it was found using the Pan-STARRS Outer Solar System Survey by a team led by Matthew Holman from the Harvard-Smithsonian Center for Astrophysics in Cambridge, Massachusetts. A paper describing the findings is available on arXiv.

From measuring the brightness of the object, the team believes it's about 600 to 900 kilometers (370 to 560 miles) across. For scale, Pluto is 2,370 kilometers (1,473 miles) wide.

The potential dwarf planet [has a semi-major axis] of 78.3 AU (astronomical units 1 AU is the Earth-Sun distance), beyond the Kuiper Belt. There's an extremely small margin of error in this estimation. It is known as a trans-Neptunian object (TNO). For comparison, Neptune is 30.5 AU on average and Pluto is 39.5 AU.

For every 21 orbits Neptune makes around the Sun, 2010 JO179 makes 5.

[Wikipedia helpfully informs us that Neptune "orbits the Sun once every 164.8 years at an average distance of 30.1 astronomical units." So, these planets synch up every 3460 years or so. --Ed.]


Original Submission

Read more of this story at SoylentNews.

05:00

Intel Announces Early 8th Gen Core Processors, Coffee Lake "IndyWatch Feed Tech"

Intel has rushed up the announcement of their 8th Gen Intel Core desktop processors following a recent leak. We can now confirm that these new Intel CPUs are en route to retailers, they have already arrived for testing, and will be benchmarked under Linux on Phoronix once that secondary embargo expires...

04:26

Kernel prepatch 4.14-rc2 "IndyWatch Feed Tech"

The 4.14-rc2 kernel prepatch is out. "Nothing stands out, although hopefully we've gotten over all the x86 ASID issues. Knock wood."

04:09

AI Will Turn Graphic Design On Its Head | Backchannel "IndyWatch Feed Tech"

Apples 1984 Macintosh revolutionized graphic designbut that was nothing compared to the coming wave of websites thatll design themselves.

04:05

A promising therapy for Type 1 Diabetes is in the works "IndyWatch Feed Tech"

In Phase 1 trials, the BCG vaccine was able to create an environment that was able to temporarily restore insulin-producing beta cells.

For interesting science, like Scientifically.

We are keeping a close eye on this trial. If you would like to follow the outcome, Like us. Here is more information on the trial. https://clinicaltrials.gov/ct2/show/study/NCT02081326#contacts

04:00

Laser Smoothies At Maker Faire "IndyWatch Feed Tech"

This year at Maker Faire, laser cutters were all the rage. Dremel announced a 40W laser cutter, but it wont be available for purchase until this time next year, there is no price yet, and therefore doesnt deserve further mention. Glowforge was out in full force, but the most interesting aspect of the Glowforge a compact filter system that sits right underneath the laser was not to be found. It looks like lasers are the next 3D printer.

Of course, those in the know have already been using laser cutters for years, and there are options for desktop CO2 laser cutters that cost less than a kilobuck. I speak, of course, of the ubiquitous K40 laser, a machine you can get off of eBay or AliExpress for the price of a generic, off-brand 3D printer. There is a downside to the K40, though: the control electronics and software are notoriously terrible. Fix that, though, and you have something really spectacular.

The Cohesion3D Mini

This year at Maker Faire, [Ray Kholodovsky] of Cohesion3D brought out his Smoothie-derived control boards for CNC machines and laser cutters. Of note is his K40 upgrade that turns the eBay sp...

03:56

Jellyfish Lasers Are Revolutionizing Quantum Physics "IndyWatch Feed Tech"

How are scientists using jellyfish to create super-advanced polariton lasers? And how do lasers even work in the first place?

03:55

The Claim Hot Water Freezes Faster Than Cold Water Is Even Weirder Than You Think "IndyWatch Feed Tech"

Despite sounding like the most egregious contradiction in physics, hot water appears to freeze faster than cold water under certain circumstances. The phenomenon can be traced back to Aristotle himself, but after centuries of experiments demonstrating this phenomenon, no ones been able to explain it.

Now physicists are pointing to strange properties of hydrogen bonds as the solution to one of the oldest mysteries in physics but others are claiming the so-called Mpemba effect doesnt even exist at all.

For a bit of background into the Mpemba effect, this phenomenon has been confounding physicists since Aristotle first noticed it more than 2,000 years ago.

03:55

Tesla wants to build mega supercharging stops that sell food and coffee "IndyWatch Feed Tech"

Tesla wants to make your 30-minute stop at the Supercharger a bit more enjoyable by locating them near restaurants and coffee shops.

03:54

Touching helps build the sexual brain "IndyWatch Feed Tech"

Hormones or sexual experience? Which of these is crucial for the onset of puberty? It seems that when rats are touched on their genitals, their brain changes and puberty accelerates. In a new study publishing September 21 in the open access journal PLOS Biology researchers at the Bernstein Center, and Humboldt University, Berlin, led by Constanze Lenschow and Michael Brecht, report that sexual touch might have a bigger influence on puberty than previously thought.

It has been known for some time that social cues can either accelerate or delay in mammals, but it hasnt been clear which signals are crucial, nor how they affect the body and , and in particular the possible reorganization of the brain.

The researchers first observed that the neural representation of the genitals in the expands during puberty. To begin with, the study confirms what was expected; that sexual hormones accelerate puberty and the growth of the so-called genital . However, whats new is that they find that sexual touch also contributes substantially to the acceleration of puberty.

03:53

The Real Reason Why Aluminum Foil Has 2 Different Sides "IndyWatch Feed Tech"

You might not lie awake at night wondering whether you should be baking atop the shiny side or the dull side of aluminum foil, but just in case you are, were here to let you know that there is indeed an answer to this eternal mystery.

According to Reynolds Kitchen, the difference in appearance between the two sides of aluminum foil is simply a result of manufacturing and serves no real purpose. Meaning, whether you are cooking your food with the shiny side up or the dull side up, youre doing it right.

03:52

Engineers Have Found a Way to 3D Print Super Strong Aluminum "IndyWatch Feed Tech"

Engineers found a new way to 3D print high-strength metal alloys, which previously cracked and left imperfections during the printing process.

03:52

Walking DNA nanorobot could deliver a drug to a precise location in your body "IndyWatch Feed Tech"

DNA nanorobot cargo carrier (artists impression) (credit: Ella Maru Studio)

Caltech scientists have developed a cargo sorting DNA nanorobot programmed to autonomously walk around a surface, pick up certain molecules, and drop them off in designated locations.

The research is described in a paper in the Friday, September 15, 2017 issue of Science.

03:52

In China, Robot Dentists Are Implanting 3D Printed Teeth "IndyWatch Feed Tech"

Open wide, because the robots have eyes on your dental work. South China Morning Post reports that a robo-dentist has autonomously implanted two new, 3D-printed teeth into a womans mouth.

The procedure, which appears to have made use of a robot arm from Universal Robotics, was developed by a team from the Fourth Military Medical University and Beihang University. The hardware first orients itself with the patients head, and is then programmed with the procedure it needs to undertake. It does a dry run to check that its got everything right, before the patient is given an anesthetic and the robot gets drilling. The team says that the robot works to tolerances of less than 0.3 millimeters, and can detect and compensate for movements of the persons head.

Dont fancy the idea? Well, bear in mind that its hoped the robot will be able to make up for a shortfall in the number of practicing dentists in China, which often leads to unqualified practitioners performing questionable procedures.

03:51

In Five Years, Your Smartphone Could Be Reading Your Mind "IndyWatch Feed Tech"

New technology enables thought to be translated into audible words with surprising accuracy by reading users brainwaves. The developers say they might be able to get the device to work with smartphones via an app in just five years.

A new system developed by a team of researchers from Japans Toyohashi University of Technology can read peoples minds using brainwaves.

03:51

Michio Kaku, Gregory Stack, And Yue Shao: Synthetic Human Embryos And Genetic Engineering [Opinion] "IndyWatch Feed Tech"

Michio Kaku and Gregory Scott discuss different aspects of genetic engineering in the video below. According to Kaku and Scott, parents will soon have different genetic engineering choices to make about their children. In addition, recent discoveries by Yue Shao have yielded a new classification of parentless synthetic human embryos.

With Yue Shaos discovery, genetic engineers might be learning to grow synthetic human embryos from anonymous stem cells donated from IVF clinics. How far this genetic engineering technology goes remains to be seen.

Michio Kaku and Gregory Scott speak about the ethical concerns of genetic engineering in the Michio Kaku video below beginning at the 29-minute mark. However, Yue Shaos statements to MIT about the accidental discovery of how to engineer synthetic human embryos out of stem cells raises more ethical concerns.

03:51

People in Two U.S. States Will Get $1,000 a Month in a New Basic Income Trial "IndyWatch Feed Tech"

Tech startup fund Y Combinator has announced plans for a new basic income trial in the U.S. in which participants receive $1,000 monthly.

03:51

Five ways to get CRISPR into the body "IndyWatch Feed Tech"

Scientists are investigating a range of different delivery mechanisms for the gene-editing tool, from topical gels to skin grafts.

03:50

3 Comments on Creating Human Beings from Skin Cells Is Possible "IndyWatch Feed Tech"

Stem cell research is one of my absolute favorite topics. This amazing field does not only reveal to us how our bodies function and develop, but also holds promising future applications that could help us treat severe diseases, which would not be treated otherwise. However, stem cell research can do more than just treat diseases. In this article, I will highlight the latest scientific breakthroughs to show you how we can turn a simple skin cell into a fully-grown genetically-engineered human being all thanks to the power of stem cells and genetic engineering.

Desperate times call for desperate measures

The field of stem cell research began in 1981 with the discovery of the embryonic stem cells by Martin Evans at Cardiff University, UK. In 1998, stem cells research became a hot topic in the mainstream media after scientists isolated human embryonic stem cells and grew them in the lab for the first time. Due to this breakthrough, stem cell research faced a lot of resistance from the general public. It raised questions about life, consciousness and human rights. At what point does one consider life to begin? If an embryo can develop into an individual, is it justifiable to destroy it or even use it for scientific research? This led the U.S. government to limit the federal funding of research on human embryonic stem cells because these embryos were destroyed in the process.

03:50

SpaceX Files Trademark Documents for its Global Internet Network "IndyWatch Feed Tech"

Elon Musks SpaceX has trademarked the name Starlink for its global satellite internet network, set to launch between 2019 and 2024.

03:45

Stratolaunch Megaplane Fires Up All Six Engines for the First Time "IndyWatch Feed Tech"

The largest aircraft in the world by wingspan gets closer to first flight.

03:45

How the shape and size of your face relates to your sexuality "IndyWatch Feed Tech"

Men and women with shorter, wider faces tend to be more sexually motivated and to have a stronger sex drive than those with faces of other dimensions. These are the findings from a study led by Steven Arnocky of Nipissing University in Canada. The research investigates the role that facial features play in sexual relationships and mate selection and is published in Springers journal Archives of Sexual Behavior.

The study adds to a growing body of research that has previously shown that certain psychological and behavioral traits are associated with particular facial width-to-height ratios (known as FWHR). Square-faced men (who therefore have a high FWHR) tend to be perceived as more aggressive, more dominant, more unethical, and more attractive as short-term sexual partners than their thinner and longer-faced counterparts.

Researchers attributed differences in to variations in testosterone levels during particular developmental periods, such as puberty. This hormone plays a role in forming adult sexual attitudes and desires.

03:45

New Artificial Intelligence Renders Your Face in 3D Using Just a Photo "IndyWatch Feed Tech"

Until now, this has been a computational challenge of extraordinary difficulty, the researchers wrote, with obstacles posed by different facial poses, expressions, and variable lighting.

Typically if you want to reconstruct a face you have to try and use something called 3D morphable models, or shape from shading, Aaron Jackson, a Ph.D. student who works on deep learning applied to human faces and who is one of the authors of the paper, told Seeker.

This method of 3D facial reconstruction analyzes shadows on the face to come up with a likely structure. It requires multiple images and poses.

03:45

Letting teens sleep in would save the country roughly $9 billion a year "IndyWatch Feed Tech"

The United States would realize roughly $9 billion a year in economic gains by instituting a simple, nationwide policy change: starting public school classes no earlier than 8:30 a.m.

Thats according to an exhaustive new study by the Rand Corporation, the first of its kind to model the nationwide costs and benefits of later school start times.

03:44

A new form of matter: scientists create the first supersolid "IndyWatch Feed Tech"

Enter the supersolid: a paradoxical material that flows easily like a superfluid, but is crystalline like a solid. Cathal OConnell reports.

03:44

You could soon be eating meat grown by plants "IndyWatch Feed Tech"

Tepic, Mexico, Sept 4 (Thomson Reuters Foundation) Juicy lab-grown steaks and burgers made of plant-based meat could soon be tempting hardened carnivores scanning restaurant menus in the worlds biggest cities, as food producers explore fresh ways to feed booming populations.

With people pouring into cities across the developing world, rocketing demand for meat and dairy products will make it essential to find high-protein alternatives that have a lower environmental impact, some experts say.

The food of the future, as we become more and more urban, will continue to be meat but it wont be meat from industrialised animal agriculture, said Bruce Friedrich, executive director of the Washington-based Good Food Institute.

03:44

New Synthetic Muscle Puts Us One Step Closer to Lifelike Robots "IndyWatch Feed Tech"

Robots still find it difficult to perform delicate actions, like picking up a soft object without causing damage. A new form of synthetic muscle could offer up some major improvements.

A group of researchers from the Columbia University School of Engineering and Applied Science has developed a new type of synthetic soft muscle that can be manufactured using a 3D printer. The material is capable of lifting up to 1,000 times its own weight and boasts fifteen times the strain density (expansion per gram) of natural muscle.

03:44

Scientists are turning chickens into dinosaurs "IndyWatch Feed Tech"

Scientists are turning chickens into dinosaurs kinda.

03:41

Robots learn to walk naturally "IndyWatch Feed Tech"

The challenge with bipedal robots isnt so much getting them to walk at all (although thats sometimes a problem) as it is getting them to walk naturally. They tend to either step cautiously or quickly run into trouble. Swiss researchers think they can do better, though: theyre working on COMAN (Compliant Humanoid), a headless robot designed to master walking. The automaton is more graceful through a combination of more flexible, elastic joints and a control algorithm that helps the bot understand its own body.

COMAN is aware of the symmetries in its dynamics and structure, which helps it not only walk with a natural gait but carry objects, navigate uneven surfaces like stairs, and react to surprises. If you push the robot, for instance, it knows exactly where to place its foot so that it doesnt tip over like some of its peers. And thanks to that added flexibility, its more likely to survive that rudeness.

The technology is a long way from reaching robots you can interact with. For one thing, these machines would need heads or some other way of exploring the world on their own. They may be particularly clever when they arrive, though. The team is also exploring the possibility of teaching bipedal robots t coordinate in shared actions, such as carrying a table. You could eventually see moving robots that have no problems hauling your couch down a flight of stairs.

03:37

This metal never ceases to amaze "IndyWatch Feed Tech"

Look what it does to this pot!

For step-by-step instructions of this experiment go here: https://goo.gl/7BVQ1z

For MEL Science safe experiments subscription go here: https://goo.gl/dWTTXk

03:36

He Hacked a Way to Talk to Plants and They Talk Back "IndyWatch Feed Tech"

Bioengineer Keenan Pinto designed an application that helps hydroponic farmers talk to their plants.

03:36

Scientists have created a BACTERIUM that inhales CO2 producing Energy "IndyWatch Feed Tech"

Its a bionic leaf that could revolutionize everything we thought we knew about clean energy.

Harvard scientists open the door to an energetic revolution that has allowed them to test successfully a system that converts sunlight into liquid fuel.

In other words, the chemist who gave us the artificial leaf a couple of years ago has GENETICALLY ENGINEERED A BACTERIUM to absorb hydrogen and carbon dioxide converting them into alcohol fuel.

03:36

Forget Police Sketches: Researchers Perfectly Reconstruct Faces "IndyWatch Feed Tech"

Picture this: youre sitting in a police interrogation room, struggling to describe the face of a criminal to a sketch artist. You pause, wrinkling your brow, trying to remember the distance between his eyes and the shape of his nose.

Suddenly, the detective offers you an easier way: would you like to have your brain scanned instead, so that machines can automatically reconstruct the face in your minds eye from reading your brain waves?

Sound fantastical? Its not. After decades of work, scientists at Caltech may have finally cracked our brains facial recognition code. Using brain scans and direct neuron recording from macaque monkeys, the team found specialized face patches that respond to specific combinations of facial features.

03:30

This is how your brain tells time "IndyWatch Feed Tech"

No single area of the brain can take responsibility for our perception of time. Instead, multiple regions perform different tasks to help you watch the clock.

03:27

How Estonia is leading the way to our digital future "IndyWatch Feed Tech"

Estonia is a leader in technology and innovation, but now the rest of the world must catch up.

03:26

British supermarket offers finger vein payment in worldwide first "IndyWatch Feed Tech"

A UK supermarket has become the first in the world to let shoppers pay for groceries using just the veins in their fingertips.

Customers at the Costcutter store, at Brunel University in London, can now pay using their unique vein pattern to identify themselves.

The firm behind the technology, Sthaler, has said it is in serious talks with other major UK supermarkets to adopt hi-tech finger vein scanners at pay points across thousands of stores.

03:26

Navy Will Start Using Xbox Controllers For Periscope Operation "IndyWatch Feed Tech"

Beginning in November, some US Navy submarine periscopes will be operated in a new, less expensive way: via Xbox controllers.

03:13

Facebook Changes Ad-Targeting Program in Response to ProPublica Investigation "IndyWatch Feed Tech"

Facebook has tightened the reins on its ad-targeting capabilities following a ProPublica investigation that found that Facebook's algorithmically generated categories allowed advertisements to be targeted to individuals who used phrases associated with anti-Semitism. Facebook denied that an algorithm was to blame, instead blaming manual entries by Facebook users (such as listing your occupation as "Jew Hater" with education from "Hitler's School of Hard Knocks"):

In a [September 20th post], Facebook's chief operating officer Sheryl Sandberg made her first public statement on a recent ProPublica investigation of ad-targeting to hate groups, calling the issue "a fail on our part." Last week, ProPublica's investigation found that Facebook clients could target ads using keywords like "jew hater" and "Hitler did nothing wrong."

Sandberg claims the ad-targeting was the result of manual entries in the education and employer fields. (In simple terms, someone listed their job as "jew hater.") That explanation contradicts the initial ProPublica article, which claimed the categories were algorithmically generated. "We never intended or anticipated this functionality being used this way and that is on us," Sandberg wrote. "And we did not find it ourselves and that is also on us."

Sandberg laid out three changes in how the company targets ads, although each is largely an extension of existing efforts. After restricting self-reported fields for education and profession, Facebook will now restore approximately 5,000 of the most popular responses, all of which have now been reviewed to ensure they don't violate company standards. The company will also devote more resources to ensuring that "content that goes against our community standards cannot be used to target ads," and add more human oversight to its advertising system more broadly.

Facebook now has a vetted list of around 5,000 targeting options (such as "nurse" or "teacher") and will manually approve new ones.

Also at Recode,...

03:02

BREAKING: Amazon Will Accept Bitcoin "IndyWatch Feed Tech"

According to a newsletter from The James Altucher Report, Amazon will soon begin accepting Bitcoin, which they will officially announce as early as October 26th during their earnings conference call.

How Reliable is the Source?

The top 13 qualities of terrible leaders - Business Insider
James Altucher has (co)founded more than 20 companies, authored 11 books, and has been a contributor to several major publications.

02:53

Links 25/9/2017: XFree KWin, FreeBSD 10.4 RC2 "IndyWatch Feed Tech"

GNOME bluefish

Contents

GNU/Linux

02:48

Measuring security: Part 2 - The cost of doing business "IndyWatch Feed Tech"

If you've not read my last post on measuring security you probably should. It talks about how to measure the security of things that make money. That post is mostly focused on things like products that directly generate revenue. This time we're going to talk about a category I'm calling the cost of doing business.

The term "cost of doing business" is something I made up so I could group these ideas in some sensible way. At least sensible to me. You probably can't use this with other humans in a discussion, they won't know what you're talking about. If I had a line graph of spending I would put revenue generating on one side, the purse cost centers on the other side. The cost of doing business is somewhere in the middle. These are activities that directly support whatever it is the organization does to make new money. Projects and solutions that don't directly make money themselves but do directly support things being built that make money.

The cost of doing business includes things like compliance, sending staff to meetings, maybe regulatory requirements. Things that don't directly generate revenue but you can't move forward if you don't do these things. There's not a lot of options in many cases. If you don't have PCI compliance, you can't process payments, you can't make any money, and the company won't last long. If you don't attend certain meetings nobody can get any work done. Regulated industry must follow their requirements or the company can often just be shut down. Sometimes there are things we have to do, even if we don't want to do them.

In the next post we'll talk about what I call "infrastructure", these are the things that are seen as cost centers and often a commodity service (like electricity or internet access). I just want to clarify the difference. Infrastructure is something where you have choice or can decide not to do it with a possible negative (or positive) consequence. Infrastructure is what keep the lights on at a bare minimum. Cost of doing business must be done to get yourself to the next step in a project, there is no choice, which changes what we measure and how we measure it.

The Example

Let's pick on PCI compliance as it's pretty easy to understand example. If you don't do this it's quite likely your company won't survive, assuming you need to process card payments. If you're building a new web site that will process payments, you have to get through PCI compliance, there is no choice, and the project cannot move forward until this is complete. The goal now isn't so much measuring the return on an investment as it is being a good steward of the resources given to us. PCI requirements and audits are not cheap. If you are seen as making poor decisions and squandering your resources it's quite likely...

02:36

Obama warned Zuckerberg about fake news on Facebook: report "IndyWatch Feed Tech"

Former President Obama warned Facebook founder Mark Zuckerberg to start taking the influence of fake news on his platform seriously ahead of President Trumps inauguration, The Washington Post reported Sunday.Obama reportedly pulled Zuckerberg aside...

02:28

Week in review: CCleaner compromise, Optionsbleed, and Linux devices sending out spam "IndyWatch Feed Tech"

Heres an overview of some of last weeks most interesting news and articles: Hackers behind CCleaner compromise were after Intel, Microsoft, Cisco There is a new twist in the CCleaner hack saga: the attackers apparently didnt set out to compromise as many machines as possible, but were after some very specific targets. Three things to know about the dark web One of the more curious aspects about the dark web is that it didnt start More

02:25

5 issues driving the push to crack down on tech giants "IndyWatch Feed Tech"

Tech giants like Google and Facebook are facing new government scrutiny, after years of enjoying a hands-off approach from legislators and regulators.The Silicon Valley pillars are increasingly being hit with criticism about their power, lack of...

02:22

Linux 4.14-rc2 Kernel Released "IndyWatch Feed Tech"

Linus Torvalds has announced the release of the second weekly test candidate of the upcoming Linux 4.14 kernel...

02:15

War, Comics, Commerce "IndyWatch Feed Tech"

Literary comics are sometimes more faddy than genre comics. Whenever theres a comic that breaks through to the general public and becomes a hit, it seems like all the major publishers call all available agents and put in an order of whatever genre somebody else had a hit with.

After Fun Home (by Alison Bechdel) became a phenomenon a decade ago, you had a few years where all the major publishers were cranking out coming-of-age autobio books. Some were good, but most were wretched.

The next fad every publisher were ordering metric tons of was artist biographies (often drawn in the style of the subject artist). I hope thats peaked, because while that wave of coming-of-age autobio books werent much cop, at least the artists themselves found the subject matter (i.e., themselves) interesting, so it wasnt all bad.

However, with artist biographies, you can tell that even the people doing the biographies have little interest in whatever theyre drawing. Theyre just making product to fit publishers schedules.

Who can begrudge artists accepting advances from publishers, even if they come with strings attached? People who make comics make almost no money as it is, so it must be tempting.

(Im not sure what the original artist biography that started this fad was Anybody know?)

So it was with some trepidation I set out reading this months stack of comics, fresh(ish) from the presses, because I noticed something new:

...

02:13

DistroWatch Weekly, Issue 731 "IndyWatch Feed Tech"

This week in DistroWatch Weekly: Review: BackSlash Linux OlafNews: Mint makes reporting bugs easier, Canonical adds Wayland support to Mir, Debian experimenting with AppArmorOpinion: The W3C, encrypted media and software freedomReleased last week: Kali Linux 2017.2, Endian Firewall 3.2.4, Korora 26Torrent corner: ArchBang, Clonezilla, Kali, Korora, Manjaro, NuTyX,....

02:00

HPR2386: The Decline and Fall of Tcl "IndyWatch Feed Tech"

Tcl is an interesting language that does many things "wrong", especially if you're coming from a LISP perspective, and especially-especially if you're coming from a Scheme perspective. Examples are all over the C2 wiki, but probably DynamicStringsVsFunctional is the epicenter. It also forms an important part of modern Scheme history, as the Tcl War led to the creation of Guile. What happened after that? Where Tcl and Tk went wrong, by David N Welton TL;DL: Tcl was successful because it found its niche as a lightweight yet capable language able to both integrate and be integrated with C code, but it fell behind on Tk look-and-feel compared to GNOME and KDE and also on other mainstream development phenomena, it ossified because it was afraid to upset its installed base, it got stuck between not-slim-enough and not-featureful-enough, the syntax is too weird, and it spiraled into losing touch with the rest of the free software world, which ultimately also affected business use. Further notes Guile (again) faces several of these same challenges. Haskell tries to avoid success at all costs, in order to not lose the freedom to improve the language. Python and Perl both have Tk integrations and Python's IDLE is even implemented in it. Lua had ltk, but it's no longer maintained. There is even a Tcl/Tk package for R. Ousterhout pronounces it OH-stir-howt, which may or may not be how I pronounced it. I think the guttural sound may be reserved for the Dutch "G" and have nothing to do with "H". Potential episodes Fossil Tcl

01:02

Transhumanism: Could we live forever? BBC News "IndyWatch Feed Tech"

Dear all.

Hope you like it! Please make comments. Many tks.

Let me share a concept of with you. Its focus lies on human enhancement through the exponential technology available, such as: nanotechnology, genetics, AI, in order to lessen peoples suffering, stop aging and ultimately achieve a longer lifespan. .

01:00

Hackaday Links: September 24, 2017 "IndyWatch Feed Tech"

This is it. After twelve years we finally have a new Star Trek. Star Trek: Discovery (were using ST:DSC as the abbreviation) is airing right about when this post goes up. Next week, youll have to pay CBS $6USD a month to get your Star Trek fix, and today might be the last time a new episode of Star Trek is aired on broadcast TV ever. Enjoy it now, and hope the theme song doesnt have lyrics. Also, hope The Orville is a tenth as good as a Galaxy Quest series could be.

Whats the best way to describe Delta Sigma PLLs? The Cat In The Hat (PDF, page 31). [Dr. Tune] found a Seuss reference in a TI app note. Personally, Im a fan of hand-drawn cartoons, but well take what we can get.

This weekend the Prusa I3 MK3 was announced. A good printer just got better. Now heres the video.

The Raspberry Pi is a great media storage device, but its absolutely insufficient for audiophile tomfoolery. Heres a neat Pi DAC/amp/DSP thingy. The VoltaStream turns the Raspberry Pi into a WiFi-connected pair of speakers with low-latency audio in and a TOSLINK connector.

SpaceX! There is serious consideration being given to starting an Elon Musk column here on Hackaday. There will be SpaceX updates coming this week from the International Astronautical Congress in Adelaide. What will we find out? I dont know bruh, but I just got back from Burning Man and I realized it was a whole lot like Mars and I was wondering Elon, like, have you ever been to Burning Man because its really dusty and a whole lot like Mars and theres not much water Please, organizers of the IAC, I implore you: give more idiots microphones. That was hilarious.

How was the World Maker Faire in New York this weekend? In one word, empty. Abnormally so. Maker Faire was not as crowded as last year, and you could actually move around. My agoraphobia didnt kick in until the afterparties, and lines for the $5 bottles of water were short. Bay Area Faire attendance was down 16% from 2016-2017, and I would bet attendance for the NY Faire would be down a similar amount. Even a 10% decline in attendance would be noteworthy; the weather last year was cold and rainy and this year was beautiful. There are rumors, speculatio......

00:49

"Decapitated Man" Halloween Display Sparks 911 Calls in Greene County, Tennessee "IndyWatch Feed Tech"

http://www.bbc.com/news/world-us-canada-41355592

A local US police department has urged people not to call 911 after reports that a man had been crushed by a garage door.

The supposed victim in Greene County, Tennessee, turned out to be a scarily realistic, early Halloween decoration. The department said it had received calls about a "suspicious person lying in a driveway with bloody handprints on the garage". Officers investigated, only to find it was a puppet stuffed with straw.

Greene County TN Sheriff's Department wrote on Facebook: "ATTENTION EVERYONE!!! For those of you driving on Chuckey Pike in Greene County: THIS IS A HALLOWEEN DECORATION! Do NOT call 911 reporting a dead body. Instead, congratulate the homeowner on a great display."

[Okay, Soylentils, what is your best Halloween prank? --Ed.]


Original Submission

Read more of this story at SoylentNews.

00:22

Animated GIFs Find & Share on GIPHY "IndyWatch Feed Tech"

SHE SORTS C-CELLS BY THE SEASHORE
Using sound waves, scientists sort markers for cancer and other diseases such as kidney disease, neurodegenerative diseases and other conditions.

Link to article: https://phys.org/news/2017-09-blood-tissue-biopsies.html


Discover & share this Animated GIF with everyone you know. GIPHY is how you search, share, discover, and create GIFs.

Sunday, 24 September

23:32

Re: tcpdump 4.9.2 is fully available "IndyWatch Feed Tech"

Posted by Leo Famulari on Sep 24

That's correct, I was informed of the upcoming 4.9.2 release as part of
my work on Guix security. I'm not involved with Arch.

When the embargo failed, I notified oss-security immediately. I did not
contact the distros lists because Guix is not represented on those
lists.

23:30

Re: Why send bugs embargoed to distros? "IndyWatch Feed Tech"

Posted by Ludovic Courts on Sep 24

Hi,

Hanno Bck skribis:

FWIW, for GNU Guix (which doesnt have anyone yet on the distros list),
we pushed the patch less than 30 minutes after the public disclosure on
oss-sec.

The fact that your message to oss-sec was very clear on the issue and
its consequences, and contained a link to the (small) patch surely made
it easier to prepare the fix.

Ludo.

...

23:16

24sep2017 "IndyWatch Feed Tech"

22:28

Mass Extinctions on Earth Coincided with Out-of-Whack Carbon Cycles "IndyWatch Feed Tech"

...Daniel Rothman, [is] a geophysicist at the Massachusetts Institute of Technology, who built a database of fossil records going back half a billion years. Rothman found the periods in which large percentages of existing species died off coincided with big swings in the carbon isotopes found in those records, suggesting the planet's carbon cycle was out of whack.

[...] human civilization has been pumping more carbon into the environment by burning carbon-rich fossil fuels like coal, oil, and natural gas. On the current trajectory, the oceans are expected to absorb at least another 300 billion tons of carbon by 2100 an amount that could end up producing long-term changes to the environment, Rothman concluded.

[...] Rothman isn't alone in warning of a potential extinction. Some scientists argue a sixth such event is under way already, with about two species a year disappearing and thousands seeing their populations and ranges shrink.

The more arid study is published in Science Advances and the full text is freely available.

Read more of this story at SoylentNews.

22:12

How Much Money Can Pirate Bay Make From a Cryptocoin Miner? "IndyWatch Feed Tech"

In recent years many pirate sites have struggled to make a decent income.

Not only are more people using ad-blockers now, the ad-quality is also dropping as copyright holders actively go after this revenue source, trying to dry up the funds of pirate sites.

Last weekend The Pirate Bay tested a cryptocurrency miner to see whether that could offer a viable alternative. This created quite a bit of backlash, but there were plenty of positive comments too.

The question still remains whether the mining efforts can bring in enough money to pay all the bills.

The miner is provided by Coinhive which, at the time of writing, pays out 0.00015 XMR per 1M hashes. So how much can The Pirate Bay make from this?

To get a rough idea we did some back-of-the-envelope calculations, starting with the sites visitor numbers.

SimilarWeb estimates that The Pirate Bay has roughly 315 million visits per month. On average, users spend five minutes on the site per visit. While we have reason to believe that this underestimates the sites popularity, well use it as an illustration.

We spoke to Coinhive and they estimate that a user with a mid-range laptop would have a hashrate of 30 h/s.

In Pirate Bays case this would translate to 30 hashes * 300 seconds * 315M visits = 2,835,000M hashes per month. If the miner is throttled at 30% this would drop to 850,000M hashes.

If Coinhive pays out 0.00015 XMR per million hashes, TPB would get 127.5 XMR per month, which is roughly $12,000 at the moment. Since the miner doesnt appear on all pages and because some may actively block it, this number will drop a bit further.

Keep in mind that this is just an illustration using several estimated variables which may vary greatly over time. Still, it gives a broad idea of the potential.

Since Pirate Bay tested the miner several other sites jumped on board as well. Well keep a close eye on the developments and hope we can share some real data in the future.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

22:00

Hackaday Prize Entry: Inexpensive Emergency Button "IndyWatch Feed Tech"

Ive fallen and I cant get up. We all remember it, and we all know what product were talking about. Now, with cheap microcontrollers, ubiquitous WiFi, and wearable electronics, there must be a simpler solution. [Jean Paradedel]s emergency button project is designed to replace those wearable emergency buttons, which usually include an expensive call center plan.

[Jean]s button is based off an ESP8266 module, which sends an email to a care provider if a button is pressed. The whole thing is powered by a CR2032 watch battery and the devices case was 3D printed. The interface is simple its just a wearable button, after all and the form factor is small enough to be completely unobtrusive.

[Jean] reflashed the ESP8266 board with a simple sketch that runs the project. First, a button-press connects the device to WiFi and then blinks an LED so you know its connected. When the emergency button is pressed, an email is sent out letting a caregiver know that theres a problem.

Check out the video below for a demo of this cheap emergency button in action.

The HackadayPrize2017 is Sponsored by:
Digi-Key
Supplyframe
Microchip
Texas Instruments

Filed under:...

21:00

Call to Action: Write to the European Parliaments Legal Affairs Committee on the upcoming copyright vote "IndyWatch Feed Tech"

Strasbourg, France - Jan 28, 2014: All EU members flags in front of the European Parliament in Strasbourg, France

Activism:On October 10, an important committee in the European Parliament will vote on future copyright law. It hangs in the balance, and ordinary people like you and I contacting Members of the European Parliament can really make a difference, like youll remember we did with ACTA five years ago and won. You dont have to contact your representative; such a thing only exists in the US and UK. Rather, you should write a friendly mail to all of them.

The European Union is revising copyright legislation.

As usual, the copyright industry indeed the entire Industrial Protectionism (IP) industry has managed to get all sorts of absurd things into the future of copyright law. Even if you dont live in Europe, this concerns you, for a harshening in these monopolies in a major economy tends to be contagious to other places in the world. The European Parliament will vote some time in the coming year, but the next and important vote is on October 10 in the Legal Affairs committee, JURI, which is responsible for matters such as these.

At the same time, there are some good proposals in the mix, put there by people of the net generation among the Members of the European Parliament (MEPs).

Christian Engstrm, MEP 2009-2014, writes: The outcome of the votes in JURI [Legal Affairs committee] hangs in the balance, and several important issues are too close to call. If there are enough emails from ordinary citizens that demonstrate that there are people out there who care, we have a good chance of achieving at least some improvements to copyright. But if nobody shows an interest, there is an overwhelming risk that the copyright lobby will win, and will introduce further restrictions and even more absurdities into copyright on the internet. Right now, you as an individual can make an actual and real difference.

There are two really bad proposals: a mandatory upload filtering, effectively censorship, and a link tax which makes it impossible to link to oldmedia articles (articles 13 and 11).

At the same time, there are also three really good proposals: mandatory freedom of panorama (nobody can own a view)...

20:08

Tips for an Information Security Analyst/Pentester career - Episode 16: IPv6 DoS attack "IndyWatch Feed Tech"

Over this episode, we're going to see a DoS attack on IPv6. 

Windows systems enable IPv6 networking by default and, if you go to your network adapter settings, you'll normally find IPv6 enabled. Microsoft recommends to leave it enabled, as it might be needed by some network functionalities.

However, this implies a built-in vulnerability.


In fact, these conditions might allow for IPv6 addresses to be handed out automatically, without any security implementations in mind, based on a Router Advertisement.

A hacker leveraged this vulnerability by setting up an attack that works by sending Router Advertisement packets and forcing operating systems to create IPv6 addresses in response to every packet received. By flooding the network with enough RA's, Windows machines consume more and more CPU time, causing CPU utilization to reach 100%.

Prep 

For the purposes of this demonstration, I used two virtual machines, both of them configured in VirtualBox as using an internal network adapter:

  1. Kali Linux 2017 v. 1 prebuilt image:  Internal network adapter. Static IP address (10.10.10.1/24). 
  2. Windows 10 64-bit:  Internal network adapter. Static IP address (10.10.10.2/24) 

Both virtual machines have been configured with an i...

20:06

Megaherbivorous Dinosaurs Were Not Strict Vegetarians "IndyWatch Feed Tech"

A study (open, DOI: 10.1038/s41598-017-11538-w) (DX) has found that large plant-eating dinosaurs opportunistically dined on crustaceans that sheltered in rotting logs:

Large plant-eating dinosaurs are usually presumed to have been strictly herbivorous, because their derived teeth and jaws were capable of processing fibrous plant foods. This inferred feeding behavior offers a generalized view of dinosaur food habits, but rare direct fossil evidence of diet provides more nuanced insights into feeding behavior. Here we describe fossilized faeces (coprolites) that demonstrate recurring consumption of crustaceans and rotted wood by large Late Cretaceous dinosaurs. These multi-liter coprolites from the Kaiparowits Formation are primarily composed of comminuted conifer wood tissues that were fungally degraded before ingestion. Thick fragments of laminar crustacean cuticle are scattered within the coprolite contents and suggest that the dinosaurian defecators consumed sizeable crustaceans that sheltered in rotting logs. The diet of decayed wood and crustaceans offered a substantial supply of plant polysaccharides, with added dividends of animal protein and calcium. Nevertheless, it is unlikely that the fossilized fecal residues depict year-round feeding habits. It is more reasonable to infer that these coprolites reflected seasonal dietary shiftspossibly related to the dinosaurs' oviparous breeding activities. This surprising fossil evidence challenges conventional notions of herbivorous dinosaur diets and reveals a degree of dietary flexibility that is consistent with that of extant herbivorous birds.

Also at BBC and NPR.


Original Submission

Read more of this story at SoylentNews.

19:36

iPhone 8 is the worlds fastest smartphone and Android smartphones are not even close "IndyWatch Feed Tech"

Why iPhone 8 Is Worlds Fastest Smartphone Right Now? Faster even than Samsung Galaxy S8, OnePlus 5 and even MacBook Pro and Dell XPS laptops

its been almost two weeks since Apple launched its latest iPhone 8 at a gala in Cupertino. Apple has started shipping the iPhone 8 to its buyers from September 22 in stores across the world. You already know what the iPhone 8 looks like its just like the last three generations of iPhones, but with a glass back. The latest iteration from Apple is a continuation of iPhone journey but there is something about iPhone 8 that you dont know.

It is the fastest smartphone in the world! In fact, leave aside Samsung Galaxy S8/Note 8 and OnePlus 5T it is faster than Dell XPS and MacBook Pro iCore5 laptops. Toms Guide guys did a chop chop on iPhone 8 and the results were amazing.

Geekbench 4 Performance test of iPhone 8

Toms Guide guys started the testing of iPhone 8 with Geekbench 4, which measures overall performance.The test results were something out of blue. iPhone 8 beats Samsungs Galaxy Note 8 which is currently the fastest Android smartphone by a whopping margin. In the multicore portion of this test, the iPhone 8 hit 10,170 which was 54 percent faster than the score from Samsungs Galaxy Note 8 at 6,564.

Mind you Apple is powering iPhone 8 with an all-new A11 six-core chip and Samsung Galaxy S8 Note has 6GB of RAM paired with Qualcomms fastest and latest Snapdragon 835 chip. iPhone 8 also beat the other competitor, OnePlus 5 which got a score of 6,542.

Geekbench 4 Performance test of iPhone 8

Courtesy Toms Guide

The real surprise is that iPhone beat even its own brother in shelves MacBook Pro. Yes, the iPhone 8 GeekBench 4 scores were greater than Apple Mac OS run MacBook Pro 13 inch laptop with  7th-generation Core i5 processor. It also beat Windows 10 run Dell XPS 13. Mind you the founder of Geekbench, John Poole, said that laptops are better at delivering sustained performance over a longer period of time, as opposed to the shorter max burst performance that benchmark tests like those conducted at Geekbench 4 are designed to measure.

iPhone 8 3D test

...

19:19

Catastrophic Sleep-Loss Epidemic "IndyWatch Feed Tech"

Via: Independent: A catastrophic sleep-loss epidemic is causing a host of potentially fatal diseases, a leading expert has said. In an interview with the Guardian, Professor Matthew Walker, director of the Centre for Human Sleep Science at the University of California, Berkeley, said that sleep deprivation affected every aspect of our biology and was widespread []

19:00

A Thoughtful Variety of Projects and Failures "IndyWatch Feed Tech"

Our friends at [The Thought Emporium] have been bringing us delightful projects but not all of them warrant a full-fledged video. What does anyone with a bevy of small but worthy projects do? They put them all together like so many mismatched LEGO blocks. Grab Bag #1 is the start of a semi-monthly video series which presents the smaller projects happening behind the scenes of [The Thought Emporium]s usual video presentations.

Solar eclipse? There are two because the first was only enough to whet [The Thought Emporium]s appetite. Ionic lifters? Learn about the favorite transformer around the shop and see what happens when high voltage wires get too close. TEA lasers? Use that transformer to make a legitimate laser with stuff around your house. Bismuth casting? Pet supply stores may have what you need to step up your casting game and its a total hack. Failures? We got them too.

We first covered ionocraft (lifters) awhile back. TEA lasers have been covered before. Casting is no stranger to hackaday but [The Thought Emporium] went outside the mold with their technique.


Filed under: home hacks, laser hacks

18:41

Top Google Chrome Tricks That Will Make Your Life Easier "IndyWatch Feed Tech"

Hidden Google Chrome Tricks And Features That Will Make Your Life Easier

Google Chrome is the most popular internet browser on the planet. This is one such statement no one will debate over. Seeing how popular the browser is, its bound to have so many tips and tricks available, that some of them unfortunately get forgotten. Weve gone over and made a list of the lesser known Chrome tricks. Read on for the full list.

OK Google

For all those who wished they could use their phones voice search functionalities on their PCs as well. The OK Google feature of Android, works within the Chrome browser as well.

Google Keep

Ever felt the need to quickly note down an idea or a thought that came in your mind while you were surfing the internet ? With keep.google.com, you can now quickly note anything you need right in your browser.

See saved passwords

We all use Googles autofill feature to have Chrome remember our passwords. Ever wondered where the passwords are stored ? You can access them and/or change them by typing the following text in the address bar chrome://settings/passwords

Restore recently closed tabs

If youve ever closed your browser with multiple tabs open and then wanted to go back, Chrome has you covered. Just hit the Settings button on the top-right end of the browser, scroll down to history and you will see all your recent tabs ready to be opened with a single click.

...

18:35

XFree KWin: Ridding KDE's Wayland Compositor Of X11 Dependencies "IndyWatch Feed Tech"

Martin Flser (nee Grlin) has announced the "XFree KWin" project. This isn't to be confused with XFree86 but rather is about ridding KWin optionally of X11/X.Org dependencies...

18:22

Authors of Locky Ransomware are big fans Game of Thrones series "IndyWatch Feed Tech"

Researchers at PhishMe found the names of Game of Thrones show characters and other references into the script used to spread the Locky ransomware.

The fantasy drama television series Game of Thrones has an amazing number of fans, including the authors of the Locky ransomware.

The discovery was made by researchers at security firm PhishMe that found the names of show characters and other references into the source code of the Visual Basic script used by the crooks.

The Visual Basic script is included in the ZIP or RAR archive attached to email spam used in the ransomware campaign. When the victims open the archive and run the VB script contained within, it would download and install the Locky ransomware.

Lightweight script applications designed to deliver malware often use rotating or pseudorandom variable names to ensure that the malware delivery tools look unique. In this case, many of the variables (some misspelled) referred to characters and events from the globally-popular television fantasy epic Game of Thrones. states Phishme.

Experts discovered in the VB script reference to the TV show such as Aria, SansaStark, RobertBaration, JohnSnow, or HoldTheDoor .

Locky ransomware Game of thrones

...

17:59

Worlds first head transplant to happen early next year "IndyWatch Feed Tech"

The worlds first head transplant will be carried out on a Chinese patient

The worlds first head transplant surgery, is set to happen early next year in China. While this headline will sound straight out of a Hollywood film, this is set to happen in reality. In fact, the surgery was set to happen in December this year, but the Russian volunteer for the surgery -Valery Spiridonov has decided not to take part in the procedure and therefore, the surgery will now happen with a Chinese volunteer. There is no definitive date set, but it is expected to happen in the first quarter of 2018.

Junk Science ?

Dr. Sergio Canavero made headlines last year when he announced his plans to perform the first human head transplant. Since the announcement, the Italian neuroscientist has recruited a Chinese surgeon Dr. Xiaoping Ren, to perform the surgery with him. The first patient to undergo this procedure is a Russian man named Valery Spiridonov  suffers from  Werdnig-Hoffmann Disease, a genetic disease that breaks down muscles and kills nerve cells located in the brain and spinal cord thus making him unable to move. Currently, he is confined to his wheelchair with the only possible movements being the ability to feed himself, type and control his wheelchair with a joystick.

Spiridonov had been working with Dr. Canavero for about 2 years to get the surgery however, he has now said that he will not undergo the surgery because the doctor could not promise him what he wished for from the surgery the ability to walk again and live a normal life. The surgery does not even guarantee that he would live. He will now seek an alternative spinal surgery to improve his life instead as he said in his statement.

Given that I cannot rely on my Italian colleague, I have to take my health into my own hands. Luckily, there is quite a well-tested surgery for cases like mine when a steel implant is used to support a spine in straight position.

Chinese Volunteer

Dr. Sergio Canavero has since made a statement of his own wherein he confirmed that the surgery will instead proceed with a Chinese volunteer . Despite being criticized by the scientific community on his experiment, he is hopeful of success.

At present, nothing in detail. When the time comes, the official news will be announced by Xiaopings team in China. At the moment, I can only disclose that there has been massive progress in medical experiments that would have seemed impossible even as recently as a few months ago. The milestones that have been reached will undoubtedly revolutionize medicine. That much I can already say. ~ Sergio Canavero.

...

17:45

Effective Collaboration: You Don't Need Superstar Developers "IndyWatch Feed Tech"

[The] main problem here is that software development is not an individual sport. Assessing technical traits means that we are looking at candidates as individuals. At the same time, we will put them in a team context and the project's success will depend on their teamwork. A person's resume or LinkedIn profile says close to nothing about their team skills.

What's more, we know quite a lot about what makes teams effective. Anita Woolley's research on collective intelligence [DOI: 10.1126/science.1193147] [DX] provides extremely valuable insight on the topic. First of all, how do we define collective intelligence? It's basically the skill of a group to solve complex problems. Well, it sounds like the definition of everyday work for software development teams if you ask me.

Why is collective intelligence so important? Exploiting collective intelligence, as opposed to going with the opinion of the smartest person in a room, is a winning strategy. To put in Anita Woolley's words: "Collective intelligence was much more predictive in terms of succeeding in complex tasks than average individual intelligence or maximal individual intelligence."

The power is in the team.


Original Submission

Read more of this story at SoylentNews.

17:33

ASUS Tinker Board Is An Interesting ARM SBC For About $60 USD "IndyWatch Feed Tech"

Earlier this year ASUS announced the Tinker Board as their first step into the ARM single board computer world. Earlier this month I finally received a Tinker Board for testing and it has been quite interesting to say the least. The Tinker Board with its Rockchip SoC has been among the most competitive ARM SBCs we have tested to date in its price range and the form factor is compatible with the Raspberry Pi.

17:23

Battistellis Club Med at the EPO Part I: EPO Validation Agreement With Angola "IndyWatch Feed Tech"

From Friday:

Angola EPO

Summary: A series contemplating Benot Battistellis sudden interest in Angola, a country with no European Patents but plenty of connections to Antnio Campinos

TODAY, on a Sunday, we begin a long new series about the EPO. The timing seems perfect.

The minutes of the June 2017 meeting of the EPO Administrative Council confirm that Battistelli has been authorised to open negotiations on a validation agreement with Angola (dated Friday). Its the favourite day for the EPO to dump some words (e.g. in the intranet) or formal documents it prefers not to get noticed. There are already internal jokes about those Friday spills always check whats being buried and where/why.

Does Angola really matter for the EPO? The numbers (of lack thereof) speak for themselves:

Angola EPO, no patents

Its not hard to see why its tempting to suspect a political aspect to all of this. Prepare for some rather embarrassing t...

17:09

Development Release: Subgraph OS 2017-09-22 Alpha "IndyWatch Feed Tech"

Subgraph OS is a Debian-based Linux distribution which provides several security, anonymous web browsing and hardening features. The project has released a new development version, Subgraph OS 2017-09-22 Alpha. The alpha snapshot includes initial support for multiple named bridges which can be attached to application sandboxes. In addition,....

16:41

Intel IX4 Networking Performance On DragonFly Gets Boosted By Direct Input Support "IndyWatch Feed Tech"

DragonFlyBSD today picked up direct input support within the kernel's polling code. This can boost the networking performance though for now is just supported by the IX4 driver, what is used as the Intel 10Gb Ethernet driver...

16:00

Datalogger uses ESP32 and ESP8266 Low Power Modes "IndyWatch Feed Tech"

[G6EJD] wanted to design a low power datalogger and decided to look at the power consumption of an ESP32 versus an ESP8266. You can see the video results below.

Of course, anytime someone does a power test, you have to wonder if there were any tricks or changes that would have made a big difference. However, the relative data is interesting (even though you could posit situations where even those results would be misleading). You should watch the videos, but the bottom line was a 3000 mAh battery provided 315 days of run time for the ESP8266 and 213 days with the ESP32.

The fact that the hardware and software only differ in the central processing unit means the results should be pretty comparable. [G6EJD] accounts for the current draws throughout the circuit. The number of days were computed with math, so they dont reflect actual use. It also depends on how many samples you take per unit time. The goal was to get operation on batteries to last a year, and that was possible if you were willing to reduce the sample rate.

While we generally like the ESP32, [G6EJD] makes the point that if battery life is important to you, you might want to stick to the ESP8266, or look for something else. Naturally, if you are trying to maximize battery life, you are going to have to do a lot of sleeping.


Filed under: ARM, wireless hacks

15:58

BYD Predicts Ambitious China Shift to Electric Cars by 2030 "IndyWatch Feed Tech"

Via: Reuters: Chinese automaker BYD Co Ltd (002594.SZ) expects the countrys shift to cleaner new-energy vehicles (NEV) to be complete in just over a decade, an aggressive timeframe that would challenge traditional carmakers in the world top auto market. All vehicles in the country will be electrified by 2030, which could range from full electric []

15:51

PTAB Supreme Court Case (Oil States) is a Case of Patent Parasites Versus the Producing Industry "IndyWatch Feed Tech"

Patent sharks want (and profit from) legal chaos

Lighthouse fishSummary: Ahead of the decision regarding Oil States (probably months away, some time next year), various influential sites confront the misleading and self-serving propaganda from the patent microcosm, e.g. law firms (to whom patent quality is a threat)

The Patent Trial & Appeal Board (PTAB) is one of the best things about the USPTO. Its truly a shame that the EPO is nowadays driving away (to Haar) its own equivalent of PTAB. In this post wed like to focus our attention on PTAB, having written about it 24 hours ago in relation to the Mohawk tribe.

Who is it that spreads all the PTAB hate? The patent industry (trolls, lawyers and so on).Let it be understood, upfront, that PTAB is widely supported by scientists, technologists and their employers (including the very largest technology firms). Who is it that spreads all the PTAB hate? The patent industry (trolls, lawyers and so on). Covering additional CAFC cases, PTAB basher Dennis Crouch wrote about NFC Tech v Matal a few days ago to state:

Following an IPR administrative trial, the Patent Trial & Appeal Board (PTAB) concluded that the challenged claims of NFCs U.S. Patent 6,700,551 are unpatentably obvious. The focus of the dispute is on a pre-AIA inventorship claim The PTAB rejected NFCs attempt to claim priority to its date of invention.

[...]

On remand, it looks like the IPR case will continue in its original analysis, the PTAB did not actually determine whether the prototype embodied the claimed invention since it dismissed on other grounds. Thus, NFC is simply one step closer to success.

As we noted here back in August, Crouch and his blog (Patently-O) had become the loudest PTAB bashers out the...

15:23

Walmart Wants to Deliver Groceries Directly Into Your Fridge "IndyWatch Feed Tech"

Walmart wants to test "in-fridge delivery" for Silicon Valley customers with August Home "smart locks":

Here's how the test will work: I place an order on Walmart.com for several items, even groceries. When my order is ready, a Deliv driver will retrieve my items and bring them to my home. If no one answers the doorbell, he or she will have a one-time passcode that I've pre-authorized which will open my home's smart lock. As the homeowner, I'm in control of the experience the entire time the moment the Deliv driver rings my doorbell, I receive a smartphone notification that the delivery is occurring and, if I choose, I can watch the delivery take place in real-time. The Deliv associate will drop off my packages in my foyer and then carry my groceries to the kitchen, unload them in my fridge and leave. I'm watching the entire process from start to finish from my home security cameras through the August app. As I watch the Deliv associate exit my front door, I even receive confirmation that my door has automatically been locked.

While some may find the idea creepy, others have downplayed the creepiness factor:

Read more of this story at SoylentNews.

14:58

A New Project To Let You Run Qt Apps With GTK+ Windowing System Integration "IndyWatch Feed Tech"

A Norwegian developer has developed a new Qt platform abstraction plug-in to let Qt applications make use of GTK+ for windowing system integration. The Qt apps rely upon GTK+ as a host toolkit to provide GTK menus, GTK for input, and other integration bits...

14:53

Equifax or Equiphish? "IndyWatch Feed Tech"

More than a week after it said most people would be eligible to enroll in a free year of its TrustedID identity theft monitoring service, big three consumer credit bureau Equifax has begun sending out email notifications to people who were able to take the company up on its offer. But in yet another security stumble, the company appears to be training recipients to fall for phishing scams.

Some people who signed up for the service after Equifax announced Sept. 7 that it had lost control over Social Security numbers, dates of birth and other sensitive data on 143 million Americans are still waiting for the promised notice from Equifax. But as I recently noted on Twitter, other folks have received emails from Equifax over the past few days, and the messages do not exactly come across as having emanated from a company that cares much about trying to regain the publics trust.

Heres a redacted example of an email Equifax sent out to one recipient recently:

equifaxcare

As we can see, the email purports to have been sent from trustedid.com, a domain that Equifax has owned for almost four years. However, Equifax apparently decided it was time for a new and perhaps snazzier name: trustedidpremier.com.

The above-pictured message says it was sent from one domain, and then asks the recipient to respond by clicking on a link to a completely different (but confusingly similar) domain.

My guess is the reason Equifax registered trustedidpremier.com was to help people concerned about the breach to see whether they were one of the 143 million people affected (for more on how that worked out for them, see Equifax Breach Response Turns Dumpster Fire). Id further surmise that Equifax was expecting (and received) so much interest in the service as a result of the breach that all the traffic from the wannabe customers might swamp the trustedid.com site and ruin things for the people who were already signed up for the service before Equifax announced the breach on Sept. 7.

The problem with this dual-domain approach is that the domain trustedidpremier.com is only a few weeks old, so it had very little time to establish itself as a legitimate domain. As a result, in the first few hours after Equifax disclosed the breach the domain was actually flagged as a phishing site by multiple brows...

14:40

Fake News About Software Patents in the United States "IndyWatch Feed Tech"

Science fiction does not just predict the future but rather inspires it. Similarly, in patent lobbying, making ridiculous claims can change the outcome to the effect the lobbyists want (UPC, Alice and so on)

Fake news about Alice

Summary: Spinning and twisting the facts (for so-called alternative facts), the patent microcosm is trying to give the impression that software patents are still fine in the US

THE previous post reminded readers that the Intellectual Property Owners Association (IPO), together with IBM, is trying to undermine Alice. They mislead the world. Its a lobbying and PR campaign. IBMs longtime asset, David Kappos (former USPTO Director), plays a role in that. But what role does crooked media play in the attempts to water down or suppress Alice? Actually, as we have been showing for years, such media is occupied or dominated by the patent microcosm.

Its a classic reversal of narratives, where the attacker is the defender and the attacked (defender) is the aggressor.Yesterday, Matthew Bultman was at it again, spinning against Alice, as usual. He is habitually cherry-picking and using misleading language to make it seem as though the patent microcosm is right and still has might. He writes for Law 360, a news site which many people would wrongly assume to be objective. Hidden behind paywalls is this latest article of his, with the word Surviving in the headline (sometimes he puts Attack in his headlines). To Bultman, the one being sued attacks and the troll survives. Its a classic reversal of narratives, where the attacker is the defender and the attacked (defender) is the aggressor. Its appal...

14:07

Massive HerbaLife spam campaign spreads a variant of Locky ransomware "IndyWatch Feed Tech"

Researchers spotted a new widespread ransomware campaign leveraging emails with malicious attachments using Herbalife branded messages.

Researchers at security firm Barracuda have spotted a new widespread ransomware campaign leveraging emails with malicious attachments, some of them pretend to be sent by the l multi-level marketing nutrition company Herbalife.

More than 20 million Herbalife branded emails were sent in a 24 hour period, since then, crooks sent out messages at a rate of about two million attacks per hour.

Most of the messages are sent from Vietnam other significant sources are India, Columbia, and Turkey and Greece.

The Barracuda Advanced Technology Group is actively monitoring an aggressive ransomware threat that appears to come in the largest volume from Vietnam.  Other significant sources of this attack include India, Columbia, and Turkey and Greece.  Other countries appear to be distributing the same attack in very low volumes. reads the analysis published by Barracuda.  So far we have seen roughly 20 million of these attacks in the last 24 hours, and that number is growing rapidly.

HerbaLife spam

The attackers are using a Locky variant with a single identifier to track the infections.

Barracuda researchers have confirmed that this attack is using a Locky variant with a single identifier. The identifier allows the attacker to identify the victim so that when the victim pays the ransom, the attacker can send that victim the decryptor, continues the analysis. In this attack, all victims get the same identifier, which means that victims who pay the ransom will not get a decryptor because it will be impossible for the criminal to identify them.

The email attachment claims to be an invoice for an order placed through the company Herbalife. If the user opens the file, it will launch the ransomware dropper.

Attackers are also observing attachments that claim to impersonate invoicing from marketplace.amazon.uk...

14:00

Linux 4.14 Is Up To Around 23.2 Million Lines Of Code "IndyWatch Feed Tech"

While I usually look at the Linux kernel code size following each merge window, I am a few days late this time around due to busy Xeon/EPYC benchmarking and XDC2017. Anyhow, Linux 4.14 is showing some weight gains but nothing too bad...

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog